Earlier this year Vyatta announced vPlane, a software layer 3 router forwarding plane that enables enterprises and ISPs to build and extend virtual networks. The six year old virtual networking company decoupled the router forwarding plane from the network control plane within their software to dramatically improve performance and scalability. The software is currently available to beta testers and is likely to be available soon.
Virtualization provides many benefits for servers and applications, but it creates dramatic challenges for the network. While virtualization reduces the number of physical servers it also increases the number of virtual devices that must be connected to the network. This causes an increase in capacity requirements and management resources because, as far as a layer 2 switch is concerned, there’s very little difference between a virtual network device and a real one.
Many of the issues that arise in a physical switched environment have to do with performance, security, and management complexity.
Not only does virtualization increase the number of network connected devices, it also adds tiers to the switching fabric, increasing latency, and power consumption. The consolidation of virtual machines on physical servers al affects switching scalability and performance. Hypervisors contain a virtual switch that connects each virtual machine to the physical network cards and therefore to the network, but that virtual switch typically decreases performance by 10% to 20%.
Additional issues include increased management and security complexity. As more traffic is switched within the hypervisor, traditional network monitoring and security tools lose visibility into that traffic. A major portion of today’s virtualization related network traffic is performance challenged, unmanaged, and potentially lacks the security controls taken for granted in the physical world.
Vyatta was founded in 2006 with the goal of building a network operating system that runs on x86 servers. While a large percentage of enterprise and ISP networking gear is proprietary software running on proprietary hardware, more and more network devices are essentially specialized software running on x86 hardware. Just as with everything else IT related, there is a tremendous price performance advantage to purchasing commodity hardware loaded with specialized software (in this case an x86 server running Vyatta Vplane) over the proprietary model.
Vyatta makes its software available as a free download (which is currently being downloaded at the rate of 15,000 times per month. Companies can run the full featured free download for as long as they like, however, subscription access to the fully supported version costs $1500 a year. The company currently counts the University of Florida, Dell, ADiFY, Honeywell, Nokia, Toyota, Rackspace, and the State of New Mexico among their 1000+ customers.
vPlane gives datacenter managers the flexibility to provide networking functions as a virtual machine rather than as part of a dedicated piece of hardware. The network VM can be moved around the infrastructure to serve different functions in different locations and configurations. In contrast to network hardware, network software can scale up or down as needed without having to build excess capacity into network designs.
Vyatta has achieved dramatic performance improvements (1000x) in the past four years. Vyatta’s vPlane will, on an Intel Westmere-class system, deliver more than 8 million packets per second per core, a full order of magnitude faster than the Vyatta Network OS delivers without vPlane. Additionally, since vPlane provides linear scale as cores are added, a 1U Westmere system can deliver 35 million packets per second. These lab tests were conducted using 64-byte packets in a layer 2 and layer 3 forwarding configuration.
The significance of vPlane
Vyatta vPlane could be a disruptive force in virtual networking. Network managers should at least test virtual networking products in order to understand the advantages of software based networking.
The most dramatic influences that Vyatta is having on the industry are two-fold: increasing visibility and control of VM related network traffic and shattering price/performance conceptions.
In essence, CEO Kelly Herrell says it best: “we extend the network into the server.” The solution gives an IT department greater performance, flexibility, and control than the usual virtual switch and virtual security products. vPlane can handle up to 10 Gbps of network traffic and adds rich network control mechanisms and a firewall on top of the virtual switch. When routing inside a single physical host, latency is further reduced because there are fewer hops — there is no need for traffic to go from a VM to the virtual switch to a physical switch and then back to the virtual switch and on to another VM.
If the added flexibility, security, and manageability aren’t enough, then the price/performance advantages are pretty sure to attract some eyeballs. Briefly, the annual enterprise software market is $10-$12 billion. The router market is roughly $6-$8 billion and the layer 4 through layer 7 traffic management market is roughly $3 billion. No matter how you look at it, billions of dollars are being spent on software and network hardware at enterprises and ISPs.
Currently, most of this money is spent on proprietary hardware running proprietary software made by companies like Cisco and Juniper. Boxes like these cost upwards of $50,000. In contrast, Vyatta vPlane costs $1500/year and can run on x86 server hardware costing between $500 and $3000. Using proprietary hardware, data traffic can cost anywhere between $10,000 and $20,000 per 1 Gbps. Using vPlane and commodity hardware drops the price of traffic handled to roughly $100 per 1 Gbps. And that price difference is a factor that enterprise network managers should take into account as they look at data center refresh plans.