Disaggregation is a common topic in datacenter and telco cloud discussions. While most of the conversation is focused on the emergence of white box solutions, this really only represents half of the disaggregation dialogue.
The software in hardware-software disaggregation
When it comes to disaggregation, our industry is focused pretty squarely on the software. The emergence of white box solutions, while seemingly focused on the hardware, is really more about the software.
In a typical white box model, the hardware is reduced to commodity parts (typically based on Broadcom silicon, but the definition should expand to include other merchant silicon offerings over time). With the hardware reduced to the lowest common denominator, the software becomes the point of interest.
In this model, Junos is actually well-positioned to be the feature-rich network operating system that runs on these commodity hardware platforms inside datacenters, across the WAN, or inside the telco cloud.
The hardware in hardware-software disaggregation
But while the portable OS has dominated the disaggregation discussion, the other half of that equation is actually worth paying attention to.
Imagine settling on a set of software and then developing portable alternatives to the hardware. For instance, what if people could pick the portable OS of choice and then leverage more than just Broadcom silicon?
Juniper, for instance, has been able to produce custom silicon that can provide critical features for various customer use cases. And have been working on building out an open and extensible interface to that hardware, which would basically allow third-party software to run on Juniper hardware.
It’s disaggregation—just flipped on its head.
Forwarding software and Hardware Abstraction
Before we delve into the details, let’s explore a high-level view of what is required to build a router or switch. Operationally, routers and switches have these major layers:
Management plane, which enables configuration and operations
Control plane, which runs all the routing protocols, interface management etc.
Data plane, which includes software and hardware required for traffic forwarding
Forwarding Software in a Network Element
Breaking this down further, within the data plane there are three components:
ASICs that do the actual packet forwarding job of receiving, processing and transmitting
FIB tables that the ASICs use to do lookups
Forwarding software that interacts with the control plane and programs the FIB with the forwarding elements that the ASIC can look up
A major aspect of forwarding software is to abstract the ASIC specific FIB programming from the control plane. Juniper’s forwarding software is designed and implemented to achieve this across a variety of custom and merchant ASICs and also effectively leverage the ASIC capabilities to extract maximum scale and performance from the silicon.
Juniper Forwarding Interface
A forwarding topology is a series of connected forwarding elements. These forwarding elements can be broadly classified into lookup tables and actions.
Juniper Forwarding Interface is the API that Juniper forwarding software provides to the control plane to configure, connect and manage these forwarding elements over its ASICs.
Juniper Forwarding Interface
Need for Open Forwarding APIs
The forwarding APIs vary across different vendor implementations. Because each silicon design is different, there is no standardized low-level APIs available that can work consistently on all ASICs.
Open forwarding APIs provide a mechanism for a custom control plane to be written on top of Juniper ASICs. Any third-party network operating system can interface with Juniper ASICs. Customers who have developed their own control plane can leverage the open APIs to integrate with Juniper switches and router hardware. And third-party vendors who want to provide the control plane without having to invest hundreds of millions of dollars in silicon development for high-end use cases can leverage Juniper hardware.
Use cases for Forwarding APIs
Juniper Forwarding APIs additionally provide a powerful capability to be able to program forwarding slices. Customers can carve out slices of forwarding state, and run an independent control plane in each slice. This provides flexibility to the customers to program their own control plane for a cross section of the ports, such as their backplane. The rest of the hardware can run Junos.
Forwarding slices provide the ability to implement a feature that is not supported in Junos yet but could be very compelling. For example, EVPN signaled VPWS with Flexible Cross Connect is a feature that did not exist in Junos previously. The forwarding implementation for this feature was done using the Advanced Forwarding Toolkit (AFT) and was demonstrated at the P4 Summit in Stanford. The relevant IETF draft was published just a month before, thus unlocking capabilities in the silicon without going through an expansive development cycle.
Forwarding APIs also provide the ability to attach monitors, such as counters, to the existing forwarding topology at runtime. This is very useful for operational aspects of the network devices. For instance, operators can dynamically spin up counters during debug.
With the primary intent of providing forwarding APIs, we have modernized the forwarding software. We call this the Advanced Forwarding Toolkit (AFT for short). AFT provides the PFE APIs that will be used by the control plane. And, very importantly, Junos uses the same set of APIs that third-party software would. If the APIs are good enough for third-party development, they are good enough for our engineering teams.
AFT - Advanced Forwarding Toolkit
AFT provides a programming model that involves three main elements:
A sandbox is essentially a walled area within a forwarding path. AFT Clients can program forwarding paths within this sandbox.
Basic forwarding path elements in AFT are called nodes. Different nodes may vary in their complexity and connection options. Example of nodes are tables, trees, lookups and conditionals.
AFT Node Entries
Node entries are the individual matches in a lookup node. Entries are the individual match elements for a particular container. Examples are route entries, port entries.
AFT provides forwarding APIs that can be used to setup sandboxes, nodes, and entries required for a forwarding topology. These APIs are provided as a library.
AFT APIs as a library
Workflow with AFT
Using AFT API is fairly straightforward. The AFT API library is published in GitHub (https://github.com/Juniper/AFI). Customers can build specific clients by using this library and adding their implementation. These clients can talk to the AFT server that runs on Juniper hardware.
Workflow with AFT
There are several ongoing industry efforts to standardize the APIs for forwarding plane programming. These efforts include SAI, Openflow, P4, and so on. AFT is designed to provide low level of forwarding constructs and can be used to address any and all use cases that the underlying ASICs can support. These APIs can be adapted to implement any higher-level abstractions that are seen in the other industry standards. Basically, as these other standards emerge, they will plug directly into AFT. More directly, we are not competing with those efforts—we see these as complementary initiatives.
Using Forwarding APIs to support SAI, P4, etc...
Hardware-software disaggregation is about flexibility, choice, and economics. There are many options for software, hardware and silicon to choose from. The Juniper Forwarding Interface provides APIs into the forwarding plane of Juniper routers and switches. At the heart of this is an advanced forwarding toolkit, called AFT that provides a programming model to configure and connect forwarding elements. These APIs allow users to be able to directly interface with the forwarding plane and create customized network elements.
Essentially, Juniper is completing the other half of hardware-software disaggregation. We fundamentally believe that customers should have choice. And we would like to extend that choice down into the silicon to complement the work already happening on the portable OS side.