Dell EMC SD-WAN Solutions Overview and Demo

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
drue shulkie around the product management team here at Dell MC networking and I'm also joined by Tom Osaka who will be kind of tag teaming here with the demo so we'll have a demo in the room so don't have to worry about the over the over the wire stuff but I want to cover our recent announcements in terms of what we're doing in the SD wang space and again similar theme here which is a lot of close collaboration with vmware in terms of bringing together a joint offer into this particular marketplace and i've watched these tech field days in the past i know you've covered SD win and great many times so this isn't like it not a new topic that we're bringing into here but you know just kind of quickly recapping why this is such an interesting space for us at this point in time just about every customer that we talk to it's very rare that we don't come across somebody interested in addressing some of the two main problems that they have with their wide area network one that they've had this you know complex myriad of physical appliances spread all over the earth that they need to manage often on a box by box basis and then to just as traffic is exploding and we're driving more traffic into the public cloud and other SAS applications giving my transport cost in terms of what i'm actually paying every month for those circuits under control is a key point for us and so even we as dell technologies our IT department has been going through this transition right now and the savings as we've been able to move over is is very substantial in the tens of millions of dollars that we've been able to take take on in terms of shifting some of our traffic off of dedicated MPLS circuits and more onto broadband so it's it's an easy conversation to have with customers you know the question to have is hey Delhi and C VMware kind of what's the what's the value what's the better together story here and I'll take you back a little bit in time which is even prior to VMware buying Velo cloud we at Dell EMC we're getting pulled into a lot of conversations around devices at the edge and specifically in the networking business you know we were getting pulled into these conversations around some of the larger telcos and service providers who were interested in pushing out you know multiple network virtual network functions into their customer base and and supporting those as a managed service so we started talking about the hardware requirements with them and putting some products on our roadmap you know x86 boxes with data plant acceleration capabilities multiple you know network connectivity options small form factors cost-effective form factors and then kind of in parallel we see this you know we had VMware by Vela cloud and all sudden there was like this SD when play that was taking advantage of a lot of the civil infrastructure and so what we ended up having is the ability to intercept with some building blocks that we had on the hardware side to power these edge devices with a you know a leading software defined LAN solution coming into VMware and bringing these together you know it's software-defined you know software to find win obviously but there is still this edge device and so what we at Dell EMC prior to that as Dell we've been building a lot of x86 devices for a very long time secure supply chain is a key topic for most most of our customers that we're trying to bring it into space as well and then just our our global footprint so that we can support customers that want to drop these all over the world and every single country and support it on the backend with the service logistics capability and so we're trying to bring that kind of physical reach of the Dell EMC machine combining it with the great story that we have with sd1 and VMware and the combination of those two were very excited about so kind of the divvying up of responsibilities you know we have these appliances they will ship preloaded with the VMware software on them so when I power them up in the remote location it's ready to go it's plug-and-play we maintain our own Orchestrator as Dell EMC the orchestrator is what you go into to interface with everything you want to do in the wide area network you know debug what's going on with this edge device at your policy and so forth and we're bringing that under our control as well because as we look at like a cohesive support experience it's difficult to decouple this thing from that orchestration as I'm looking to go in and troubleshoot what's going on and so we wanted to have that cohesive support on top of that you know the software clearly is from VMware and we're leveraging their OTT network so we're taking advantage of all the virtual cloud gateways that they have put all over the globe literally in terms of the major point of presence all the major public cloud providers and and that's how the the story comes together between the two companies so kind of like quickly hitting on the the three key areas there's the SDU and edge of device these are x86 devices like x86 here at Dell you can see a lot so it's kind of in our wheelhouse to go off and design these comes preloaded with the software we have the orchestrator that we talked about that's again we have our own operations team that'll help get you on boarded and get these devices activated as they deploy out and then VMware provides their own OTT Sdn gateways so that's kind of the Trinity in terms of what we're bringing together here with this offer so kind of any questions on that before we turn it over into the st1 Orchestrator there's no internal self deploy on-site inside of a data center for a customer type model like you have to go into the your cloud essentially for this or did I misunderstand well I you as a customer need to exist in that Orchestrator so I can get you to onboard that device now there's a couple of ways I can do it I can push or I can pull yep so there's there is an option so if I want to you know be if I wanted to be there physically and say okay I want to activate this device only when I want to activate it that's a that's a pull option that you can go off and do as opposed to a push are we talking about the Velo cloud Orchestrator correct nunnery yes and so we've had like a rebrand we've created a deli MC instance of it okay yeah so it's is do both of them end up coexisting or because it's the new thing going forward they coexist so there's still a sales motion I mean VMware will continue to sell the the Velo cloud offering and they've got an active you know go to market on that and winning a lot of business you know has a lot of business but in the telcos with their offerings that continues to exist this is a just another go to market path in terms of a support model that comes with good question okay all right so you know I think this is kind of the setup for the demo so though moussaka is here and we actually have a setup here actually in the room where we've got a wired and an LTE connection yep and so I'm gonna hand it over to you to take us home for the next few minutes on the dental yep thank you drew is I don't mean this would be you or you but yeah you know use a different sales motion yeah just another channel basically for you guys is the code base the same yes though there will be no divergence going forward it's just a different purely different marketing paths yeah correct okay and I think it just in general you know we're we're Delhi MC has think about kind of white space in terms of SD win you know we're we're very deep into the enterprise and in the mid market space where there's still a lot of interest in this so we've got a lot of region touch in that particular area and so that's gonna be a lot of the focus of our go-to-market path as opposed to going into the the telcos and trying to support a managed service offering on it right so what I mean I mean I'm just curious why the decision was made really to have you know those two I mean obviously you want to have I get the whole you know sales side of things you know and having you know kind of all that stuff going on but I mean just to have two different product names feels a little odd I would say yeah you know or a little confusing potentially in the market so that's why I'm curious what why that decision was made to go that direction well I would say there's a great many customers you know that do do the Venn diagram of VMware and Delhi and C and yes there is overlap there's a lot of overlap there's a lot of non overlap in that space yeah where we've got where the trusted advisor and we have that relationship so the ability to have you know our brand and name on that becomes a lot more palatable because we have existing enterprise license agreements and things like that that we can tap into as opposed to trying to you know bring another partner into the story you know conversely they've got you know footprint where we don't so we saw it as very complementary as you know expanding the pie okay all right thank you so yes what we have set up here is Delhi MC 610 appliance so it's connected to the Dell corporate MPLS and you might not be able to see it here but I have a couple of LT modems one is connected via ethernet this is a AT&T 4G LTE and the other one is tethered via USB so this guy has two USB ports on the side to connect wireless LAN so this is just the Verizon 4G LTE modem so in total we'll have three Wang connections alive for the shtetl but we can't support up to eight way interfaces on this device basically just connecting them all to the available ports question yep is there an intent to actually bring in an LTE modem into the box so that's a good question I believe we are going to release if I LTE model yeah yeah it's yeah there are existing of ellicott appliances that have the embedded LTE and our our roadmap on the deli AMC side we have an embedded LTV option as well right yeah I think the LTE is interesting time right now because we're in the transition from 4G to five G so we Kiko we already have an LTE model but that will probably obsolete pretty soon so hence we're gonna have to probably have a next generation model for 5g support so personally I think having the external modem at least during that transition phase makes a little bit more sense so you're not stuck with an obsolete cellular radio but regardless we will be coming out with the model of the edge that it has the LTE radio built in and just as an aside the 610 is the first in a series of a next-generation edge appliances for VMware and all the next-gen hardware regardless of whether it's Dell EMC branded or VMware branded all that will be manufactured by Dell so it's going to be based on the same chipset all manufactured by Dell so there's going to be the Delta UMC branded box which will have the the black chassis and the traditional Velo cloud chassis which are I believe gonna be having the white chassis so basically internally we just say it's the white box or the black box so the black box will be the Dell EMC box real so like to show you really quickly just the end-to-end activation flow for the 610 you may have seen this in earlier demos for Vela but this is the latest GUI interface so everything with respect to provisioning management and troubleshooting will be done through the Vela cloud Orchestrator the VCO the allowed orchestrators as you mentioned will be hosted in data centers and a Douglas instances from the VMware side however we do have a Dell dedicated veil cloud Orchestrator or VCO that is operated by the Dell operation staff and is dedicated for Dell customers in Dell Parker's so there is donation between the Belo cloud orchestrators that DMR might be assigned to as opposed to ones that are purely Adelle and the ones that are for Dell will be supported through Dell tier 1 and tier 2 support so first when you activate the edge obviously you just have to plugged in and have wayne connectivity what we'll do here is we all create a new edge so we just give it a name specify the model so the latest generation of the VCO has support for the 610 and we assign a pre-built profile and as additional layer of security what we can do is we can add a asset tag number for this configuration so by entering the asset tag and this is strictly optional but by entering the asset tag you can prevent somebody from purchasing their own 610 and and plugging in and activating their 610 unauthorized and joining the BSD when using a bogus 610 so unless there's a match with the asset tag and the asset tag on this guy the registration will fail so that's just an additional security measure there the rest of the process is fairly straight straightforward we defined the contact email to send the activation email since we are using multiple line links and some of them are Wireless best practice is to manually define an idea physical address so this will be based on the look up on Google Maps so we see here that and LEM see Santa Clara shows the correct address for this facility so that's pretty much it for provisioning so if you don't specify the physical address the physical location will be based on geo IP lookup but since we have wireless connections as we know to IP look up on wireless LTE may not always be accurate as far as physical location is concerned and that's why we're just entering the physical location manually to override any energy found physical location so that's pretty much it for for provisioning on the back end and the device is going to be activated and the only other thing here is to send that activation email to the on-site technician and site technician we'll do the rest as far as activating the edge device so this email air shows the instructions as far as how to connect and what URL to click to the on-site technician so we're just going to send that to the on-site technician so in the course of probably less than two minutes we were able to provision this guy but if we are to say plug in that guy and provision that we just apply the same profile and configure it so it's very very simple as far as provisioning question on that is there a time frame between that activation code and configurable setting here that says if not activated within the next hour five hours day yep we're not going to allow it yeah so there's a business answer to that and there's also a technical answer to that the technical answer is that activation key I don't know if you see it there ours in a month yep so so if it expires and just regenerate a new one but commercially I believe Dell agreements kick in after two months after 30 days what we're giving so you go this is whether you activate it or not you're paying for anyway so you might as well activate it within that 60-day timeframe so that's what of the that's the commercial answer as far as though the activation timeline so that is as far as I go as far as the the back-end provisioning so now I'm just gonna do a little bit of roleplay and switch hats and act a part of the on-site technician so what the on-site technician needs to do is they need to connect to the SSID the Wi-Fi network that's advertised out of the box by the 610 appliance so by default here let's release it here but bellow cloud - this seven digit string I'm sorry Maya my quarter battery ran ran out so I'm going manual here but basically the seven digit string is it's a dell acid tag and that's basically unique for every single box so you could tell by that asset tag number which which device you're connected to so I'm already connected there so if I'm playing the part of the technician here I just go to my inbox and I see that I've received the edge activation inbox or email I scroll down and I already did the instructions but basically you connect to the SSID and there's a default password that's also defined out of the box you just put that in your SSID to connect to the wireless and then the rest you just click the activation URL and probably a little bit hard to see but you can also use the same activation URL on iphone so if you have the activation URL doesn't have to be a PC it could be basically any Wi-Fi capable device that has a web browser you just click on that so you don't even have to have a PC on site but I'm just gonna do it from the PC because it's a lot easier to see so if you actively if you click on this activation email you'll see here it's automatically going to detect the internet status so we have three connections whichever one is detected first it's going to be used for the activation all the other information is automatically populated with the activation email and once it's activated you also see that if we defined a Wi-Fi SSID that Wi-Fi a society that's going to be used for production is also displayed on the activation notification so this tells us that activation was successful you look at the box here this guy is going to LEDs going to turn red and then it's going to turn bright green once it turns bright green that means that that box is fully functional and activated but well the books reboots and activates let me just show you real quick some other stuff that is on the profile so on the profile that we have predefined on the VCO Orchestrator so now kind of switching gears and the play in the part of the admin again the profile here we have by default what we call a QuickStart profile so this is the profile that pretty much applies to all devices what I did was I copied the default profile into the 610 profile that we're using for a 6-10 so on the profile I specify what kind of firmware image I'm going to be using I also specify what exactly is the the username password that's going to be used in production for the local GUI on the box and I also specify some of the basic parameters like VLAN IP address get that up here actually before I go to the IP address single the view and IP addressing pretty simple just define the view an IP address oh can this be can this be zero touch provisioned and shipped out to a remote site I mean because I was hearing you say you know has to be done on site you know whatever register it and blah blah blah then connect back to it so if I want to ship this out to a remote office already configured or mostly configured or whatever yeah so we do have a beta for zero touch I think technically what you're saying the push activation it's not so hard to implement logistically is what we had to figure out is is how those serial numbers get populated out of manufacturing so that the zero touch model actually is functional for me you're also an awesome channel partners that we work with that will do some of that pre-staging port for a large remote deployment where we can tap into them so those devices would ship to a central location they don't where it's going they're doing all that in advance so it can be but it is a it is a touch but we have the ability through that process to support that - yep okay so the IP addressing pretty simple 610 specific information just for example configuring the SSID so just defining the SSID and the secret password so these are really basic things that you could define on the profile so I'd set that in advance oh yeah and the other thing I should mention is that this guy has eight ports built in including two SFP ports for adding sfe modules and by default the first two ports are defined as LAN interfaces so you connect your switches or your devices to switch ports but you could kind of flip these ports to whatever purpose that you want so all those ports can be modified from being a routed laner face to a switched basically laner face according to your needs on the profile level or on the individual device level it kind of switch between the usage of the port so all a ports are pretty much dual purpose so that's the basics here one other thing I want to highlight here is cloud VPN so this is a technology that's unique to the Velo cloud HD Wang solution what cloud VPN does is it allows for 150 site this site VPN connectivity it also allows for one-click site to like non ville cloud site connectivity so for example we have automated configurations where an edge could connect to like a edger v-net instance for example or it could connect to a cloud web security service like a cozy scaler well that could be defined on this profile and it's only one click you just turn it on and just define what kind of VPN that you want to enable and any edge it has a profile will be able to connect like this site now depending what the rules you can figure so right now this profile I have configured branch to branch VPN hub-and-spoke via our cloud gateways which means the edges will connect first to our cloud hosted Avella cloud gateways and then connect back up to on the other edge so this is a useful mechanism if you have any kind of firewall policies that block the direct ranch ranch VPN so that I think is pretty much oh yeah one last thing here one other adjustment I made on the profile is on the far wall side so on the firewall you just enabled a local GUI access you don't really have to do this but to show the local GUI by default all the the non VCO management interfaces are shut off but you could turn them on if you wanted to you could actually see the CF CLI as well but we were by default all these are deny all on the QuickStart profile but I've just enabled local GUI access we're all LAN interfaces just so I could show you on demo so I think the device is on its way to be booted up so the LED is showing green so that means the device is a registered successfully so if we go back to the actual GUI interface here I am making sure I need to make sure that I am connected to the correct this is ID so connecting back to the SSID for the actual device itself and connected so on the local land so I should have access to the device locally so you can see here big difference is that if you connect to the local glee after activation it's going to ask for the username password and that's the same password username and password that I defined the profile so weren't you the GUI so the local GUI is just there for really monitoring purposes or just factory setting in the box for any reason you use connectivity to the the VCO so it's frankly not doing a whole lot just showing the user the aggregate up and down bandwidth and it's also gonna show you the status of pretty much all your interfaces so I can see here the three cases this guy right here there's a few modules connected to the Dell MPLS network so you can see here as a p1 it's already automatically identified as still and g6 that's the Ethernet port going to the AT&T modem so that's automatically detected as well and the USB tethered modem Verizon that's automatically detected so you see here the the landside IP addresses that was automatically assigned to the device so it's real just a quick means of finding which ports are connected to what but yeah so since we are connected and I am connected to the the MacLeod edge pretty much all the the features and functions I could access office 365 no problem you to also know from on the on the display side for the edge overview when you're showing all the interfaces you're only showing v4 interfaces is there any v6 information that's being shown from the actual providers Verizon's v6 capable 18 t v6 capable yeah so our current releases ipv4 only we have ipv6 on the roadmap so I'm really there are no layer overlay we're gonna start with the underlay I really is still on the drawing board as far as what the features are I'd say I mean for the branch customers we haven't seen a whole large demand for ipv6 yet so if there is a large demand and yeah we will incorporate that if you don't consider like t-mobile with like 97 98 percent v6 native use a big enough driver you don't see Verizon at 88 percent v6 native well consider not on the commercial side so I mean I guess a lot to defer to the product side but the answer I'm just it's just on its course yeah I mean it's a good question it's just not something that I have a sale I mean so yeah it's a good question I it's not come up in the customer conversations we've had what we can well most of them have no clue that they have v6 available for them as the underlay portion for this side of it but you should be able to tunnel transport over no problem at least at a bare minimum on the underlay right yeah maybe but whatever v4 they want on top of it but they're gonna provide you v6 on that and more than enough dresses to do whatever I mean we've had conversations with Verizon's we had conversation with the t-mobile I'm sure it's come up I just I'm not really pivoted privy to the exact requirements there from from the service provider side hobby customers like you say they don't really care because it's transparent to them so uh yeah that's the local interface the other thing I want to show you a course is that site to site VPN so actually let me let me go back here so on the site to site VPN side I showed you earlier that there are multiple edge devices configured so I actually have a valve F 4600 that's running a instance of the edge as a virtual edge on top of vSphere hypervisor so this guy has a local LAN IP address of 192 168 1 10.1 and I have a web server hosted on that land so I'm just going to show you the site to site connectivity here so you see here this guy is on the 1 10.1 subnet so my PC which is connected to the 610 now has like the site VPN connectivity to that private 192 168 1 10 network so if I round a trace route or tracer in Windows terminology terminology it will show you the exact path it is taking and it'll show you first the packet of course goes to the local edge interface 1 into 168 2.1 then the next hop you probably don't recognize that IP address here that 190 240 something that's actually a Velo cloud edge that's hosted in the Bay Area that's 66 170 99.1 IP address that is basically the public IP address for VMware and that 196 once 110 dot 100 is the host that's plugged in on my VP 4600 the private LAN so you see here that this is the actual website that we're hosting and I can access it no problem so in a single click I just bypassed the the VMware corporate firewall policy which is not recommended at home but I'm just showing you a from a demo purposes but you can see here the power of that site this site a cloud VPN I didn't really have to mess with any complex CLI configurations or any IPSec or is a campy configurations all that is done transparently automagically back-end so that is that's showing the basically the the functionality that you could enable right pretty much over the span of the ten minutes that I've been talking to you so now that we've seen the functionality show you what the monitoring capabilities you could execute from the VCO so first thing here is there's a new field that we added network overview field this is just a dashboard that shows you the state or health of your entire Sdn network so shows you which edges have been activated if any of the links and relay links are down at the edges and scroll down here you'll see things like which Novell cloud sites are connected and also things like if any of your software versions running on your devices are out of date so it kind of schedule your maintenance and firmware upgrades so it's a nice handy tool to show you the the current state of your environment of course we also have the the map view that will show you exactly where the locations of devices are so I can see here the green one obviously Santa Clara 610 and all the other devices that I have configured on the peninsula so that part is the Priya transparent and you can see here the del 610 it's showing the state of the three underlying networks so all three are green which is good so we're seeing both the del MPLS connection as well as the VMware the Verizon and the AT&T all the LTE connections are stable and if we go and double click on the device itself you'll see kind of the light-fruit and then the stats of the underlying networks the standard metrics packet loss jitter latency and the bandwidth that's automatically detected by the bell cloud edge so as you can see here all this is pretty healthy you'll see the public IPS that are detected for all three interfaces and if we go into the the transport tab we could see in real time what kind of traffic is going across the wall three transport so you do live monitoring and we could show basically that real-time TCP and UDP traffic patterns across all three and under lays so this is automatically steered on a per packet basis basically what we call the dynamic multipath optimization which is the umbrella term to refer to the under the hood technology that this guy uses so I'm curious about that because everybody in the SDRAM world has their own special sauce for how they steer traffic how are you guys doing it under the hood what is you know what are you looking at are you using an abstraction for routing you know where I've seen a lot of you know a lot of SEO and providers will do an abstraction for you know BGP and prepending others will use Linux queuing and a bunch of different neck mechanisms how do you guys approach that particular problem yeah that's a good question so dynamic multiply multipath optimization under the hood it's based on our proprietary protocol we call it V cmp or Bello cloud management protocol okay so basically all the monitoring of the traffic underlay traffic patterns like packet loss due to latency all that is monitored by the dcmp protocol okay all the data plane traffic on the V cmp tunnels all that is is also tunneled within the v cmp okay so we use I say I say MP to do the the so you're looking at individual flows and then managing the individual tactics in a kid's gonna be actual individual packets and then managing the on paths using that using that protocol as as steering so we're not really talking about next top routing this is something awesome inside it's never really that you guys are doing after this until it reaches the I yes IP n point becomes routing again yeah so a shirt application performance with the MPO that's it's kind of the secret sauce and that's probably the unique part of our solution they are you know like you said vendors that do it on her flow basis there are vendors that have like performance space routing or some old-school routing technologies to to route applications well we don't really we visited that beyond it and we've also automated that mechanism so that you don't have to mess with okay you lie policies or how does that change the overhead in the appliance and looking at it on a per packet basis versus on a per flow basis so overhead as far as you're talking about as far as just you know just compute power in the appliance that you're putting out is that is that put more of a strain on the box that you've got to put out we know her packet or as verses per flow yeah I mean yeah there's probably a nominal increase on the CPU as well as we perhaps see the underlay LAN bandwidth the thing about it is I think we've kind of on respect our appliances on the data sheets to kind of count for that overhead but of course we are also releasing platforms with ever more powerful x86 processors and those are getting cheaper and cheaper every day so we're the nominal we're headed on the CPU side we're not really expecting to be much of an issue in production if you compare competitive platforms like this that are going on a flow based and so forth and we've looked at this a lot from a cost perspective it's pretty trivial yeah I mean and as far as the bandwidth overhead is concerned so I mean the legacy MPLS it's it's more like MPLS is guaranteed SLA but kind of thin pipe and expensive what we're trying to change the equation to is that you could buy or use the cheaper direct to the internet access or cheaper broadband connections but perhaps you know aggregate and by moorum so like like you see here i could have like a verizon or AT&T wireless LTE or i could have multiple broadband providers provide that extra bandwidth but it'll still be cheaper and aggregate but you're still and you'll still get that a little balancing and those application Assurance mechanisms that's provided by bill cloud edge so we're not saying it you could rip out your you should rip out your existing ampulla so what you're saying is that you might want to keep your amp us for real you know we were truly a mission-critical stuff but 90% of the day-to-day business traffic you just send over your broadband or even your LTE or 5g or a wireless LAN connections does that make sense yeah absolutely thank you words oh yeah so that shows you the real time traffic patterns and you can also see as far as steering or controlling the traffic right now I don't think we have a whole lot of traffic going on here but basically by business policy we could identify difference between a high priority traffic and low priority traffic as well as the Sdn control traffic how we define or what traffic actually gets defined as high priority as opposed to low priority that we get set on a profile device profile basis for pretty much all devices that share the same profile or we could also Persian that on a per edge device so for this guy we are just using the the default out-of-the-box business policy and even out-of-the-box who we are able to identify and steer traffic for over 3,000 applications that are based in that are built into the solution but if you had custom applications or if you wanted to change the behavior of a certain application you could do that by introducing your own custom business policy or application rules so right here for example we could define a rule first specifically for Skype audio so we have the database of applications that are defined so you could browse through the list or we could just search on Skype and you'll see here the various Skype work loads that we automatically are able to identify I'm just going to select Skype audio you that and we also have ability to specify the linked steering algorithm that's used so by default all traffic is going to be automatically load balance and use the MPL across all line links depending on the state of the and underlay but you can adjust the behavior of that the application routing based on the application that that's detected so here for example we can choose for example to make the del MPLS wired connection the preferred connection and then everything else only if the del wired connection becomes degraded if the latency jitter and packet loss exceeds a certain threshold then the application traffic could be steered to the wireless interfaces and you could do that on a per connection basis you could do that on per interface thesis select which interface you want to make a primary and you could do it on a transport group or transfer type basis so you could say I have multiple wired links then you put that those wired links in the same wired group and then put the wireless connections in a wireless connection group so you could prefer wired connections over wireless connections on a per application basis like I said all the packets are going to be managed and identified using the DMP o on a per packet basis can you clarify with the network service entails direct military versus backhaul sorry yeah you're good let me go back here Larry you're saying that network service okay yeah okay a good question so this is actually also having to do the DMP o so network service you can see a three category sir ones very simple for low priority traffic by default we're not going to send that traffic over the overlay sta overlay we're going to and direct over the Internet right so about like Facebook or non-business critical traffic by default has sent and direct so that that's the directaire their real-time mission critical traffic like Skype or you know your zoom meetings they by default are going to be marked as multi path Network service and multi path just means that whatever LAN connections are available it's going to be distributed automatically based on the conditions of the underlying network the other one here internet backhaul that is only available for from web traffic this is going to be used for I guess traffic that you need to have back halt to a firewall in the data center or a cloud web service like descaler for example so if you have like again like Facebook type traffic you could mark it as internet backhaul on just a traffic will be sent to the data center or let's agree service do you have the ability to do anything related to void with like packet racing down multiple up links and then discarding whichever one gets there in order to ensure that void traffic stays up yeah and I think you're referring to things like forward error correction and yeah so that for our correction correction story is implemented automatically if you select multi path and for what we identify as real-time mission-critical traffic as long as to those two markers are set then the NPM fellow cloud is automatically going to implement forward error correction assuming is say if packet loss is exceeds a certain threshold and if it detects for example like a high jitter or high latency it'll automatically implement jitter buffering as well so all that is done under the hoods you don't really have to do anything so I just specify the application in the service class thank you visibility do you have in seeing which path your tap traffic actually are there fell sheet problems yeah that's actually an excellent question and that segues nicely into into my next portion of the demo so good job so from a monitoring perspective well we have we call a quality of experience so this will basically show you what the conditions have been detected for your applications on a real-time basis probably maybe like put it five minutes here that's not good that's not too interesting I'll put it as sixty minutes okay so now you can see here a couple of our diagrams here so the top line is fairly obvious this is the aggregate user experience based on the Bell cloud quality score it's it's basically a sliding scale from 1 to 10 10 being the best so anything you know 8 or above is probably acceptable from any kind of applications view point green of course is good yellow is not so great and red is like really bad so you could see here historically the the quality of experience scores various differently according to the other lace so obviously actually not obviously AT&T Wireless is actually performing better than the Del Mar connection you might want to talk to your IT guys about that but uh but regardless we're going to show you that are detected in real time in this case for the most part the underlay performance on the AT&T site is is best so that would mean that AT&T is probably going to be selected for most of your real-time traffic but if we kind of actually go into scenarios where the AT&T was maybe not so great you can see here what exactly caused the QA score to or Keowee to to be a flagged is not so great in this case we have detected a rather high upstream latency 26 milliseconds if we go under to the underlays you'll see ok AT&T said 26 milliseconds and if you scroll down here ooh and Dallas had 41 milliseconds you really have to talk to your IT hey there but uh you'll see basically the the cause of what what's degrading or the QA experience and the on that metric you could see which link it's going to be selected so in this case even given the conditions 18 t it's pretty good so you'll see probably at 18 T is gonna be using the connection so a little bit more interesting metric here so you see the Verizon at around 12:45 I think that Verizon link is shown pretty critical or high jitter so you'll see here that edge is implemented jitter buffering automatically based on the the high jitter that's been detected so the net result is that even if you're wired or Wireless underlay connections are experiencing some degradation or not doing so well from quality of experience or perspective we will automatically adjust we could do linked steering to select the the LAN connection that is a that is most stable for those kind of workloads and the net result for the end-user and it's all transparent to the end-user is that their quality of experience will be higher for these kind of applications and we have those kind of metrics and graphs for both voice and video they'll just connect in here and get actual sessions actual sessions so on the monitoring field this is a high level display we could go into the troubleshooting tools to get on a per flow statistics that's probably more for the advanced troubleshooting engineers to use and we could also extract this information via API and shoot that information off to other monitoring tools we've just introduced support for Sdn monitoring for our VMware of you are and I management platform so if you have VR and I you can also see the historical Keowee reports and drill down a deeper level as far as the application flows we're like if you're starting to drop voice packets you do packet captures see what's going on oh yes packet captures hold that question off to get to it in just couple minutes but I'll show you what is available for my a troubleshooting perspective but just just to show you real quick as far as videos concerned again videos is a lot more sensitive so again when we're seeing the red red you see what mitigation mechanisms have automatically being introduced to mitigate some of the degradation that are detected under underlay and on the final metric side we can also monitor transactional status so this is like not real-time traffic things like SharePoint and email so this it's we could expect a pretty good performance everything is green because it's a lot less sensitive to latency and jitter so that is the fee monitoring portion to get about like 10 minutes left so I think the Ranger I'll just review some of the troubleshooting tools available so as far as generating packet captures our operators on the back end can actually collect packet captures since I'm just a field SC I don't have the access to actually generate packet captures myself so customers if they run into issues can request a packet capture so this request will automatically go to our operation staff right here so request a packet capture and our operation staff will then capture the initiate the packet capture on the back end using the VCO if I had so depending on the access level you can do it themselves I guess packet captures as you know it can be a little bit destructive network so I'd say that's it can be done it's just something that we haven't really released to the an user level yet so it is something that's it's a reasonable request I think also you do have the ability to do things like pack capture at the local level at the local GUI I was thinking if you have administrative privileges in the system you can packet capture on any interface okay you can cut back a caption on the VLANs and you can packet capture on your uplink interfaces I don't think you can packet capture on the switched interfaces based on mic yeah the router interfaces you could do a packet capture I could show you what it looks like I can all have to log into a lab machine this is production so I'm not given access to to do packet captures uh at yeah-yeah production level but I think that kind of brings a good point up is our architectures based on role based access controls so there are actually three levels of administrative rights one is the operator level the operator level has access to everything they could to run packet captures in real time they can reset a reboot to any part of the infrastructure so it's it's really powerful and typically only the high-level operators like the Dell operations team as well as our operations team have access to the operator admin accounts at a slightly lower level is the the msps or service provider admin accounts so these would typically be given to like administrators for like partners or other SPS that may be reselling the valve cloud solution as their own solution so the SP admins will have MSP access so MSP access also has the ability to initiate packet captures but the lowest level which I'm kind of using is the enterprise admin these are the admin accounts that are released to basically end users or and customers to manage their their own environments so if you have an enterprise admin account you could request a packet capture but you're gonna have to have somebody with higher privilege to actually initiate those packet captures but even so there are a lot of troubleshooting tools that are available from just the enterprise admin level so for example if you wanted to look at the the real-time flows and what those are actually and going across the edge you could do the remote diagnostics to track what exactly is going on on the edge appliances cell so there are a bunch of tools here typical troubleshooting tools so like I said there's really no need for a CLI so all the the troubleshooting you could do from the VCO interface so let me just go through the active flows here so this will show you in real time what are the flows that are actually and going across this edge appliance depending on how busy the edges it might take a couple of seconds to extract all the information but as you see here just using my laptop you'll see a tons of traffic and flows that are detected on the Box here so what we could use this to identify what kind of pass each application is taking so for example real-time traffic like I said it's going to be a little balanced or replicated across multiple Wang connections oh yeah and mission-critical traffic like office 365 this will be replicated but it also be sent to our cloud gateways and our cloud gateways are our on-ramp and gateways to do access office 365 in the most optimal manner so we have these gateways located throughout the world probably in close physical proximity to the office 365 pops so this is how we can optimize office 365 traffic throughout the world so if you're for example in Tokyo then you'd access the Volvo gateway in Tokyo and FL gateway will route to the office 365 pop in Tokyo so that is pretty much the secret sauce on the velka gateway side to do help optimize what we identify or what do you identify as mission-critical traffic based on your business policies other traffic which probably will not be so machine critical so for example just yeah like windows marketplace traffic like ha fixes updates that's not really a latency sensitive or anything like that so we just send that traffic and direct to the cloud and we still like low bounce to traffic based on which way in connection is as the best conditions so it's really flexible and you will be able to see basically all the behavior on the edge using your troubleshooting tools obviously it's it's a lot of information to fit inside the dashboards so we don't have that and the monitoring dashboard just yet but if figure out a way to make it easier to to show maybe that's something that that we could accommodate or you're not ready to wrap it up alright yeah so I think that is pretty much it so just one other thing here is if you have a scenario in the unlikelihood that your hardware may need to be replaced or are made it's also a very easy flow to do you just request a RMA activation code so basically that's the same activation code or email that you would use for the initial activation but this will be used by the replacement after the replacement box is plugged in so you just send out that Act reactivation email and so that starts off the RMA process and then once your replacement box arrives so Drew has a replacement box then you just have to factory default the one that's that you're going to be replacing and that you could also do very easily by identifying the device itself and initiating a device reset so one last comment on the devices because Toma mentioned it on the as one of the examples in here you'll see an another set of hardware available from us under the branding name of that for the virtual edge platform very similar to the architecture on this slightly more disk and memory for that because we plan to typically put a hypervisor on that and then roll them on multiple vnfs on it so the sd1 edge box is gonna come with just the SDA on running bare metal that is gonna come with a couple of different hypervisor choices u6i add ensemble or the two choices that we pre install on that one allowing you to then run if you wanted to in this particular case fellow cloud as an OVA we can still support it through this model here in terms of onboarding and so forth but it gives us place to put other vnfs if you wanted to put a load balancer or whatever else and service chain those together so just a clarification on that if you look up the portfolio you'll see something called DEP you'll see something called sty edge same guts slightly different use case that we're going after on it so yep okay yeah so you can click on identify button and that will flash the LED for 60 seconds so you could actually identify the physical location of device reset configuration now just like the configuration of the device and have it ready to be shipped back to your support persons so that's pretty much it
Info
Channel: Tech Field Day
Views: 5,773
Rating: undefined out of 5
Keywords: Tech Field Day, TFD, Networking Field Day, NFD, Networking Field Day 21, NFD21, Networking, Dell EMC, Dell, Dell Networking, Fabric, SD-WAN, VeloCloud
Id: EuXsKDynAcw
Channel Id: undefined
Length: 56min 50sec (3410 seconds)
Published: Fri Oct 04 2019
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.