Juniper Takes Contrail SDN Controller Open Source

Enterprise Networking Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

After months of development, Juniper Networks is officially making its Contrail Software Defined Networking (SDN) solution available.

Juniper acquired Contrail in December of 2012 for $176 million and has been talking about how the technology would form the cornerstone of its SDN efforts ever since.

Until today, however, Juniper kept at least one key attribute of the SDN controller under wraps. Juniper has decided to make the Contrail controller a freely available open source technology under the Apache 2.0 license.

“While of course we’ll also be offering a commercial product, putting all of the support resources of Juniper behind that commercial product, having this controller available as open source is very, very important to many of our customers,” Bob Muglia, EVP of Juniper’s Software Solutions division, told Enterprise Networking Planet.

Muglia stressed that Juniper is open sourcing the entire Contrail controller. As to why Juniper decided to open source Contrail, a key part of the decision was the need for easy integration with the increasingly popular open source OpenStack cloud platform. Juniper belongs to the OpenStack Foundation, as do many of the world’s leading IT vendors, including IBM, HP, Dell, and even rival networking vendor Cisco.

“With the rest of the OpenStack ecosystem being open source, it’s not realistic to believe that network virtualization could be the only closed source component in OpenStack,” Muglia said. “We also believe that our commercial product will be very attractive to customers, and they will choose the commercial version because they look to Juniper for support.”

Juniper’s open source Contrail SDN controller will now in some respects compete against the open source Floodlight controller backed by SDN vendor Big Switch. Muglia noted that Juniper does partner with Big Switch as well, but he sees fundamental differences between what Big Switch offers and what Juniper delivers with Contrail. Big Switch recently announced a re-positioning of its SDN strategy to meet the reality of market needs.

SDN Services

Juniper will make a number of specific application features available to complement the Contrail SDN controller. Among them is the “Firefly” technology, which will provide a virtualized firewall for SDN deployment.

“We have taken the features and functionality of our SRX product and we’re providing it as a virtualized image that can run on an x86 system,” Muglia said. “Almost all of the scenarios we have talked with customers about for SDN involve security, and Firefly is playing a very significant role in many of our customer solutions.”

Unlike the Contrail controller, Firefly is not yet generally available. Muglia noted that it is currently in limited availability, with full product rollout expected later this calendar year.

VMware NSX

The Contrail controller is a software-only solution powered by a Linux operating system at the core. Available as a virtual appliance, the Contrail solution will run on open source Xen or KVM hypervisors. Contrail will not run on the widely deployed VMware ESX virtualization hypervisor, though.

“If you look at VMware’s ESX, they have provided a solution, but they are not opening up the interfaces that would allow us to plug in and replace their NSX solution,” Muglia said.

VMware recently announced its NSX network virtualization solution, which Juniper will support with other elements of its portfolio. For example, Juniper’s EX switches are interoperable with NSX.

“Contrail cannot work in a VMware environment,” Muglia said.

From a technical perspective, with both the Xen and KVM hypervisors, there are public open source interfaces for their respective virtual switch implementations. Juniper will run its own mini-router and needs to be able to access the switch interfaces. Muglia said that those interfaces for VMware ESX are not publicly published or open.

From a competitive perspective, Muglia said that customers make their decisions first and foremost based on the server orchestration system they want to run. For customers that want to run OpenStack-based environments, Muglia sees Contrail as the right choice. That said, if a customer has chosen VMware as its orchestration vendor, he assumes that NSX will be the network virtualization solution they choose.


Juniper also participates in the open source OpenDaylight SDN effort, which in some respects will also be competitive with both Contrail as well as VMware’s NSX.

“We’re actively engaged in OpenDaylight,” Muglia said. “The big contrast is that Contrail is production-ready and is something that customers can deploy now, while OpenDaylight is still a project that is being developed.”

OpenDaylight is currently on track to issue its first major release, dubbed “Hydrogen,” later this year. Muglia noted that as OpenDaylight evolves, Juniper will continue to contribute ideas and technology to the effort, as well as incorporate OpenDaylight into its own offerings.

What’s Next?

With Contrail now generally available, Muglia stressed that the his company is now focused on deployments.

“As we work with our customers on deployments, we’ll learn a lot, and the product will advance,” Muglia said.

Sean Michael Kerner is a senior editor at Enterprise Networking Planet and Follow him on Twitter @TechJournalist.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles

Follow Us On Social Media

Explore More