Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Understanding SDN Properties in the Cloud CPE Selfcare Application for MX Series Routers

    This topic describes the SDN properties in the cCPE Selfcare Portal.

    cCPE Selfcare Application enables you to configure Contrail-based virtual CPE services, which are hosted in your cloud computing environment, by defining SDN properties in the Selfcare Portal. cCPE Selfcare Application supports two types of SDN properties—specifically defined properties and global properties. Specifically defined properties apply only to a specific virtual service, customer, access link, or site. Global SDN properties apply to all virtual services, customers, access links, sites, and services. Unless you specifically define an SDN property value, cCPE Selfcare Application always uses the global SDN property value. Specifically defined SDN property values overwrite the value of the global SDN property only for the specified virtual service, customer, access link, or site.

    When you enable a virtual service in the Selfcare Portal, cCPE Selfcare Application and Contrail exchange SDN property values. During this exchange, any SDN property values defined in braces { } in the Selfcare Portal, are replaced with the value defined in Contrail. Contrail then communicates with OpenStack, which instantiates the virtual service. cCPE Selfcare Application does not directly manipulate the VM instances through OpenStack; everything is mediated through the Contrail system.

    SDN property values that include a –name entry are a special case. By default, if Contrail contains a value for the -name entry, cCPE Selfcare Application uses the Contrail value and does not change it. For example, if you set the property left-network-name to a value of {customer-name}-left and the customer name in Contrail is set to ExampleABC, the resulting property value is a unique name of ExampleABC-left.

    Best Practice: We recommend that you always set –name property values to {customer-name}-property.

    Because cCPE customers can change the names of their sites and access links, there are no equivalent SDN properties for these fields in the Selfcare Portal. Instead, cCPE Selfcare Application uses the properties site-id and access-link-id because the values for these properties do not change unless you specifically change them. SDN property values are not configurable by cCPE customers.

    SDN Properties

    Table 1 describes the SDN properties supported in the Selfcare Portal.

    Table 1: SDN Properties

    SDN Property Name

    Action

    Customer Properties

    customer-id

    Specifies a unique customer identifier.

    Note: cCPE Selfcare Application automatically generates the value of this property from its database.

    customer-name

    Specifies a unique customer name.

    Note: cCPE Selfcare Application automatically generates the value of this property from its database.

    left-ipam-name

    Specify the IP address management (IPAM) name associated with the left (customer facing) virtual network.

    Default: {customer-name}-left-ipam

    left-network-name

    Specify the left virtual network name you want associated with the service instance.

    The left network is typically the cCPE customer’s private network.

    We recommend setting this property to: {customer-name}-left.

    left-route-target

    Specify the left network route target exchanged with Contrail during the creation of the service instance.

    Format: target:asn:number or target:IP-address:number.

    Note: You must include the target prefix.

    management-ipam-name

    Specify the IPAM name associated with the management virtual network. There is no default value.

    management-network-name

    Specify the management virtual network name you want associated with the service instance.

    We recommend setting this property to: {customer-name}-mgmt.

    management-route-target

    Specify the management network route target exchanged with Contrail during the creation of the service instance.

    Format: target:asn:number or target:IP-address:number.

    Note: You must include the target prefix.

    right-ipam-name

    Specify the IPAM name associated with the right virtual network. Default: Public

    right-network-name

    Specify the right virtual network name you want associated with the service instance.

    The right network is typically the Internet. We recommend setting this property to: Public.

    right-route-target

    Specify the right network route target exchanged with Contrail during the creation of the service instance.

    Format: target:asn:number or target:IP-address:number.

    Note: You must include the target prefix.

    Site Properties

    site-id

    Specifies the site identifier.

    Note: cCPE Selfcare Application automatically generates the value of this property from its database.

    Access Link Properties

    access-link-id

    Specifies a unique identifier for the customer access link.

    Note: cCPE Selfcare Application automatically generates the value of this property from its database.

    access-link-routing-instance

    Specifies the routing instance on the MX Series router used for the access link.

    Note: cCPE Selfcare Application automatically generates the value of this property from its database.

    access-link-device-name

    Specifies the name of the router name on which the access link resides.

    Note: cCPE Selfcare Application automatically generates the value of this property from its database.

    left-ipam-subnet-gateway

    Specify the IP address of the default gateway for the left network subnet. This is usually the router IP address.

    left-ipam-subnet-prefix

    Specify the IP address of the subnet prefix for the left network, usually the customer’s access link.

    left-ipam-subnet-prefix-len

    Specify the prefix length of the subnet for the left network (usually the customer access link) in Classless Interdomain Routing (CIDR) notation. For example, 24.

    management-ipam-subnet-gateway

    Specify the IPAM subnet gateway for the management network.

    management-ipam-subnet-prefix

    Specify the IPAM subnet prefix for the management network.

    management-ipam-subnet-prefix-len

    Specify the IPAM subnet prefix length for the management network.

    right-ipam-subnet-gateway

    Specify the IPAM subnet gateway for the right network.

    right-ipam-subnet-prefix

    Specify the IPAM subnet prefix for the right network.

    right-ipam-subnet-prefix-len

    Specify the IPAM subnet prefix length for the right network.

    SDN Target Properties

    password

    Specifies the password for accessing Contrail/OpenStack. RESTful API calls to cCPE Selfcare Application must use this password and it must match the Contrail/OpenStack Web UI credentials. cCPE Selfcare Application uses this value to retrieve the keys for the Keystone identity service used by OpenStack for authentication.

    Note: cCPE Selfcare Application automatically generates the value of this property from its database.

    username

    Specifies the username for accessing Contrail/OpenStack. RESTful API calls to cCPE Selfcare Application must use this username and it must match the Contrail/OpenStack Web UI credentials. cCPE Selfcare Application uses this value to retrieve the keys for the Keystone identity service used by OpenStack for authentication.

    Note: cCPE Selfcare Application automatically generates the value of this property from its database.

    New Service Definition Properties

    network-policy-action

    Specify the network policy action.

    network-policy-direction

    Specify the direction of traffic to match the rule. For example, to traffic moving in and out, or only to traffic moving in one direction.

    This property value must match the Direction parameter specified in the Contrail policy.

    • < — Specifies only the left network (unidirectional). You typically set the value for the left network to match the customer’s private network.
    • > — Specifies only the right network (unidirectional). This is typically the service provider network or Internet. You typically set the value for the right network to Public for Internet access.
    • <> — Specifies both the left and right networks (bidirectional).

    Default: <>

    network-policy-name

    Specify the network policy name.

    Default: {customer-name}-policy

    network-policy-protocol

    Specify the network policy protocol.

    Default: any

    scripting-namespace

    Specify the namespace prefixed for scripting.

    This property is for future use.

    service-display-name

    Specify the name the Selfcare Portal displays for the virtual service.

    service-display-tooltip

    (Optional) Specify the text the Selfcare Portal displays when you hover over the check box for the virtual service on the Service Management page.

    target-name

    Specify the name of the SDN target. This is typically a Contrail system.

    The property value must match the SDN target name defined in Adding the Contrail Node as the SDN Target.

    Tenant Properties

    project-fqname

    Specify the fully qualified name associated with the Contrail Project.

    Set the value of this property to match the name of the Control Project that handling the virtual networks and services.

    The default value is: default-domain:demo. This is the Contrail default project.

    • To use one domain per project with multiple Contrail projects, set the value of this property to: default-domain:{customer-name}
    • To use multiple domains with overlapping Contrail projects, set the value of this property to: {customer-name}:Project
    • To use a different Contrail project for each site, set the value of this property to: {customer-name}:Project-{site-id}

      Note: cCPE Selfcare Application does not create Contrail projects. You must configure projects in Contrail prior to specify the value for the FQDN of Service Template property.

    Service Instance Properties

    service-name

    Specify the service instance name.

    Default: {template-name}

    Best Practice: If you expect multiple customers to enable the same service, we recommend you set the service-name value to: {customer-name}-{site-id}-{template-name}; otherwise, Contrail does not enable more than one service instance.

    Note: You must define values for all management- properties in the Selfcare Portal or you must define these parameter values in Contrail.

    Caution: Do not delete any SDN properties. If you do, your virtual service may not launch properly.

    Specifying Unique SDN Property Values for Virtual Services, Customers, Access Links, or Sites

    You can specify unique values for SDN properties associated with a particular virtual service, customer, access link, or site. Any specifically defined property values override the global property value and apply only to the specific service, customer, access link, or site.

    To define specific values to a SDN property, navigate to the respective customer, access link, or site page in the Selfcare Portal and modify the SDN property values from the Properties dialog box on that page.

    For example, to specify unique properties to be used for a certain access link, navigate to Administration > Customer Management > Add Access Link. The Add Access Link page is displayed, an example of which is shown in Figure 1.

    From the Add Access Link page, you can select an SDN property and specify the value for it by selecting the Value field.

    To add a new property for this access link, select the Add (+) icon. The Add Property dialog box is displayed, an example of which is shown in Figure 2.

    Figure 2: Example - Add Property Dialog Box

    Example - Add Property Dialog
Box

    From the list of properties, select the name of the property you want to add, then select Add to add the property to the list properties shown on the Add Access Link page. Select the property from the list of properties and specify the value for the property in the Value field. Then, select Create to apply the property values.

    Note: Remember, if you do not specify specific values for SDN properties, cCPE Selfcare Application always uses the global SDN property value and your virtual services may not instantiate properly.

    SDN Property Evaluation

    When you enable a virtual service in the Selfcare Portal, cCPE Selfcare Application and Contrail exchange SDN property values, during this exchange, several things occur:

    • cCPE Selfcare Application evaluates all SDN property values in a specific order.
    • Any SDN property values defined in braces { } in the Selfcare Portal are replaced with the value predefined in Contrail.
    • Contrail then communicates with OpenStack, which instantiates the virtual service.

    cCPE Selfcare Application evaluates SDN properties in the following order:

    1. Target properties—Includes the username and password credentials for Contrail/OpenStack.
    2. Tenant properties—Includes properties associated with Contrail tenants, such as the fully qualified name of the Contrail Project.
    3. Customer properties—Includes customer-specific properties. For example, customer left, right, and management network names.
    4. Site properties—Includes site-specific properties. For example, site-id.
    5. Access link properties—Includes access link-specific properties. For example, the routing instance associated with the access link and subnet information.
    6. Service definition properties—Includes service-specific properties. For example, the virtual service name the Selfcare Portal displays and the policies associated with the service.
    7. Service instance properties—Includes properties that uniquely identify the service instance.

    Note: During the SDN property exchange, cCPE Selfcare Application first evaluates the value of the global property. It then checks whether the property has a specifically defined value. Specifically defined property values always override global property values.

    In addition, during the property exchange process, any SDN property values defined in braces { } in the Selfcare Portal are replaced with the property value defined in Contrail.

    The following two examples show how the property evaluation process works.

    In Example 1, the final value of property1 is XXX123 because the value of property1 is overwritten with the value of {property2} based on the last line.

    Example 1:

    Global Customer property1 = value1Global Customer property2 = XXX123Specific Customer property1 = value2Global Site property1 = value3Specific Site property1 = value4Specific Service Definition property1 = {property2}

    In Example 2, the final value of property1 is value4. Property1 is overwritten until Specific Site property1 is evaluated and, because value4 is not in braces, the value is not replaced.

    Example 2:

    Global Customer property1 = value1Global Customer property2 = XXX123Specific Customer property1 = value2Global Site property1 = {property2}Specific Site property1 = value4

    Evaluating SDN Property Values for Sites with Multiple Access Links

    When you enable a virtual service in the Selfcare Portal, cCPE Selfcare Application and Contrail exchange their SDN property values. cCPE Selfcare Application contains the customer information and the SDN service definition properties for the enabled virtual service. cCPE Selfcare Application generates a list of access links for that customer, including site and access link names.

    By default, cCPE Selfcare Application attempts to enable the desired service per-routing instance, not per-access link. Therefore, if two access links share the same routing instance on the router, cCPE Selfcare Application only collects properties from one access link.

    Modified: 2015-11-09