Apstra Server Requirements/References

Hypervisors

The Apstra server can be deployed on the following hypervisors:

VMware ESXi
Supported versions - 6.7, 6.5, 6.0, 5.5
QEMU / KVM for Ubuntu
Supported versions - 18.04 LTS
Microsoft Hyper-V
Supported version - Windows Server 2016 Datacenter Edition
Oracle VirtualBox / VMware Workstation
For lab / evaluation purposes only

Apstra Server VM Resources

The required VM resources for the Apstra server may be greater than the recommendations below. Requirements are based on the size of the network (blueprint), the scaling of off-box agents and the use of Intent Based Analytics (IBA). If one VM is insufficient for your needs, you can increase resources by clustering several VMs.

Resource Recommendation
Memory 64 GB RAM + 300 MB per installed off-box agent*
CPU 8 vCPU
Disk 80 GB
Network 1 network adapter, initially configured with DHCP

Note

* Off-box agent memory usage is dependent on the number of IBA collectors enabled. Apstra recommends using the web interface AOS Cluster feature to monitor off-box container memory usage (e.g. aos-offbox-172_20_88_11-f). Additional AOS cluster worker nodes can be added to scale off-box agent capacity.

_images/cluster_330.png

Important

Although, an Apstra server VM might run with fewer resources than specified above, depending on the size of the network, CPU and RAM allocations may be insufficient. In this case, the system encounters errors or a critical “segmentation fault” (core dump). If this happens, delete the VM and redeploy it with additional resources.

Network Security Protocols

Open ports and services that run on the Apstra server are listed in the table below. A running iptables instance ensures that network traffic to and from the Apstra server is restricted to the services listed.

Apstra Server Network Protocol Requirements
Source Destination Protocol Description
User workstation Apstra Server tcp/22 (ssh) CLI access to the server
User workstation Apstra Server tcp/80 (http) Redirects to tcp/443 (https)
User workstation Apstra Server tcp/443 (https) Web UI and REST API
Network Device for device agents Apstra Server tcp/80 (http) Redirects to tcp/443 (https)
Network Device or Off-box Agent Apstra Server tcp/443 (https) Device agent installation and upgrade, Rest API
Network Device or Off-box Agent Apstra Server tcp/29730-29739 Agent binary protocol (Sysdb)
ZTP Server Apstra Server tcp/443 (https) Rest API for Device System Agent Install
Apstra Server Network Devices tcp/22 (ssh) Device agent installation and upgrade
Off-box Agent Network Devices tcp/443 (https) tcp/9443 (nxapi) tcp/830 (for Junos) Management from Off-box Agent

Other Network Protocols

The network protocols in the table below are not required for Apstra server functionality, but they may be required for network device configuration and discovery, and for direct access to devices.

Other Network Protocols
Source Destination Protocol Description
Administrator Network Device tcp/22 (ssh) Device management from Administrator
Network Device DNS Server udp/53 (dns) DNS Discovery for Apstra server IP (if applicable)
Network Device DHCP Server udp/67-68 (dhcp) DHCP for automatic management IP (if applicable)
    (icmp type 0, type 8 for echo and response) As necessary for network troubleshooting. Not required for the Apstra server.

Network Client Services

Use and configuration of the Apstra server determine the number of network client services that must be enabled.

Apstra Server Network Client Services
Source Destination Protocol Description
Apstra Server DNS Server udp/53 (dns) Server DNS Client
Apstra Server LDAP Server tcp/389 (ldap) tcp/636 (ldaps) Apstra Server LDAP Client (if configured)
Apstra Server TACACS+ Server tcp/udp/49 (tacacs) Apstra Server TACACS+ Client (if configured)
Apstra Server RADIUS Server tcp/udp/1812 (radius) Apstra Server RADIUS Client (if configured)
Apstra Server Syslog Server udp/514 (syslog) Apstra Server Syslog Client (if configured)