!LTE Equipment Evaluation Considerations Selection Criteria

Embed Size (px)

Citation preview

  • 7/30/2019 !LTE Equipment Evaluation Considerations Selection Criteria

    1/7

    INDUSTRY INSIGHTS

    LTE Equipment Evaluation:

    Considerations and Selection Criteria

    Questions for Operators

    What is the maximum packets

    per second rate that can be

    encrypted/decrypted without

    packet loss?

    What is the average packet size

    required by the network today?

    What PPS will be required to

    handle future network traffic

    needs?

    Recommended Criteria

    Maximum encrypted packets

    per second

    Throughput (Gbps) for

    encrypted traffic at several

    packet sizes

    Average packet size used for

    capacity calculations

    Additional equipment needed

    to sustain line rate

    throughput at a future

    average packet sizes.

    Higher Performance Requirements

    Unfamiliar LTE equipment, increased architecture complexity with small cells, Wi-Fi

    integration, network sharing arrangements, rising subscriber traffic and new OTT

    applications all have created an unpredictable traffic environment for network

    operators. A number of operator network outages have recently been publicized,

    symptoms of network vulnerabilities not previously foreseen by the operator

    despite diligent planning and testing. These outages and the higher uncertainty

    regarding the likelihood of further traffic incidents illustrate how vital it is to

    incorporate additional performance requirements for all LTE network elements.

    As the #1 deployed LTE security aggregation equipment provider, Stoke has

    encountered and overcome specific challenges arising from the new architecture

    and traffic patterns. The following questions, considerations and recommendations

    for operators evaluating LTE network equipment have evolved from this

    deployment experience.

    What is the maximum encrypted PPS?

    Network engineers most often refer to the performance of network devices by

    using the speed of the interfaces expressed in gigabits per second (Gbps).

    Although this is useful and important information, Gbps alone does not adequately

    cover other, perhaps more, important network device performance metrics.

    For LTE network aggregation equipment, where encryption/decryption is needed

    and the device is under a high network load, maximum encrypted Packets per

    Second(PPS) should also be included in performance evaluations.

    The maximum encrypted PPSdefines the equipments packet processing and

    forwarding limits for encrypted (e.g., IPsec) packets. As packets get smaller, the

    packet arrival rate increases and more packets must be simultaneously forwarded

    by the equipment in a given period. Additionally, when IPsec is added, the

    equipment must also manage the processor heavy encryption or decryption duties

  • 7/30/2019 !LTE Equipment Evaluation Considerations Selection Criteria

    2/7

    Stoke, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright 2012 Stoke, Inc. All rights reserved. Lit# 150-0013-001 2

    1Assumes ESP/AES128/SHA1

    When the incoming packet

    arrival rate (packets per second)

    exceeds the processing limits ofthe equipment, packets will be

    dropped or delayed, causing

    retransmission, latency, or jitter."

    before forwarding them.

    Equipment with a higher maximum encrypted PPS can encrypt/decrypt higher

    arrival rates of incoming packets and forward them more quickly, without

    introducing latency or dropping packets.

    Why is maximum PPS an important metric?

    Both Gbps and PPS are performance metrics that impact scalability and cost, and

    should be known by the operator. By identifying the maximum PPS, operators can

    better understand how the equipment will perform under the full range of peak

    traffic conditions and packet sizes found in the network, and how quickly network

    equipment will need to be augmented to sustain network throughput as average

    traffic characteristics change.

    If the incoming packet arrival rate of the packets exceeds the PPS processing limits

    of the equipment, packets will be dropped or delayed, causing retransmission,

    latency, or jitter. Overall throughput will decline and additional capacity required.

    Calculation of Theoretical PPS Standard 10 GigE Interface

    The theoretical maximum packets per second can be quickly calculated from Gbps,

    for a given packet size. In Figure 1, the theoretical packets per second are

    calculated for a 64 byte packet, assuming eight 10GigE interfaces at full capacity

    delivering traffic at 80 Gbps, including encryption and other overhead. Figure 1 is

    simply a mathematical calculation on theoreticalmaximum and does not include

    other equipment design limitations that can impact the actual packets per second

    that an operator would achieve.

    Gigabits per Second 80

    GigaBytes per Second (Gbps/8) 10

    Packet Size (Bytes) 64

    Preamble + InterFrame Gap (Bytes) 20

    IPsec Overhead (Bytes) 58

    Total Bytes per Packet 142

    Total Packets per Second (millions) 70

    Theoretical Packets per Second

    Figure 1. Example PPS calculation, assuming 64B encrypted packet at 80 Gbps.1

    Figure 2 uses the above formula to calculate PPS at multiple packet sizes, both

    encrypted and clear. As shown in Figure 2, at 80 Gbps, the maximum theoretical

    PPS at 64 byte encrypted packets is 70 million. At 1,518 byte encrypted packets,

    only 6 million PPS rate is possible. The impact of IPsec overhead is also clearly

    illustrated. If all 80 gigabits delivered packets were 64 byte packets, 119 million

  • 7/30/2019 !LTE Equipment Evaluation Considerations Selection Criteria

    3/7

    Stoke, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright 2012 Stoke, Inc. All rights reserved. Lit# 150-0013-001 3

    2Theoretical IPSec PPS calculated on 80GigE pipe consisting of 100% of given packet size, with 78B added for encryption (58), IFG (12), and preamble (8). For example:

    80,000,000,000 / ((64 + 20+58) * 8) = 70.4 million PPS for 64 byte (payload) packet. For clear channel, IFG and preamble overhead only are added 20 bytes.

    " the smaller the packets, the

    higher the PPS rate, and

    therefore, the more packets need

    to be forwarded by the

    equipment."

    could be delivered per second if clear (not encrypted), compared to 70 million

    encrypted.

    Figure 2. Theoretical packets per second by packet size, in 80 Gbps2

    As can be seen, the smaller the packets, the higher the PPS rate, and therefore, the

    more packets need to be forwarded by the equipment.

    Example #1: Encrypted PPS Calculation - 17 Gbps Security blade

    Most published data sheets for network nodes state a maximum throughput at a

    specific packet size, but do not provide the maximum encrypted packets per

    second (PPS) rate or Gbps for multiple packet size. However, by applying the

    mathematical calculation described previously, the maximum PPS rate at different

    packet sizes can be estimated, given the published Gbps and packet size for the

    equipment.

    For example, a security blade data sheet for a large infrastructure provider lists a

    maximum throughput of 80 Gbps (8x10 GigE ports) and the maximum encrypted

    (IPsec) throughput of 17 Gbps, assuming a 512 byte average packet size. Using

    the published 17 Gbps as a starting point, Figure 3 shows the calculation for the

    maximum encrypted PPS.

    Security Blade Example #1

    Max. ThroughputMax. IPsec

    Throughput

    Average

    Packet Size

    Calculated Maximum

    Encrypted PPS

  • 7/30/2019 !LTE Equipment Evaluation Considerations Selection Criteria

    4/7

    Stoke, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright 2012 Stoke, Inc. All rights reserved. Lit# 150-0013-001 4

    3ExampleGbps calculation: 3.6 M packets * (384 Bytes + 78B)* 8/1,000,000,000 = 13.3 Gbps

    "If the average packet size of the

    network traffic is smaller than the

    average packet size published in

    equipment datasheets, then

    operators need to adjust

    equipment needed for theexpected capacity requirements

    accordingly."

    80 Gbps 17 Gbps 512 Bytes 3.6 million*

    *Calculation: 17,000,000,000 / ((512+20+58) * 8) = 3,601,694

    Figure 3. Maximum Encrypted PPS estimated from maximum throughput.

    At 17 Gbps maximum IPsec throughput and 512 byte packets, the maximum

    throughput possible is 3.6 million PPS, including encryption and other overhead.

    What is the average packet size required in the network today?

    Operators must evaluate network equipment capacity limits using the average

    packet size needed by the network, not published by the vendor. If the average

    packet size of the network traffic is smaller than the average packet size published

    in equipment datasheets, then operators need to adjust equipment needed for the

    expected capacity requirements accordingly.

    Every operator network is different and average packet sizes can vary even within a

    single network. The example following uses the same security blade parameters

    and shows the impact on throughput if the average packet size is 384B, 256B, or

    64B, rather than the 512 average assumed on the datasheet.

    Example #2: 17 Gbps Security blade Throughput by Packet Size

    Using the security blade example in Figure 2 with a maximum throughput of 17

    Gbps and a maximum PPS of 3.6M, Figure 4 converts the 3.6M PPS to Gbps, at

    three additional average packet sizes.

    Security Blade Example #2

    Maximum Encrypted

    PPSAverage Packet Size

    Estimated

    Throughput3

    3.6 Million

    512 Bytes 17 Gbps

    384 Bytes 13.3 Gbps

    256 Bytes 9.6 Gbps

    64 Bytes 4.1 Gbps

    Figure 4. Conversion of maximum PPS to Gbps, by packet size.

    If the average packet size needed by the network is actually 384 bytes instead of

    512 bytes, then the security blade only provides 13.3 Gbps of capacity, not the 17

    Gbps maximum.

    Example #3: 17 Gbps Security Blade - Capacity Implications of 384B Average

    Figure 5 shows that the throughput and available capacity of the security blade

    (assuming 3.6M PPS, 17 Gbps@512 B packet), will decline 35% when the actual

    network average packet size is 384, not 512 bytes.

    Security Blade Example #3

  • 7/30/2019 !LTE Equipment Evaluation Considerations Selection Criteria

    5/7

    Stoke, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright 2012 Stoke, Inc. All rights reserved. Lit# 150-0013-001 5

    4Source: Journal of Network and Computer Applications, Application classification using packet size distribution and port association.

    "As more real-time services are

    used in LTE networks, average

    packet size carried by the

    network will be smaller. Network

    aggregation nodes will need

    ultra-fast encryption/decryption

    to minimize latency and prevent a

    poor user experience."

    PPS Average Packet Size Throughput Capacity Impact

    3.6 M512 Bytes 17 Gbps -

    384 Bytes 13.3 Gbps 35%

    Figure 5. Example - Decline in capacity with actual average packet size of 384B

    In order to sustain the original 17 Gbps throughput, an additional blade (or

    chassis) would need to be added.

    If the actual network average packet size is different than the average used to

    calculate published Gbps, or if it changes over time, additional equipment can, of

    course, be added to augment throughput capacity. However, adding equipment

    increases costs for equipment as well as for power, space, and maintenance.

    Clearly, PPS and throughput by packet size are important metrics for accurate

    network dimensioning.

    What PPS rate will future network traffic require?

    Increase in demand, changes in mix of device types and applications used, as well

    as integration of voice will increase peak loads and decrease average packet size.

    This in turn, increases the packet arrival rate or packets per second that network

    equipment needs to process.

    With VoLTE and other real time services, any performance delays in the network

    are very noticeable by the subscriber. Therefore, the latency requirements for real-

    time services are higher than for browsing or file downloads. As more real-time

    services are used in LTE networks, average packet size carried by the network will

    be smaller. Network aggregation nodes will need ultra-fast encryption/decryption

    to minimize latency and prevent a poor user experience. Figure 6 shows typical

    packet sizes for mobile applications.

    Mobile Broadband Applications4 Typical Packet Sizes

    VoIP / VoLTE 64B

    Video Streaming (mobile) 256B

    Web Browsing (HTTP) 384B

    File Download/share 512-1,518B

    Figure 6. Typical packet sizes for common applications.

    Mobile network traffic, of course, includes a mix of all of these applications, and

    the average network traffic composition is unlikely to ever be only one application

    type. However, mobile broadband traffic can surge or spike on any number ofevents or applications, making peak traffic at any specific location at any given

    time quite different than the typical network average. Equipment that provides

    higher PPS can provide additional insurance against such extreme network

  • 7/30/2019 !LTE Equipment Evaluation Considerations Selection Criteria

    6/7

    Stoke, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright 2012 Stoke, Inc. All rights reserved. Lit# 150-0013-001 6

    5Source: Allot Mobile Trends Report

    "When voice traffic is increased

    by an additional 7% of total

    traffic, average packet size drops

    25%"

    conditions.

    Will VoLTE decrease average packet size?

    VoLTE is a small part of mobile broadband traffic today, but the shift to

    incorporate voice is happening quickly. Over the last year, VoLTE has seen usage

    growth rates of 101%, and most operators expect to offer VoLTE in the next 1-2

    years.5 VoLTE does not need to be a large percentage of the total traffic to have

    an impact on average packet size. When voice traffic is increased by just anadditional 7% of total traffic, average packet size drops 25%, from 512 to 384

    bytes (Figure 7).

    Figure 7. 7% more voice decreases average packet size by 25%

    Operators planning for near term scalability will have to consider the additional

    capacity requirements that VoLTE will have on LTE aggregation nodes and other

    equipment.

    Recommended Evaluation Criteria

    As operators prepare RFPs or conduct other LTE equipment evaluations, they

    should include packets per second as part of their evaluative criteria and carefully

    consider how well the equipment will perform and scale under future network

    traffic conditions, such as changes in average packet size.

    Figure 8 illustrates the performance impact of maximum packets per second rate

    as packets get smaller, using the security blade example. If the average packet

    size decreases from 512 to 384, throughput declines 35%. The performance limits

  • 7/30/2019 !LTE Equipment Evaluation Considerations Selection Criteria

    7/7

    Stoke, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright 2012 Stoke, Inc. All rights reserved. Lit# 150-0013-001 7

    6In RFC 2544, the IETF recommends that seven standard frame sizes (64, 128, 256, 512, 1024, 1280 and 1518 byte) be tested multiple times, for a specified length of time.

    This is because all these frame sizes are used in the network and so the results for each must be known. http://www.ietf.org/rfc/rfc2544.txt

    "As operators prepare RFPs or

    conduct other LTE equipment

    evaluations, they should include

    packets per second as part of

    their evaluative criteria"

    of the equipment can be defined at 64 bytes, where throughput declines as 75%.

    Figure 8. Maximum PPS reveals the performance limits of the equipment.

    To fully evaluate the scalability and performance of LTE security gateway

    equipment, the following specifications should be requested from vendors:

    Maximum (encrypted/IPsec) packets per second

    Throughput (Gbps) for encrypted traffic at several packet sizes, including

    the highest (1518B), lowest (64B) and midrange (512B)6

    Average packet size used by vendor for quoted throughput and PPS

    capacity numbers

    Additional equipment needed to sustain line rate throughput at a smaller

    packet size.