NVIDIA’s accelerated switching and packet processing (ASAP2) technology is becoming ubiquitous to supercharging networking and security for the most demanding applications.
Modern data center networks are increasingly becoming virtualized and provisioned as a service. These software-defined networks (SDN) deliver great flexibility and control, enabling you to easily scale from the premises of one data center to multi- and hybrid-cloud environments. The longstanding conflict between implementing SDN technologies and hardware-accelerated networking, namely SR-IOV, has primarily been due to fundamental differences between the two: SDN, abstracts the underlying NIC hardware and provides a virtualized network device to a virtual machine/container pod. SDN also utilizes a considerable amount of CPU processing capacity that would otherwise be used for running business applications. SR-IOV, however, does the exact opposite, providing a direct interface between the virtual machine/container pod and the NIC hardware. It bypasses the host’s CPU and operating system and thus frees up expensive CPU resources from I/O tasks. Having said that, cloud builders tend to avoid SR-IOV as it takes away live migration and sometimes requires installing a network driver on the guest operating-system. This discord between SDN and SR-IOV accelerated networking has forced system architects and network engineers to prioritize one over the other, often at the cost of poor application performance or inflexible system design, and higher TCO.
NVIDIA ASAP2 — Providing the Best of Both Worlds
NVIDIA accelerated switching and packet processing technology (ASAP2), featured in ConnectX SmartNICs and BlueField data processing units (DPUs), delivers breakthrough data center networking performance, with zero CPU utilization. At the heart of ASAP2 is the eSwitch–an ASIC-embedded switch that delivers the performance and efficiency of bare-metal server networking together with the flexibility of SDN. The beauty of the eSwitch lies in how it allows the SmartNIC/DPU to handle a large portion of the packet-processing operations in the hardware, freeing up the host’s CPU and providing higher network throughput. Nearly all traffic in and out of the server—and even between the server-hosted VMs or containers—can be processed quickly by the eSwitch.
The NVIDIA ASAP2 technology stack provides a range of network acceleration capabilities that enable customers to choose between maximum performance (SR-IOV) or support for legacy environments (VirtIO), etc., all while maintaining the SDN layer. BlueField DPUs also offload and isolate the SDN control plane software on the Arm cores. This provides additional CPU savings along with better control and enhanced security for cloud operators in bare metal, virtualized, and containerized environments.
The ASAP2 technology is integrated upstream in the Linux kernel and in a range of leading SDN frameworks. The following diagram illustrates how NVIDIA SmartNICs and DPUs leverage ASAP2 technology to accelerate the OVS stack in hardware:
At GTC 2021, global technology partners together with NVIDIA showcased the ways in which they leverage the ASAP2 technology to secure and accelerate modern data center workloads. Scroll below to find information on the featured sessions and their respective use-cases.
China Mobile Accelerates Networking For Its Public Cloud Service
In this session, NVIDIA hosts industry experts from China Mobile and Nuage Networks discuss China Mobile’s implementation of a Nuage SDN solution powered by the NVIDIA ASAP2 technology, for its public cloud service. This session highlights the ASAP2 vDPA acceleration technology, including its benefits and drawbacks compared to SR-IOV, as well as performance expectations.
Sharko Cheng, Senior Network Architect, Cloud Networking Products Department, CMCC
Mark Iskra, Director, Nokia/Nuage Networks
Ash Bhalgat, Senior Director, Cloud, Telco & Security Market Development, NVIDIA
NVIDIA Secures and Accelerates GeForce NOW Cloud Gaming Platform
At NVIDIA we always strive to put our products to work before taking them to market. GeForce NOW (GFN) is NVIDIA’s cloud gaming service that runs on powerful computing platforms across 20 data centers, servicing more than 10 million subscribers. The GFN networking team has partnered internally with the NVIDIA Networking business unit to design, implement and test an OVN Kubernetes infrastructure, accelerated with NVIDIA ASAP2 technology. The result is a fully integrated cloud-native SDN platform that provides a high throughput, low latency connectivity solution with built-in security. The session dives deep into the cloud platform architecture and the ASAP2 acceleration stack that are geared towards providing epic gaming experience.
Leonid Grossman, Director, Cloud Networking, NVIDIA
Majd Debini, Software Director, Cloud Acceleration, NVIDIA
Mavenir Partners With NVIDIA to Accelerate 5G UPF Applications
With 5G wireless networks being 10 times faster and supporting 10,000 times more network traffic than 4G, 5G Core is one of the most demanding data center workloads out there. Mavenir, a leading network software provider, partnered with NVIDIA to accelerate its cloud-native 5G core solution using the ASAP2 technology. The session brought together two product leaders from Mavenir and NVIDIA to discuss a number of issues, including the need for hardware acceleration to deliver on the promise of 5G, how NVIDIA ASAP2 has been integrated to Mavenir’s 5G User Plane Function (UPF), and how the technology is positioned to accelerate network functions (NFs) more broadly. This session is unique in the sense that ASAP2 is used not only to accelerate the SDN layer, but also to accelerate the application pipeline.
Manikandan Sankaran, Director, Product Management, Mavenir
Gal Haim Cohen, Director, Product Management, NVIDIA
Watch on-demand: High Performance Mavenir UPF with SmartNIC Offloads
Palo Alto Networks Collaborates With NVIDIA on 5G Security Acceleration
At the forefront of cybersecurity, Palo Alto Networks has partnered with NVIDIA to integrate the ASAP2 technology with the flagship PAN-OS next-generation firewall (NGFW) for addressing the stringent performance requirements of 5G networks. What they’ve built is an innovative solution that uses the NVIDIA BlueField DPU to offload policy enforcement based on application classification. Most of the data in terms of volume and bandwidth doesn’t need inspection through the firewall and is processed in hardware. The solution is dynamic in the sense that as threats evolve, the solution adapts without changing the underlying infrastructure. Initial performance results indicate ~5X improvement. The demos at the end do a great job of showing how the solution can both scale in terms of performance and system tuning, and offload real-world traffic in conjunction with PAN’s next-generation firewall.
Sree Koratala, VP Product Management Mobility Security, Palo Alto Networks
John McDowall, Senior Distinguished Engineer, Palo Alto Networks
Ash Bhalgat, Senior Director, Cloud, Telco & Security Market Development, NVIDIA
VMware and NVIDIA Accelerate Hybrid Cloud Networking and Security
Digital infrastructure leader VMware has partnered with NVIDIA to bring AI to every enterprise and to deliver a new architecture for the hybrid cloud. VMware project Monterey is a large-scale effort to re-architect its prominent VMware Cloud Foundation stack to use NVIDIA BlueField DPUs. A major part of this effort includes offloading, accelerating and isolating VMware’s ESXi networking to BlueField leveraging the NVIDIA ASAP2 technology. This session introduces the next-generation cloud foundation architecture and the role of NVIDIA BlueField DPUs to run VMware’s NSX network and security services. Tune in to get a first look at how BlueField DPUs can be managed using existing VMware tooling, enabling new and advanced functionalities while providing familiar user experience.
Sudhanshu (Suds) Jain, Director Product Management, VMware
Motti Beck, Senior Director, Enterprise Market Development, NVIDIA
Securing and Accelerating the Data Center with NVIDIA ASAP2
Modern data center workloads demand the performance and efficiency of bare-metal server networking with the flexibility of SDN. NVIDIA and its broad partner ecosystem are leveraging the advanced ASAP2 technology featured in NVIDIA’s ConnectX SmartNICs and BlueField DPUs to secure and accelerate data center workloads from cloud to edge.