Intel's ambitions beyond the CPU are no secret, but they have been somewhat mixed in their outcomes. The company has openly aspired to make a dent in the mobile market but its efforts against the ARM processor have failed repeatedly.
On the quieter side of things, Intel is also moving into networking. However it is not doing so in a way that would put it in competition with Cisco Systems, Juniper Networks, and Hewlett-Packard, all major players in the networking hardware market.
Intel is looking to supplement those systems but at a step lower, using its high-powered Xeon processors in place of custom ASICs to more intelligently process virtualized network traffic. It's also incorporating more networking features into its server CPUs and chipsets – again, lightening the load for the networking gear.
This may seem odd, but remember that initially Wi-Fi was a curiosity that few bothered with until Intel made it a standard feature in Centrino laptops. That drove rapid overnight adoption and made Wi-Fi the standard it is. So while Intel is known for its CPUs, it can have a major impact on the networking world as well.
"We didn't just start this journey. We've been in the communications business for some time, more than a decade, involved in networking devices like, radio network controllers, base stations, load balancers, firewalls, and network VPNs,” said René Torres, director of marketing for SDN and NFV products at Intel. “Intel over time had made a conscious decision to move away from its Network Processor business and instead focus on enabling networking workloads on Intel architecture."
Intel's first major effort is around Software Defined Networks (SDN). It believes SDN should do three things:
- Decouple the network control plane from the data plane, which allows you to move networking from a single vertically integrated box;
- There should be a central way to control the network with a global view, with a controller that knows all traffic in the network;
- Finally, SDN should let you program your network with an external source, like a software based virtual appliance such as a firewall or load balancer.
The controller that manages all packets and decides where they will be routed can be any server (read: an x86 server) rather than expensive proprietary networking hardware. Today, you may have a set of networking devices performing networking functions, such as a router, firewall, or VPN. Network function virtualization is where the service providers can take all of those functions and run them in software as a virtual appliance on a traditional server.
Many routers have dedicated ASICs in them that move packets at line rates across the network. So the "magic" here is in Intel providing a set of libraries and drivers that lets you process packets at near line rate speeds over a virtualized network using Intel CPUs on a server rather than on a router.
What this does is allow a service provider to achieve three things, said Torres. It allows providers to reduce capital expenditures (Capex) by deploying high volume server hardware; it allows them to reduce operating expenses (Opex) by doing network traffic control in software on servers rather than on dedicated networking equipment that needs to be manually updated; and it brings in revenue by offering new services.
Intel predicts cloud services providers to be the fastest to adopt this architecture; the enterprise will be the slowest because of the order of magnitude of the tech curve.
Cloud services providers need SDNs to get new services up and running as fast as possible. "There's such a need to drive more service revenue and flexibility," said Torres. "Telco service providers have an opportunity to provide new services. They can do things like WAN bursting for additional bandwidth quickly."
In traditional enterprises, financial services have been quickest to embrace the SDN concept because they have a service oriented business and do a lot of investments in IT, said Torres.
Still, SDN is at a very early point of adoption. It took many years for compute virtualization to take off, and it's still growing. Storage virtualization came next, and that too is moving slowly. So network virtualization via a SDN is years from taking solid form, said Torres.
Xeons for Networks
In addition to getting into the SDN business, Intel is also incorporating networking features into future Xeon and Xeon Phi processors.
The first server processor from Intel to get an integrated Ethernet network interface was the “Avoton” Atom C2000, introduced back in September 2013. This chip has a single Ethernet controller connected to an internal buss with four lanes for network traffic that can handle 1 Gb/sec to 2.5 Gb/sec speeds, depending on how it is configured.
That’s ideal for the low workloads Avoton is targeting. Intel is jumping into the microserver market along with AMD and ARM to build very low wattage processors for dense servers designed to handle very simple tasks, such as serving up HTML webpages.
But for the big jobs handled by the Xeons, a lot more bandwidth is needed. Intel's next-generation of communication chips, called Crystal Forest, will be a special communication chipset for servers designed to consolidate multiple network workloads on a server-like platform rather than a router.
Crystal Forest does packet processing on the CPU cores rather than custom ASICS, which is then enabled through a data plane developer's kit. The kit comes with a software stack of libraries and drivers that make x86 cores work with network controllers for high-speed network processing.
Intel has greatly increased the throughput over the CPU generations. With the Nehalem generation, it got around 24 to 40 gigabits of throughput. With Sandy Bridge, it introduced Intel DDIO, or Data Direct I/O technology, and performance jumped to 220gbits/sec.
Intel added more acceleration capabilities like encryption and compression to its chipsets, giving the server richer levels of networking performance and functionality. A major goal is to move packets between tenants and applications placed in virtual machines without having to always send them out to the network. "In the past that packet processing was meant to go in and out of the box. With multiple boxes running software, you use cores to move packets between the VMs instead," said Torres.
The goal is to allow admins to provision and manage everything: compute, storage, and networking, in one box. But Intel is sticking to delivering ingredients to solutions at the node level. "We're not pursuing a commercial, stand-alone controller or orchestrator solution. We're instead focused on enabling new capabilities for orchestration by evolving how open-source solutions like OpenStack work with SDN and network function virtualization [NFV]," said Torres.
This will impact how apps are written and function, he said. If you are writing applications such as building a firewall or intrusion protection system on an x86 system instead of on dedicated hardware, you have to get the same performance from that Xeon as from the dedicated box.
"[Developers’ and service-providers’] lives are going to change in how they interact with a hypervisor, virtual switches, and orchestration. All of these are problems they will have to overcome. In the past [these functions] were deployed on a dedicated box with no virtualization. In the new world, you have a software app on a server in a virtual switch in a way that gets orchestrated remotely by something like open stack," Torres said.
"So apps will change because they have to be able to interact with physical devices and an orchestrator for how they get provisioned on a virtual machine and how the apps interact with a virtual switch in the hypervisor. It's a very significant plumbing challenge from an engineering perspective," Torres added.
Enjoyed this post? You might also like:
- DDoS in 2014: The New Distributed Denial of Service Attacks and How to Fight Them
- 4 Things MSPs Need to Know About HIPAA Compliance
- How to Avoid a Cryptolocker Infection
By Lily Teplow
By Gretchen Hoffman
By Gretchen Hoffman