The advance of 10 Gbit Ethernet networks and the increased data rates have provided both opportunities and challenges for developers of high-performance, real-time applications. The number of Internet subscribers and their use of bandwidth continues to rise in response to richer video and image content. Consequently, service providers need a bigger, 10 Gbit/s pipe, which 10GbE can provide. This means aggregating 1 Gbit links into 10 Gbit links, and replacing single 10 Gbit links with multiple 10 Gbit links. Although users expect consistent, smooth access to content, higher bandwidths lead to a greater likelihood of performance bottlenecks. Therefore, network performance must be monitored and optimized. Meanwhile, since security attacks have become more sophisticated, more bandwidth must be monitored and deeper analysis of packets is required.

Because the processors they’ve been using in network performance monitoring/optimization and security systems can’t keep up with the data streaming from a 10GbE pipe, service providers’ applications won’t function with existing systems. Therefore, they must scale the internal bandwidth of these systems in step with these changes. The scaling they need cannot be done using either the current 1GbE hardware employed for security, packet inspection and load balancing functions, or by adding more of the general-purpose processors often used in that hardware, since the congestion problems don’t scale in a linear fashion.

MicroTCA provides a platform that can accommodate this scaling for performance monitoring and security applications. With their switched fat-pipe backplanes and ability to add in more AMC cards as required, MicroTCA architectures have the flexibility and capability to scale when the processing and data bandwidth exceeds the capacity of traditional server/line-card solutions.

Although the MicroTCA switched backplane architecture can provide what may be thought of as the expandable highway infrastructure to accommodate more traffic, there remains the problem of building new equipment with sufficient capacity to service that mass of traffic without simultaneously clogging it and creating a bottleneck during servicing. FPGA-based AMC cards are a key enabling technology for this equipment. FPGAs, when programmed with suitable algorithms, can perform the myriad inspecting, filtering and manipulation tasks on packets flowing by at 10 Gbits/s, a rate that would overwhelm general-purpose processors. The FPGAs may be thought of as “service stations” that “service” the packets and keep them moving along at these high rates.

Application Needs

Network performance monitoring/optimization applications investigate network performance patterns and identify potential architecture bottlenecks and equipment problems. These applications need wire-speed packet inspection and manipulation to identify usage trends and measure traffic flows to plan architecture upgrades and build-outs—for example, observing how new services are being handled by existing equipment. They also need rapid, real-time identification of not only major performance problems, but also more subtle ones that might otherwise go undetected, leading to frustrated customers who take their business elsewhere.

Security applications protect the network and its subscribers from the ever-increasing number and sophistication of cyber threats and attacks that consume network bandwidth and jeopardize personal information and transaction security. In order to detect such threats, the content of all data packets must be inspected. This is a computationally intensive task at 1 Gbit/s, let alone at 10 Gbits/s. Even the act of offloading processing of the 10GbE transport protocol, which could be provided by a commercial network interface card (NIC), is not enough to help the CPU keep up with the application. After the incoming data leaves the 10GbE interface and arrives on the local fabric or CPU, it is already overwhelming that fabric or CPU (Figure 1).

The alternative is to send out the incoming data to large processing farms, but the space and power required, as well as the cost of these, are prohibitive. Furthermore, this alternative is not even available if the data rate already would overwhelm the fabric used for distribution to and communication within the farm. Instead, the solution lies in doing more at the pipe itself—including load balancing, time stamping and packet inspection—before the incoming data ever leaves the 10GbE interface. This can be achieved by replacing the NIC with an FPGA-based 10GbE interface that supplies both NIC and packet processing offload functionality. For higher-bandwidth networks, a MicroTCA 10GbE interface appliance powered by FPGAs can be placed between the 10 Gbit pipe and the existing 1GbE hardware. The appliance provides offload and load balancing functionality to leverage existing hardware. In the highest-bandwidth networks, including future 40 Gbit/s and 100 Gbit/s systems, the same appliance can perform NIC and packet processing functions, as well as performance monitoring, by the addition of more cards. The appliance thus can be scaled with increasing bandwidth demands (Figure 2).