Feeds

Rackspace floats virty router and firewall into its clouds

Forget iron, use heavenly Vyatta software appliances

The Essential Guide to IT Transformation

Moving to clouds should mean breaking free of all kinds of specific hardware devices and running as much software as possible on generic virtual machines – which is why Rackspace Hosting is partnering with Brocade Communications to bring its Vyatta vRouter software to its public and private clouds.

Brocade has been gradually building up its networking and routing capabilities, snapping up Foundry Networks for its Ethernet switching for $2.6bn in December 2008, and buying virtual networker Vyatta for an undisclosed sum in November 2012. Vyatta was founded in 2005 and brought out the first release of its virtual network appliances in October 2007.

Among many things, the Vyatta stack includes a virtual router (which means it runs on a virtual machine hypervisor) that can do a lot of the work that ISR and ASR machines from Cisco Systems can do. The vRouter software is not just a router, however it is named. It also includes a virtual firewall, virtual private networking for linking internal and external sites to each other securely, and a network address translation appliance that allows for applications and databases to be provisioned without public interfaces on the internet, but still able to get patches and updates from the outside world.

John Engates, chief technology officer at Rackspace, says that up until now, customers have had to do a number of different things to try to get these functions into their public or private cloud slices, such as using firewall rules built into Linux, or using OpenVPN as well as the open source Vyatta or the commercial-grade software which has extensions not available in the open source version.

A graphical user interface, integration with Chef and Puppet management tools, and integration with CloudStack and OpenStack cloud controllers is only available in the Vyatta Network OS Enterprise Edition. In hybrid cloud setups, Rackspace has even installed physical VPN, firewall, and routing appliances on behalf of customers.

"With Vyatta, customers can now get industrial-strength firewall, routing, and VPN into the cloud," says Engates, and in such a way that integrates with the Cloud Networks multi-tiered virtual Layer 2 networking service that is part of the public cloud as well as the RackConnect service.

The Cloud Networks service is based on VMware's NVP OpenFlow controller and Open vSwitch virtual switch, which plugs into the XenServer commercial-grade hypervisor from Citrix Systems that Rackspace uses to underpin its OpenStack-based public cloud. (VMware got its hands on NVP and Open vSwitch last year when it acquired virty networking upstart Nicira.)

The vRouter virtual appliance can also link systems running inside a private data center to the Rackspace Cloud. Up until now, customers had to use the RackConnect service, which required an F5 Big-IP or Cisco ASA hardware appliance, but now customers will be able to use vRouter virtual routers instead if they so choose.

One important thing, says Engates, is that both the Cloud Networks service and the vRouter service are both IPv6 compliant, so you don't have to mess around with IPv4.

The vRouter service is in early adopter phase now, which means it is in limited availability. But within the next month or so, Engates says Rackspace will feel comfortable enough with the virty firewall, router, NAT, and VPN appliance to make it generally available. The vRouter service will cost 18 cents per hour over and above whatever Cloud Server instance you run it on.

"We are recommending that people start with a 1GB RAM server instances," Engates. This instance should be able to handle about 30Mb/sec of bandwidth for firewall traffic, which is a pretty small appliance. In this case, the server instance costs 6 cents per hour, so you get the virtual firewall for 24 cents per hour, or about $2,100 per year.

If you need to step up to 100Mb/sec of bandwidth on the firewall, Rackspace recommends a 4GB server instance, which 24 cents per hour for the server and another 18 cents per hour, which works out to $$3,680 per year. ®

The Essential Guide to IT Transformation

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Microsoft says 'weird things' can happen during Windows Server 2003 migrations
Fix coming for bug that makes Kerberos croak when you run two domain controllers
Cisco says network virtualisation won't pay off everywhere
Another sign of strain in the Borg/VMware relationship?
Forrester says Australia, not China, is next boom market for cloud
It's cloudy but fine down under, analyst says
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.