O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Building the SD-Branch using uCPE

947 visualizações

Publicada em

With uCPE/SD-WAN taking center stage in enabling software-defined Cloud services to enterprise branch offices globally, this session will provide a uCPE review from a solution, deployment and reference design standpoint.

Speaker: Sab Gosal, Segment Manager
Network Platforms Group (NPG), September 2018

Publicada em: Software
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

Building the SD-Branch using uCPE

  1. 1. Sab Gosal, Segment Manager Network Platforms Group (NPG), September 2018
  2. 2. 2 The Industry is Transforming 1. PNC – Digital Disruption Challenges (source); 2. IDC FutureScape: Worldwide IT Industry 2017 Predictions (source) 50% of the G2000 will see the majority of their business depend on digitally-enhanced products and services by 2020.2 40% of businesses in the top 20 of every industry will be disrupted by 2018.1
  3. 3. 3 ‘Virtual’, ‘Universal’, ‘Digital’, ‘Intelligent’…CPE? vCPE vs. uCPE Router VPN Firewall Virtual Router Virtual VPN Virtual Firewall SDN Unified Management & Control Infrastructure Wide Orchestration SD-WAN ‘Universal’ seems to fit best given most next gen CPE deployments are supporting bare metal SD-WAN..but a platform for on-boarding future VNFs SD-WAN has become the underlying use case for NFVi  Deployed as an overlay on existing infrastructure  SD-WAN end points managed directly from the Cloud  Enables scaled build-out
  4. 4. 4 What is SD-WAN? Software Defined WAN A simplified and cost-effective approach to branch office and data center connectivity… A MPLS access router port is on avg. 3-4X more expensive than a SD-WAN IP port • Increase flexibility • Simplify IT operations • Achieve rapid, elastic deployments • Reduce leasing cost of circuits • Cost Reduction • Business Agility • Faster Time to market • Reduce OpEx • For Enterprises • For CoSPs • New managed services – address disruptive threat • Simplify operations • Achieve rapid, elastic deployments • Reduce CPE sparing • Additional Revenue • Reduce OpEx • Faster Time to market • Less CapEx
  5. 5. 55 Allows Enterprises to more efficiently consume the rich base of Apps and Services hosted in the Cloud • Centralized control (separation of control and data plane) improves route selection and improves network response time. • Automation of services provisioning, configuration and overall orchestration (by abstracting operations into rules and policies). • Drive Business Productivity and operational efficiency. Why is SD-WAN important? Internet Cloud-based Security MPLS Encrypted Tunnel traffic Private Cloud Public Cloud/SaaS SD-WAN has become the underlying use case for NFVi SD-WAN enables Branch WAN connectivity by by-passing the existing MPLS infrastructure.
  6. 6. SD-WAN rapidly changing market requires innovation Updated info but same idea 33% 66% of all VPN connections that Ovum predicts will come from SD-WAN by 2023 of enterprises that adopted NFV have turned to network services providers OVUM Global Enterprise Network Services Survey OVUM Global Enterprise Network Services Survey At the centre of these changes is SD-WAN 3.5BAmount that Frost & Sullivan projects the SD-WAN managed services market could reach by 2022. Service provider and SD-WAN vendor partnerships are a huge part of this growth https://searchsdn.techtarget.com/news/252435385/E nterprises-choose-managed-SD-WAN-over-DIY-SD- WAN-deployment
  7. 7. 7 Enterprise and Service Provider Transformation 3G/4G/5G BRAS CoSP Cloud Provider Edge Mobile Backhaul IMS vRAN CDN Enterprise SOHO Public Areas Wireless Core GiLAN EPC uCPE/SD-WAN Disruption 3 Deployment Locations: • Customer Premise • Provider Edge (CO/POP) • CoSP Cloud/Datacenter uCPE: • Delivery of Enterprise Services as VNFs • Delivered on ‘white box’ HW or pre-integrated • Reference platform SD-WAN: • WAN Link Optimization (application) • Centralized Policy Control • Real Time Analytics • Service Can Be Provided as a VNF @ CPE 3G/4G/5G vRAN Wireless Access WiFi
  8. 8. 8 Deployment Options SD-WAN Controller Branch Office Corporate Office Option 1 • Hybrid Model. SD-WAN new HW deployed behind existing network hardware • This maybe done to provide a seamless overlay, or to accommodate legacy access circuit technologies (E1, T1, MLPPP, DS3, OC3 etc.) Internet MPLS Cloud / SAAS Control Plane Traffic Data Plane Traffic Data Plane Traffic Access Circuit Existing RouterNew SD- WAN Router Option 2 • New HW deployed as a replacement for existing network hardware Option 3 • Deployed as a SW and service upgrade on existing HW, either routers or WAN Accelerators or Firewalls • Certain vendors are planning SD-WAN products on existing HW AP NIDS IPSEC Switch Tools DHCP SBC Router FW Optimization
  9. 9. 9 Overlay Deployment Example Office 1 CPE can connect directly to Office 2 CPE  Using VXLAN as overlay  Underlay network sees VxLAN traffic between ned points  Connection is secure using tunneling e.g. IPsec Head-end Controller establishes control plane for all devices • Aware of all L2/L3 topology for each CPE • CPE establishes VxLAN connectivity • Traffic is encrypted (tunneled) over existing infrastructure as an overlay
  10. 10. 10 Intel Solution Mapping DPDK*, Intel ® QuickAssist, Hyperscan, Intel® Virtualized Technology, AESNI, Intel® Run Sure, TXT/PTT (TPM) Network Network Network Routing, VPN, FW, IPS, SBC, CGNAT, WiFi CTRL, SD-WAN CTRL Routing, SD-WAN, VPN Routing, VPN, WAN Accel, SD-WAN, vRAN FW, IPS, CGNAT, SBC, WiFi CTRL, SD- WAN CTRL WAN Accel, SD-WAN CTRL Routing, VPN, WiFi CTRL, WAN Accel, FW, IPS, SD- WAN, vRAN Intel Atom® processor 2-4C VNF VNF 1-2 VNFs Intel Atom® processor12-16C-> Intel® Xeon®-D processor Intel® Xeon® D processor -> Intel® Xeon® Scalable processor Series Service Provider Enterprise Intel® SoC FPGA Positioning Intel technologies to drive performance, scale and security VNFs @ CPE VNFs @ POP/Data Center VNF VNF 2-4 VNFs VNF VNF 6+ VNFs Network SOHO SD-WAN, VPN Intel Atom® processor 2C VNF VNF 1-2 VNFs Routing, VPN, FW, CGNAT, WiFi CTRL, SD-WAN CTRL
  11. 11. 11 SME uCPE – reference design Example LTE/5G + SIM Wifi 11 n/ac PCIe*2.0x1 or USB- 2.0 PCIE2.0 x1 or USB 2.0 Optional SSD 64 GB Flash 16 MB RAM 1-4 GB M.2 PCIe slot M.2 PCIe slot TPM2.0 header OOB Mgt eMMC 8Gb eMMC SPI LPC Single Channel DDR3 2133Mhz ECC/Non-ECC SATA3 XMM 7xxx Products Lantiq WiFi Products • Intel Atom® processor (Rangeley) 2 or 4C • Sub-entry cost optimized • SME/Small Branch vCPE segment • SD-WAN, Routing use cases M.2 Network Extender Module 1 SGMII x2 PCIe M.2 Network Extender Module 2 SGMII x2 PCIe C2000 CPU C2316 (2-core) PCIe GigE UTP G.FAST XGPON SHDSL v.DSL A.DSL SHDSL v.DSL A.DSL • NON SFP ATTACHABLE WAN • MODULAR APPROACH • SFP ATTACHABLE WAN
  12. 12. 12 NFVi Reference Stack Host OS Networking Fabric (OVS, DPDK, KVM, SRIOV, QAT/AES NI service chaining, controller) • DPDK Accelerated OVS + VNF Chaining • SRIOV Intel® SoC Processors uCPE (IO) Interfaces Se SD-WAN VNF-CPE Managed Services Routing Firewall Other VNFs • SW Encryption • QAT/HW Encryption • Chosen Vendor VNFs • DPDK/QAT Accelerated VNFs • Non DPDK/QAT Accelerated VNFs BIOS/Firmware/Driver • Modular I/O Attach Validation • Presented as Ethernet Devices Guest OS A Guest OS B Guest OS C Guest OS D
  13. 13. FD.io NFVi Reference Stack 13 Host OS Networking Fabric (FD.io, DPDK) Intel® SoC Processors uCPE (IO) Interfaces Se SD-WAN VNF-CPE Managed Services Routing Firewall Other VNFs ( LB, CG- NAT etc) FD.io VPP based Fabric Best in class NFVi vSwitch! • OpenStack & OpenDayLight Support • Native Virtio/VHost Support • Accel IPSEC w/DPDK CryptoDev • AESNI Encryption • Intel® QAT Encryption • Overlays; VxLan, Geneve, GRE, NSH FD.io VPP based VNFs 1:N – 1 Network Stack, Many Possible VNFs! • SD-WAN • Routing (w/VPN & VRFs) • Firewall (ACLs) • Carrier Grade - NAT • IPSEC Gateway BIOS/Firmware/Driver Guest OS A Guest OS B Guest OS C Guest OS D SD-WAN IPv4/6 VxLAN et al. Accel IPSEC CG-NAT ACLs & TM Routing IPv4/6 VRFs BGP et al. Hierarchal FiB Firewall L2 Input ACLs L3 & L4 ACLs Fast Drop Other Load Balancing, Nat’ing etc. …
  14. 14. Virtual Edge Platform 4600 Purpose built First to use Intel’s new Intel® Xeon® D-2100 product family  Optimized for virtual networking and software- defined environments  Intel® QuickAssist Technology for accelerated encryption and compression functions  DPDK for accelerated packet forwarding 1.5xfaster CPU performance* 2ximprovement in packet processing Source: 2ximprovement in memory bandwidth 4ximprovement in memory capacity • Intel® Xeon ® D processor (up to 16 cores) • Up to 128GB memory • 2x10GbE • 17.1”x1.75”x15” (LxWxD) Dell EMC* VEP4600 Intel® Xeon-D *Source: Dell
  15. 15. 15 Entry Level CPE Products • Intel Atom® processor E3826 / E3845 • 2x Intel® Ethernet i211 ports • M.2 slot for SSD, Wi-Fi, or LTE, with Micro-SIM socket • Intel Atom® processor C2000 - Nano-ITX Form Factor (120x120mm) • 2x Intel® Ethernet 1 Gb ports • Slots : mPCIe*, M.2, mSATA, eMMC • Intel Atom® processor C3000 - Nano-ITX Form Factor (120x120mm) • 4x Intel® Ethernet 1Gb ports • Slots: 2x M.2 Cards (1x Cellular or SSD, 1x Wi-Fi/BT), eMMC onboard SSD, 1x USB3, Console ,optional 2x SATA, TPM • 1/2/4/8GB DDR4 Options (ECC optional)
  16. 16. 16 Intel’s Sub-entry Solution Intel Atom® Processor C2316 Spec Atom C2000, Rangeley (‘Street Fighter’) Atom CPU sku C2316 Process Tech 22nm Cores 2 Memory DDR3 DIMMs UDIMM, SODIMM Interleaved DDR No Mem Capacity 16GB Integrated Intel® Ethernet 4x1 or 4x2.5 (SGMII, 2500BASE-X, KX) IO 12x1 or 2x2.5 GBE, 8 lanes PCIe* gen2,, x4 SATA2, x2 SATA3, x4 USB2.0, 2xUART Voltage rails 12 Virtualization VT-x Asynchronous DRAM Refresh No Intel QuickAssist Technology* Up to 10Gbps bulk crypto ECC Security AESNI, QAT Launched Q3 2017 • For SOHO, POS, Residential Gateway deployments (e.g. <$200 ASP) • Extend Intel® architecture reference from the Data Center to the SOHO • C2316 + 2xi211 Intel® Ethernet controllers • 4 Ethernet ports • Business class sub-entry CPE • 1-2 VNFs • 14Mpps throughout performance • Security
  17. 17. Intel® Xeon® D2100 Processor for Customer Premise Equipment (CPE) 17 4X More Memory Capacity INTEL®XEON®D-2100PROCESSOR:NEXT-GENCPE Enhanced Intel® QuickAssist Technology Enhanced I/O, PCIe*, MISO, Intel® Ethernet 1.125X More Processing Cores More Application Scale 2.5X Faster Crypto Processing6 Implementation Flexibility ENHANCEDCAPABILTIESANDCAPACITYWITHLOWERTCO FORSPACE-CONSTRAINEDCPESOLUTIONS More Virtualized Network Functions5 © 2018 Intel Corporation New Intel® Xeon® D-2100 Processor Intel’s Fastest Low-Power Edge Processor 2.9XUP TO COMPAREDWITHINTEL®XEON®D-1500PROCESSORNETWORKSERIES1 NETWORKPERFORMANCEIMPROVEMENT For more complete information about performance and benchmark results, visit www.intel.com/benchmarks. Benchmark results were obtained prior to implementation of recent software patches and firmware updates intended to address exploits referred to as "Spectre" and "Meltdown." Implementation of these updates may make these results inapplicable to your device or system. Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. **Other names and brands may be claimed as the property of others.
  18. 18. 18 Example: CPU reference board with DSL Module 85mm 35mm • CPU Mother Board • Full SoC Platform Support • Modular I/O Design
  19. 19. 19 • uCPE/SD-WAN is taking off • Underlying use case for NFVi • Driven by Enterprises and CoSPs • Intel provides a broad range of products and technologies to enable differentiated CPE solutions • Large and fast growing ecosystem of vendors and technology partners to deliver beast in class products Acceleration Network SDN/NFV Compute Ecosystem Packet Intel® Architecture Summary
  20. 20. 20 Disclaimers Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. § For more information go to www.intel.com/benchmarks. Intel, the Intel logo, Xeon, Atom, are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others.

×