Barefoot Networks is big in the programmable networking space, known for their Tofino chip as well as the P4 programming language. In this briefing, Barefoot announced Barefoot Deep Insight, a network monitoring system they claim goes deep on every packet in the network. Listen to Ethan Banks’ take via the embedded player above.
Why Is This Interesting?
Analyzing every packet in the network is increasingly difficult as networks get both larger and faster. Network telemetry is a significant use case for Barefoot customers who want to know all the things, which led to Deep Insight being developed.
Deep Insight uses the P4 data plane plus in-band network telemetry (INT), providing line rate monitoring with nanosecond accuracy, because all of the data is coming right off the switching chip in real-time. Which chip? Tofino for now, but Barefoot reports that there are smart NIC vendors with INT coming, plus some interest in INT at the hypervisor edge in software switches.
Paired with the telemetry coming off of the INT data sources, Barefoot has created Deep Insight Analytic Software that performs real-time anomaly detection and ML based analytics, via a microservices-based architecture. The analytics software performance can be scaled out cheaply, running on commodity hardware. Most customers start with one server, and then add a few more servers as they increase the amount of data they wish to monitor.
The primary use case for Deep Insight’s ingestion of INT metadata was microburst detection to find out which flows are creating congestion, and which flows were victimized by the situation. With this tool, you can drill into microsecond level of detail to pinpoint a specific event, which you just can’t do with an SNMP poller.
Another use case was to identify in an NFV/SDN network stack where a latency spike was occurring. Was it a hardware switch? Software component? Etc.
Yet another application for Deep Insight is for the hottest marketing buzzword in the valley, Intent Based Networking. Analysis of INT could be a way to close the loop, verifying that a packet as it flowed through the network was indeed compliant with customer intent.