What we learnt building Carrier Neutral Cloud

Slides:



Advertisements
Similar presentations
automated single login access to Novell storage resources
Advertisements

Release 5.1, Revision 0 Copyright © 2001, Juniper Networks, Inc. Advanced Juniper Networks Routing Module 9: Static Routes & Routing Table Groups.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Introducing the MPLS VPN Routing Model.
Deployment of MPLS VPN in Large ISP Networks
MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.
The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.
A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University
Class 3: SDN Stack Theophilus Benson. Outline Background – Routing in ISP – Cloud Computing SDN application stack revisited Evolution of SDN – The end.
CLOUD COMPUTING.
Data Center Network Redesign using SDN
Networking in the cloud: An SDN primer Ben Cherian Chief Strategy Midokura.
NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.
© 2015 BROCADE COMMUNICATIONS SYSTEMS, INC THAT’S THE ANSWER WHAT’S THE QUESTION? Software Defined Networking Dan DeBacker Principal.
Routing integrity in a world of Bandwidth on Demand Dave Wilson DW238-RIPE
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Evolving Toward a Self-Managing Network Jennifer Rexford Princeton University
IT Priorities Minimize CAPEX Maximize employee productivity Grow the business Add new compute resources real- time to support growth Meet compliance requirements.
1 | © 2015 Infinera Open SDN in Metro P-OTS Networks Sten Nordell CTO Metro Business Group
A Deep Dive on the vSphere Distributed Switch Jason Nash VCDX #49, vExpert Director, Datacenter Practice Varrow.
WEEK 11 – TOPOLOGIES, TCP/IP, SHARING & SECURITY IT1001- Personal Computer Hardware System & Operations.
3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.
Lattelecom | Cloud Pakalpojums. 2 | Lattelecom Cloud Platform: Competitive Advantages 3 Hardware infrastructure User Control Panel Customer self-service.
Eric Osborne ARNOG 2016 NFV (and SDN). Introduction About me: 20+ years in Internet networking: startup, Cisco, Level(3) Currently a principal architect.
CERTIFICATION EXAM QUESTIONS DESIGNING CISCO NETWORK SERVICE ARCHITECTURE (ARCH) V 2.1 Presented By : com.
Michael Emerton
Your Systems Don't Work With Ubuntu (and this is one way we can help you fix that) Jeffrey Lane Hardware Certification Engineer Platform Services Team,
Wireless Networking What You need to remember. What you need: A wireless router (Microsoft MN-700 Wireless router shown) A Wireless Adapter (Microsoft.
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data Version 2.6 | July 2014.
Network customization
NSX and vRealize Network Insight
Hybrid Cloud Web Filtering Platform
PCNSE7 Palo Alto Networks Certified Network Security Engineer
IPv6 for the Network Edge
Lecture 2: Leaf-Spine and PortLand Networks
Martin Casado, Nate Foster, and Arjun Guha CACM, October 2014
Set up your own Cloud The search for a secure and acceptable means of gaining access to your files stored at the office from a remote location.
Infrastructure Orchestration to Optimize Testing
ETHANE: TAKING CONTROL OF THE ENTERPRISE
Revisiting Ethernet: Plug-and-play made scalable and efficient
Logo here Module 8 Implementing and managing Azure networking 1.
MUNIS Platform Migration Project
1.
Elastic Provisioning In Virtual Private Clouds
Enterprise vCPE use case requirement
The NPD Group - Enterprise DC Agenda
Welcome To : Group 1 VC Presentation
The good, the bad and the ugly…
Your Business Opportunity
Get Valid Juniper JN0-680 Exam Question Answers - JN0-680 Dumps Realexamdumps.com
Marrying OpenStack and Bare-Metal Cloud
Wavestore Integrates…
Link State on Data Center Fabrics
MPLS VPNs by Richard Bannister.
Dell Data Protection | Rapid Recovery: Simple, Quick, Configurable, and Affordable Cloud-Based Backup, Retention, and Archiving Powered by Microsoft Azure.
Wireless Home Networking Chapter 3 Outline
Automating the DATACENTER
Kireeti Kompella Juniper Networks
Attilla de Groot | Sr. Systems Engineer, HCIE #3494 | Cumulus Networks
What we have and what we want
Chapter 10: Advanced Cisco Adaptive Security Appliance
IP Control Gateway (IPCG)
IS-IS VPLS for Data Center Network draft-xu-l2vpn-vpls-isis-02
OpenStack Summit Berlin – November 14, 2018
NFV and SD-WAN Multi vendor deployment
VLANS The Who, What Why, And Where's to using them
SQL Server on Amazon Web Services
Nolan Leake Co-Founder, Cumulus Networks Paul Speciale
Vendor Software Lessons From Consulting Vendor Software.
OpenStack for the Enterprise
SQL Server on Amazon Web Services
Presentation transcript:

What we learnt building Carrier Neutral Cloud + Examples Malcolm Siegel - SAFNOG/iWeek 2017

Malcolm Siegel - SAFNOG/iWeek 2017 Introduction Me.. “A wife asked her software engineer husband” "Could you please go shopping for me and buy one carton of milk, and if they have eggs, get 6!" A short time later the husband comes back with 6 cartons of milk. The wife asks him, "Why the hell did you buy 6 cartons of milk?" He replied, "They had eggs." Carrier Neutral Cloud What is it? Why do it? Self regulation is key Open networking Bring your ISP Model Please ask Questions.. Malcolm Siegel - SAFNOG/iWeek 2017

Malcolm Siegel - SAFNOG/iWeek 2017 Our Cloud Using VMWare NSX Dell servers NetApp We Chose VMWARE due to the self service elements. Also very well supported NSX – goes with our Self Service – IE. Customers can configure BGP OSPF etc. direct into the ESGW Dell and NetAPP chosen for Enterprise customers who prefer to know you are “Well Branded” Malcolm Siegel - SAFNOG/iWeek 2017

Malcolm Siegel - SAFNOG/iWeek 2017 Our Development Model.. Discuss briefly model and work way through. Use 3 tier approach Dev / Int(testing) / PROD DEV – should be the playground; test play destroy redo. INT / Test should mirror PROD – testing should be heavily focused here. PROD – should be controlled environment, change controls etc. Malcolm Siegel - SAFNOG/iWeek 2017

Build it (and rebuild it) rules.. Nothing should HIT PROD without been tested in INT first!!! Documentation AS Built Policies Procedures Remember if you have any doubts - trash and restart. We have 30+ years combined experience ie. already made many mistakes 1Gbps is ok for host traffic – but have 10Gbps options available. 2 full months spent building and destroying before 1st Prod released. We had luxury of time.. Malcolm Siegel - SAFNOG/iWeek 2017

Malcolm Siegel - SAFNOG/iWeek 2017 Our “L2” Networking To Discuss: Underlay and overlay. Not here to tell you what you should be using on your network… Many protocols exist for this… Spine – Spine – L3. Leaf Switches run LAG + iBGP Leaf pod to Leaf pod MP-BGP – EVPN ( Come to Cumulus talk and find out more…) Things we looked at but decided not to.. Access – Dist – CORE Flat L2 Spanning tree is asking for trouble – Friends don’t let friends build L2 networks. Do we get involved in Customer networking ?? Loops ?? National was VPLS – moved to VXLAN to standardize. Mention CHEF, PuPPET, Ansible.. Malcolm Siegel - SAFNOG/iWeek 2017

Quick notes on our network 1) Automation is the key. 2) IPSEC is stable and known tech - easy to implement both on customer and edge.. 3) EVPN and (MP)BGP allowed multiple customer addresses to traverse our core. 4) We needed to be able to rewrite VLANS on EGRESS and INGRESS. 5) We had to NOT get involved with our customer networks. Now for some real world examples. Malcolm Siegel - SAFNOG/iWeek 2017

Malcolm Siegel - SAFNOG/iWeek 2017 CLOUD HYBRID CONNECTIVITY Hybrid Cloud.. To be used for Cloud Burst Migrations DR Malcolm Siegel - SAFNOG/iWeek 2017

Malcolm Siegel - SAFNOG/iWeek 2017 ISP BYOIP Bring you own IP (L3) VLAN/s from ISP Routers to ESGW. VXLAN from ESGW to VMs Malcolm Siegel - SAFNOG/iWeek 2017

Malcolm Siegel - SAFNOG/iWeek 2017 Enterprise Mobility Customer creates SSL VPN to ESGW. LDAP Auth is option (AD etc) Granular Firewall Rules for access Malcolm Siegel - SAFNOG/iWeek 2017

Distributed Firewalling NSX DFW PCI-DSS Security Simplified Malcolm Siegel - SAFNOG/iWeek 2017

Stuff you only learn by breaking it. Use the hardware vendor recommended setting (even if it doesn’t feel right). THEY MIGHT NOT SUPPORT YOU IF YOU DEVIATE !! Keep it simple Keep advanced features hidden (unless required) Qualify customers – can they use it ?? Say no often Change Controls do work It is possible to do maintenance and not take customers offline Document from beginning Build a NOC Network.. Hardware recommended issues: RTFM.. It helps  MTU Issues Network Adapter issues with hosted routers – solved with correct network adapters. Server – Server .. Discuss NOC and how it is built – diagram… Malcolm Siegel - SAFNOG/iWeek 2017

Malcolm Siegel - SAFNOG/iWeek 2017 Conclusions Vendor neutrality has key benefits (specifically in cloud) Easy to connect to current setup Less big bang .. Take time building a platform. Learn from mistakes. Allow as much self service as possible. Automated. Choose your customers. Say thank you often Malcolm Siegel - SAFNOG/iWeek 2017

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.