Feeds

Juniper unrolls MetaFabric, new switch

No piece of kit is an island - therefore send not to know for whom the traffic trombone honks, it honks for THEE

Top 5 reasons to deploy VMware with Tegile

Juniper Networks has rolled out a fabric architecture and switch, along with other swag. To get a handle on it all, Vulture South spent some time talking with Dhritiman Dasgupta, Juniper's director of platform solutions, to get a handle on key aspects of the release.

Taking the fabric architecture first: MetaFabric is starting with a focus on VMWare virtualised environments (it's released along with a reference architecture for the VMWare world). This covers systems from Junper, EMC, VMWare, IBM and Microsoft.

It's designed to cover Juniper's existing switching, routing and SDN products, as well as new kit like the QFX5100 switches, and the WAN and SDN capabilities added to the MX series routers. MetaFabric supports VMWare's ESXi, OpenStack and CloudStack orchestration environments, and Juniper's Contrail and VMWare's NSX SDN controllers.

Dasgupta says the ongoing lessons from virtualisation and large data centres are teaching vendors like Juniper about the management challenges the systems administrators face. For example, he said, “all devices need federated intelligence … so if there's 128 switches, you want to manage them from a single IP address and a single configuration file.”

And, he said, the management that applies to a single data centre should work just as well in a multi-site, multi-data-centre environment.

That means getting rid of the tendency for stuff to end up existing as resource islands, whether it's the physical servers, virtual servers running on the metal, devices like load balancers or firewalls, and the SDN on top.

“Islands can still end up not talking to each other,” Dasgupta said.

For example, traffic is (relatively) easily passed between VMs running on the same hypervisor in the same rack; but if you have VXLAN on one VM, NVGRE on the other, you need to take the traffic out into the IP layer, which in the x86 environment can be resource intensive.

Juniper's contention is that with multiplying hypervisors and increasing interest in making virtual machines more mobile between sites, “you need a translator … so you can read the VXLAN traffic in the packet forwarding engine, and let the PFE decide how to send it between data centres if necessary.

“Marrying the LAN and the WAN has always been a pain in the neck,” he continued. “For example, if you move a VM from one DC to another, the default gateway settings stay configured for the first data centre.”

That, Dasgupta said, leads to traffic tromboning – the routing infrastructure in the “target” data centre keeps sending traffic back to the “origin” data centre, until the network administrators dig in and reconfigure the settings.

He said support for Ethernet VPN in MetaFabric helps to address this. The fabric's VMTO – virtual machine traffic optimisation – lets a VM inherit the network configuration of the data centre it's moved to.

The fabric still retains support for more familiar protocols like MPLS and VLPS.

The accompanying release, the QFX5100 switch, he described as a “strategic 10G / 40G release for all Juniper architecture”, fitting in both the E and QFabric lines. It supports a variety of fabric architectures, including Virtual Chassis, QFabric, VCF, Spine Leaf, and various Layer 3-based fabrics.

It's available as a 72 port 10 Gbps switch including 48 10 Gbps and six 40 Gbps ports; or as a 32 port 40 Gbps QSFP+ switch including 24 40 Gbps fixed and two 4x40 Gbps expansion modules; or finally as a 96 port 10 Gbps switch including 96 10 Gbps ports and eight 40 Gbps ports.

Desgupta is particularly pleased with the QFX5100's in-service upgrade capability, something that's easy to do if the switch has redundant engines: instead of that, the switch is running multiple virtualised instances of JunOS, allowing the end user to upgrade one engine without taking the other out of service. The upgrade can then be activated and, if all's gone well, the other instance can be upgraded. Because nothing works unless it's got a nifty acronym, this has been dubbed TISSU (Topology-independent In-Service Software Upgrade), which of course ties into the industry's obsession with fabrics.

Other quick grabs from the launch briefing include:

  • New diagnostic capabilities – by probing all buffers in a switch every 8 ms, Juniper hopes to help sys admins trap what's going on when traffic bursts cause (usually) brief hangups on the network that are missed by more traditional tools like SNMP. Dasgupta said bursts will be captured into a file so they can be examined in tools like VCentral Director to diagnose and prevent such events.
  • Contrail now has VMWare ESX support. ®

Beginner's guide to SSL certificates

More from The Register

next story
Ellison: Sparc M7 is Oracle's most important silicon EVER
'Acceleration engines' key to performance, security, Larry says
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Lenovo to finish $2.1bn IBM x86 server gobble in October
A lighter snack than expected – but what's a few $100m between friends, eh?
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
Troll hunter Rackspace turns Rotatable's bizarro patent to stone
News of the Weird: Screen-rotating technology declared unpatentable
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.