High-end networking gear from Hewlett-Packard and Extreme Networks prove their enterprise worth in a grueling gauntlet challenge
Two years ago, 10 Gig meant screaming along the bleeding edge with your hair on fire. The speed was there, but achieving it was a black art requiring network performance knowledge, driver tweaking, and OS tuning.
Rumor has it this is no longer the case; 10 Gig has grown up with enough reliability and manageability to make it a good citizen in any enterprise datacenter.
This evolution is a boon to growing enterprise datacenters — and not just those with more than 10,000 users. Advanced storage networking is a key application for 10GbE, tantalizing to enterprises of any size. Moveover, the increasing reliance on rich streaming media, such as video and voice, is pushing the demand for 10GbE into the mainstream.
To find out just how enterprise-ready 10GbE has become, we invited eight vendors to participate in our latest 10-Gig shootout at the Advanced Network Computing Lab (ANCL) at the University of Hawaii School of Ocean and Earth Science and Technology.
Of the eight, three agreed to participate: Cisco, Extreme Networks, and Hewlett-Packard. We worked with all three vendors for several months prior to the test, gathering data for two test suites. The first was a primary baseline set of tests that all the vendors had to complete, including a triple-play test assessing video, voice, and data transfer speeds. We also offered an optional suite where vendors could run additional tests that we provided or design tests in conjunction with our lab staff to showcase unique features.
Critical to our test was gear provided by Spirent, including the TestCenter 5000A, the company’s next-generation core network testing tool, and the Abacus, a VoIP traffic emulator and quality quantifier.
Everything was copasetic until three days before Cisco was to show up — which is when company reps decided to call and cancel, instantly awarding themselves the Super Weenie trophy for this test. Frankly, however, InfoWorld has never had luck getting Cisco to participate in directly comparative reviews.
Even with Cisco slinking away at the last second, clear trends emerged in our examination of the Extreme and HP solutions. Until even just a year or so ago, managing voice and video over your production data network remained a black art. Although QoS was a mature technology, managing multiple queues over a wide, distributed network still left a lot of room for error and expertise. The new management suites we encountered in this round of 10-Gig competitors, however, have taken triple-play management and have made it workable for mere mortals. Using today’s 10-Gig solutions means you no longer need to be afraid of running voice across your data network.
We’ve tested various switching solutions from Extreme Networks in our 10 years at ANCL, and we’ve basically watched the company evolve from a bleeding-edge startup to one of the most reliable manufacturers of truly high-speed switching infrastructure.
That’s not to say that HP’s solution was unpolished: Setting up an advanced switching topology in what amounts to a single day is a solid achievement for any platform. But Extreme really nailed it. These products clicked together like well-oiled machines — so well that we were completely through our baseline testing on the very first day.
And Extreme didn’t skimp in the equipment department, either. Cores came in the form of the behemoth BlackDiamond 10808. The reason for bringing these massive chassis was obvious: Extreme designed this model from the ground up as an all-10GbE switch. The 10808 has it all: an ultrafast switching fabric capable of about 1.28Tbps of capacity via a high-performance custom programmable ASIC architecture, support for as many as 480 10/100/1000 (or 480 fiber 1GbE ports) or as many as 48 10GbE ports.
Finally, there’s the simple, pleasing hardware of the 10808. If you can get past the fact that Hulk Hogan could throw his back out trying to move the thing, you’ll find that all this weight has advantages, namely support for redundancy at every turn: power supplies, management cards, line cards, the works. Additionally, the prospect of tossing in extra-large power supplies is valuable to those looking to deploy PoE (Power of Ethernet) further down the line, similar to HP’s equipment.
For the edge, Extreme brought the BlackDiamond 8810. Whereas HP likes to keep much of its switching intelligence at the edge, Extreme very much prefers to do it at the core — hence the 10808’s advanced ASIC architecture, which is not to be found on the 8810; the edge switch definitely takes its cues from big daddy. At its intended chore, port distribution, however, the 8810 has few peers. The box can handle as much as 570Mbps worth of throughput and can take as many as 432 Gigabit ports or 36 10-Gig ports per chassis.
But Extreme’s greatest advantage, next to the purple hue of its hardware, is its switch operating system, called EXOS (ExtremeXOS). Extreme made the move to an embedded Linux operating system several years ago, and it was a smart play. Extreme has optimized EXOS for multicast and voice applications with full routing capabilities. Furthermore, Extreme has enabled these functions to run on dedicated ASIC silicon, allowing the switch to process packets with little or no overhead load. The switch is a security monger, too, with a rules-based threat detection and response engine, attack throttling, and 802.1x authentication support across the entire switching fabric, and even an optional add-on security device, called the Sentriant.
A few notable features of EXOS include the new Clear-Flow rules-based monitoring engine, the universal port manager capable of accessing non-Extreme gear, and a flexible set of XML-based APIs for OS customization or integration of third-party software packages. The company also has gone to significant trouble to provide a highly functional management console in the form of EpiCenter. Although our BlackDiamonds had a limited Web-based management GUI, EpiCenter is a dedicated, optional fat-client management package that acts as a rules and policy hub for an entire Extreme installation.
Extreme’s APIs enable third-party software manufacturers to design powerful add-ons to the Extreme line reaching from the management console all the way to the switch ASIC. One company that’s taken Extreme up on this offer, Avaya, has dovetailed its VoIP management console into EpiCenter. This combination offers far more than the usual set of VoIP QoS management features.
Testing went largely as expected. As did HP’s, the Extreme machines took everything our Spirent TestCenters tossed at them with a smile. The fun stuff didn’t start until we began our optional testing. First, Extreme insisted on doing some fail-over testing, dropping links in the midst of traffic transmissions with nary a bit escaping. Then the company reps demonstrated a real nifty capability: a hitless upgrade process. After a new firmware image has been uploaded, entering a simple command using TFTP (Trivial FTP) flops you between redundant MSM switch processors without a glitch in video and voice streams. This capability allows one ASIC to be upgraded while the other one works — no downtime.
During Interop Labs sessions at NetWorld+Interop, we saw the Extreme manage a self-defending network scenario similar to the one we threw at the HP. Nevertheless, the company elected not to tackle this part of our optional testing. More disappointing, it didn’t want us testing its Sentriant appliance that way. A dedicated threat responder, the appliance worked well during the Interop show but couldn’t play with the ThreatEx due to incompatibilities with its implementation of TCP/IP.
Even so, Extreme really showed us something with the overall test. The BlackDiamond line continues to impress us as a state-of-the-art switching infrastructure that has few peers. BlackDiamonds can function in any high-performance switching environment, from the carrier-class situations to corporate datacenters, and you’ll find specific optimizing features for each.
For years, HP’s ProCurve marketing department has been fairly quiet. If you think of ProCurve at all, it’s mostly for edge switches and branch-office connectivity. Well, HP is out to change that image — with a vengeance. The ProCurve equipment that showed up to compete in this 10-Gig showdown combined all the cutting-edge technology you’d expect with a clear focus on the enterprise and only the enterprise. You won’t see ProCurve advertising aimed at telco switching racks.
HP brought an interesting array of complementary products to our test. Core switching was handled by two 4U 5406zl Intelligent Edge chassis. The 5406zl is the second-largest chassis in the ProCurve line, but the pair sufficed for our tests. Each chassis was equipped with four four-port 10GbE modules and a single 24-port 10/100/1000 premium line interface card, as well as its own 5400-series management module.
HP deems the line interface card “premium,” apparently for its support of PoE. The company showed off this capability by also bringing along its ProCurve Wireless Access Point 520wl and its Mobility Management software platform. To support its PoE intentions, HP had to equip the 5406zl with a powerful enough power supply, choosing for this task an 875-watt number that was placed in both cores. HP rates the 5406zl with an overall backplane throughput capability of 628Gbps.
The 5406zl’s management card deserves special mention, as HP has gone to considerable trouble to make it smart as well as competitive. A separate 667MHz PowerPC CPU runs the card along with between 256MB and 1GB worth of dedicated RAM. The card can manage multiple configurations via a handy Compact Flash card interface and even filter them on to other switches in the chain. A standard RS-232 console port is included, but there’s also a USB port on the card that HP claims will assume console duties in future releases of the management software.
HP has built a wide variety of expansion cards for the 5400 series chassis. Multiple 10GbE card configurations are supported by both fiber and copper 10/100/1000 cards with and without PoE. Power supplies can be had in either 875- or 1,550-watt versions, and the switch can support single- or dual-power supply configurations. All this to afford admins as much flexibility as possible in configuring downstream PoE devices. Should all the power generate too much heat, there’s also an optional hot-swappable fan module with four variable-speed fans.
All our 10GbE entries, even those from our previous shootout, position their products primarily via a customized ASIC architecture; HP is no exception. HP’s is called the ProVision ASIC, and what sets it apart from the competition here is that it’s been designed solely with enterprise switching duties in mind. There is no optimization here for telecom switch rack chores. Instead, ProVision marries performance to a very flexible and management-heavy software architecture — and frankly, it works.
HP’s management platform is called the ProCurve Manager, and it comes in two flavors: a freebie of the same name and a premium version that gets Plus tacked to the end of its title. The free version is actually surprisingly robust, including topology discovery and full event notification. For our tests, we used the Plus version, which also offers identity management and wireless capabilities.
The optional IdM (Identity Management) module is a truly nifty security bonus. It allows admins to apply individual or group access security across all compatible network infrastructures from the ProCurve Manager console. IdM is backed by a RADIUS server, and although it has limited use for end-users at this point, it certainly has potential in future releases.
In testing, the ProCurve solution performed excellently. HP deliberately sent just what it needed to complete our tests in order to keep its as-tested pricing as low as possible. Yet, after its engineers managed to get the ProCurve hardware talking to our Spirent TestCenter infrastructure, its performance numbers were excellent and nearly identical to those of the much higher-priced Extreme entry.
Basic throughput produced a line rate of just less than 99 percent due to some unavoidable traffic overhead because our testing scenario requires packet tagging. Our voice, video, and data tests clearly showed the ProCurve solution was capable of protecting high-priority traffic streams during oversubscription conditions while maintaining acceptable video playback and solid VoIP call-quality scores.
On our optional tests, HP chose to run our self-defending network gauntlet. We released a Nimbda worm from a couple of end points on the network using Spirent’s ThreatEx testing gear. Almost immediately, ProCurve Manager posted an event alert while locating the offending MAC addresses and shutting them down. That’s an important distinction because some architectures would simply cut off the entire port in this scenario. Do that, however, and another user in the midst of a VoIP call, for example, might well get cut off. By scoping and sniping down to the MAC address level, ProCurve’s network defense ensures that it’s nuking only offenders, not innocent digital bystanders.
Overall, HP’s ProCurve truly impressed us as a viable 10GbE solution for enterprises of any size. The company is highly motivated to make this point, and it shows not only in its pricing but in its close attention to features, as well as its integration of various technologies, including PoE, WLAN switching, and identity management. The fact that HP backs all this up with various lifetime warranties over 95 percent of its switching product line doesn’t hurt.
Ready to make the 10-gig switch
Comparing the Extreme and HP solutions directly, we were struck by several things. First, line-rate, bit-blasting performance was very similar. Our Spirent TestCenter performance tests deliberately used typical corporate data sets and data patterns, as well as a typical load. Both families of switching products handed in performance numbers that were very similar. That tells us that 10-Gig switch engineering has matured quite a bit over the large variances in 10-Gig performance that we used to see.
Next we noticed price. Extreme’s solution was a multiple of HP’s in terms of cost. Partially, that’s because Extreme paid close attention to our RFP scenario, based on requirements at the University of Hawaii. The equipment the company brought was enough to scale to that real-world user load. HP, on the other hand, glossed over that part of the invitation and brought along only enough equipment to complete our performance tests. Although the solution HP brought would not have been capable of handling the large-scale scenario in our RFP, HP’s larger chassis probably would have.
But another aspect of the cost issue is focus: HP is entirely focused on the enterprise and capturing new customers there. Extreme builds excellent products for use in any situation. HP is building ProCurve products specifically for enterprise use, not carriers, and with a decidedly corporate spin on pricing, support, and warranty policies. Overall, for enterprise scenarios with typical requirements and tight budgets, we’d recommend the ProCurve platform. These customers will get an excellent value, solid performance, and quite a bit of new innovation that HP has planned for this platform down the road.
For enterprises with exceptional traffic loads and topology requirements, on the other hand, we can’t recommend Extreme’s BlackDiamond enough. Whether it’s tricky or indicative of ultraheavy loads, these switches can handle it.
As far as 10 Gig in the enterprise goes, it’s no longer about blasting bits; it’s about the additional hardware and software synergies that vendors are building into their switching lines. These include many of the features we tested during our optional tests, including identity management, attack detection and throttling, intrusion detection and prevention, and noticeably more intelligent and automated management.
Please click here for a PDF of the complete features comparison table.
Overall Score (100%)
|Extreme BlackDiamond 10808 and 8810||9.0||9.0||8.0||8.0||7.0|
|HP ProCurve 5406zl and 3500yl Intelligent Edge||9.0||7.0||8.0||8.0||8.0|
Windows 7 is suddenly telling users it isn't genuine -- and it has nothing to do with Windows being...
Windows users are reporting significant problems with four more October Black Tuesday patches
The larger design is very welcome, but there's much more to the iPhone 6 than a bigger screen
Sponsored by Rackspace
Sponsored by Nuage Networks
Sponsored by Fibre Channel Industry Association
Trust and IT go hand in hand. Here are the red flags to watch for before you get burned
The new flagship Samsung Android smartphones are surprisingly elegant and thoughtfully designed ...
Remote power control, automated network testing, and plenty of error checking are almost as good as...
After migrating one of the world's largest e-commerce operations to OpenStack last year, Walmart's...