One of the participants of the Carrier Ethernet LinkedIn group asked a great question:
When we install a virtual-router of any vendor over an ordinary sever (having general-purpose microprocessor), can it really compete with a physical-router having ASICs, Network Processors…?
Short answer: No … and here’s my longer answer (cross-posted to my blog because not all of my readers participate in that group).
While the software-only forwarding process can reach 200 Gbps or more on a multi-core Xeon server, you cannot get anywhere close to the pps-per-$ price point of equivalent hardware solution.
Before someone starts making list price comparisons, do keep in mind that when you buy a switch or a router from a mainstream manufacturer, you're not paying for the hardware, but (mostly) for software and support, as well as sales and marketing expenses. Hardware is usually less than 30% of the total costs (just look at gross margin from any major networking hardware vendor).
On the other hand, lower-speed routers use CPU-based forwarding anyway - replacing them with VM-based form factor (virtual router) is a no-brainer.
Finally, while it might make sense (from speed-of-deployment perspective) to use virtual routers, many NFV deployments I see today deploy virtual firewalls, protocol translation/termination, load balancers or DPI devices. The appliance version of these devices usually uses CPU-based forwarding anyway (potentially augmented by an internal switch to ensure traffic is distributed deterministically to multiple cores) - yet again making them a perfect fit for VM-based deployment.
The only good reason I found so far for hardware-assisted appliance functionality is RSA key exchange in SSL termination. This process is really slow when done in software, and can be done much faster on dedicated coprocessors.
For more details on NFV forwarding performance, register for my NFV webinar.