technology breakout: campus...topologies access ring access ring no rings flexible no rewiring to...
TRANSCRIPT
Technology Breakout: Campus
Karl-Heinz Lutz– Partner Development
Disclaimer
This statement of product direction sets forth Juniper
Networks’ current intention and is subject to change at
any time without notice. No purchases are contingent
upon Juniper Networks delivering any feature or
functionality depicted on this statement.
Agenda
Agenda
• Un1te – Junipers Framework
• Trends in the market: new standards on it‘s way; 2,5 and 5 Gbps discussion
• Fusion – a new architectural approach
• New EX switching series
• ND3.0
Open Convergence Framework
wireless security ucc management
Ready to deploy best-of-breed enterprise solutions
Trends in the market
Trends in campus LAN
2,5- und 5-Gbit/s-Ethernet
• IEEE 802.3bz
• Purpose: aggregation of IEEE 802.11ac WiFi standard AP
• Probably named 2.5GBASE-T and 5GBASE-T (abbr: 2.5GbE & 5GbE)
• NBASE-T or MGBASE-T, transport over copper
• will work with Category 5e and Category 6 cables up to 100 meters span
Cloud Speed Adoption
2018 2014 2015 2016 2017
0
20
40
60
80
1 GE
10GE
40GE
25GE
50GE
100GEPe
rcen
t o
f serv
er
sh
ipm
en
ts
Source: Dell’Oro 2015
Trends in campus LAN
Power over Ethernet PoE++
• IEEE 802.3bt
• Purpose: augment the capabilities of existing Power Sourcing Equipment (PSE) and Powered Device (PD) specifications with Type 3 (≤ 60W at the PSE) and Type 4 (≤ 100W at the PSE)
• Probably named DTE Power via MDI over 4-Pair
Trends in campus LAN
Power over Ethernet PoE++
• IEEE 802.3bt
Multi-Gigabit Related Timelines 2015 -
Cisco/Aquantia ship
NBASE-T switch
IEEE merges NBASE-T/MBASE-T
2016 Vendors
announce pre-standard
products
2016 Aruba Wave 2 AP
Early 2017 - 2.5G based Wave 2 APs
2017 IEEE 802.3bz/802.3bt
2017 Juniper Switches FRS
(standards based)
Non-standard based products [draft] standard based products
Non-standards based Standards based (JNPR)
All speeds - 100M/1G/2.5G/5G/10G Some vendors only Yes
Up to 99.9W PoE (IEEE 802.3bt)
Some vendors only Yes
Interop testing with 2.5G APs No Yes
Junos Fusion
What is Junos Fusion Enterprise? Junos Fusion for Enterprise
Simple • Single management domain
• Plug and play deployment of access switches (ZTP)
• Single configuration with resilient control & data plane
Reliable • Carrier-grade control and data plane resiliency
• High availability and ISSU
• Consistent tooling across data center and campus
Flexible • Built on open protocols (802.1BR)
• Flexible attachment models and scalability
• Mix and match with traditional wiring closet switches
Junos Fusion Enterprise
Campus Building
Aggregation Device (AD):
EX9200
Satellite Devices (SD):
EX4300 (1H 2016), EX3400 (2H 2016),
EX2300 (2H 2016)
On-premise DC
* Subject to verification
Internal control protocols between AD and SD
Satellites management for all traffic related aspects (config / statistics / ports state)
LAG synchronization between Aggregation devices (MC-LAG)
LLDP
802.1BR+
Configuration synchronization between Aggregation devices Netconf
1
2
3
4
Satellites management for non-traffic related aspects (chassis, environment, upgrade ..) json-rpc
5
Devices discovery and auto provisioning
1 2 3
4
5
1 2 3
ICCP
Guest VPN
Sales VPN
Engineering VPN
Finance VPN
Unifying Enterprise Networks Simple Smart Flexible
Boston HQ
Junos Fusion Enterprise
Chicago
Junos Fusion Enterprise
San Francisco
Junos Fusion Enterprise
Cleveland
Junos Fusion Data Center
L3 / EVPN
Junos Fusion Enterprise elegantly unifies the enterprise
Extends EVPN capabilities to the access
Consistent segmentation across all sites
Uniform VLANs, configuration and policies
Junos Fusion Enterprise - Migration
Virtual Chassis
Satellite Cluster
Satellite Cluster
Satellite Cluster
• Hybrid mode supported
– MC-LAG/Access Switches and Fusion/SD
• MC-LAG with EX9200 and EX4300 can
migrate to Fusion
• Script to deploy Fusion ready MC-LAG
• Automate configuration conversion for access
layer switches
– Migrate to Fusion one closet at a time
Junos Fusion Enterprise – Competitive
Cisco
Instant Access
Dell Brocade
SPX
Juniper
Fusion Enterprise
Junos Fusion Benefits
Extended Ports 2,000 2,000 768 6,000 Fewer management points
Design simplicity
Lower cost
Max. VLANs 32 - 16 4,000 No compromise deployment
Topologies Access ring Access
ring
No rings Flexible No rewiring to migrate
Independent ADs No (VSS) No No
(Stacking)
Yes (Independent
Control Plane) Resilient design
SDs in cluster 5 8 N/A 10 Easy migration from stack
Flexible design
Uplinks 1G/10G 10G 10G/40G 1G/10G/40G Design Flexibility
Phased Software
Upgrade/Downgra
de
Possible Possible Entire
SPX
Supported Independent components enable
phased upgrades and easy migration
- EX9200 Series as AD
- EX4300 as SD
- 128 SDs in a Fusion fabric
- PoE/PoE+ on SD
- 10-member Cluster for SD
- LLDP-MED on SD
- Layer 2 forwarding
- IPv4 and IPv6 unicast
forwarding
- ACL features
- Network Director
- EX2300 and EX3400 as SD
- Access Security
- IPv4/v6 multicast forwarding
features
- QoS: L2 and L3 MF/BA
Classifiers
- Network Monitoring features
- Cable Diagnostics
- MACsec support on SD
downlinks
Junos Fusion Enterprise Roadmap
1H 2016 2H 2016
New EX switching series
Core/Distribution Evolution EX9200
Scale
(D
en
sit
y a
nd
Ela
sti
cit
y)
2014 2015 2016 2017+ 2013
Juniper Innovations
FRS
Cassis
XF Fabric
XF2 Fabric
EVPN
VXLAN
Eagle PFE
Junos Fusion Enterprise
10G MACsec
Virtualization
Cassis II
1G MACsec
NG Fabric
NG PFE
100G MACsec
IPSec
240G/slot
240G LC
480G/slot
260G/slot LC
10G/40G LC
Modular LC
480G/slot LC
10/40/100GbE
NG RE
1.2T/slot
400G Native
Shipping
Committed
Investigation
EX9200 Linecards Modular Linecard Multi-rate Linecard 40x10G MACsec
• Flexible configuration
• Lower 10GbE entry cost
• Up to 130Gbps throughput
• Interface cards
– 20 1GbE SFP
– 40 1GBASE-T
– 10 10GbE SFP+
• 480Gbps throughput
• Fixed 12 QSFP ports
• 48 10GE SFP+ w/ BO
• 12 40GE QSFP+
• 4 100GE QSFP28 optics
• 400Gbps throughput
• 40 x 10GE ports
• MACSec ready
• MACsec on all 40 ports
• AES 256 support
EA @ 240G
EA @ 240G
Fixed
MIC0
Fixed
MIC1
QSFP
QSFP
QSFP28
QSFP
QSFP
QSFP28
QSFP
QSFP
QSFP28
QSFP
QSFP
QSFP28
EA @ 240G
EA @ 240G
Fixed
MIC0
with
MACSec
Fixed
MIC1
with
MACSec
20
x S
FP
+
20
x S
FP
+
Access Evolution
Scale
(D
en
sit
y a
nd
Ela
sti
cit
y)
2014 2015 2016 2017+ 2013
Juniper Innovations
FRS
320G VC
1GbE/10GbE
MACsec
IPv6 access
security
Fusion Enterprise
2.5G/5G access
Mixed VC scale
Access control
Integration
Virtualization
EX4300
Virtual Chassis
EX4300 Fiber
EX4600
1/10GbE entry level
1/10/40GbE mid level
Mixed Virtual
Chassis
Fusion Enterprise
802.3bz
802.3bt
Compact
Fusion Enterprise
Aggregation
Shipping
Committed
Investigation
EX2300 Access Switch
Compact & High Performance
1GbE density 10GbE uplinks in 1RU
Standard Compliance
IEEE 802.3at (POE +)
Management Simplification
Junos Virtual Chassis* (4 devices - 10G support)
Operational Simplicity and Automated Config
Juniper Fusion Enterprise (IEEE 802.1BR support)
EX2300 and EX2300-C
*license needed planed for Juni 2016 timeframe
EX2300-C Overview
1Gbps Access Switch
12 x 10/100/1000Base-T ports
2 x 1GbE or 10GbE SFP/SFP+ ports
POE/POE + budget supported
124W 802.3at or 802.3af
Fixed Configuration
EX2300 SKUs* 10/100/1000Base-T
ports 1/10 GbE SFP/SFP+
ports Cooling POE/POE+
EX2300-C-12T 12 2 Fanless 0
EX2300-C-12P 12 2 Fanless 12
***PoE (15.4W) is supported on up to any 8 ports simultaneously ***PoE+ (30W) is supported on up to any 4 ports simultaneously
12 x 10/100/1000 Base-T
2 x 1GbE or 10GbE SFP/SFP+
USB/Console/Mgmt
EX2300 Overview
1Gbps Access Switch
24, 48x10/100/1000Base-T ports
4 x 1GbE or 10GbE fixed SFP/SFP+ ports
POE/POE + budget supported
370W on 24 port SKU
740W on 48 port SKU
Fixed configuration
4 x 1GbE or
4 x 10 GbE SFP/SFP+ 24, 48x10/100/1000Base-T
EX2300 SKUs* 10/100/1000 Base-T ports 10GbE SFP+ ports POE/POE+ ports POE/POE+ Power Budget Cooling AC/DC
EX2300-24T 24 4 0 0 1x Fixed, AFO Fixed AC
EX2300-24P 24 4 ***24 370W 2x Fixed, AFO Fixed AC
*EX2300-24T-DC 24 4 0 0 1x Fixed, AFO Fixed DC
*EX2300-24P-TAA 24 4 ***24 370W 2x Fixed, AFO Fixed AC
EX2300-48T 48 4 0 0 1x Fixed, AFO Fixed AC
EX2300-48P 48 4 ***48 740W 2x Fixed, AFO Fixed AC
*EX2300-48T-DC 48 4 0 0 1x Fixed, AFO Fixed DC
*EX2300-48P-TAA 48 4 ***48 740W 2x Fixed, AFO Fixed AC
*DC and TAA SKU are offered 2H 2016 ***Full PoE (15.4W) is supported on all ports with the fixed PSU (All SKUs) ***PoE+ (30W) is supported on up to 12 ports on -24 port SKU, up to 24 ports on -48 port SKU
Console, Mgmt, USB and Fixed power/Fan
EX2300 Platform Detail
EX2300-C-12T EX2300-C-12P EX2300-24T EX2300-24P EX2300-48T EX2300-48P
CPU ARMv7 Cortex A9 CPU 1.25GHz
DRAM/Flash 2GB/2GB
Performance 64Gbps/47.6Mpps 128Gbps/95.2Mpps
Management
RJ45 10/100/1G Mgmt port on front
One RJ45 Console and RS232 to
Mini USB Console on front panel
RJ45 type 10/100/1G Management port on rear
RJ45 type Console on rear and RS232 to Mini USB Console on front
USB One type-A USB HOST port, support
USB 2.0 (480Mbps) on front panel
One type-A USB HOST port, support USB 2.0 (480Mbps) on rear
panel
Ethernet Port 12 x 10/100/1G RJ45 port 24 x 10/100/1G RJ45 port 48 x 10/100/1G RJ45 port
Virtual Chassis
Port 2 x 10G SFP+ Fixed Fiber port 4 x 10G SFP+ Fixed Fiber port
PSU AC 40W AC 170W AC
65W/DC100W AC 450W AC 90W AC 850W
Cooling Fan less Single FAN Dual FAN Single FAN Dual FAN
System Air
Flow Air Flow Out (AFO – front to back air flow) only
A few software differences
• No IEEE802.1BR support
• No ERSPAN
• IEEE 802.1AG (LFM) Ethernet Link Fault
Management
• IEEE 802.3AH (CFM) Connectivity Fault
Management
• G.8032 (Ethernet Ring Protection Switching)
• IEEE802.1BR support *
• ERSPAN
• No LFM
• No CFM
• No ERPS
• IEEE 802.1X support differences
– No RFC 3576 support
– No Central Web Authentication Support
– No Flexible Auth order of MAC Auth
– No EAP-PAP protocol support for MAB
EX2200 EX2300
* Enterprise Fusion supported FRS +, operates in satellite mode as part of JUNOS Fusion for Enterprise
EX2300 – Transceiver Support Matrix
1GbE 10GbE
EX-SFP-1GE-T
EX-SFP-1GE-SX
EX-SFP-1GE-SX-ET
EX-SFP-1GE-LX
EX-SFP-1GE-LH
EX-SFP-GE10KT13R14
EX-SFP-GE10KT13R15
EX-SFP-GE10KT14R13
EX-SFP-GE10KT15R13
EX-SFP-1GE-LX40K
EX-SFP-GE40KT13R15
EX-SFP-GE40KT15R13
EX-SFP-GE80KCW1470
EX-SFP-GE80KCW1490
EX-SFP-GE80KCW1510
EX-SFP-GE80KCW1530
EX-SFP-GE80KCW1550
EX-SFP-GE80KCW1570
EX-SFP-GE80KCW1590
EX-SFP-GE80KCW1610
EX-SFP-10GE-USR
EX-SFP-10GE-DAC-1M
EX-SFP-10GE-SR
EX-SFP-10GE-LR
EX-SFP-10GE-ER*
EX-SFP-10GE-ZR*
EX-SFP-10GE-DAC-3M
EX-SFP-10GE-DAC-5M
Supported at FRS
*These ER/ZR optics are supported on EX2300 only, not supported on the –C platform, due to thermal requirements
MACsec
Supported on 1G and 10G interfaces
Juniper EX3400 Access Switch
Compact, High Performance, & Built-in Redundancy
1GbE density, 10GbE and 40GbE uplinks in 1RU, Dual
Redundant Power Supplies and Fans
Standard Compliance
Full POE (15.4W) support with a single PSU
Full POE+ (30W) support with dual PSU (1440 W)
Management Simplification
Junos Virtual Chassis (10 Devices - 40G support)
Operational Simplicity and Automated Configuration
Juniper Fusion Enterprise (802.1BR support)
EX3400
planed for Juni 2016 timeframe
EX3400 Overview
Mid Level 1Gbps Access Switch
24, 48x10/100/1000Base-T ports
4 x 10GbE or 1GbE fixed SFP/SFP+ ports
2 x 40GbE fixed QSFP+ ports *
POE/POE + budget supported
370W or 720W on 24 port SKU
740W or 1440W on 48 port SKU
4 dual-mode
1GbE/10GbE SFP/SFP+ 24, 48x10/100/1000Base-T
EX3400 SKUs* 10/100/1000
Base-T ports 10GbE SFP+
ports 40GbE QSFP+
ports POE/POE+
ports POE/POE+ Power
Budget Cooling AC/DC
EX3400-24T 24 4 2 0 0 2 x Hot-Swappable/Redundant Fans, AFO AC
EX3400-24P 24 4 2 24 **370W or 720W 2 x Hot-Swappable/Redundant Fans, AFO AC
EX3400-24T-DC 24 4 2 0 0 2 x Hot-Swappable/Redundant Fans, AFO DC
EX3400-48T 48 4 2 0 0 2 x Hot-Swappable/Redundant Fans, AFO AC
EX3400-48P 48 4 2 48 **740W or 1440W 2 x Hot-Swappable/Redundant Fans, AFO AC
EX3400-48T-AFI 48 4 2 0 0 2 x Hot-Swappable/Redundant Fans, AFI AC
*2 x 40GbE QSFP+ ports used as uplink or VC, breakout of 10-GbE not supported (Same as EX4300)
POE is supported on all ports with a single power supply
POE+ is supported on all ports with dual power supplies
Field Replaceable
Fans Dual Power
supply slots
Console/
Mgmt/USB
2 x 40GbE
QSFP+
EX3400 Platform Detail
EX3400-24T EX3400-24P EX3400-48T EX3400-48P
CPU Dual-core ARM Cortex A9 1GHz
DRAM/FLASH 2GB/2GB
Performance 288Gbps/214.2Mpps 336 Gbps / 250Mpps
Management miniUSB at front panel, RJ45 type RS232 at rear panel, Ethernet management port at rear panel
USB One type-A USB port at rear panel, support USB 2.0 (480Mbps)
Ethernet Port 24 x 10/100/1G RJ45 Copper port 48 x 10/100/1G RJ45 Copper port
Virtual Chassis Port 4 x 10G SFP+ fiber port AND 2 x 40G QSFP+ fiber port
PSU 2 x Hot-swappable (Pluggable) PSU, support 1+1 redundancy & load sharing
150W AC/DC 600W AC 150W AC 920W AC
Cooling 2 x Hot-swappable (Pluggable) FAN Tray 1+1 FAN redundancy
System Air Flow AFO only AFO only AFO & AFI AFO only
A few software differences
• No configurable TCAM support
• No IEEE802.1BR support
• No ERSPAN
• IEEE 802.1AG (LFM) Ethernet Link Fault
Management
• IEEE 802.3AH (CFM) Connectivity Fault
Management
• G.8032 (ERPS) Ethernet Ring Protection
Switching
• BGP v4
• Configurable Unified Forwarding Table
(UFT) FRS +
• IEEE802.1BR support*
• ERSPAN
• No LFM
• No CFM
• No ERPS
• No BGP
• IEEE 802.1X support differences
– No RFC 3576 support
– No Central Web Authentication Support
– No Flexible Auth order of MAC Auth
– No EAP-PAP protocol support for MAB
EX3300 EX3400
* Enterprise Fusion supported FRS +, operates in satellite mode as part of JUNOS Fusion for Enterprise
Hardware Comparison
• Increased uplinks to 10G
• Increased virtual chassis bandwidth
• Added 802.1BR support
From EX2200 to EX2300
• Increased uplinks to 40G
• Increased virtual chassis bandwidth
• Added 802.1BR support
• Added FRUable redundant Fans
• Added FRUable redundant PSU SKUs
• Added MACsec
From EX3300 to EX3400
Feature EX2200 EX2300
Uplinks/VC 4 x 1G 4 x 10G
PoE Budget 405 W 740 W
Fusion SD NO YES
VC license at 10G NO YES
MACsec NO NO
Feature EX3300 EX3400
40G ports 0 2
Hot-swappable PSU NO YES
PoE Budget 740 W 1440 W
Fusion SD NO YES
VC license at 40G NO NO
MACsec license NO YES
!!!
Half Duplex support at FRS • Supported on EX2300
– 24 port SKUs will support up to 16 ports
– 48 port SKUs will support up to 32 ports
– 12 port SKUs will support up to 12 ports
– Ports will not be labeled on the chassis
– Ports are assigned to the initial 16 ports of ASIC
• EX3400 at FRS will not support Half Duplex
Half Duplex first 16 Ports on ASIC
All shipped devices carry a sticker with a QR code, which maps to the device’s serial number/mac address or both.
At the time of physical lab setup,
lab admin puts a sticker with a
QR code on each rack(one time
effort). This QR code captures
the location of rack (Site >
Building > Floor> Aisle)
EX2300 and EX3400 Rack n’ Roll Overview
- EX9200
- EX9200 sFlow for IPv6
- EX9200 LX4, LRM optic
- EX9200 512K FIB
- EX9200 MC-LAG Simple User Experience
- L2VPN
- EX4600
- IPv6 PIM multicast
- VR support on PIM
- L3VPN
- EX9200
- 802.3x*
- EX4600
- EVPN*
- L2PT*
EX Platform Software Roadmap
1H 2016 2H 2016
* Investigating, not committed
Network Director 3.0
Network Director Campus & Branch (2016)
Junos Fusion Enterprise provisioning workflow
Junos Fusion Enterprise cluster management
Network segmentation provisioning workflow
Zero Touch Deployment
Key Management (VPN & MACSEC)
Universal CPE management
Unified visibility; 3rd party WLAN & switches
Under investigation
Unified switching & security UI & workflows
Connectivity management
Microsoft Lync integration
Access control security integration
1H2016 2H2016
Network Director 3.0 highlights
Cloud Enabled Enterprise
• Junos Fusion for Enterprise support
Simplification
•Auto Profile
•Easy Config
• Fusion Data Center support
•Controller-less overlay support: EVPN/VXLAN provisioning
Visibility
• Fusion campus and Data center visibility
• EVPN/VXLAN monitoring
Easy Config
1
2
3
Portal for day to day operations
Allow the network admin or help desk to make quick and point changes
Ability to configure vlans, POE,802.1x
Portal UI
Apps
Data
Finance
Video
Active Directory
/LDAP
Corporate Data Center
WLC
Wireless User
Tablet/smartphone
UAC
SRX
AP
SmartPass
Internet
EX4300 Virtual Chassis
EX9200 MC-LAG
Supported Use Cases
• 802.1X authentication
• MAC authentication
• Guest user authentication*
• BYOD*
• Device profiling
• SRX EX Aruba use cases*
• UserFW
• UserFW query
• Threat detection/mitigation
Access Policy Integration
Clearpass /
ISE/Other
RADIUS
EX
Profiling
Server
* Not supported on Cisco ISE
Ethernet Fabric: Junos Fusion
Virtual Chassis Fabric
Multi-Tier Ethernet IP Fabric
Overlays
(VXLAN, EVPN and
MPLS)
Common Building Block
QFX5K Spine/Leaves Switches
QFX10K
Spine Switches
Juniper Switches Support Diverse Architectures
IT/Cloud Ops Network Ops DevOps
Controller
Additional useful information
How to make things easier –
• Network Design and Architecture Center – Data Center Networks
• J-Net Forum TechWiki
• Cloud Labs
What is Juniper Cloud Labs (JCL)?
• Juniper Cloud Labs or JCL is Juniper's self serve portal for SEs and Partner Ingenious Champion to get access to Juniper devices for sandboxes and demonstrations.
• The system itself is comprised of two parts:
• The web pages -- They contain information about the available sandboxes, demonstrations and solution showcases. These are the pages you're viewing now.
• The JCL Portal Pages -- They provide access to the equipment sandboxes, demonstrations and showcases.
Questions ?
Thank you
#JuniperIDEAS
Thank you
Breakout Session SP / SDN / NFV Sergei Gotchev Partner System Engineer
Alicante, May 2016
This statement of product direction sets forth Juniper
Networks’ current intention and is subject to change at
any time without notice. No purchases are contingent
upon Juniper Networks delivering any feature or
functionality depicted on this statement.
LEGAL STATEMENT
MX Portfolio
MX 2010
10 LC / 34RU
40Tbps
Chotu
10 LC / 24RU
40Tbps
MX 2020
20 LC / 45RU
80Tbps
4Q2016
MX 480
6 LC / 8RU
7.2Tbps
MX 960
11 LC / 16RU
13.2Tbps
MX 240
2 LC / 5RU
2.4Tbps 2RU
80 Gbps
MX 80 MX 104
4RU
80 Gbps
vMX
N x 10Gbps
Physical Characteristics
• 28nm process
• 23.44mm x 23.15 mm die size
• More than 60% power consumption reduction, enabling 0.5W
per gigabit at the system level
Capabilities
• All Trio forwarding features
• High scale flow export, video monitoring
• Ethernet OAM and BFD
• Performance monitoring
• Sophisticated packet parsing, lookup and encapsulation
• Integrated rich queueing
• Improved tunnel performance
• Chip level telemetry and analytics support
Industry’s first 400GE
capable network
processor
Introducing EA (Eagle), 3rd generation Trio ASIC
MX2008?
MX2008 (Chotu) Details
Chotu Details
Slots • 10 I/O Slots
Rack Size • 24RU, Standard 19” Rack
Power • AC/DC : N+1 Redundancy PSM, N+N feed
redundancy, 12KW
Fan and Cooling
• 2 Fantrays
• Front to Back Airflow
• Single Cooling Zone
RE/RP • 1+1 RE Redundancy
Fabric • 7+1 Switch Fabric Redundancy; 2Tb/slot at FRS
BW • Chassis capable of 4Tb/slot at FRS
NEBS • GR-63 NEBS Compliant
FRS and General Availability timelines :
• HW Release: 2H 2016, December 2016 timeframe
• FRS: 15.1F7, forward-port to 16.1R4, Mainline 17.1R1
Investment Protection
• Common MX2K MPCs
• Common MX2K power and cooling FRUs
Same mid plane MX2010 design
• Common features and feature velocity with MX2020/2010
Density
• Unmatched 10G/100G density with Edge feature set
• Roadmap to industry leading 4Tbps/slot for Edge platforms
Environmental
• GR-63 NEBS
• Half-Rack design
• Reduced power footprint option
• Available single phase AC support
Value Proposition
• Chassis
• RE-CB (Mechanical variation of MX NG-RE)
• Fabric (MX2000-SFB2 fabric with one fabric chip depopulated)
What’s new?
Switching Plane (MPC9E with SFB2)
o Each PFE has three lanes to each of
the eight fabric cards = 3 lanes x 8 =
24 lanes
o Each lane capable of 25Gbps, hence
total capacity per slot =
24x4x25Gbps = 2.4 Tbps
Fabric #1
Fabric #2
Fabric #8
LC#0
EA1
EA2
EA3
EA0
LC#9
EA1
EA2
EA3
EA0
***
MPC7E, MPC8E, MPC9E and MX2K Switch Fabric Overview
MPC7E, MPC8E and MPC9E Applications
Rich Services: L3 VPN, VPLS, EVPN, VPLS, MEF-defined services
Traffic Differentiation: Ingress and Egress Queueing, enhanced scheduling priorities
Resiliency: Tail end protection, egress circuit protection, prefix independent convergence
Performance: Highest bandwidth per subscriber at scale
Service Models: PPPoE, DHCP, C-VLAN, S-VLAN
Traffic Insight: Inline Video Monitoring
Peering
Business
Edge
Broadband
Edge
Services: VPLS, EVPN, L3 VPN, Internet Routing
Overlays: VXLAN with VMWare, Juniper Contrail
Various Deployment Scenarios: MC-LAG, Virtual Chassis
Data Center
Gateway
Performance: High FIB Scale for IP Core
Load Balancing: Extensive payload analysis, adaptive techniques Core
Performance: High FIB Scale, Forwarding Performance at small packet sizes
Control Plane Protection: TTL Security, Loopback Filters, Suspicious Flow Detection
Traffic Visibility: Inline IPFIX, Source Class Usage/Destination Class Usage, Filter Counters
Attack Mitigation: FlowSpec, Efficient GRE Encapsulation / Decapsulation
UPGRADE
EA @ 240G
EA @ 240G
Fixed
MIC0
with
MACSec
Fixed
MIC1
with
MACSec
20
x S
FP
+
20
x S
FP
+
MPC7E-10G
EA @ 240G
EA @ 240G
Fixed
MIC0
Fixed
MIC1
QSFP
QSFP
QSFP28
QSFP
QSFP
QSFP28
QSFP
QSFP
QSFP28
QSFP
QSFP
QSFP28
MPC7E-MRATE
1584
1.4W
MACSec
Universal
Flexible
Smooth
Trio
10GE interfaces per rack
per gigabit at system level at 40C
for confidentiality with AES-256 support (10G card)
multi-rate 10/40/100GE ports to reduce spares
software-enabled queueing options
upgrade. Same hardware and 15.1 with JAM/JUNOS Continuity
feature set, analytics, QoS and performance enhancements
1/3rd of a rack
MX960
All 11 slots
In use
DEPLOY NEW LEVERAGE
Existing chassis and
double capacity to meet
traffic growth demands
Systems at the services
edge, peering sites, in the
metro and in the data
center
Extensive Trio feature set
for service flexibility
MPC7E Line Cards
UPGRADE
MX2K-MPC8E
MX2K-MPC9E
320
0.94W
Modular
Universal
Flexible
Smooth
Trio
100GE interfaces per chassis
per gigabit at system level at 40C
line cards for future 400GE support
multi-rate 10/40/100GE ports to reduce spares
software-enabled queueing options
upgrade. Same hardware and 15.1 with JAM/JUNOS Continuity
feature set, analytics, QoS and performance enhancements
MX2020
DEPLOY NEW LEVERAGE
Existing chassis and
quadruple capacity to
meet traffic growth
demands
Systems at the services
edge, peering sites in the
metro and in the data
center
Extensive Trio feature set
for service flexibility
MIC
-MR
AT
E
8 x QSFP28/
QSFP+
4 x QSFP+
MIC
-MR
AT
E
8 x QSFP28/
QSFP+
4 x QSFP+
EA @ 240G
EA @ 240G
EA @ 240G
EA @ 240G
MIC
-MR
AT
E
4 x QSFP28/
QSFP+
8 x QSFP+
MIC
-MR
AT
E
4 x QSFP28/
QSFP+
8 x QSFP+
EA @ 400G
EA @ 400G
EA @ 400G
EA @ 400G
MPC8E and MPC9E Line Cards
Optics
SOFTWARE
QSFP28: 100GE LR4, SR4
QSFP+: 4 x 10GE LR, SR
QSFP+: 40GE LR,SR
15.1F5-S1 (JAM/JUNOS Continuity)
16.1R1
8 x QSFP28
Ports
Description
12 x QSFP Universal Port MIC for MPC9E and MPC8E
line cards.
• All ports support 4 x 10GE and 40GE
• 8 ports support 100GE QSFP28 when used in MPC9E
• 4 100GE ports supported when used in MPC8E
Connectivity
MIC-MRATE, 12 x QSFP Universal Port MIC
SFB2 MX2010 and MX2020 1.6T Switch Fabric
LINE CARDS
SOFTWARE
All MPCs
15.1F5-S1 (JAM/JUNOS Continuity)
16.1R1
Description
MX2010 and MX2020 Switch Fabric enabling 1.6T
capacity per slot
• 2T per slot with 8 fabrics active
• > 1.6T per slot with 7 fabrics active
Capacity
OTHER Existing Power Supplies / FAN Trays
MX Next Generation RE & MX Virtualization
Node Virtualization
Motivation
Network Convergence for better TCO
Need for network agility and innovation
Flexible risk management
Need to scale up and down
Solution
Partition MX into slices
Each slice is equivalent to an MX
Enable fabric based communication
Enablers
NG-Routing Engine
Virtual RE
MX Trio architecture
Virtual Fabric Interfaces
Modeling & Orchestration
edge router
edge router
edge router
edge router
BNG
PE
VIDEO
EDGE
BNG
PE
VIDEO
EDGE
MULTIPLE PHYSICAL EDGE ROUTERS
SINGLE PHYSICAL EDGE ROUTER WITH
MULTIPLE FUNCTIONS
TODAY
SINGLE PHYSICAL MX PARTITIONED IN SLICES
EACH FOR ONE FUNCTION
SLICE1
BNG1
SLICE2
PE
SLICE3
VIDEO
EDGE
SLICE4
BNG2
NODE VIRTUALIZATION
Introducing the new MX NG-RE
Numbering During Power On Indicates During Power Off Indicates
5
Off Slow Blink RE is powered on Green Fast Blink Button Press
Slow Fast Blink Linux Booted Fast Slow Blink JunOS shutdown
Fast Blink Green JunOS Booted Slow Blink Off Linux Shutdown
Numbering Name Description
2 Auxiliary Port RS232 UART Port
3 Console Port RS232 UART Port
4 Management Port 10/100/1000Base-T Ethernet Port
6 Online/Offline Switch Switch to change the state of RE
7 & 10 SSD LED Status & Compartment Two SSD with respective LED Status
8 USB Port Used for Fresh install of OS.
9 Reset RE Reset
Specification Overview
Specification MX MX2K PTX5K
CPU Intel Haswell 6 Core
@ 2.0Ghz Intel Haswell 8 Core @ 2.3Ghz
Memory 64GB (DDR4)
Storage DUAL 64GB SSD
Virtualization Intel VT-x / VT-d / VT-c
Yocto Linux / KVM / QEMU
RE-CB Interface 10G
Software
15.1F3, 16.1R1
SMP Enabled
64b RPD
15.1F5, 16.1R4,
16.2R1
SMP Enabled
64b RPD
15.1F3, 15.1F4,
16.1R1
SMP Enabled
64b RPD
* Future
*
*
JUNOS KERNEL: (SMP)
Platform Support Matrix
Hardware/Software RE-S-X6-64G-S RE-S-X6 / REMX2K-X8
Chassis: MX960/MX480/MX240 X
Chassis: Chotu/MX2020/MX2010 X
SCB X X
SCBE X X
SCBE2 X
SFB X
SFB2 X
MPC/MS-MIC/MS-MPC
DPCE/MX-FPC/MS-DPC X X
JUNOS (“junos-install”)
JUNOS (“jinstall”) X X
Software Release & Feature Schedule
Feature Target Release Tentative Ship date
FRS – MX960, MX480, MX240 15.1F3 1H2016
FRS – PTX5K NGRE support FPC1 & FPC2 15.1F3 1H2016
FRS – PTX5K NGRE support FPC1, FPC2 & FPC3 15.1F4 1H2016
FRS – MX2020, MX2010 15.1F5 1H2016
15.1R1 Feature Parity 15.1F3 1H2016
ISSU 15.1F5 1H 2016
MX-VC 15.1F5 1H 2016
Subscriber Management 15.1F6 2H 2016
Subscriber Scaling & Performance 15.1F6 2H 2016
vMX
Virtualization types
• Guest OS is not modified. Same OS is spun as a VM
• Guest OS is not aware of virtualization. Devices emulated entirely.
• Hypervisor need to trap and translate privileged instructions
Fully Virtualized
• Guest OS is aware that it is running in virtualized environment
• Guest OS and Hypervisor communicate through “hyper calls” for improved
performance and efficiency
• Guest OS uses a front-end driver for I/O operations
• Example : Juniper vRR, vMX (SRIOV)
Para Virtualized
• Virtualization aware hardware (processors, NICs etc)
• Intel VT-x/VT-d/vmdq, AMD-V
• Example: Juniper vMX (VIRTIO)
Hardware
assisted
Virtual and Physical MX
PFE VFP
Microcode cross-
compiled
X86
instructions
CONTROL
PLANE
DATA
PLANE
ASIC/HARD
WARE
Cross compilation creates high leverage of features between Virtual and Physical with minimal re-work
TRIO
UCODE
vMX Product Overview
VCP VFP
Physical NICs MGMT
Guest VM (Linux) Guest VM (FreeBSD)
Hypervisor: KVM, ESXi
Cores Memory
Bridge / vSwitch
Physical layer PC
I P
as
s t
hro
ug
h S
R-I
OV
Vir
tIO
Virtual Control Plane (VCP)
• JUNOS hosted in a VM. Offers all the capabilities
available in JUNOS
• Management remains the same as physical MX
• SMP capable
Virtual Forwarding Plane (VFP)
• Virtualized Trio software forwarding plane. Feature
parity with physical MX. Utilizes Intel DPDK libraries
• Multi-threaded SMP implementation allows for
elasticity
• SR-IOV capable for high throughput
• Can be hosted in VM or bare-metal
Orchestration
• vMX instance can be orchestrated through OpenStack
Kilo HEAT templates
• Package comes with scripts to launch vMX instance *Single Root I/O Virtualization (SR-IOV) is PCI-Express (PCIe) extention that allows a PCI-e device to be virtualized so that many PCU-e
devices are availavel in the guest VM’s
*VirtIO – Virtual IO – Paravirtualized drivers for KVM/Linux. The idea behind it is to have a common framework for hypervisors for IO
virtualization
vMX Host Requirements
Description Value
Sample system configuration Intel Xeon E5-2667 v2 (Ivy Bridge Processors) @ 3.30GHz 25 MB Cache.
NIC: Intel 82599 (for SR-IOV only)
Memory Minimum: 8 GB (2GB for vRE, 4GB for vPFE, 2GB for Host OS)
Storage Local or NAS
Sample system configuration
Sample configuration for number of CPUs
Use-cases Requirement
VMX for up to 100Mbps performance Min # of vCPUs: 4 [1 vCPU for VCP and 3 vCPUs for VFP]. Min # of Cores: 2 [ 1 core
for VFP and 1 core for VCP]. Min memory 8G. VirtIO NIC only.
VMX for up 3G of performance Min # of vCPUs: 4 [1 vCPU for VCP and 3 vCPUs for VFP]. Min # of Cores: 4 [ 3
cores for VFP, 1 core for VCP]. Min memory 8G. VirtIO or SR-IOV NIC.
VMX for 3G and beyond (assuming min 2 ports of 10G) Min # of vCPUs: 5 [1 vCPU for VCP and 4 vCPUs for VFP]. Min # of Cores: 5 [ 4
cores for VFP, 1 core for VCP]. Min memory 8G. SR-IOV only NIC.
vMX Baseline Performance in 14.1 VMX performance in Gbps
# of cores for packet processing *
Frame size (Bytes) 3 4 6 8 10
256 2 3.8 7.2 9.3 12.6
512 3.7 7.3 13.5 18.4 19.8
1500 10.7 20 20 20 20
2 x 10G ports
4 x 10G ports
# of cores for packet processing*
Frame size (Bytes) 3 4 6 8 10
256 2.1 4.2 6.8 9.6 13.3
512 4.0 7.9 13.8 18.6 26
1500 11.3 22.5 39.1 40 40
6 x 10G ports
# of cores for packet processing*
Frame size (Bytes) 3 4 6 8 10
256 2.2 4.0 6.8 9.8
512 4.1 8.1 14 19.0 27.5
1500 11.5 22.9 40 53.2 60
*Number of cores includes cores for packet processing only i.e worker cores. For each 10G port there is a dedicated core i.e I/O core not included in this number.
8 x 10G ports
# of cores for packet processing*
Frame size (Bytes) 4 6 8 10 12
64 2.1 2.8 3.5 4.2 5.3
128 3.9 5.2 6 7.3 8.7
256 5.2 8 10.4 12.6 15
512 12.7 18.3 23 27.7 32
1500 33.6 47 58.5 71.5 79
IMIX 14 20 25.4 31 37
vMX Use-Case: Virtual PE
Central Office,
Hub Site
L3 VPN/IPSec VPN
L2VPN/VPLS/L2Circuit
• Scale-out deployment scenarios
• Low bandwidth, high control plane scale customers
• Dedicated PE per customer
• Small PE in a new market segment or geography with
ability to support secure transport
• vMX is a virtual extension of a physical MX PE with all the
capabilities of a carrier class PE router
• vMX offers IPSec and IPSec VPN capability
• Orchestration and management capabilities inherent to
any virtualized application apply
vMX value proposition Metro Network
vMX
National/Regional
Data Centers vMX
Provider MPLS Network
L2 switch
L2 switch
CPE
CPE
CO Gateway CO Gateway
L3 PE L3 PE
CPE
Enterprise Enterprise
Enterprise
Use-case
vMX Use-Case: DC Gateway/Virtual Private Cloud Gateway
• Service Providers need a gateway router to connect the
virtual networks to the physical network
• Small hosting providers need a gateway route to connect
to the internet
• Gateway should be capable of supporting different DC
overlay, DC Interconnect and L2 technologies in the DC
such as GRE, VXLAN, VPLS and EVPN
• Virtual Private Cloud (VPC) customers need a gateway
router in the cloud to
i. Route between subnets in a VPC instance
ii. Route between VPC instances across
geographies
iii. Secure transport from a public or private network
without scaling restrictions imposed by CSP
• Cloud Service Providers don’t want to create specialized
product offerings to meet these needs
• VMX supports all the overlay, DCI and L2
technologies available on MX
• Scale-out control plane to scale up VRF instances and
number of VPN routes
• Create overlay topologies using IPSec and MPLS
VPN technologies for Hybrid Cloud integration into the
enterprise
vMX value proposition
Use-case
vMX
VTEP
VM VM VM
Virtualized
Server
Non Virtualized
Servers
MPLS Cloud
VPN Cust A VPN Cust B
Internet
VXLAN GW (VTEP),
L3VPN GW, Internet GW ToR
ToR
Virtual
Network A Virtual
Network B
AWS Region
VPC instance
Amazon Direct Connect
vMX VPC GW
VPC instance
vMX VPC GW
AWS Region
vMX Use-Case: Enterprise WAN Router
• Large Enterprises and Government institutions want to
build their own overlay network over a Service Providers
MPLS or Layer 2 network
• Transport for overlay network can be using encapsulation
technologies such as MPLSoGRE, VXLAN and IPSec for
secure transport
• vMX will offer IPSec VPNs using Group VPN technology
for secure overlay transport
• All existing routing functionality available on vMX
makes it a robust Enterprise WAN router
vMX value proposition
Use-case
Provider MPLS network
Overlay: Group VPN,
MPLSoGRE, VXLAN
vMX
CPE
Enterprise
Enterprise
vMX
CPE
vMX
CPE Enterprise
• Service Providers want the ability to bring-up a PE in a
new geography/market with low upfront CAPEX and
shorter time-to-market
• Service Providers don’t always own the end-to-end circuit
to their customers in all geographies/locations. Such use-
cases require secure transport using IPSec from the
customer site.
• vMX offers the capabilities of a physical MX but at
lower bandwidth granularities for new locations and
geographies.
• The addition of IPSec for site-to-site tunnels allows for
secure transport in-case the SP has to utilize a partners
network
vMX+Porter value proposition
Use-case
vMX Use-Case: New Market/Geography PE
Partner MPLS network or
Internet for backhaul Enterprise
vMX PE Interne
t
Physical PE
New Geography/Market Present Market
Local
Providers
MPLS
network
CPE
VPN2
VPN1
AAA & DHCP
Servers ISP X
ISP Z
Edge Core Retailer
Fiber
ADSL
VDSL
vBNG
Ethernet
Aggregation
Metro
vLAC
vLNS
Retail ISP
vLNS
Business
VPN
Core
vBNG and vLAC connect broadband subscribers via L2 from aggregation network, then assign IP and policies for L3 hand to the core or retail ISP vLNS deploys customized configurations for one or more
retails ISPs or Business VPNs per instance
Market Requirement
vBNG and vLAC allow just in time provisioning in small COs (<8K subscribers and <20 Gb/s) close to the access node vLNS deploys optimized instances for each Business VPN or
Retail ISP with dynamic capacity management
vMX + Porter Solution
vMX Use-Case:Distributed vLNS & vBNG
Junos Fusion for Edge
• Port extension on the MX to maximize the chassis
value with better slot utilization, leading to
improved ROI
• Resilience through CPE dual homing and L2/L3
routing in and/or through Fusion HA
• Optimizing the Capex, improved ROI
• Management simplicity
• Plug and Play
• Large scale
Junos Fusion for Edge value proposition
Use-case
What is Junos Fusion for Edge?
Single Aggregation
Device Dual Aggregation Devices
Supports L2 and L3 at the access Supports L2 at the access
AD
SD SD
AD AD
SD SD
Satellites management for all traffic related aspects (config / statistics / ports state)
LLDP
802.1BR+
Configuration synchronization between Aggregation devices Netconf
Protocols Used Internally
1
2
3
4
Satellites management for non-traffic related aspects (chassis, environment, upgrade ..) json-rpc
5
Devices discovery and auto provisioning
1 2 3
4
5
1 2 3
ICCP Interchassis Communication Protocol manages the setup and control of the redundancy groups (active/standby).
What is 802.1BR?
Dataplane Format Control Plane Protocol
Define a packet header to add external ports information between satellite and aggregation devices.
Supported in hardware by Recent Merchant
Silicon
Control and Status Protocol (CSP) define how the aggregation manage the satellite.
Designed to be extended
Embedded capabilities negotiations process as part of the initialization.
Communication protocol
Edge Control Protocol (ECP) define how control packets (CSP) are exchanged and transport between aggregation and satellite devices.
Designed to be point to point
Aggregation Device (AD) MX960/480/240 MX2020
Satellite Device (SD) QFX5100, EX4300
FRS Q2 2015 (14.2R3)
Mode of deployment Single AD
Dual AD (Roadmap)
License per SD Yes
Mode of operation Extended mode
L2 Local Switching on SD Yes
L2 Multicast egress replication on
SD Yes
L3 Multicast Yes
Junos Fusion for Edge HW
Junos Telemetry
Motivaton
• Provide analytical insight • Resource utilization
• Loss and Delay measurements
• Queue Depth
• Ensure high scale • Push versus Pull model
• Thousands of monitoring objects
• Sub-second resolution
• Google RPC Streaming or UDP in Google Proto Buffers (GPB) Format
• Enable New Applications • Dynamic Resource Provisioning
• Router Resource Pooling
• PCE Controller (SDN)
Line Card N
PFE
PFE
uKernel
Router Telemetry Framework Overview Routing Engine
Line Card 1
Application
Network Element
Sensor Configuration: NETCONF, CLI
Provision Sensors
In-band telemetry
information
Queries Data
Co
llecto
r
Query Engine
Database PFE
PFE
Juniper or a 3rd party collector
uKernel
RPD, Other
daemons
Telemetry manager
JUNOS Router Telemetry Integration Options
Data Collection
Data Sources
Visualization / Analytics
Juniper
Collector
Potential integration
Customer
Application
Router
Other
Adapter
Analytics
SPLUNK
Performance
Management
IBM Proviso
Infovista
VistaInsight
PacketDesign
Monitoring
Cacti
MRTG
MX PTX
Northstar
Performance
Management
SevOne
Low level utilization down to an individual hardware / software component
Resource Utilization Monitoring
Network View*
sfo.r1
sea.r1
jfk.r1
den.r1
ord.r1
Device View Component View
RE0
RE1
Line Card 0
Line Card 1
Line Card 2
jfk.r1 jfk.r1: Line Card 2*
PFE 0
* Sample integration into the fault / performance management system
** Sample screenshots from Cacti (cacti.net) shown
NPU Memory (with application breakdown)
Lookup Engine Util (co-processor
breakdown)
Contro
l
Plane
CPU Memory (with application breakdown)
Leveraging Interface Queue Depth High Watermark Statistics for core
Network Congestion Reporting
Network View*
sfo.r1
sea.r1
jfk.r1
den.r1
ord.r1
Interface View
sfo.r1 : et-1/0/0**
* Sample integration into the fault / performance management system
** Sample screenshots from Cacti (cacti.net) shown
Interface Queue Depth High Watermark over Time
How to use this data? Troubleshoot SLA violations, identify maximum latency bound for SLA
contracts, plan and provision new links.
Leveraging Interface Queue Depth High Watermark Statistics for edge
User to Network Interface Congestion Reporting
Sample Enterprise Portal
Interface Queue Depth over Time
With typical 5 minute averaging, the interface may look underutilized,
still microbursts occur and performance degrades
Enterprise VPN Sites •Denver, CO •Los Angeles, CA •London, UK •Rome, Italy •Tokyo, Japan
3 microburst events detected
over last minute,
suggest a capacity upgrade
Selected Site: London, UK
Enabling Aggressive Burstable Billing* Burstable Billing Description
Customers are charged based on the peak traffic consumption ignoring top X percent peaks (X is typically 5%) Each peak is computed as an average rate over sampling interval (typically 5 minutes) Router must support 5 minute interface statistics export, otherwise there will be commercial impact
*For more information: https://en.wikipedia.org/wiki/Burstable_billing
Customer is charged
based on this rate
Commercial requirement quickly becomes a technical challenge both on network element and
collector sides when the number of logical interfaces reaches thousands per network element
or hundreds of thousands per network
Real Time Telemetry for PCE* Controller
Northstar
PCE
Controller
Topology (via BGP-LS)
LSP Events
LSP Statistics
Interface Statistics
Optimized paths
Problem Statement
• Controller computes paths in
real time
• Need to quickly detect
network changes and react
• Existing telemetry export
mechanisms have limited
applicability for centralized
controller applications (delays
and scaling constraints)
*Path Computation Element
Solution
• Network Element reports LSP Events in a structured format
• Network Element provides nearly real-time LSP and Interface statistics
Thank you
#JuniperIDEAS