5. GENERAL CHALLENGES
OVER THE TOP
THREAT
NETWORK TO
CLOUD
TIME TO
SERVICE
PRODUCT
EVOLUTION
OSS
AGILITY
Addresses these challenges using existing assets without costly investments in
network refresh and proprietary OSS systems
Lengthy service
provisioning times of
days to weeks
IP Activation process
cumbersome
Lengthy new product
introduction &
certification times
Bundles limited by
physical infrastructure
OTT cloud providers
compete using internet
Network commoditised
Lack integration of
Public and Private
cloud offerings
Leveraging network
to differentiate
Expensive to replace
or augment current
OSS systems
6. TIME TO SERVICE
DEPLOYMENT
Code to production launch
OPERATIONAL
COMPLEXITY
# of SKUs to manage
OPERATING
EXPENSES
Servers managed per admin
…AND OTT PROVIDERS ARE INNOVATING FASTER
Dynamic network service automation is the key priority for Service Providers
AMAZON: 1 per 10,000 servers
TELCO: Less than 100
GOOGLE: Few seconds
TELCO: 10-12 Months
GOOGLE: 10s Configs
TELCO: Thousands configs
Opportunity for accelerating TTM, reducing costs and optimizing operations
8. HW HW
App App Network
Virtualization
& Automation
Compute &
Storage
Virtualization
Traditional (1990’s)
Management
Platform
Infrastructure
Hypervisor
App App App
HW HW
• Network functions / services available
as virtual machines
• Apps are re-architected for scalable
deployments, HA, IaaS / Paas
• App Developers have a self-service
model to get resources
Cloud (2010+)
• Apps run on dedicated
hardware
• Hardware for each
network function
App App App
Hypervisor
HW HW
Virtualization (2000’s)
• Virtualized apps have
flexibility to move
between hardware units
CLOUD CHANGES THE ARCHITECTURE
Enables Large Scale Automation & Network Function Virtualization
Capex savings through Virtualization
& higher device utilization
Benefits
Opex savings through
Agility & Automation
Benefits
9. PRIVATE
INFRASTRUCTURE
THE NEW NETWORK – BUILT FOR CLOUD
PROPRIETARY
HARDWARE
SERVICES
CONFIGURED,
MANAGED
TODAY
AUTOMATED &
ORCHESTRATED
VIRTUALIZED, ON DEMAND
SERVICES
HYBRID CLOUD
INFRASTRUCTURE
OPEN SOURCE, OPEN
STANDARDS
TOMMORROW
11. Silo’ed Resource Allocation
Manual Configuration
Static Service Chains
IT CLOUD
Dynamic Resource Allocation
Automatic Configuration
Dynamic Service Chains
CURRENT IT DATACENTER
VLANS VLANS
FINANCE HR MARKETING
Firewalls
Load-Balancer
MODERN IT DATACENTER
VIRTUALIZED
HR MARKETINGFINANCE
Virtual-Network based Orchestration (Compute, Storage, Apps)
Physical
Servers
Local Hard
Drives
12. CLOUD CPE SERVICE
Router Services
DHCP
RoutingCGNAT
Full featured CPE
in Virtualized Services
SP Delivered
Service Provider
IP Edge
IP VPN Service
Modem / ONT
Switch
Voice
DHCPRouting FW & UTM
ManagementWireless
Controller
Access Point
IPS/ IDS
SECURITY
Pulse
Tethered CPE
Modem / ONT Switch Access
Point
VoicePulse
Decrease cost of physical CPE
Increase agility of introducing new services
Decrease cost of servicing customers
Services limited by capability of physical CPE hardware
Expensive to roll out new services
Costly customer support
Routing
Unified Threat
WAN Optimization
Firewall
DHCPManagement
IPv4-v6
Caching
& Video
Load BalancingPolicy Control
DDOS
Traffic Detection/
DPI
Customer Value
CPE Delivered
13. NEXTIP VPN
Customer
Site A
SLBFWUTM CDN WAN
Opt
SELF-SERVICE ENTERPRISE SERVICES
Customer
Site B
TELCO CLOUD
Contrail SDN
2.
Openstack standard
interfaces provision virtual
services
1.
Standard API’s
allow for simple
portal control
3.
Use of standard routing
protocols to connect
ANY SP customer to
ANY service without
interfacing with IP-RDM
or similar
14. HYBRID CLOUD - IAAS AND VPC
End-to-End Virtual Network Orchestration and Automation
Standards-based, seamless internetworking within/across DC’s and Enterprise private network
17. OPENCONTRAIL COMPONENTS
Physical Network
(no changes)
Analytics
OPENCONTRAIL CONTROLLER
ControlConfiguration
Physical Host
with Hypervisor
vRouter
VM VM VM VM
Physical Host
with Hypervisor
vRouter
VM VM VM VM
WAN, Internet
Gateway
Accepts and converts orchestrator
requests for VM creation, translates
requests, and assigns network
Real-time analytics engine
collects, stores and analyzes
network elementsInteracts with network elements for
VM network provisioning and ensures
uptime
vRouter: Virtualized routing element
handles localized control plane and
forwarding plane work on the compute
node
Gateway: MX Series (or other router)
or EX9200 serve as gateway
eliminating need for SW gateway &
improving scale & performance
TODAY 2014
20. PROGRAMMABILITY
NB REST APIs allows easy integration with existing OSS/BSS
Network complexity abstracted out using rich and programmatic
interface, allowing for policy-based automation
SUMMARY: CONTRAIL IS A LEADING SDN SOLUTION
Agile deployment of network services for faster time to revenue
3rd party services can run unmodified on the platform, eliminating the
need for custom development
ACCELERATED TTM
LOWER TCO
Higher utilization of existing infrastructure & cost effective X86 HW
Centralizes management reducing operational cost & complexity
Uses standard protocols obviating need for specialized knowledge
NETWORK INSIGHTS
Collects & analyzes huge amounts of network state information
Offers APIs for 3rd party analytics & visualization software to integrate
with the system
OPENNESS &
INTEROPERABILITY
Contrail is open-sourced and integrates with Openstack, Cloudstack,
KVM, Xen, and other open-sourced products / components
Interoperable with other multi-vendor infrastructure and services
23. DEMO / HANDS-ON
• Creation of Virtual Networks
• Attachment of Virtual Machines
• Access Policy between Virtual Networks
• Floating IP / Distributed NAT using vRouter
• Service Insertion - NAT Gateway
• Debug & Analytics Information
24. TIER-ED NETWORKS DEMO TOPOLOGY
BACK-END
DATABASE TIER
NETWORK
FRONT-END
WEB-TIER
NETWORK
BE1 BE2 BE3 FE1 FE2 FE3
MX Gateway
Policy to connect front-end and
back-end
Centralized Control, Policy provisioning
Internet
Demo Machine connecting
to Openstack Horizon and
Contrail GUI
Floating IP
25. SERVICE CHAIN DEMO TOPOLOGY
ENTERPRISE
NETWORK
PUBLIC
NETWORK
E1 E2 E3 P1 P2 P3
FIREFLY
(INLINE NAT)
MX Gateway
NAT Service to connect Enterprise network VMs to
the outside world
Internet
Centralized Control, Policy provisioning Demo Machine connecting
to Openstack Horizon and
Contrail GUI
26. OVERLAY NETWORK
Host + HypervisorHost + Hypervisor
VIRTUAL
NETWORK
GREEN
VIRTUAL
NETWORK
BLUE
VIRTUAL
NETWORK
YELLOW
FW DPI
IP fabric
(switch underlay)
G1 G2 G3
B1
B3
B2
G1
G2
G3
Y1 Y2 Y3B1 B2 B3
Y2
Y3
Y1
VM and virtualized
Network function pool
VM and virtualized
Network function pool
Intra-network traffic Inter-network traffic traversing a service
… …
LOGICAL
PHYSICAL
28. WHAT?
Run OpenStack and OpenContrail on your laptop or in a VM
WHY?
Use to build & test OpenStack and OpenContrail code
Just play with OpenStack/OpenContrail features
HOW?
Ubuntu server/VM with 4GB RAM, access to github
DEVSTACK + OPENCONTRAIL