NFD9 - David Sinn, Real World Examples

®

v

Real World Examples

David Sinn

NFD9 – February 11th, 2015

®Background

§ 23 year networking professional

§ Varied Experience §  Amazon, Cisco, Microsoft, University of Washington §  Campus, Cloud, Enterprise, SP, Vendor

§ Have had to support many platforms §  Aruba, Cisco, D-Link, Foundry, Juniper, SMC

February 17, 2015 cumulusnetworks.com 2

®Why Cumulus?

§ Functional Switch/Router

§ Leverages Linux Constructs, similar functions §  Bridging: MSTP, CLAG, .1q, SVI’s §  Routing: sub-interfaces, BGP, OSPF, un-numbered §  Services: DHCP server/relay, SSH/telnet, SNMP

§ First step: What’s different?


®Differences


▪  IOS

interface GigabitEthernet0/0 ip address 192.168.1.254 255.255.255.0 vrrp 1 ip 192.168.42.1 vrrp 1 priority 250 ip ospf cost 200

interfaces { ge-0/0/3 { unit 0 { family inet { address 192.168.1.254/24 { vrrp-group 1 { virtual-address 192.168.1.1; priority 200; preempt; } } } } } }

protocols { ospf { area 0.0.0.0 { interface ge-0/0/3.0 { metric 200; } } } }

/etc/network/interfaces: auto swp52 iface swp52 address 192.168.1.254/24 post-up vrrpd -n -D -i $IFACE -v 1 -p 250 192.168.1.1

/etc/quagga/Quagga.conf: interface swp52 ip ospf cost 200

▪  JunOS

▪ Cumulus

▪ Where did things move?

®Differences (2)


interface GigabitEthernet0/0/1 switchport access vlan 2 switchport mode access spanning-tree portfast spanning-tree bpduguard enable ! interface Vlan2 ip address 192.168.1.1 255.255.255.0

interfaces { ge-0/1/3 { unit 0 { family ethernet-switching; } } vlan { unit 0 { family inet { address 192.168.1.1/24; } } } } protocols { mstp { interface all { edge; bpdu-block-on-edge; } } }

vlans { default { l3-interface vlan.0; } }

/etc/network/interfaces: auto swp37 iface swp37 bridge-access 2 mstpctl-portautoedge yes mstpctl-bpduguard yes auto bridge iface bridge bridge-vlan-aware yes bridge-ports swp37 bridge-vids 2-1024 bridge-pvid 1 bridge-stp on auto bridge.2 iface bridge.2 address 192.168.1.1/24

▪  IOS

▪  JunOS

▪ Cumulus

▪ Where did things move?

®Impact

§ Not recreating a network CLI §  Just bash (or sh, csh, dash, etc.)

§ Leverage and extend existing solutions §  Quagga §  VRRP

§ Scripting options abound

§ Upcoming KB & Blog on “fail2ban”


>_

®Customer Example

§ Large Scale L3 multi-tier Clos network

§ Existing Fleet of Linux System §  Existing Automation Tools Deployment §  Now leverage-able by networking team

§ Existing Authentication/Authorization System §  Tired of supporting TACACS §  1 person-day to migrate existing Linux solution onto Cumulus


®Customer Example

§ Distributed Enterprise Environment §  Multiple sites world wide §  Traditional Architecture/Engineering/Operations structure

§ New Upgrade Cycle §  Existing hardware obsolete §  Decoupled model - hardware, software, topology

§ Initial Pilot §  Upgraded early, proved solution §  Looking to final hardware solution


®Customer Example

§ Growing Cloud Provider §  Reaching a inflection point due-to scale

§ Move to disaggregated model §  Hardware and software

§ Chassis to Clos solution §  BGP, v4 & v6, 100’s of boxes

§ Flat personnel growth §  Automation, tooling and validation to allow existing team to manage more §  Puppet, on-box agents, tie between network and tools teams


®

© 2015 Cumulus Networks. Cumulus Networks, the Cumulus Networks Logo, and Cumulus Linux are trademarks or registered trademarks of Cumulus Networks, Inc. or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.

§ Thank You!

cumulusnetworks.com 10

Software

NFD9 - David Sinn, Real World Examples