6WIND is an interesting company I’ve been following for some time now, initially out of curiosity, and then out of more curiosity :-). They first started as a networking software company claiming to solve performance challenges for software defined networks (SDN) and network function virtualization (NFV). How you ask? They leverage the capabilities of multicore processors and Intel’s Data Plane Development Kit (DPDK) to allow direct access to the data plane enabling a zero-copy mode from network to CPU!
DPDK is not a networking stack, and, by itself, does not provide network functions such as Layer-3 forwarding, VRF, IPsec, firewalling, etc. However, companies like 6WIND and Wind River (acquired by Intel in 2009 for $884 million) can leverage DPDK and provide additional services and support. This is exactly what 6WIND has done. Note, 6WIND also maintains the dpdk.org website where you can download the latest DPDK version and find more info.
6WIND has leveraged the Intel DPDK and wrote their own TCP/IP stack. Further, they expanded the support past Intel to other CPU and NIC vendors. Today, they work with Intel, Mellanox, and Emulex NICs. They claim they can achieve 10x the performance over the standard Linux networking stack and have shown a Dell PowerEdge server with 12 x 10G ports able to achieve ~120 Gbps North-South line-rate with Virtual Accelerator able to process an aggregate ~240 Gbps bidirectional!
This is all very interesting as they have expanded leveraging their packet processing software to new products like 6WIND Virtual Accelerator which accelerates virtual switching and networking features for virtual infrastructures. Basically, they have developed technology that will work with open vSwitch (OVS) running on hypervisors like KVM without any modification to the Linux kernel.
6WIND accelerates OVS by running 6WIND’s own networking stack (packet processing for Layers 2 through 4) in user space rather than using the standard Linux networking stack that’s in kernel space. There’s been some debate about this approach with some arguing as more functionality is put into the user space performance will suffer. Intel validated the 6WIND approach as they also encourage user space over kernel space for the networking stack. Intel has shown 80 Mpps L3 forwarding throughput for 64 byte packets on a single Intel Xeon processor (1 socket, 8 x 2.0 GHz cores) and double that with a dual-processor. Using the same CPU, the standard Linux networking stack can’t achieve even half the same performance.
Interestingly, in Open Networking Summit 2013, Intel announced their own fork of OVS which would leverage DPDK and be called OVDK. Unfortunately, or perhaps fortunately depending on how you view it and if you had already started using OVDK, at the Open vSwitch 2014 Fall Conference, Intel announced it would end support for the OVS fork and encouraged continued support for the community OVS project. 6WIND seemed to agree with this decision as can be seen on this post on their website by CTO, Vincent Jardin.
All indeed very interesting and quite a bit of activity going on in this space, although, unbeknown to many who have not really looked past the splashy SDN/NFV marketing hoopla and dug into the internals of how some of this stuff works. Anyone leveraging Linux and virtual networking for SDN/NFV at scale and looking for high-end performance will have to look into this at some point. Although not a trivial task, serious SDN players may already have enough internal expertise to develop their own solution; many are already experimenting or announced some level of support for DPDK.
Now, back to 6WIND. Their first available product was packet processing software called 6WINDGate. This can be licensed for data center applications to improve performance of network appliances running functions having to do with anything from switching up to the application layer. They now also sell 6WIND Virtual Accelerator which provides accelerated virtual switching and networking features for virtual infrastructures. In addition, they recently also added two virtual appliance products: 6WIND Turbo IPsec and 6WIND Turbo Router. All these products leverage the 6WINDGate packet processing software which leverages the Intel DPDK.
Intel’s DPDK is a set of software development libraries that can be utilized to greatly enhance the performance of network applications running on open-source Linux systems. DPDK also leverages Intel CPU multi-core multi-processor architecture, and some vendors like 6WIND have made it possible to use with non-Intel NICs and CPUs.
Because the DPDK libraries run in user space, it allows for direct access to hardware without using the Linux kernel. The DPDK libraries handle the data plane processing and pass packets directly to to the application network stack without any Linux kernel overhead. Direct hardware access enables a zero-copy mode from network to CPU without having some of the typical overhead and latency associated with the standard Linux networking stack in the Linux kernel limiting effective throughput. Additionally, the DPDK libraries enable tasks to be bound to specific CPU cores. Some cores can be designated for the Linux kernel / control plane / application software while others can be designated for DPDK data plane, and this can be dynamic.
For its packet processing software, 6WIND separates the control plane and data plane and runs their proprietary Fast Path for data processing in user space on a set of dedicated cores isolated from the Linux operating system. 6WIND has leveraged this capability within the 6WINDGate packet processing software for subsequent products: 6WIND Virtual Accelerator, 6WIND Turbo IPsec, and 6WIND Turbo Router. All very useful products with specific implementation details/options and use cases (NFV, virtual appliances, etc.) which I’ll discuss more in a later post.
Follow me on Twitter: @Humair_Ahmed