Secondary Network for Data Plane Pod

Each CNF consists of multiple Pods. The default network interface on the Pods is called Primary Network. The Primary Network can serve all types of communication including management, Pod-to-Pod, Pod-to-Service, and External-to-Service communications, but it is not suitable for creating a fast data path interface.

One or more Secondary Network interfaces are used, in cases where the Primary Network on the Pod requires isolation from heavy data plane traffic and must use a supported CNI plug-in such as Calico or Antrea.

Special data plane requirements for high throughput and low latency are achieved by leveraging Secondary Networks supported by either:

Enhanced Data Path (EDP) virtual switch using VMXNET3 paravirtualized interfaces
- EDP is a DPDK-enabled networking stack mode designed for telco applications to provide superior network performance.
SR-IOV interfaces

Telco Cloud Automation configures Multus CNI in the CaaS layer to enable Secondary Networks on the Pods. Ensure that the Primary and Secondary Networks on the Pod use different network interfaces on the Worker Node.

VMware recommends using EDP whenever possible. SR-IOV might be an easy choice in certain scenarios, but it might not be the best fit when flexibility, scalability, and security are prominent factors. The following table summarizes the differences between the EDP and SR-IOV technologies.

SR-IOV	Enhanced Data Path (EDP)
Virtual Switch completely bypassed	EDP DPDK-enabled Virtual Switch is used
Introduces NIC driver dependency in applications	Single VM driver (VMXNET3) abstract away individual NIC vendors
Hypervisor High Availability features (DRS, HA, Teaming, and vMotion) are not supported	All Hypervisor High Availability features are supported
Predictable throughput and latency numbers	Tuning might be required to achieve expected throughput and latency numbers
SR-IOV direct access to the physical NIC can raise security concerns	Hypervisor abstracts the physical NIC, offering a consistent security posture
Although the configuration is simplified by TCA, managing SR-IOV Virtual Functions in large-scale environments can add complexity to the overall infrastructure.	Scalability is dictated by EDP capacity and can be controlled directly from NSX.