Path: EDN Asia >> Design Centre >> Communications/Network >> Significance of smart memory at 100G
Communications/Network Share print

Significance of smart memory at 100G

05 Aug 2014  | Michael Miller

Share this page with your friends

Designers of middleware and full function appliance box face the daunting challenge of developing and meeting the performance requirements for next generation 100Gbps. Using general-purpose multi-core CPU arrays provides the flexibility needed to support emerging trends like SDN and NFV. However the packet inspection and buffering functions point to the need to direct traffic to achieve load-balanced cores. Meeting these requirements in the same form factor as earlier generation 10Gbps and 40Gbps products can seem next to impossible. With new developments in serial memory solutions, middleware systems can now buffer, process packets, and steer traffic to general purpose CPU arrays 2-10 times faster than previous 10G or 40G solutions.

The form factor challenge: Fitting 100G in a 40G box
To address the form factor issue, design teams at both the device and appliance level need to understand the importance of the trends in 100G networks. Although 10G and 40G architectures are similar to 100G, 100G (and higher) designs pose trade-off challenges compounded by multiple factors. These include higher bandwidths and an order of magnitude increase in the rate of lookups. This increase is being driven by requirements for more statistics to monitor performance, increased security measures, and expanded functionality.

Since the rate of lookups is growing faster than the CPU can process, this growth fuels the need for pre-filtering. Like every other electronic design, 100G (and up) architectures face the same trade-offs of area, power, performance, and pin count. Traditional memory solutions exhibit ongoing access rate issues versus processing speeds. If you combine traditional memory access rates with the maximum 2 Gbits per pin capacity, it leads to the conclusion that there simply aren't enough available pins. In addition, if the design were able to have sufficient pins, the amount of memory required poses a significant challenge because of the area consumed.

Gearing up to 100 GE with only 10G serial I/O
The mission of the data centre is two-fold and closely linked: Maintain uptime and avert crashes. Likewise, as data demands continue to grow exponentially, data centres will need to consider two aspects of network appliances in the data centre. First, 100 GE operates at the edges of the data centre. To achieve 100 G performance, the network appliance aggregates 10 GE or four 25 GE packet transmissions.

Second, jumping from prior-generation 40G to 100G architectures means that processing performance also jumps by 2.5 times, from 60 Million Packets Per Second (MPPS) to 150 MPPS. Likewise, the jump from 10G to 100G means processing packets 10 times faster. With increasing demands for rapid access to large data sets by many users, network appliances must meet these processing demands so the data centre can avert crashes.

Stateful packet processing, packet counts & deep packet inspection

Security drives packet processing because the data centre needs to protect the integrity of data and detect unauthorised or malicious intrusions. In addition, as witnessed by recently publicized threats, like HeartBleed, security and inspection standards are likely to evolve into increasing complexity. Stateful packet processing provides the level of detection necessary, examining each packet to L7, which is deeper than stateless packet processing.

Stateful packet processing (also called dynamic packet filtering) monitors and filters network traffic coming into the data centre and places high demands on the memory sub-system. In stateful processing, a flow is defined as a stream of related packets that meet matching criteria and share the same characteristics [1]. To identify a flow, the CPU may need to conduct multiple reads from table memory, including such fields as port number, MAC address, IP source/destination, etc. At 150 MPPS, it is not uncommon to conduct as many as 12 reads, which adds up to 2 billion or more memory accesses.

Once a packet is identified as belonging to a flow, the system needs to retrieve the state of the flow. After finalizing the disposition of the packet, any updates to the state must be written back. This requires a state memory read and write operation and can be performed on worst case on the same location or bank at a rate of 150MHz or better to keep up with randomly arriving packets. Some solutions may use a cache, but this can leave the solution open to a security risk when the cache is thrashed under extreme conditions during an attack.

Packets belonging to an identified flow may need to be assembled and buffered until sufficient processing resources are available. This ensures that all packets belonging to a flow are processed in order. The read and write pointers for the buffer must be kept in the state table. While some memories may have enough aggregate bandwidth to handle the sum total of 100G across multiple devices, it is very advantageous to have a high access rate memory. This enables the appliance to handle reads and writes with smaller data transfers (for example 8B, 16B and 32B). Doing so minimises the need for buffering on the host device and achieves the most efficient transfer.

1 • 2 Next Page Last Page

Want to more of this to be delivered to you for FREE?

Subscribe to EDN Asia alerts and receive the latest design ideas and product news in your inbox.

Got to make sure you're not a robot. Please enter the code displayed on the right.

Time to activate your subscription - it's easy!

We have sent an activate request to your registerd e-email. Simply click on the link to activate your subscription.

We're doing this to protect your privacy and ensure you successfully receive your e-mail alerts.

Add New Comment
Visitor (To avoid code verification, simply login or register with us. It is fast and free!)
*Verify code:
Tech Impact

Regional Roundup
Control this smart glass with the blink of an eye
K-Glass 2 detects users' eye movements to point the cursor to recognise computer icons or objects in the Internet, and uses winks for commands. The researchers call this interface the "i-Mouse."

GlobalFoundries extends grants to Singapore students
ARM, Tencent Games team up to improve mobile gaming

News | Products | Design Features | Regional Roundup | Tech Impact