CNaaS network services ideas
Provide standardized network related services as part of CNaaS service, for example:
- DHCP service, based on redundant KEA + Stork admin web interface
- HTTP proxy, for APs to connect to internet
- Basic stateful NAT44 and NAT64 service, almost no features but "100Gbit/s" speed on cheap server
- Flow collector? https://akvorado.net/
Utilize kvm1/2 servers? Or VM in customer onprem virtualization platform? (how to provide OOB/console acccess for NOC troubleshooting?)
DHCP
KEA DHCP v3.0 open-sourced all components needed for API management of subnets etc https://www.isc.org/blogs/kea-3-0/ , makes it possible to use Stork admin web UI in fully free open source solution
Integrations:
- When adding new subnet in netbox, automatically create DHCP pool?
- Host PTR records for AD?
- Lease query from Arista switches for improved security https://www.arista.com/en/um-eos/eos-ip-address-locking
HTTP Proxy
Provide internet access to Arista APs without even needing default route leaked into SHARED_AP VRF
Provide limited internet access only to Windows update etc for quarantine/fail(dot1x) VLAN
Stateful NAT server
https://wiki.fd.io/view/VPP/NAT
- Scale to millions of bindings
- Performance goal of 10Mpps/core.
No need for expensive firewall for super basic NAT service for internet access from guest wifi etc. Use firewall for more qualified services like server firewall rules etc.
Contact us
Please contact info@sunet.se