Sustaining wire-speed 400 GbE transfers is only a first step in managing enterprise traffic. Adding rules-based filtering to sift packets in real time can stress most networking hardware to a breaking point, slowing down an entire network. Architects are trying to spread these loads, distributing intelligent traffic management away from high-end firewalls and other appliances toward endpoints where traffic originates – but 400 GbE hardware with an integrated rules engine hasn’t scaled down easily. Achronix has a solution building on its Speedster7t FPGA integrating a 400 GbE packet interface, PCIe Gen 5, a flow processor with a rules engine, and room left for customer logic to differentiate 400 GbE SmartNIC designs.
All the pieces needed for a 400 GbE SmartNIC in one FPGA
Transceivers capable of 400 GbE are popping up on more than one high-end FPGA. But the problem of creating suitable “plumbing” in an FPGA for 400 GbE is often left as an exercise for the reader. Two projects within Achronix, with help from its acquisition of Accolade IP and expertise in September 2022, have thought through the entire IP chain and are coming together for a complete solution under the Achronix Network Infrastructure Code (ANIC) banner.
“We don’t think anyone has 400 GbE with this type of flow processing and rules engine for an endpoint right now,” says Scott Schweitzer, CISSP, Director of SmartNIC Product Planning at Achronix. It starts with enabling technology – the ANIC Shell, an Ethernet packet-flow pipeline in RTL. This project dates back to 100 GbE and PCIe Gen 3 technology, concentrating on FIFOs, parsing, and DMA elements needed to keep packets moving smoothly. In a Speedster 7t, over half of the logic remains available for customers.
Next came moving from the shell to the complete ANIC for a 400 GbE SmartNIC with the flow processor and rules engine, still with around 50% of the Speedster7t logic left.
Bumping ANIC up to 400 GbE might look easy from this diagram, but Schweitzer points out two points in the chain needing specific attention. “To get to a host at 400 Gb, we needed every bit of PCIe performance we could get – 16 lanes of PCIe 5 keeps the DMA engine fed,” says Schweitzer. “We also needed faster memory for the DMA and FIFO, and four channels of GDDR6 on each side got us there.
Visualized in the Speedster7t footprint, the ANIC looks like this. Note these are all optimized IP blocks with verified closed timing at speed.
Opening new possibilities for intelligent traffic management
ANIC forms a foundation for SmartNIC development, allowing customers to define packet shaping and traffic management capabilities in endpoint-scale hardware running at 400 GbE SmartNIC speeds. Customers gain faster time-to-market and control over customization of the ANIC IP and their value-add logic. Duplicating or de-duplicating packets, running local key-value stores, and other operations are possible on packet streams using SmartNICs.
Network security improves with intelligent traffic management for both receive and transmit, but SmartNICs have traditionally applied policies only on receive. ANIC enables policies to be applied to both received and transmitted data. “Let’s say one night, there’s an application server suddenly generating unusual volumes of traffic at 2 am when nobody should be working,” Schweitzer begins an anecdote. “In a conventional enterprise networking architecture, the increased traffic would reach an appliance like a high-performance firewall, and it would have to have the proper rules to stop the packets. By moving those same rules out to a 400 GbE SmartNIC with ANIC IP installed in the application server, the suspicious traffic never leaves it, preventing propagation and reducing the load on the network.”
Artificial intelligence (AI) also looms large on the scale of ANIC possibilities. Machine learning processors (MLPs) in the Speedster7t could learn and deploy ANIC rules by observing SmartNIC traffic patterns before network security teams notice a vulnerability. Endpoint-native learning could also drive a virtual, distributed, intelligent load balancer, offloading traffic to other platforms if concentrated traffic patterns emerge.
Achronix is putting a solid effort into ensuring its high-performance Speedster7t FPGA is ready for advanced real-world applications. A 400 GbE SmartNIC is just one possible use case for the Speedster7t – and it’s a good one since few other approaches can achieve the same results. We’d expect customer innovation to take over with a range of differentiated solutions built on 400 GbE ANIC IP.
Learn more in the Achronix press release:
Achronix Pushes the Boundaries of Networking with 400 GbE and PCIe Gen 5.0 for SmartNICs