News
2/25/2011
11:03 AM
George Crump
George Crump
Commentary
50%
50%

The Downsides Of OpenFCoE

A few weeks ago I wrote an entry about software based Fibre Channel over Ethernet (FCoE) called Open FCoE being offered by Intel. The immediate responses were questions asking if this is a sign of the end for the hardware based HBA providers? Open FCoE has a lot of promise but the downsides of OpenFCoE prove that it may not be for everyone.

A few weeks ago I wrote an entry about software based Fibre Channel over Ethernet (FCoE) called Open FCoE being offered by Intel. The immediate responses were questions asking if this is a sign of the end for the hardware based HBA providers? Open FCoE has a lot of promise but the downsides of OpenFCoE prove that it may not be for everyone.The advantage that Open FCoE should bring to the storage world is extremely cost effective block storage by leveraging 10GbE LAN on Motherboard (LOM) chips instead of expensive Converged Network Adapters (CNA). As I stated in the prior entry, this would allow a broader range of servers to participate in the fibre channel experience. Open FCoE is not nirvana though, we need to know what its limitations are.

The big problem that I think Open FCoE is going to have is providing consistent performance. While for the most part performance is still an unknown, we can make some assumptions. Open FCoE is going to almost certainly consume some of the server's CPU resources. The question is how much and whether or not that will be enough that you care. If you have powerful processors that are not being heavily utilized it probably will not matter. However if you have processors that will be taxed even occasionally software based FCoE may not be for you. This is especially important if you need a level of consistency in that performance. That is the challenge with a software based deliverable, it is counting on processor resources that it is sharing with other software on that server. As a result one of those other software components (operating system, hypervisor, application) can have a sudden spike in the processing resources it needs and with that you loose the predictability that is required for making service level commitments to application owners.

A hardware based Converged Network Adapter (CNA) is going to give you that predictability. Its performance will not be as impacted by a busy server whose CPU is off doing other things. In environments where predicable performance is needed CNAs are still going to be the best practice. As application performance becomes increasingly important and server virtualization continues its rapid growth the number of cases where predicable performance is going to be required will be a significant percentage of the HBA population.

A second challenge is that we are seeing an increasing number of cards provide special capabilities. In some cases that is an advanced Quality of Services (QoS) for bandwidth optimization or internal virtual switching on the card. In these cases not only does the card increase predictability by offloading the protocol from the main CPU, it also offloads another function (QoS or switching) from the CPU. As a result it increases predicability in two areas.

There are also some tactical potential downsides. First, somewhat obviously this is going to be an Ethernet only deliverable. This means that if you have an existing infrastructure with mostly fibre channel cards and switches or if you need 16GB fibre channel performance, Open FCoE is not going to be for you either. Also, you have to wait for the Operating System or Hypervisor that you use to actually pick up support for the standard.

What will happen in most data centers is that a mix of Open FCoE and CNAs will be deployed. Underutilized servers with minimal concern about applications suddenly spiking will be well served by Open FCoE. For applications that need consistent, predictable performance go with a CNA or a Fibre HBA card.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0750
Published: 2015-05-22
The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier allows remote authenticated users to execute arbitrary commands via crafted input to unspecified fields, aka Bug ID CSCut02786.

CVE-2012-1978
Published: 2015-05-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Agenda 2.2.8 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator via a request to auth/process.php, (2) delete an administrator via a request to auth/admi...

CVE-2015-0741
Published: 2015-05-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(1) and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut04596.

CVE-2015-0742
Published: 2015-05-21
The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registrati...

CVE-2015-0746
Published: 2015-05-21
The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.