Date post: | 15-Jan-2015 |
Category: |
Technology |
Upload: | skillfactory |
View: | 227 times |
Download: | 4 times |
NEW NETWORK DAY. КЛЮЧЕВЫЕ ТЕНДЕНЦИИ ОТРАСЛИ
В ПОСЛЕДНЕЕ ВРЕМЯ. Moscow, 1st April 2014
Uwe Richter, SE Director RESE
2 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
WHAT IS HOT IN 2014 ?
SDN M2M LTE Cloud
NFV
3 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
Network Function Virtualization (NFV)
4 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
EVOLUTION OF VALUE ADDED SERVICESIN OPERATOR NETWORKS
L3 Network Services• Business Edge (L3VPN)• Consumer Edge (Broadband)• Mobile
Value Added Services• Physical L4-L7 Services• Security (Firewall, IDS, IPS, ...)• Optimization (Caching, WAN Acc, ...)• Other services (IMS, EPC, ...)
Virtualize Services• Introduce NFV and SDN• Reduce cost• Increase agility
ContrailFirefly
MX
SRXMS-DPCSCG
5 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
HOW THE OPERATORS SEE IT – EXTRACT FROM THE PAPER - QUOTE:-
“Network Functions Virtualisation aims to address these problems by leveraging standard IT virtualisation technology to consolidate many network equipment types onto industry standard high volume servers, switches and storage, which could be located in Datacentres, Network Nodes and in the end user premises. We believe Network Functions Virtualisation is applicable to any data plane packet processing and control plane function in fixed and mobile network infrastructures.
We would like to emphasise that we see Network Functions Virtualisation as highly complementary to Software Defined Networking (SDN). These topics are mutually beneficial but are not dependent on each other. Network Functions can be virtualised and deployed without an SDN required and vice-versa.”
6 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
Service Chain
DPIDPI DPIDPIDPIDPIDPI
NFV + SDN
Juniper and Third Party Virtual Network FunctionsNFV: virtualize network functions
Firewall IDPCache
Contrail Service ChainingSDN: dynamically program network to create service chains
NATAnchorRouter
7 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
Juniper's NFV Implementation:
Contrail and VNFs
8 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
CONTRAIL USE CASES
Public Cloud
Private Cloud Private Cloud
VPN VPN
WAN
Gateway
Access
Core
Cloud : Network Virtualization• Private Clouds, Public Cloud, and Virtual Private Cloud• Network Virtualization• Tenant and Application Policies• Network Function Virtualization and Service chaining• Rich Analytics
Cloud : Interconnect• Connect Private Cloud to Private Cloud (DCI) • Connect Private Cloud to Public Cloud (bursting)• Connect Campus to Private Cloud
Network Function Virtualization• Virtualize Network Functions• Service Chaining• Attach Service Chain to Physical Network• Application-Aware and Subscriber-Aware Steering• Rich analytics
9 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
CONTRAIL USE CASES
Access
Core
Network Function Virtualization• Virtualize Network Functions• Service Chaining• Attach Service Chain to Physical Network• Application-Aware and Subscriber-Aware Steering• Rich analytics
Topic of today's presentation:NFV Use Cases
Same technology as Cloud use casesTightly integrated with Cloud use cases
10 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
CONTRAIL FUNCTION:VIRTUAL NETWORKS
Virtual NetworksProvide isolation tenants, applications, or tiers within an application.
Physical location of virtual machine independent from logical location.
VM VM VM
GreenVirtual Network
VM VM VM
RedVirtual Network
VM VM
BlueVirtual Network
Bare Metal Server
11 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
CONTRAIL FUNCTION: VIRTUAL NETWORK POLICIES
Virtual Network PoliciesAt a high level of abstraction, applied at the boundaries of virtual networks.
VM VM VM
GreenVirtual Network
VM VM VM
RedVirtual Network
Policy
only HTTPNAT
12 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
CONTRAIL FUNCTION: SERVICE CHAINS FOR DATA CENTER TENANTS
Service ChainingPolicy based application of virtual and physical services with scale-out.
Firewall, Intrusion Prevention, Load balancer, Cache, WAN optimizer, proxy, ...
VM VM VM
GreenVirtual Network
VM VM VM
RedVirtual Network
VirtualService
IDS
VirtualServiceCache
PhysicalServiceFirewall
Policy
only HTTPNAT + IDS + Cache + Firewall
13 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
CONTRAIL FUNCTION:SERVICE CHAINS FOR SERVICE PROVIDER NETWORKS
Access
Core
BusinessConsumerBroadband
Mobile
"Anchor" Service Chainto Edge Router
Edge Router
14 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
CUSTOMER-SPECIFIC NFVS AND SERVICE CHAINSCOMMON FOR BUSINESS EDGE
Access
MPLS Core
BusinessMPLS L3VPN
ServicePE Router
Separate Service Chain and VNFs
for each customer.
Customer 1
Customer 2
Customer 3
15 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
MULTI-TENANT NFVS AND SERVICE CHAINSCOMMON FOR CONSUMER / SOHO EDGE (WIRELINE AND MOBILE)
Access
MPLS Core
Subscriber-awareApplication-aware
Policy-drivenSteering
Scale-out multi-tenantService Chains and NFVs
"Gold" Service
"Silver" Service
16 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
DYNAMIC STEERING
PCRF
ContrailController
SCG
PoliciesThousands per second
Data PacketsMillions per second
Service ChainsNew: once per month
Scale-out: once per day
17 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
CONTRAIL SERVICE CHAIN IMPLEMENTATIONWITHIN THE CLOUD
VMG1
VMG2
VMG3
GreenVirtual Network
VMR1
VMR2
VMR3
RedVirtual Network
ContrailController
VMG
VMR
XMPP
CloudStackOpenStack
18 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
CONTRAIL SERVICE CHAIN IMPLEMENTATIONFOR THE BUSINESS EDGE
ContrailController
OpenStackCloudStack
BGP + Netconf
XMPP
19 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
CONTRAIL SERVICE CHAIN IMPLEMENTATIONIN THE GI-LAN WITH SERVICE STEERING
GGSN / PGW
SCG / TDF
PCRF
ContrailController
OpenStackCloudStack
Subscriber AwarenessLayer 3-7 ClassificationSteering Capabilities
20 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
SERVICE CHAIN SCALE-OUT
Note: for simplicity, this example shows each service-instance on a separate compute node. In reality a single compute node can host multiple service instances.
Service Chain "Width"
Service Chain "Length"
For scale-outWidth varies per stepCan be changed using APIDynamic in future
For functionalityCan be changed using API
Currently only transparentservices support length > 1
21 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
SCALE-OUT AND LOAD BALANCING
load balancing in
Physical Routerload balancing as
Virtual Serviceload balancing in
vRouter
Mechanisms
ECMP
Flow Tables
Consistent Hashing
Challenges
Scale and performance
Stickiness
Symmetry
22 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
JUNIPER VIRTUAL SERVICE ENABLERSCURRENT AND PLANNED
Firefly Perimeter
Firefly Host
DDoS Secure
WebApp Secure
Pulse Secure Access
Pulse AUC Secure
Secure Analytics
Content Encore
Policy Control
Subscriber Aware
Web Aware
VM Firewall and Connectivity
Kernel Firewall and Visibility
Distribution Denial of Service Prevention
Web Application Security
SSL VPN
Unified Access Control
System Event and Log Correlation
Content Caching
Application-Aware Service Steering (on SDG with DPI)
Subscriber-Aware Service Steering (on SDG with PCRF / RADIUS)
HTTP Header Enrichment and Redirection (on service cards)
SERVICES FROM OTHER VENDORS (PARTNER OR NOT) ARE ALSO SUPPORTED
23 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
Orchestration and Analytics
24 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
GOAL: CUSTOMER SELF-SERVICE PORTALWITH FULLY AUTOMATED BACK-END
25 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
REST APIS FOR AUTOMATING THE BACK-END WORK-FLOW
ConfigurationNodes
AnalyticsNodes
REST APIs
Contrail Controller
Service Data ModelHigh Level of Abstraction
Generates
Contrail GUI Orchestrators
26 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
WHAT PART OF THE PROBLEM DOES CONTRAIL SOLVE?
GGSN / PGW
SDG / TDF
PCRF
ContrailController
OpenStackCloudStack
Manage
Service Chains
Manage
Virtual Machines
REST APIs
REST APIs
27 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014
THE ROLE OF END-TO-END ORCHESTRATION
Cloud Management
System
OpenStackCloudStack
ServerManagement
System
PuppetChef
VNF ElementManagement
System
Space Security Director
Data CenterSDN Controller
Contrail
NetworkManagement
System
Space Network Director
WANController
NorthStarWANDL
End-to-End OrchestrationServiceDeploymentWorkflow
Self-Service Portal BSS OSS
Access Edge Service Center / Data Center Core
APIs