Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Contrail SD-LAN Overview

 
Summary

This chapter briefly describes the Contrail SD-LAN solution, the different SD-LAN use cases and the workflow to implement these use cases.

Software-Defined LAN (SD-LAN) uses software-defined networking (SDN) and network function virtualization (NFV) in the access layer of an enterprise network. The access layer comprises devices(for example: LAN switches and wireless LAN (WLAN) access points) which enable end-user devices (for example: laptops) to connect to enterprise networks.

The SD-LAN concept provides a network-wide, policy-based approach to the management of devices in the LAN A controller assigns policies to all the devices in the access layer of the enterprise network. This reduces the provisioning time and centralizes the management of the enterprise network. The controller also continuously monitors the devices and uses policies to enable the devices to react to specific conditions.

By using SD-LAN, you have greater control of the enterprise network down to the application layer and have deeper insight into the networks performance and use.

Juniper Networks’ Contrail SD-LAN uses Contrail Service Orchestration (CSO) to deploy, manage and monitor remote LAN devices. By using CSO as the controller to manage the EX Series switches, network administrators can monitor LANs and WLAN access points from remote locations.

By using the Contrail SD-LAN solution, you can easily provision switches to manage LANs, configure LAN virtualization, and apply security policies in the same way that you operate your SD-WAN environments. This automated functionality simplifies operations to reduce costs and leverage the WAN and LAN network for connected security.

Contrail SD-LAN implementation in Branch and Campus Networks

Figure 1 shows an example of the implementation of the Contrail SD-LAN solution by using CSO. The branch network has an EX switch behind a CPE or a next-generation firewall. A Mist access point is connected to the switch for wireless connectivity. The EX switch can be an EX Series Virtual Chassis or a physical standalone switch.

The campus network has multiple distribution switches connected to an SRX Series device that acts as an Internet gateway. The distribution switches are connected to access switches.

The branch and the campus networks are connected to each other through the Internet, mobile (LTE), or MPLS paths.

CSO manages the following:

  • CPE, firewall, switches, and the Internet gateway

  • SD-WAN connections between the branch and the campus network

  • Connections between the switch and the attached devices (CPE, firewall, and Internet gateway)

You can use MIST portal to manage the access points and wireless LAN within the branch and campus network.

Figure 1: Contrail SD-LAN Implementation
Contrail SD-LAN Implementation