Skip to main content

Reducing Campus Network TCO with SONiC: The Asterfusion Advantage

written by Asterfuison

July 16, 2024

Introduction

In the pursuit of maximum efficiency, companies will find ways to reduce operating costs. As a long-term investment, campus network construction is not the same as other one-time investments. Choosing cheaper equipment may save some money initially, but if they require more maintenance or perform erratically at a later stage, it will ultimately increase the overall operating costs. When choosing campus network equipment, organizations need to focus on the overall total cost of ownership (TCO) more than the cost of the equipment itself.

A traditional campus network architecture using network equipment (bottom-up) generally include: box-type Layer 2 access switches, medium-sized box-type aggregation layer switches and medium / large-scale box-type core layer switches, the higher the cost; network expansion capability is mainly based on the box-type equipment vertical expansion capability, flexibility is limited; network operation and maintenance is mainly dependent on the manual operation and maintenance, management efficiency is low.

Traditional Campus Network Architecture Diagram

Asterfusion reduces TCO for enterprise campus network with SONiC

When enterprises build campus networks, they are more willing to purchase high-density, large-port Layer 3 switches for future flexible expansion than to spend a lot of money on box switches at the beginning and be limited by expansion after business growth. In addition to hardware design, Asterfusion has also taken what ways to help enterprise campus network to reduce the overall TCO?

Distributed Decentralized Network Architecture to reduce CAPEX

Box switches: a better expansion option than box switches

Comparatively speaking, box switch is more suitable for the campus where the number of people grows continuously. If you use box switch to build a campus network, you have to invest according to the maximum capacity at the beginning, which is equivalent to purchasing all the spine at once, while if you choose box switch, you can expand it according to demand, and the price of the box switch with the same specification can even reach dozens of times of that of the box switch, and the subsequent expansion of the campus network. The price of boards is also expensive.

Generally speaking, the price of boxed switches ranges from several thousand dollars to tens of thousands of dollars, while boxed switches cost only tens to thousands of dollars. Take a core layer switch (100GE6, 10GE48) from Huawei as an example, the AC kit (including assembly chassis1. MPUA motherboard1. SFUC switching network unit2. 800W AC power supply2. basic software*1) is about $5,400, and the market price of a box switch with a single board’s forwarding performance (port access capacity and chip throughput) and the whole machine’s access capacity (port number ) of comparable boxed switches in the market are priced at about US$3,400-4,000. From the very beginning of building an enterprise campus network, box switches are far more costly than box switches.
Not to mention the subsequent expansion for the replacement of high-speed interface board or replacement of high-speed interface board equipment, the cost is not low, Huawei 100G * 6 board price of about $ 25,000, the same price can buy seven box switch.

More price-competitive white box switches

With the advent of white box switches, pricing for networking equipment is more transparent than ever. As an emerging white box vendor, Asterfusion is willing to offer the most cost-effective products. In the high-end switch category, Asterfusion’s campus switches have a price advantage. For example, Edge-Core offers 48 x 10GE + 6 x 100GE network switches at a suggested retail price of $5,000 to $5,500. Meanwhile, another venor FS costs about $4,100-4,600. Similarly, Asterfusion offers a 48 x 10GE + 6 x 100GE barebone switch pre-installed with enterprise-grade SONiC NOS for a retail price of just $2,599. (with support for advanced features such as VXLAN and BGP-EVPN), which is half the price of other manufacturers. Now, with the popularity of bare-metal switches, data center operators of all sizes can purchase high-performance, high-quality switches at a more cost-effective price.

CX102S Multi-Purpose: One Switch + Enterprise Firewall + Router

Asterfusion’s 8-port and 16-port SONiC layer3 switches are now equipped with two powerful Marvell octeon CN9130-based 4-core DPU cards pre-installed with OpenWrt (seamlessly integrating network switching and egress gateway functionality) and Ubuntu (which installs the required software on the switch). The two DPU cards come pre-installed with OpenWrt (which seamlessly integrates network switching and egress gateway functions) and Ubuntu (which installs the required software on the switch).

  1. Installing OpenWrt on the DPUs enables routing and firewalls, network services (DHCP, DNS, VPN, etc.), traffic management and monitoring, package management, virtual LAN (VLAN) support, customized scripting and automation, high-performance network processing, device management, and remote access.

Applicable Scenarios:

  • Small business or home networks that require highly customizable and flexible routing and firewall features.
  • Need lightweight and efficient network device management.
  1. Installing Ubuntu on a DPU enables general-purpose computing, network functions (routing and firewall feats, VPNs, proxy servers, load balancing, etc.), containerization and virtualization, data processing and analytics, development and testing environments, machine learning and AI, database management, automation and scripting, monitoring and logging, security, and other functions.

Applicable Scenarios:

  • Medium to large enterprise networks that require complex application and service support.
  • Scenarios that require data processing, analytics, and high computational demands.
  • A highly versatile and flexible platform is required to support multiple network and non-network applications.

When two DPUs on a switch are installed with OpenWrt and Ubuntu respectively, they work together to realize more functions than a normal switch: advanced routing and firewall functions, complex application and service support, network monitoring and security analysis, load balancing and VPN services, automation and scripting support, and so on. This configuration allows the network equipment to meet the needs of both network management and server applications, increasing the flexibility and availability of the equipment.

So what size network scenario is this switch suitable for?

Using the switch as a network outlet, running OpenWRT firewalls that require business traffic through the DPU card, switching chip to the DPU card channel test the maximum bandwidth is 1000Mbps, per capita Internet traffic in accordance with the 20Mbps calculation (to meet the basic office needs), 1000/20 = 50 (people), each person’s office space is about 5 square meters, 50 * 5 = 250 (square meters), which means that this switch can meet the needs of a company with 250 square meters of office space and 50 people.

In this scenario, the purchase of such a switch is equivalent to the purchase of a switch + enterprise firewall + router, we have the price of the switch within 1,000(also has two Marvell octeon CN9130 chipset switch is generally high-end data center switches, the price of about 8,000 – $ 15,000, this scenario will not be compared; The market price of switches that can meet this scenario is $1,000 or more, such as Huawei’s related models costing $1,000-$2,000).

Enterprise firewalls cost about $300-$7,00, and an office router costs about $50-$300, which means that you can save at least $350 in this scenario with this switch.

De-AC, Reduce Hardware and License Costs

Wireless Access Controllers (ACs) are an important part of traditional wireless network solutions. In the traditional campus wireless network, AC is responsible for centralized management and control of a large number of wireless AP devices, providing authentication, wireless resource allocation, wireless roaming and other functions.

However, with the continuous development of wireless technology, and the increasing demand for network flexibility and scalability, “de-AC” has become a new network construction trend.

In order to meet the network requirements of a medium-sized enterprise with 2,000 employees, using the Spine-Leaf networking architecture (to facilitate future expansion needs) requires about 50 access switches (1 port per employee, 2,000➗48≈42, plus a certain amount of redundancy, you need to deploy about 50 access switches); each access switch has 2 uplink ports to the core switch to ensure redundancy, there are 50*2=100 uplink ports. switch has 2 uplink ports to the core switch, to ensure redundancy, there are 50*2=100 uplink ports, generally high-density core switch has 40-100 uplink ports, considering redundant design, at least 2 core switches need to be used; wireless network, according to each AP covers about 200 square meters, 10,000 square meters need about 50 APs, considering high-density area and redundancy, it is recommended to deploy 100 APs.

According to the calculation of network equipment used for 5 years without replacement, the cost of other manufacturers is about: AC + 5 years license fee + 2 (48 ports) core switches + 50 (24 ports) access switches, and Asterfusion does not have AC and license fees, Cisco for example, the AP price in this scenario is about 5,500, the need for 50 switches and 100 APs in the case of Below is the price of Cisco’s product with 5 years license included:

Switch + AP + AC price is: 10,000 * 2 + 50 * 2,000 + 100 * 700 + 5,500 = $ 195,500

Based on this requirement, Asterfusion’s equipment cost is approximately $133,550.

The equipment cost savings is (195,500 – 133,550) ➗ 195,500 = 31.6%

Automate operation and maintenance reduces labor costs and reduces OPEX

In order to maintain the normal operation and maintenance of the campus network, enterprises need to hire network engineers to supervise the network situation, the number of network engineers required depends on the size, complexity and degree of automation of the network, in general, medium-sized enterprises may need 2 to 5 network engineers, large enterprises may need 10 or more network engineers.

Enterprise Network Engineer Labor Costs

According to PayScale, SalaryExplorer, Jobted UK, SalaryExpert reports show that the average annual salary of network engineers in many European countries is 47,200-71,400, Asia is 6,800-44,800; in the U.S., the average annual salary of network engineers is In the United States, the average annual salary of network engineers is $104,340, even if only junior network engineers, the annual salary has reached $ 62,000, the cost of employing network engineers in various countries to hire high employment costs.ZTP Large Scale Automation Opening

ZTP Large Scale Automation Opening

In terms of network configuration, Asterfusion uses ZTP (Zero Touch Provisioning) technology to realize 10-minute zero-configuration startup for very large campus networks, reducing the workload and time cost of network engineers deploying networks.

ZTP (Zero Touch Provisioning) refers to the newly shipped or empty configuration equipment, an automatic configuration and deployment function adopted at power-on startup.Running the ZTP function, the device can automatically obtain and automatically load configuration files, realizing on-site configuration and deployment of the device, thus reducing labor costs and improving deployment efficiency.

One-stop unified management to avoid license fees

Different from the traditional campus network solution which uses gateway platform and AC to manage wired network and wireless network respectively, Asterfusion provides OpenWiFi compatible controller to realize the unified management of wired network and wireless network, and because Asterfusion Campus Controller is free and provides free licenses, so users can use Asterfusion Campus Controller to manage wired network and wireless network. Since the Asterfusion Campus Controller is free and offers free licenses, users do not need to spend extra money when purchasing the manager.

OpenWiFi provides separate Wi-Fi hardware and software, enabling organizations to use low-cost off-the-shelf access points (APs) from a variety of vendors. In terms of licensing costs, if an organization chooses to purchase AC from another network equipment vendor, it will need to purchase additional licenses, for example, Cisco’s AC licenses cost $1,000-$5,000/year, Juniper’s cost $500-$3,000/year, and based on the fact that the network equipment can be used for 5-10 years, the licensing cost will be at least $1,500. Asterfusion offers free software licenses for localized deployment scenarios. By choosing us, you can avoid recurring license fees and further reduce TCO.

OpenWiFi compatible controller enhances the automated operation and maintenance capability of campus network.

In addition to lifting vendor lock-in and saving hardware and software costs, using an OpenWiFi compatible controller also reduces manual intervention and OPEX through automated operation and centralized management.

As the wireless network is built independently by the controller, the operation and maintenance personnel only need to click the mouse 1-2 times to realize the daily business opening and issuing security policies. In addition, network engineers can use the configuration template function when opening all business templates, including various vlan and authentication configuration, when the park increases, business and user increase, operation and maintenance personnel in the background can realize the “one-key expansion”, reducing the time and cost of on-site manual configuration.

Real-time web monitoring interface

In order to meet the network needs of a medium-sized enterprise with 2,000 employees, it is necessary to hire a network engineer, using Asterfusion network solutions, through automated operation and maintenance, visualization and monitoring reduces the network engineer’s workload by 1/3. According to the average annual income of network engineers for the $ 70,000 calculation, 5 year cost 350,000*2/3=233,333.33,5 years can save 1/3*70,000*5=$116,666.67.

Increase Network Stability and Reduce Downtime Costs

Managing network costs is a constant balancing act for organizations, finding the optimal allocation of limited resources to ensure that the network remains reliable and error-free, yet flexible enough to accommodate growth. Asterfusion applies data center-class switch design to enterprise campuses to achieve a tierⅢ data center availability rating in terms of failure rates, and reduces business loss due to network failure by81.74%.

Clos Architecture Circumvents Layer 2 Broadcast Network Attacks

Unlike L2 networks with loops that use STP protocols to avoid the risk of broadcast storms, Asterfusion utilizes the Clos network architecture, which naturally shields the network from virus propagation and network attacks that rely on Layer 2 broadcasts and effectively solves up to 80% of the tough challenges in daily network operations and maintenance, such as packet loss, jitter, and oscillation, that are caused by these issues.

Higher-ability Layer 3 Switches

While cheaper, Asterfusion switches have more and fuller features. Take the 24 1G interfaces as an example, many of the switches on the market for this model are pure Layer 2 switches or come with some simple Layer 3 features, while Asterfusion, in addition to the basic Layer 3 switch features, can also provide advanced features for virtualization, such as VXLAN, BGP-EVPN, and so on. Here is the relevant comparison:

Efficient Network Architecture Reduces Maintenance and Upgrade Frequency

Ensuring network security while maintaining forwarding efficiency, Asterfusion’s ASIC-based hardware Layer 3 forwarding is comparable to Layer 2 forwarding efficiency; at the same time, Leaf only stores the routing tables of local terminals, reducing the pressure on the table entries and reducing the need for frequent maintenance and upgrades due to equipment overload, thus reducing long-term operating costs.

Innovative technologies make the network more flexible and efficient

In terms of the campus network service model, we have realized multi-service segregation of production/office/monitoring and avoided multiple security attacks through technologies such as BGP/VxLan EVPN, etc. The use of these new technologies is more flexible and efficient, and the network is easier to expand and manage than MPLS VPN, which is a widely used virtual private network technology.

In addition, ECMP, BGP-Multihoming, MCLAG and other technologies work together to reduce the risk of network congestion in the event of failure and enhance the high availability and performance of the network.

10ms Seamless Roaming Ensures No Business Interruption

Based on fast roaming protocols, the industry has generally been able to achieve about 50ms AP switching, based on SONiC + white box AP Asterfusion can realize an average of 10ms or less roaming migration time, so that the user in the range of different APs to experience a “seamless roaming”, to avoid network interruptions caused by the loss of business, enhance the enterprise employees and users. Avoiding business loss caused by network interruption, improving the business experience of enterprise employees and users, and saving time and cost.

Test Example:

The software collected data from 20 AP switches during roaming, and the roaming elapsed time was stable at 10ms up and down, with an average of 8.7ms, and a packet loss rate of 0.

3200K Wireless Terminal “Smooth Capacity Expansion”

In the normal operation of the enterprise, hacker attacks and campus network expansion are easy to lead to network instability, resulting in business losses, Asterfusion optimized network architecture, with a full three-layer network “de-stacking”, to avoid the traditional network architecture of the security issues brought about by the complexity of the maximum realization of the 3200K wireless terminal “smooth expansion”. Asterfusion optimizes the network architecture with full three-layer network “de-stacking”, avoiding the security problems caused by the traditional network architecture, and realizing the maximum 3200K wireless terminals “smooth expansion” without worrying about the network fluctuation affecting the business in the process.

In the European Union, the annual per capita value of a service sector worker is about 60,000 Euros (about $66,600), while in the United States, the figure is higher due to more advanced technology integration and higher capital intensity. According to arubanetworks’ estimates, an organization’s network revenue is typically 10% of that organization’s annual revenue, which for a 2,000-person organization is approximately $66,600*2,000*10%=$13,320,000.

Hourly enterprise network revenue is approximately $13,320,000/365/24=$1520.548

In terms of network failures, since Asterfusion switches can be used in tier3 data centers with availability metrics greater than 99.982% and unavailability of less than 1.6 hours per year, and the availability metrics of common campus switches are typically 99.9% with an average unavailability of 8.76 hours per year, the annual loss of enterprise business due to failures:

From 1520.548 * 8.76 = 13320 reduced to 1520.548 * 1.6 = $ 2,432.877

The cost for 5 years is reduced from 13320*5=66,600 to 2432.877*5=$12,164.384,reduction ratio: (66,600 – 12,164.384) / 66,600 = 81.74%.

CAPEXOPEXDowntime costsTotal TCO
Other Network Vendors195,500350,00066,600612,200
Asterfusion133,550233,333.3312,164.384379,047.714
Minus61,950116,66754,435.616233,052.286

It can be seen that after using Asterfusion, the total cost of ownership is reduced from 612,200 to 379,047.714, reducing the TCO by (612,200-379,047.714)/612,200 ≈ 38.1%.

Case:The campus network of one of the biggest CSP in China

Background

The complexity and bloat of the traditional campus network architecture brings many challenges to the network experience and daily operation and maintenance of the headquarters campus of a large domestic Internet company, and the client company wants to continue to explore optimization solutions and comprehensively transform the campus network. Take a building in the company’s headquarters campus as an example, a building with 6 floors and about 1,000 people on each floor.

  • On average, each user has about 3 terminals, and there are close to 20,000 terminals in daily access demand;
  • The network must be safe and reliable to avoid broadcast storms;
  • The network must not drop out when terminals move within or across floors.

Requirements Background

  • Deploy 20-30 box switches per floor to form an end-to-end routed network with Spine-Leaf architecture, with multiple floors interconnected using higher-specification Super Spine;
  • The fully routed network isolates broadcast storms and enables redundancy of critical devices and links via ECMP, eliminating the need for complex traditional stacking techniques;
  • All Leaf layer switches run high-performance distributed gateways to realize seamless roaming of terminals throughout the network.

Savings in Campus Network TCO

Equipment costs, other box manufacturers for the enterprise to provide the program offer about 588,000, our company is $400,900, in the cost of equipment for the enterprise to save 588,000 – 400,900 = 187,100

Labor costs, the enterprise headquarters building a total of 3 network engineers responsible for enterprise campus network operation and maintenance, the use of Asterfusion after the workload reduction, 2 network engineers responsible for the operation and maintenance of the campus network, in accordance with the average annual income of network engineers of the enterprise 65,000 calculations, 5 years of network engineers from 5 * 65,000 * 3 = $975,000 labor costs are reduced to 5*2*65,000=$650,000

Downtime cost cost, according to the enterprise per capita annual revenue of 138,888 calculation, the headquarters building a total network annual revenue is estimated to be 138,888 * 6,000 * 10% = 83,332,800, the cost of downtime per hour is about 83,332,800 / 365/24 = $9,512.88

After using Asterfusion, according to the feedback from the enterprise, the average annual downtime was reduced from 9 hours to 2.5 hours, i.e. the annual downtime cost was reduced from 9,512.88*9=85,615.92

Reduced to 9,512.88*2.5=$23,782.2

The 5-year downtime cost will be reduced from 85,615.92*5=428,079.6 to 23782.2*5=$118,911.

CAPEXOPEXDowntime CostsTCO
Other Network Vendors588,000975,000428,079.61,991,079.6
Asterfusion400,900650,000118,9111,169,811
Minus187,100325,000309,168.6821,268.6

As shown in the table, the TCO savings for using Asterfusion’s network solutions and products over those of other manufacturers is 821,268.6/1,991,079.6 = 41.25%.

Summary

The use of Asterfusion can directly save hardware procurement costs, with a more affordable price to buy more functionality of the Layer 3 white box switch, while through automated operation to reduce the complexity of the network and the workload of operations and maintenance personnel to reduce the cost of human resources in the enterprise; but also because of the Asterfusion campus network of high-reliability, reduce the loss caused by business interruptions, to avoid the network of frequent upgrades What are you waiting for?

Let us reduce the TCO of campus network with Asterfusion!

For more contact: bd@cloudswit.ch

Reference

https://www.coursera.org/articles/network-engineer-salary?isNewUser=true

https://www.fierce-network.com/tech/boingo-cto-openwifi-deployments-are-saving-time-and-money

https://mp.weixin.qq.com/s/T_0fWcKo8WHiwuM15TslhA

https://www.fierce-network.com/wireless/ericcson-posts-7-revenue-drop-says-north-american-sales-are-growing

https://www.huaweicloud.com/intl/en-us/declaration/sla-esw.html

https://blogs.cisco.com/partner/redefining-network-management-the-advantages-of-cisco-managed-campus-for-msps

https://itic-corp.com/?s=cost+of+downtime

https://blogs.cisco.com/partner/redefining-network-management-the-advantages-of-cisco-managed-campus-for-msps

https://link.springer.com/article/10.1007/s11235-023-01084-4

https://documentation.meraki.com/General_Administration/Support/%E6%80%9D%E7%A7%91_Meraki_%E6%9C%80%E4%BD%B3%E5%AE%9E%E8%B7%B5%E8%AE%BE%E8%AE%A1

https://mp.weixin.qq.com/s/5i92LTV2F2RTbMSjenJOug

https://www.arubanetworks.com/central-tco-calculator

https://itprice.com

https://www.payscale.com

https://www.salaryexplorer.com

https://www.salaryexpert.com

Latest Posts