Juniper betas Contrail control freak for software-defined nets

Getting into the encrowdening field earlier than expected

Beginner's guide to SSL certificates

Interop 2013 Juniper Networks is fast-tracking its Contrail software-defined network control freak to try to blunt the advances of myriad other players that have crashed onto the SDN bandwagon from all angles of attack. The JunosV Contrail Controller, which was not expected to be commercially available until sometime in the first half of 2014, but today at the Interop networking shindig in Las Vegas, Juniper will announce the Contrail code is in beta starting today and that it can deliver it with commercial-grade features and support before the end of 2013.

Like all other incumbent switch and router suppliers, Juniper is under pressure to come up with its own software-defined networks strategy and software, and to do so in such a way that it doesn't just cede control of the virty network to some other software supplier. That's important because in the not-too-distant future a lot of the profits in the network will be in the software, not the hardware, just as has happened in servers and is happening in storage today.

And thus the top brass at Juniper shelled out $176m in December to acquire stealthy SDN startup Contrail Systems. And a month later , when Juniper was laying out its SDN plans, former Microsoftie and Juniper software chief Bob Muglia said that Contrail's controller would be the foundation of Juniper's SDN strategy and that it would take until sometime until the first half of 2014 to get the controller ready for primetime. Well, apparently things are going better than expected, with the code in beta somewhere between three and six months early.

That's not really much of a surprise, actually. Contrail Systems, which was founded in early 2012, by Ankur Singla, who was CTO at Aruba Networks, and Kireeti Kompella, who was CTO and chief architect of the Junos network operating system at Juniper. A bunch of network experts from Cisco Systems and Google also joined the Contrail team, and the idea is to create a controller that is compatible with OpenFlow protocols and virtual switches, but which is based on existing network standards.

Specifically, the Contrail Controller is based on the Border Gateway Protocol (BGP) that is already embedded in Juniper switches and routers (and those of Juniper's hardware rivals). The Contrail Controller also uses XMPP, a protocol for transmitting message-oriented middleware messages, to control the virtual switches inside of hypervisors, and Brad Brooks, vice president of business development and marketing at Juniper, added another piece to the Contrail puzzle when he told El Reg that the Contrail Controller will also make use of an existing technology from telecom networks called Multiprotocol Label Switching (MPLS), which is a means of encapsulating packets on a network and controlling their forwarding through those labels and it exists in a fractal dimension somewhere between Layers 2 and 3 in the network stack. Juniper ate Contrail Systems just before it was about to uncloak, so we never got the deep dive on its guts, and Juniper is playing its Contrail cards pretty close to its vest even five months after the acquisition.

Juniper is only talking generally about what is in the JunosV Contrail stack

Juniper is only talking generally about what is in the JunosV Contrail stack

What Juniper has been clear about is that it wants to break the network into four control planes – management, services, control, and forwarding – and centralize lots of stuff on the controller and distributing other functions out onto switches and routers. One interesting difference between OpenFlow approaches and the Contrail approach, which Muglia described in January, is that Juniper plans to keep the master copy of the forwarding tables on the controller and copy them out to the switches rather than keeping the master copies on the switches and aggregating them on a controller. This seems more logical, but there will probably be much arguing about this among network gurus who know a hell of a lot more about it than this systems hack does.

By the way, just because the Contrail Controller and Juniper's SDN stack does not require OpenFlow protocols on the controller or the switches does not mean that the software will not eventually support OpenFlow protocols, or that Juniper's switches and routers will not have native OpenFlow support. Brooks says that OpenFlow support is coming to Juniper's Junos operating system and hardware.

The Contrail Controller, as you might expect, is written in C++ for high performance with interfaces written in Python. One of the things that Contrail was working on was integrating real-time analytics for the network traffic into the controller so it could react instantly to changes in traffic patterns or the stresses on particular pieces of iron in the net. The back-end analytics engine that is part of the Contrail Controller relies on the Cassandra distributed hash table database that was created by the techies at Facebook and then open sourced. There are dashboards for the controller that plug into the OpenStack cloud controller's Horizon graphical user interface, and data stored in the analytics engine can be exported to Hadoop or time-series databases for further analysis.

At the moment, the Contrail Controller is validated to run on Red Hat's Fedora development release atop the KVM hypervisor or on a bare-metal Linux server provided it has an X86 engine. Juniper is already getting requests to support the running of the SDN controller on the Xen hypervisor from Citrix Systems, and this is under development, and if companies want to use VMware's ESXi hypervisor or Microsoft's Hyper-V, this can, in theory, also be done.

"The challenge there is that these two are not open source," says Brooks.

In addition to the OpenStack integration, Juniper will today announce that it is working with Citrix to integrate its SDN wares with the CloudStack alternative to OpenStack, which is open source like OpenStack is. Cloudscaling, one of the several commercializers of the OpenStack cloud control freak, announced a few weeks ago that it had licensed the virty network wares from Juniper to put into its Open Cloud System 2.5, which will be released this summer.

The Contrail Controller is in public beta now, which means you can bug Juniper to get the software and plop it on any x86 server to see how it might fit into your shop. Juniper has not announced pricing for the Contrail Controller yet, but Brooks says that the controller license will be based on the number of servers that attach to it and that the pricing will be set on a per-socket basis to keep it simple. That way, Juniper doesn't have to charge a big number for the controller during proofs of concept and can rake it in as customers plug more iron into the controller. ®

Remote control for virtualized desktops

More from The Register

next story
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Fat fingered geo-block kept Aussies in the dark
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
Turnbull should spare us all airline-magazine-grade cloud hype
Box-hugger is not a dirty word, Minister. Box-huggers make the cloud WORK
SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016
Flash WORM has a serious use for archived photos and videos
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
Do you spend ages wasting time because of a bulging rack?
No more cloud-latency tea breaks for you, users! Get a load of THIS
prev story


Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.