Juniper betas Contrail control freak for software-defined nets

Getting into the encrowdening field earlier than expected

Choosing a cloud hosting partner with confidence

Interop 2013 Juniper Networks is fast-tracking its Contrail software-defined network control freak to try to blunt the advances of myriad other players that have crashed onto the SDN bandwagon from all angles of attack. The JunosV Contrail Controller, which was not expected to be commercially available until sometime in the first half of 2014, but today at the Interop networking shindig in Las Vegas, Juniper will announce the Contrail code is in beta starting today and that it can deliver it with commercial-grade features and support before the end of 2013.

Like all other incumbent switch and router suppliers, Juniper is under pressure to come up with its own software-defined networks strategy and software, and to do so in such a way that it doesn't just cede control of the virty network to some other software supplier. That's important because in the not-too-distant future a lot of the profits in the network will be in the software, not the hardware, just as has happened in servers and is happening in storage today.

And thus the top brass at Juniper shelled out $176m in December to acquire stealthy SDN startup Contrail Systems. And a month later , when Juniper was laying out its SDN plans, former Microsoftie and Juniper software chief Bob Muglia said that Contrail's controller would be the foundation of Juniper's SDN strategy and that it would take until sometime until the first half of 2014 to get the controller ready for primetime. Well, apparently things are going better than expected, with the code in beta somewhere between three and six months early.

That's not really much of a surprise, actually. Contrail Systems, which was founded in early 2012, by Ankur Singla, who was CTO at Aruba Networks, and Kireeti Kompella, who was CTO and chief architect of the Junos network operating system at Juniper. A bunch of network experts from Cisco Systems and Google also joined the Contrail team, and the idea is to create a controller that is compatible with OpenFlow protocols and virtual switches, but which is based on existing network standards.

Specifically, the Contrail Controller is based on the Border Gateway Protocol (BGP) that is already embedded in Juniper switches and routers (and those of Juniper's hardware rivals). The Contrail Controller also uses XMPP, a protocol for transmitting message-oriented middleware messages, to control the virtual switches inside of hypervisors, and Brad Brooks, vice president of business development and marketing at Juniper, added another piece to the Contrail puzzle when he told El Reg that the Contrail Controller will also make use of an existing technology from telecom networks called Multiprotocol Label Switching (MPLS), which is a means of encapsulating packets on a network and controlling their forwarding through those labels and it exists in a fractal dimension somewhere between Layers 2 and 3 in the network stack. Juniper ate Contrail Systems just before it was about to uncloak, so we never got the deep dive on its guts, and Juniper is playing its Contrail cards pretty close to its vest even five months after the acquisition.

Juniper is only talking generally about what is in the JunosV Contrail stack

Juniper is only talking generally about what is in the JunosV Contrail stack

What Juniper has been clear about is that it wants to break the network into four control planes – management, services, control, and forwarding – and centralize lots of stuff on the controller and distributing other functions out onto switches and routers. One interesting difference between OpenFlow approaches and the Contrail approach, which Muglia described in January, is that Juniper plans to keep the master copy of the forwarding tables on the controller and copy them out to the switches rather than keeping the master copies on the switches and aggregating them on a controller. This seems more logical, but there will probably be much arguing about this among network gurus who know a hell of a lot more about it than this systems hack does.

By the way, just because the Contrail Controller and Juniper's SDN stack does not require OpenFlow protocols on the controller or the switches does not mean that the software will not eventually support OpenFlow protocols, or that Juniper's switches and routers will not have native OpenFlow support. Brooks says that OpenFlow support is coming to Juniper's Junos operating system and hardware.

The Contrail Controller, as you might expect, is written in C++ for high performance with interfaces written in Python. One of the things that Contrail was working on was integrating real-time analytics for the network traffic into the controller so it could react instantly to changes in traffic patterns or the stresses on particular pieces of iron in the net. The back-end analytics engine that is part of the Contrail Controller relies on the Cassandra distributed hash table database that was created by the techies at Facebook and then open sourced. There are dashboards for the controller that plug into the OpenStack cloud controller's Horizon graphical user interface, and data stored in the analytics engine can be exported to Hadoop or time-series databases for further analysis.

At the moment, the Contrail Controller is validated to run on Red Hat's Fedora development release atop the KVM hypervisor or on a bare-metal Linux server provided it has an X86 engine. Juniper is already getting requests to support the running of the SDN controller on the Xen hypervisor from Citrix Systems, and this is under development, and if companies want to use VMware's ESXi hypervisor or Microsoft's Hyper-V, this can, in theory, also be done.

"The challenge there is that these two are not open source," says Brooks.

In addition to the OpenStack integration, Juniper will today announce that it is working with Citrix to integrate its SDN wares with the CloudStack alternative to OpenStack, which is open source like OpenStack is. Cloudscaling, one of the several commercializers of the OpenStack cloud control freak, announced a few weeks ago that it had licensed the virty network wares from Juniper to put into its Open Cloud System 2.5, which will be released this summer.

The Contrail Controller is in public beta now, which means you can bug Juniper to get the software and plop it on any x86 server to see how it might fit into your shop. Juniper has not announced pricing for the Contrail Controller yet, but Brooks says that the controller license will be based on the number of servers that attach to it and that the pricing will be set on a per-socket basis to keep it simple. That way, Juniper doesn't have to charge a big number for the controller during proofs of concept and can rake it in as customers plug more iron into the controller. ®

Security for virtualized datacentres

More from The Register

next story
It's Big, it's Blue... it's simply FABLESS! IBM's chip-free future
Or why the reversal of globalisation ain't gonna 'appen
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Bitcasa bins $10-a-month Infinite storage offer
Firm cites 'low demand' plus 'abusers'
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
CAGE MATCH: Microsoft, Dell open co-located bit barns in Oz
Whole new species of XaaS spawning in the antipodes
Microsoft and Dell’s cloud in a box: Instant Azure for the data centre
A less painful way to run Microsoft’s private cloud
AWS pulls desktop-as-a-service from the PC
Support for PCoIP protocol means zero clients can run cloudy desktops
prev story


Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.