Nokia Nuage SDN

When someone asks you what SDN is and what the benefits are, sometimes we don’t know what to reply. However, we know how to design a network architecture and we know what devices we have to buy for the customer’s request but, actually, we don’t know sometimes we are deploying an SDN solution. For instance, when a customer with several internet links wants all VoIP traffic use only one link and another one for backup, and the rest of the traffic use another internet link, we know they need an SD-WAN solution, which is actually an SDN solution.

At the beginning of WAN networks, if you wanted a private network between an office and the datacenter, or between two offices, you had to buy a leased line, which was really expensive. Later on, frame relay allowed us to share the same physical network for several customers. Therefore, it was cheaper. Today, IP/MPLS networks are like frame relay but it also allows us better QoS for applications. However, I think SD-WANs are the networks of the future because they are transport independent and we can manage and control the whole network from a centralized perspective.

WAN networks evolution

Nokia Nuage is one of the SD-WAN solutions based on SDN. This solution has mainly four components. The Virtualized Services Directory or VSD is the management console where network administrators are going to design the architecture and they are going to define the network policies. The Virtualized Services Controller or VSC has the network control plane and all branches’ configurations are stored in this device. The Network Service Gateway or NSG is the edge router where the data plane takes place. Finally, the Elastic Search or ES component is a database which is used by VSD to show network statistics.

Nuage Virtualized Network Services (VNS)

The Nokia Nuage is an SDN solution where we can see each component of an SDN architecture very well because data plane, control plane and management plane are each of them a component. The control plane (VSC) and the management plane (VSD) are usually deployed in high availability, thus, a load balancer is needed. In addition, we could install NSG-UBRs to breakout traffic to another network. For example, we can configure a backup private network through the Internet when the main IP/MPLS network fails.

Nuage VNS standard deployment architecture

Finally, if you are going to configure and deploy a Nokia Nuage SD-WAN solution, you have to know how to configure the network topology. First of all, we have to configure an Enterprise, which is a tenant or end user and they are isolated from each other. The Domain is a layer 3 instance, like a VPRN or VRF, and they are also isolated from other domains, although shared domains with route leaking is possible. A Subnet is a layer 2 instance, like VPLS. A Zone is an administrative group of subnets, which shares the same policies. The last component is the Vport which is a virtual interface of a VM (virtual machine) or LAN side port+vlan.

Service abstractions

Regards my friends! What SD-WAN solution do you like?

Juniper 128T Session Smart SD-WAN

I’ve installed and configured SD-WAN networks just for redundant Internet links where customers have more than one Internet link for high availability, thus, if the primary link is down, another one works as a backup link, or even it works as active/active link. I’ve configured this kind of service mainly with FortiGate devices because customers wanted NGFW and SD-WAN in the same box but I would like to write today about Juniper 128T which is a revolutionary SD-WAN solution with Session Smart Routing.

First of all, I would like to tell you who is 128T. This is a U.S. company acquired by Juniper last year which has sold mainly SD-WAN solutions in the US. For instance, they have deployed SD-WAN in the U.S. DoD where performance and security is really important. Juniper wants to deploy this solution to the rest of the world as well as accelerate the industry evolution from the first generation SD-WAN technology that focuses on optimizing connections from branch-to-cloud to a modern AI-driven network that optimizes user experiences from client-to-cloud.

128 Session Smart

There are four business benefits I would like to tell you. The first one is that SD-WAN works without tunnels which I think is really powerful and revolutionary because there is no overhead and increases the network performance. The second one is the adaptative encryption technology which is very interesting because we can encrypt all traffic or only the one that is not encrypted. The third benefit is that it is software based, thus, we can install 128T wherever we want. Finally, the fourth benefit is the session awareness where there is a forwarding table with source addresses to route traffic from clients properly.

Business Benefits

There are many reasons why 128T is replacing Cisco, Silver Peak or Citrix solutions. Money is one of them because an architecture without tunnels reduces 75% in infrastructure costs and 30-50% in bandwidth costs because we can install 128T in any server and there is no traffic overhead. In addition, 128T scales rapidly and easily to lots of edges thanks to the tunnel-less architecture while other vendors require hard work to deploy new branches and services. However, there are many other reasons we could comment on.

Session Smart Routing

The Secure Vector Routing is revolutionary because routers send the first packet with a metadata, where the original addresses are inserted, and next packets are sent without this metadata because it is no needed due to the fact that there is already a session table to know how to translate addresses. Therefore, there is an important traffic saving with no overhead.

Secure Vector Routing

To sum up, Juniper 128T is revolutionary in SD-WAN networks because it is a tunnel-less architecture and it is an alternative to encapsulation with IPSec and/or IPSec + VxLAN, GRE or MPLS. As a result, there is an important saving traffic and money.

Regards my friends! What SD-WAN solution are you deploying?