Help Center User GuideGetting StartedFAQsRelease Notes
User Guide
Getting Started
Release Notes


Juniper Networks Contrail Service Orchestration (CSO) transforms traditional branch networks, offering opportunities for high flexibility of the network, rapid introduction of new services, automation of network administration, and cost savings. The solution supports both Juniper Networks and third-party virtualized network functions (VNFs) that network providers use to create network services.

CSO Release 4.1.0 is a secure software-defined WAN (SD-WAN) solution that builds on the existing capabilities of CSO and the Cloud CPE solution. The following are the highlights of the features available in Release 4.1.0:

CSO can be implemented by service providers to offer network services to their customers or by Enterprise IT departments in a campus and branch environment. In these release notes, service providers and Enterprise IT departments are called service providers, and the consumers of their services are called customers.

The solution offers the following deployment models:

CSO can be deployed in three deployment types—small, medium, or large. Table 1 shows the number of sites and VNFs supported for each environment.

Table 1: Number of Sites and VNFs Supported

Deployment Type

Number of VNFs Supported for a Centralized Deployment

Number of Sites and VNFs Supported for a Distributed Deployment

Number of Sites Supported for a Hub and Spoke SD-WAN Deployment



10 VNFs

Up to 500, 2 VNFs per site

Up to 500


100 VNFs, 20 VNFs per Contrail compute node

Up to 3500, 2 VNFs per site

Up to 3500


500 VNFs, 20 VNFs per Contrail compute node

Up to 6000, 2 VNFs per site

Up to 6000

The following table provides the number of sites and tunnels supported by full-mesh deployments:

Table 2: Number of Sites, Tenants, and Tunnels Supported for a Full-Mesh SD-WAN Deployment



Number of full-mesh DVPN tunnels supported per tenant


Number of full-mesh DVPN tunnels supported across a CSO installation


Number of full-mesh tenants qualified across a CSO installation

200 tenants with 10 sites per tenant

Number of full-mesh sites qualified for a given tenant

250 sites

Maximum number of events per second that can be processed by SD-WAN log processing


Number of tunnels supported on NFX250

600 tunnels

Number of tunnels supported on SRX4100 and SRX 4200

1500 tunnels

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      

Additional Comments

800 characters remaining

May we contact you if necessary?


Need product assistance? Contact Juniper Support