sdn controller
TRANSCRIPT
![Page 1: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/1.jpg)
CONTRAIL SDN CONTROLLER
Jakub Pavlik, tcp cloud
![Page 2: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/2.jpg)
2 Copyright © 2013 Juniper Networks, Inc.
Datacenter Use Case
![Page 3: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/3.jpg)
3 Copyright © 2013 Juniper Networks, Inc.
CONTRAIL USE CASE 1: CLOUDENTERPRISE PRIVATE CLOUD
Finance HR Marketing
VLAN
Physical Service
Appliances
Silo'ed resource allocationManual configurationStatic service deployment
![Page 4: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/4.jpg)
4 Copyright © 2013 Juniper Networks, Inc.
CONTRAIL USE CASE 1: CLOUDENTERPRISE PRIVATE CLOUD
Finance HR Marketing Finance HR Marketing
VLAN
Physical Service
Appliances
VirtualNetwork
Silo'ed resource allocationManual configurationStatic service deployment
Dynamic resource allocationAutomated configurationDynamic service chains
Network policies enforced as ACLs and
service chains
![Page 5: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/5.jpg)
5 Copyright © 2013 Juniper Networks, Inc.
CONTRAIL USE CASE 2: CLOUDSERVICE PROVIDER CLOUD (IAAS, VPC)
Service ProviderInfrastructure as a Service (IaaS)
Service ProviderL3VPN, E-VPN
Public Cloud Providers, Content Providers, ...
Service ProviderManaged Virtual Private Cloud (VPC)
Enterprise Offices
End-to-End Virtual Network Orchestration and Automation
Enterprise Data Center
![Page 6: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/6.jpg)
6 Copyright © 2013 Juniper Networks, Inc.
Network Virtualisation----
The Importance of Abstraction
"SDN as a Compiler"
![Page 7: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/7.jpg)
7 Copyright © 2013 Juniper Networks, Inc.
WHAT IS NETWORK VIRTUALIZATION Independent of Physical Network Location or State
Logical Network across any server, any rack, any cluster, any data-center
Virtual Machines can migrate without requiring any reworking of security policies, load balancing, etc
New Workloads or Networks should not require provisioning of physical network
Nodes in Physical Network can fail without any disruption to Workload
Full Isolation for Multi-tenancy and Fault Tolerance MAC and IP Addresses are completely private per tenant Any failures or configuration errors by tenants do not affect other
applications or tenants Any failures in the virtual layer do not propagate to physical layer
![Page 8: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/8.jpg)
8 Copyright © 2013 Juniper Networks, Inc.
CONTRAIL KEY ABSTRACTIONS"LEGO BLOCKS"
VN
VM VM
VN
VN
Virtual MachinesCloud Tenants and Virtual Network Functions
Virtual NetworksConnect Virtual Machines
Gateway DevicesConnect the Virtual to the Physical
![Page 9: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/9.jpg)
9 Copyright © 2013 Juniper Networks, Inc.
CONTRAIL KEY ABSTRACTIONSCONSTRUCTING COMPLEX USE CASES WITH SIMPLE "LEGO BLOCKS"
VM VM VM
Virtual Network
VM VM VM
Virtual Network
Tenant Virtual Machines
Virtual Firewall
Physical Gateway RouterNon-Virtualized (Bare Metal) Server
Physical Network (Internet, L3VPN, ...)
Virtual Network
PhysicalNetwork
Virtual Load Balancer
Service Chain
![Page 10: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/10.jpg)
11 Copyright © 2013 Juniper Networks, Inc.
VIRTUAL NETWORKAKA NETWORK SLICING, AKA MULTI-TENANCY
OpenStackCloudStack
ContrailController
VMG1
VMR1
VMG2
VMR2
Contrail Controller
REST APIs
XMPP
VirtualizedServer
Contrail vRouter
Hypervisor
Routing Instance Overlay TunnelMPLS/GRE, MPLS/UDP, VXLAN
Underlay Switch
GreenVirtual Network
VM VM VM VM
RedVirtual Network
VM VM VM VM
![Page 11: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/11.jpg)
12 Copyright © 2013 Juniper Networks, Inc.
SERVICE CHAININGIN THE CONTEXT OF A DATA CENTER
VMG1
VMG2
VMG3
GreenVirtual Network
VMR1
VMR2
VMR3
RedVirtual Network
ContrailController
VMG
VMR
XMPP
OpenStackCloudStack
![Page 12: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/12.jpg)
13 Copyright © 2013 Juniper Networks, Inc.
GATEWAY TO L3VPN
ContrailController
VMR1
VMR2
PhysicalL3VPN
BGP + Netconf
Overlay TunnelMPLS/GRE, MPLS/UDP, VXLAN
RedVirtual Network
VM VM VM VM
Route Reflector
LSP (RSVP, LDP)
BGPGateway Router (PE Router)
OpenStackCloudStack
![Page 13: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/13.jpg)
14 Copyright © 2013 Juniper Networks, Inc.
GATEWAY TO BARE-METAL SERVER
ContrailController
VMR1
VMR2
BGP + Netconf
Overlay TunnelMPLS/GRE, MPLS/UDP, VXLAN
RedVirtual Network
VM VM
Gateway Router or Switch
Bare Metal Server(Non-Virtualized Server)
OpenStackCloudStack
![Page 14: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/14.jpg)
15 Copyright © 2013 Juniper Networks, Inc.
Contrail Architecture
![Page 15: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/15.jpg)
16 Copyright © 2013 Juniper Networks, Inc.
CONTRAIL ARCHITECTUREA GENERAL PURPOSE SDN PLATFORM
Physical NetworkInteroperability with traditional network devicesAny-to-any non-blocking low-latency fabric: Q-Fabric or Clos
Virtual Network OverlayMulti-tenancy for private and virtual public cloudsGateway functions - connect to virtual to physical networkService chaining (physical and virtual)
MarketingHRFinance
Control Plane - Physical, VirtualOpen, standards-based, federated controllerScalable and resilient
Control Plane
Configuration manager, Automation
Control Plane Control Plane
Orchestration, Automation, AnalyticsOpen source and partner eco system of orchestratorsApi and sdk for integration with OSS / BSS OSS
![Page 16: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/16.jpg)
17 Copyright © 2013 Juniper Networks, Inc.
ROLE OF CONTRAIL IN A VIRTUALIZED ENVIRONMENTOrchestratorOpenStack, CloudStack
Contrail Controller"Logically Centralized, Physically Distributed"
Physical Network(Fabric)
Physical and
VirtualNetworkServices
VM
VM VM
VM
Server Server
Storage
Physical Network(Gateway)
Sto
rage
Com
pute
Network (Physical and Virtual)
Com
puteN
etw
ork
High Level Abstraction
Low Level Realization
Contrail vRouter
![Page 17: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/17.jpg)
19 Copyright © 2013 Juniper Networks, Inc.
SCALE-OUT NETWORK SYSTEM
JUNOSV CONTRAIL System
Configuration Node
Configuration Node
Control Node
ControlNode
ComputeNode
(Virtual Router)
ServiceNode
(SRX, Firefly, JSP, ...)
Analytics Node
Analytics Node
GatewayNode
(MX, EX/QFX, ...)
Orchestrator(OpenStack)
REST
IBGP
IF-MAP
XMPP BGP, NETCONF
Logically Centralized(Physically Distributed)
Horizontally Scalable
Highly Available(Active-Active)
Federated
![Page 18: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/18.jpg)
20 Copyright © 2013 Juniper Networks, Inc.
APIS FIRST
ConfigurationNodes
AnalyticsNodes
REST APIs
Contrail ControllerService Data Model
High Level of Abstraction
Generates
Contrail GUI OSS / BSS Service Orchestrator
![Page 19: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/19.jpg)
21 Copyright © 2013 Juniper Networks, Inc.
RICH INTEGRATED ANALYTICS
![Page 20: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/20.jpg)
23 Copyright © 2013 Juniper Networks, Inc.
OPEN CONTRAIL
Contrail is available as Open Source www.opencontrail.org. Commercial support available from Juniper.
Same features and scaling as commercial versionUses proven stable standards. Production-Ready.
Permissive license Apache 2.0
Integrated into open source virtualization stacksOpenStack, CloudStack
![Page 21: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/21.jpg)
24 Copyright © 2013 Juniper Networks, Inc.
Contrail Detailed Walk-Through
![Page 22: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/22.jpg)
25 Copyright © 2013 Juniper Networks, Inc.
LOGICAL TOPOLOGY
VMG1
VMG2
VMG3
VN G
VMR1
VMR2
VMR3
VN R
PN
VMFW
BMSR4
Virtual Network
Tenant Virtual MachinesVirtual Firewall
Physical Gateway RouterNon-Virtualized (Bare Metal) Server
Physical Network (Internet, L3VPN, ...)
![Page 23: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/23.jpg)
26 Copyright © 2013 Juniper Networks, Inc.
PHYSICAL TOPOLOGY
OpenStack ContrailController
NeutronNova
Virtualized Server
Hypervisor with Contrail vRouter
Non-Virtualized (Bare Metal) Server
Underlay Switches
Gateway Router to Internet or L3VPN
![Page 24: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/24.jpg)
27 Copyright © 2013 Juniper Networks, Inc.
MAPPING OF LOGICAL TO VIRTUAL TOPOLOGY
VMG1
VMG2
VMG3
VN G
VMR1
VMR2
VMR3
VN R
L3VPN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
![Page 25: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/25.jpg)
28 Copyright © 2013 Juniper Networks, Inc.
STARTING POINTEMPTY LOGICAL TOPOLOGY
VMG1
VMG2
VMG3
VN G
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
![Page 26: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/26.jpg)
29 Copyright © 2013 Juniper Networks, Inc.
CREATE GREEN TENANTCREATE VIRTUAL NETWORK "GREEN"
VMG1
VMG2
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN G
Create VN G
![Page 27: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/27.jpg)
30 Copyright © 2013 Juniper Networks, Inc.
CREATE GREEN TENANTCREATE VIRTUAL MACHINE "G1"
VMG1
VMG2
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN G
Create VM G1Attach to VN G
Nova: Create VM
VMG1
![Page 28: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/28.jpg)
31 Copyright © 2013 Juniper Networks, Inc.
CREATE GREEN TENANTCREATE VIRTUAL MACHINE "G1"
VMG1
VMG2
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
Neutron:Attach VM to VN
Create VM G1Attach to VN G
XMPP:Create routing-instance
![Page 29: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/29.jpg)
32 Copyright © 2013 Juniper Networks, Inc.
CREATE GREEN TENANTCREATE VIRTUAL MACHINE "G2"
VMG1
VMG2
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN G
Create VM G2Attach to VN G
VMG1
Nova: Create VM
VMG2
![Page 30: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/30.jpg)
33 Copyright © 2013 Juniper Networks, Inc.
CREATE GREEN TENANTCREATE VIRTUAL MACHINE "G2"
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
Neutron:Attach VM to VN
Create VM G2Attach to VN G
VMG2
XMPP:Create routing-instance
VMG2
![Page 31: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/31.jpg)
34 Copyright © 2013 Juniper Networks, Inc.
CREATE GREEN TENANTCREATE VIRTUAL MACHINE "G2"
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
Create VM G2Attach to VN G
VMG2
XMPP:Exchange routesCreate tunnels
VMG2
![Page 32: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/32.jpg)
36 Copyright © 2013 Juniper Networks, Inc.
CREATE GREEN TENANTCREATE VIRTUAL MACHINE "G3"
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
Create VM G3Attach to VN G
Nova: Create VM
VMG3
![Page 33: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/33.jpg)
37 Copyright © 2013 Juniper Networks, Inc.
CREATE GREEN TENANTCREATE VIRTUAL MACHINE "G3"
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
Create VM G3Attach to VN G
VMG3
Neutron:Attach VM to VN
XMPP:Create routing-instance
![Page 34: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/34.jpg)
38 Copyright © 2013 Juniper Networks, Inc.
CREATE GREEN TENANTCREATE VIRTUAL MACHINE "G3"
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
Create VM G3Attach to VN G
VMG3
XMPP:Exchange routesCreate tunnels
![Page 35: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/35.jpg)
39 Copyright © 2013 Juniper Networks, Inc.
CREATE GREEN TENANTEND STATE
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
![Page 36: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/36.jpg)
40 Copyright © 2013 Juniper Networks, Inc.
CREATE RED TENANTSAME STEPS AS GREEN TENANT
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
PN
VMFW
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
![Page 37: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/37.jpg)
41 Copyright © 2013 Juniper Networks, Inc.
CONNECT GREEN TO RED TENANT VIA FIREWALLCREATE VIRTUAL MACHINE FOR FIREWALL
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
PN
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
Create VM FWAttach to VN GAttach to VN R
VMFW
Nova: Create VM
VMFW
![Page 38: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/38.jpg)
42 Copyright © 2013 Juniper Networks, Inc.
CONNECT GREEN TO RED TENANT VIA FIREWALLATTACH FIREWALL TO RED AND GREEN VIRTUAL NETWORKS
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
PN
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
Create VM FWAttach to VN GAttach to VN R
VMFW
VMFW
Neutron:Attach VM to VNs
XMPP: Create routing-instance
![Page 39: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/39.jpg)
43 Copyright © 2013 Juniper Networks, Inc.
CONNECT GREEN TO RED TENANT VIA FIREWALLAPPLY POLICY, EXCHANGE ROUTES, AND CREATE TUNNELS
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
L3VPN
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
Apply PolicyVN G ↔ VN R
XMPP:Exchange routes
Create tunnels
![Page 40: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/40.jpg)
44 Copyright © 2013 Juniper Networks, Inc.
CONNECT GREEN TO RED TENANT VIA FIREWALLEND STATE
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
L3VPN
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
![Page 41: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/41.jpg)
45 Copyright © 2013 Juniper Networks, Inc.
CONNECT GREEN TO RED TENANT VIA FIREWALLDATA PLANE: RED ↔ GREEN TRAFFIC FORCED THROUGH THE FIREWALL
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
L3VPN
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
![Page 42: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/42.jpg)
46 Copyright © 2013 Juniper Networks, Inc.
CONNECT RED TENANT TO PHYSICAL L3VPNCONFIGURE L3VPN ROUTING INSTANCE
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
L3VPN
Apply PolicyVN R ↔ L3VPN
Netconf:Configure
routing-instance
![Page 43: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/43.jpg)
47 Copyright © 2013 Juniper Networks, Inc.
CONNECT RED TENANT TO PHYSICAL L3VPNEXCHANGE ROUTES WITH PHYSICAL ROUTER, CREATE TUNNELS
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
L3VPN
Apply PolicyVN R ↔ L3VPN
BGP:Exchange routes
Create tunnels
![Page 44: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/44.jpg)
48 Copyright © 2013 Juniper Networks, Inc.
CONNECT RED TENANT TO PHYSICAL L3VPNEXCHANGE ROUTES WITH VROUTERS, CREATE TUNNELS
VMG1
VMG3
VMR1
VMR2
VMR3
VN R
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
L3VPN
Apply PolicyVN R ↔ L3VPN
XMPP:Exchange routes
Create tunnels
![Page 45: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/45.jpg)
49 Copyright © 2013 Juniper Networks, Inc.
CONNECT BARE METAL SERVER TO RED TENANTUSE TOP-OF-RACK SWITCH AS GATEWAY
VMG1
VMG3
VMR1
VMR2
VMR3
VN RBMSR4
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
L3VPN
![Page 46: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/46.jpg)
50 Copyright © 2013 Juniper Networks, Inc.
CONNECT BARE METAL SERVER TO RED TENANTCREATE ROUTING INSTANCE
VMG1
VMG3
VMR1
VMR2
VMR3
VN RBMSR4
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
L3VPN
Attach BMS R4to VN R
using switch S
Netconf:Configure
routing-instance
![Page 47: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/47.jpg)
51 Copyright © 2013 Juniper Networks, Inc.
CONNECT BARE METAL SERVER TO RED TENANTEXCHANGE ROUTES WITH PHYSICAL SWITCH, CREATE TUNNELS
VMG1
VMG3
VMR1
VMR2
VMR3
VN RBMSR4
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
L3VPN
Attach BMS R4to VN R
using switch S
BGP:Exchange routes
Create tunnels
![Page 48: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/48.jpg)
52 Copyright © 2013 Juniper Networks, Inc.
CONNECT BARE METAL SERVER TO RED TENANTEXCHANGE ROUTES WITH VROUTERS, CREATE TUNNELS
VMG1
VMG3
VMR1
VMR2
VMR3
VN RBMSR4
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
L3VPN
Attach BMS R4to VN R
using switch S
XMPP:Exchange routes
Create tunnels
![Page 49: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/49.jpg)
53 Copyright © 2013 Juniper Networks, Inc.
CONNECT BARE METAL SERVER TO RED TENANTEND STATE
VMG1
VMG3
VMR1
VMR2
VMR3
VN RBMSR4
OpenStack ContrailController
NeutronNova
PHYSICAL LOGICAL
BMSR4
VN GVMG1
VMG2 VM
G2
VMG3
VMR1
VMR3
VMR2
VMFW
VMFW
L3VPN
![Page 50: SDN Controller](https://reader034.vdocuments.mx/reader034/viewer/2022052300/589f8b501a28ab1b198b464f/html5/thumbnails/50.jpg)
54 Copyright © 2013 Juniper Networks, Inc.
CONTRAIL IS BASED ON MPLS VPN TECHNOLOGY
P PPE PE
RouteReflector
RouteReflector
CECE
UnderlaySwitchvRouter
ControlNode
ControlNode
UnderlaySwitch
VM
VM
VM
VM
vRouterVM VM
IBGP
IBGP
IBGP
XMPP
MPLS over MPLS
MPLS over GRE or VXLAN
Network Management System (NMS)
DMI ConfigNode
Orchestrator
AnalyticsNode
SDN System
MPLS L3VPN / E-VPN Contrail