Page 1 of 11

Avi Networks — Technical Reference (17.2)Avi Networks and Nuage Networks Integration

Copyright © 2018 Avi Networks, Inc. Page 2 of 11

view onlineAvi Networks and Nuage Networks Integration

This article describes the architecture and operation of the Nuage Networks SDN product line and its integration with Avi Vantage Platform. The intent is to provide insights into the underlying interoperation and capabilities from a high level for both products.

Nuage Networks ArchitectureThe Nuage Networks Virtualized Services Platform is composed of three major layers. Each layer has its own form factor.

Nuage VSP

Nuage Networks Virtualized Services Platform (VSP) is a comprehensive solution that makes the network as readily consumable as compute resources across the data center, enterprise WAN and public cloud providers. It does this by providing the missing link to ensure rapid and efficient delivery of highly customizable application services, in and across multi-tenanted data centers.

Avi Networks — Technical Reference (17.2)Avi Networks and Nuage Networks Integration

Copyright © 2018 Avi Networks, Inc. Page 3 of 11

Figure 1. Nuage VSP architecture

Nuage VSD

The Nuage Networks Virtualized Services Directory (VSD) is a policy & business logic engine that simplifies the definition of network services in an application friendly context. It provides enterprise administrators the freedom to outline the networking requirements of their cloud applications in familiar IT constructs, and establishes policies that ensure the proper scope, security and integrity of application consumption in a manner consistent with enterprise guidelines.

Nuage VRS

The Virtual Routing and Switching (VRS) component is an enhanced Open vSwitch (OVS) implementation that constitutes the network forwarding plane. It encapsulates and de-encapsulates user traffic, enforcing L2-L4 traffic policies as defined by the VSD. The VRS tracks VM creation, migration and deletion events in order to dynamically adjust network connectivity. The VRS

Avi Networks — Technical Reference (17.2)Avi Networks and Nuage Networks Integration

Copyright © 2018 Avi Networks, Inc. Page 4 of 11

supports multiple hypervisors in virtualized server environments. It can operate as a gateway for bare-metal servers or service appliances.

Nuage VSC

Nuage Networks VSC is a software-defined networking (SDN) solution that virtualizes any DC network infrastructure and automatically establishes connectivity between compute resources upon their creation. Leveraging programmable business logic and a powerful policy engine, VSC provides an open and highly responsive solution that scales to meet the stringent needs of massive multi- tenant DCs. VSC is a software solution that can be deployed over existing datacenter network fabrics and to public cloud providers.

OpenStack-to-Nuage Mapping

Figure 2. OpenStack-Nuage terminology

Nuage Networks VSD Integration with Avi NetworksThe Avi Vantage Platform takes a software-defined approach to delivering application services beyond load balancing. Avi Vantage enables a distributed data plane with central management.

Avi Networks — Technical Reference (17.2)Avi Networks and Nuage Networks Integration

Copyright © 2018 Avi Networks, Inc. Page 5 of 11

Figure 3. Avi Vantage and Nuage integration

* Deploying the Avi Vantage Platform alongside the Nuage Networks VSP gives you enterprise-grade features: * Application availability * Visual and actionable insights * Security * Resiliency * Multitenancy * Elastic scalability * Operational simplicity

Avi Networks — Technical Reference (17.2)Avi Networks and Nuage Networks Integration

Copyright © 2018 Avi Networks, Inc. Page 6 of 11

Integration DetailsEnvironment

The integration effort was done using the following software releases: * OpenStack Mitaka * Nuage Networks VSP versions 3.x+ and 4.x * Avi Vantage releases 16.4.6+ and 17.1.2+

Network Topology ? OpenStack View (Avi Vantage)

This is how the network topology would look in Horizon UI once the same is instantiated from Avi Vantage.

Figure 4. OpenStack view (Avi Vantage in Horizon)

Network Topology ? Nuage View

Avi Networks — Technical Reference (17.2)Avi Networks and Nuage Networks Integration

Copyright © 2018 Avi Networks, Inc. Page 7 of 11

Figure 5. Nuage view

Avi Vantage and Nuage Configuration Details & Processing

Configuration Details

Configure Nuage VSD credentials on Avi Controller. Read more details in .Installing Avi Vantage for OpenStackNote: VSD credentials are required to directly call into VSD for programming the FIP-to-VIP binding/unbinding.The Avi Controller uses the Avi SEs' OpenStack UUIDs to automatically look up vPort and domain information using VSD API calls.The Avi Controller automatically creates, configures, and manages the allowed-address-pair. The allowed address pair extension extends the port attribute to enable the specification of arbitrary mac_address/ip_address(CIDR) pairs that are allowed to pass through a port, regardless of the subnet associated with the network, per VIP in VSD through VSD APIs (virtual IP, allowed vPorts). The operator is not expected to manage these allowed-address-pairs. Avi Vantage uses this extension to ?place? VIPs on SE data ports, thereby allowing VIP traffic to egress these data ports. ORThe Avi Controller automatically creates, configures, and manages one redirection target (a group/collection of vPorts belonging to the same domain) per VIP in VSD through VSD APIs (virtual IP, allowed vPorts). The operator is not expected to manage these redirection targets.

Avi Vantage and Nuage Use CasesClient in Local Network

Client and VIP/Avi SE on the same subnet.Avi SE responds to ARP for 10.10.0.100 (VIP).Avi SE load balances the traffic on the server network.

Avi Networks — Technical Reference (17.2)Avi Networks and Nuage Networks Integration

Copyright © 2018 Avi Networks, Inc. Page 8 of 11

Figure 6. Client in local network

Client in External Network

Client and VIP/Avi SE on the same subnet.Avi SE responds to ARP for 10.10.0.100 (VIP).Avi SE load balances the traffic on the server network.

Avi Networks — Technical Reference (17.2)Avi Networks and Nuage Networks Integration

Copyright © 2018 Avi Networks, Inc. Page 9 of 11

Figure 7. Client in external network

Scale Out with Local Client and External Clients in External Network

Client and VIP/Avi SE on different subnets.Primary Avi SE responds to ARP for 10.10.0.100 (VIP).Primary SE load balances the client flows across the scaled-out SEs.Avi SEs load balance the traffic on the server network.

Avi Networks — Technical Reference (17.2)Avi Networks and Nuage Networks Integration

Copyright © 2018 Avi Networks, Inc. Page 10 of 11

Figure 8. Scale out with local and external clients

Multiple Virtual Services per SE

When an SE VM is created, each interface gets an IP address allocated by OpenStack.When a virtual service (VS) with a VIP (in local network/subnet 10.10.0.0/24) is created, Avi adds the VIP as the secondary IP address to the interface on the SE.The Nuage router does not learn unknown mappings.Nuage allocates the interface IPs. Hence, they know the IP/MAC/Port binding.The VIP IP address is configured via LBaaS. Hence, they do not know the MAC/port binding for this IP address.When a virtual service is created, the Avi Controller calls Nuage?s allowed-address-pair/redirection target to create MAC/port binding for the VIP.Avi notifies Nuage about the VIP (secondary IP) and its MAC/port binding. This also enables MAC/ARP learning for the VIP.In case of scale out, Avi programs the allowed-address-pair/redirection-target for relevant ports of all SEs.At any time, only one SE (primary) responds to ARP requests.

Avi Networks — Technical Reference (17.2)Avi Networks and Nuage Networks Integration

Copyright © 2018 Avi Networks, Inc. Page 11 of 11

Figure 9. Multiple virtual services per SE

Additional InformationFor complete information on deploying Avi Vantage with Nuage VSP, refer to .Deployment Guide for Nuage Networks VSP