An interview with Nicolas Bouthors, Chief Technical Officer at Qosmos
Nicolas explains how Vector Packet Processing (VPP) can be combined with Deep Packet Inspection (DPI) to build applications faster and more efficiently, improve VNF performance, and run several applications simultaneously. He illustrates this new approach with VNFs such as firewalling, traffic shaping and NAT running off a single VPP, scaling from CPE-size to core network functions.
Erik Larsson (EL): What are the pain points that you hear from telcos and from networking vendors?
Nicolas Bouthors (NB): Telcos are looking for next generation solutions based on SDN and NFV, and in particular they are looking for ways to leverage the OPNFV architecture. This means that their suppliers, the networking vendors, need an efficient framework to develop these new, carrier-grade high-performance VNFs. Until now, they only had the well known, low level technologies such as Linux, Iptables, OVS, or Intel DPDK, and as a result development remains complex and costly. In addition, it has traditionally been complex and costly for developers to embed real time traffic visibility in the form of DPI.
EL: What is VPP and how can it ease development of new networking products?
NB: VPP is the open source version of Cisco’s Vector Packet Processing (VPP) technology, a high performance, packet-processing stack which runs on commodity CPUs. This virtual switch module was made open-source by Cisco in early 2016, as part of the Linux Foundation project FD.io (“Fido”), focused on solving new networking challenges. VPP has a track record of high performance, flexibility, and a rich feature set. For the networking industry, it is a new disruptive technology with the potential to both lower cost and risk for teams developing a new generation of virtualized networking applications.
EL: Could you describe the practical benefits of using VPP?
NB: Within the CTO Office at Qosmos we have been exploring different ways of leveraging VPP as a framework to build applications faster and to improve VNF performance. We have made several interesting findings: 1) it is possible to make multiple stateful applications coexist on a single VPP, 2) we can scale from small devices such as CPEs all the way up to core VNFs. We have been able to successfully use VPP for specific use cases like firewalling and performance monitoring based on Deep Packet Inspection (DPI).
Example: Monitoring OpenStack VMs with one click
EL: What is the role of DPI in building better VNFs?
NB: VPP in itself is good, but our practical experience shows that VPP must be complemented with key functionality like DPI software, linked to shared flow tables, and fully integrated and monitored through OPNFV using standard management tools such as OpenStack for orchestration and OpenDaylight (ODL) as a controller. It is thanks to the DPI software that developers get a complete solution which is application-aware and in line with open source networking architecture.
EL: How do you see Qosmos’ role?
NB: For networking vendors, we can provide professional services in the form of VPP development & engineering, integrating DPI libraries with flow tables, and a pre-tested architecture model leveraging OPNFV, OpenStack, and ODL. From a technology point of view, we bring the Qosmos ixEngine, a DPI engine which provides real-time traffic classification up to Layer 7, an enhanced version of VPP based on shared flow tables, and a way to serve several application VNFs from a single VPP. In a nutshell, our concrete experience can help networking vendors accelerate time to market for new, high-performance and application-aware VNFs.
EL: What should I do if I am interested in knowing more and having a discussion with Qosmos experts?
NB: I would be glad to have a discussion; we would be glad to work with interested parties on joint contributions to the VPP project and on related topics. You are welcome to contact us through Qosmos.com.
Article first published on October 7th 2016 in The Fast Mode