GDATA CENTER ARCHITECTURES

Guido Frabottigfrabotti@juniper.net

APPLICATIONS ARE DRIVING IT TRANSFORMATION

CloudsVirtualization SDN

DATACENTER = METAFABRIC ARCHITECTURE PORTFOLIO

Flexible building blocks; simple switching fabricsSwitching

Universal data center gatewaysRouting

Smart automation and orchestration toolsManagement

Simple and flexible SDN capabilitiesSDN

Adaptive security to counter data center threatsData Center Security

Reference architectures and professional servicesSolutions & Services

METAFABRIC LAYERS

FOUNDATION TECHNOLOGIES

40G Optics40G OpticsMulti-Silicon StrategyMulti-Silicon Strategy

L3 L3 FAT TREEFAT TREE

Virtual Virtual Chassis FabricChassis Fabric

QFABRICQFABRIC Universal Universal SDN GatewaySDN GatewayPHYSICAL

INFRASTRUCTURE

SRX SRX Security ApplianceSecurity Appliance

VMwareVMwareNSXNSX

Juniper Juniper FireFlyFireFly

JuniperJuniperContrailContrail

OpenOpenContrailContrail

OpenOpenDaylightDaylightNETWORK

VIRTUALIZATION

NETWORK FUNCTIONVIRTUALIZATION

Service-Chaining (DPI, Caching, NAT, Firewall)Service-Chaining (DPI, Caching, NAT, Firewall)

JunOS SpaceJunOS SpaceINTEGRATEDAPPLICATION AWARENESS

METAFABRIC ARCHITECTURE PILLARS

Easy to deploy & use

Save time, improve

performance

Maximizeflexibility

Simple SmartOpen

METAFABRIC REFERENCE ARCHITECTURE

Validated and tested designs

Version 1.1 – virtualized (VMware) Enterprise data center with key partners (IBM, EMC, F5)

Reduce risk – accelerate customer adoption

SWITCHING

JUNIPER ARCHITECTURES

Juniper ArchitecturesJuniper Architectures

Open ArchitecturesOpen Architectures

MC-LAG

…

QFX5100

Virtual Chassis

Up to 10 members

QFabric

Up to 128 members

IP Fabric

L3 Fabric

Virtual Chassis Fabric

Up to 20 members

BenefitsSingle point of management and controlPurpose-built and turnkey

BenefitsFlexible deployment scenariosOpen choice of technologies and protocols

One Architecture Does Not Fit All,

QFX5100 enables Choices!

JUNIPER ARCHITECTURE SCENARIOS

Juniper ArchitecturesJuniper Architectures

Core

Distribution

Access

QFabric Virtual Chassis Fabric

DEPLOYMENT SCENARIO DETAILS

Juniper Architectures

Attribute

Control Plane

Latency

Storage Convergence

1G Copper

1G Fiber

10G Copper

10G Fiber

MAC Addresses

ARP Entries

VLANs

Technology

VXLAN L2 Gateway

QFX3000-M/G

Centralized

3 μs /5μs

Yes

768/6,144

768/6,144

768/6,144

768/6,144

1,536,000

20,000

4K

QFabric

No

VCF

Centralized

1.5μs

Yes

1,536

1,536

1,536

288,000

48,000

4K

Virtual Chassis Fabric

Yes

1,536

Control Plane: VCF (in-band) vs. QFabric (out-of-band)

QFabric for large scale only

ISSU on VCF

ComparisonComparison

OPEN ARCHITECTURE SCENARIOS

Juniper ArchitecturesJuniper Architectures

Open ArchitecturesOpen Architectures

Core

Distribution

Access

QFX5100

or

EX9214

EX4300-VC

QFX5100

or

EX9214

QFX5100

EX9214

VCF

or

QFX3000-M

QFX5100

or

EX9214

QFX5100

QFX5100 when possible, otherwise EX9214 if required for scale

DEPLOYMENT SCENARIO DETAILS

Attribute

Control Plane

Latency

Storage Convergence

1G Copper

1G Fiber

10G Copper

10G Fiber

MAC Addresses

ARP Entries

VLANs

Technology

QFX5100-96S

+

EX4300-VC

Distributed

2μs

No

4,608

3,072

No

No

288,000

48,000

4K

MC-LAG

Open Architectures with the QFX5100 Spine

QFX5100-96S

+

QFX5100-48

Distributed

2μs

No

4,608

4,608

No

No

288,000

48,000

4K

MC-LAG

QFX5100-24Q

+

QFX5100-48

Distributed

2μs

No

No

No

896

896

288,000

48,000

4K

MC-LAG

QFX5100-24Q

+

QFX5100-24Q

Distributed

2μs

No

No

No

No

1,536

288,000

48,000

4K

MC-LAG Low latency overall

Port Density varies (<4,608)

QFX5100-96S + EX4300-VC for 1G deployment

ComparisonComparison

DEPLOYMENT SCENARIO DETAILS

Attribute

Control Plane

Latency

Storage Convergence

1G Copper

1G Fiber

10G Copper

10G Fiber

MAC Addresses

ARP Entries

VLANs

Technology

EX9214

+

QFX5100-48

Distributed

19μs

No

15,360

15,360

3,840

3,840

1,000,000

256,000

24K

MC-LAG

EX9200

QFX3000-M

Distributed

19μs

Yes

4,032

4,032

4,032

4,032

1,000,000

256,000

24K

MC-LAG

Open Architectures with EX9214 Spine

EX9214

+

EX4300-VC

Distributed

19μs

No

15,360

No

No

No

1,000,000

256,000

24K

MC-LAG High Port Density

Higher logical scale

Higher latency overall

QFX9214 + EX4300-VC for 1G deployment

EX9200 + QFX3000-M for storage convergence

EX9214: 240 10G ports at line rate

ComparisonComparison

VIRTUAL CHASSIS FABRIC

VIRTUAL CHASSIS FABRIC

What and Why

switching building blocks

EX4300

QFX3500

QFX3600

QFX5100

Network DirectorNetwork Director

APIs

Single Point of Management Full Layer 2 and Layer 3 ECMP Transit FCoE

Topology Independent ISSU Plug and Play Provisioning 4 spines and 16 leaves VXLAN L2 Gateway

Virtual Chassis Fabric

SERVER AND STORAGE CONNECTIVITY

Any Ethernet Media, High Resiliency,Flexible deployment10/100/1000M Copper10/100/1000M Fiber10G Copper10G Fiber10G or 40G FabricAny-port connectivityIn-Service Software Upgraden-Way multi-homingActive-Active pathsSingle Point of ManagementFCoE TransitiSCSI / NFS / CIFSLossless Ethernet / DCBHardware SDN support

Server Storage

QFX5100 QFX5100 QFX5100 QFX5100

10GbE POD 1/10/40GbE POD 1GbE POD

Spine QFX5100-24Q QFX5100-24Q QFX5100-48SQFX5100-96S

Leaf

QFX5100-48S

QFX5100-24Q

QFX3500 & QFX3600

QFX5100-48S

QFX5100-24Q

QFX3500 & QFX3600

EX4300

EX4300

10/40GbE spine and 1/10/40GbE leaf nodes

1, 10, 40, GE – ALL IN ONE FABRIC

10GbE 1/10/40GbE 1GbE40G

10G

2 spine nodes

10G 10G10G

QFX5100-24Q

1 2 18

10G 10G

3 4

QFX5100-48S

1 2

2 X uplinks

• 18 x 10GbE racks

• 936 x 10GbE ports 6:1 OS

10G 10G10G

QFX5100-24Q

1 2 16

10G 10G

3 4

1 2 3 4

QFX5100-24Q QFX5100-96S8 X uplinks

• 16 x 10GbE racks

• 1,536 x 10GbE ports 3:1 OS

4 spine nodes

2 OR 4 SPINE NODE DEPLOYMENTS

40G 40G

Integrated Routing Engine (RE)Inline Control PlaneControl Plane

VCF INTEGRATED CONTROL PLANE

• Dual RE (routing engine) with backup’s

• Distributed In-Band Control plane• VCCPD running on all members • Automatic fabric topology discovery• Loop-free fabric forwarding path construction

• Control traffic protection for converged fabric

Master Backup

Intelligent spine and leaf nodesFederated state

Distributed Forwarding

Data Plane

Backup RE

• All Fabric links active-active

• Traffic load balanced on all links

• 1.8usec inter rack latency

Master RE

• In rack switching

• 550nsec in rack latency

• 16 way server multi-homing

VCF INTEGRATED DATA PLANE

VCF DEPLOYMENT METHODS

Auto-provisioned

• Plug and Play• Pre-provision Spine Switches using single CLI• Remaining switches will join VCF automatically as a line card

Pre-provisioned

• No ambiguity of member role• All switches will be pre-provisioned into VCF

Non-provisioned

• Flexible• Configure VCP ports then regular VC master election will happen

automatically

{set | delete} virtual-chassis {pre-provisioned | auto-provisioned}

SMART TRUNKS

L1

T1

T2

T12

L2

L3

S1

S2

• Automatic fabric trunks• Fabric trunk types

• Next Hop (NH)-trunks• Remote Destination (RD)-trunks

• Weights-based multi-path (instead of NH link) bandwidth ratio to avoid fabric congestion

30G30G

15G15G

15G15G

10G10G

10G10G10G

20G20G

10G10G

20G20G15G15G

25G25G

30G30G

Virtual ChassisFabric AdaptiveFlowlet Splicing

Virtual Chassis Fabric versus others

10GbE scale 1000+ 1500+

Local forwarding No Yes

Intra rack latency 1.7usec 0.550usec

Inter rack latency 2.4usec 1.8usec

ISSU No Yes

Server multi-homing 2 way 16 way

Overlay gateway No Yes

Segmentation VR VR and MPLS

Power per switch 1000W <200W

Juniper VCFOther

Attribute

Flexible Topologies

ISSU

VXLAN L2 Gateway

NSX Control Plane

Single-point of Mgmt

Other

Only MLAG

Only spine

Only leaves

Only leaves

No

Juniper QFX5100

VC,MCLAG,VCF,QF

Yes – spine and leaf

Yes – spine and leaf

Yes – spine and leaf

Network Director

ISSUNetwork DirectorOverlayArchitecture choices

Juniper AdvantageJuniper Advantage

Virtual Chassis Fabric versus others (2)

L3 IP FABRIC

SPINE AND LEAF

Spine Spine

Leaf Leaf Leaf Leaf

Ingress

Middle

Egress

Scale

CLOS REQUIREMENTS

Requirement OSPF IS-IS BGP

Advertise prefixes Yes Yes Yes

Scale Limited Limited Yes

Traffic Engineering Limited Limited Yes

Traffic Tagging Limited Limited Yes

Multi-Vendor Stability Yes Yes Even more so

MULTI-STAGE CLOS BGP OVERVIEW

Spine Leaf Access

BGP RR Cluster

eBGP

BFD

iBGP

BFD

BGP ASN 1 BGP ASN 11

vSpine

MULTI-STAGE CLOS BGP DETAIL

SpineBGP RR

iBGP Down

LeafiBGP Up

eBGP Down

AccesseBGP Up

96x10GE 96x10GE 96x10GE 96x10GE 96x10GE 96x10GE 96x10GE 96x10GE

vSpine1 – ASN 1 vSpine2 – ASN 2

32x40GE 32x40GE 32x40GE 32x40GE 32x40GE 32x40GE 32x40GE 32x40GE

BGP RR BGP RR BGP RR BGP RR

eBG

P

ASN 11 ASN 12 ASN 13 ASN 14 ASN 15 ASN 16 ASN 17 ASN 18

iBGP iBGP

ROUTING & SDN

WAN (MPLS, IP)

MX: UNIVERSAL SDN GATEWAY

Vmware NSX Based POD Contrail SDN based POD Legacy, VLAN based POD

L2: EVPN, VPLS

L3: L3VPN, NG-MVPN

Industry leading L2-L3 LAN-WAN-Overlay Gateway

Standards based, multivendor solutions

Highly scalable, virtualized, multitenant connectivity

Vmware (VxLAN) POD

Contrail (MPLS, VxLAN) POD VLAN POD

Any to any gateway Universal SDN Gateway

Building on proven track record in major DC and SP deployments

With extensible, future proof platform capabilities

GW GW GW

USG COMPARISONS

Description

QFX5100

EX9200/MX

Layer 2

USG

Provide SDN-to-non-SDN translation, same IP subnet

✔

✔

NSX or Contrail talk Layer 2 to non-SDN VMs, bare metal and L4-7 services

Use Cases

Layer 3

USG

Provide SDN-to-non-SDN translation, different IP subnet

✔

NSX or Contrail talk Layer 3 to non-SDN VMs, bare metal and L4-7 services

and Internet

SDN

USG

Provide SDN-to-SDN translation, same or different IP subnet, same

or different Overlay

✔

NSX or Contrail talk to other PODs of NSX or Contrail

WAN

USG

Provide SDN-to-WAN translation, same or different IP subnet

✔

NSX or Contrail talk to other remote locations–

branch, DCI

X86 Appliance ✔ ✔

Competing ToRs ✔

Competing Chassis ✔

USG(Universal SDN Gateway)

USG(Universal SDN Gateway)

CONTRAILEXTENDING ADVANCED NETWORKING INTO THE VIRTUAL WORLD

Physical Network(no changes)

Analytics

CONTRAIL CONTROLLER

ControlConfiguration

Physical Host with Hypervisor

vRouter

VM VM VM VM

Physical Host with Hypervisor

vRouter

VM VM VM VM

WAN, Internet

Gateway

Simple, open and agile Virtual network overlay

Developer momentum OpenContrail community

VXLAN

• Virtual eXtensible Local Area Network (VxLAN)

• L2 connections within IP overlay– Unicast &

multicast

• Allows flat DC design w/out boundaries

• Simple and elastic network

• Options to run with and without SDN controller

WAN

Overlay environment

TOR

IP overlay connections established between VxLAN end-points of a tenant

IP overlay connections established between VxLAN end-points of a tenant

Gateway between

overlay LAN: one end of the VxLAN tunnels

Gateway between

overlay LAN: one end of the VxLAN tunnels

VDSVDS

VMVM

VMVM

VMVM

VMVM

VMVM

VMVM

Hypervisor / distributed

Virtual Switch – other end of

VxLAN tunnels

Hypervisor / distributed

Virtual Switch – other end of

VxLAN tunnels

Fully meshed unicast tunnels – for known L2 unicast traffic

Fully meshed unicast tunnels – for known L2 unicast traffic

PIM signaled multicast tunnels for L2 BUM traffic

PIM signaled multicast tunnels for L2 BUM traffic

Management Station

ETHERNET VPN (EVPN)

LAG

A new standards based protocol to inter-connect L2 domains

Juniper leading the multi-vendor industry wide initiative

Improves network efficiency

Ideally suited for Datacenter Interconnectivity

Allows L2 multi-tenancy in IP fabric DC

BGP based state

exchange

EVPN router

EVPN router

LAN

WAN

WHY EVPN

Where is EVPN Applicable: – DC Interconnect – allowing L2 stretch between data centers over WAN– For multi-tenancy in DC with VxLAN or MPLS as transport– Next generation L2VPN technology that replaces VPLS

Which customers will be interested in EVPN :– Data Center Builders – SPs, Enterprises, Content providers– These customers use MX is a DC WAN Edge Router– These customers use MX as a PE router for L2 business services

USE CASE: EVPN FOR DATA CENTER INTERCONNECT

VLAN 1MAC1

VLAN 2MAC 2

VLAN 1MAC11

VLAN 2MAC22

Data Plane LearningData Plane Learning BGP Control Plane based learning on WAN

BGP Control Plane based learning on WAN Data Plane LearningData Plane Learning

MX Series MX Series

Data Center Site1 Data Center Site 2 Data Center Interconnect

EVPN CloudEVPN Cloud

Legacy L2 CloudLegacy L2 CloudVxLAN CloudVxLAN Cloud

Benefits:•Seamless interconnect between DCs - L2 stretch between DCs•Seamless Workload migration - VM mobility across DCs•Wide Applicability – Interconnects Native L2 and overlay technologies

SECURITY

SMART DATA CENTER SECURITYRAPID THREAT IDENTIFICATION AND PREVENTION

Leading high-end firewall

Proven data center scale

Virtual host and perimeter security

Smart groups—automatic policy control

Optimized for performance

FireflySRX Series

Firewall

VM

VM

VM

Virtual Physical

VM

VM

VM

Virtual Physical

Data Center Global Attacker Database

Spotlight

MANAGEMENT

JUNOS SPACESMART NETWORK MANAGEMENT FROM A SINGLE PANE OF GLASS

VirtualNetworks

PhysicalNetworks

API

Visualize Physical and virtual visualization

Analyze Smart and proactive networks

Control Lifecycle and workflow automation