Thanks to the hard work from our R&D team, we just completed our new vRouter release. I’d like to share a recap of the features introduced into our software product portfolio:
- Turbo Appliances 1.6 – software network appliances for network builders
- Virtual Accelerator 1.7 – hypervisor networking power
- 6WINDGate 4.19 – foundation for OEMs building networking products
Turbo Appliances (Virtual Border Router & Virtual Security Gateway)
For this release, we focused our efforts on new management and monitoring features for our Virtual Border Router and Virtual Security Gateway software appliances.
Brand New Framework For Telemetry
We support YANG-based KPIs to retrieve monitoring information and transmit them to a time series database, which can then be queried by an analytics frontend. To illustrate this, we have documented the integration with InfluxDB as the time series database and Grafana as the analytics frontend. More information at https://github.com/6WIND/supervision-grafana.
If you are curious about how KPIs are configured in the Turbo Appliances, see our online documentation.
Flow Monitoring Using High Performance sFlow
“sFlow is an industry standard technology for monitoring high speed switched networks. It gives complete visibility into the use of networks enabling performance optimization, accounting/billing for usage, and defense against security threats.”
sFlow combines interface counters and flow samples into sFlow datagrams that are sent to an sFlow Collector for analysis. Our control plane is based on the host-sflow open source implementation, and packet header sampling and interface counter gathering occur in the fast path – 6WIND’s DPDK-based networking stack – to ensure the best performance.
More information about configuring sFlow in the Turbo Appliances can be found here.
Role-Based Access Control with AAA
We now support any number of users with viewer or admin roles, in addition to the root superuser. These users can be authenticated using AAA through a RADIUS or TACACS+ server.
Check the User Account section of the documentation to learn more about this feature.
Core dump collection and export
In the unlikely event that a bug happens and a daemon crashes, we have automated the process of gathering core files and sending them to a remote server using the CLI.
We have also added new beta networking features as we are moving forward with the CPE and BNG use cases:
- QoS Policing – Rate Limitation per interface
- PPPoE/L2TP client/server
As you may have seen in a previous post, thanks to the latest improvements in this release, we have measured outstanding performance using VSperf, the reference vSwitch benchmarking tool from OPNFV.
New NFV profile
This new profile optimizes the configuration of the vSwitch and Virtio PMD for NFV use cases, i.e. use cases where the VMs forward traffic and do not terminate it. Using VSperf, we measured 4.5 Mpps of VNF packet processing performance on an Intel Xeon Platinum 8170 CPU @ 2.10GHz, for a single core running Virtual Accelerator.
Virtio symmetric hash ensures that packets from A->B and B->A are processed by the same VM core, independently of the L4 information (TCP/UDP ports).
This latest release of Virtual Accelerator supports OpenStack Pike and Queens will be available very soon.
As the foundation technology behind Turbo Appliances and Virtual Accelerator, our 6WINDGate product inherits all the features listed above.
In addition for this release, we have included in our product a brand new module developed for our Network Builder customers.
Fast Path CG-NAT
We now provide Network Address Translation and Carrier-grade NAT in the fast path. Fast Path CG-NAT has its own API to configure NAT rules. Connection tracking is directly done in the fast path without any interaction with the Linux kernel, to offer the best possible performance:
- 30M simultaneous NAT sessions
- Session establishment rate: 200K sessions/s per 1c/2t
- Throughput: 20Gbps per 1c/2t
Third-Party And Hardware Support
As usual, we have updated the open source software included in Turbo Appliances to the latest versions:
- DPDK 17.11
- MLNX_OFED 4.2
- Intel Multi-Buffer Crypto 0.48
- VRRP: Keepalived 1.3.9
- OpenStack Pike
- OVS 2.8.1
Finally, as part of our continued effort to support the latest high performance NICs, we are glad to announce the support of:
- Mellanox 10G/25G/40G/50G/100G Connect-X 5 (mlx5)
- Broadcom NetExtreme E-Series (bnxt)
Hopefully, this gave you a good overview of what we are working on. Let us know your feedback. Feel free to have a look at our online documentation and contact us to request a demo or an evaluation of any of our products.
I will be in touch soon in a next blog post about next-gen management frameworks in our industry. Stay tuned!
Yann Rapaport is Vice President Of Product Management for 6WIND.