Juniper Networks offered an early look this week at its software-defined networking strategy, which initially will address two specific problem areas: large data centers and the service provider edge, the company announced at its Global Partner Conference in Las Vegas. The Juniper SDN approach will also focus on developing a more scalable and less granular control plane enabled by BGP and XMPP early on, rather than flow-based control.
Like its chief competitor Cisco Systems, Juniper has yet to announce any products as part of its public software-defined networking (SDN) strategy.
Juniper will attack the SDN question by centralizing three of the four "planes" of the network: management, services and control, said Bob Muglia, executive vice president for software solutions at Sunnyvale, Calif.-based Juniper, who described the general principles of Juniper's SDN strategy during a presentation at the conference. While Juniper will completely centralize management and services with SDN, it will take a more hybrid approach to the control plane, he said. The fourth plane, data forwarding, will remain decentralized, which is common among most vendors' SDN strategies.
This hybrid control approach contrasts with the mainstream OpenFlow model of SDN, which completely centralizes control with an SDN controller defining flows. However, Muglia didn't specify which elements of the control plane would not be decentralized within an SDN controller.
Contrail acquisition will provide Juniper SDN controller via BGP and XMPP
Recent Juniper acquisition Contrail Systems will provide the technology for the hybridized control plane for Juniper SDN products. Contrail was in stealth mode when Juniper, already a strategic investor, bought the SDN startup last month. Juniper has offered no details about its technology until now.
During a Q&A session with the media, following Muglia's conference presentation, I asked Juniper founder and Chief Technology Officer Pradeep Sindhu about how the Contrail technology controls network elements. He said it uses two protocols.
"First is BGP [Border Gateway Protocol]. Most of our switches and routers actually speak BGP already. The second protocol is XMPP [Extensible Messaging and Presence Protocol], which is used by the controller to control virtual switches that are running inside hypervisors," Sindhu said.
Sindhu said OpenFlow "was an interesting early attempt" at a protocol for controlling network elements, and he expects OpenFlow will evolve into something more complete. Juniper does support OpenFlow in its routers and switches, Mugila added.
BGP is traditionally used to exchange routing information between hosts, particularly between gateway hosts. It's used for communication between network elements of a decentralized control plane, so the use of the protocol in an SDN model is novel. XMPP is an XML-based protocol originally used for instant messaging and presence detection, but vendors and standards bodies have been exploring ways to repurpose the protocol, including its use for network control in an SDN architecture.
With this strategy, Juniper is focusing on traffic control rather than flow control, said Eric Hanselman, research director with London-based 451 Research.
"OpenFlow does flow-by-flow control and has filters that identify every flow that comes in. When [a switch] sees a new flow, it asks the controller what to do next," he said. "The Juniper model is less granular, but more scalable. It controls paths more broadly using BGP to steer traffic toward broad destinations. Instead of figuring out every new flow, [Juniper] says, 'OK, this traffic is headed in this general direction, so do this with it. This traffic is in this broad class, so send it in this direction and give it these characteristics.'"
The model is similar to how telecom and large-scale data center operators manage their traffic because "when you build data centers large enough, you start getting service provider kinds of problems," Hanselman said. This fact bears out Muglia's comments that Juniper's SDN strategy will focus first on the service provider edge and large data centers.
Juniper SDN: Centralized controller enables 'service chains'
A centralized SDN controller enables network operators to build "service chains" in which they can use software to insert network services into the flow of traffic, rather than relying on hardware-based appliances to do this work, Muglia said. This enables automation and accelerates service implementation. Customers will be able to use centralized controllers to apply firewalls, application delivery controllers and other network services to specific types of traffic, he added. These services would live as virtual machines on x86-based, virtualized servers.
"Service chaining has been out there for a while," said Zeus Kerravala, principal and founder of Westminster, Mass.-based ZK Research. "There have been lots of ways to solve that problem over the years. As far as I know, they didn't give any details on how [Juniper plans] to solve that problem [with SDN]. I'd like to see what they're doing with SDN that makes that problem easier to solve."
Kerravala praised Juniper for articulating an SDN strategy. He said startups have led the industry with SDN products and strategy so far, while mainstream networking vendors have been vague or incomplete in their approach to laying out a strategy.
"The risk is to have the vision [that] precedes the products by too long a gap. We do need to see more product rollouts in order to make this real," he said.
Juniper also needs to articulate the extent of its vision on the SDN control plane, Hanselman said. The company seemed to be contradicting itself when it said that centralized control is important to SDN, but that control must also be partially decentralized, he said.
New networking software licensing model
With clear plans to introduce software-only networking products that operate as part of this SDN service chain concept, Juniper also announced a new software licensing program, Juniper Software Advantage. The company hopes the program will simplify how customers buy SDN technology.
Calling traditional network software licensing models -- which are typically tied to hardware devices -- fundamentally broken, Muglia said Juniper Software Advantage will be based on traditional enterprise software licensing models. The program allows customers to transfer software licenses between Juniper devices and x86 servers, and to tie license costs to actual usage.
Juniper Software Advantage "doesn't apply to any of our existing products, so it has no impact in the short run," Muglia said. "We will be introducing specific products in the next few quarters. We will probably start with management products in Junos Space, and we will extend that to a wide variety of other products over time."
Let us know what you think about the story; email: Shamus McGillicuddy, news director.