Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Announcement: Try the Ask AI chatbot for answers to your technical questions about Juniper products and solutions.

close
header-navigation

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries
Campus and Branch

Welcome to the NOW Way to Wi-Fi

Take your networking performance to new heights with a modern, cloud-native, AI-Native architecture. Only Juniper can help you unleash the full potential of Wi-Fi 7 with our AI-Native platform for innovation.
Prepare for liftoff
Business intelligence analyst dashboard on virtual screen. Big data Graphs Charts.

AI Data Center Networking

Juniper’s AI data center solution is a quick way to deploy high performing AI training and inference networks that are the most flexible to design and easiest to manage with limited IT resources.
Find out more
Enterprise AI-Native Networking

Enterprise AI‑Native Routing

Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Explore enterprise routing
Zero trust security

Ops4AI Lab

Visit our lab in Sunnyvale, CA and see our AI data center solution for yourself. You can try out your own model’s functionality and performance, too.
Visit the lab
Enterprise AI-Native Networking

Enterprise AI‑Native Routing

Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Explore enterprise routing
Higher Education

Shaping Student Experiences: The NOW Way to Build Higher Education Networks

Juniper Networks CIO Sharon Mandell and a virtual summit of C-level IT leaders from prestigious institutions discuss ongoing efforts to support digital transformation on campus.
Watch now
Hand on tablet with healthcare overlay of graphics

Security in healthcare

In this IDC Spotlight report, discover how AI networking can automate and strengthen a healthcare ecosystem to defeat criminals and prevent loss. 
Gain insights into ecosystem security
Retail

The Future of In-Store Technologies

Retail experts Kevin McCartan, Senior IT Service Delivery Engineer at Musgrave; Jack Stratten of Insider Trends; and Christian Gilby, Senior Director of Product Marketing at Juniper Networks, discuss customer experiences.
See the future

Products

Wireless access Wired access SD-WAN / SASE Routing and switching Security Mist AI™ Management software Network operating system Blueprint for AI-Native Acceleration Optics
  • Operations
ACX7020 router

Juniper ACX7020 Cloud Metro Access Router

Legacy networks simply cannot meet the demands of today’s rapidly evolving metro landscape. Unlock a new generation of highly scalable architectures and automated operations with the Juniper ACX7020. 
Learn more
EX4000 Ethernet Switch

Next-gen AI-Native EX4000 line of switches

Lack of AI innovation from your current networking vendor slowing you down? Embrace Juniper’s cloud-native, AI-Native access switches that support every level and layer, across nearly every deployment.
Discover how
The Q and AI text with an image of Bob Friday and Kedar Dhuru.

The Q&AI Podcast

Delivering practical solutions and enriching discussions, this podcast series is a vital resource for those seeking an in-depth exploration of AI's transformative potential.
Catch the latest episode

Services

Services
Services AI Care

Juniper AI Care Services Revolutionize Your Service Experience

Our industry-first AI-Native services couple AIOps with our deep expertise across the full network life cycle. You can move from reactive response to proactive insight and action.
Explore AI Care Services
Services AI Data Center

Juniper AI Data Center Deployment Services Optimize Your AI Model Runs

We use our expertise and validated designs to help design, deploy, validate and tune networks, including GPUs and storage, to get the most from your AI infrastructure operation.
Learn about AI Data Center Deployment Services

Partners

Partners

Support and Documentation

Support and Documentation

Learn

About Juniper Training Events The Feed Resources Technology learning topics Thought leadership and insights
Audience raising hands up while businessman is speaking in training at the office.

Juniper certification and training news

See the latest
Ringing of the bell

All global events

See the latest
AI-native-now

AI-Native NOW event series

Explore events
AINN AI Innovation Impact Virtual Event

AI-Native NOW: AI Innovation and Impact

Register NOW
Juniper's Christina Hendrix at the head of a conference table. With the text "The NOW Way to Network" overlayed, with "NOW" emphasizing the "O" in green color.

The NOW Way to Network

Watch the video series
AI Native Now

Executive insights

Dive deep with leading experts and thought leaders on all the topics that matter most to your business, from AI to network security to driving rapid, relevant transformation for your business.
Learn more
A keynote speaker giving a presentation at a conference. There are dozens of people sitting around them. The presentation is displayed via projector on all the walls in the room.

Leadership voices

Juniper Networks’ leaders operate on the front lines of creating the network of the future. Take a look around to see what’s on their minds.
Watch now
Bob Friday and Jessica Garrison speaking

Bob Friday Talks

Join Bob as he ventures into all the knowns -- and -- unknowns -- of AI.
Catch the latest episode
Documentation
Menu
License Guide
Quick Starts
Validated Designs
Home Documentation
Juniper OpenStack Neutron Plug-invSRX
Juniper OpenStack Neutron Plug-in Juniper Networks OpenStack Neutron Plug-in Installing and Configuring the OpenStack Neurton Plug-in

Juniper Networks OpenStack Neutron Plug-in

keyboard_arrow_up
close
keyboard_arrow_left
Juniper Networks OpenStack Neutron Plug-in
Table of Contents Expand all
list Table of Contents
file_download PDF
{ "lLangCode": "en", "lName": "English", "lCountryCode": "us", "transcode": "en_US" }
English
ON THIS PAGE
keyboard_arrow_right

Configuring the ML2 Plug-in

date_range 01-Apr-21
arrow_backward
arrow_forward

Juniper ML2 drivers support the following types of virtual networks:

  • VLAN based network

  • VXLAN based tunneled network with EVPN by using Hierarchical Port Binding

By using the features such as LAG and MC-LAG, ML2 drivers support the orchestration of aggregated links that connect the OpenStack nodes to the ToR switches.

Configuring the ML2 VLAN Plug-in

Juniper ML2 VLAN plug-in supports configuring VLAN of the network of each tenant on the corresponding switch port attached to the compute node. VM migration is supported from OpenStack Neutron version 2.7.1 onwards.

  • Supported Devices

    EX series and QFX series devices.

  • Plug-in Configuration

    To configure OpenStack Neutron to use VLAN type driver:

    1. On the OpenStack Controller, open the file /etc/neutron/neutron.conf and update as follows:

      core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin or core_plugin = neutron.plugins.ml2.plugin_pt_ext.Ml2PluginPtExt

    2. On Openstack Controller, update the ML2 configuration file /etc/neutron/plugins/ml2/ml2_conf.ini to set Juniper ML2 plug-in as the mechanism driver:

      content_copy zoom_out_map
      [ml2]
type_drivers = vlan
mechanism_drivers = openvswitch,juniper
tenant_network_types = vlan

    3. Specify the VLAN range and the physical network alias to be used.

      content_copy zoom_out_map
      [ml2_type_vlan]
network_vlan_ranges = physnet1:1001:1200

    4. Restart the OpenStack neutron server for the changes to take effect.

    5. Login to OpenStack GUI and create VLAN based network and launch VMs. You can view the VLAN IDs of the OpenStack network are created on the switch and mapped to the interfaces that are configured through the jnpr_switchport_mapping command.

Configuring ML2 VXLAN Plug-in with EVPN

ML2 EVPN driver is based on Neutron hierarchical port binding design. It configures the ToR switches as VXLAN endpoints (VTEPs), which is used to extend VLAN based L2 domain across routed networks.

Figure 1: IP FabricIP Fabric

To provide L2 connectivity between the network ports and compute nodes, the L2 packets are Tagged with VLANs and sent to the Top of Rack (TOR) switch. The VLANs used to tag the packets are only locally significant to the TOR switch (Switch Local VLAN).

At the ToR switch, the Switch Local VLAN is mapped into a global VXLAN ID. The L2 packets are encapsulated into VXLAN packets and sent to the virtual tunnel endpoint (VTEP) on the destination node, where they are de-encapsulated and sent to the destination VM.

To make the L2 connectivity between the endpoints work with VXLAN, each endpoint must be informed about the presence of destination VM and VTEP. EVPN uses a BGP-based control plane to learn this information. The plug-in assumes that the ToRs are setup with BGP-based peering.

Refer to Junos documentation for configuring BGP on the ToR switches available at BGP Configuration Overview.

Supported Devices

QFX 5100 only

Plug-in Configuration

To install the Juniper neutron plug-in on the neutron server node, complete the following steps:

  1. Edit the ML2 configuration file /etc/neutron/plug-ins/ml2/ml2_conf.ini to add the following configuration for EVPN driver:
    content_copy zoom_out_map
    [ml2]
type_drivers = vlan,vxlan,evpn
tenant_network_types = vxlan
mechanism_drivers = jnpr_evpn,openvswitch

[ml2_type_vlan]
network_vlan_ranges=<ToR_MGMT_IP_SWITCH1>:<vlan-start>:<vlan-end>,
<ToR_MGMT_IP_SWITCH2>:<vlan-start>:<vlan-end>,<ToR_MGMT_IP_SWITCH3>:
<vlan-start>:<vlan-end>

[ml2_type_vxlan]
vni_ranges = <vni-start>:<vni-end>
  2. Restart the OpenStack neutron server to load the EVPN ML2 driver.
  3. Update the plug-in topology database. To add a ToR switch and two compute nodes connected to it, run the following commands on the neutron server node:
    content_copy zoom_out_map
    admin@controller:~$ jnpr_device add -d ToR1 -u root -p root-password -c switch
admin@controller:~$ jnpr_switchport_mapping add -H Compute1 -n eth1 -s tor1_mgmt_ip-address -p ge-0/0/1
admin@controller:~$ jnpr_switchport_mapping add -H Compute2 -n eth1 -s tor2_mgmt_ip-address -p ge-0/0/1
admin@controller:~$ jnpr_switchport_mapping add -H Network1 -n eth1 -s tor3_mgmt_ip-address -p ge-0/0/1
  4. Update OVS L2 agent on all compute and network nodes.

    All the compute and network nodes needs to be updated with the bridge mapping. The bridge name should be the IP address of the ToR switch.

  5. Edit the file /etc/neutron/plug-ins/ml2/ml2_conf.ini (ubuntu) or /etc/neutron/plug-ins/ml2/openvswitch_agent.ini (centos) to add the following:
    content_copy zoom_out_map
    [ovs]
bridge_mappings = <ToR_MGMT_IP>:br-eth1

    Here br-eth1 is an OVS bridge which enslaves the eth1 physical port on the OpenStack node connected to ToR1. It provides the physical network connectivity for tenant networks.

  6. Restart the OVS agent on all the compute and network nodes.
  7. Login to OpenStack GUI to create a virtual network and launch VMs. You can view the VXLAN IDs of the OpenStack network, where the switch local VLANs are created on the switch and mapped to the VXLAN ID on each ToR.

Configuring ML2 Driver with Link Aggregation

You can use Link Aggregation (LAG) between an OpenStack compute node and a Juniper switch to improve network resiliency.

Plug-in Configuration

Figure 2 describes the connectivity of OpenStack compute node to the Top of Rack (TOR) switch.

Figure 2: LAGLAG

To configure LAG on Juniper ToR switches, refer to the following link:

Configuring Aggregated Ethernet Links (CLI Procedure)

To configure LAG on the OpenStack compute node:

  1. Connect the data ports of the OpenStack networking to the LAG interface on the Juniper switches. For example, connect eth1 and eth2 for LAG as follows:
    content_copy zoom_out_map
    admin@controller:~$ ovs-vsctl add-bond br-eth1 bond0 eth1 eth2 lacp=active
  2. Create NIC mapping:
    content_copy zoom_out_map
    admin@controller:~$ jnpr_nic_mapping add –H openstack-node-name-or-ip-address –b physnet1 -n nic
admin@controller:~$ jnpr_nic_mapping add –H openstack-node-name-or-ip-address –b physnet1 -n nic
admin@controller:~$ jnpr_nic_mapping add -H 10.207.67.144 -b physnet1 -n eth1
admin@controller:~$ jnpr_nic_mapping add -H 10.207.67.144 -b physnet1 -n eth2
  3. Add switch port mapping with aggregate interface:
    content_copy zoom_out_map
    admin@controller:~$ jnpr_switchport_mapping add –H openstack-node-name-or-ip-address –n eth1 -s switch-name-or-ip-address –p port –a lag-name
admin@controller:~$ jnpr_switchport_mapping add –H openstack-node-name-or-ip-address –n eth2 -s switch-name-or-ip-address –p port –a lag-name
admin@controller:~$ jnpr_switchport_mapping add -H 10.207.67.144 -n eth1 -s dc-nm-qfx3500-b -p ge-0/0/2 -a ae0
admin@controller:~$ jnpr_switchport_mapping add -H 10.207.67.144 -n eth2 -s dc-nm-qfx3500-b -p ge-0/0/3 -a ae0
  4. Verify switch port mapping with aggregate details:
    content_copy zoom_out_map
    admin@controller:~$ jnpr_switchport_mapping list
+---------------+--------+-----------------+-----------+-----------+
| Host          | Nic    | Switch          | Port      | Aggregate |
+---------------+--------+-----------------+-----------+-----------+
| 10.207.67.144 | eth1   | dc-nm-qfx3500-b | ge-0/0/2  | ae0       |
| 10.207.67.144 | eth2   | dc-nm-qfx3500-b | ge-0/0/3  | ae0       |
+---------------+--------+-----------------+-----------+-----------+

Configuring ML2 Driver with Multi-Chassis Link Aggregation

You can configure Multi-Chassis Link Aggregation (MC-LAG) and use it with Juniper Neutron plug-ins.

Figure 3: MC-LAGMC-LAG

Plugin Configuration

To configure MC-LAG on Juniper switches, refer to the following link:

Configuring Multichassis Link Aggregation on EX Series Switches

To configure LAG on Openstack compute:

  1. Connect the data ports of the OpenStack networking to the LAG interface on two different Juniper switches. For example, connect eth1 and eth2 for LAG as follows:
    content_copy zoom_out_map
    admin@controller:~$ ovs-vsctl add-bond br-eth1 bond0 eth1 eth2 lacp=active
  2. Create NIC mapping:
    content_copy zoom_out_map
    admin@controller:~$ jnpr_nic_mapping add –H openstack-node-name-or-ip-address –b physnet1 -n nic
admin@controller:~$ jnpr_nic_mapping add –H openstack-node-name-or-ip-address –b physnet1 -n nic
admin@controller:~$ jnpr_nic_mapping add -H 10.207.67.144 -b physnet1 -n eth1
admin@controller:~$ jnpr_nic_mapping add -H 10.207.67.144 -b physnet1 -n eth2
  3. Add switch port mapping with aggregate interface on the OpenStack controller:
    content_copy zoom_out_map
    admin@controller:~$ jnpr_switchport_mapping add –H openstack-node-name-or-ip-address –n eth1 -s switch-name-or-ip-address –p port –a lag-name
admin@controller:~$ jnpr_switchport_mapping add –H openstack-node-name-or-ip-address –n eth2 -s switch-name-or-ip-address –p port –a lag-name
admin@controller:~$ jnpr_switchport_mapping add -H 10.207.67.144 -n eth1 -s dc-nm-qfx3500-b -p ge-0/0/2 -a ae0
admin@controller:~$ jnpr_switchport_mapping add -H 10.207.67.144 -n eth2 -s dc-nm-qfx3500-b -p ge-0/0/3 -a ae0
  4. Verify switch port mapping with aggregate details:
    content_copy zoom_out_map
    admin@controller:~$ jnpr_switchport_mapping list
+---------------+--------+-----------------+-----------+-----------+
| Host          | Nic    | Switch          | Port      | Aggregate |
+---------------+--------+-----------------+-----------+-----------+
| 10.207.67.144 | eth1   | dc-nm-qfx3500-a | ge-0/0/2  | ae0       |
| 10.207.67.144 | eth2   | dc-nm-qfx3500-b | ge-0/0/3  | ae0       |
+---------------+--------+-----------------+-----------+-----------+
arrow_backward PREVIOUS Setting Up L2 and L3 Topologies
NEXT arrow_forward Configuring the L3 Plug-in
footer-navigation

© 1999 - 2025 Juniper Networks, Inc. All rights reserved.

Scroll to top