Virtual Machine to Virtual Machine Monitoring

Napatech SmartNIC Solution

Solution Description

NAPATECH SMARTNIC SOLUTION WITH VM TO VM MONITORING
The following document provides a description of the Napatech SmartNIC Solution with VM to VM Monitoring. The solution leverages the Napatech SmartNIC Solutions for Virtual Switch Acceleration, which accelerate both north-south and east-west data traffic switching and enables monitoring of this traffic, such as east-west traffic between virtual machines in a hypervisor environment.

THE BENEFIT FOR THE CUSTOMER
With this solution it is possible to receive a copy of all data traffic hosted on the virtualized server and deliver it to either virtual probes and appliances or external physical probes and appliances for analysis. By replicating the traffic on the Napatech SmartNIC, no CPU cores are used, which is one of the major drawbacks of current solutions.

Traditionally, traffic in a data center can be monitored by receiving a copy of network data from switches and routers through SPAN ports or by tapping connections between servers, switches and other appliances. This is still possible in virtual environments for north-south traffic, which will enter and leave the physical server and be switched at the top-of-rack switch, which can provide SPAN port access to the traffic or can be physically tapped.

For east-west traffic from one virtual machine to another virtual machine, the data traffic remains within the hypervisor domain. Using physical taps or switch SPAN ports will not provide access to this data as it never leaves the physical server. The solution available today is to replicate all traffic in the virtual switch running in software. That means that twice the number of CPU cores are now required as double the amount of data traffic needs to be switched by the virtual switch. In most circumstances, this is unsustainable as it will result in more CPU cores being used to switch and monitor data traffic than there are cores available for revenue generating virtual applications.

Figure 1: Current solutions for monitoring of virtual data traffic

Napatech SmartNIC Solutions for Virtual Switch Acceleration provide different options for accelerating virtual switches, but in all of these solutions, insight is provided into north-south and east-west traffic. The SmartNIC Solution for VM to VM Monitoring replicates this traffic on the SmartNIC hardware and makes it available for either virtual or physical monitoring solutions. No CPU cores are used as the replication is performed in hardware and not software removing one of the major issues of current solutions.

HOW DOES IT WORK
The Napatech SmartNIC Solutions for Virtual Switch Acceleration are all based on the capability to offload the megaflow cache from Open Virtual Switch (OVS). This means that Napatech can accelerate the switching of megaflow data. The megaflow data includes both north-south and east-west traffic, all of which will be sent to the SmartNIC for switching. This enables the SmartNIC to replicate all of the traffic received and make it available through a virtual SPAN port or through one of the physical ports on the SmartNIC.

Figure 2: Napatech SmartNIC Solution with VM to VM Monitoring

Monitoring of aggregate data traffic for network management or cybersecurity is compute intensive. Virtual appliances for these kinds of monitoring applications can consume up to 20 CPU cores. It is therefore important that the type of traffic to be replicated by the SmartNIC can be controlled and filtered so that the amount of traffic to be analyzed can be minimized. Napatech has extensive filtering capabilities that can be applied on-the-fly to control the amount of traffic to be replicated and analyzed.

Another reason for managing the amount of traffic to be replicated for virtual appliance monitoring is server PCIe interface bandwidth. The current generation of PCIe interface technology available in servers supports up to 100 Gbps data transfer. While the Napatech SmartNIC Solution is capable of supporting up to 200 Gbps of bidirectional data, the PCIe interface limitation means that the maximum amount of traffic
that can be delivered to a virtual monitoring appliance is 50 Gbps. For monitoring of 100 Gbps traffic, it is recommended that data is replicated and delivered to an external physical appliance.

EFFICIENT SOLUTION THAT MAKES MONITORING OF VIRTUAL TRAFFIC FEASIBLE
The Napatech SmartNIC Solution with VM to VM Monitoring now makes it possible to efficiently monitor all traffic in a virtual environment without CPU core penalties. It enables better service fulfilment, assurance and billing as the necessary data for telemetry is at hand and can be provided to multiple virtual and physical appliances for analysis. With this solution, the final missing piece of the puzzle has fallen into place to enable efficient delivery, operation and support of critical revenue generating services in virtual environments.

Providing a value-added solution that addresses exactly the challenge at hand is what clients expect from solution integrators like Credocom. Ideally, this solution should be provided in a way that leverages installed systems and enables further additions to be made in the future as the client’s needs become more sophisticated.