Evading servers' networking tax

Fatter network pipes and the need for smarter traffic treatment are forcing server vendors and users to make hard decisions about where to get more network processing power.

When data comes into a server or is sent out to a network, it needs to be processed, for example by being pulled out of packets or placed into packets. Traditionally, that processing has been done on the server's CPU (central processing unit), but as typical network interfaces have gone from 100M bps (bit per second) to 1G bps and begun heading toward 10G bps, the bottleneck between server and network in some cases has shifted from the interface to the CPU.

In addition to basic TCP/IP (Transmission Control Protocol/Internet Protocol) processing, companies now are demanding additional functions such as encryption, adding to the burden. This poses a challenge in designing systems, said Linley Gwennap, principal analyst at The Linley Group, in Mountain View, California.

A 1G-bps (bit-per-second) network connection, commonly used today, if fully utilized can be a huge burden to a 2GHz central processor, he said.

"You can eat up half that processing power just to do low-level TCP processing from data coming off the card," Gwennap said.

The problem has inspired a variety of solutions, each with its own benefits and adherents. Vendors at the Network Processors West conference this week in San Jose, California, played up technology to deal with the issue and discussed it in a conference session.

Some, such as Trebia Networks Inc., favor shifting network processing to the NIC (network interface card), so more power can be added every time a new interface is added to the server. Others advocate adding a network processor to the chipset surrounding the CPU. Still others, such as Sun Microsystems Inc., say new multicore CPUs are the answer. These effectively provide several chips in one with a large shared memory cache.

Sun has indicated that the multicore chip could offload several tasks such as TCP/IP processes, SSL (secure sockets layer) requests, and processing of large media files. This type of technology could fit into Sun's lower-end servers with one to four processors and provide customers with a sort of one-stop shop for general-purpose computing and these specialized off-loading functions. Sun has said it expects these products to be available in 2004.

Other companies, such as Intel Corp. and Cisco Systems Inc., have released 10G-bps network processors that can perform similar functions to the future Sun chip. The Cisco Toaster family of products and the new Intel IXP2850 can churn through the TCP/IP stack and have powerful encryption functions.

A new chip architecture from San Diego-based Astute Networks Inc., outlined during Wednesday's session by Chief Technology Officer Fazil Ozman, is designed to deliver 10G-bps performance in SANs (storage area networks) and NAS (network-attached storage) products. It can deliver the I/O processing on an interface card while other functions take place on the CPU. The architecture, called Pericles, has 10 cores, each of which runs at 233MHz. Each core can run a different storage network protocol, so system makers could provide support for both Fibre Channel and the emerging iSCSI (Internet Small Computer System Interface) technology on the same device, Fazil said.

Whereas network processing units (NPUs) let switch makers fit many ports on an interface card and first-generation storage network chips support a wide range of protocols, Pericles provides both, Fazil said. A software development kit for customers to start designing systems with Pericles became available last summer. Pericles sample chips should go out to customers by year's end, he said.

Alacritech Inc. in August was a leader in the introduction of NICs called TOE (TCP/IP offload engine) cards, which can boost server and storage system performance.

TOE processing will also be part of the EthernetMAX (Media Access Xccelerator) processors from iReady Corp. and National Semiconductor Corp. They can perform Gigabit Ethernet physical interface, MAC (Media Access Control), TOE, IPSec (IP Security) encryption and decryption, and iSCSI processing, according to Michael Smith, iReady's CTO. Smith outlined the architecture at Wednesday's conference panel.

EthernetMAX is designed as a full offload chip to free a CPU from all network processing, but system makers can shift some functions from EthernetMAX to the CPU if they wish, Smith said. It is intended first for storage systems, but could be used in almost any setting, ranging from the backplanes that link ports on switches to long-haul optical carrier backbones, he said.

The first EthernetMAX product, a single-chip Gigabit Ethernet offering, is set to ship in sample quantities in January. In high volumes, it will be priced well under US$100, Smith said.

Putting TCP/IP (Transport Control Protocol/Internet Protocol) processing on the NIC (network interface card) gives the server user a way to add more network processing power as more or faster pipes are added, Gwennap said. Building it into a central processor or chipset locks the user in to a certain amount of capacity that may be too much at first and not enough later on, he said.

As network speeds have increased, part of the problem has been that the processing has proved complex and difficult, said John Metz, a network chip analyst at Metz International Ltd., in Harvard, Massachusetts. For one thing, timing is critical when moving packets off the network, on to the CPU and back to the network. Specialized hardware is best, Metz said.

"I think we're going to find that (type of) function is going to be done in hardware, not in adding a second processor core or a second CPU," he said. "They'll eat your CPU alive. It's not the most efficient thing for a CPU to do."

Still, another analyst said that none of the new methods -- TOE cards, network processors or multicore CPUs -- have proved they can solve problems for the end user just yet.

"There is great deal of hand-waving going on right now," said Gordon Haff, an analyst at Nashua, New Hampshire-based Illuminata Inc. "There is this notion that a general purpose TOE will make all of our networking overhead problems magically go away. The on-chip people aren't necessarily any better. We need to see more detailed explanation than we have seen so far as to how they will offload functions without changing all of the software that is out there."

Haff said no vendor has yet established how to handle TCP/IP off-loading in a highly efficient way that does not require alterations to the way software communicates to processors.

"This is not to say that Sun or anybody else does not have a plan," he said. "They will say, 'We have solved 50 percent of the problem and we'll solve the rest. Don't worry about it.'"

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about AlacritechCiscoIlluminataIntelLinley GroupNational SemiconductorNICSun Microsystems

Show Comments