Pluribus Plugs Cloud Fabric into NVIDIA DPUs

Chipcolor2

By: R. Scott Raynovich


In a significant announcement that highlights the potential for the integration of open networking with data processing units (DPUs), Pluribus Networks today unveiled an expanded architecture for its software-defined fabric networking solution that includes integration with the NVIDIA Bluefield-2 DPU.

Pluribus made the announcement as part of the launch of its Unified Cloud Networking architecture and the new Unified Cloud Fabric, which is the next generation of their widely deployed Adaptive Cloud Fabric.

The Unified Cloud Fabric is powered by the Pluribus Netvisor ONE network operating system (NOS), which recently added support for 400-Gbit/s Ethernet switches as well as visibility for Kubernetes workloads and now has been ported to the NVIDIA Bluefield-2 DPU. The company says the new architecture will deliver better scale and performance by creating a secure, distributed networking fabric with high-performance and scale delivered with DPUs.

Why DPUs Matter

The tie-up of the Pluribus NOS with NVDIA’s DPUs looks especially powerful for delivering secure datacenter networking fabrics. Let’s examine why.

Many industry pundits, including me, believe that as applications become more distributed, the networking and security functions need to be distributed out to the host. This has traditionally been done using host CPUs with software-based virtual firewalls and hypervisor-based networking functions, which consume a significant percentage of the CPUs, resulting in slow performance.

DPUs are special processors that sit on a network interface card (NIC) and can be used to offload processing for networking and security tasks from the servers. By combining a software-defined NOS from Pluribus with hardware acceleration from NVIDIA DPUs, the two companies believe they can build a more advanced networking system that can instantly set up a secure, distributed, high-performance networking fabric. This could also reduce capital outlay in datacenters by reducing the need for more servers or security appliances.

Both Pluribus and NVIDIA (Nasdaq: NVDA) point out that the DPU use case is particularly suited for networking and security tasks such as software-defined networking (SDN) automation, microsegmentation, distributed firewalls, and encryption, all of which are often server intensive. The DPUs deliver built-in hardware accelerators for zero-trust security, automation, and network packet visibility.

The other benefit of this DPU-based architecture is that it creates a clean demarcation between DevOps and NetOps, where networking and security are running on the DPU isolated from the host CPUs. So DevOps does what they do best, focusing on servers and revenue-generating applications, and the NetOps team fully controls the network because they “own” managing the software running on the network and security services delivered by the DPU.

“The advancements that Pluribus has made to its architecture in the past year reinforces that we are truly the Unified Cloud Networking company,” said Kumar Srikantan, CEO, Pluribus Networks. “Pluribus solutions significantly reduce complexity and enable enterprises and service providers to take full advantage of the distributed multi-cloud era.”

NVIDIA Collaboration Expands Market

In the past, one of the arguments against DPUs was that they add cost to the network, but at the same time they can deliver capital efficiency by lowering the need to add servers. With large cloud providers such as Amazon Web Services (AWS) and Microsoft Azure moving to DPUs recently, it’s clear the market is beginning to accept the notion that this architecture may be the way to go.

The NVIDIA partnership is clearly a big deal for Pluribus Networks, which is one of the pioneers in the SDN market. It has recently been making strides in the enterprise networking market in addition to delivering its NOS to service providers worldwide, but the visibility of the NVIDIA partnership could propel it to a new level in larger datacenters.

Pluribus already has a number of customers committed to their early field trial (EFT), including CtrlS, one of the largest tier 2 cloud providers in APAC; STE/iDirect, which is building advanced, virtualized ground stations for next- generation satellite constellations; and Hyperion Lab, which is focused with startup partners on developing green AI and HPC solutions.

NVIDIA meanwhile has been making large strategic bets on networking that are positioning it to take on datacenter networking giants such as Arista Networks (NYSE: ANET) and Cisco (Nasdaq: CSCO).

CEO Jensen Huang has commented publicly that specific emerging intelligent datacenters will require DPUs to offload some of the networking and security processing from server chips. The DPU, which acts as a network accelerator, sits on the NIC and can process networking, storage, and security tasks using programmable chips.

NVIDIA launched its BlueField-2 DPU in 2020, basing it on technologies acquired with Mellanox that same year, and claims it can offload the processing power of 125 CPUs. Huang has described it as a “datacenter infrastructure processing chip” comprising “accelerators for networking, storage, and security and programmable Arm CPUs to offload the hypervisor.”

All of this may indicate that the DPU market is getting real. In addition to AWS building its own DPUs, startups such as Fungible and Pensando have built products designed to offload processing from CPUs.

Pluribus Pumps Up “Controllerless” SDN

The new architecture and partnership with NVIDIA also show that Pluribus has carved out a unique position with its Unified Cloud Fabric architecture by pursuing a “controllerless” architecture. SDN reduces the operational complexity of deploying a new network service or security policy across a large fabric, often by multiple orders of magnitude. However, many early SDN implementations required organizations to deploy NOS instances on individual networking devices, along with a “controller” that could send instructions for configurations and automation. The critique of networking controllers is that they can become a point of failure as well as increase costs and overall complexity.

From the beginning, Pluribus’ unique position was that each NOS should act as its own SDN controller. Pluribus says that this enables customers to build distributed networking fabrics on demand by simply adding new networking devices running Netvisor ONE, which provides a scalable and cost-efficient fabric solution.

Microsegmentation and Security Use Cases

The Pluribus Unified Cloud Fabric includes full SDN-automated routing and switching and has added-in security features, including a simplified scheme for microsegmentation and a built-in firewall that will be tested as part of the ETF.

Initial use cases for the Unified Cloud Fabric architecture include SDN-automated unified network fabrics with distributed security services, including microsegmentation, distributed firewalls, and network visibility.

According to Pluribus, the Unified Cloud Networking architecture and Unified Cloud Fabric will include:

  • Unified and simplified cloud networks. A distributed NOS can lower operational complexity and cost by delivering a consistent network operations model across underlay (physical) and overlay (virtual) networks, across switches and servers and across heterogeneous, distributed clouds.
  • Distributed security without compromises. Pluribus says that by using DPUs to build security into high-performance servers, it can deliver fine-grained microsegmentation and distributed stateful firewalls with substantially better performance and lower total cost of ownership compared to hardware appliances or purely software-based solutions.
  • Pervasive visibility. The Unified Cloud Fabric includes built-in application-aware visibility and analytics for every application and every traffic flow, improving proactive trouble detection and resolution, while eliminating the extra cost and incomplete coverage of separate monitoring networks.
  • SDN-enabled automation. Pluribus points out that controllerless SDN automation can be used to enable network operations teams to manage highly distributed networks with thousands of DPUs and other network endpoints, while avoiding the challenges of integrating third-party automation tools or building and maintaining do-it-yourself (DIY) scripts.

The company says that its EFT for Unified Cloud Networking will start May 1st, 2022, and it encourages customers to register at https://www.pluribusnetworks.com/EFT.