Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Requirements for Deploying cSRX Container Firewall on a Bare-Metal Linux Server

This section presents an overview of requirements for deploying a cSRX Container Firewall container on a bare-metal Linux server:

Host Requirements

Table 1 lists the Linux host requirement specifications for deploying a cSRX Container Firewall container on a bare-metal Linux server.

Note:

The cSRX Container Firewall can run either on a physical server or virtual machine. For scalability and availability reasons, we recommended using a physical server to deploy the cSRX Container Firewall container.
Table 1: Host Requirement Specifications for cSRX Container Firewall

Component

Specification

Release Introduced

Linux OS support

CentOS 6.5 or later

Junos OS Release 18.1R1

Red Hat Enterprise Linux (RHEL) 7.0 or later

  

Ubuntu 14.04.2 or later

  

Docker Engine

Docker Engine 1.9 or later installed on a Linux host

  

Contrail Cloud Platform

Contrail 3.2 with OpenStack Liberty or OpenStack Mitaka

  

vCPUs

2 CPU cores

  

Memory

4 GB

  

Disk space

40 GB hard drive

  

Host processor type

x86_64 multicore CPU

  

Network interface

1 Ethernet port (minimum)

  

cSRX Container Firewall Basic Configuration Settings

The cSRX Container Firewall container requires the following basic configuration settings:

  • Interfaces must be assigned IP addresses.

  • Policies must be configured between zones to permit or deny traffic.

Interface Naming and Mapping

A cSRX Container Firewall container supports 17 interfaces:

  • 1 Out-of-band management Interface (eth0)

  • 16 In-band interfaces (ge-0/0/0 to ge-0/0/15).

Table 2 lists the cSRX Container Firewall interface assignments with Docker.

Table 2: cSRX Container Firewall Interface Assignment

InterfaceNumber

cSRX Container Firewall Interfaces

Docker Interfaces

1

eth0

eth0

2

ge-0/0/0

eth1

3

ge-0/0/1

eth2

4

ge-0/0/2

eth3

6

ge-0/0/4

eth5

7

ge-0/0/5

eth6

8

ge-0/0/6

eth7

9

ge-0/0/7

eth8

10

ge-0/0/8

eth9

11

ge-0/0/9

eth10

12

ge-0/0/10

eth11

13

ge-0/0/11

eth12

14

ge-0/0/12

eth13

15

ge-0/0/13

eth14

16

ge-0/0/14

eth15

17

ge-0/0/15

eth16