Network orchestration using the overlay network tunnels

Similar documents
Contrail Lab Manual. Contrail Specific Service Chaining

SDN CONTROLLER. Emil Gągała. PLNOG, , Kraków

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

Virtualization, SDN and NFV

Network Load Balancing

The New IP Networks: Time to Move From PoC to Revenue

ViSION Status Update. Dan Savu Stefan Stancu. D. Savu - CERN openlab

May 13-14, Copyright 2015 Open Networking User Group. All Rights Reserved Not For

Connecting your Virtual Machine to the Internet. BT Cloud Compute. The power to build your own cloud solutions to serve your specific business needs

DECODING SOFTWARE DEFINED NETWORKING (SDN) Nico Siebelink Technical Director Northern Europe

Lab Objectives & Turn In

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

Lab Developing ACLs to Implement Firewall Rule Sets

Introduction. What is a Remote Console? What is the Server Service? A Remote Control Enabled (RCE) Console

Software Defined Network (SDN)

Network Monitoring User Guide Pulse Appliance

The Distributed Cloud: Automating, Scaling, Securing & Orchestrating the Edge

Software defined networking. Your path to an agile hybrid cloud network

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

Microsoft Labs Online

Lab assignment #1 Firewall operation and Access Control Lists

Installing Intercloud Fabric Firewall

Lab Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance

Configuring Windows Server Clusters

MailMarshal SMTP in a Load Balanced Array of Servers Technical White Paper September 29, 2003

SharePoint 2013 on Windows Azure Infrastructure David Aiken & Dan Wesley Version 1.0

Firewall Examples. Using a firewall to control traffic in networks

Microsegmentation Using NSX Distributed Firewall: Getting Started

A Mock RFI for a SD-WAN

CloudCIX Bootcamp. The essential IaaS getting started guide.

RIDE THE SDN AND CLOUD WAVE WITH CONTRAIL

Network Functions Virtualization (NFV) for Next Generation Networks (NGN)

BASIC ANALYSIS OF TCP/IP NETWORKS

How To Configure L2TP VPN Connection for MAC OS X client

Lab Configure Cisco IOS Firewall CBAC on a Cisco Router

Lab - Configure a Windows Vista Firewall

What is SDN all about?

Web Application Firewall

Panel: Cloud/SDN/NFV 黃 仁 竑 教 授 國 立 中 正 大 學 資 工 系 2015/12/26

Lecture 02b Cloud Computing II

Managing Traditional Workloads Together with Cloud Computing Workloads

How To - Implement Clientless Single Sign On Authentication with Active Directory

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Global Knowledge MEA Remote Labs. Remote Lab Access Procedure

Microsoft Labs Online

Lab Diagramming Intranet Traffic Flows

The Promise and the Reality of a Software Defined Data Center

Designing Virtual Network Security Architectures Dave Shackleford

Mirantis OpenStack Express: Security White Paper

Installation Runbook for Avni Software Defined Cloud

Implementing Managed Services in the Data Center and Cloud Space

Uila SaaS Installation Guide

SOFTWARE DEFINED NETWORKING

How To Switch A Layer 1 Matrix Switch On A Network On A Cloud (Network) On A Microsoft Network (Network On A Server) On An Openflow (Network-1) On The Network (Netscout) On Your Network (

Assignment 3 Firewalls

VMware vcloud Air Networking Guide

Lab Configuring Access Policies and DMZ Settings

Data Center Virtualization and Cloud QA Expertise

Firewall Port Handling in TENA Applications

Business Case for Open Data Center Architecture in Enterprise Private Cloud

SECURE CLOUD CONNECTIVITY FOR VIRTUAL PRIVATE NETWORKS

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

NCX for Citrix NetScaler Delivering agile network services with industry leading application delivery controller

VM-Series Firewall Deployment Tech Note PAN-OS 5.0

Talari Virtual Appliance CT800. Getting Started Guide

Uptime Infrastructure Monitor. Installation Guide

Radware ADC-VX Solution. The Agility of Virtual; The Predictability of Physical

SonicWALL SRA Virtual Appliance Getting Started Guide

STONEGATE IPSEC VPN 5.1 VPN CONSORTIUM INTEROPERABILITY PROFILE

How To Set Up A Network Map In Linux On A Ubuntu 2.5 (Amd64) On A Raspberry Mobi) On An Ubuntu (Amd66) On Ubuntu 4.5 On A Windows Box

VPNC Interoperability Profile

SDN: A NEW PARADIGM. Kireeti Kompella CTO, JDI

ShadowControl ShadowStream

Department of Communications and Networking. S /3133 Networking Technology, Laboratory course A/B

SOFTWARE DEFINED NETWORKING: INDUSTRY INVOLVEMENT

Remote PC Guide for Standalone PC Implementation

SDN Architecture and Service Trend

I. What is VPN? II. Types of VPN connection. There are two types of VPN connection:

DEPLOYMENT GUIDE DEPLOYING F5 AUTOMATED NETWORK PROVISIONING FOR VMWARE INFRASTRUCTURE

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

Fujitsu Global Cloud Platform Microsoft SharePoint 2010 POC on Windows Server 2008

Reference to common tasks

Pandora FMS 3.0 Quick User's Guide: Network Monitoring. Pandora FMS 3.0 Quick User's Guide

Guideline for setting up a functional VPN

Lab assignment #2 IPSec and VPN Tunnels (Document version 1.1)

Network Services Orchestration Software Defined Networks, Network Function Virtualization - TODAY

Linux Network Security

Network Connect Performance Logs on MAC OS

Exercise 4 MPLS router configuration

REMOTE ASSISTANCE SOLUTIONS Private Server

SolarWinds Log & Event Manager

SDN PARTNER INTEGRATION: SANDVINE

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera VERSION May, 2015

Contrail Networking. Product Description. Your ideas. Connected. Data Sheet. Product Overview

Windows Azure Pack Installation and Initial Configuration

Carrier/WAN SDN. SDN Optimized MPLS Demo

Cisco Virtual Wide Area Application Services: Technical Overview

Data Center Connector for vsphere 3.0.0

ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY

Transcription:

Introduction Network orchestration using the overlay network tunnels Page 1 Juniper Contrail is an end to end IT solution based on the NFV/SDN applications. It not only provides the service providers and Enterprise the agility & scalability to manage the infrastructure but also provides the customers to monitor, manage and scale their virtual infrastructure in pay as you go model. One of the most key functions of Contrail is service chaining. This concept sets Juniper apart from its competitors. It s a simple concept that leads to the true meaning of the term VIaaS (Virtual Infrastructure as a service) Contrail enables an enterprise or Service provide reduce CAPEX and have on-demand- OPEX based architecture. Service chaining enables the customers to launch industry proven virtual appliances such as Firewalls, load balancers, application servers in a virtual server farm to have this networks functions available on demand. This adds flexibility and agility to the network architecture. Overview We are pleased to present a model for POC as a Service that would allow the user to visit our website and register for a trial of Juniper Contrail. We provide the infrastructure to our customers to test their use cases before they implement contrail within their organization. The POC as a Service intends to allow the customer to test the features available in Juniper Contrail, such as Service Chaining, Network Policing, Service virtualization, etc. Objectives 1. To familiarize user with Openstack and Contrail environment. 2. Provide a platform to explore the Juniper Contrail s features. 3. Give user a proof of concept of Contrail: a. How Virtual machines in various networks interact with one another. b. How Service Chaining works in Contrail and what are its capabilities. 4. Give step by step guide for various scenarios that can be created in lab. 5. Provide user the infrastructure and environment to also test his own networking scenarios. 6. By the end of this lab, user will be able to a. Create Networks b. Spin VMs and attach network to it c. Create service templates d. Launch service instances e. Devise policies with service instances f. Attach policies to networks g. Test Service Chaining in his own use case.

Page 2 Our lab scenario VM1.Blue and VM1.Green will spin on node 1 while VM2.Blue and VM2.Red will reside on node 2. The naming convention is such that, the numerical value is the node on which VM resides and the color describes its network. As VM1.Blue and VM2.Blue reside on same network therefore they will be able to ping each other regardless of the node. Service chaining will be performed between Green and Red networks using vsrx such that the traffic will be able to go from VM1.Green to VM2.Red but not the other way around. vsrx is pre-configured this way. Traditional Network topology CE PE MPLS L3VPN PE CE

Page 3 Physical network topology of our lab Overlay Tunnel MPLSoGRE / VXLAN Node 1 Node 2 JUNIPER CONTRAIL CONTROLLER Configuration Control Analytics Logical network topology of our lab VM1.Blue VM2.Blue VM1.Green vsrx VM2.Red Node 1 Node 2

Page 4 Guide Registering with ICLD will provide you a username and password to test our services for a limited amount of time. This is a step by step guide to help you create a use case of providing Juniper s VSRX as a service through contrail. Step 1: Create images in Open stack We have 4 images as shown below. In this case, Centos 6.6/Cirros can be used for VMs while other two are images of vsrx. One vsrx is preconfigured to send traffic from left to right interface and other one is unconfigured.

Page 5 Step 2: Create networks for our VMs. Here are the 3 networks (Green, red and blue) that we have created.

Page 6 Step 3: Now launch 4 instances. Images below are for VM1.Green Assign the instances their network

Page 7 Here are the 4 instances that we have created. VM1.Blue and VM1.Green reside on node 1(Dell) while VM2.Blue and VM2.Red are on node 2(NUC). Remember that color in naming convention depicts its network. Next, console into your VMs to verify that they are both up. Execute ifconfig command to check whether all of them have the correct IP addresses from the networks assigned to them

Page 8 Step 4: Now switch to Contrail dashboard and add vsrx template Here we can see that our template is created with the name of FireFly 12.1

Page 9 Step 5: Create a service instance. Assign Green to left interface and Red to right interface. A service instance (Firefly) is created, as shown below

Page 10 Step 6: Create a Policy in Contrail. In Networking>Policies, we can either block or unblock protocols like ICMP, TCP etc. from any port, between any networks. For the purpose of this example we are letting all protocols to pass between our Green and Red networks, with FireFly instance being used as a service. Below we see a policy named Green-Red, that we have created.

Step 7: Apply the policy to both networks (Green and Red) Page 11

Page 12 We can see that the policy Green-Red is attached to both our networks Step 8: Now open your VMs in console and ping each other to verify the connectivity between your VMs. The result should be: Both VM1.Blue and VM2.Blue should ping each other. While traffic should flow from VM1.Green to VM2.Red according to our configurations in vsrx. Thank You

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information