Deploying a Session Border Controller in Amazon Web Services


    Deploying a Session Border Controller in Amazon Web Services

     Some service providers are moving away from deploying applications in their own data centers in favor of the public cloud and as the market leader for public cloud services, Amazon Web Services (AWS) is a top destination for providers of cloud-hosted, real-time communication services such as unified communications, conferencing and collaboration, and contact center applications.

     A key goal for these customer, when moving their real-time communication services to a public cloud like AWS is to assure security, performance, and availability.  Deploying a Session Border Controller (SBC) along with their applications in AWS is the best way to do this as AWS provides much faster time-to-market than having to procure, install, and implement the compute, networking and storage infrastructure for a virtual SBC. AWS handles ongoing maintenance of the cloud infrastructure, reducing operating costs, and all of this is available on a subscription basis, delivering flexibility and cost control when scaling SBC capacity.

    The good news for anyone considering real-time communications services in AWS? The Ribbon SBC Software Edition (SBC SWe) is available and already being deployed in AWS by forward-thinking enterprises.  Even better news? Our strategy and innovation can be seen in recent developments to enhance performance and high availability, delivering critical capabilities when deploying an SBC.

    Performance:

    The first performance enhancement is industry-leading innovation. With the Ribbon SBC SWe in AWS our customers will soon be able to utilize the AWS G3 (accelerated computing using Graphical Processor Units) instance type for significantly improved performance for media transcoding.

    The second improvement is enhanced networking.  In AWS, we have enhanced networking using AWS’ Elastic Network Adaptor (ENA) networking driver to provide high-performance networking capabilities. It features checksum generation, multi-queue device interface, and receive-side steering to enable improved performance. Enhanced networking delivers higher bandwidth, higher packet per second (PPS) performance, and consistently lower inter-instance latencies. All new instance types support the ENA networking driver, which give more performance at lower costs compared to earlier instance types.

    SBC SWe leverages the ENA networking driver in Fast path using DPDK. Our most recent SBC release is optimized to take advantage of ENA for media passthrough sessions, where we have seen 2 – 3x performance improvement for G.711 UDP passthrough sessions with 20 ms packets.  As a reference, it will be possible to get up to ~7500 media sessions on a C5.4xlarge configuration. We are collaborating with AWS to improve this number further and together we expect to get more sessions in an instance.

    High Availability (HA)

    In AWS, HA is provided via a solution called Elastic IP (EIP).  With EIP, when a switchover is required from an active instance to a standby instance, the IP address for the active server is moved to the standby instance through a REST API, which can result in a 15 – 20 second switchover time.   While this solution may be acceptable for the majority of web-based applications it does not meet the requirements needed for SBCs for real-time communications.

    Our customers’ real-time communication applications require a solution enabling our SBC to achieve switchover times closer to 2 seconds. Ribbon’s SBC SWe now meets this goal in AWS.

    To accomplish this, we added an HA Front-End (HFE) to our AWS architecture solution to host the Elastic IP.  The HFE is a lightweight server with minimal processes to forward packets, thus improving availability with no impact on performance.  With the HFE, the public IP and secondary IP address of the active and standby SBC instances are separated, with the public IP address anchored on the HFE.  During a switchover from active to standby only the secondary IP address is re-anchored from the active to standby node.  This reduces the switchover time down to approximately 2 seconds.

    For more information or to order test solutions