Ключевые тенденции отрасли в последнее время

NEW NETWORK DAY. КЛЮЧЕВЫЕ ТЕНДЕНЦИИ ОТРАСЛИ

В ПОСЛЕДНЕЕ ВРЕМЯ. Moscow, 1st April 2014

Uwe Richter, SE Director RESE

2 Copyright © 2014 Juniper Networks, Inc. Presented at Juniper New Network Day in Moscow , 1st April 2014

WHAT IS HOT IN 2014 ?

SDN M2M LTE Cloud

NFV

Whatsapp


Network Function Virtualization (NFV)


EVOLUTION OF VALUE ADDED SERVICESIN OPERATOR NETWORKS

L3 Network Services• Business Edge (L3VPN)• Consumer Edge (Broadband)• Mobile

Value Added Services• Physical L4-L7 Services• Security (Firewall, IDS, IPS, ...)• Optimization (Caching, WAN Acc, ...)• Other services (IMS, EPC, ...)

Virtualize Services• Introduce NFV and SDN• Reduce cost• Increase agility

ContrailFirefly

MX

SRXMS-DPCSCG


HOW THE OPERATORS SEE IT – EXTRACT FROM THE PAPER - QUOTE:-

“Network Functions Virtualisation aims to address these problems by leveraging standard IT virtualisation technology to consolidate many network equipment types onto industry standard high volume servers, switches and storage, which could be located in Datacentres, Network Nodes and in the end user premises. We believe Network Functions Virtualisation is applicable to any data plane packet processing and control plane function in fixed and mobile network infrastructures.

We would like to emphasise that we see Network Functions Virtualisation as highly complementary to Software Defined Networking (SDN). These topics are mutually beneficial but are not dependent on each other. Network Functions can be virtualised and deployed without an SDN required and vice-versa.”


Service Chain

DPIDPI DPIDPIDPIDPIDPI

NFV + SDN

Juniper and Third Party Virtual Network FunctionsNFV: virtualize network functions

Firewall IDPCache

Contrail Service ChainingSDN: dynamically program network to create service chains

NATAnchorRouter


Juniper's NFV Implementation:

Contrail and VNFs


CONTRAIL USE CASES

Public Cloud

Private Cloud Private Cloud

VPN VPN

WAN

Gateway

Access

Core

Cloud : Network Virtualization• Private Clouds, Public Cloud, and Virtual Private Cloud• Network Virtualization• Tenant and Application Policies• Network Function Virtualization and Service chaining• Rich Analytics

Cloud : Interconnect• Connect Private Cloud to Private Cloud (DCI) • Connect Private Cloud to Public Cloud (bursting)• Connect Campus to Private Cloud

Network Function Virtualization• Virtualize Network Functions• Service Chaining• Attach Service Chain to Physical Network• Application-Aware and Subscriber-Aware Steering• Rich analytics


CONTRAIL USE CASES

Access

Core

Network Function Virtualization• Virtualize Network Functions• Service Chaining• Attach Service Chain to Physical Network• Application-Aware and Subscriber-Aware Steering• Rich analytics

Topic of today's presentation:NFV Use Cases

Same technology as Cloud use casesTightly integrated with Cloud use cases


CONTRAIL FUNCTION:VIRTUAL NETWORKS

Virtual NetworksProvide isolation tenants, applications, or tiers within an application.

Physical location of virtual machine independent from logical location.

VM VM VM

GreenVirtual Network

VM VM VM

RedVirtual Network

VM VM

BlueVirtual Network

Bare Metal Server


CONTRAIL FUNCTION: VIRTUAL NETWORK POLICIES

Virtual Network PoliciesAt a high level of abstraction, applied at the boundaries of virtual networks.

VM VM VM


VM VM VM

RedVirtual Network

Policy

only HTTPNAT


CONTRAIL FUNCTION: SERVICE CHAINS FOR DATA CENTER TENANTS

Service ChainingPolicy based application of virtual and physical services with scale-out.

Firewall, Intrusion Prevention, Load balancer, Cache, WAN optimizer, proxy, ...

VM VM VM


VM VM VM

RedVirtual Network

VirtualService

IDS

VirtualServiceCache

PhysicalServiceFirewall

Policy

only HTTPNAT + IDS + Cache + Firewall


CONTRAIL FUNCTION:SERVICE CHAINS FOR SERVICE PROVIDER NETWORKS

Access

Core

BusinessConsumerBroadband

Mobile

"Anchor" Service Chainto Edge Router

Edge Router


CUSTOMER-SPECIFIC NFVS AND SERVICE CHAINSCOMMON FOR BUSINESS EDGE

Access

MPLS Core

BusinessMPLS L3VPN

ServicePE Router

Separate Service Chain and VNFs

for each customer.

Customer 1

Customer 2

Customer 3


MULTI-TENANT NFVS AND SERVICE CHAINSCOMMON FOR CONSUMER / SOHO EDGE (WIRELINE AND MOBILE)

Access

MPLS Core

Subscriber-awareApplication-aware

Policy-drivenSteering

Scale-out multi-tenantService Chains and NFVs

"Gold" Service

"Silver" Service


DYNAMIC STEERING

PCRF

ContrailController

SCG

PoliciesThousands per second

Data PacketsMillions per second

Service ChainsNew: once per month

Scale-out: once per day


CONTRAIL SERVICE CHAIN IMPLEMENTATIONWITHIN THE CLOUD

VMG1

VMG2

VMG3


VMR1

VMR2

VMR3

RedVirtual Network

ContrailController

VMG

VMR

XMPP

CloudStackOpenStack


CONTRAIL SERVICE CHAIN IMPLEMENTATIONFOR THE BUSINESS EDGE

ContrailController

OpenStackCloudStack

BGP + Netconf

XMPP


CONTRAIL SERVICE CHAIN IMPLEMENTATIONIN THE GI-LAN WITH SERVICE STEERING

GGSN / PGW

SCG / TDF

PCRF

ContrailController

OpenStackCloudStack

Subscriber AwarenessLayer 3-7 ClassificationSteering Capabilities


SERVICE CHAIN SCALE-OUT

Note: for simplicity, this example shows each service-instance on a separate compute node. In reality a single compute node can host multiple service instances.

Service Chain "Width"

Service Chain "Length"

For scale-outWidth varies per stepCan be changed using APIDynamic in future

For functionalityCan be changed using API

Currently only transparentservices support length > 1


SCALE-OUT AND LOAD BALANCING

load balancing in

Physical Routerload balancing as

Virtual Serviceload balancing in

vRouter

Mechanisms

ECMP

Flow Tables

Consistent Hashing

Challenges

Scale and performance

Stickiness

Symmetry


JUNIPER VIRTUAL SERVICE ENABLERSCURRENT AND PLANNED

Firefly Perimeter

Firefly Host

DDoS Secure

WebApp Secure

Pulse Secure Access

Pulse AUC Secure

Secure Analytics

Content Encore

Policy Control

Subscriber Aware

Web Aware

VM Firewall and Connectivity

Kernel Firewall and Visibility

Distribution Denial of Service Prevention

Web Application Security

SSL VPN

Unified Access Control

System Event and Log Correlation

Content Caching

Application-Aware Service Steering (on SDG with DPI)

Subscriber-Aware Service Steering (on SDG with PCRF / RADIUS)

HTTP Header Enrichment and Redirection (on service cards)

SERVICES FROM OTHER VENDORS (PARTNER OR NOT) ARE ALSO SUPPORTED


Orchestration and Analytics


GOAL: CUSTOMER SELF-SERVICE PORTALWITH FULLY AUTOMATED BACK-END


REST APIS FOR AUTOMATING THE BACK-END WORK-FLOW

ConfigurationNodes

AnalyticsNodes

REST APIs

Contrail Controller

Service Data ModelHigh Level of Abstraction

Generates

Contrail GUI Orchestrators


WHAT PART OF THE PROBLEM DOES CONTRAIL SOLVE?

GGSN / PGW

SDG / TDF

PCRF

ContrailController

OpenStackCloudStack

Manage

Service Chains

Manage

Virtual Machines

REST APIs

REST APIs


THE ROLE OF END-TO-END ORCHESTRATION

Cloud Management

System

OpenStackCloudStack

ServerManagement

System

PuppetChef

VNF ElementManagement

System

Space Security Director

Data CenterSDN Controller

Contrail

NetworkManagement

System

Space Network Director

WANController

NorthStarWANDL

End-to-End OrchestrationServiceDeploymentWorkflow

Self-Service Portal BSS OSS

Access Edge Service Center / Data Center Core

APIs

Ключевые тенденции отрасли в последнее время

Technology

juniper new network

program network

network nodes

juniper networks

new network day moscow

sdn juniper

mobile network infrastructures

network equipment types