SlideShare a Scribd company logo

PLNOG 13: Nicolai van der Smagt: SDN

PROIDEA
PROIDEA

Nicolai van der Smagt has been in the business of designing, implementing and running SP networks for over 15 years. He has worked with DOCSIS, DSL and FTTH operators. Nowadays, Nicolai is helping Infradata’s pan-European customers build better access, aggregation and core networks, but his focus is on the data center, SDN, NFV and the whitebox switching revolution. His motto: “Simplicity is sophistication”. Topic of Presentation: SDN Language: English Abstract: Open source SDN that actually works -​today OpenContrail is an open source (Apache 2.0 licensed) project that provides network virtualization in the data center, using tried and tested open standards. It provides northbound APIs, integrates in Openstack or Cloudstack and is available today! In this slot we’ll show you the architecture and ideas behind the technology and how OpenContrail enables you to avoid the pitfalls that other (closed) SDN solutions bring. If time permits we’ll also demo the technology.

Internet
1 of 35
Download to read offline
Open Contrail network virtualiza2on Nicolai van der Smagt Solu2ons Architect September 2014
Nicolai van der who?! ˥ Nicolai van der Smagt: ˥ Solu2ons Architect @ Infradata ˥ Focus on datacenter architecture ˥ GeJng old: 15 years of experience building and maintaining SP networks Contact: nicolai@infradata.eu InfraInnovaData @ TwiRer Vandersmagt @ Linkedin
SDN > Network Virtualiza2on ˥ This presenta2on is about network virtualiza2on soVware ˥ SDN is an overly broad and excessively hyped term, it can mean anything to anybody ˥ Let’s avoid the S-­‐acronym for the rest of the session ˥ Let’s talk about actual, deployable technology
Network virtualiza2on? ˥ Helps achieve beRer scalability ˥ Enables automa2on / “agility” ˥ Improves and streamlines network security ˥ Reduces cost ˥ Like MPLS for the datacenter, or “poor man’s” MPLS ˥ Enables the underlaying network to be simple
Average DC – L2/VLAN-­‐based Designed for north <-­‐> south traffic L2/L3 L2/L3 L3 L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch L2/L3 L2/L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch Mul2-­‐Chassis LAG TRUNK VMs ToR ToR Servers
Average DC – Limited VLAN span L2/L3 L2/L3 L3 L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch L2/L3 L2/L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch Mul2-­‐Chassis LAG TRUNK Rou2ng & Filtering between VLANs VLAN Span Limit ToR ToR Rou2ng & Filtering between VLANs FW No VLANs Across L3 LB FW LB
Average DC – No built-­‐in mul2-­‐tenancy L2/L3 L2/L3 L3 L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch L2/L3 L2/L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch Mul2-­‐Chassis LAG TRUNK VLAN Span Limit VMs ToR ToR FW LB FW LB Single Rou2ng Table (No support for overlapping mul2-­‐tenant space)
Cloud DC – L3 ECMP Clos network Designed for east-­‐west and north-­‐south traffic L3 L3 L2-­‐SW L3 ToR L3 ToR L3 ToR L3 ToR L3 L3 L3 L3 L3 External Network L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW Servers
Average DC – Mul2-­‐tenancy using VRF L2/L3 -­‐MPLS L3-­‐MPLS L2 L2 L2 L2 L2 L2 FW LB L2 Switch L2 Switch L3-­‐MPLS L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch Mul2-­‐Chassis LAG TRUNK VLAN Span Limit ToR ToR VRF for mul2-­‐tenant isola2on Tenant-­‐VRF Tenant-­‐VRF L2/L3 -­‐MPLS L2/L3 -­‐MPLS L2/L3 -­‐MPLS MPLS – Enabled links FW LB FW LB FW LB FW LB FW LB Tenant Specific HW Appliance Services
Cloud DC – Opencontrail L2/L3 overlay L3## L3## L2/L3## L2/L3## ## L3#ToR# L3## L2/L3## L2/L3## L2/L3## ## L3#ToR# L2/L3## L2/L3## L2/L3## =#mul12tenant#VRF## Hypervisor*vRouter*handles*L2/L3* Hypervisor*vRouter*performs*NAT* ## L3#ToR# L2/L3## L2/L3## L2/L3## ## L3#ToR# L2/L3## L3## L3## L3## L3## vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# # # Service#Inser1on# Service#Inser1on# External Network Servers#
Opencontrail?! ˥ Network virtualiza2on soVware ˥ Provides a tunneled overlay network over any datacenter infrastructure ˥ Tunnels can be L3 (GRE, UDP) or L2 (VXLAN) ˥ Tunnels interconnect not just hypervisors, but also bare-­‐metal machines and/or network infrastructure (routers, ToR) ˥ Consists of a virtual router component in the hypervisor (vRouter) and centralized control plane (control, configura2on and analy2cs)
Standards-­‐based ˥ Opencontrail is fully programmable via RESTful API ˥ Northbound network gateway func2onality is based on well-­‐known and proven protocols and encaps, such as BGP/MPLS (L3VPN or EVPN) and GRE, UDP or VXLAN ˥ Southbound interface (to hypervisor) based on XMPP ˥ No constraints on the underlay physical network Overall architecture § IETF NVO3 WG § ETSI NFV ISG Overlay control plane protocols: § XMPP: RFC 6120, dra1-­‐marques-­‐l3vpn-­‐end-­‐system § BGP L3VPN: RFC 4364 § BGP EVPN: dra1-­‐ie@-­‐l2vpn-­‐evpn § NetConf: RFC 6241 Overlay data plane encapsula2on: § MPLS over GRE: RFC 4797 § VXLAN: dra1-­‐mahalingam-­‐duE-­‐dcops-­‐vxlan Underlay control plane protocols: Exis2ng layer-­‐2 or layer-­‐3 protocols
Open Source ˥ Apache 2.0-­‐licensed; permissive open-­‐source with reten2on of copyright ˥ “Redhat model”: support and packaging available from Juniper Networks, if required. ˥ Juniper provides resources and core developers, but the project is open for other developers, reviewers and bug-­‐squashers ˥ Code-­‐review “based on technical merit only”. No poli2cs. ˥ Available today, wai2ng for you to download and play
Opencontrail technical architecture SDN Controller Configura2on Analy2cs Control Server VM VM VM Server IP fabric VM VM VM (underlay network) Tenant VMs Any underlay network Any gateway router BGP Clustering Contrail Controller KVM or Xen Hypervisor + Contrail vRouter (L2 & L3) REST XMPP Orchestrator XMPP BGP + Netconf MPLS over GRE/UDP or VXLAN
Opencontrail provides: mul2-­‐tenancy L3 Network L2 Network L2 Network L3 router L2 Network Physical Topology Logical Topology
Mul2-­‐tenancy – step 1
Mul2-­‐tenancy – step 2
Mul2-­‐tenancy – result
Opencontrail provides: gateway func2ons A B A C Data Center 1 Internet WAN D B A D Data Center 2 Tenant VPN Gateway Router Gateway Gateway Switch Non Virtualized Server
Opencontrail is based on MPLS VPN technology Route Reflector Route Reflector PE P P PE CE CE Control Node Control Node Underlay Switch vRouter Underlay Switch VM VM VM VM VM vRouter VM IBGP IBGP IBGP XMPP MPLS over MPLS MPLS over GRE or VXLAN Network Management System (NMS) DMI Config Node Orchestrator Analy2cs Node SDN System MPLS L3VPN / E-­‐VPN Opencontrail
L3VPN gateway: Virtual network view
Physical network view
Opencontrail provides: service chaining/NFV Tenant FW LB Network A Internet Tenant NAT Network A Tenant Network B FW Tenant Network A1 Tenant Network A2 FW
Service chaining Green Virtual Network VM VM VM Red Virtual Network VM VM VM NAT + DPI + Cache + Firewall Virtual Service DPI Policy only HTTP Virtual Service Cache Physical Service Firewall Policy based applica2on of virtual and physical services with scale-­‐out. Firewall, Intrusion Preven3on, Load balancer, Cache, WAN op3mizer, proxy, ...
Service Chaining: Create Opencontrail service
Service chaining: Create Opencontrail policy
Service chaining: Apply policy to networks
Service chaining: Openstack topology result
No VM IP informa2on in the Underlay Network Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Leaf Switch Leaf Switch Leaf Switch Leaf Switch BGP Leaf Switch Leaf Switch Leaf Switch Leaf Switch Spine Switch Spine Switch Spine Switch Gateway Router Gateway Router Control Node Config Node (Openstack) (Cloudstack) Analy2cs Node WebUI Node Control Node Config Node (Openstack) (Cloudstack) Analy2cs Node WebUI Node Network L3 L2, L3 OSPF or BGP L3 ECMP Op2onal Redundancy Compute & Storage Rack Compute & Storage Rack Orchestra2on & Services Racks Contrail in the physical datacenter
High availability – scale-­‐out REST Configura2on Nodes Control Nodes Analy2cs Nodes IF-­‐MAP REST XMPP BGP BGP BGP, Netconf vRouters Gateways Designed to deal with failures Logically Centralized (Physically Distributed) Horizontally Scalable Highly Available (Ac3ve-­‐Ac3ve) Federated
Opencontrail network security ˥ Policies create distributed security for virtual and physical workloads ˥ Policies enable micro-­‐segmenta2on ˥ Without an explicit policy, traffic is denied by default ˥ Service chaining enables distribu2on of addi2onal network security (such as DDoS mi2ga2on, WAF or applica2on layer firewalling)
Orchestra2on op2ons Cloudstack, CCP OCS Openstack Miran2s Openstack, Fuel Redhat Openstack (RHOS) UnitedStack Openstack SmartCloud Orchestrator End of the year
Network virtualiza2on with Opencontrail ˥ Scalability ˥ Upgrade from just 4000 to much higher scale of tenant networks ˥ Automa2on / “Agility” ˥ Spin up/down resources based on demand ˥ Scale-­‐out instead of scale-­‐up ˥ Automa2c configura2on / DevOps for the network ˥ Network security ˥ Micro-­‐segmenta2on (smaller networks with more fine-­‐grained access controls) ˥ Policy-­‐driven framework (with default-­‐deny) ˥ Reduced cost ˥ NFV = Virtual network devices instead of expensive hardware ˥ Clos = white label switches instead of more expensive infrastructure ˥ Opencontrail soVware available free of charge
Devstack + Opencontrail in-­‐a-­‐box setup For the developers in the audience: 1 Install some packages (git-­‐core, ant, build-­‐essen2al, pkg-­‐config 2 Download DevStack (git clone git@github.com:/dse2a/devstack.git) 3 Edit localrc (set PHYSICAL_INTERFACE) 4 Run stack.sh 5 You’ll end up with Openstack glance, nova, horizon, keystone and cinder, with Opencontrail (as a Quantum plugin), ready for use 6 ? 7 Profit!
nicolai@infradata.eu @infrainnovadata

Recommended

Accelerating SDN Applications with Open Source Network Overlays
Accelerating SDN Applications with Open Source Network OverlaysAccelerating SDN Applications with Open Source Network Overlays
Accelerating SDN Applications with Open Source Network OverlaysCumulus Networks
 
SDN Controller
SDN ControllerSDN Controller
SDN Controllertcp cloud
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalKwonSun Bae
 
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Jide Akintola JNCIE-M&T/SP #496 CCIE-SP#28552
 
MidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationMidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationAkhilesh Dhawan
 
OPNFV Service Function Chaining
OPNFV Service Function ChainingOPNFV Service Function Chaining
OPNFV Service Function ChainingOPNFV
 
The NFV, SDN & Wireless Network Infrastructure Market: 2015 - 2020 - Opportun...
The NFV, SDN & Wireless Network Infrastructure Market: 2015 - 2020 - Opportun...The NFV, SDN & Wireless Network Infrastructure Market: 2015 - 2020 - Opportun...
The NFV, SDN & Wireless Network Infrastructure Market: 2015 - 2020 - Opportun...LeeSam111
 

Recommended

Accelerating SDN Applications with Open Source Network Overlays
Accelerating SDN Applications with Open Source Network OverlaysAccelerating SDN Applications with Open Source Network Overlays
Accelerating SDN Applications with Open Source Network OverlaysCumulus Networks
 
SDN Controller
SDN ControllerSDN Controller
SDN Controllertcp cloud
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalKwonSun Bae
 
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Jide Akintola JNCIE-M&T/SP #496 CCIE-SP#28552
 
MidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationMidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationAkhilesh Dhawan
 
OPNFV Service Function Chaining
OPNFV Service Function ChainingOPNFV Service Function Chaining
OPNFV Service Function ChainingOPNFV
 
The NFV, SDN & Wireless Network Infrastructure Market: 2015 - 2020 - Opportun...
The NFV, SDN & Wireless Network Infrastructure Market: 2015 - 2020 - Opportun...The NFV, SDN & Wireless Network Infrastructure Market: 2015 - 2020 - Opportun...
The NFV, SDN & Wireless Network Infrastructure Market: 2015 - 2020 - Opportun...LeeSam111
 
Application & Data Center
Application & Data CenterApplication & Data Center
Application & Data CenterNetProtocol Xpert
 
PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PROIDEA
 
Designing Multi-tenant Data Centers Using EVPN
Designing Multi-tenant Data Centers Using EVPNDesigning Multi-tenant Data Centers Using EVPN
Designing Multi-tenant Data Centers Using EVPNAnas
 
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLANIndonesia Network Operators Group
 
Cto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnfCto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnfPaulo R
 
VXLAN Distributed Service Node
VXLAN Distributed Service NodeVXLAN Distributed Service Node
VXLAN Distributed Service NodeDavid Lapsley
 
ONIC Japan 2016 - Contrail アップデート
ONIC Japan 2016 - Contrail アップデートONIC Japan 2016 - Contrail アップデート
ONIC Japan 2016 - Contrail アップデートJuniper Networks (日本)
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNetMidoNet
 
The Juniper SDN Landscape
The Juniper SDN LandscapeThe Juniper SDN Landscape
The Juniper SDN LandscapeChris Jones
 
Cisco OTV 
Cisco OTV Cisco OTV 
Cisco OTV NetProtocol Xpert
 
L2 tp
L2 tpL2 tp
L2 tpRamya Chowdary
 
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PROIDEA
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 
SS7 over IP Brown Bag
SS7 over IP Brown BagSS7 over IP Brown Bag
SS7 over IP Brown BagStephanie Galloway-Williams
 
Extending the Life of your SS7 Network with SIGTRAN
Extending the Life of your SS7 Network with SIGTRANExtending the Life of your SS7 Network with SIGTRAN
Extending the Life of your SS7 Network with SIGTRANAlan Percy
 
MQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsMQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsBryan Boyd
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebula Project
 
Networking Fundamentals
Networking FundamentalsNetworking Fundamentals
Networking FundamentalsGayathri Kesavan
 
Low Latency Mobile Messaging using MQTT
Low Latency Mobile Messaging using MQTTLow Latency Mobile Messaging using MQTT
Low Latency Mobile Messaging using MQTTHenrik Sjöstrand
 
Contrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesContrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesJuniper Networks (日本)
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingThomas Graf
 

More Related Content

What's hot

PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PROIDEA
 
Designing Multi-tenant Data Centers Using EVPN
Designing Multi-tenant Data Centers Using EVPNDesigning Multi-tenant Data Centers Using EVPN
Designing Multi-tenant Data Centers Using EVPNAnas
 
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLANIndonesia Network Operators Group
 
Cto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnfCto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnfPaulo R
 
VXLAN Distributed Service Node
VXLAN Distributed Service NodeVXLAN Distributed Service Node
VXLAN Distributed Service NodeDavid Lapsley
 
ONIC Japan 2016 - Contrail アップデート
ONIC Japan 2016 - Contrail アップデートONIC Japan 2016 - Contrail アップデート
ONIC Japan 2016 - Contrail アップデートJuniper Networks (日本)
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNetMidoNet
 
The Juniper SDN Landscape
The Juniper SDN LandscapeThe Juniper SDN Landscape
The Juniper SDN LandscapeChris Jones
 
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PROIDEA
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 
Extending the Life of your SS7 Network with SIGTRAN
Extending the Life of your SS7 Network with SIGTRANExtending the Life of your SS7 Network with SIGTRAN
Extending the Life of your SS7 Network with SIGTRANAlan Percy
 
MQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsMQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsBryan Boyd
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebula Project
 
Low Latency Mobile Messaging using MQTT
Low Latency Mobile Messaging using MQTTLow Latency Mobile Messaging using MQTT
Low Latency Mobile Messaging using MQTTHenrik Sjöstrand
 

What's hot (20)

Application & Data Center
Application & Data CenterApplication & Data Center
Application & Data Center
 
PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...
 
Designing Multi-tenant Data Centers Using EVPN
Designing Multi-tenant Data Centers Using EVPNDesigning Multi-tenant Data Centers Using EVPN
Designing Multi-tenant Data Centers Using EVPN
 
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
 
Cto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnfCto’s guide to sdn, nfv and vnf
Cto’s guide to sdn, nfv and vnf
 
VXLAN Distributed Service Node
VXLAN Distributed Service NodeVXLAN Distributed Service Node
VXLAN Distributed Service Node
 
ONIC Japan 2016 - Contrail アップデート
ONIC Japan 2016 - Contrail アップデートONIC Japan 2016 - Contrail アップデート
ONIC Japan 2016 - Contrail アップデート
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNet
 
The Juniper SDN Landscape
The Juniper SDN LandscapeThe Juniper SDN Landscape
The Juniper SDN Landscape
 
Cisco OTV 
Cisco OTV Cisco OTV 
Cisco OTV 
 
L2 tp
L2 tpL2 tp
L2 tp
 
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
PLNOG 17 - Krzysztof Wilczyński - EVPN – zwycięzca w wyścigu standardów budow...
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building Blocks
 
SS7 over IP Brown Bag
SS7 over IP Brown BagSS7 over IP Brown Bag
SS7 over IP Brown Bag
 
Extending the Life of your SS7 Network with SIGTRAN
Extending the Life of your SS7 Network with SIGTRANExtending the Life of your SS7 Network with SIGTRAN
Extending the Life of your SS7 Network with SIGTRAN
 
MQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of ThingsMQTT - A practical protocol for the Internet of Things
MQTT - A practical protocol for the Internet of Things
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & Mitigation
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
 
Networking Fundamentals
Networking FundamentalsNetworking Fundamentals
Networking Fundamentals
 
Low Latency Mobile Messaging using MQTT
Low Latency Mobile Messaging using MQTTLow Latency Mobile Messaging using MQTT
Low Latency Mobile Messaging using MQTT
 

Similar to PLNOG 13: Nicolai van der Smagt: SDN

SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingThomas Graf
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingDigicomp Academy AG
 
From SDN to Cloud Networking
From SDN to Cloud NetworkingFrom SDN to Cloud Networking
From SDN to Cloud NetworkingJuniper Networks
 
CloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network VirtualizationCloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network VirtualizationCynthia Thomas
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualizationSDN Hub
 
OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks
OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus NetworksOpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks
OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus NetworksOpenStack
 
Why sdn
Why sdnWhy sdn
Why sdnlz1dsb
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'OpenStack Korea Community
 
Cloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper ContrailCloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper Contrailbuildacloud
 
Webinar: The Software Matters in Open Networking
Webinar: The Software Matters in Open NetworkingWebinar: The Software Matters in Open Networking
Webinar: The Software Matters in Open NetworkingStorage Switzerland
 
Excitingly simple multi-path OpenStack networking: LAG-less, L2-less, yet ful...
Excitingly simple multi-path OpenStack networking: LAG-less, L2-less, yet ful...Excitingly simple multi-path OpenStack networking: LAG-less, L2-less, yet ful...
Excitingly simple multi-path OpenStack networking: LAG-less, L2-less, yet ful...LINE Corporation
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Dan Mihai Dumitriu
 
Reference design for v mware nsx
Reference design for v mware nsxReference design for v mware nsx
Reference design for v mware nsxsolarisyougood
 
Branching out with SDN
Branching out with SDNBranching out with SDN
Branching out with SDNAPNIC
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networkingyfauser
 
Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpPushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpJames Denton
 
Nvp deep dive_session_cee-day
Nvp deep dive_session_cee-dayNvp deep dive_session_cee-day
Nvp deep dive_session_cee-dayyfauser
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015SDN Hub
 

Similar to PLNOG 13: Nicolai van der Smagt: SDN (20)

Contrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesContrail Enabler for agile cloud services
Contrail Enabler for agile cloud services
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center Networking
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined Networking
 
From SDN to Cloud Networking
From SDN to Cloud NetworkingFrom SDN to Cloud Networking
From SDN to Cloud Networking
 
CloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network VirtualizationCloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network Virtualization
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualization
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network Virtualization
 
OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks
OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus NetworksOpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks
OpenStack Networks the Web-Scale Way - Scott Laffer, Cumulus Networks
 
Why sdn
Why sdnWhy sdn
Why sdn
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
 
Cloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper ContrailCloud Network Virtualization with Juniper Contrail
Cloud Network Virtualization with Juniper Contrail
 
Webinar: The Software Matters in Open Networking
Webinar: The Software Matters in Open NetworkingWebinar: The Software Matters in Open Networking
Webinar: The Software Matters in Open Networking
 
Excitingly simple multi-path OpenStack networking: LAG-less, L2-less, yet ful...
Excitingly simple multi-path OpenStack networking: LAG-less, L2-less, yet ful...Excitingly simple multi-path OpenStack networking: LAG-less, L2-less, yet ful...
Excitingly simple multi-path OpenStack networking: LAG-less, L2-less, yet ful...
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
 
Reference design for v mware nsx
Reference design for v mware nsxReference design for v mware nsx
Reference design for v mware nsx
 
Branching out with SDN
Branching out with SDNBranching out with SDN
Branching out with SDN
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networking
 
Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpPushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
 
Nvp deep dive_session_cee-day
Nvp deep dive_session_cee-dayNvp deep dive_session_cee-day
Nvp deep dive_session_cee-day
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015
 

Recently uploaded

Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 

Recently uploaded (20)

Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 

PLNOG 13: Nicolai van der Smagt: SDN

  • 1. Open Contrail network virtualiza2on Nicolai van der Smagt Solu2ons Architect September 2014
  • 2. Nicolai van der who?! ˥ Nicolai van der Smagt: ˥ Solu2ons Architect @ Infradata ˥ Focus on datacenter architecture ˥ GeJng old: 15 years of experience building and maintaining SP networks Contact: nicolai@infradata.eu InfraInnovaData @ TwiRer Vandersmagt @ Linkedin
  • 3. SDN > Network Virtualiza2on ˥ This presenta2on is about network virtualiza2on soVware ˥ SDN is an overly broad and excessively hyped term, it can mean anything to anybody ˥ Let’s avoid the S-­‐acronym for the rest of the session ˥ Let’s talk about actual, deployable technology
  • 4. Network virtualiza2on? ˥ Helps achieve beRer scalability ˥ Enables automa2on / “agility” ˥ Improves and streamlines network security ˥ Reduces cost ˥ Like MPLS for the datacenter, or “poor man’s” MPLS ˥ Enables the underlaying network to be simple
  • 5. Average DC – L2/VLAN-­‐based Designed for north <-­‐> south traffic L2/L3 L2/L3 L3 L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch L2/L3 L2/L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch Mul2-­‐Chassis LAG TRUNK VMs ToR ToR Servers
  • 6. Average DC – Limited VLAN span L2/L3 L2/L3 L3 L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch L2/L3 L2/L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch Mul2-­‐Chassis LAG TRUNK Rou2ng & Filtering between VLANs VLAN Span Limit ToR ToR Rou2ng & Filtering between VLANs FW No VLANs Across L3 LB FW LB
  • 7. Average DC – No built-­‐in mul2-­‐tenancy L2/L3 L2/L3 L3 L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch L2/L3 L2/L3 L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch Mul2-­‐Chassis LAG TRUNK VLAN Span Limit VMs ToR ToR FW LB FW LB Single Rou2ng Table (No support for overlapping mul2-­‐tenant space)
  • 8. Cloud DC – L3 ECMP Clos network Designed for east-­‐west and north-­‐south traffic L3 L3 L2-­‐SW L3 ToR L3 ToR L3 ToR L3 ToR L3 L3 L3 L3 L3 External Network L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW L2-­‐SW Servers
  • 9. Average DC – Mul2-­‐tenancy using VRF L2/L3 -­‐MPLS L3-­‐MPLS L2 L2 L2 L2 L2 L2 FW LB L2 Switch L2 Switch L3-­‐MPLS L2 L2 L2 L2 L2 L2 L2 Switch L2 Switch Mul2-­‐Chassis LAG TRUNK VLAN Span Limit ToR ToR VRF for mul2-­‐tenant isola2on Tenant-­‐VRF Tenant-­‐VRF L2/L3 -­‐MPLS L2/L3 -­‐MPLS L2/L3 -­‐MPLS MPLS – Enabled links FW LB FW LB FW LB FW LB FW LB Tenant Specific HW Appliance Services
  • 10. Cloud DC – Opencontrail L2/L3 overlay L3## L3## L2/L3## L2/L3## ## L3#ToR# L3## L2/L3## L2/L3## L2/L3## ## L3#ToR# L2/L3## L2/L3## L2/L3## =#mul12tenant#VRF## Hypervisor*vRouter*handles*L2/L3* Hypervisor*vRouter*performs*NAT* ## L3#ToR# L2/L3## L2/L3## L2/L3## ## L3#ToR# L2/L3## L3## L3## L3## L3## vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# vRouter# # # Service#Inser1on# Service#Inser1on# External Network Servers#
  • 11. Opencontrail?! ˥ Network virtualiza2on soVware ˥ Provides a tunneled overlay network over any datacenter infrastructure ˥ Tunnels can be L3 (GRE, UDP) or L2 (VXLAN) ˥ Tunnels interconnect not just hypervisors, but also bare-­‐metal machines and/or network infrastructure (routers, ToR) ˥ Consists of a virtual router component in the hypervisor (vRouter) and centralized control plane (control, configura2on and analy2cs)
  • 12. Standards-­‐based ˥ Opencontrail is fully programmable via RESTful API ˥ Northbound network gateway func2onality is based on well-­‐known and proven protocols and encaps, such as BGP/MPLS (L3VPN or EVPN) and GRE, UDP or VXLAN ˥ Southbound interface (to hypervisor) based on XMPP ˥ No constraints on the underlay physical network Overall architecture § IETF NVO3 WG § ETSI NFV ISG Overlay control plane protocols: § XMPP: RFC 6120, dra1-­‐marques-­‐l3vpn-­‐end-­‐system § BGP L3VPN: RFC 4364 § BGP EVPN: dra1-­‐ie@-­‐l2vpn-­‐evpn § NetConf: RFC 6241 Overlay data plane encapsula2on: § MPLS over GRE: RFC 4797 § VXLAN: dra1-­‐mahalingam-­‐duE-­‐dcops-­‐vxlan Underlay control plane protocols: Exis2ng layer-­‐2 or layer-­‐3 protocols
  • 13. Open Source ˥ Apache 2.0-­‐licensed; permissive open-­‐source with reten2on of copyright ˥ “Redhat model”: support and packaging available from Juniper Networks, if required. ˥ Juniper provides resources and core developers, but the project is open for other developers, reviewers and bug-­‐squashers ˥ Code-­‐review “based on technical merit only”. No poli2cs. ˥ Available today, wai2ng for you to download and play
  • 14. Opencontrail technical architecture SDN Controller Configura2on Analy2cs Control Server VM VM VM Server IP fabric VM VM VM (underlay network) Tenant VMs Any underlay network Any gateway router BGP Clustering Contrail Controller KVM or Xen Hypervisor + Contrail vRouter (L2 & L3) REST XMPP Orchestrator XMPP BGP + Netconf MPLS over GRE/UDP or VXLAN
  • 15. Opencontrail provides: mul2-­‐tenancy L3 Network L2 Network L2 Network L3 router L2 Network Physical Topology Logical Topology
  • 19. Opencontrail provides: gateway func2ons A B A C Data Center 1 Internet WAN D B A D Data Center 2 Tenant VPN Gateway Router Gateway Gateway Switch Non Virtualized Server
  • 20. Opencontrail is based on MPLS VPN technology Route Reflector Route Reflector PE P P PE CE CE Control Node Control Node Underlay Switch vRouter Underlay Switch VM VM VM VM VM vRouter VM IBGP IBGP IBGP XMPP MPLS over MPLS MPLS over GRE or VXLAN Network Management System (NMS) DMI Config Node Orchestrator Analy2cs Node SDN System MPLS L3VPN / E-­‐VPN Opencontrail
  • 21. L3VPN gateway: Virtual network view
  • 23. Opencontrail provides: service chaining/NFV Tenant FW LB Network A Internet Tenant NAT Network A Tenant Network B FW Tenant Network A1 Tenant Network A2 FW
  • 24. Service chaining Green Virtual Network VM VM VM Red Virtual Network VM VM VM NAT + DPI + Cache + Firewall Virtual Service DPI Policy only HTTP Virtual Service Cache Physical Service Firewall Policy based applica2on of virtual and physical services with scale-­‐out. Firewall, Intrusion Preven3on, Load balancer, Cache, WAN op3mizer, proxy, ...
  • 25. Service Chaining: Create Opencontrail service
  • 26. Service chaining: Create Opencontrail policy
  • 27. Service chaining: Apply policy to networks
  • 28. Service chaining: Openstack topology result
  • 29. No VM IP informa2on in the Underlay Network Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Leaf Switch Leaf Switch Leaf Switch Leaf Switch BGP Leaf Switch Leaf Switch Leaf Switch Leaf Switch Spine Switch Spine Switch Spine Switch Gateway Router Gateway Router Control Node Config Node (Openstack) (Cloudstack) Analy2cs Node WebUI Node Control Node Config Node (Openstack) (Cloudstack) Analy2cs Node WebUI Node Network L3 L2, L3 OSPF or BGP L3 ECMP Op2onal Redundancy Compute & Storage Rack Compute & Storage Rack Orchestra2on & Services Racks Contrail in the physical datacenter
  • 30. High availability – scale-­‐out REST Configura2on Nodes Control Nodes Analy2cs Nodes IF-­‐MAP REST XMPP BGP BGP BGP, Netconf vRouters Gateways Designed to deal with failures Logically Centralized (Physically Distributed) Horizontally Scalable Highly Available (Ac3ve-­‐Ac3ve) Federated
  • 31. Opencontrail network security ˥ Policies create distributed security for virtual and physical workloads ˥ Policies enable micro-­‐segmenta2on ˥ Without an explicit policy, traffic is denied by default ˥ Service chaining enables distribu2on of addi2onal network security (such as DDoS mi2ga2on, WAF or applica2on layer firewalling)
  • 32. Orchestra2on op2ons Cloudstack, CCP OCS Openstack Miran2s Openstack, Fuel Redhat Openstack (RHOS) UnitedStack Openstack SmartCloud Orchestrator End of the year
  • 33. Network virtualiza2on with Opencontrail ˥ Scalability ˥ Upgrade from just 4000 to much higher scale of tenant networks ˥ Automa2on / “Agility” ˥ Spin up/down resources based on demand ˥ Scale-­‐out instead of scale-­‐up ˥ Automa2c configura2on / DevOps for the network ˥ Network security ˥ Micro-­‐segmenta2on (smaller networks with more fine-­‐grained access controls) ˥ Policy-­‐driven framework (with default-­‐deny) ˥ Reduced cost ˥ NFV = Virtual network devices instead of expensive hardware ˥ Clos = white label switches instead of more expensive infrastructure ˥ Opencontrail soVware available free of charge
  • 34. Devstack + Opencontrail in-­‐a-­‐box setup For the developers in the audience: 1 Install some packages (git-­‐core, ant, build-­‐essen2al, pkg-­‐config 2 Download DevStack (git clone git@github.com:/dse2a/devstack.git) 3 Edit localrc (set PHYSICAL_INTERFACE) 4 Run stack.sh 5 You’ll end up with Openstack glance, nova, horizon, keystone and cinder, with Opencontrail (as a Quantum plugin), ready for use 6 ? 7 Profit!