2. WHAT ARE THE REAL PROBLEMS…
CONFIGURED,
MANAGED
Whatever happened to Web2.0?
3. WHAT ARE THE REAL PROBLEMS…
Cloud? Scale-out? ….
SCALE-UP
SYSTEMS
4. WHAT ARE THE REAL PROBLEMS…
Virtualization? Orchestration?
HARDWARE
SERVICES
5. WHAT ARE THE REAL PROBLEMS…
Big Data? Analytics? ….
LOW VISIBILITY
6. NETWORKING PROBLEMS IN A NUTSHELL
CONFIGURED,
MANAGED
HARDWARE
SERVICES
LOW VISIBILITY
SCALE-UP
SYSTEMS
POOR MANAGE-ABILITY
INFLEXIBLE SYSTEMS
HARDWARE CENTRIC
9. SERVICE PROVIDER NETWORK
SGSN / MME
SBC
Media
Gateway
FW
SLB
DPI
CACHING
GGSN / P-
GW
Mobile Edge
Broadband
Edge
Business Edge
Core / Backbone
PCRF
Scalable Virtual
Service on x86
Scalable Virtual
Service on x86
Private networks
SP DATACENTER
BRAS/VPN Edge
FW – IPS – PDF – DDoS
FW – IPS – PDF – DDoS
Service Load
Balancing
Service Load
Balancing
L3VPN-ENABLED
SP CORE/BACKBONE
BUSINESS EDGE
BROADBAND EDGE
MOBILE EDGE
Dynamic Service Provisioning, Scaling;
Service Chaining
Services – Firefly, Web App
Secure, Ddos Secure, vSA
NFV: Virtualized Network Services with Centralized Management & Orchestration
14. WHY NETWORK VIRTUALIZATION
Physical
Servers
IPS
LBs
FWs
Routers
VLAN
VLAN
VLAN
ACLs
FW
Policies
LB
Policies
Standalone Application
(Dedicated Resources)
SEGMENTED
NETWORKS
WAN
Technology Silo Evolving Applications
(on Resource Pool)
WAN
Virtual WAN
Network
VM
VM
VM
VM
VM
VM
VM
VM
VM
STORAGE POOL
FW Service POOL
LB Service POOL
COMPUTE POOL
Dynamic Virtual Network
+
Service Orchestration
?
Common Resource Pools (Datacenter & Beyond)
External Cloud Based
Resources
Scale-Out
Model
Physical Switching Fabric ~ Physical Compute Servers
Giant Pool of Resource that is Sliced based on Demand
Rack Once, Configure Once
New Applications and/or Tenants do not affect Physical Fabric Configuration
15. WHAT IS NETWORK VIRTUALIZATION
•Independent of Physical Network Location or State
– Logical Network across any server, any rack, any cluster, any data-center
– Virtual Machines can migrate without requiring any reworking of security policies,
load balancing, etc
– New Workloads or Networks should not require provisioning of physical network
– Nodes in Physical Network can fail without any disruption to Workload
•Full Isolation for Multi-tenancy and Fault Tolerance
– MAC and IP Addresses are completely private per tenant
– Any failures or configuration errors by tenants do not affect other applications or
tenants
– Any failures in the virtual layer do not propagate to physical layer
16. THE IMPORTANCE OF ABSTRACTION
BMS
R4
OpenStack
OpenContrail
Controller
NeutronNova
VM
G1
VM
G2
VM
G3
VM
R1
VM
R3
VM
R2
VM
FW
PHYSICAL TOPOLOGY
Complex
• Low level of abstraction
• Many vrouters
• Many routing-instances
• Many tunnels
• Many routes
Complex to configure
Complex to troubleshoot
NMS/EMS
18. VIRTUAL
NETWORKS
VIRTUALIZED
SERVICES
THE NEW NETWORK – BUILDING BLOCKS
GATEWAYS
NETWORK AND
PACKET POLICY
PROVIDED BY OPEN BGP VPN
TECHNOLOGIES
NETWORK POLICY FOR
TOPOLOGY AND PACKET FOR
TRAFFIC CONTROL
NETWORK FUNCTIONS AND
SERVICES STITCHED TO
TOPOLOGY
CONNECTS VIRTUAL AND
PHYSICAL DOMAINS
19. ROLE OF OPENCONTRAIL
IN INTEGRATED STACK
Service Nodes
Internet VPN DCI WAN
Gateway Router
OpenContrail
Orchestrator
Compute APIs Storage APIsNetwork APIs
Server
Virtual Machine vRouter
Physical Switches
vSRX, F5 …
20. OPENCONTRAIL SOLUTION OVERVIEW
OpenContrail Controller
Configuration Analytics
Control
Server
VM VM VM
Server
VM VM VMIP fabric
(underlay network)
Juniper Qfabric/QFX/EX
or 3rd party underlay switches
Juniper MX
or 3rd party gateway routers
Tenant VMs
BGP
Federation
BGP
Clustering
OpenContrail Controller
REST
XMPP
CONTROLLER
Control
Orchestrator
XMPP
BGP +
Netconf
OpenContrail vRouter (L2 & L3)
on KVM, Xen and ESXi/HyperV in 2014
2014
22. 2 TIER NETWORK DEMO TOPOLOGY
BACK-END
DATABASE TIER
NETWORK
FRONT-END
WEB-TIER
NETWORK
BE1 BE2 BE3 FE1 FE2 FE3
MX Gateway
Policy to connect front-end and
back-end
Centralized Control, Policy provisioning
Internet
Demo Machine connecting
to Openstack Horizon and
Contrail GUI
Floating IP
OpenContrail
23. Contrail is available as Open Source
www.opencontrail.org. Commercial support available from Juniper.
Same features and scaling as commercial version
Uses proven stable standards. Production-Ready
Permissive license
Apache 2.0 (Controller), GPL (vRouter)
Integrated into open source virtualization stacks
OpenStack, CloudStack
24. WHAT?
Run OpenStack and OpenContrail on your laptop or in a VM
WHY?
Use to build & test OpenStack and OpenContrail code
Just play with OpenStack/OpenContrail features
HOW?
Ubuntu server/VM with 4GB RAM, access to github
DEVSTACK + OPENCONTRAIL
26. Open architecture easily integrates with open cloud orchestration
platforms
Build on standards protocols and supporting ANY Hypervisors
Ultimate transparency and openness with OpenContrail.org
OPEN
Seamless integration with physical networks
SDN as complier hiding complexity
Service chaining for simple provisioning and management
SIMPLE
Automated provisioning and creation of virtual networks
Enables workload mobility between private, public and hybrid clouds
Unique analytics capabilities for planning and modeling
AGILE
28. 8 WAYS TO GET INVOLVED
1. See what developers are saying about Contrail
2. Read the blog: http://opencontrail.org/blog/
3. See a demonstration: http://www.youtube.com/watch?v=TnqNNvGmfcE
4. Go to a meet-up: http://opencontrail.org/events/category/all-events/
5. Read up on SDN: http://www.sdncentral.com/
6. Join the community: http://opencontrail.org/community/
7. Download the code: www.opencontrail.org
8. Call your Juniper contact