Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Requirements for Deploying cSRX in Bare-Metal Linux Server

This section presents an overview of requirements for deploying a cSRX Container Firewall container on a bare-metal Linux server:

Host Requirements

Table 1 lists the Linux host requirement specifications for deploying a cSRX container on a bare-metal Linux server.

Note:

The cSRX can run either on a physical server or virtual machine. For scalability and availability reasons, we recommended using a physical server to deploy the cSRX container.

Table 1: Host Requirement Specifications for cSRX Container Firewall

Component

Specification

Release Introduced

Linux OS support

CentOS 6.5 or later

Junos OS Release 18.1R1

Red Hat Enterprise Linux (RHEL) 7.0 or later

 

Ubuntu 14.04.2 or later

 

Docker Engine

Docker Engine 1.9 or later installed on a Linux host

 

Contrail Cloud Platform

Contrail 3.2 with OpenStack Liberty or OpenStack Mitaka

 

vCPUs

2 CPU cores

 

Memory

4 GB

 

Disk space

40 GB hard drive

 

Host processor type

x86_64 multicore CPU

 

Network interface

1 Ethernet port (minimum)

 

cSRX Container Firewall Basic Configuration Settings

The cSRX container requires the following basic configuration settings:

  • Interfaces must be assigned IP addresses.

  • Policies must be configured between zones to permit or deny traffic.

Interface Naming and Mapping

A cSRX container supports 17 interfaces:

  • 1 Out-of-band management Interface (eth0)

  • 16 In-band interfaces (ge-0/0/0 to ge-0/0/15).

Table 2 lists the cSRX interface assignments with Docker.

Table 2: cSRX Container Firewall Interface Assignment

InterfaceNumber

cSRX Interfaces

Docker Interfaces

1

eth0

eth0

2

ge-0/0/0

eth1

3

ge-0/0/1

eth2

4

ge-0/0/2

eth3

6

ge-0/0/4

eth5

7

ge-0/0/5

eth6

8

ge-0/0/6

eth7

9

ge-0/0/7

eth8

10

ge-0/0/8

eth9

11

ge-0/0/9

eth10

12

ge-0/0/10

eth11

13

ge-0/0/11

eth12

14

ge-0/0/12

eth13

15

ge-0/0/13

eth14

16

ge-0/0/14

eth15

17

ge-0/0/15

eth16