Technology Breakout: Campus

Karl-Heinz Lutz– Partner Development Disclaimer

This statement of product direction sets forth Juniper Networks’ current intention and is subject to change at any time without notice. No purchases are contingent upon Juniper Networks delivering any feature or functionality depicted on this statement. Agenda Agenda

• Un1te – Junipers Framework • Trends in the market: new standards on it‘s way; 2,5 and 5 Gbps discussion • Fusion – a new architectural approach • New EX switching series • ND3.0 Open Convergence Framework Ready to deploy best-of-breed enterprise solutions

wireless security ucc management

Trends in the market Trends in campus LAN

2,5- und 5-Gbit/s-Ethernet • IEEE 802.3bz • Purpose: aggregation of IEEE 802.11ac WiFi standard AP • Probably named 2.5GBASE-T and 5GBASE-T (abbr: 2.5GbE & 5GbE) • NBASE-T or MGBASE-T, transport over copper • will work with Category 5e and Category 6 cables up to 100 meters span Cloud Speed Adoption Source: Dell’Oro 2015 80 1 GE 60 10GE 40GE 40 25GE 20 50GE

Percent of server shipments server of Percent 100GE 0

2014 2015 2016 2017 2018 Trends in campus LAN

Power over Ethernet PoE++ • IEEE 802.3bt • Purpose: augment the capabilities of existing Power Sourcing Equipment (PSE) and Powered Device (PD) specifications with Type 3 (≤ 60W at the PSE) and Type 4 (≤ 100W at the PSE) • Probably named DTE Power via MDI over 4-Pair Trends in campus LAN

Power over Ethernet PoE++ • IEEE 802.3bt Multi-Gigabit Related Timelines 2015 - 2016 Cisco/Aquan Vendors 2017 Juniper tia ship announce Early 2017 - Switches FRS NBASE-T pre-standard 2.5G based (standards switch products Wave 2 APs based)

IEEE merges 2016 Aruba 2017 IEEE NBASE-T/MBASE-T Wave 2 AP 802.3bz/802.3bt

Non-standard based products [draft] standard based products

Non-standards based Standards based (JNPR) All speeds - 100M/1G/2.5G/5G/10G Some vendors only Yes Up to 99.9W PoE Some vendors only Yes (IEEE 802.3bt) Interop testing with 2.5G APs No Yes Junos Fusion What is Junos Fusion Enterprise? Junos Fusion for Enterprise

Junos Fusion Enterprise Simple • Single management domain • Plug and play deployment of access switches (ZTP) • Single configuration with resilient control & data plane

Reliable • Carrier-grade control and data plane resiliency • High availability and ISSU • Consistent tooling across data center and campus On-premise DC Campus Building

Aggregation Device (AD): Flexible EX9200 • Built on open protocols (802.1BR) Satellite Devices (SD): EX4300 (1H 2016), EX3400 (2H 2016), • Flexible attachment models and scalability EX2300 (2H 2016) • Mix and match with traditional wiring closet switches

* Subject to verification Internal control protocols between AD and SD 1 LLDP Devices discovery and auto provisioning

Satellites management for all traffic related 5 2 802.1BR+ aspects (config / statistics / ports state)

4 Satellites management for non-traffic related 3 json-rpc aspects (chassis, environment, upgrade ..)

1 2 3 1 2 3

Configuration synchronization between 4 Netconf Aggregation devices

LAG synchronization between Aggregation 5 ICCP devices (MC-LAG) Unifying Enterprise Networks Simple Smart Flexible

Junos Fusion Enterprise elegantly unifies the enterprise Chicago Cleveland Junos Fusion Enterprise Junos Fusion Data Center

Finance VPN L3 / EVPN Sales VPN Extends EVPN capabilities to the Engineering VPN Guest VPN access

Consistent segmentation across all sites

Uniform VLANs, configuration and Boston HQ San Francisco policies Junos Fusion Enterprise Junos Fusion Enterprise Junos Fusion Enterprise - Migration

• Hybrid mode supported – MC-LAG/Access Switches and Fusion/SD • MC-LAG with EX9200 and EX4300 can Virtual Satellite migrate to Fusion Chassis Cluster • Script to deploy Fusion ready MC-LAG • Automate configuration conversion for access layer switches – Migrate to Fusion one closet at a time

Satellite Satellite Cluster Cluster Junos Fusion Enterprise – Competitive

Cisco Dell Brocade Juniper Junos Fusion Benefits Instant Access SPX Fusion Enterprise Extended Ports 2,000 2,000 768 6,000 Fewer management points Design simplicity Lower cost Max. VLANs 32 - 16 4,000 No compromise deployment Topologies Access ring Access No rings Flexible No rewiring to migrate ring Independent ADs No (VSS) No No Yes (Independent Resilient design (Stacking) Control Plane) SDs in cluster 5 8 N/A 10 Easy migration from stack Flexible design Uplinks 1G/10G 10G 10G/40G 1G/10G/40G Design Flexibility Phased Software Possible Possible Entire Supported Independent components enable Upgrade/Downgra SPX phased upgrades and easy migration de Junos Fusion Enterprise Roadmap

1H 2016 2H 2016

- EX9200 Series as AD - EX2300 and EX3400 as SD - EX4300 as SD - Access Security - 128 SDs in a Fusion fabric - IPv4/v6 multicast forwarding - PoE/PoE+ on SD features - 10-member Cluster for SD - QoS: L2 and L3 MF/BA - LLDP-MED on SD Classifiers - Layer 2 forwarding - Network Monitoring features - IPv4 and IPv6 unicast - Cable Diagnostics forwarding - MACsec support on SD - ACL features downlinks - Network Director New EX switching series Core/Distribution Evolution EX9200

1.2T/slot 400G Native Modular LC 480G/slot LC 10/40/100GbE

NG RE

10G/40G LC Scale 480G/slot 260G/slot LC

240G/slot (Density (Density andElasticity) 240G LC Juniper Innovations

2013 2014 2015 2016 2017+ Shipping

Committed FRS Eagle PFE NG Fabric Cassis II Cassis XF2 Fabric Junos Fusion NG PFE Investigation 1G MACsec Enterprise XF Fabric EVPN 100G MACsec 10G MACsec VXLAN IPSec Virtualization EX9200 Linecards Modular Linecard Multi-rate Linecard 40x10G MACsec

QSFP

QSFP 20 xSFP+ Fixed QSFP28 Fixed MIC0 EA @ 240G EA @ 240G QSFP MIC0 with QSFP MACSec QSFP28

QSFP

• Flexible configuration QSFP 20 xSFP+ Fixed QSFP28 Fixed MIC1 EA @ 240G EA @ 240G • Lower 10GbE entry cost QSFP MIC1 with QSFP QSFP28 MACSec • Up to 130Gbps throughput • 480Gbps throughput • 400Gbps throughput • Interface cards • Fixed 12 QSFP ports • 40 x 10GE ports – 20 1GbE SFP • 48 10GE SFP+ w/ BO • MACSec ready – 40 1GBASE-T • 12 40GE QSFP+ • MACsec on all 40 ports – 10 10GbE SFP+ • 4 100GE QSFP28 optics • AES 256 support Access Evolution

Compact

Fusion Enterprise

Aggregation Fusion Enterprise 802.3bz 802.3bt

1/10GbE entry level

1/10/40GbE mid level Mixed Virtual

Scale Chassis EX4300 Fiber EX4600

EX4300 (Density (Density andElasticity) Virtual Chassis Juniper Innovations

2013 2014 2015 2016 2017+ Shipping

FRS Mixed VC Committed scale 320G VC Access Fusion Virtualization Investigation 1GbE/10GbE control Enterprise IPv6 access MACsec Integration 2.5G/5G security access

EX2300 Access Switch

Compact & High Performance EX2300 and EX2300-C 1GbE density 10GbE uplinks in 1RU

Standard Compliance IEEE 802.3at (POE +)

Management Simplification Junos Virtual Chassis* (4 devices - 10G support)

Operational Simplicity and Automated Config Juniper Fusion Enterprise (IEEE 802.1BR support)

planed for Juni 2016 timeframe *license needed EX2300-C Overview

1Gbps Access Switch . 12 x 10/100/1000Base-T ports . 2 x 1GbE or 10GbE SFP/SFP+ ports USB/Console/Mgmt 12 x 10/100/1000 Base-T . POE/POE + budget supported 2 x 1GbE or 10GbE SFP/SFP+ . 124W 802.3at or 802.3af . Fixed Configuration

10/100/1000Base-T 1/10 GbE SFP/SFP+ EX2300 SKUs* Cooling POE/POE+ ports ports EX2300-C-12T 12 2 Fanless 0 EX2300-C-12P 12 2 Fanless 12

***PoE (15.4W) is supported on up to any 8 ports simultaneously ***PoE+ (30W) is supported on up to any 4 ports simultaneously EX2300 Overview

1Gbps Access Switch . 24, 48x10/100/1000Base-T ports 4 x 1GbE or 24, 48x10/100/1000Base-T . 4 x 1GbE or 10GbE fixed SFP/SFP+ ports 4 x 10 GbE SFP/SFP+ . POE/POE + budget supported . 370W on 24 port SKU . 740W on 48 port SKU

Console, Mgmt, USB and Fixed power/Fan . Fixed configuration

EX2300 SKUs* 10/100/1000 Base-T ports 10GbE SFP+ ports POE/POE+ ports POE/POE+ Power Budget Cooling AC/DC

EX2300-24T 24 4 0 0 1x Fixed, AFO Fixed AC EX2300-24P 24 4 ***24 370W 2x Fixed, AFO Fixed AC *EX2300-24T-DC 24 4 0 0 1x Fixed, AFO Fixed DC *EX2300-24P-TAA 24 4 ***24 370W 2x Fixed, AFO Fixed AC EX2300-48T 48 4 0 0 1x Fixed, AFO Fixed AC EX2300-48P 48 4 ***48 740W 2x Fixed, AFO Fixed AC *EX2300-48T-DC 48 4 0 0 1x Fixed, AFO Fixed DC *EX2300-48P-TAA 48 4 ***48 740W 2x Fixed, AFO Fixed AC ***Full PoE (15.4W) is supported on all ports with the fixed PSU (All SKUs) *DC and TAA SKU are offered 2H 2016 ***PoE+ (30W) is supported on up to 12 ports on -24 port SKU, up to 24 ports on -48 port SKU EX2300 Platform Detail

EX2300-C-12T EX2300-C-12P EX2300-24T EX2300-24P EX2300-48T EX2300-48P CPU ARMv7 Cortex A9 CPU 1.25GHz DRAM/Flash 2GB/2GB Performance 64Gbps/47.6Mpps 128Gbps/95.2Mpps RJ45 10/100/1G Mgmt port on front RJ45 type 10/100/1G Management port on rear Management One RJ45 Console and RS232 to RJ45 type Console on rear and RS232 to Mini USB Console on front Mini USB Console on front panel One type-A USB HOST port, support One type-A USB HOST port, support USB 2.0 (480Mbps) on rear USB USB 2.0 (480Mbps) on front panel panel Ethernet Port 12 x 10/100/1G RJ45 port 24 x 10/100/1G RJ45 port 48 x 10/100/1G RJ45 port Virtual Chassis 2 x 10G SFP+ Fixed Fiber port 4 x 10G SFP+ Fixed Fiber port Port AC PSU AC 40W AC 170W AC 450W AC 90W AC 850W 65W/DC100W Cooling Fan less Single FAN Dual FAN Single FAN Dual FAN System Air Air Flow Out (AFO – front to back air flow) only Flow A few software differences EX2200 EX2300

• No IEEE802.1BR support • IEEE802.1BR support * • No ERSPAN • ERSPAN • IEEE 802.1AG (LFM) Ethernet Link Fault • No LFM Management • No CFM • IEEE 802.3AH (CFM) Connectivity Fault • No ERPS Management • IEEE 802.1X support differences • G.8032 (Ethernet Ring Protection Switching) – No RFC 3576 support – No Central Web Authentication Support – No Flexible Auth order of MAC Auth – No EAP-PAP protocol support for MAB

* Enterprise Fusion supported FRS +, operates in satellite mode as part of JUNOS Fusion for Enterprise EX2300 – Transceiver Support Matrix

1GbE 10GbE EX-SFP-1GE-T EX-SFP-GE10KT13R14 EX-SFP-1GE-LX40K EX-SFP-GE80KCW1470 EX-SFP-10GE-USR EX-SFP-1GE-SX EX-SFP-GE10KT13R15 EX-SFP-GE40KT13R15 EX-SFP-GE80KCW1490 EX-SFP-10GE-DAC-1M EX-SFP-1GE-SX-ET EX-SFP-GE10KT14R13 EX-SFP-GE40KT15R13 EX-SFP-GE80KCW1510 EX-SFP-10GE-SR EX-SFP-1GE-LX EX-SFP-GE10KT15R13 EX-SFP-GE80KCW1530 EX-SFP-10GE-LR EX-SFP-1GE-LH EX-SFP-GE80KCW1550 EX-SFP-10GE-ER* EX-SFP-GE80KCW1570 EX-SFP-10GE-ZR* EX-SFP-GE80KCW1590 EX-SFP-10GE-DAC-3M EX-SFP-GE80KCW1610 EX-SFP-10GE-DAC-5M

Supported at FRS

*These ER/ZR optics are supported on EX2300 only, not supported on the –C platform, due to thermal requirements

Juniper EX3400 Access Switch

Compact, High Performance, & Built-in Redundancy 1GbE density, 10GbE and 40GbE uplinks in 1RU, Dual EX3400 Redundant Power Supplies and Fans Standard Compliance Full POE (15.4W) support with a single PSU Full POE+ (30W) support with dual PSU (1440 W)

Management Simplification

Junos Virtual Chassis (10 Devices - 40G support)

Operational Simplicity and Automated Configuration Juniper Fusion Enterprise (802.1BR support)

MACsec Supported on 1G and 10G interfaces

planed for Juni 2016 timeframe EX3400 Overview

Mid Level 1Gbps Access Switch . 24, 48x10/100/1000Base-T ports . 4 x 10GbE or 1GbE fixed SFP/SFP+ ports 24, 48x10/100/1000Base-T 4 dual-mode 1GbE/10GbE SFP/SFP+ 2 x 40GbE . 2 x 40GbE fixed QSFP+ ports * QSFP+ . POE/POE + budget supported . 370W or 720W on 24 port SKU . 740W or 1440W on 48 port SKU Console/ Field Replaceable Dual Power Mgmt/USB Fans supply slots 10/100/1000 10GbE SFP+ 40GbE QSFP+ POE/POE+ POE/POE+ Power EX3400 SKUs* Cooling AC/DC Base-T ports ports ports ports Budget EX3400-24T 24 4 2 0 0 2 x Hot-Swappable/Redundant Fans, AFO AC EX3400-24P 24 4 2 24 **370W or 720W 2 x Hot-Swappable/Redundant Fans, AFO AC EX3400-24T-DC 24 4 2 0 0 2 x Hot-Swappable/Redundant Fans, AFO DC EX3400-48T 48 4 2 0 0 2 x Hot-Swappable/Redundant Fans, AFO AC EX3400-48P 48 4 2 48 **740W or 1440W 2 x Hot-Swappable/Redundant Fans, AFO AC EX3400-48T-AFI 48 4 2 0 0 2 x Hot-Swappable/Redundant Fans, AFI AC *2 x 40GbE QSFP+ ports used as uplink or VC, breakout of 10-GbE not supported (Same as EX4300) POE is supported on all ports with a single power supply POE+ is supported on all ports with dual power supplies EX3400 Platform Detail

EX3400-24T EX3400-24P EX3400-48T EX3400-48P CPU Dual-core ARM Cortex A9 1GHz DRAM/FLASH 2GB/2GB Performance 288Gbps/214.2Mpps 336 Gbps / 250Mpps Management miniUSB at front panel, RJ45 type RS232 at rear panel, Ethernet management port at rear panel USB One type-A USB port at rear panel, support USB 2.0 (480Mbps) Ethernet Port 24 x 10/100/1G RJ45 Copper port 48 x 10/100/1G RJ45 Copper port Virtual Chassis Port 4 x 10G SFP+ fiber port AND 2 x 40G QSFP+ fiber port 2 x Hot-swappable (Pluggable) PSU, support 1+1 redundancy & load sharing PSU 150W AC/DC 600W AC 150W AC 920W AC Cooling 2 x Hot-swappable (Pluggable) FAN Tray 1+1 FAN redundancy System Air Flow AFO only AFO only AFO & AFI AFO only A few software differences EX3300 EX3400

• No configurable TCAM support • Configurable Unified Forwarding Table • No IEEE802.1BR support (UFT) FRS + • No ERSPAN • IEEE802.1BR support* • IEEE 802.1AG (LFM) Ethernet Link Fault • ERSPAN Management • No LFM • IEEE 802.3AH (CFM) Connectivity Fault • No CFM Management • No ERPS • G.8032 (ERPS) Ethernet Ring Protection • No BGP Switching • IEEE 802.1X support differences • BGP v4 – No RFC 3576 support – No Central Web Authentication Support – No Flexible Auth order of MAC Auth – No EAP-PAP protocol support for MAB

* Enterprise Fusion supported FRS +, operates in satellite mode as part of JUNOS Fusion for Enterprise Hardware Comparison

From EX2200 to EX2300 Feature EX2200 EX2300 Uplinks/VC 4 x 1G 4 x 10G • Increased uplinks to 10G PoE Budget 405 W 740 W • Increased virtual chassis bandwidth Fusion SD NO YES • Added 802.1BR support VC license at 10G NO YES !!! MACsec NO NO From EX3300 to EX3400 Feature EX3300 EX3400 • Increased uplinks to 40G 40G ports 0 2 • Increased virtual chassis bandwidth Hot-swappable PSU NO YES • Added 802.1BR support PoE Budget 740 W 1440 W • Added FRUable redundant Fans • Added FRUable redundant PSU SKUs Fusion SD NO YES • Added MACsec VC license at 40G NO NO MACsec license NO YES Half Duplex support at FRS

• Supported on EX2300 – 24 port SKUs will support up to 16 ports – 48 port SKUs will support up to 32 ports – 12 port SKUs will support up to 12 ports – Ports will not be labeled on the chassis – Ports are assigned to the initial 16 ports of ASIC • EX3400 at FRS will not support Half Duplex

Half Duplex first 16 Ports on ASIC EX2300 and EX3400 Rack n’ Roll Overview

All shipped devices carry a sticker with a QR code, which maps to the device’s serial At the time of physical lab setup, number/mac address or both. lab admin puts a sticker with a QR code on each rack(one time effort). This QR code captures

the location of rack (Site > Building > Floor> Aisle)

EX Platform Software Roadmap

1H 2016 2H 2016

- EX9200 - EX9200 - EX9200 sFlow for IPv6 - 802.3x* - EX9200 LX4, LRM optic - EX4600 - EX9200 512K FIB - EVPN* - EX9200 MC-LAG Simple User Experience - L2PT* - L2VPN - EX4600 - IPv6 PIM multicast - VR support on PIM - L3VPN

* Investigating, not committed Network Director 3.0 Network Director Campus & Branch (2016)

1H2016 2H2016

Junos Fusion Enterprise provisioning workflow Unified switching & security UI & workflows Junos Fusion Enterprise cluster management Connectivity management Network segmentation provisioning workflow Microsoft Lync integration Zero Touch Deployment Access control security integration Key Management (VPN & MACSEC) Universal CPE management Unified visibility; 3rd party WLAN & switches

Under investigation Network Director 3.0 highlights

Cloud Enabled Enterprise • Junos Fusion for Enterprise support

Simplification • Auto Profile • Easy Config • Fusion Data Center support • Controller-less overlay support: EVPN/VXLAN provisioning Visibility • Fusion campus and Data center visibility • EVPN/VXLAN monitoring

Easy Config

1 Portal for day to day operations

Allow the network admin or help desk to make 2 quick and point changes

3 Ability to configure vlans, POE,802.1x Portal UI

Active Directory /LDAP WLC Dat SRX a EX9200 MC-LAG Fina nce

Wireless AP EX4300 Vid User Virtual Smart eo

Chassis Pass Ap Tablet/smar UAC Corporateps Data tphone Center Internet Access Policy Integration

Supported Use Cases

Profiling • 802.1X authentication Server Clearpass / • MAC authentication ISE/Other RADIUS • Guest user authentication* • BYOD* EX • Device profiling • SRX EX Aruba use cases* • UserFW • UserFW query • Threat detection/mitigation * Not supported on Cisco ISE Juniper Switches Support Diverse Architectures

Network Ops DevOps IT/Cloud Ops

Multi-Tier Ethernet Fabric: Overlays Ethernet Junos Fusion IP Fabric (VXLAN, EVPN and Virtual Chassis Fabric MPLS)

Controller

Common Building Block

QFX10K Spine Switches QFX5K Spine/Leaves Switches Additional useful information How to make things easier –

• Network Design and Architecture Center – Data Center Networks

• J-Net Forum TechWiki

• Cloud Labs

What is Juniper Cloud Labs (JCL)?

• Juniper Cloud Labs or JCL is Juniper's self serve portal for SEs and Partner Ingenious Champion to get access to Juniper devices for sandboxes and demonstrations. • The system itself is comprised of two parts: • The web pages -- They contain information about the available sandboxes, demonstrations and solution showcases. These are the pages you're viewing now. • The JCL Portal Pages -- They provide access to the equipment sandboxes, demonstrations and showcases.

Questions ? Thank you

#JuniperIDEAS

Breakout Session SP / SDN / NFV Sergei Gotchev Partner System Engineer Alicante, May 2016 LEGAL STATEMENT

This statement of product direction sets forth Juniper Networks’ current intention and is subject to change at any time without notice. No purchases are contingent upon Juniper Networks delivering any feature or functionality depicted on this statement. MX Portfolio 20 LC / 45RU 80Tbps

10 LC / 34RU 40Tbps

10 LC / 24RU 40Tbps

11 LC / 16RU 13.2Tbps 6 LC / 8RU

2 LC / 5RU 7.2Tbps 2.4Tbps 4RU N x 2RU 80 Gbps 10Gbps 80 Gbps

vMX MX 80 MX 104 MX 240 MX 480 MX 960 Chotu MX 2010 MX 2020

4Q2016 Introducing EA (Eagle), 3rd generation Trio ASIC

Physical Characteristics • 28nm process • 23.44mm x 23.15 mm die size • More than 60% power consumption reduction, enabling 0.5W per gigabit at the system level

Capabilities • All Trio forwarding features • High scale flow export, video monitoring • Ethernet OAM and BFD • Performance monitoring • Sophisticated packet parsing, lookup and encapsulation Industry’s first 400GE • Integrated rich queueing capable network • Improved tunnel performance processor • Chip level telemetry and analytics support MX2008? MX2008 (Chotu) Details

Chotu Details Slots • 10 I/O Slots Rack Size • 24RU, Standard 19” Rack • AC/DC : N+1 Redundancy PSM, N+N feed Power redundancy, 12KW

• 2 Fantrays Fan and Cooling • Front to Back Airflow • Single Cooling Zone

RE/RP • 1+1 RE Redundancy Fabric • 7+1 Switch Fabric Redundancy; 2Tb/slot at FRS BW • Chassis capable of 4Tb/slot at FRS NEBS • GR-63 NEBS Compliant

FRS and General Availability timelines : • HW Release: 2H 2016, December 2016 timeframe • FRS: 15.1F7, forward-port to 16.1R4, Mainline 17.1R1 Value Proposition

Investment Protection Density Environmental

• GR-63 NEBS • Common MX2K MPCs • Unmatched 10G/100G • Common MX2K power and density with Edge feature • Half-Rack design cooling FRUs set • Reduced power footprint Same mid plane MX2010 • Roadmap to industry option design leading 4Tbps/slot for Edge • Available single phase AC • Common features and platforms support feature velocity with MX2020/2010

What’s new?

• Chassis • RE-CB (Mechanical variation of MX NG-RE) • Fabric (MX2000-SFB2 fabric with one fabric chip depopulated) Switching Plane (MPC9E with SFB2)

Fabric #1 EA0 EA0 o Each PFE has three lanes to each of *** the eight fabric cards = 3 lanes x 8 = 24 lanes Fabric #2 o Each lane capable of 25Gbps, hence total capacity per slot = EA1 EA1 24x4x25Gbps = 2.4 Tbps

LC#0 LC#9

EA2 EA2

EA3 EA3 Fabric #8 MPC7E, MPC8E, MPC9E and MX2K Switch Fabric Overview MPC7E, MPC8E and MPC9E Applications

Performance: High FIB Scale, Forwarding Performance at small packet sizes Peering Control Plane Protection: TTL Security, Loopback Filters, Suspicious Flow Detection Traffic Visibility: Inline IPFIX, Source Class Usage/Destination Class Usage, Filter Counters Attack Mitigation: FlowSpec, Efficient GRE Encapsulation / Decapsulation Business Rich Services: L3 VPN, VPLS, EVPN, VPLS, MEF-defined services Traffic Differentiation: Ingress and Egress Queueing, enhanced scheduling priorities Edge Resiliency: Tail end protection, egress circuit protection, prefix independent convergence Broadband Performance: Highest bandwidth per subscriber at scale Service Models: PPPoE, DHCP, C-VLAN, S-VLAN Edge Traffic Insight: Inline Video Monitoring Services: VPLS, EVPN, L3 VPN, Internet Routing Data Center Overlays: VXLAN with VMWare, Juniper Contrail Gateway Various Deployment Scenarios: MC-LAG, Virtual Chassis

Performance: High FIB Scale for IP Core Core Load Balancing: Extensive payload analysis, adaptive techniques MPC7E Line Cards

1/3rd of a rack MPC7E-10G 1584 10GE interfaces per rack MX960 20 20 xSFP+ Fixed 1.4W per gigabit at system level at 40C MIC0 EA @ 240G MACSec for confidentiality with AES-256 support (10G card) with

Universal multi-rate 10/40/100GE ports to reduce spares MACSec

Flexible software-enabled queueing options 20 xSFP+ Fixed Smooth upgrade. Same hardware and 15.1 with JAM/JUNOS Continuity MIC1 EA @ 240G Trio feature set, analytics, QoS and performance enhancements with

MACSec All 11 slots In use MPC7E-MRATE

QSFP QSFP QSFP28 Fixed EA @ 240G UPGRADE DEPLOY NEW LEVERAGE QSFP MIC0 QSFP Systems at the services QSFP28 Existing chassis and edge, peering sites, in the Extensive Trio feature set QSFP double capacity to meet QSFP metro and in the data for service flexibility QSFP28 Fixed traffic growth demands EA @ 240G center QSFP MIC1 QSFP QSFP28 MPC8E and MPC9E Line Cards

MX2K-MPC8E

MX2020 MIC 4 x QSFP28/

QSFP+ EA @ 240G -

320 100GE interfaces per chassis MRATE

0.94W per gigabit at system level at 40C 8 x QSFP+ EA @ 240G

Modular line cards for future 400GE support MIC Universal multi-rate 10/40/100GE ports to reduce spares 4 x QSFP28/ QSFP+ - EA @ 240G MRATE Flexible software-enabled queueing options 8 x QSFP+ Smooth upgrade. Same hardware and 15.1 with JAM/JUNOS Continuity EA @ 240G Trio feature set, analytics, QoS and performance enhancements

MX2K-MPC9E MIC

EA @ 400G

8 x QSFP28/ - MRATE

QSFP+ UPGRADE DEPLOY NEW LEVERAGE EA @ 400G 4 x QSFP+

Existing chassis and Systems at the services MIC quadruple capacity to edge, peering sites in the Extensive Trio feature set

8 x QSFP28/ - EA @ 400G meet traffic growth metro and in the data for service flexibility MRATE

QSFP+ demands center EA @ 400G

4 x QSFP+

MIC-MRATE, 12 x QSFP Universal Port MIC

Description

12 x QSFP Universal Port MIC for MPC9E and MPC8E line cards.

Connectivity 8 x QSFP28 Ports • All ports support 4 x 10GE and 40GE • 8 ports support 100GE QSFP28 when used in MPC9E • 4 100GE ports supported when used in MPC8E

QSFP28: 100GE LR4, SR4 Optics QSFP+: 4 x 10GE LR, SR QSFP+: 40GE LR,SR

15.1F5-S1 (JAM/JUNOS Continuity) SOFTWARE 16.1R1 SFB2 MX2010 and MX2020 1.6T Switch Fabric

Description MX2010 and MX2020 Switch Fabric enabling 1.6T capacity per slot

Capacity • 2T per slot with 8 fabrics active • > 1.6T per slot with 7 fabrics active

LINE CARDS All MPCs

15.1F5-S1 (JAM/JUNOS Continuity) SOFTWARE 16.1R1

OTHER Existing Power Supplies / FAN Trays MX Next Generation RE & MX Virtualization Node Virtualization

Network Convergence for better TCO NG-Routing Engine Need for network agility and innovation Virtual RE Motivation Flexible risk management Enablers MX Trio architecture Virtual Fabric Interfaces Need to scale up and down Modeling & Orchestration Partition MX into slices NODE Solution Each slice is equivalent to an MX VIRTUALIZATION

Enable fabric based communication SLICE1 SLICE4

BNG1 BNG2 TODAY edge router edge router SINGLE PHYSICAL MX PARTITIONED IN SLICES BNG PE VIDEO EACH FOR ONE FUNCTION EDGE PE edge router edge router SLICE3 SLICE2

VIDEO VIDEO PE BNG EDGE EDGE SINGLE PHYSICAL EDGE ROUTER WITH MULTIPLE PHYSICAL EDGE ROUTERS MULTIPLE FUNCTIONS Introducing the new MX NG-RE

Numbering Name Description 2 Auxiliary Port RS232 UART Port 3 Console Port RS232 UART Port 4 Management Port 10/100/1000Base-T Ethernet Port 6 Online/Offline Switch Switch to change the state of RE 7 & 10 SSD LED Status & Compartment Two SSD with respective LED Status 8 USB Port Used for Fresh install of OS. 9 Reset RE Reset

Numbering During Power On Indicates During Power Off Indicates Off  Slow Blink RE is powered on Green  Fast Blink Button Press

5 Slow  Fast Blink Linux Booted Fast  Slow Blink JunOS shutdown Fast Blink  Green JunOS Booted Slow Blink  Off Linux Shutdown Specification Overview

Specification MX MX2K PTX5K

Intel Haswell 6 Core CPU Intel Haswell 8 Core @ 2.3Ghz @ 2.0Ghz

Memory 64GB (DDR4) *

Storage DUAL 64GB SSD

Intel VT-x / VT-d / VT-c Virtualization Yocto Linux / KVM / QEMU JUNOS KERNEL: RE-CB Interface 10G (SMP)

15.1F5, 16.1R4, 15.1F3, 15.1F4, * 15.1F3, 16.1R1 16.2R1 16.1R1 Software SMP Enabled SMP Enabled SMP Enabled 64b RPD 64b RPD 64b RPD

* Future Platform Support Matrix

Hardware/Software RE-S-X6-64G-S RE-S-X6 / REMX2K-X8 Chassis: MX960/MX480/MX240  X Chassis: Chotu/MX2020/MX2010 X  SCB X X SCBE X X SCBE2  X SFB X  SFB2 X  MPC/MS-MIC/MS-MPC   DPCE/MX-FPC/MS-DPC X X JUNOS (“junos-install”)   JUNOS (“jinstall”) X X Software Release & Feature Schedule

Feature Target Release Tentative Ship date

FRS – MX960, MX480, MX240 15.1F3 1H2016

FRS – PTX5K NGRE support FPC1 & FPC2 15.1F3 1H2016

FRS – PTX5K NGRE support FPC1, FPC2 & FPC3 15.1F4 1H2016

FRS – MX2020, MX2010 15.1F5 1H2016

15.1R1 Feature Parity 15.1F3 1H2016 ISSU 15.1F5 1H 2016

MX-VC 15.1F5 1H 2016

Subscriber Management 15.1F6 2H 2016

Subscriber Scaling & Performance 15.1F6 2H 2016 vMX Virtualization types

• Guest OS is not modified. Same OS is spun as a VM Fully Virtualized • Guest OS is not aware of virtualization. Devices emulated entirely. • Hypervisor need to trap and translate privileged instructions

• Guest OS is aware that it is running in virtualized environment • Guest OS and Hypervisor communicate through “hyper calls” for improved Para Virtualized performance and efficiency • Guest OS uses a front-end driver for I/O operations • Example : Juniper vRR, vMX (SRIOV)

• Virtualization aware hardware (processors, NICs etc) Hardware • Intel VT-x/VT-d/vmdq, AMD-V assisted • Example: Juniper vMX (VIRTIO) Virtual and Physical MX

CONTROL PLANE Microcode cross- compiled

DATA PFE VFP PLANE

ASIC/HARD TRIO X86 instructions WARE UCODE

Cross compilation creates high leverage of features between Virtual and Physical with minimal re-work vMX Product Overview

Virtual Control Plane (VCP) • JUNOS hosted in a VM. Offers all the capabilities available in JUNOS • Management remains the same as physical MX • SMP capable Guest VM (Linux) Guest VM (FreeBSD)

VFP VCP Virtual Forwarding Plane (VFP) • Virtualized Trio software forwarding plane. Feature

parity with physical MX. Utilizes Intel DPDK libraries

IOV - • Multi-threaded SMP implementation allows for VirtIO Hypervisor: KVM, ESXi elasticity • SR-IOV capable for high throughput Bridge / vSwitch • Can be hosted in VM or bare-metal

PCI throughPass PCI SR Physical layer Cores Memory Orchestration • vMX instance can be orchestrated through OpenStack Physical NICs MGMT Kilo HEAT templates • Package comes with scripts to launch vMX instance *Single Root I/O Virtualization (SR-IOV) is PCI-Express (PCIe) extention that allows a PCI-e device to be virtualized so that many PCU-e devices are availavel in the guest VM’s *VirtIO – Virtual IO – Paravirtualized drivers for KVM/Linux. The idea behind it is to have a common framework for hypervisors for IO virtualization vMX Host Requirements

Sample system configuration

Description Value Intel Xeon E5-2667 v2 (Ivy Bridge Processors) @ 3.30GHz 25 MB Cache. Sample system configuration NIC: Intel 82599 (for SR-IOV only)

Memory Minimum: 8 GB (2GB for vRE, 4GB for vPFE, 2GB for Host OS)

Storage Local or NAS

Sample configuration for number of CPUs

Use-cases Requirement

Min # of vCPUs: 4 [1 vCPU for VCP and 3 vCPUs for VFP]. Min # of Cores: 2 [ 1 core VMX for up to 100Mbps performance for VFP and 1 core for VCP]. Min memory 8G. VirtIO NIC only.

Min # of vCPUs: 4 [1 vCPU for VCP and 3 vCPUs for VFP]. Min # of Cores: 4 [ 3 VMX for up 3G of performance cores for VFP, 1 core for VCP]. Min memory 8G. VirtIO or SR-IOV NIC.

Min # of vCPUs: 5 [1 vCPU for VCP and 4 vCPUs for VFP]. Min # of Cores: 5 [ 4 VMX for 3G and beyond (assuming min 2 ports of 10G) cores for VFP, 1 core for VCP]. Min memory 8G. SR-IOV only NIC. vMX Baseline Performance in 14.1 VMX performance in Gbps 2 x 10G ports 6 x 10G ports

# of cores for packet processing * # of cores for packet processing*

Frame size (Bytes) 3 4 6 8 10 Frame size (Bytes) 3 4 6 8 10

256 2 3.8 7.2 9.3 12.6 256 2.2 4.0 6.8 9.8

512 3.7 7.3 13.5 18.4 19.8 512 4.1 8.1 14 19.0 27.5

1500 10.7 20 20 20 20 1500 11.5 22.9 40 53.2 60

4 x 10G ports 8 x 10G ports

# of cores for packet processing* # of cores for packet processing* Frame size (Bytes) 4 6 8 10 12 Frame size (Bytes) 3 4 6 8 10 64 2.1 2.8 3.5 4.2 5.3 256 2.1 4.2 6.8 9.6 13.3 128 3.9 5.2 6 7.3 8.7 256 5.2 8 10.4 12.6 15 512 4.0 7.9 13.8 18.6 26 512 12.7 18.3 23 27.7 32 1500 11.3 22.5 39.1 40 40 1500 33.6 47 58.5 71.5 79 IMIX 14 20 25.4 31 37

*Number of cores includes cores for packet processing only i.e worker cores. For each 10G port there is a dedicated core i.e I/O core not included in this number. vMX Use-Case: Virtual PE

Use-case

Central Office, National/Regional Hub Site Data Centers • Scale-out deployment scenarios vMX vMX • Low bandwidth, high control plane scale customers • Dedicated PE per customer CO Gateway CO Gateway • Small PE in a new market segment or geography with ability to support secure transport

Metro Network Provider MPLS Network vMX value proposition

CPE L2 switch Enterprise L3 PE L2 switch L3 PE • vMX is a virtual extension of a physical MX PE with all the capabilities of a carrier class PE router • vMX offers IPSec and IPSec VPN capability • Orchestration and management capabilities inherent to

CPE CPE any virtualized application apply Enterprise Enterprise

L3 VPN/IPSec VPN

L2VPN/VPLS/L2Circuit vMX Use-Case: DC Gateway/Virtual Private Cloud Gateway Use-case • Service Providers need a gateway router to connect the virtual networks to the physical network • Small hosting providers need a gateway route to connect to the internet Non Virtualized VPN Cust A VPN Cust B Servers • Gateway should be capable of supporting different DC overlay, DC Interconnect and L2 technologies in the DC ToR such as GRE, VXLAN, VPLS and EVPN vMX MPLS Cloud • Virtual Private Cloud (VPC) customers need a gateway router in the cloud to VXLAN GW (VTEP), i. Route between subnets in a VPC instance L3VPN GW, Internet GW ToR ii. Route between VPC instances across geographies iii. Secure transport from a public or private network without scaling restrictions imposed by CSP Internet VTEP • Cloud Service Providers don’t want to create specialized VM VM VM Virtual Virtual product offerings to meet these needs Network A Network B

Virtualized vMX value proposition Server • VMX supports all the overlay, DCI and L2 technologies available on MX VPC instance VPC instance • Scale-out control plane to scale up VRF instances and number of VPN routes • Create overlay topologies using IPSec and MPLS Amazon Direct vMX VPC GW vMX VPC GW VPN technologies for Hybrid Cloud integration into the Connect enterprise

AWS Region AWS Region vMX Use-Case: Enterprise WAN Router

Use-case

• Large Enterprises and Government institutions want to build their own overlay network over a Service Providers MPLS or Layer 2 network • Transport for overlay network can be using encapsulation technologies such as MPLSoGRE, VXLAN and IPSec for Enterprise secure transport

vMX Overlay: Group VPN, CPE MPLSoGRE, VXLAN

vMX value proposition Provider MPLS network vMX Enterprise CPE • vMX will offer IPSec VPNs using Group VPN technology for secure overlay transport vMX CPE • All existing routing functionality available on vMX Enterprise makes it a robust Enterprise WAN router vMX Use-Case: New Market/Geography PE

Use-case

• Service Providers want the ability to bring-up a PE in a new geography/market with low upfront CAPEX and shorter time-to-market • Service Providers don’t always own the end-to-end circuit Local Providers to their customers in all geographies/locations. Such use- MPLS cases require secure transport using IPSec from the network customer site. CPE Partner MPLS network or Enterprise Internet for backhaul vMX PE Physical PE Interne vMX+Porter value proposition t

• vMX offers the capabilities of a physical MX but at lower bandwidth granularities for new locations and New Geography/Market Present Market geographies.

• The addition of IPSec for site-to-site tunnels allows for secure transport in-case the SP has to utilize a partners network vMX Use-Case:Distributed vLNS & vBNG

Market Requirement vMX + Porter Solution

. vBNG and vLAC connect broadband subscribers via L2 from aggregation network, then assign IP and policies for L3 hand to . vBNG and vLAC allow just in time provisioning in small COs the core or retail ISP (<8K subscribers and <20 Gb/s) close to the access node . vLNS deploys customized configurations for one or more . vLNS deploys optimized instances for each Business VPN or retails ISPs or Business VPNs per instance Retail ISP with dynamic capacity management

AAA & DHCP ADSL vLAC ISP X Ethernet Servers Aggregation vLNS Retail ISP VDSL

ISP Z

Core VPN1 vBNG vLNS Fiber Business VPN VPN2

Metro Edge Core Retailer Junos Fusion for Edge What is Junos Fusion for Edge?

Use-case

AD AD AD • Port extension on the MX to maximize the chassis value with better slot utilization, leading to improved ROI • Resilience through CPE dual homing and L2/L3 routing in and/or through Fusion HA

Junos Fusion for Edge value proposition

• Optimizing the Capex, improved ROI SD SD SD SD • Management simplicity • Plug and Play Single Aggregation Dual Aggregation Devices • Large scale Device

Supports L2 and L3 at the access Supports L2 at the access Protocols Used Internally

1 LLDP Devices discovery and auto provisioning

Satellites management for all traffic related aspects 5 2 802.1BR+ (config / statistics / ports state)

4 Satellites management for non-traffic related aspects 3 json-rpc (chassis, environment, upgrade ..)

1 2 3 1 2 3

Configuration synchronization between Aggregation 4 Netconf devices

Interchassis Communication Protocol manages the setup and control of the redundancy groups 5 ICCP (active/standby). What is 802.1BR?

Dataplane Format Control Plane Protocol Communication protocol

Define a packet header to Control and Status Edge Control Protocol add external ports Protocol (CSP) define how (ECP) define how control information between the aggregation manage packets (CSP) are satellite and aggregation the satellite. exchanged and transport devices. Designed to be extended between aggregation and satellite devices. Embedded capabilities Designed to be point to Supported in hardware negotiations process as point by Recent Merchant part of the initialization. Silicon Junos Fusion for Edge HW

Aggregation Device (AD) MX960/480/240 MX2020

Satellite Device (SD) QFX5100, EX4300

FRS Q2 2015 (14.2R3)

Single AD Mode of deployment Dual AD (Roadmap)

License per SD Yes

Mode of operation Extended mode

L2 Local Switching on SD Yes

L2 Multicast egress replication on Yes SD L3 Multicast Yes Junos Telemetry Motivaton • Provide analytical insight • Resource utilization • Loss and Delay measurements • Queue Depth • Ensure high scale • Push versus Pull model • Thousands of monitoring objects • Sub-second resolution • Google RPC Streaming or UDP in Google Proto Buffers (GPB) Format • Enable New Applications • Dynamic Resource Provisioning • Router Resource Pooling • PCE Controller (SDN)

Router Telemetry Framework Overview

Routing Engine

Sensor Configuration: NETCONF, CLI Telemetry manager

Application RPD, Other daemons Data Queries Provision Sensors Line Card N

Query Engine In-band telemetry Line CarduKernel 1 information

uKernelPFE

PFE PFE Collector

Database PFE

Juniper or a 3rd party collector Network Element JUNOS Router Telemetry Integration Options

Performance Performance Monitoring Analytics Management Management Customer Northstar Application

Visualization / IBM Proviso Other Analytics Cacti Infovista SevOne SPLUNK MRTG VistaInsight PacketDesign

Juniper Data Collection Collector Adapter Potential integration

Data Sources Router

MX PTX Resource Utilization Monitoring Low level utilization down to an individual hardware / software component

Network View* Device View Component View

jfk.r1 jfk.r1: Line Card 2* ord.r1 RE0 sea.r1 RE1 Lookup Engine Util (co-processor Line Card 0 breakdown) PFE 0 Line Card 1 jfk.r1 Line Card 2 sfo.r1 NPU Memory (with application breakdown) den.r1

Contro l Plane CPU Memory (with application breakdown)

* Sample integration into the fault / performance management system ** Sample screenshots from Cacti (cacti.net) shown Network Congestion Reporting Leveraging Interface Queue Depth High Watermark Statistics for core

Network View* Interface View

sfo.r1 : et-1/0/0** ord.r1 sea.r1

jfk.r1

sfo.r1 den.r1 Interface Queue Depth High Watermark over Time

How to use this data? Troubleshoot SLA violations, identify maximum latency bound for SLA contracts, plan and provision new links.

* Sample integration into the fault / performance management system ** Sample screenshots from Cacti (cacti.net) shown User to Network Interface Congestion Reporting Leveraging Interface Queue Depth High Watermark Statistics for edge

Sample Enterprise Portal

Enterprise VPN Sites Selected Site: London, UK

•Denver, CO •Los Angeles, CA 3 microburst events detected •London, UK over last minute, •Rome, Italy suggest a capacity upgrade •Tokyo, Japan

Interface Queue Depth over Time

With typical 5 minute averaging, the interface may look underutilized, still microbursts occur and performance degrades Enabling Aggressive Burstable Billing*

Burstable Billing Description

Customers are charged based on the peak traffic consumption ignoring top X percent peaks (X is typically 5%) Customer is charged based on this rate Each peak is computed as an average rate over sampling interval (typically 5 minutes)

Router must support 5 minute interface statistics export, otherwise there will be commercial impact

Commercial requirement quickly becomes a technical challenge both on network element and collector sides when the number of logical interfaces reaches thousands per network element or hundreds of thousands per network

*For more information: https://en.wikipedia.org/wiki/Burstable_billing Real Time Telemetry for PCE* Controller

Problem Statement Topology (via BGP-LS) LSP Events • Controller computes paths in LSP Statistics real time Interface Statistics • Need to quickly detect Northstar network changes and react PCE • Existing telemetry export Controller mechanisms have limited Optimized paths applicability for centralized controller applications (delays and scaling constraints)

Solution

• Network Element reports LSP Events in a structured format • Network Element provides nearly real-time LSP and Interface statistics

*Path Computation Element Thank you

#JuniperIDEAS