Rackspace floats virty router and firewall into its clouds

Forget iron, use heavenly Vyatta software appliances


Moving to clouds should mean breaking free of all kinds of specific hardware devices and running as much software as possible on generic virtual machines – which is why Rackspace Hosting is partnering with Brocade Communications to bring its Vyatta vRouter software to its public and private clouds.

Brocade has been gradually building up its networking and routing capabilities, snapping up Foundry Networks for its Ethernet switching for $2.6bn in December 2008, and buying virtual networker Vyatta for an undisclosed sum in November 2012. Vyatta was founded in 2005 and brought out the first release of its virtual network appliances in October 2007.

Among many things, the Vyatta stack includes a virtual router (which means it runs on a virtual machine hypervisor) that can do a lot of the work that ISR and ASR machines from Cisco Systems can do. The vRouter software is not just a router, however it is named. It also includes a virtual firewall, virtual private networking for linking internal and external sites to each other securely, and a network address translation appliance that allows for applications and databases to be provisioned without public interfaces on the internet, but still able to get patches and updates from the outside world.

John Engates, chief technology officer at Rackspace, says that up until now, customers have had to do a number of different things to try to get these functions into their public or private cloud slices, such as using firewall rules built into Linux, or using OpenVPN as well as the open source Vyatta or the commercial-grade software which has extensions not available in the open source version.

A graphical user interface, integration with Chef and Puppet management tools, and integration with CloudStack and OpenStack cloud controllers is only available in the Vyatta Network OS Enterprise Edition. In hybrid cloud setups, Rackspace has even installed physical VPN, firewall, and routing appliances on behalf of customers.

"With Vyatta, customers can now get industrial-strength firewall, routing, and VPN into the cloud," says Engates, and in such a way that integrates with the Cloud Networks multi-tiered virtual Layer 2 networking service that is part of the public cloud as well as the RackConnect service.

The Cloud Networks service is based on VMware's NVP OpenFlow controller and Open vSwitch virtual switch, which plugs into the XenServer commercial-grade hypervisor from Citrix Systems that Rackspace uses to underpin its OpenStack-based public cloud. (VMware got its hands on NVP and Open vSwitch last year when it acquired virty networking upstart Nicira.)

The vRouter virtual appliance can also link systems running inside a private data center to the Rackspace Cloud. Up until now, customers had to use the RackConnect service, which required an F5 Big-IP or Cisco ASA hardware appliance, but now customers will be able to use vRouter virtual routers instead if they so choose.

One important thing, says Engates, is that both the Cloud Networks service and the vRouter service are both IPv6 compliant, so you don't have to mess around with IPv4.

The vRouter service is in early adopter phase now, which means it is in limited availability. But within the next month or so, Engates says Rackspace will feel comfortable enough with the virty firewall, router, NAT, and VPN appliance to make it generally available. The vRouter service will cost 18 cents per hour over and above whatever Cloud Server instance you run it on.

"We are recommending that people start with a 1GB RAM server instances," Engates. This instance should be able to handle about 30Mb/sec of bandwidth for firewall traffic, which is a pretty small appliance. In this case, the server instance costs 6 cents per hour, so you get the virtual firewall for 24 cents per hour, or about $2,100 per year.

If you need to step up to 100Mb/sec of bandwidth on the firewall, Rackspace recommends a 4GB server instance, which 24 cents per hour for the server and another 18 cents per hour, which works out to $$3,680 per year. ®


Keep Reading

Microsoft Defender casts a jaundiced eye over Citrix, slams services in quarantine on suspicion of being malware

You say broker, I say trojan, let's call the whole thing off

If you have Microsoft 365 and Windows Virtual Desktop, do you need Citrix? Apparently

Redmond's Azure-based system pals up with virty dinosaur

Citrix denies dark web claim of network compromise and ransomware attack

Says third party holding some business contact information has had trouble but its own infrastructure remains safe

After three leisurely years, Citrix releases second long-term-service hypervisor

Version 8.2 supports bigger hosts, improves network security and bins old Windows versions as guests

CERN puts two new atom-smashers on its shopping list. One to make Higgs Bosons, then a next-gen model six times more energetic than the LHC

Needs about €21bn it doesn’t have and a whole lot of new science to make it feasible

Large Redmond Collider: CERN reveals plan to shift from Microsoft to open-source code after tenfold license fee hike

Updated Euro super-boffins embrace MAlt right after academic discount axed

'Work is an activity not a place' got tired on LinkedIn about three months ago, but Citrix just based its new logo on the idea

Logowatch Dot over an X instead of an I ‘illustrates our commitment to empowering every individual’

Citrix warns of patch-ASAP-grade bugs in its working-from-home products, just as we're all working from home

Expect Citrix Endpoint Management gear to come under attack soon

Biting the hand that feeds IT © 1998–2020