Is there anything real anymore? Virtual servers, virtual desktops, cloud storage -- what happened to good old steel boxes you could set a user's manual on? Oh wait, even documentation is software now. Is it too much to ask for a 2U chassis that pumps out 2,000 BTUs while forcing anyone nearby to don ear protection from its jet-engine cooling fans?
WAN acceleration and optimization appliances joined the virtual age a short while ago, but there always seemed to be issues with capacity and performance when compared to a high-powered physical appliance. Stuffing a WAN acceleration appliance, with its need for lots of disk I/O operations and network bandwidth, into a virtual host also running file, print, and database servers didn't seem like a good fit.
One company that has overcome the fit and performance issues is Silver Peak with its VX and VRX virtual machines. Silver Peak has been able to spin the same feature set and performance of its physical appliances into virtual appliances. The VX and VRX appliances span a wide range of WAN capacity and TCP connections, from 2Mbps up to 1Gbps. There's even a limited capacity (but full featured) free version. The VX and VRX appliances run on a variety of hypervisors and can be part of a fault-tolerant redundant system for maximum uptime.
Download and go
I tested a pair of VX-5000 (50Mbps WAN capacity) virtual appliances using my Shunra WAN simulator, installing the Silver Peak VMs on VMware vSphere 4.1 on my Dell R715 2U server. Installation was very straightforward. After going through the simple registration process at Silver Peak's Virtual Marketplace, I downloaded the virtual machine and imported the OVF (Open Virtualization Format) file into my ESX 4.1 host. Silver Peak offers a 30-day trial of all of its virtual appliances to give admins the ability to test-drive a fully working solution. Because the VX has specific networking requirements, I had to create four virtual switches and network adapters in vSphere to accommodate the LAN, the WAN, and two management networks.
Like their physical counterparts, the Silver Peak virtual appliances can be deployed in either bridge or router mode. With bridge mode, the VX is deployed inline between the router and the network backbone. Router mode requires WAN traffic to be sent to the VX via VRRP (Virtual Router Redundancy Protocol) or WCCP (Web Cache Communication Protocol). Bridge mode (the method I used) is the easiest to configure but creates a single point of failure if the virtual host should fail.
For the better part of six months now, my VX-5000 pair have been in constant use and the system has been absolutely stable. Using five Gigabit interfaces, I set up my virtual network such that I could insert the Shunra simulator between the two VX appliances and create different WAN links. Using many of the same tests I've run for years on physical WAN acceleration appliances, I found the VX to provide a substantial improvement in overall WAN usage and reduction in time, even besting a physical chassis in some tests. Regardless of the link speed and latency, the VX optimized WAN traffic as well as or better than a comparable physical chassis (the Riverbed Steelhead 2050) in all but one scenario. When it came to copying many small files, the VX lagged a little behind the best times posted by a chassis deployment. Large files and FTP traffic showed the best overall improvement out of all the traffic tested.
Below are my comparative test results for three different WAN links. Note that I did not generate enough traffic to really push the systems. In other words, I tested only for optimization efficiency, not for scalability or performance under load. Each VX-5000 virtual machine was configured with the default 4 virtual CPUs and 7GB of RAM (based on 2.22GHz AMD Opteron 6174). Look here for details on the Riverbed Steelhead 2050 [PDF].
WAN optimization test results: 128Kbps w/ 40ms RTT
|No optimization||Riverbed Steelhead 2050 (1st pass)||Riverbed Steelhead 2050 (2nd pass)||Silver Peak VX (1st pass)||Silver Peak VX (2nd pass)|
|CIFS -- Many small files||1:05:51||0:11:36|
|CIFS -- One large file||2:58:04||1:55:16|
|MAPI||1:57:00||not tested||not tested||0:00:04|
|Note: The tests included CIFS with many small files (1,004 files but only 10.4MB in total size); CIFS with one large file (a 155MB ISO image); Excel four-step (an open-copy-save as-open process); a MAPI test that saves a 700KB attachment from Exchange to the local drive; and a passive FTP test using the same 155MB ISO file as the single-file CIFS test. All tests were executed using Macro Scheduler for consistency and timing.|
Virtual and complete
Feature by feature, the virtual appliance lacks nothing compared to Silver Peak's hardware-based appliance. Like its physical counterpart, the VX is heavy on network acceleration and network integrity features. Of course, it also includes Silver Peak's byte-level data deduplication technology. A lot of network traffic is TCP-based -- FTP, SMTP, HTTP, NFS, and CIFS, for example -- and the VX does a great job of reducing its associated overhead through protocol optimization, header and payload compression, and keeping redundant bits off the wire.
UDP on the other hand is harder to optimize than TCP but can be just as important to backup and disaster recovery applications, as well as to multimedia and PCoIP sessions (RDP and Citrix are TCP-based). Many backup applications stream the data using UDP because of its reduced overhead compared to TCP. Unlike some competing WAN optimization appliances, Silver Peak can apply deduplication techniques to UDP traffic, providing a substantial reduction of bits on the wire. The ability to optimize both TCP and UDP traffic really broadens the VX's appeal and allows it to fit into more WAN optimization use cases.
Also included in the VX are Forward Error Correction (FEC) and Packet Order Correction (POC). FEC handles performance degradation due to dropped packets by reconstructing the missing packets on the fly. POC works in real time, taking care of packets that arrive out of order across the WAN. Both help to eliminate performance degradation due to retransmission delays.
The Web-based UI is well organized and easy to navigate. Configuration options for optimization policies, QoS policies, and tunnel definition are relatively unchanged from previous releases, requiring just a few basic choices to get an optimization policy online. I like that I can create multiple access control lists for each optimization scenario, explicitly defining how traffic over the WAN will be optimized. The QoS engine included in the VX is first rate and provides many options for prioritizing both optimized and pass-through traffic.