SDN IN DATA CENTER, SP AND TELCO · 8/7/2019 · Application Centric Infrastructure Turnkey...

SDN IN DATA CENTER, SP AND TELCO

TODAY: RUNNING NETWORK IN SILOS

DEVOPS FOR PROGRAMMABLE NETWORKPEOPLE – PROCESS - TOOLS

Architecture Design Implementation Operation

MULTI-DOMAIN RESOURCE & SERVICE ORCHESTRATIONData Center and/or CloudData Center and/or Cloud WANWAN CampusCampus

ServiceOverlayNetwork(L2 or L3)


PE

PE



PE

PE

PE

NFV:vPE, vRouter,vFirewall, vIPS

NFV:vPE, vRouter,vFirewall, vIPS

L2/L3Switching/Routing

L2/L3Switching/Routing

L2/L3 Overlay – L2VPN/L3VPNEdge/Core Routing

L2/L3 Overlay – L2VPN/L3VPNEdge/Core Routing

L2/L3 Overlay – L2VPN/L3VPNCampus Routing/Switching

L2/L3 Overlay – L2VPN/L3VPNCampus Routing/Switching

Controller-baseController-baseController-baseController-baseController-baseController-base

Policy Driver Programmable Network –Fixed & Wireless: ZTD, QoS, ACL

Policy Driver Programmable Network –Fixed & Wireless: ZTD, QoS, ACL

WAN Analytic Engine for Optimization –Traffic Optimization, Demand EngineeringWAN Analytic Engine for Optimization –Traffic Optimization, Demand Engineering

Policy Driven Data Center Fabric –Elastic Services, Service Chains,

Fabric/Overlay Control

Policy Driven Data Center Fabric –Elastic Services, Service Chains,

Fabric/Overlay Control

Workflow Management & OrchestrationWorkflow Management & Orchestration

THE “WHOLE STACK” VIEW

Source: Cisco Live BRKSDN-2760

Software Defined Data Center

NEXT GENERATION DATA CENTER?

• Multi-tenancy with Virtualization• Cloud Based Services (XaaS)• End-to-end Tenant Segmentation• Highly Scalable DC Fabric• Overlay Based for L2 Mobility• Programmable Fabric• Single Point of Management• Self Service for Customer/Tenant• Full Automation with DevOps• Multi Data Center Interconnect• Open Standard, Open Protocols,

Multi-Vendors Environment

• Multi-tenancy with Virtualization• Cloud Based Services (XaaS)• End-to-end Tenant Segmentation• Highly Scalable DC Fabric• Overlay Based for L2 Mobility• Programmable Fabric• Single Point of Management• Self Service for Customer/Tenant• Full Automation with DevOps• Multi Data Center Interconnect• Open Standard, Open Protocols,

Multi-Vendors Environment

SCALABLE MULTI-TIER DC FABRIC

Spine

Super-Spine

Leaf

Spine

Tiered networks provide predictable performance

Layer-3

VXLAN OverlayVXLAN OverlayVXLAN OverlayVXLAN Overlay

VXLAN INTEGRATED OVERLAY

• Extend Layer 2 across Layer-3 boundaries• Enables Seamless Virtual Machine Mobility• Removes VLAN Scalability issues

VTEPVTEP VTEPVTEP VTEPVTEP VTEPVTEP VTEPVTEP

Layer-3

Layer-2

VxLAN BGP EVPN Fabric

Custom automation tooling throughopen APIs

Overlay provisioning and managementsystem through Cisco Virtual TopologySystem (VTS) integrated with a group

based policy model

Application CentricInfrastructure

DB DB

Web Web App Web App

CISCO OPTIONS FOR DATA CENTER FABRICProgrammable NetworkProgrammable Fabric

VTSCreation Expansion

Fault MgmtReporting

Connection

VxLAN BGP EVPN Fabric

Custom automation tooling throughopen APIs

Overlay provisioning and managementsystem through Cisco Virtual TopologySystem (VTS) integrated with a group

based policy model

Web Web App Web App

Turnkey integrated solution withsecurity, centralized management,

compliance and scale

Automated application centric-policymodel with embedded security

Broad and deep ecosystem

Modern NX-OS with enhanced NX-APIs

DevOps toolset used for NetworkManagement

(Puppet, Chef, Ansible etc.)

VxLAN-BGP EVPNstandard-based

3rd party controller support

Cisco Controller for softwareoverlay provisioning and

management across N2K-N9K

Automation, API’s, Controllers and Tool-chain’s

AUTOMATION ‘AND’ OPERATIONS

CONTINUOUS INTEGRATION

ORCHESTRATION &MANAGEMENT (O&M)

Operations involves a full life cycle of infrastructure andapplication management?

FCAPS ‘AND’ AUTOMATIONProgrammable Network


DevOps toolset used for Network Management(Puppet, Chef, Ansible etc.)

Customer Script based Operations and Workflows

Application CentricInfrastructure

Turnkey integrated solution with security, centralizedmanagement, compliance and scale

Automated application centric-policy model with embeddedsecurity


Programmable Fabric

Integrated stackOr

A-la-carte Automation

Streamlined Workflow Management

VTSCreation Expansion

Fault MgmtReporting

Connection


DevOps toolset used for Network Management(Puppet, Chef, Ansible etc.)

Customer Script based Operations and Workflows

ExternalTools

Turnkey integrated solution with security, centralizedmanagement, compliance and scale

Automated application centric-policy model with embeddedsecurity


FaultFault

AccountingAccounting

PerformancePerformance

SecuritySecurity

ConfigurationConfiguration

IntegratedTools

Integrated stackOr

A-la-carte Automation

Streamlined Workflow Management

ExternalTools

IntegratedTools

SDN IN DATA CENTER WITH APIC OR VTSOrchestrationOrchestration

APICAPICVirtual

TopologyController

VirtualTopologyController

VMVMVMVMAVSAVS

x86 Server

Bare MetalApp

Bare MetalApp

VLANVxLAN

DCIASR-9K / N7K

DCIASR-9K / N7K

VxLAN

VMVMVMVMVTFVTF

x86 Server

Bare MetalApp

Bare MetalApp

VLANVxLAN

DCIASR-9K / N7K

DCIASR-9K / N7K

VxLANContainersContainers

ContainersContainers

VLANVLAN

CISCO ACI: SDN IN DATA CENTER

Single Point of ManagementSingle Point of ManagementWithout a Single Point of FailureWithout a Single Point of Failure

APICAPIC• Hardware (Nexus 9000) and

software (APIC) working hand inhand

• Network virtualization +abstraction to decouple networkconstructs from applicationpolicies

• Simplify provisioning, operatingthrough relational object-model

• Fully programmable (REST API,Python bindings) APIC Cluster

Distributed, Synchronized, Replicated

• Hardware (Nexus 9000) andsoftware (APIC) working hand inhand

• Network virtualization +abstraction to decouple networkconstructs from applicationpolicies

• Simplify provisioning, operatingthrough relational object-model

• Fully programmable (REST API,Python bindings)

WebServersWebServers

vLAN 666

L3L3

FWFW

SLBSLBSSLSSL

vLAN 111

vLAN 222

wwwwww wwwwww wwwwww

vLAN 444

FWFW

switch1(config)#switch1(config)# int eth 1/1switch1(config)# switch mode accswitch1(config)# switch acc vlan 666switch1(config)# no shut

switch1(config)#switch1(config)# int eth 1/1switch1(config)# switch mode accswitch1(config)# switch acc vlan 666switch1(config)# no shut

router(config)#router(config)# int eth 1router(config)# ip add 6.6.6.1 255.255.255.0router(config)# not shutrouter(config)# int eth 2router(config)# ip addr 1.1.1.1 255.255.255.0router(config)# no shutrouter(config)# router eigrp 100router(config)# network 6.6.6.0 mask 255.255.255.0router(config)# network 1.1.1.0 mask 255.255.255.0router(config)# ip route 0.0.0.0 0.0.0.0 6.6.6.254

router(config)#router(config)# int eth 1router(config)# ip add 6.6.6.1 255.255.255.0router(config)# not shutrouter(config)# int eth 2router(config)# ip addr 1.1.1.1 255.255.255.0router(config)# no shutrouter(config)# router eigrp 100router(config)# network 6.6.6.0 mask 255.255.255.0router(config)# network 1.1.1.0 mask 255.255.255.0router(config)# ip route 0.0.0.0 0.0.0.0 6.6.6.254

switch2(config)#switch2(config)# int eth 1/2 - 3switch2(config)# switch mode accswitch2(config)# switch acc vlan 111switch2(config)# no shut


fw1(config)#fw1(config)# int eth 0/1fw1(config)# nameif outside 0fw1(config)# int eth 0/2fw1(config)# nameif webfront 20fw1(config)# object network webfront_vipfw1(config)# host 6.6.6.6fw1(config)# static (webfront,outside) 1.1.1.6fw1(config)# access-list outside_web permit tcp any host 6.6.6.6 eq 80fw1(config)# access-list outside_web permit tcp any host 6.6.6.6 eq 443fw1(config)# access-group outside_web in interface outside

fw1(config)#fw1(config)# int eth 0/1fw1(config)# nameif outside 0fw1(config)# int eth 0/2fw1(config)# nameif webfront 20fw1(config)# object network webfront_vipfw1(config)# host 6.6.6.6fw1(config)# static (webfront,outside) 1.1.1.6fw1(config)# access-list outside_web permit tcp any host 6.6.6.6 eq 80fw1(config)# access-list outside_web permit tcp any host 6.6.6.6 eq 443fw1(config)# access-group outside_web in interface outside



vLAN 333

switch4(config)#switch4(config)# int eth 1/6switch4(config)# switch mode accswitch4(config)# switch acc vlan 333switch4(config)# no shutswitch4(config)# int eth 1/7 - 9switch4(config)# switch mode accswitch4(config)# switch acc vlan 333switch4(config)# no shut

switch4(config)#switch4(config)# int eth 1/6switch4(config)# switch mode accswitch4(config)# switch acc vlan 333switch4(config)# no shutswitch4(config)# int eth 1/7 - 9switch4(config)# switch mode accswitch4(config)# switch acc vlan 333switch4(config)# no shut

switch5(config)#switch5(config)# int eth 1/10 - 11switch5(config)# switch mode accswitch5(config)# switch acc vlan 444switch5(config)# no shutswitch5(config)# int eth 1/11 - 15switch5(config)# switch mode accswitch5(config)# switch acc vlan 555switch5(config)# no shutswitch5(config)# monitor session 1 source vlan 555switch5(config)# monitor session 1 dest eth 1/16


slb1 (CONFIG)probe http http-probeinterval 30expect status 200 200rserver host websrvr1description foo web serverip address 3.3.3.1inservice

rserver host websrvr2description foo web serverip address 3.3.3.2inservice


serverfarm host FOOWEBFARMprobe http-proberserver websrvr1 80inservice

rserver websrvr2 80inservice

rserver websrvr3 80inservicecrypto generate key 1024 fooyou.keycrypto csr-params testparms

country USstate Californialocality San Joseorganization-name fooorganization-unit youcommon-name www.fooyou.comserial-number crisco123

crypto generate csr testparms fooyou.keycrypto import ftp 12.13.14.15 anonymous fooyou.cerparameter-map type ssl SSL_PARAMETERS

cipher RSA_WITH_RC4_128_MD5version TLS1

ssl-proxy service FOOWEB_SSLkey fooyou.keycert fooyou.cer

class-map match-all FOOSSL_VIP_CLASS2 match virtual-address 2.2.2.22 tcp eq https

policy-map type loadbalance first-match L7-SSL-MATCHclass L7_WEBsticky-serverfarm sn_cookie

policy-map multi-match FOOWEB-VIPclass FOOWEB_VIP_CLASSloadbalance vip inserviceloadbalance policy FOOWEB-MATCHloadbalance vip icmp-replyloadbalance vip advertise active

class FOOSSL_VIP_CLASSloadbalance vip inserviceloadbalance policy FOOSSL-MATCHloadbalance vip icmp-replyloadbalance vip advertise activessl-proxy server FOOWEB_SSL

interface vlan 222service-policy input FOOWEB_SSL
















fw2(config)#fw2(config)# int eth 0/1fw2(config)# nameif webfront 20fw2(config)# int eth 0/2fw2(config)# nameif appfront 50fw2(config)# object network appfarm_vipfw2(config)# host 5.5.5.5fw2(config)# nat (appfront,webfront) static 4.4.4.4fw2(config)# access-list web_to_app permit tcp any host 4.4.4.4 eq 8081


HOW WE DEPLOYMULTI-TIER

APPLICATIONSTODAY

DBServersDBServers

vLAN 444

AppServersAppServers

SLBSLB

appapp appapp

FWFW

dbdb dbdb

IDS/IPSIDS/IPS

vLAN 555

IDS/IPSIDS/IPS

vLAN 777



switch6(config)#switch6(config)# int eth 1/16 - 19switch6(config)# switch mode accswitch6(config)# switch acc vlan 777switch6(config)# no shutswitch6(config)# monitor session 1 source vlan 777switch6(config)# monitor session 1 dest eth 1/20

switch6(config)#switch6(config)# int eth 1/16 - 19switch6(config)# switch mode accswitch6(config)# switch acc vlan 777switch6(config)# no shutswitch6(config)# monitor session 1 source vlan 777switch6(config)# monitor session 1 dest eth 1/20
































fw2(config)#fw2(config)# int eth 0/1fw2(config)# nameif webfront 20fw2(config)# int eth 0/2fw2(config)# nameif appfront 50fw2(config)# object network appfarm_vipfw2(config)# host 5.5.5.5fw2(config)# nat (appfront,webfront) static 4.4.4.4fw2(config)# access-list web_to_app permit tcp any host 4.4.4.4 eq 8081slb2 (CONFIG)rserver host appsrvr1description foo app serverip address 5.5.5.1inservice

rserver host appsrvr2description foo app serverip address 5.5.5.2inservice


serverfarm host FOOAPPFARMprobe http-proberserver appsrvr1 8081inservice

rserver appsrvr2 8081inservice

rserver appsrvr3 8081inserviceclass-map type http loadbalance match-any FOO_APP

2 match http virtual-address 4.4.4.44 tcp eq 8081class-map match-all FOO_APP_VIP_CLASSpolicy-map type loadbalance first-match FOO_APP-MATCH

class FOO_APPsticky-serverfarm sn_cookie

policy-map multi-match FOO_APP-VIPclass FOO_APP_VIP_CLASSloadbalance vip inserviceloadbalance policy FOO_APP-MATCHloadbalance vip icmp-replyloadbalance vip advertise active

slb2 (CONFIG)rserver host appsrvr1description foo app serverip address 5.5.5.1inservice



serverfarm host FOOAPPFARMprobe http-proberserver appsrvr1 8081inservice

rserver appsrvr2 8081inservice

rserver appsrvr3 8081inserviceclass-map type http loadbalance match-any FOO_APP

2 match http virtual-address 4.4.4.44 tcp eq 8081class-map match-all FOO_APP_VIP_CLASSpolicy-map type loadbalance first-match FOO_APP-MATCH

class FOO_APPsticky-serverfarm sn_cookie

policy-map multi-match FOO_APP-VIPclass FOO_APP_VIP_CLASSloadbalance vip inserviceloadbalance policy FOO_APP-MATCHloadbalance vip icmp-replyloadbalance vip advertise active

fw3(config)#fw3(config)# int eth 0/1fw3(config)# nameif appfront 70fw3(config)# int eth 0/2fw3(config)# nameif dbfront 90fw3(config)# object network db_clusterfw3(config)# host 7.7.7.7fw3(config)# nat (dbfront,appfront) static 5.5.5.50fw3(config)# access-list web_to_app permit tcp any host 5.5.5.50 eq 1433

fw3(config)#fw3(config)# int eth 0/1fw3(config)# nameif appfront 70fw3(config)# int eth 0/2fw3(config)# nameif dbfront 90fw3(config)# object network db_clusterfw3(config)# host 7.7.7.7fw3(config)# nat (dbfront,appfront) static 5.5.5.50fw3(config)# access-list web_to_app permit tcp any host 5.5.5.50 eq 1433

HOW WE DEPLOYMULTI-TIER

APPLICATIONSTODAY

HOW WE DEPLOY SERVICES WITH CISCO ACI

Capacity DashboardDrag and Drop Configuration

APIC PROVIDES FULL FCAPS

Troubleshooting WizardsApp Health Score

CISCO VTS: SDN ACROSS NEXUS PORTFOLIO

vCentervCenter

REST API

GUIGUI

Automated Provisioning• Group Based Policy model• Overlay Provisioning• Service Chaining


Open, Standards Based• Rest based Northbound APIs• Multi-protocol support (EVPN, VXLAN)• Multi-Hypervisor, Bare Metal, Container


VTS

Nexus PortfolioNexus 2k – 9k

Programmable Fabric

Scalable Multi-Tenancy• MP-BGP EVPN control plane• Physical and Virtual overlay support• High performance virtual forwarding

Scalable Multi-Tenancy• MP-BGP EVPN control plane• Physical and Virtual overlay support• High performance virtual forwarding





Overlay Management• Automatic Topology Discovery• Resources Management• Overlay monitoring and troubleshooting

Overlay Management• Automatic Topology Discovery• Resources Management• Overlay monitoring and troubleshooting

VXLAN EVPN FABRIC WITH MP-IBGPIP transport devices.

HW VTEPs run iBGP sessions with thededicated XRv route reflectors.

Spine

VXLAN OverlayMP-iBGP EVPN

IOS-XR MP-BGP RRDeploy a pair for HA

UCSUCSVTFVTF

Cisco Virtual TopologyForwarder

DCIDCI

VTEPVTEPVTEPVTEPVTEPVTEP VTEPVTEP VTEPVTEP

eBGP Peering

VTEPVTEP

UCSUCS UCSUCSXRvXRv XRvXRv

FULLY AUTOMATEDCISCO PROGRAMMABLE NETWORK

DevOps Tooling

Operations

SECURITY STORAGE

Open APIs

OptimizedMobility

POAP

Interoperable

Development

NETWORK COMPUTE

DEV OPS

ARCHITECT

DEVELOPER

QA

Next Gen DC Fabric

PXE ONIELinux/PythonDaemon

NXAPI

AUTOMATION ‘AND’ OPERATIONS –CISCO OPTIONS

WorkloadOrchestration


API

API


WorkloadOrchestration Workload

OrchestrationWorkload

OrchestrationDeviceMgmtDeviceMgmt

Audit,Capacity,

Fault

Audit,Capacity,

Fault

Audit,Capacity,

Fault

Audit,Capacity,

Fault

Programmable NetworkProgrammable FabricApplication CentricInfrastructure

HW SwitchesHW Switches

SDN Controller(Provisioning)SDN Controller(Provisioning)


API

API

VirtualSwitchesVirtual

Switches

VM

OS

HW SwitchesHW Switches VirtualSwitchesVirtual

Switches

Integrated SDN Controller and FCAPSManagement

Integrated SDN Controller and FCAPSManagement

API

API

VM

OS

API

API

Hardware SwitchesHardware Switches

Agents and DirectDevice Access

Agents and DirectDevice Access


DeviceMgmtDeviceMgmt

Audit,Capacity,

Fault

Audit,Capacity,

Fault

Audit,Capacity,

Fault

Audit,Capacity,

Fault

Device/Fabric

Mgmt

Device/Fabric

Mgmt

ACI – OPENSTACK INTEGRATION

2

OpenStack Tenant(Performs step 1,4) Instantiate VMs

WebWeb WebWebWebWebWebWeb AppAppAppApp4

Create Application NetworkProfile

1

DBDB DBDB

HYPERVISOR HYPERVISOR HYPERVISOR

NOVANEUTRON

Automatically PushNetwork Profiles toAPIC

L/BL/BEPGEPGAPPAPP

EPGEPGDBDBF/WF/W

L/BL/B

EPGEPGWEBWEB

Application Network Profile

2

ACI Admin(manages physical

network, monitors tenantstate)

L/BL/BEPGEPGAPPAPP

EPGEPGDBDBF/WF/W

L/BL/B

EPGEPGWEBWEB

Application Network Profile

Create Application Policy

3

5 ACIFabric

Push Policy

Automatically PushNetwork Profiles toAPIC

APICAPIC

SpineSpine SpineSpine

Cisco VTSCisco VTS

Create TenantNetworks

11

VNID assigned foreach network

33

Tenent and TenantNetworks Created

22

REST API

VXLAN

VXLAN

NX-API, CLI,YANG

VTS provisions VTEP, VLANfor each VTEP and EVPN on

ToR/VTF66

VTS – OPENSTACK WORKFLOW #1

ToRToR ToRToR ToRToR

HypervisorHypervisor

VMVM

x86 Server

OpenStack Tenant View


VMVM

x86 Server

VTEPVTEP VTEPVTEP


VMVMVMVM

x86 Server

VTEP

VNID assigned foreach network

Attach VMto Network

44

VM Host info capturedby VTS and mapped to

the right ToR & ToR portusing topology database

55

Neutron agent modified torequest VLAN information

from VTS beforeprogramming vSwitch

77

VLAN

VLANVLANVLAN

SpineSpine SpineSpine

Cisco VTSCisco VTSREST API

VXLAN

VXLAN

NX-API, CLI,YANG

VTS provisions L3 VXLAN(distributed L2/L3) , Anycast

gateway with EVPN

99

VTS – OPENSTACK WORKFLOW #2

24

ToRToR ToRToR ToRToR


VMVM

x86 Server

OpenStack Tenant View


VMVM

x86 Server

VTEPVTEP VTEPVTEP


VMVMVMVM

x86 Server

VTEP

VLAN

VLANVLANVLAN

Create routerand attach

interfaces totenant

networks

88

WHAT DOES BIG SWITCH DO?Help you get from Here to There

We build SDNSoftware...

(to reduce Complexity)

... That runs on Bare Metal Switch HW(White box or Dell/HP/Juniper branded)

(to reduce cost)

... To monitor networksand build cloud fabrics

(to deliver cost-effectiveProduction-grade SDN)

BIG SWITCH – BIG CLOUD FABRICBIG CLOUD FABRIC

CONTROLLER

HierarchicalControl Plane

1 3

SPINE SWITCHES(32x40G)

2

COMPUTE WORKLOADSERVICES & CONNECTIVITY

RACKSCOMPUTE WORKLOAD

LEAF SWITCHES(48x10G+6x40G)

Physical&

VirtualWorkloads

10G/40G Links

HYPERSCALE NETWORKING OVERVIEWLeaf-Spine Architecture – Core and POD

Hyper-scale DataCenter Scale-outApproach Optimized for multi-vendor

data center networks

Optimized for atomic unitsof automation

Optimized for rapidadoption offaster/better/cheapertechnologies

CORE

AGGREGATIONCORE

Pod v1

Pod v2

Pod v3

Hyper-scale DataCenter Scale-outApproach Optimized for multi-vendor

data center networks

Optimized for atomic unitsof automation

Optimized for rapidadoption offaster/better/cheapertechnologies

RACK MRACK NRACK 1

EDGE

N-TIER DATA CENTER DESIGN

(Traditional Approach)

CORE-AND-POD DESIGN

(Hyper-scale Approach)

Pod vN

RACK NRACK 1INGRESS/EGRE

SS

CLI AND GUI ARE REST CLIENTS! tenanttenant BLUElogical-routerroute 0.0.0.0/24 tenant systeminterface segment web

ip address 10.1.1.254/24

interface segment appip address 10.1.3.254/24

segment webmember-port-group pg-bm0 vlan 20

segment appmember-port-group pg-bm5 vlan 40

CLI

GUI

! tenanttenant BLUElogical-routerroute 0.0.0.0/24 tenant systeminterface segment web

ip address 10.1.1.254/24

interface segment appip address 10.1.3.254/24

segment webmember-port-group pg-bm0 vlan 20

segment appmember-port-group pg-bm5 vlan 40

OpenStack Horizon GUI

bash$ curl -X PUT -d '{"interface": "ethernet14", "switch": "lab-leaf1b", "vlan": -1}'' http://10.1.7.4:8080/api/v1/data/controller/applications/bvs/tenant[name="tenant1"]/segment[name="web"]/switch-port-membership-rule[interface="ethernet14"][switch="lab-leaf1b"]

bash$ curl -X PUT -d '{"interface": "ethernet14", "switch": "lab-leaf1b", "vlan": -1}'' http://10.1.7.4:8080/api/v1/data/controller/applications/bvs/tenant[name="tenant1"]/segment[name="web"]/switch-port-membership-rule[interface="ethernet14"][switch="lab-leaf1b"]

REST API

BIG SWITCH – SINGLE PANE OF GLASS

• Single pane of glassfor networkmonitoring andmanagement

• User can choosebetween CLI and/orGUI

• GUI and CLI areREST clients

Big Cloud FabricController

• Single pane of glassfor networkmonitoring andmanagement

• User can choosebetween CLI and/orGUI

• GUI and CLI areREST clients

RACK NRACK N-1RACK 2RACK 1INGRESS/EGRES

S

2

3

41

BIG SWITCH – OPENSTACK INTEGRATION

3

SDN in Service Providers

ENTERPRISECUSTOMERSARE GOING WITHINTERNET ASTRANSPORT!

SDN + OVERLAY FOR WAN

Source: Viptela

MODULAR ARCHITECTURE FOR SERVICEPROVIDER NETWORK OPTIMISATION

Cross Domain Orchestrator (RFS)Cross-DomainOrchestration

ModularComponents

WANOptimisation

WANProvisioning

Virtual

PhysicalProgrammable Network

Storage NetworkComputeMulti-

VendorWorld-ClassInfrastructure

ModularComponents

OpenArchitecture

Open Daylight

PROGRAMMING WAN LOAD BALANCING

WAN Analytic Engine PlatformRESTful APIs

Problem:SP needs to efficiently use expensiveresources (high cost links).

Solution:The most expensive networkresources are fully optimized byWAN Analytic Engine assigning bestload share metrics.

① Network conditions reportedto collector, accessible to App

② App determines LSP imbalance andrequests WAN Analytic Engine torecalculate LSP load share metrics

③ WAN Analytic Engine computesnew load share metrics

④ WAN Analytic Engine programs newload share metrics for LSPs

2

TE TunnelBuilder App 3WAN Analytic Engine Platform

ProgrammingCollection

1

DataCenter

WAN

R1

TE TunnelBuilder App

PCEP/NCS 4

Situation Mature MPLS VPN market (CAGR = 5-7%) Strong adoption by enterprises (large, medium) SMB Market expansion opportunity

Mature MPLS VPN market (CAGR = 5-7%) Strong adoption by enterprises (large, medium) SMB Market expansion opportunity

Increasing adoption of Public Cloud services (workloads shifting) Price Pressure: IT cost reduction plans TTM too long Competitive Pressure


EVOLVING THE VPN SERVICES OFFERING

EnhanceAgility

IncreaseRevenue

£$¥€£$¥€

Complication

Proposal



Cloud Based Managed Services SolutionIntegration of Cloud, CPE, VPN, 4G/WifiSP Private WAN and/or Internet

Cloud Based Managed Services SolutionIntegration of Cloud, CPE, VPN, 4G/WifiSP Private WAN and/or Internet

EnhanceAgility

DecreaseOpEx

Cisco CloudVirtualPrivate Cloud Public Cloud

MANAGED SERVICES – PREMISE TO VIRTUAL

Cloud

Network Functions from the CloudVirtual Network

Functions

CloudApplicationContainers Applications from the Cloud

Cisco Cloud SP Private Cloud

Premise

L3“classic”

L2 NID

Network Functions on the CPE

L3 CPE + x86on premise

L3 CloudManaged

Simple L3CPE

vRouter onX86 on prem

Network Functions

Network Secure IP Overlays MPLS Layer 2 VPN Intelligent/Hybrid

SERVICE PROVIDER BENEFITSVIRTUAL MANAGED SERVICES

Web-based ServiceInterface

automates serviceordering AND activation

Enterprise-gradeNetwork & Security Servicesextended to multiple markets

78%LowerOPEX

Plug & Play Installreduces or eliminates truck rolls

Web-based ServiceInterface

automates serviceordering AND activation

Enterprise-gradeNetwork & Security Servicesextended to multiple markets

Automated Service LifecycleManagement dramaticallyreduces operating costs

010100100

010100100 200%Improved

ROISource: ACG Research: Business Case for Virtual Managed Services – Sept 2014

VIRTUAL MANAGED SERVICESKEY COMPONENTS

VIRTUAL MANAGED SERVICESSIMPLE WORKFLOW

SELF-SERVICE PORTALFOR END CUSTOMER AND ADMINISTRATOR

MANAGED SERVICES EVOLUTIONOPTION 1: CLOUD VPN, VCPE (+ OTHER VNFS) IN THE CLOUD

PEPE PEPE

PEPE

• Simplification of the branchBasic routingL2 switching

• Primarily an SP play

• Service moves to SP DCVirtualizedDCs spread across infrastructure

• BenefitsReduced equipment costsReduced onsite effortMore flexibility

IP/MPLSPEPE PEPE

PEPESP Data Centre

• Simplification of the branchBasic routingL2 switching

• Primarily an SP play

• Service moves to SP DCVirtualizedDCs spread across infrastructure

• BenefitsReduced equipment costsReduced onsite effortMore flexibility

IP/MPLS

FLEXIBLE SERVICECHAIN TOPOLOGIES

vIPVPN with BYOD, FW, RA, WebSec,ngIPS- vFW with NAT and FW policy.- vFW with IPSec/SSL remote accessincl. remote end-host security postureverification.- vISE for BYOD svc auth (AAA, trust-sec label to IP binding)- vWSA for Enhanced Web Security-vNG-IPS (SourceFire) for advancedthreat protection and real-timecontextual awareness

5

vWSA

vFW

vNG-IPS

vR

CPE

CPE

CPE

vISE

InternetRouter

vNG-IPS

5

vIPVPN with BYOD, FW, RA, EmailSec- vFW with NAT and FW policy.- vFW with IPSec/SSL remote accessincl. remote end-host security postureverification.- vESA for Critical Information Protection(inbound and outbound Emails)

4

vESA

vFWvR

CPE

CPE

CPE

InternetRouter

DMZ

emailserver?

4

vIPVPN with BYOD, FW and RA- vFW with NAT and FW policy.- vFW with IPSec/SSL remoteaccess incl. remote end-hostsecurity posture verification.- vISE for BYOD svc auth (AAA,trust-sec label to IP binding)

2

vFWvR

CPE

CPE

CPE

InternetRouter

vISE

2

vIPVPN with FW and RA- vFW with NAT and FW policy.- vFW with IPSec/SSL RemoteAccess (RA) incl. remote end-hostsecurity posture verification.

1

vFWvR

CPE

CPE

CPE

InternetRouter

1

vWSA

vESA

vISE

vNG-IPS

vFW

vDDoSweb securityapplianceemail securityappliance

identity servicesengine

fire wall

intrusion protectionsystemddos mitigationservices

vR

vLB

InternetRouter

router

load balancer

InternetRouter

Packet service nodes

L2L3

Termination points

tunnellocal link

Packet links

unclassifiedBYOD AAAhttp requestsemail (inside&outside)DDoS threat

IPSec/SSLIPS threat

Packet flows

vFW

vDDoS

vR

CPE

CPE

CPE

vISE

InternetRouter

vWSA

6vIPVPN with BYOD, FW, RA, WebSec, DDoS- vFW with NAT and FW policy.- vFW with IPSec/SSL remote access incl.remote end-host security posture verification.- vISE for BYOD svc auth (AAA, trust-sec labelto IP binding)- vWSA for Enhanced Web Security- vDDoS (Radware DefensePro) for volumetricand application DDoS visibility and mitigationservices

6

vIPVPN with BYOD, FW, RA, WebSec,ngIPS- vFW with NAT and FW policy.- vFW with IPSec/SSL remote accessincl. remote end-host security postureverification.- vISE for BYOD svc auth (AAA, trust-sec label to IP binding)- vWSA for Enhanced Web Security-vNG-IPS (SourceFire) for advancedthreat protection and real-timecontextual awareness

5

vWSA

vFW

vNG-IPS

vR

CPE

CPE

CPE

vISE

InternetRouter

vNG-IPS

5

vIPVPN with BYOD, FW, RA, WebSec- vFW with NAT and FW policy.- vFW with IPSec/SSL remote accessincl. remote end-host security postureverification.- vISE for BYOD svc auth (AAA, trust-sec label to IP binding)- vWSA for Enhanced Web Security

3

vWSA

vFWvR

CPE

CPE

CPE

vISE

InternetRouter

3

vWSA

vIPVPN with BYOD, FW and RA- vFW with NAT and FW policy.- vFW with IPSec/SSL remoteaccess incl. remote end-hostsecurity posture verification.- vISE for BYOD svc auth (AAA,trust-sec label to IP binding)

2

vFWvR

CPE

CPE

CPE

InternetRouter

vISE

2

Service Provider Datacenter

UserSelf

Service

Create

Deliver

Operate

Optimize

cisco

Network

Compute

Storage

Service Design

Create

Deliver

Operate

Optimize

cisco

Service Design

My DeploymentsMy Designs

Deploy

Deployment Wizard

Select Scope

Engineering

New Folder

Testing OperatorSelf Service

RESTfulNC/YANGRESTful

NC/YANG

BSSSystems

BSS APINC/YANGBSS API

NC/YANG

Cross DomainOrchestrator

servicemodelsservicemodels

devicemodelsdevicemodels

databasedatabase

RestfulNC/YANG

RestfulNC/YANG

servicetopologyservice

topology

NC/YANGREST

NC/YANGREST

VirtualInfra

LifecycleDriv

erD

river

CLOUD BASED MANAGED SERVICESSAMPLE ARCHITECTURE

Service Provider DatacenterService Provider Datacenter

vRoutervRouterOther Network

ServicesOther Network

Services

vIntrusionProtectionvIntrusionProtection

vWeb FiltervWeb Filter

CustomerService

ChainvFirewallvFirewall

VRDriver

VRDriver

vFWDrivervFWDriver

vIPSDrivervIPSDriver

vWebdrivervWebdriver

vSecEmailDriver

vSecEmailDriver

MPLSPE

Driver

MPLSPE

Driver

Config &OperationConfig &Operation

MPLSMPLS

L3 CPEL3 CPE

SSHSSHZTDZTD

Internet

RESTfulRESTful

CLIvia SSH

CLIvia SSH

Config &OperationConfig &Operation

Discovery& Call Home

Discovery& Call Home

L3 CPEL3 CPEL3 CPEL3 CPE

L3 CPEL3 CPE

NetflowNetflow

Cross DomainOrchestrator device

modelsdevicemodels

OpenStackVIM

OpenStackVIM

O/Scomponent

APIs

O/Scomponent

APIs

MANAGED SERVICES EVOLUTIONOPTION 2: ON-PREMISE VCPE

PEPE PEPE

PEPE

• Overlay VPNs at branch

• SP and Enterprise play

• Functionality moves to branchSecurityContentWAN Performance monitoringEncryption etc.

• BenefitsReduced WAN costsLocal service breakoutLAN services

OverlayPEPE PEPE

PEPESP/EnterpriseData Centre

• Overlay VPNs at branch

• SP and Enterprise play

• Functionality moves to branchSecurityContentWAN Performance monitoringEncryption etc.

• BenefitsReduced WAN costsLocal service breakoutLAN services

Overlay

DELIVERING SERVICES TO THE BRANCHTODAY’S APPROACHES

Good

Best in breed

Customer choice

Modular build-out

Drawbacks

Environmental (space / power / wiring)

Onsite + complex installation

Truck rolls

Rack and StackGood

Best in breed

Customer choice

Modular build-out

Drawbacks

Environmental (space / power / wiring)

Onsite + complex installation

Truck rolls

Benefits

Fully integrated solution

No truck roll

Simpler environmental

Drawbacks

Reduced customer choice

Upfront hardware investment

Software inter-dependencies

Integrated Branch Solution

VIRTUAL CPE ORCHESTRATIONCENTRALLY ORCHESTRATED BRANCH LEVEL NFV SOLUTION

NFV and Service ChainOrchestration

NFV and Service ChainOrchestration

User & Operator portalUser & Operator portal

VNF EMS / NMS /Controller


• Central portal Infrastructure

• Central NFV and Service Chain Orchestrator

• Central VNF EMS / NMS / ControllerDifferent choice depending on VNF

• Service Life Cycle Monitor at vCPE (x86)Local life cycle management

• x86 capability at the branchIP networkIP network

X86 entity vRouter vFW vIPS VNFs

• Central portal Infrastructure

• Central NFV and Service Chain Orchestrator

• Central VNF EMS / NMS / ControllerDifferent choice depending on VNF

• Service Life Cycle Monitor at vCPE (x86)Local life cycle management

• x86 capability at the branch

vRoutervCPE_WAN vCPE_LAN

Basic Internet(routing - ISP / NAT)

VNF SERVICE CHAIN PROFILES EXAMPLE

vRouter vFirewallvCPE_WAN

vFilter

vCPE_Private

vCPE_LAN

vRouter vFirewallvCPE_WANvCPE_Private

vCPE_LAN

Internet Security(routing + firewall)

Advanced Internet(routing + firewall +URL filtering)

DELIVERING SERVICES TO THE BRANCHIMPACT OF VIRTUAL CPE ORCHESTRATION

NFV OrchestrationNFV Orchestration




Benefits

Best in breed appliances

Customer choice

Service agility and elasticity

Can be Zero touch deployment

No truck rolls for new services

IP networkIP network

vCPE node vRouter vFW vIPS VNFs

Benefits

Best in breed appliances

Customer choice

Service agility and elasticity

Can be Zero touch deployment

No truck rolls for new services

Drawbacks

Upfront hardware costs

On-boarding of new services

Another component to manage

Support models

Performance / efficiency (needfurther investigation)

CLOUD VPN VS. ON-PREMISE VCPE

• Depends on latency• Depends on access

connectivity to DC• VNF on central location:

Enterprise applications• VNF on-premise: firewall/NAT

(if there is local breakout),QoS, WAN opt

• Cloud VPN: VNF density,higher performance

• On-premise vCPE: HWresource efficiency, more VAS

• Depends on latency• Depends on access

connectivity to DC• VNF on central location:

Enterprise applications• VNF on-premise: firewall/NAT

(if there is local breakout),QoS, WAN opt

• Cloud VPN: VNF density,higher performance

• On-premise vCPE: HWresource efficiency, more VAS

NFV and Service ChainOrchestration platformNFV and Service ChainOrchestration platform

VM config and controlVM config and control

VNF NMS/EMS

VM config and controlVM config and controlVNF config and controlVNF config and control

NFV orchestrationAnd management


BEST OF BOTH WORLDS

Overlay orIP/MPLS

Overlay orIP/MPLS

Single Server(KVM)

Single Server(KVM)

VMVM

Service Life CycleManagement

Service Life CycleManagement

Branch SP Data Center

Access circuit

Virtual n/wVirtual n/w

VMVM

VMVMVMVM

computecomputecomputecompute computecomputecomputecompute computecompute

VMVMVMVM VMVMVMVM

Virtual n/wVirtual n/w

Service Life Cycle ManagementService Life Cycle Management

OpenStackOpenStack

PortalCreate

Deliver

Operate

Optimize

cisco

Network

Compute

Storage

Service Design

ZTDZTD

1000s of sites1 or 2 servers< 10 VMsRemote and unreliable connectivity

1 or 2 sites1000s of servers1000s of VMsHighly reliable connectivity

END USER PORTAL #1

END USER PORTAL #2

END USER PORTAL #3

END USER PORTAL #4

END USER PORTAL #5

SDN in Mobility / Telco

ConsumerBroadband

Femto / Wi-Fi

Macro2G/3G/4G

•• Network ServicesNetwork Services•• Firewall / NATFirewall / NAT•• Video/TrafficVideo/Traffic OptimisationOptimisation•• Enhanced ChargingEnhanced Charging•• Content FilteringContent Filtering•• IMS ServicesIMS Services•• Header EnrichmentHeader Enrichment•• Application Det & OptApplication Det & Opt•• Traffic Control and ReportingTraffic Control and Reporting

Control FunctionControl FunctionHSS / AAAHSS / AAA

API GWAPI GWAnalyticsAnalytics AbstractionAbstractionPolicyPolicyANDSF, PCRFANDSF, PCRF

Mobile TerminationMobile Termination

RAN AnalyticsRAN Analytics

Small Cell SONSmall Cell SON Macro SONMacro SONHybrid SONOptimisationOptimisation && MonetisationMonetisation

Small CellSmall CellGWsGWs

OrchestrationOrchestrationService Fulfillment / CatalogService Fulfillment / CatalogService Lifecycle ControllersService Lifecycle Controllers

OrchestratorsOrchestrators OrchestratorsOrchestrators

vGiLANvGiLANvEPCvEPC

SDN AND NFV IN MOBILITY #1

3rd PartyApps

EnterpriseSmall Cell

3G/4G/WiFi

ConsumerBroadband

Femto / Wi-Fi IPIPTransportTransport


CLOUD VIRTUALISATIONCLOUD VIRTUALISATION

Small CellsSmall Cells OptimisedOptimised BHBHOptimisedOptimised CoreCore

WiWi--Fi IntegrationFi IntegrationGi/SGi LAN ServicesGi/SGi LAN Services

Consumer andEnterprise Wired

Access

Broadband TerminationBroadband Termination

S/PS/P--GW + MMEGW + MMESmall CellSmall Cell

GWsGWs

BNGBNG

Internet

3rd PartyApps

OperatorApps

PROGRAMMING IP TRANSPORT OPTIMIZATION

WAN Analytic Engine PlatformRESTful APIs

Problem:A mobile provider needs to ensurelow latency for high priority traffic,even in the event of a fibre cut

Solution:WAN Analytic Engine assigns new TEmetrics based on measured latency,thereby routing LSPs according tolowest latent paths

① Real-time data collectionreveals latency at L3 accessible toApp (caused by fibre cut / opticalfailover)

② App requests TE Metric change onL3 circuits routed over L1 link

③ WAN Analytic Engine computesnew TE metric that will decreaselatency of traffic

④ WAN Analytic Engine programs TEmetric change using PCEP, causingLSPs to reroute

2

3

LatencyReducerApp WAN Analytic Engine Platform

ProgrammingCollection

① Real-time data collectionreveals latency at L3 accessible toApp (caused by fibre cut / opticalfailover)

② App requests TE Metric change onL3 circuits routed over L1 link

③ WAN Analytic Engine computesnew TE metric that will decreaselatency of traffic

④ WAN Analytic Engine programs TEmetric change using PCEP, causingLSPs to reroute

1

R1 R2

3

Ra Rb

Rc

O1 O2

High latency!

PCEP

IP TransportLSP

4

LatencyReducerApp

ConsumerBroadband

Femto / Wi-Fi

Macro2G/3G/4G












3rd PartyApps


3G/4G/WiFi

ConsumerBroadband







Access



GWsGWs

BNGBNG

Internet

3rd PartyApps

OperatorApps

NFV FOR MOBILE CORE: VEPC

CISCO VEPC DEPLOYMENT MODELS

Source: Cisco Live BRKSPM-2125

VEPC: CENTRALIZED, DISTRIBUTED, TACTICAL

Source: Cisco Live BRKSPM-2125

ConsumerBroadband

Femto / Wi-Fi

Macro2G/3G/4G












3rd PartyApps


3G/4G/WiFi

ConsumerBroadband







Access



GWsGWs

BNGBNG

Internet

3rd PartyApps

OperatorApps

SERVICE FUNCTION CHAIN (SFC)

• The service-layer abstraction provides the semantic how for service graphtraversal (can be enabled by IETF SFC/NSH)

• Nodes are network functions (physical or virtual) and edges indicate thedirection, order and sequence of the flow of traffic through those chains

How SP and Telco Buy NetworkToday: Network FunctionVirtualization Infrastructure (NFVI)

How SP and Telco Buy NetworkToday: Network FunctionVirtualization Infrastructure (NFVI)

Virtualized NetworkFunction, actual NFapplication (ex. vFR,

vCPE,vLB)


vCPE,vLB)

Traditional ElementManager

Traditional ElementManager

Lifecycle mgmt for VFNs(upgrade, scale,

termination, etc.)


termination, etc.)

Orchestration of overallsolution

Orchestration of overallsolutiondeployment templates,

forwarding graph, service-relatedinformation

deployment templates,forwarding graph, service-related

information

OSS (CMDB, Montoring,Alarming, IPAM/DNS/DHCP)

BSS (CRM, Billing, OrderMgmt)

OSS (CMDB, Montoring,Alarming, IPAM/DNS/DHCP)

BSS (CRM, Billing, OrderMgmt)

ETSI NFVI AND CUSTOMER NFVI

(MANO)


vCPE,vLB)


vCPE,vLB)

Virtualisation layer,Server (hypervisor),Network, Storage

Virtualisation layer,Server (hypervisor),Network, Storage

PhysicalhardwarePhysical

hardware

Resource Mgr,Operations

Resource Mgr,Operations


termination, etc.)


termination, etc.)

NFVI (CUSTOMER VIEW)

VIRTUALIZED INFRASTRUCTURE (NFVI)• Follow ETSI NFV, embrace Open API and Open Source technologies

• OpenStack as Virtual Infrastructure Manager (VIM)

• Different options of SDN controller as Network VIM

• Vendor-agnostic for Compute, Network and Storage

• Follow ETSI NFV, embrace Open API and Open Source technologies

• OpenStack as Virtual Infrastructure Manager (VIM)

• Different options of SDN controller as Network VIM

• Vendor-agnostic for Compute, Network and Storage

Network (Switches & Routers) StorageCompute

VXLA

NCo

ntro

ller

ON

OS

Virtual Infrastructure Manager

Carrier Grade Linux (Ubuntu/RedHat), Hyper Visor (KVM), Host Packages, Software Defined Storage

Network VIM

Adm

inist

rato

r Da

shbo

ard

GUI

Sing

le P

ane

of G

lass

Infr

astr

uctu

reM

anag

emen

t & A

ssur

ance

API

Host/KVMDriver

NetworkDriver

Physical Infrastructure

ODL

NFVI POD FOR ANY USE CASES

Administrator Dashboard(Single pane of glass for NFVI)

Service AssuranceFor physical resource,

VIM, VNFs

X-DomainOrchestrator

NFV Orchestration

71Physical Devices

Switch RouterOpenStack/KVM VNFs

vFirewall vLoadBalancervRouter

Server

OpenStackOverlay

Manager

SDNController

X-DomainOrchestrator

Service/VNFLife Cycle

OpenStack/ KVM VNFs

vEPC Other VNFs / Use Cases

OpenStackVirtualizedInfrastructureManagers (VIM)

Openstack POD#1 OpenStack POD#2…X

VNF

NFV USE CASES – DEFINED BY ETSIETSI Formalized NFV Use Cases Potentially Virtualized Functions

Network Functions Virtualization Infrastructure as a Service vNAT, vFW, vLB, vRR, vVPN, vRouter

Virtual Network Function as a Service (VNFaaS) vCPE, vPE

Virtual Network Platform as a Service (VNPaaS) vPrivateCloud

VNF Forwarding Graphs VPE-F

Source: http://www.etsi.org/deliver/etsi_gs/NFV/001_099/001/01.01.01_60/gs_NFV001v010101p.pdf

VNF Forwarding Graphs VPE-F

Virtualization of Mobile Core Networks and IMS vEPC (vS/P-GW, vMME, vPCRF, vSGSN, vGGSN, vGiLan)vIMS (vP/S/I-CSCF, vMGCF, vAS)

Virtualization of Mobile Base Station vMAC, vRLC, vPDCP, vRRC, vCOMP, vBBU

Virtualization of the Home Environment vBNG, vRGW, vSTB

Virtualization of CDNs vCDN

Fixed Access Network Functions Virtualization vOLT, vDSLAM, vONU, vONT, vMDU, vDPU

Cloud Service OrchestrationOrchestration

WorkflowWorkflowCatalogCatalogPortal / UI / APIPortal / UI / API

Network Service Control

Serv

ice

Crea

tion

Serv

ice

Crea

tion

Serv

ice

Mon

itorin

gSe

rvic

eM

onito

ring

Serv

ice

Conf

igSe

rvic

eCo

nfig

IPCo

ntro

lIP

Cont

rol

DCN

etw

ork

Cont

rolle

r

DCN

etw

ork

Cont

rolle

r

WAN

Cont

rolle

rW

ANCo

ntro

ller

……

NFV SAMPLE WORKFLOW1. Request received2. Catalog item3. Defines workflow4. Workflow calls Service Creation to set up

service VMs5. Service Creation calls to Openstack to

set up VMs6. Openstack sets up VMs7. Workflow calls to Service Config function

to set up services8. Service Config configures services9. Workflow calls DC network controller10. DC network controller configures overlay

network11. Service monitoring tracks availability and

performance of service12. Service Creation manages service

elasticity and high availability

1. Request received2. Catalog item3. Defines workflow4. Workflow calls Service Creation to set up







11111212

11

22 3344 77 99

VM/StorageControl

NetworkControl

Serv

ice

Crea

tion

Serv

ice

Crea

tion

Serv

ice

Mon

itorin

gSe

rvic

eM

onito

ring

Serv

ice

Conf

igSe

rvic

eCo

nfig

IPCo

ntro

lIP

Cont

rol

DCN

etw

ork

Cont

rolle

r

DCN

etw

ork

Cont

rolle

r

WAN

Cont

rolle

rW

ANCo

ntro

ller

……















Infrastructure

PhysicalNetwork

VirtualNetwork

Compute

Storage

Virtual Services

11111212

101055

66

88

THANK YOU

SDN IN DATA CENTER, SP AND TELCO · 8/7/2019 · Application Centric Infrastructure Turnkey...

Documents

Transcript of SDN IN DATA CENTER, SP AND TELCO · 8/7/2019 · Application Centric Infrastructure Turnkey...