Today’s hyperscale data center, service provider, and carrier networks are built on open switch hardware and open software on servers running virtual network functions. As demands for higher throughput and efficiency drive switch development, the standard fixed-function switch ASIC has started to make way for more flexible programmable switch silicon that allows greater control of the data plane. Programmable switch ASICs can be programmed using high-level languages that define only the packet processing required for the specific switch application. This enables not only a more efficient packet pipeline by restricting the protocols supported, but provides the ability to implement new or customized protocols when and where needed. The result is open networking extended all the way down to the switch ASIC level. In addition, programmable switch ASICs deliver complete customized flexibility without significantly sacrificing performance, increasing power, or adding to costs.

To illustrate the fundamental differences between a fixed-function switch ASIC and a programmable ASIC, consider how ingress packets are processed through each type of ASIC. In this example, Barefoot’s programmable Tofino switch ASIC is compared to a typical fixed-function ASIC.

The fixed-function ASIC first parses received packets before processing through a fixed pipeline of various applied protocol logic and tables. That is, the ASIC supports a limited set of networking protocols that forward packets based on certain rules and forwarding tables. For some switch applications, it is possible that many ASIC-supported protocol features remain unused, and in addition, any need to accommodate new protocols requires a complete hardware upgrade. It is this inflexibility and inefficiency of fixed-function ASICs that programmable switch ASICs seek to remedy.

In comparison to the fixed-function ASIC, the Barefoot Tofino switch ASIC design is based on its Protocol Independent Switch Architecture (PISA). With the PISA architecture, each stage of the packet pipeline is undefined and requires programming for packet parsing and specific match-action forwarding logic. The switch ASIC programming uses a high-level language called P4 that was developed as an alternative to fixed function switching. The Open Networking Foundation has defined the P4 language as a standard and drives the progress through an active and growing P4 community. The development of P4, as well as other packet-processing programming languages, enables the data plane to be fully programmable and mostly independent of the underlying hardware.

For a typical application using the Barefoot Tofino switch ASIC, incoming packets are first parsed and validated before being passed on to an ingress match-action pipeline. Each stage of the match-action pipeline can be programmed to make forwarding decisions or apply certain packet processing applications. Similarly, at port egress packets are sent through a parser and match-action pipeline before being deparsed and placed in an output queue.

Note that the Barefoot Tofino switch ASIC allows the ingress parsing of packets to be completely programmable, as well as the forwarding decisions. In fact, the programmer has the flexibility to implement complex forwarding actions and even application logic into the switching process. This opens the possibility for programmable ASIC devices to be built and configured to serve specific network functions, for example, applications such as data center load balancing.

The CSP-9550 server-switch is Accton’s first “hyper cloud appliance,” integrating computing, storage, and networking into a single device that can be configured for various applications. The 1RU high server-switch is based on a dual-socket design that supports a number of Intel® Xeon® Scalable processors for high-performance compute and the Barefoot Tofino™ switch ASIC for P4 programmable connectivity.

The Xeon® Scalable processors offer up to 28 cores and significant memory bandwidth (six memory channels) with support for 12 DDR4 DIMM slots per CPU. Local storage options include two SATA III and two U.2 NVMe sockets (maximum of two 2.5″ devices). The server in the Accton CSP-9550 is linked to the programmable Barefoot Tofino switch ASIC, which is configured to support 48 x 25 GbE (SFP28) and 8 x 100 GbE (QSFP28) network ports.

With the highly advanced compute core and flexible P4 programmable switch ASIC, the Accton CSP-9550 is able to power through intense packet processing workloads, supporting functions such as load balancing, firewall (including DDoS attack prevention), or network visibility (performance monitoring). The hardware platform can operate using any supported operating system and virtualization infrastructure, or can be custom developed based on application requirements. In addition, the Accton CSP-9550 is able to scale to meet the dynamic performance requirements increasingly demanded in cloud deployments.

Accton’s CSP-9550 server-switch can function as an ideal load balancer in a data center environment. Load balancing is important in a data center to ensure that network traffic is evenly distributed across multiple servers and that users experience a consistent service. Typically, the load balancing in a data center is centralized and may involve dedicated hardware appliances or be software-defined and run on standard servers. The example outlined below illustrates the benefits of deploying Accton’s CSP-9550 server-switch at top-of-rack in the data center instead of a centralized hardware solution.

Other than just distributing network traffic to prevent server overload, load balancing can also involve applying certain policies as well as security. Regardless of the functions employed and specific algorithms, the load-balancing must maintain “stateful” connections, that is, all packets in a particular connection must always be forwarded to the same server. This connection consistency requires load balancing to maintain connection tables for all traffic flows, which can be millions in a data center environment. The traffic workload can therefore consume significant CPU and memory resources and maintaining acceptable performance as the network scales is achieved by deploying more hardware to handle the traffic volume.

The following diagram illustrates some of the issues when using centralized load-balancing hardware in a data center. Firstly, there can be high costs for dedicated load-balancing appliances that might run proprietary software on custom processors to achieve high performance. Although software load-balancing solutions run on less-expensive standard servers, this results in a significant impact on performance. Additionally, there is a latency issue with the “hair-pinning” of traffic across the network to the centralized load-balancing hardware and then returning to the top-of-rack switch.

Now consider how the Accton CSP-9550 server-switch deployed as a load-balancer at top-of-rack improves the issues of performance and scaling. The Barefoot Tofino switch ASIC is designed to process terabits of traffic per second, which is a significant performance increase over centralized load-balancing hardware. The programmable nature of the Barefoot Tofino switch ASIC means that the packet parsing and forwarding can be fine-tuned for load-balancing, whereas the high-performance compute capability of the CSP-9550 server can handle complex packet processing and other functions. As the data center scales to millions of traffic flows, the CSP-9550 server-switch includes ample CPU and memory resources to maintain connection tables, even with frequent data center server changes. Also, the latency and hair-pinning issues are non-existent with switching and compute located in the same box. With the Accton CSP-9550 server-switch, you essentially have the best of both dedicated load balancing hardware and a software-defined solution. The programmable ASIC provides the benefit of efficient high-performance switching, and the high-power compute capability delivers the processing capacity and flexibility.

As today’s networks have turned to open software-defined architectures, the need to extend flexibility down to the data plane has given rise to programmable switch ASICs replacing the fixed-function ASICs for certain applications. This has led to the development of new network devices, such as Accton’s CSP-9550 server-switch, a “hyper cloud appliance” that integrates computing, storage, and the programmable Barefoot Tofino™ switch ASIC into a single open platform. The benefits of such integrated appliances is improved performance, better efficiency, and complete flexibility. As new network devices implementing programmable switch silicon evolve, it can be expected that they will become an important part of many data center, service provider, and carrier networks.