Edge Computing

Why Push Compute to the Edge

Edge computing relocates processing from centralized data centers to locations physically closer to data sources or end users. The primary motivation is LatencyThe time delay for a data packet to travel from source to destination, typically measured in milliseconds (ms). Lower latency is critical for real-time applications like video calls, gaming, and financial trading.: a sensor in a factory or a user on a mobile device can receive a response in milliseconds from a nearby edge node instead of waiting for a round trip to a distant cloud region. Reduced BandwidthThe maximum data transfer rate of a network link, typically measured in bits per second (Mbps, Gbps). Bandwidth represents capacity, not actual speed; real-world transfer rates depend on latency, congestion, and protocol overhead. consumption is a secondary benefit — only aggregated or filtered results are sent to the core, rather than raw streams of sensor data.

Edge Infrastructure

Edge nodes range from micro data centers in ISP points of presence to ruggedized appliances on a factory floor. They typically run containerized workloads managed by orchestrators that synchronize state with a central control plane. CDNContent Delivery Network. A geographically distributed network of servers that caches and serves content from locations close to end users, reducing latency and improving load times. Major providers include Cloudflare, AWS CloudFront, and Akamai. providers operate one of the largest edge computing networks, executing functions and caching content at hundreds of points of presence. This architecture complements Fog ComputingAn extension of cloud computing that distributes processing, storage, and networking services between edge devices and the cloud. Fog computing bridges the gap between IoT endpoints and centralized data centers., which occupies the middle tier between the edge device and the cloud.

Network Implications

Edge deployments introduce new network design challenges. Container NetworkingThe networking layer that enables communication between containers, between containers and the host, and with external networks. Technologies like Docker bridge networks, Kubernetes CNI, and overlay networks provide container connectivity. must function reliably across geographically distributed edge nodes. Security at the edge is harder to enforce than in a controlled data center — NACNetwork Access Control. A security approach that enforces policies on devices attempting to join a network, verifying identity, health (antivirus, patches), and compliance before granting access. Integrates with RADIUS and 802.1X., FirewallA network security device or software that monitors and filters incoming and outgoing traffic based on predefined rules. Firewalls can block traffic by IP address, port number, protocol, or application-layer content., and Bastion HostA hardened, publicly accessible server that serves as the sole entry point for administrative SSH or RDP access to an internal network. Bastion hosts (or jump boxes) reduce the attack surface by concentrating and auditing remote access. patterns must be adapted for sites with limited physical security. Overlay NetworkA virtual network built on top of an existing physical (underlay) network using encapsulation protocols like VXLAN or GRE. Overlay networks provide logical separation and flexibility without modifying the underlying infrastructure. fabrics connect edge nodes back to central infrastructure, and QoSQuality of Service. A set of technologies and techniques that prioritize certain types of network traffic (voice, video, critical applications) over others to guarantee performance levels. QoS uses mechanisms like traffic shaping, queuing, and marking. policies ensure that control-plane traffic is prioritized over bulk data when BandwidthThe maximum data transfer rate of a network link, typically measured in bits per second (Mbps, Gbps). Bandwidth represents capacity, not actual speed; real-world transfer rates depend on latency, congestion, and protocol overhead. is constrained.