Contrail Use Cases

USING OPENCONTRAIL TO SOLVE
REAL-WORLD USE CASES

Stuart Mackie
Contrail Solutions Group
November 2015
NETWORK/CLOUD TECHNOLOGY INTERCHANGE
Cloud Benefits
Network Technology
Overlay n etworking (MPLS/VXLAN)
Control p lane (BGP)
Network load b alancing (ECMP)
Technology
interchange
benefits cloud
and networks
Network Benefits
Service a gility
Self-service
On-demand
Elastic scaling
Software-defined n etworking
Network scale
Security
Resilience
Cloud Technology
Common x86 p latform
Shared service infrastructure
Service a utomation
CONTRAIL - BASED ON MPLS VPN TECHNOLOGY

L3 V PNs for Inter-Site Connectivity
Contrail V irtual Networks in Datacenters
Traffic segmentation in the WAN

MPLS over MPLS label encapsulation tunnels
BGP route signaling
Traffic segmentation in the LAN

MPLS over GRE or VXLAN label encapsulation tunnels
XMPP (with BGP payload) route signaling
OpenStack Cloud
Manager
Contrail
Controller
Route
Reflector
XMPP (BGP)
BGP
VM
Customer Site
Hypervisor with vRouter
Protocols,
Architecture
CE Router
PE Router
Server
Tenant VRF
Customer VRF
Encapsulation Tunnel
Encapsulation Tunnel
Provider Network
Datacenter
OpenStack
Network Management S ystem (NMS)
Config
Node
DMI
Route
Reflector
IBGP
Route
Reflector
Control
Node
IBGP
Analytics
Node
IBGP
Control
Node
SDN S ystem
XMPP
CE
PE
PE
MPLS over M PLS
MPLS L3VPN / E-VPN

4
CE
VM vRouter
Underlay
Switch
Contrail
Underlay
Switch
BGP
vRouter VM
MPLS over GRE or VXLAN
Gateway
SCALE OUT, HIGHLY AVAILABLE ARCHITECTURE

REST
HTTP
REST
Logically Centralized
Web UI
Nodes
(Physically Distributed)
Horizontally Scalable
Analytics
Nodes
Configuration
Nodes
Highly Available
(Active-Active)
IF-M AP
BGP
Control
Nodes
BGP
Federated
BGP, Netconf
XMPP
Database
Nodes
vRouters
Gateways
https://github.com/Juniper/contrail-controller/wiki/Roles-Daemons-P orts
FEDERATED DOMAINS
UNIFIED CONTROL PLANE ACROSS PHYSICAL/VIRTUAL NETWORKS

Cloud Management
Orchestration, OSS/BSS
OpenContrail
WAN Control/Mgmt
Config Node
NMS
Route
Reflector
BGP
BGP
Route
Reflector
Control
Node
BGP
Control
Node
XMPP
BGP
x86 Host + Hypervisor

PE
PE
PE
vRouter
x86 Host + Hypervisor
Underlay Switches
Public
Network
IP / MPLS VPN
6
vRouter
MPLSoGRE, MPLSoUDP,
VXLAN
CLOUD DC
OPENCONTRAIL OPENSOURCE APPROACH

(For more info visit www.opencontrail.org)
x
OpenContrail Advisory Board (OCAB)

Industry veterans and key project users/adopters
Governance, Evangelism, Roadmap, Operational efficiency
x
Open Source
(Users, Devs)
Customers
OpenContrail Developer Community

Majority Juniper, Some External developers
Proposing features & Contribute Code
Participate in Code review process
Bugs,
Design Blueprints
Features & Bug fixes
Launchpad
Continuous Integration/Dev elopment

Single Github
Source Code
Repository
Community Release
Community Support
(Email, IRC, Forums)
OpenContrail Community Release
Juniper Contrail Releases

Hardened for Production
Licensed Software
24x7 JTAC & Engineering
Bug Fix Release
CONTRAIL - KEY FEATURES
Routing & Switching

(IPv4, v6)
IPAM, DNS, DHCP

SNAT, FIP, QoS
Load Balancing
Security Policy Enf.,

Distributed FW
3rd Party Netw. Svc.
Gateway Services
(L2, L3 GW)
Rich Analytics,
Overlay-Underlay
Correlation
Service Chaining
High Availability
API Services
PHYSICAL
(Distrib. Policy Enforcement)
LOGICAL
(Centralized P olicy Defn)
FEATURE: DISTRIBUTED SECURITY POLICY
Contrail Security Policy

(Firewall-like e.g. allow
only HTTP traffic)
VIRTUAL
NETWORK
GREEN
G1
G2
G3
Non-HTTP
traffic
Contrail Policy
with a Firewall
Service
VIRTUAL
NETWORK
BLUE
B1
B2
B3
VIRTUAL
NETWORK
YELLOW
Y1
Y2
Y3
Inter-network traffic traversing a service
Intra-network
traffic
VM and virtualized Network

function pool
G1
B3
Y1
G3
B1
Host + Hypervisor
IP fabric
(switch underlay)
G2
B2
Y2
Y3
Host + Hypervisor
FEATURE: SERVICE CHAINING

LOGICAL
SVC 1 VM
Virtual Network
Red
L3
L4
L5
R1
R2
G1
G2
L1
L2
L7
L8
Allows multiple S ervices in a c hain

Allows multiple s ervice c hains between v irtual
networks
Supports L3 s ervices without the use of a
gateway
X86 Servers
RI for non-svc-chain traffic
Routing Instances
SVC 1 VM
SVC 2 VM
G1
R2
R1
PHYSICAL
Virtual Network
Green
L6
Locally significant MPLS Labels
Interf = VIF 1
Label = L1
L3
VIF 2
L2
L4
G2
Interface = VIF 3
Label = L7
L6
L5
Server IP =
S2
Srvr IP =
S1
10
Seamless insertion of J uniper & unmodified

3 rd Party s ervices using e xisting L3VPN
connections
SVC 2 VM
VIF 4
L8
Srvr IP =
S4
Srvr IP =
S3
Dst
Next Hop
Dst
Next Hop
Dst
Next Hop
Dst
Next Hop
Dst
Next Hop
Dst
Next Hop
G1
S2 L3
R1
S1 L1
G1
S3 L5
R1
S2 L4
G1
S4 L7
R1
S3 L6
G2
S2 L3
S1 L2
G2
S3 L5
R2
S2 L4
G2
S4 L8
R2
S3 L6
R1
VIF 1
G1
VIF 3
R2
VIF 2
G2
VIF 4
R2
IP Fabric
FEATURE: ANALYTICS
11
FEATURE: UNDERLAY-OVERLAY CORRELATION
Visual representation o f
topology (discovered
using L LDP)
What u nderlay p ath a re

taken b y flows (active o r
historical)
Delails of V Ms,
vRouters, a nd u nderlay
components
Details o f a ctive flows

Ability to show h istorical
flows as well
12
CUSTOMER USE-CASES
13
CONTRAIL CUSTOMERS & USE-CASES

1. Greenfield Cloud Services
SaaS or IT-as-a-Service Customers:
Large SaaS (HCM Software) Enterprise (US)
Large Security Enterprise (US)
CloudWatt
Social Networking Software Enterprise (US)
US-based Gaming Enterprise
Large Industrial Internet Enterprise (US)

Description / High-Level Requirements (HLR)
Launch VMs, Containers into Virtual Networks
with IPAM, DNS, DHCP.
Connect the VNs with Security Policies
Use VNFs using Service Chaining
Application launch automation like Heat
(Openstack) or Kubernetes (for Containers)
Orchestration Systems
OpenStack, VMware, Docker
14
2. Enterprise Migration
BMaaS and Legacy Interconnect Customers:
Large APAC based Telco
Large US-based Telco
Juniper IT

Description / HLR
Dynamically connect BMSs (or VMs)
hanging from TORs into Virtual Networks
(VXLAN)
Provide L3 Gateway to the Virtual Networks
Drive entire provisioning through API
Provide underlay-overlay correlation
Not Relevant
3. Managed SP (NFV / SD-WAN)

Telco Cloud, SDWAN, NFV Customers:
NTT I3 ESI
US-Based Tier-1 Telco
APAC based Telco
EMEA Based Tier-1 Telco

Description / HLR
Dynamically insert VNFs on a Customer
Premises Equipment
Dynamically insert VNFs in Mobility DCs to
enable virtual EPC, etc.
Service Chaining of different services (L2, L3,
PNF)
Automated orchestration of customer driven
services
NFV USE-CASE: XCPE

SOLUTION REQUIREMENTS
1. Initial Provisioning Once t he CPE device c omes up it c alls home, gets info on which DC/POP to connect t o, establishes a s ecure c onnection t o t he PoP.
Contrail Controller running in t he DC/POP, manages/provisions t he CPE device, assigns I P, etc., t hrough OpenStack heat t emplates
2. CPE Device is j ust as another compute node vRouter in the CPE device, and t he DC compute nodes
a. Service Chaining: Enable services t o be c hained on the CPE as well as t he ones in the DC. (Note that f or t he CPE device which cannot run v Router in the
data plane, vRouter agent could be running in the user s pace and programming the data plane for f orwarding.)
b. Analytics: Granular flow statistics information is c ommunicated back t o t he Controller (analytics node) from t he v Router (both f rom CPE & t he DC compute
nodes)
3. Centralized Portal Policy (heat t emplates) definition + Monitoring, diagnostics, analytics (aggregates s tatistics info across all POPs/DCs)
4. Internet Connectivity to t he c ustomer environment is provided from the DC or directly f rom t he CPE device (through s plit t unneling)
2a On P remise Services
Management & P rovisioning

2b
Secure Connection over

Internet or access network
CUSTOMER SITE
15
Analytics
L3VPN or Expensive Link
Hypervisor
CPE Device
(compute node)
Multiple LAN Interfaces

(wired / wireless)
Centralized Operator Portal (management/pr ovisioning +

monitoring + Billing) + Customer Self Care Portal
Internet A ccess /
Connectivity
INTERNET / CUSTOMERs
OWN ACCESS NW
2a Services & Service Chaining o n

a Contrail Cloud Cluster
POP
CONTRAIL ARCHITECTURE
CPE IS NOTHING BUT A COMPUTE NODE
ORCHESTRATOR
Network orchestration
CONTRAIL
CONTROLLER
CUSTOMER SITE
DC / POP SITE
vRouter
Linux Host + Hypervisor
Physical IP Fabric
(no changes)
vRouter
Linux Host Hypervisor
16
XCPE: PUBLIC CUSTOMER ENGAGEMENTS

ESI, a n infrastructure for NFV-enabled e nterprise n etworking, leverages
Juniper Networks Contrail Cloud P latform, a n OpenStack-based cloud
orchestration p latform
Press Release: h ttp://www.ntti3.com/blog//ntt-i3-introduces-elastic-
service-infrastructure-to-enable-the-cloud-ready-enterprise
Orange B usiness S ervices h as revealed d etails o f a n ew o ffering for

small and midsized b usinesses (SMBs) that makes u se o f S DN a nd
NFV technologies a nd is d ue to b ecome a vailable u nder the
EasyConnect b rand.
In the News: h ttp://www.lightreading.com/nfv/orange-unveils-nfv-
based-offering-for-smbs/d/d-id/714503
17
USE-CASE: ELASTIC SERVICE INFRASTRUCTURE

ENTERPRISE BRANCH NETWORKING AUTOMATION
Customer Needs
Solution Description
Scale-out a nd on-demand security a nd c onnectivity s ervices to
business c ustomers with light-weight device a t c ustomer
premise
Multi-tenant LBaaS, FWaaS, WanOpt-aaS capability

Reduced TCO from low-cost CPE devices, ( cust support c osts)
Improved agility in introducing new (& upgrading existing) s ervices
Self-care portal for s ervice enablement
Flexible Service Chaining

Service Catalog / Marketplace with choice of s ervices
Service Chaining of Security and Network services
Services run in POP or customer premises (ESE)
APIs integration with self-service portal
Central management, monitoring, t roubleshooting

ESI Controller manages & monitors the environment
centrally
OpenStack Heat to c reate s ervice t emplates
Open, interoperable Carrier-grade SDN Platform

OpenContrail - scalable, performant & available SDN
platform
MARKET PLACE
VNFs
ESI
Controller
COTS HW (X86, ARM, )
Internet
ESE
ESE
ESI POP
ESE
ESE
Software
Defined WAN
(L3VPN)
ESE
Customer
Branch
ESE
ESE
Customer
DC
18
SDN / NFV Software Stack
ESE
ESE
ESI POP
(NTT DC)
ESI POP
BGP & other s tandards-based protocol f or interoperability

ESE
Customer
HQ
Customer
Premise
Software Defined WAN

Built on top of t he Internet, using s ecure c onnection f or data
and control t raffic
Integrates with existing L3VPN (wherever applicable)
USE-CASE: ENTERPRISE NFV SERVICE

Customer Needs
Multi-tenant V PNaaS, FWaaS, WanOpt-aaS capability

Reduced TCO from low-cost CPE d evices, a nd reduced customer
support costs
Improved a gility in introducing n ew (& u pgrading e xisting) services
Self-care p ortal for service e nablement
Contrail /
OpenStack
2 Multi-tenant services for b usiness customers

1
VCPE
VCPE
Separate V NF instance for separate customers

Traffic segregation b etween customers u sing virtual n etworks
Overlapping a ddress space for tenants
3
VPN IP/MPLS
Basic
CE
PE
3 Contrails robust L 3VPN o verlay a rchitecture

PE
Basic
CE
Seamless integration with S Ps e xisting L 3VPN o ffering

Integrates with e xisting / legacy u nderlay n etworks
4 Integration with MX (PE)

Internet
19
Scale-out a nd on-demand security a nd c onnectivity s ervices to

business c ustomers with light-weight device a t c ustomer
premise
1 Contrail e nabling Service Chaining o n the vCPE
Security a nd connectivity services chained a t the P E
Svcs co-located with P E (no n eed for separate S P svc DC)
APIs integration with self-care p ortal
Dynamic traffic steering to services, u sing standards-based

approach (via service p olicies)
Anchor p oint for service chains
USE-CASE: VIRTUALIZED MOBILITY / TELCO CLOUD

Customer Needs
Reduce o perational a nd capital costs to run svcs in mobile core

Simplify management o f mobile p acket core functions
Reduce p rofessional services e xpenses in customizing n etwork
Ensure interoperability b etween d ifferent E PC functions
Independent scale-out o f 2 G a nd 3 G d ata p ath
Charging, Policy
Control
3
Contrail / Openstack
SGSN / MME
VNF
Contrail SW offers a robust & resilient NFV platform for the

mobile packet c ore functions
1 NFV Platform (Contrail)
Modern L 3-overlay b ased n etwork b uilt for scale,

resiliency, a utomation
Virtualized 3 rd party vEPC network functions
2 Reduced TCO * (Contrail)
Standard X 86 h ardware, a nd o pen-source h ypervisor

/orchestration systems
Better resource u tilization through a utomated service scale-out
3 Simplified Management = operational e fficiency

Radio
Access
Network
Internet
2
S / P -GW
MX
20
Contrail & OpenStack u sed to centrally p rovision n etwork

elements
4 Integration with MX
Programmatic traffic steering o n MX from the V NF

MX as a nchor-point for service chain
* According to a recent ACG research, the estimated cost reduction is 53%
USE-CASE: MULTI- DC (DISTRIBUTED CLOUD)

VIRTUAL NETWORK BLUE
(Spans multiple Cloud E nvironments)
LOGICAL
VIRTUAL NETWORK GREEN

(Spans multiple Cloud E nvironments)
VMs in DC 1
G
1
VMs in DC 2
G
2
G
3
Network Policy to
control traffic
between virtual
networks
B1
G
4
Intra-network Traffic
B2
VMs in DC 2
B3
B4
Intra-Network Traffic
1. Direct Controller Federation of Control traffic
DC1 VIRTUAL PRIVATE CLOUD
DC2 TELCO CLOUD

BGP
BGP
VRF
(RT2)
21
VRF
(RT1)
2. Gateway (MX) based Federation of Control Traffic
VRF
(RT2)
PHYSICAL
VMs in DC 1
Virtual Networks spanning multiple

cloud e nvironments (DCs)
Security P olicies can span multiple
remote d ata centers
Multiple ways to federate control p lane
traffic (directly through Controller o r
Through MX)
G
1
R1
B1
G
2
R2
B2
VRF
(RT1)
WAN
GW
WAN
GW
IP / MPLS VPN
EVPN
G
3
G
4
R3
B3
R4
B4

CloudWatt

22
2. Enterprise Migration
Juniper IT

Description / HLR
(VXLAN)
Not Relevant

NTT I3 ESI
APAC based Telco

Description / HLR
Premises Equipment
PNF)
services
USE-CASE: BMS INTEGRATION

HYBRID, MULTI-VENDOR DC
TOR Control Agent (to handle DHCP, DNS)
Redundant pair of L3 Gateway (MX)
Contrail Controller
Netconf Client used to configure J uniper

Network elements
Existing Contrail
controller extended to
support NetConf
OVSDB Client talks XMPP northbound, &

OVSDB southbound to the TORs
EVPN + XMPP
Control = L3VPN / EVPN

Config = Netconf (XMPP in future requires vRouter Agent on MX)
OVSDB
TOR Service Node

(TSN) Extension to
controller to support
OVSDB
E(L3)VPN + Netconf
Hybrid Rack with White box TOR
VXLAN Tunnels
VXLAN Tunnels
BMS Rack with QFX TOR
23
Control & Config = OVSDB
VLAN Green
VLAN Red
Control & Config = OVSDB
Contrail Overlay Rack with QFX TOR
USE-CASE: BMS INTEGRATION

PHYSICAL
LOGICAL
Config using XMPP / Netconf
VM1
Control using EVPN (BGP) for QFX

Config using OVS-DB/XMPP / Netconf
VXLAN
Tunnels
VM2
Intra-VN traffic from VM to

BMS goes through the TOR.
Green
Top of Rack Switch
Virtual
Network
Virtual
Network
VM3
VLAN
Green
VM1
VM2
VM4
WAN /
Internet
L3 GW
VM3
VM5
Bare Metal
Server
For traffic from VM in overlay

to non-overlay VMs or BMS,
traffic needs to go through the
L3 GW
Contrail enables Legacy VLAN based

architecture interconnecting with a Cloud
architecture
Does not need a gateway when going from
one VN to another on the Contrail overlay
Virtual Machines on
any Hypervisor
24
Contrail allows inter-VN traffic

in the overlay without having to
go through the L3 GW
Control using BGP (L3VPN / E VPN)
L3 GW
VM4
VLAN
Blue
VM5
Blue
Network Orchestration
Compute Orchestration
Admin UI Interaction
USE-CASE: VCENTER INTEGRATION

vCenter
Operator
Operator
OPTION 1 :
OPTION 2 :
OpenStack
with ESXi
(Currently
Supported)
vSphere with
Contrail
(currently
supported)
XMPP
Nova Compute
KVM Host
ESXi Host
ESXi Host
Nova
Compute
Operator
OPTION 3 :
vCenter
vCenter a s a
Compute
XMPP
XMPP
vCenter
Operator
OPTION 4 :
vCenter with
L2/L3
Gateway
XMPP
OVSDB
ESXi Host
KVM Host
KVM Host
ESXi Host
VXLAN
L2 / L3 GW
VLAN
25

CloudWatt

26
2. Enterprise Migration (BMaaS)

Juniper IT

Description / HLR
(VXLAN)
Not Relevant

NTT I3 ESI
APAC based Telco

Description / HLR
Premises Equipment
PNF)
services
USE-CASE: PUBLIC CLOUD / IT CLOUD

Customer Needs
IaaS p ublic cloud a nd IT cloud

Multi-tenancy
On-demand resource a llocation
Automated n etwork & security p olicy configuration / e nforcement
Self-service p rovisioning capability
Role b ased a ccess control (RBAC)
Self Service
Provisioning
3
TENANT A
Modern Virtualized Data Center
1
2
1 Contrail o verlay o n L 3 u nderlay
Pure L 3 routing in u nderlay implying interoperability with legacy

underlay
CLOS-based n etwork a rchitecture p rovides resilient IP fabric
2 Scalable a nd Distributed a rchitecture
Scale-out a pproach for control a nd forwarding p lane

Distributed security, b ased o n tenant/virtual n etwork b oundary
Efficient live migration o f V Ms
Distributed a nd scale-out storage
TENANT B
Contrail enabling a c loud infrastructure based on a modern

virtualized data c enter for public IaaS cloud a nd private IT cloud
Contrail /
Openstack
3 Secure, multi-tenant e nvironment
Inter-network traffic subject to security p olicies with/without

additional security services
Tenants with o verlapping a ddress space
RBAC using Openstack K eystone
4 MX router b ased g ateway
Interconnect p ublic internet & L 3VPN capability
27
USE-CASE: OPENSTACK PUBLIC CLOUD

CUSTOMER PORTAL / USER FRONT-END
User
Image Catalog
Dashboard
Templates
END-USER APPS
File Cloud
Ticketing
CRM
APIs
INFRASTRUCTURE / OPENSTACK / CONTRAIL
KVM
Bare Metal
LXC
ESXi
COMPUTE
Contrail
NETWORK
Ceph
NFS
Glance,
Swift, Cinder
STORAGE
IDENTITY
(Keystone)
METERING
(Ceilometer)
RACKS OF SERVERS
Source: CloudWatt
28
EVENTS
BI
Monitoring
ALARMS
Rating
DevOps
Billing
Capacity
Planning
USE-CASE: ENTERPRISE PRIVATE CLOUD (HADOOP)

Customer Needs
Secure, multi-tenant p rivate cloud e nvironment

On-demand creation a nd d ynamic scale-out o f custom services
Rapid, seamless d eployment o f n ew services to internal u sers
Hadoop support: massive storage, o n-demand d ata ingest,
real-time stream p rocessing, DB-as-a-Service (NoSQL / S QL)
As-a-service model for network functions (LB-aaS, DNS-aaS)
A10
Dynamically scaled
application edge
SRX
Openstack Racks Infra Racks Big Data Racks
29
Pure L 3 routing in u nderlay to the top o f rack switch

CLOS-based n etwork a rchitecture to p rovide h igh-
bandwidth capacity b etween compute n odes
Virtualized (compute) a nd b are metal (Hadoop) servers
MX as a g ateway router to Interconnect p ublic internet &

L3VPN capability
SRX u sed a s a firewall
3 Centralized security p olicy d efinition, d istributed e nforcement
Contrail /
Openstack
1 Contrail o verlay o n L 3 u nderlay
2 Juniper MX / SRX
MX GW
Contrail enabling a private c loud infrastructure for Big Data

application development a nd deployment
API-based p olicy d efinition

Security p olicy a t virtual network level a nd V M level
4 Self-provisioned service / a pp d eployment

Scale-out Big Data Apps
Controlled migration o f a pps from d evelopment to p roduction

clouds
Seamless integration o f n ew features / a pps
USE-CASE: CONTAINER NETWORKING

Docker E ngine container comprises just the
application a nd its d ependencies.
Contrail Security
Policy betw VNs
LOGICAL
Green V irtual
Network
C1
PHYSICAL
C1
VM1
C2
C2
C3
C3
Docker E ngine
Linux Host running vRouter
30
C4
Runs a s a n isolated p rocess in u ser-space o n the

host OS,
Blue V irtual
Network
C4
Resource isolation a nd a llocation b enefits o f V Ms

but is much more p ortable a nd e fficient
VM4
KVM a nd Docker E nvironment can work together

VMs and containers can b e p art o f the same virtual
network
Containers Apps + binaries/libs
IP fabric
(switch underlay)
VM1
VM2
Linux + KVM Host
USE-CASE: HYBRID CLOUD

Customer Needs
Transparent workload migration from o n-prem to cloud (cloud

bursting)
as-a-service model for n etwork/security functions (VPNaaS,
LBaaS, FWaaS, e tc.)
Seamless p olicy creation a nd service insertion
Automated management a nd real-time monitoring
OSS / BSS Integration
1 Abstraction a nd a utomation through Contrail APIs
Infra A PIs to implement n etwork p olicies

Analytics A PIs for n etwork / a pp monitoring
Allows for integration with OSS/BSS
Uniform A PIs for on-prem a nd cloud o rchestration
2 Rapid a nd seamless insertion o f u nmodified virtualized services
Contrail / Openstack
to o ffer -aaS model for V NFs
3 Interconnect b etween p rivate a nd p ublic cloud (Contrail)
ENTERPRISE
Using Contrail to offer Hybrid c loud to enable a utomated

migration of workload from on-premise to cloud
IP VPN
Virtual n etworks spanning DC a nd p ublic cloud (VPCs)

Simplified mgmt through p otential Integration with 3 rd party
CMPs (Cloud Mgmt Platforms)
4 P+V Integration (using L 2 / L 3 GW services)

Internet
31
Public Cloud
2
P + V DATA CENTER
(BMaaS + IaaS)
Use of virtualized services a nd a ppliance b ased services

VMs and B are metal servers within same virtual network
VNF VALIDATION PROGRAM FOR OPENCONTRAIL

Launching in response to customer and VNF vendor interest
Certification Basics
Tier
Functional
Validation
Silver
Gold
Platinum
32
Performance
Benchmarks
Customizing and
API Integration
CONTRAIL DEMO VIDEOS

PRODUCT CAPABILTIIES - DEMO VIDEOS
Bare Metal Integration through multi-vendor TOR integration https://www.youtube.com/watch?v=PjkNt0yV3H0
IPv6 DVR (Distributed Virtual Router) https://www.youtube.com/watch?v=RLO0uIXbDxo
OpenStack Neutron a t Scale https://www.youtube.com/watch?v=xN0rXHD_dqk
P + V S ervice Chaining https://www.youtube.com/watch?v=a9HqC9x6KTg
Multi-hypervisor, Docker Integration https://www.youtube.com/watch?v=x2n5Q_ycx6o
vRouter DPDK Demo https://www.youtube.com/watch?v=ZGiQJrKoDQM
Physical + Overlay Correlation https://www.youtube.com/watch?v=B8aHoY1Zs
USE CASE - DEMO VIDEOS
DDoS Protection (Contrail + DDoS Secure) http://www.youtube.com/watch?v=TnvCea4fil4
NFV through Contrail (this is the Internet / Firewall NFV a ka. v CPE) http://www.youtube.com/watch?v=_64no8P2vUw
Contrail - Elastic c loud - IT as a S ervice http://www.youtube.com/watch?v=9g3EWV8X64s
SSLVPN on Contrail http://www.youtube.com/watch?v=vfZfdH4kkV4
Caching a s a S ervice (Junos Content Encore on Contrail https://www.youtube.com/watch?v=-_NtC34wcRw
Hybrid Cloud https://www.youtube.com/watch?v=uC7nMW5PXdg
33
Demo Today. 1:25
FINAL THOUGHTS
34
blah blah blah
blah blah blah
blah blah blah
blah blah blah
35

Contrail Use Cases

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Contrail Use Cases

Uploaded by

Copyright:

Available Formats

USING OPENCONTRAIL TO SOLVE

REAL-WORLD USE CASES

NETWORK/CLOUD TECHNOLOGY INTERCHANGE

CONTRAIL - BASED ON MPLS VPN TECHNOLOGY

Contrail V irtual Networks in Datacenters

Traffic segmentation in the WAN

Traffic segmentation in the LAN

Hypervisor with vRouter

MPLS L3VPN / E-VPN

SCALE OUT, HIGHLY AVAILABLE ARCHITECTURE

UNIFIED CONTROL PLANE ACROSS PHYSICAL/VIRTUAL NETWORKS

x86 Host + Hypervisor

x86 Host + Hypervisor

OPENCONTRAIL OPENSOURCE APPROACH

OpenContrail Advisory Board (OCAB)

OpenContrail Developer Community

Continuous Integration/Dev elopment

OpenContrail Community Release

Juniper Contrail Releases

Bug Fix Release

CONTRAIL - KEY FEATURES

Routing & Switching

IPAM, DNS, DHCP

Security Policy Enf.,

3rd Party Netw. Svc.

FEATURE: DISTRIBUTED SECURITY POLICY

Contrail Security Policy

Inter-network traffic traversing a service

VM and virtualized Network

FEATURE: SERVICE CHAINING

Allows multiple S ervices in a c hain

RI for non-svc-chain traffic

Locally significant MPLS Labels

Seamless insertion of J uniper & unmodified

FEATURE: UNDERLAY-OVERLAY CORRELATION

What u nderlay p ath a re

Details o f a ctive flows

CONTRAIL CUSTOMERS & USE-CASES

3. Managed SP (NFV / SD-WAN)

NFV USE-CASE: XCPE

Management & P rovisioning

Secure Connection over

Multiple LAN Interfaces

Centralized Operator Portal (management/pr ovisioning +

2a Services & Service Chaining o n

XCPE: PUBLIC CUSTOMER ENGAGEMENTS

Orange B usiness S ervices h as revealed d etails o f a n ew o ffering for

USE-CASE: ELASTIC SERVICE INFRASTRUCTURE

Multi-tenant LBaaS, FWaaS, WanOpt-aaS capability

Flexible Service Chaining

Central management, monitoring, t roubleshooting

Open, interoperable Carrier-grade SDN Platform

COTS HW (X86, ARM, )

SDN / NFV Software Stack

BGP & other s tandards-based protocol f or interoperability

Software Defined WAN

USE-CASE: ENTERPRISE NFV SERVICE

Multi-tenant V PNaaS, FWaaS, WanOpt-aaS capability

2 Multi-tenant services for b usiness customers

Separate V NF instance for separate customers

3 Contrails robust L 3VPN o verlay a rchitecture

Seamless integration with S Ps e xisting L 3VPN o ffering

4 Integration with MX (PE)

Scale-out a nd on-demand security a nd c onnectivity s ervices to