Upload
nguyenthien
View
233
Download
0
Embed Size (px)
Citation preview
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Executive Intro Slide
WESTCON NSX ECO SYSTEM JUNIPER META FABRIC - THE INTEGRATION OF VMWARE NSX
Rick Mur
SENIOR SYSTEM ENGINEER
JUNIPER NETWORKS
JNCIE-SP #851, JNCIE-ENT #456, CCIE4 #21946
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
WAN
DATA CENTER 2.0 collapsed core architecture, heavy virtualization
VM
ESX
VM
ESX
VM
ESX SRV SRV
VM
ESX
VM
ESX
VM
ESX
VM
ESX SRV SRV
VM
ESX
L2 stretch
Dark fiber / WDM
L2 pseudo wires
VPLS
Proprietary
L2 issues
Loops
Flooding
ARP
Broadcast storm
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
WAN
DATA CENTER FABRIC fabric (spine/leaf) L3 CLOS architecture, hyper virtualization
VM
ESX
VM
ESX
VM
KVM SRV
VM
KVM
VM
KVM
VM
KVM
VM
ESX SRV
VM
ESX
VM
ESX
VM
ESX
Overlay
MAC learning
Active/Active
Independent
Multi Hypervisor
ESX
KVM
Docker
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
CLOUD STITCHING Requirements Multi Hypervisor
VMware NSX for vSphere (6.1)
Juniper Contrail / Open vSwitch (KVM)
Juniper Contrail / Open vSwitch (Docker)
Legacy hosts/networks
Multi Data Center
Optimal MAC learning
Active/Active
Optimal traffic forwarding
Automation
Provisioning
Analytics
Optimal traffic forwarding
Hardware
Best in class performance
Carrier Grade
Open and Flexible
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
THE SOLUTION
L2
L3
Virtual Network
L2
VM VM
Ph
ys
ica
l L
og
ica
l
Business Agility Benefits
No network-level changes
Automated configuration
No Layer 2 protocols
Dynamic resource allocation
Logical Scaling Benefits
Network is all Layer 3
VM MACs are masked
No need to configure VLANs
Support for multi-tenancy
Similar to VRFs
Pooled resources
No need to configure VLANs
Decouple Physical and Logical Network
Underlay
Overlay
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
VMWARE VIEW OF THE NETWORK WORLD
Ad
va
nce
d D
ata
Ce
nte
r N
etw
ork
Se
rvic
es
in S
oftw
are
- A
uto
mate
d
L2 Switching
L3 Routing
Firewalling/ACLs IPsec VPN L2 VPN SSLVPN
Load Balancing
Any Application
SDDC Platform
Any x86
Any Storage
Any IP network
Data Center Virtualization
Any Network Fabric
Access Port, Router, Firewall, Load Balancer Anywhere
Virtualized Network
Underlay Network
Any X86 Anywhere
Virtualized Compute
Virtualized Storage Wo
rklo
ad
An
yw
he
re
Co
mp
lete
Au
tom
atio
n
3rd Party
Open, No vendor preference
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
Juniper confidential, protected under NDA
VMware + Juniper – Why?
NSX Virtual Networking Physical Switching & Routing
• Maximize agility and flexibility
• DC programmatic control
• Common policy across DC
• High performance and scalable
• Robust security and reliability
• Simplified Management
VMware Compute Virtualization VM-aware Management and VNFs
+
+
SDDC: Virtualization & Automation MetaFabric: Performance & Automation
BETTER
TOGETHER
• Ultimate complimentary /clear demarcation • Mutual willingness investment to integrate • Juniper committed to integrate further with VMware than any other vendor full domain • Bridges the physical and virtual worlds • Ensuring SDDC readiness
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
IP FABRIC TOPOLOGIES One Size Doesn’t Fit All
S S S S
L L L L L L L L L L L L L L L L
3:1
O/S
3-Stage IP Fabric
S S S S S S S S
L L L L L L L L L L L L L L L L
A A A A A A A A
3:1
O/S
5-Stage IP Fabric
Performance
L L L L L L L L
A A A A A A A A A A A A A A A A
S S S S
3:1
O/S
3:1
O/S
3:1
O/S
3:1
O/S
24:1
O/S
5-Stage IP Fabric
Real Estate / POD
S L A Spine Leaf Access
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
VMWare VMWare VMWare VMWare
vswitc
h
vswitc
h
vswitc
h
vswitc
h
Spine 1 Spine 2 Spine 3 Spine 4
VCF
VMWare VMWare VMWare VMWare
vswitc
h
vswitc
h
vswitc
h
vswitc
h
Spine 1 Spine 2 Spine 3 Spine 4
VCF
Spine 1 Spine 2 Spine 3 Spine 4
VCF
Gold POD Silver POD Bronze POD
MX
EX9200
L2
L3
5-STAGE IP FABRIC Universal SDN Gateway
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
SWITCHING ARCHITECTURES
Juniper
Architectures
Open
Architectures
MC-LAG
…
QFX5100
Virtual Chassis
Up to 10 members
Junos Fusion
Up to 128 members
IP Fabric
L3 Fabric
Virtual Chassis
Fabric
Up to 20 members
Benefits • Single point of
management and
control
• Purpose-built and
turnkey
Benefits • Flexible deployment
scenarios
• Open choice of
technologies and
protocols
One Architecture Does Not Fit All; QFX5100 enables Choices!
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
Junos VM (Master) Junos VM (Master) Junos VM (Backup) Junos VM (Master)
High-Level QFX5100 Architecture
x86 Hardware Broadcom Trident II
Kernal Based Virtual Machines
Broadcom Trident II
PFE PFE
Linux Kernel
TOPOLOGY INDEPENDENT ISSU
Challenge
Solution
Benefits
Downtime not acceptable during software
upgrades. Legacy/competitive solutions need the
support of adjacent devices during software
upgrade.
Topology-independent ISSU – Made possible by
QFX5100’s unique software architecture.
• No traffic loss during upgrades
• No port flap during upgrades
• Works in any switching architecture
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
Juniper confidential, protected under NDA
QFX10002 FIXED SWITCHES
QFX10002-72Q
2RU
5.76 Tbps
• 2RU Fixed Switches:
• 72 x 40G QSFP+ / 24 x 100G QSFP28 / 288 x 10G
SFP+
• 36 x 40G QSFP+ / 12 x 100G QSFP28 / 144 x 10G
SFP+
• Intel Quad Core Ivy Bridge 2.4Ghz CPU, 16GB
SDRAM
• Front-to-back airflow with 3 rear fan trays
• AC & DC Power
• QFX10002-72Q: 2+2 / 2+1 redundancy
• QFX10002-36Q: 1+1 redundancy
Elit-36Q Elit-72Q
System throughput 2.88 Tbps 5.76 Tbps
10G Density (SFP+)
(breakout)
144 288
40G Density (QSFP+) 36 72
100G Density (QSFP28) 12 24
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
Juniper confidential, protected under NDA
QFX10008/QFX10016 MODULAR SWITCHES
13RU
8 Slot
48 Tbps
21RU
16 Slot
96 Tbps
• Mid plane-less orthogonal interconnect architecture
• 6 switch fabric cards with N + 1 redundancy
• Redundant Routing Engines
• Intel Quad Core Ivy Bridge 2.4Ghz CPU, 16GB SDRAM
• Front-to-back airflow with 2 rear fan trays
• AC & DC Power with N+1 redundancy
• 8-slot: 6 PSUs, 16-slot: 10 PSUs
• Line Cards:
• 36 x 40G QSFP+ / 12 x 100G QSFP28
• 30 x 100G QSFP28 / 30 x 40G QSFP+
• 60 x 10G SFP+ with 6 x 40G QSFP+ / 2 x 100G
QSFP28
QFX10008 QFX10016
10G Density (SFP+) (Native) 480 960
10G Density (SFP+) (breakout) 1152 2304
40G Density (QSFP+) 288 576
100G Density (QSFP28) 240 420
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
USG (UNIVERSAL SDN GATEWAY) Introducing four new options for SDN enablement
Provide SDN-to-non-SDN translation, same IP subnet
SDN to IP (Layer 2)
Layer2 USG
Remote
Data
Center
Branch
Offices Internet
Layer3 USG
Provide SDN-to-non-SDN translation, different IP subnet
SDN to IP (Layer 3)
Provide SDN-to-SDN translation, same or different IP subnet, same or different overlay
SDN USG
SDN to SDN
WAN USG
Provide SDN-to-WAN translation, same or different IP subnet, same or different encapsulation
SDN to WAN
USG (Universal SDN Gateway)
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
PRIVATE MPLS WAN without EVPN
VLAN 10
PRE-EVPN: LAYER 2 STRETCH BETWEEN DATA CENTERS
EVPN (Ethernet VPN)
DATA CENTER 1
VLAN 10
DATA CENTER 2
✕
Without EVPN
Data
Plane • Only one path can be active at a given time
• Remaining links are put into standby mode
Control
Plane
• Layer 2 MAC tables are populated via the data plane
(similar to a traditional L2 switch)
• Results in flooding of packets across WAN due to
out of sync MAC tables
MAC: AA
Server 1 xe-1/0/0.10
xe-1/0/0.10 xe-1/0/0.10
xe-1/0/0.10
MAC: BB
Server 2
ge-1/0/0.10
ge-1/0/0.10
MAC VLAN Interfaces
BB 10 xe-1/0/0.10
Router 2’s MAC Table
ge-1/0/0.10
ge-1/0/0.10
MAC VLAN Interfaces
AA 10 xe-1/0/0.10
Router 1’s MAC Table
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
PRIVATE MPLS WAN without EVPN
VLAN 10
EVPN: LAYER 2 STRETCH BETWEEN DC’S EVPN (Ethernet VPN)
DATA CENTER 1
VLAN 10
DATA CENTER 2
With EVPN
Data
Plane
• All paths are active
• Inter-data center traffic is load-balanced across all
WAN links
Control
Plane
• Layer 2 MAC tables are populated via the control
plane (similar to QFabric)
• Eliminates flooding by maintaining MAC table
synchronization between all EVPN nodes
MAC VLAN Interfaces
AA 10 xe-1/0/0.10
BB 10 ge-1/0/0.10
Router 1’s MAC Table
MAC: AA
Server 1 xe-1/0/0.10
xe-1/0/0.10 xe-1/0/0.10
xe-1/0/0.10
MAC: BB
Server 2
ge-1/0/0.10
ge-1/0/0.10
MAC VLAN Interfaces
BB 10 xe-1/0/0.10
AA 10 ge-1/0/0.10
Router 2’s MAC Table
ge-1/0/0.10
ge-1/0/0.10
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
DC 2 VLAN 10
10.10.10.100/24
DC 3
10.10.10.200/24
VLAN 10
VLAN 20
Server 2 Server 3
Server 1
PRIVATE MPLS WAN
DC 1
20.20.20.100/24
Active VRRP
DG: 10.10.10.1
Standby VRRP
DG: 10.10.10.1
Standby VRRP
DG: 10.10.10.1
Standby VRRP
DG: 10.10.10.1
WITHOUT VMTO: TROMBONE EFFECT
Task:
Server 3 in Data Center 3 needs to send packets to
Server 1 in Data Center 1.
Problem:
Server 3’s active Default Gateway for VLAN 10 is in
Data Center 2.
Effect:
1. Traffic must travel via Layer 2 from Data Center 3 to
Data Center 2 to reach VLAN 10’s active Default
Gateway.
2. The packet must reach the Default Gateway in order
to be routed towards Data Center 1. This results in
duplicate traffic on WAN links and suboptimal routing
– hence the “Egress Trombone Effect.”
VMTO (VM Mobility
Traffic Optimizer)
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
DC 2 VLAN 10
10.10.10.100/24
DC 3
10.10.10.200/24
VLAN 10
VLAN 20
Server 2 Server 3
Server 1
PRIVATE MPLS WAN
DC 1
20.20.20.100/24
WITH VMTO: NO TROMBONE EFFECT
Effect:
1. Ingress traffic destined for Server 3 is sent directly
across the WAN from Datacenter 1 to Datacenter 3.
This eliminates the “Ingress Trombone Effect” and
creates the most optimal forwarding path for the Inter-
DC traffic.
Task:
Server 1 in Datacenter 1 needs to send packets to Server
3 in Datacenter 3.
Solution:
In addition to sending a summary route of
10.10.10.0/24 the datacenter edge routers also send
host routes which represent the location of local
servers.
10.10.10.0/24 Cost 5 10.10.10.0/24 Cost 10
Route Mask Cost Next Hop
10.10.10.0 24 5 Datacenter 2
10.10.10.0 24 10 Datacenter 3
10.10.10.100 32 5 Datacenter 2
10.10.10.200 32 5 Datacenter 3
DC 1’s Edge Router Table WITH VMTO
10.10.10.100/32 Cost 5 10.10.10.200/32 Cost 5
VMTO (VM Mobility
Traffic Optimizer)
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
CLOUD STITCHING Connectivity Options
Bare Metal
Plain VLANs
VMware NSX-V
Virtual Networks
NSX Edge Bridge
KVM (Contrail)
Virtual Networks
MX Edge integration
Docker Containers
Virtual Networks
MX Edge integration
Roadmap
EVPN
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
High-IQ networks that know virtualization and automation
Juniper: The Partner For Transformation
Service delivery from months to minutes
Start small, grow fast, stay profitable
Truck rolls to mouse rolls
“Fast-Fail” To succeed quicker!
AUTOMATE: PROGRAMMABLE “DevOps”
• Reduce test cycles and time-to-market • Automate continuous operations • Unify IP+IT domains with programmability
Test = Production Infrastructure
Production Infrastructure
Test Infrastructure
Months / Years Minutes / Days
• Shorten procurement and test • Reduce start up costs • Simplify inventory and recycle assets
SCALE: OUT AND UP/DOWN
COTS
Appliances
• Centralize complexity and operations • Customize service combinations on-demand • Scale independently and elastically
Service Control
Gateway
SDN Controller
CREATE: CUSTOMIZED AND ON-DEMAND
NFV Solution
User Portal
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
QUOTE
So essentially - the logical topology of servers, services and L3 GWs
are not really any different from a datacenter 10 years ago.
The difference is that we now have control over how anything is
connected by the click of a button instead of physical racking, stacking
and (re-)cabling
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
Automate: Introducing Junos DevOps Features Months To Minutes: Programmability To Unify IP And IT Operations
IP Domain
Routers Switches SNMP, CLI,
Scripting
Unified Framework
App
s
Servers, Compute,
Storage
IT Domain
Puppet, Python,
Etc
• Common System-Wide
Programmable Operations
• IT Services Synchronized With
IP Network
• Eliminate “Trouble Ticket”
Interface
• Shorten Time-To-Market
• Leverage One Of World’s
Largest Network Footprints
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
Juniper confidential, protected under NDA
HOW CAE COMPONENTS WORK TOGETHER
Open API Open Schema
REST API
Data Center Network Infrastructure
ORCHESTRATION (ND)
DLE
QFX / EX Switches
JUNOS NDA Physical Host with Hypervisor
CA
Physical Host with Hypervisor
CA QFX / EX Switches
JUNOS NDA
QFX / EX Switches
JUNOS NDA
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
CLOUD STITCHING Summary
Achievements
No compromise IP Fabric
Existing hardware
Existing software
No competition for Multi Data Center
Show migration path from legacy to SDN
Seamlessly stitch SDN Overlays
Automation
Scalable
Choice of overlay
Slide Type Juniper Networks Large Venue Template / 16x9 / V6
Juniper confidential, protected under NDA
Learn More • VMware Partnership
• On juniper.net (scroll down to VMware)
• Customer Presentation • Customer Presentation – Savo
• Whitepapers • Connecting Physical and Virtual Networks with VMware NSX and Juniper Platforms – VMware Site
• Solution Brief • USING SOFTWARE-DEFINED DATA CENTERS TO ENABLE CLOUD ADOPTION– VMware Site
• LAYER 2 GATEWAY SERVICES WITH VMWARE NSX - Juniper Site
• Blogs • Juniper and VMware: Collaborating to Enable The Software-Defined Data Center – VMware Site
• Using Differentiated Services to Tame Elephants – VMware Site
• Ready to unleash your new ideas? Join Juniper Networks at VMworld 2014 – Juniper Site
• Eliminate confusion. Unleash ideas. Boost agility. – Juniper Site
• Videos • QFX5100 VXLAN Integration with NSX and Ubuntu/KVM/OVS – YouTube
• Inter-VXLAN routing with Juniper switch and NSX - YouTube
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
DEMO Hardware
Hardware
2 ESXi 5.5 hosts
Xeon E3-1230 / Avoton C2750
32GB RAM each
128GB SSD for vFlash Cache
NFS storage (Synology DS713+)
Physical network
Juniper EX2200-C
Few VLANs
Software
Virtual MX JUNOS 14.1R2.12 with JSDN
NSX-V 6.1
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
WAN
DEMO Simplified Topology
172.22.10.0/24
vBSD1 vWin1
.204 .201
App
OS
App
OS
vBSD2 vWin2
.205 .202
App
OS
App
OS
vBSD3 vWin3
.206 .203
App
OS
App
OS
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
DEMO Logical Topology
Distributed vSwitch
VLAN 13 VMware NSX-V
VLAN 11
NSX Edge Bridge
EVPN
WAN
0.0.0.0/0
172.22.10.0/24
vBSD3 vWin3
App
OS
App
OS
vBSD1 vWin1
App
OS
App
OS
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
WAN DEMO Detailed Topology
NAS
VLAN 1 (management)
vMX0
vMX1
VLAN 5 (transit)
vEdge
VLAN 11
VXLAN 6500
vBSD1 vWin1
.204 .201
Test network: 172.22.10.0/24
App
OS
App
OS
MPLSoGRE 5001
vBSD2 vWin2
.205 .202
App
OS
App
OS
vMX2
VLAN 13
vBSD3 vWin3
.206 .203
App
OS
App
OS
vMX3
vMX2
vESX3 vESX4
VLAN 12
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
AUTOMATION WORKFLOW Step 0: Fundament
VM
ESX
VM
ESX
EVPN
VM
ESX
VM
ESX
IP IP L2 L2
NSX
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
AUTOMATION WORKFLOW Step 1: Virtual Networks
VM
ESX
VM
ESX
EVPN
VM
ESX
VM
ESX
IP IP L2 L2
NSX
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
AUTOMATION WORKFLOW Step 2: Bridge
VM
ESX
VM
ESX
EVPN
VM
ESX
VM
ESX
IP IP L2 L2 L2 L2
NSX
VXLAN VXLAN
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
AUTOMATION WORKFLOW Step 3: Enable EVPN
VM
ESX
VM
ESX
EVPN
VM
ESX
VM
ESX
IP IP L2 L2 L2 L2
NSX
VXLAN VXLAN
Junos Space
Slide Type Juniper Networks Large Venue Template / 16x9 / V6 Blank Slide Title and Content
1-Line
AUTOMATION WORKFLOW Orchestration components
VMware vCenter
vCenter Orchestrator
Junos Space
VMware NSX vRealize Automation
SOAP
REST
REST SOAP
REST
NETCONF
REST
REST
Web Portal