Cloud Network Virtualization with Juniper Contrail

6,790 views

Published on

Description: Contrail Technology will be discussed covering architecture, capabilities and use cases. It will be followed by a demonstration on current Contrail implementation on CloudStack/Openstack.
Parantap works as a Sr. Director of Solutions Engineering for Contrail Product within Juniper. Before Juniper, Parantap led the network architecture team for Microsoft Online Services (Windows Azure, MS Bing). Prior to Microsoft, Parantap worked as a core engineering manager for UUNet Technologies building Internet backbones.

Published in: Technology

Cloud Network Virtualization with Juniper Contrail

  1. 1. SDN – CONTRAIL ENABLING CLOUD Parantap Lahiri Sr. Director, Solutions Engineering Suresh Balineni Staff Engineer
  2. 2. FUNDAMENTAL SHIFT: EVOLVING APPS Standalone Application (Dedicated Resources) Technology Silo Physical Servers VLAN LB Policies Scale-Out Model Evolving Applications (on Resource Pool) Dynamic Virtual Network + Service Orchestration VM VM VM VM VM VM VM VM VM COMPUTE POOL LBs ? VLAN FW Policies IPS STORAGE POOL LB Service POOL FWs VLAN SEGMENTED NETWORKS ACLs FW Service POOL Common Resource Pools (Datacenter & Beyond) Routers Virtual WAN Network WAN 2 WAN Copyright © 2013 Juniper Networks, Inc. External Cloud Based Resources
  3. 3. BRIDGING PHYSICAL/VIRTUAL NETWORKS… AUTOMATION, ANALYTICS CONVERGED NETWORK ORCHESTRATION CONTROL PLANE - PHYSICAL, VIRTUAL OPEN, STANDARDS-BASED, FEDERATED CONTROLLER – SCALABLE, RESILIENT VIRTUAL NETWORK OVERLAY PRESERVE AND INSERT DYNAMIC SERVICES (FIREWALL, LB…) PHYSICAL NETWORK INTEROPERABILITY WITH TRADITIONAL NETWORK DEVICES 3 Copyright © 2013 Juniper Networks, Inc. CONFIDENTIAL – DO NOT DISTRIBUTE
  4. 4. Legacy  Datacenter  –  Underlay   L3     L2/L3     L3     L2/L3     L2/L3     L2/L3     Mul/-­‐Chassis  LAG   TRUNK   L2  Switch   L2  Switch   ToR   L2     L2     VMs   Servers   L2     L2     L2     L2  Switch   L2  Switch   ToR   L2     L2     L2     L2     L2     L2     L2    
  5. 5. Legacy  Datacenter  –  Limited  VLAN  Span   L3     L3     Rou/ng  &  Filtering   between  VLANs   Rou/ng  &  Filtering   between  VLANs   FW   L2/L3     L2/L3     No  VLANs  Across  L3       L2/L3     FW   L2/L3     LB   LB   Mul/-­‐Chassis  LAG   TRUNK   L2  Switch   L2  Switch   ToR   L2     L2     L2     L2     VMs   Servers   VLAN  Span  Limit   L2     L2  Switch   L2  Switch  ToR   L2     L2     L2     L2     L2     L2     L2    
  6. 6. Legacy  Datacenter  –     No  Mul/-­‐tenant  overlapping  IP  space  support;  NAT  on  HW  Appliances       L3     FW   L2/L3     L2/L3     LB   L3     Single  Rou/ng  Table     (No  support  for  overlapping     mul/-­‐tenant  space)   L2/L3     FW   L2/L3     LB   Mul/-­‐Chassis  LAG   TRUNK   L2  Switch   L2  Switch   ToR   L2     L2     L2     L2     VMs   Servers   VLAN  Span  Limit   L2     L2  Switch   L2  Switch  ToR   L2     L2     L2     L2     L2     L2     L2    
  7. 7. Legacy  Datacenter  –     Mul/-­‐tenant  Support  with  MPLS   Tenant  Specific   HW  Appliance   Services   L3-­‐MPLS     Tenant  Specific   HW  Appliance   Services   L3-­‐MPLS     FW   LB   FW   LB   FW   LB   MPLS  –  Enabled  links   L2/L3  -­‐MPLS     L2/L3  -­‐MPLS     FW   LB   L2     L2     L2     L2     VMs   Servers   VLAN  Span  Limit   L2     L2/L3  -­‐MPLS     FW   LB   Tenant-­‐VRF   L2  Switch   L2  Switch   ToR   L2/L3  -­‐MPLS     MPLS  with  VRF  for  mul/-­‐tenant   isola/on   Tenant-­‐VRF   Mul/-­‐Chassis  LAG   TRUNK   FW   LB   L2  Switch   L2  Switch  ToR   L2     L2     L2     L2     L2     L2     L2    
  8. 8. Typical  L2  Overlay   •  •  •  L3     L3     Hypervisor  Switch  only  forward  L2   Separate  VM  based  router  perform  rou/ng   Separate  VM  based  router  perform  NAT   L3     External  Network   External  Network   L3     L3     L3  ToR   L3     L3  ToR   VXLAN   L3     VXLAN   L2-­‐SW   L3  ToR   L3  ToR   VXLAN   L2-­‐SW   Servers       L2-­‐SW   L2-­‐SW   L2-­‐SW       L2-­‐SW   L2-­‐SW   L2-­‐SW       L2-­‐SW   L2-­‐SW   L2-­‐SW       L2-­‐SW  
  9. 9. Contrail  Overlay   =  mul/-­‐tenant  VRF     •  •  •  L3     L3     Hypervisor  Router  handles  L2/L3   Hypervisor  Router  perform  na/ve  rou/ng   Hypervisor  router  perform  na/ve  NAT   L3     External  Network   External  Network   L3     L3     L3  ToR   vRouter   L2/L3         vRouter   vRouter   L2/L3     L2/L3     vRouter   L2/L3                     L2/L3     L3  ToR   Servers   L3     L3  ToR   L3  ToR   vRouter       L2/L3     vRouter   vRouter   L2/L3     L2/L3     vRouter       L2/L3                     vRouter   L3     Service  Inser/on   Service  Inser/on   vRouter   L2/L3     vRouter   L2/L3     vRouter       L2/L3    
  10. 10. Contrail  Overlay  Datacenter  Abstrac/on   Router   L3VPN   L3     L3     L3     Internet   L3     L3     L3  ToR   L3     L3  ToR   VN1   Tenant  1   L3     L3  ToR   VN1   Tenant  3   VN2   VN2   Tenant  4   VN1   Tenant  2   VN2   VN1   VN2   L3  ToR  
  11. 11. Contrail  Overlay  –  Mul/-­‐DC   MX   L3VPN   VN1   Internet   Tenant  3   VN1   Tenant  1   VN2   VN2   Tenant  4   VN1   Tenant  2   VN1   VN2   VN2   IP  Underlay   vRouter   L2/L3     vRouter   L2/L3     vRouter       L2/L3     Datacenter  1   Datacenter  2   Datacenter  3  
  12. 12. CONTRAIL ON IP NETWORK REST/API   Configura/on  Management   Control  Plane   Control  Plane   BGP  Based  Control  Plane   XMPP   XMPP   10.1.1.2:NH = 151.10.10.1; LBL = 17 10.1.1.1:NH = 70.10.10.1; LBL = 39 10.1.1.1:NH = 70.10.10.1; LBL = 39 10.1.1.2:NH = 151.10.10.1; LBL = 17 PubSrcIP PubDstIP 151.10.10.1 70.10.10.1 PriDstIP GRE   LBL=17   PriSrcIP 10.1.1.2 10.1.1.1 PAYLOAD IP Network 70.10.10.1 Agent   151.10.10.1 10.1.1.2: NH = 151.10.10.1; LBL = 17 10.1.1.1: NH = 70.10.10.1; LBL = 39 VRF   VRF   (Dynamic  Tunnel  Decapsula/on)   (Dynamic  Tunnel  Encapsula/on)   PriDstIP PriSrcIP 10.1.1.2 10.1.1.1 10.1.1.1 PAYLOAD VM   Server 1 Copyright 12 *Outer  MAC  header  was  le_  out  inten/onally  to  reduce  clu`er  © 2013 Juniper Networks, Inc. 10.1.1.2 VM   Agent   PriDstIP PriSrcIP 10.1.1.2 10.1.1.1 PAYLOAD Server 2
  13. 13. CONTRAIL TECHNICAL APPROACH Orchestrator Cloud Orchestration Contrail  Controller Configura/on Analy/cs JunosV Contrail Control  Plane Virtualized  Server VM VM VM Virtualized  Server IP  fabric   (underlay  network) VM VM VM Juniper & 3rd party Services * Hypervisor, Contrail vRouter VXLAN or MPLSoGRE/UDP Router Gateway XMPP External IP Network •  = Juniper and 3rd party services can also be physical devices (e.g. SRX) or hypervisor services (e.g. vGW) ** = Other Orchestration System support like Cloudstack, Customer OSS/BSS System 13 Copyright © 2013 Juniper Networks, Inc. BGP, Netconf
  14. 14. SUMMARY – SCALE-OUT NETWORKING SYSTEM Orchestrator   (OpenStack) REST  CONTRAIL  System Analy/cs     Node Analy/cs     Node Configura/on     Node Configura/on     Node IF-­‐MAP Control     Node IBGP XMPP Compute   Node   (Virtual  Router) 14 Control   Node BGP,  NETCONF Gateway   Node   (MX,  EX/QFX,  ...) Copyright © 2013 Juniper Networks, Inc. Service   Node   (SRX,  Firefly,  JSP,  ...)

×