Juniper QFabric, Junosphere, Automation, and More
- Tony Mattke
- Networking
- November 4, 2011
The second day of Network Field Day 2 started early at the Juniper EBC, luckily Abner Germanow was prepared with breakfast for the weary and slightly hung over delegates. He gave us an overview of Juniper Networks as a whole including some back history of how they started innovating by putting routing code into ASICs. He quickly handed of to Dan Backman who started off by talking about how Junos has developed itself around workflows. He demonstrated the extensibility of Junos through tools like XML and API calls. Because of the way it was developed, they have the unique ability to provide powerful scripting and automation tools. Dan actually told us that the entire Junos back end is XML, which is VERY interesting. Next he brought up a live Juniper lab to show us the real power of their scripting/automation. This is the first time I’ve heard of Junos commit scripts, which I now wish I had in IOS. During this entire demonstration all of delegates really seemed to enjoy the flexibility Dan was demonstrating, by the end, he had us all drooling over it. And that was before he dropped the bombshell… his entire demonstration had been running inside of Junosphere. Before we were able to bombard him with questions about how to get access to it, he showed some a rather impressive demo using Cariden Mate, and an IS-IS db gathered from what appears to be the I2 backbone. Very cool stuff. Cariden was able to generate a topology from the database, and their plugin for Cariden was able to generate the appropriate Junosphere configuration/startup files. Several times during his presentation he made reference to there being “one more thing” or some secret he wanted to share. It wasn’t long before we learned they were going to give us access to Junosphere for testing! Be on the lookout for my Junosphere review once I’m able to check it out.
Next was “Shoeless” Dave Ward CTO of Juniper’s Platform Division, previously with Cisco Systems for 12 years where he designed little things like the CRS-1, CRS-3, and the ASR 9000 series.. definitely not a light weight. David was also one of the presenters at the Tech Field Day Open Flow Symposium earlier in the week, and as it happens he was back to talk about just that. This is a rather deep dive into Juniper’s approach for Programmable Networking, and I’m not sure I truly do it justice. Juniper has developed their controller inside a orchestration platform they’re calling Junos Space. From the sounds of it, Space is a layer that interacts with a fully comparable OpenFlow controller, David says they even have gear from Big Switch Networks running on their Space platform. He went on to talk about how Juniper has begun to market Service Engineered Paths (SEP), which are simply OpenFlow enabled Traffic Engineered (TE) paths can be programmed with permit/deny statements in front of them for particular service flows. This enables selective traffic path redirection based upon ephemeral data, such as LSPs being requested/configured via the OpenFlow software. This is very cool stuff, auto-magic end-to-end soft MPLS PVCs dynamically configured by the controller! Make sure you watch the video, it’s definitely worth the time.
Next up was a presentation from one of Juniper’s acquisitions, Altor Networks and their virtual firewall appliance, vGW. This is very similar to Cisco’s VSG in that it enables you to firewall all communications within the VMware cluster including those flows going between VMs. Since this isn’t exactly anything new, I’m not going to spend a lot of time covering it. In it’s simplest form, vGW is a high-performance hypervisor based stateful firewall with an integrated IDS, and AntiVirus protection. Update: Apparently I missed some details during this discussion. Luckily enough, Ivan has come out with another great post letting us know the significance of what Juniper has done with their vGW.
Last but certainly not least was a presentation on QFabric. Juniper’s answer to Cisco’s Fabric Path, Brocade’s VCS, and of course the industry standard TRILL. It is of course a proprietary solution, but in some cases that can be a non-issue. Of course, at around 5:20 into the vidoe, Juniper presented us with their own version of “the problem “, a series of slides that by this point in time we have seen over and over again… Although once Tony Bourke mentioned that we were well aware of “the problem” he recovered quickly and moved on. (Kudos for Tony for quite a tactful engagement and remediation of the situation!) Again, there isn’t a lot of ground breaking going on during this talk so I wont spend much time here… But if you’re dying for more information check out the artciles at IOShints and the Packet Pushers Blog / Podcast.
The last stop was their proof of concept lab which for a bunch of networking geeks is a great way to earn extra credit. Who doesn’t love a data center? Even better, the entire data center was a lab! Here are a few photos from the EBC Lab.