Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

New and Changed Features

The features listed in this section are new or changed as of Contrail Release 1908. A brief description of each new feature is included.

Configure Storm Control on Interfaces

Starting with Contrail Networking Release 1908, when Contrail manages a datacenter fabric, you can configure storm control on the access logical interfaces of a datacenter fabric managed by Contrail.

A traffic storm is generated when messages are broadcast on a network and each message prompts a receiving node to respond by broadcasting its own copy of the messages on the network. This, in turn, prompts further replications, creating a snowball effect. The network is suddenly flooded with packets, creating unnecessary traffic that leads to poor network performance or even a complete loss of network service. Storm control enables the switch to monitor traffic levels and to drop broadcast, multicast, and unknown unicast packets when a specified traffic level—called the storm control level—is exceeded, thus preventing packets from proliferating and degrading the LAN. As an alternative to having the switch drop packets, you can configure it to shut down interfaces or temporarily disable interfaces when the storm control level is exceeded.

To enable storm control on an interface, you must first create a storm control profile, and then attach it to a port profile. You can then apply the port profile to an interface or a virtual port group (VPG). In a greenfield deployment with enterprise style configuration, you can configure storm control on a device after Contrail command is set up and all devices discovered. You can create port profiles and storm control profiles from the Overlay > Port Profiles page.

Storm control profile feature is supported only on QFX5000 and QFX10000 series devices.

For more information, see Configure Storm Control on Interfaces.

Support for Port Profiles

Starting with Contrail Networking Release 1908, you can define port profiles for the interfaces on a datacenter fabric. A port profile functions like a container that can support multiple port-related configurations, and allows you to apply those configuration by attaching them to the port profile. You can then apply the port profile on an interface or a virtual port group. In Contrail Networking Release 1908, you can attach only storm control profiles to port profiles.

To delete a port profile, you must first detach the port profile from the virtual port group or the instance.

For more information, see Configure Storm Control on Interfaces.

Support for Enterprise Style Configuration for QFX Devices During Fabric Creation

Contrail Release 1908 enables you to select enterprise style of configuration for the CRB-Access role on QFX Series switches.

With the enterprise style of configuration, any VLAN being provisioned in an EVPN VXLAN fabric maps to a Virtual Extensible LAN Network Identifier (VNI) in a 1:1 ratio. For more information, see Configuring EVPN VXLAN Fabric with Multitenant Networking Services.

You can select the VLAN-ID Fabric Wide Significance check box in the Infrastructure > Fabrics > Create > New Fabric > Provision and Infrastructure > Fabrics > Create > Existing Fabric > Provision pages to enable enterprise style of configuration. De-select the check box to enable service provider style of configuration. The check box is selected by default since enterprise style is the default setting. Once configured, you can modify the enterprise style setting to service provider style of configuration. However, you cannot modify the service provider style to enterprise style of configuration without having to recreate the fabric.

For more information, see Create a Fabric.

Support for 4 Byte AS Number in Contrail Release 1908

Contrail 1908 supports 4-byte or 32-bit Autonomous System (AS) numbers in BGP as specified in RFC 6793. The provision for 4-byte AS numbers is introduced to avoid exhaustion of AS numbers. You can now set an AS number in the range 1-4294967295. The default AS number is 64512.

To start using AS value in the 4-byte range:

  1. Navigate to Infrastructure > Cluster> Advanced Options page.

    The Global Config tab is displayed, which lists all system configuration information.

  2. Click the Edit icon.

    The Edit System Configuration dialog box is displayed.

  3. Select Enabled option button under 4 Byte ASN field.

    To disable 4-byte ASN range, select Disabled.

    You can now assign 2-byte or 16-bit AS number in the range 1-65535.

To assign 4-byte value in Route Target(s) field:

  1. Navigate to Overlay > Virtual Networks > Edit Virtual Network page to edit existing virtual network.

    Navigate to Overlay > Virtual Networks > Create Virtual Network page to create a new virtual network.

  2. Click Routing, Bridging and Policies.

    Route Target(s) field is displayed. Click +Add.

    In Route Target(s) section, you can now assign a 4-byte value in the range of 1-4,294,967,295 in the ASN field, when 4 Byte ASN is enabled in Global Config. If you assign the ASN field a 4-byte value, you must assign a 2-byte value in the range of 0-65,535 in theTarget field. You can also assign a 2-byte value in the range of 1-65,535 in the ASN field, when 4 Byte ASN is disabled in Global Config. If you assign the ASN field a 2-byte value, you must assign a 4-byte value in the range of 0-4,294,967,295 in the Target field.

    You can also add suffix L or l (lower-case L) at the end of a value in the ASN field to assign the value in 4-byte range. Even if the value provided in the ASN field is in the range of 1-65,535, adding L or l (lower-case L) at the end of the value assigns it in 4-byte range. If you assign the ASN field a value in the 4-byte range, you must enter a value in the range of 0-65,535 in the Target field .

Encryption Support for Redis Traffic

Contrail Release 1908 supports an SSL encrypted tunneling program called stunnel to secure Redis traffic. The stunnel is used to route traffic between Redis clients and servers. SSL encryption in the stunnel acts as a layer of security when Contrail analytics client processes connect to a Redis instance server. In releases prior to Contrail Release 1908, connection requests sent from contrail-analytics clients to Redis server sometimes posed security threats since Redis did not support encryption. The stunnel feature is supported in Contrail Release 1908 only when Contrail is deployed with Red Hat OpenStack Platform (RHOSP).

Support for Contrail Networking Deployment with Kubernetes Using Juju Charms

Starting in Contrail Release 1908, you can deploy Contrail Networking with Kubernetes by using Juju Charms. Juju helps you deploy, configure, and efficiently manage applications on private clouds and public clouds. A Charm is a module containing a collection of scripts and metadata and is used with Juju to deploy Contrail. Juju Charms helps reduce the complexity of deploying Contrail Networking by providing a simple way to deploy, configure, scale, and manage Contrail operations.Starting with Release 1908, Contrail Networking supports the following charms:

  • contrail-kubernetes-master

  • contrail-kubernetes-node

For more information, see Installing Contrail with Kubernetes by Using Juju Charms.

Support for Adding DHCP Server Information

Starting in Contrail Release 1908, tenant administrators can define a set of DHCP server IP addresses while configuring virtual networks and logical routers on a multi-tenant data center fabric. In earlier releases, a Contrail services node (CSN) is used to provide DHCP and Domain Name System (DNS) services to bare metal servers. With Contrail Release 1908, you can directly add DHCP server information by adding the server IP address in the Overlay > Logical Router > Create Logical Router page of the Contrail Command user interface (UI). However, Contrail Networking does not support the use of a DHCP server and a CSN at the same time. When you use a DHCP server, you must not provision a CSN and must remove existing CSNs.

For more information, see Adding DHCP Server Information.

Support for Device Image Upgrade after RMA

Starting with Contrail Release 1908, Contrail Networking supports device image upgrade after the Return Material Authorization (RMA) process. Contrail Release 1907 supported Return Material Authorization (RMA). With Contrail Release 1908, after you replace a device in RMA state with a new device, the new device is upgraded to the device image version specified during the initial ZTP onboarding process.

For more information on RMA, see the Return Material Authorization topic.

For more information on ZTP onboarding process, see the Provisioning Option - New Fabric section of the Create a Fabric topic.

Support for Netronome SmartNIC vRouter

Contrail Networking Release 1908 supports Netronome Agilio CX for Contrail Networking deployment with Red Hat OpenStack Platform Director (RHOSPd) 13 environment. This feature will enable increased packets per second (PPS) capacity of Contrail vRouter datapath allowing applications to reach their full processing capacity. Additionally, it allows to reclaim CPU cores from Contrail vRouter off-loading permitting more VMs and VNFs to be deployed per server.

For more information, see Using Netronome SmartNIC vRouter with Contrail Networking.