The following is a transcript of the audio recording you can listen to in the player above.
Welcome to Briefings In Brief, an audio digest of IT news and information from the Packet Pushers, including vendor briefings, industry research, and commentary. I’m Ethan Banks, it’s June 21, 2018, and here’s what’s happening.
I attended a technical webinar held by Arista Networks talking about their recently announced 7170 series multi-function programmable network switches. In this webinar, Arista explained what the new 7170 switch line was all about.
The Central Reason This Switch Exists Is Programmability
You can argue that all switches are programmable in some way or another, but what Arista is getting at is that the silicon is the programmable Tofino chipset from Barefoot Networks. Webinar speaker Martin Hull pointed out,
“What’s different about the Arista 7170 series based on the Barefoot Tofino chipset, is it’s the most flexible. It is a completely programmable packet processor.”
Why do you need a completely programmable packet processor? That’s a good question, and Arista answers that when you have a fully programmable packet switching platform, that device is more than just a switch. Now, it’s a switch that can be customized to handle at line rate a whole lot of features that were once the domain of smart NICs, x86 middleboxes, and single-purpose network appliances.
If you can reduce your dependency on specialized network hardware, you can simplify your network design as well as operations, potentially reduce licensing costs, and eliminate the bottlenecks that middleboxes sometimes create.
To that way of thinking, you should be able to replace a whole lot of network infrastructure with 7170s, and I’ve even heard it argued that the 7170 could be the last switch you’d ever need to buy. Arista said that they’d come alongside of customers who want custom network applications created for their companies on top of the 7170, as most shops will lack expertise in the P4 silicon programming language.
That’s a whole lot of value proposition and some big promises being made.
How Does The 7170 Deliver On These Bullet Points?
Speeds and feeds, for starters. There are 2 different switches in the 7170 line. The first is a 2U box with 64 ports of 100GbE that forward at full line rate for 12.8Tbps of performance, as high as 5 billion packets per second.
Port to port latency is sub-microsecond which maybe doesn’t knock your socks off, but remember first that this is a programmable pipeline, and second as Arista pointed out, there are ways to get the latency a little higher or lower depending on features in use. Power consumption is listed as typically less than 5 watts per 100G port. This 2U box is shipping now.
The second switch has the same numbers as the first, except that it’s a 32 port, 1RU box, with 6.4Tbps of throughput available sometime in Q3 of 2018, late July or early August Arista speculated.
Both switch are fixed configuration. They have have multiple fans and power supplies. Use cases for these switches include leaf or spine in your data center fabric.
Speeds and feeds are nice, but what about the guts? What can we do with this thing? Of course, the 7170 is programmable, so from one perspective it can be made to do any sort of fancy packet forwarding that you can dream up, and I know a few of you out there have peculiar dreams indeed. More than that, Arista touted…
Several Out Of The Box Features
I’ll hit some of them here.
Tunneling was one, where you can get 192K tunnels terminated on a 7170, while still managing to push as much as 5Bpps. Tunnel types include MPLSoGRE, MPLSoUDP, VXLAN, and even custom encapsulation types such as your very own unicorn flavor of VXLAN.
Application telemetry is another interesting out of the box feature. The 7170 can peer into the first 128 bytes of a packet as its flowing through the pipeline, and generate SFlow-like information on any values in those first 128 bytes with no impact to system forwarding performance.
Arista also highlighted large scale ACLs and NATs, pointing out that the 7170 has a serious security use case. Both reflexive and stateful ACLs supported, not just simple permit/deny ACL, along with between 100K and 200K NAT sessions depending on platform.
The webinar went on to discuss how the Tofino packet processor works, and including a great deal of detail on the forwarding pipeline that we don’t have time to get into here.