Scribd
Upload
127 views16 pages

Nuage Networks Glossary

Nuage

Uploaded by

noclee
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
127 views16 pages

Nuage Networks Glossary

Nuage

Uploaded by

noclee
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

Nuage Networks Glossary

Release 20.10.R10

3HE16775AAAA

October 04, 2022


CONTENTS

1 About this Document 2


1.1 Validity of this Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2 Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.3 Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.4 Privacy Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.4.1 Network (Online) Identifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

2 VCS and VNS Terminology 6


2.1 Acronyms and Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

3 OpenStack Plugin Terminology 13


3.1 OpenStack Acronyms and Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

i
Nuage Networks Glossary, Release 20.10.R10

Release: 20.10.R10
Issue: 1
Issue Date: October 04, 2022
Document Number: 3HE16775AAAA

NUAGE NETWORKS – PROPRIETARY & CONFIDENTIAL

Nokia is committed to diversity and inclusion. We are continuously reviewing our customer documentation and
consulting with standards bodies to ensure that terminology is inclusive and aligned with the industry. Our future
customer documentation will be updated accordingly.
This document contains proprietary/trade secret information which is the property of Nokia Corporation. Not to be
made available to, or copied or used by anyone who is not an employee of Nokia Corporation except when there is a
valid non-disclosure agreement in place which covers such information and contains appropriate non-disclosure and
limited use obligations.
This document is protected by copyright. Except as specifically permitted herein, no portion of the provided informa-
tion can be reproduced in any form, or by any means, without prior written permission from Nokia Corporation/Nuage
Networks.
Nuage Networks and the Nuage Networks logo are trademarks of the Nokia group of companies. Nokia is a registered
trademark of Nokia Corporation. Other product and company names mentioned herein may be trademarks or trade
names of their respective owners.
The information presented is subject to change without notice. Nokia Corporation/Nuage Networks assumes no re-
sponsibility for inaccuracies contained herein.

Copyright©2018-2021 Nokia Corporation/Nuage Networks. All rights reserved.

Build Number: 784

CONTENTS 1
CHAPTER

ONE

ABOUT THIS DOCUMENT

• Validity of this Document (page 3)


• Audience (page 3)
• Technical Support (page 3)
• Privacy Considerations (page 3)
– Network (Online) Identifiers (page 4)

2
Nuage Networks Glossary, Release 20.10.R10

For a complete list of applicable user documentation, see the Technical Publications section of the Release Notes for
your Nuage Networks software version.

Validity of this Document

Printed versions of this document may not be up to date. Only the Web version of this document is current.

Audience

This manual is intended for enterprise system administrators who are responsible for enterprise network configuration
and administrators for the Nuage VSP/VNS software. It is assumed that the reader is familiar with virtualization and
networking technologies. Other assumptions are explicitly called out in the relevant chapters.

Technical Support

If you purchased a service agreement for your Nuage Networks VSP/VNS solution and related products from a dis-
tributor or authorized reseller, contact the technical support staff for that distributor or reseller for assistance. If you
purchased an Alcatel-Lucent or Nokia service agreement, contact your welcome center:
https://networks.nokia.com/support
Nokia Online Services (NOLCS) provides registered customers with access to technical support, software downloads,
training, documentation, literature, and other related assets for our products and solutions. For assistance with NOLCS,
including inability to access, contact us as follows:
• Inside the U.S. and Canada: 1-866-582-3688, prompt 7.
• Outside the U.S.: 1-630-224-9000
• Via email: [email protected]

Privacy Considerations

These privacy considerations are related to the product delivered or to be delivered to the customer.

Note: Any customer-specific customization, development, or modification of the product may introduce privacy
impact beyond that described here.

The privacy considerations describe the processing of personal data by this product, possible privacy impact from that
processing, and applicable privacy measures.
By processing, Nokia means any essential feature operation or set of operations performed by the product on personal
data or on sets of personal data, whether or not by automated means, such as collection, recording, organization,
structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or
otherwise making available, alignment or combination, restriction, erasure, or destruction.
The following categories of data may be collected and/or processed by this product and could be classified as personal
data:
• Network (Online) identifiers

1.1. Validity of this Document 3


Nuage Networks Glossary, Release 20.10.R10

Network (Online) Identifiers

GDPR specifically included the term online identifiers within the definition of what constitutes personal data.
These may include information relating to the device that an individual is using, applications, tools or protocols. A
non-exhaustive list is included in Recital 30:
• Internet protocol (IP) addresses
• Cookie identifiers
• Other identifiers such as radio frequency identification (RFID) tags.
Other examples of online identifiers that may be personal data include:
• MAC addresses
• Advertising IDs
• Pixel tags
• Account handles; and userIDs
• Device fingerprints
The use of these may leave traces which, when combined with unique identifiers and other information received by
servers, may be used to create profiles of individuals and identify them.
When assessing if an individual is identifiable, it must considered whether the online identifiers on their own or in
combination with other information that may be available to those processing the data, be used to distinguish one user
from another possibly by the creation of userIDs of the individuals to identify them.
This may be either as a named individual or simply as a unique user of electronic communications and other services
that may be distinguished from other users.
Network identifiers, including a MAC address, userIDs and an IP address are collected and stored in log files to provide
accountability of individual product access and is processed only to render the intended features of the product.
This information, when stored in log files, is secured from unauthorized through technical access controls, to only
individuals with authorized access rights.

Note: This information is provided to customers for transparency and awareness purposes. Unless bound by a
customer services agreement defining Nokia’s role as a data processor and establishing the data processing activities,
and purposes of data collection and processing in alignment with the requirements defined by GDPR Article 28, Nuage
makes no assertion of a role as either a data processor or data controller.
Please be aware, as a customer deploying Nuage VSP within your service provider network, that based on the infor-
mation contained within this Privacy Considerations documentation, that your organization MAY have responsibilities
under either Article 24, Data Controller Obligations, or Article 28, Data Processor Obligations.

1.4. Privacy Considerations 4


Nuage Networks Glossary, Release 20.10.R10

DataStore, Per- Data Per- Pro- Purposes, Storage, and Storage Security
DataClus- sonal Subjects sonal cess-
ter, and Data Data ing
Personal Cate- Classifi-
Data gory cation
Username Net- Service Could Be Stor- Purposes: Collected for the purposes of
<UserID> work / Provider Personal age identifying the account/user who is logging in to
Online Employees Data manage the network element. Storage: Within
Identi- / the VSP Network Elements in the home region of
fier Contractors the customer - Log Files. Storage Security:
Encryption - as stored in UserDB; In Clear in
Log Files for Non-Repudiation of Events.
Password Net- Service Not Stor- Purposes: Collected for the purposes of
work / Provider Personal age authenticating the account/user who is logging in
Online Employees Data to manage the network element. Storage: Within
Identi- / the VSP Network Elements in the home region of
fier Contractors the customer - Log Files. Storage Security:
Encryption.
MAC Address Net- None Not Stor- Purposes: HW Id of the network interface for the
work / Personal age VSP NW Elements. Storage: Within the VSP
Online Data Network Elements in the home region of the
Identi- customer - Log Files. Storage Security: Access
fier Controls - RBAC - Admins only.
IP Address Net- None Not Stor- Purposes: IP Address of the VSP network
work / Personal age element, Routing Table, Sub Network or VLAN.
Online Data Storage: Within the VSP Network Elements in
Identi- the home region of the customer - Log Files.
fier Storage Security: Access Controls - RBAC -
Admins only.

1.4. Privacy Considerations 5


CHAPTER

TWO

VCS AND VNS TERMINOLOGY

The acronyms and terms described in this document are primarily defined in the context of Nuage Networks products.
Interpretations of these definitions in other contexts may not be accurate.

Acronyms and Terms

AAR Application-aware routing.


ACE Access control entry.
ACLs Access control list.
ACS Apache CloudStack.
Active/standby
A high-availability configuration of groups of resources, such as two VSD clusters, connected to the same
network. One cluster is in active mode with the other is in standby mode and automatically becomes the
active system if the first cluster goes down.
Anti-spoofing On VSP, IP anti-spoofing prevents infected endpoints, such as VMs, from spoofing IP addresses to
bypass security controls in the data center. Anti-spoofing also applies to MAC addresses.
AS Autonomous system. Within the Internet, an autonomous system (AS) is a collection of connected Internet Pro-
tocol (IP) routing prefixes under the control of one or more network operators that presents a common, clearly
defined routing policy to the Internet.
ASN Autonomous system number. A unique ASN is allocated to each AS for use in BGP routing. An AS numbers
uniquely identifies each network on the Internet.
A/S
See active/standby.
BFD Bi-directional Forwarding Detection.
BGP Border Gateway Protocol. The protocol backing the core routing decisions on the Internet.
BGP4 Extends BGP. From IETF(RFC4271), see http://www.ietf.org/rfc/rfc4271.txt : “BGP-4 provides a set of mech-
anisms for supporting Classless Inter-Domain Routing (CIDR). These mechanisms include support for adver-
tising a set of destinations as an IP prefix, and eliminating the concept of network “class” within BGP. BGP-4
also introduces mechanisms that allow aggregation of routes, including aggregation of AS paths.”
BGP4+ Extends BGP to IPv6.
Bidirectional_Forwarding_Detection A network protocol that serves to detect faults between two forwarding en-
gines connected by a link; for example, failures in the path between two systems. It is a light-weight, low-
overhead mechanism of short duration.

6
Nuage Networks Glossary, Release 20.10.R10

BPDU Bridge Protocol Data Unit.


BPDU guard See BPDU. An Layer 2 (L2) feature that allows network designers to enforce the STP domain borders
and keep the active topology predictable. The devices behind the ports that have STP PortFast enabled are not
able to influence the STP topology. At the reception of BPDUs, the BPDU guard operation disables the port that
has PortFast configured.
CIDR Classless Inter-Domain Routing. A method for allocating IP addresses and routing Internet Protocol packets.
The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture
of classful network design in the Internet. Its goal was to slow the growth of routing tables on routers across the
Internet, and to help slow the rapid exhaustion of IPv4 addresses.
CIR Committed Information Rate.
CMS Cloud Management Systems.
Compute Management System.
CPE Customer Premises Equipment.
CRUD Create, Read, Update, Delete.
The primary or most commonly used HTTP verbs (or methods) are POST, GET, PUT, and DELETE. These
correspond to create, read, update, and delete (CRUD) operations, respectively in RESTful services.
The primary or most commonly used HTTP verbs (or methods) are POST, GET, PUT, and DELETE. These
correspond to create, read, update, and delete (CRUD) operations, respectively in RESTful services. Source:
Wikipedia
DC Data center.
DHCP Dynamic Host Configuration Protocol is a standardized network protocol used on IP networks for dynamically
distributing network configuration parameters, such as IP addresses for interfaces and services.
DHCP relay DHCP relay (DR) agents receive messages from DHCP clients and forward them to DHCP servers.
Domain A domain is a single Layer 3 (L3) space and is equivalent to a single Nuage dVRS instance. In standard
networking terminology, a domain maps to a VRF instance. An organization can have multiple domains.
DPDK Data Plane Development Kit. Network acceleration can be enabled by offloading encryption and decryption
functionality. DPDK is a set of libraries and drivers for fast packet processing. It is designed to run on any
processors.
dVRS A Nuage product that performs distributed virtual routing and switching (dVRS).
Elasticsearch
Elasticsearch is a distributed, RESTful search and analytics engine.
endpoint Same as a visited route.
Enterprise Group Key See Traffic Encryption Key.
FCoE Fibre Channel over Ethernet. An encapsulation of Fibre Channel frames over Ethernet networks. This allows a
Fibre Channel to use 10 Gigabit Ethernet networks (or higher speeds) while preserving the Fibre Channel proto-
col. The specification, supported by a large number of network and storage vendors, is part of the International
Committee for Information Technology Standards T11 FC-BB-5 standard.
FDB Forwarding Database. The database used by routers that specifies the destination devices to which it can forward
data traffic.
FIB Forwarding Information Base. Used in network bridging, routing, and similar functions to find the proper inter-
face to which the input interface should forward a packet. It is a dynamic table that maps MAC addresses to
ports. It is the essential mechanism that separates network switches from network hubs.

2.1. Acronyms and Terms 7


Nuage Networks Glossary, Release 20.10.R10

FIP Fibre Channel over Ethernet (FCoE) Initialization Protocol (FIP).


FIPS Federal Information Processing Standards (FIPS).
GRE Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems that can encapsulate
a wide variety of network layer protocols inside.
Group-key based IPSec Encapsulating Security Payload (ESP)-based implementation that relies on a key server
(KS) to handle endpoint authentication (member registration), key generation and distribution.
IGMP Internet Group Management Protocol.
IKE Internet Key Exchange.
IP Internet Protocol
IPv4 multicast Support for Layer 3 (L3) multicast and Layer 2 (L2)-to-L3 multicast using IPv4 connectivity.
IPv6 multicast Support for Layer 3 (L3) multicast and Layer 2 (L2)-to-L3 multicast using IPv6 connectivity.
IPv6 Unicast Support for Layer 3 (L3) connectivity with static routes.
Key server (KS) An entity responsible for generating encryption keys.
KS Key server.
L2 Layer 2 of the Open Systems Interconnection (OSI) model.
L3 Layer 3 of the Open Systems Interconnection (OSI) model.
L4 Layer 4 of the Open Systems Interconnection (OSI) model.
L7 Layer 7 of the Open Systems Interconnection (OSI) model.
LBaaS Load balancing as a service.
License (Nuage) A blob used by VSD to validate the software, whereby using VSD without the license results in
restricted functions. See the Nuage VSP User Guide, CSP Administrator Workflows section, Adding a License
sub-section for instructions on how to use the GUI to register the software license.
Load balancing A method for distributing workloads across multiple computing resources, such as computers, a
computer cluster, network links, central processing units or disk drives. Load balancing aims to optimize re-
source use, maximize throughput, minimize response time, and avoid overload of any one of the resources.
Using multiple components with load balancing instead of a single component may increase reliability through
redundancy. Load balancing is usually provided by dedicated software or hardware, such as a multi-layer switch
or a Domain Name System server process.
Load balancer (noun) A device that acts as a reverse proxy and distributes network or application traffic across
a number of servers. Load balancers are used to increase capacity (concurrent users) and reliability of
applications.
Load-balance or load-balanced (adjective)
Load balance (verb)
Load sharing Distributing the workload between two or more resources. This is sometimes used as a synonym for
load balancing.
LSA Link-state Advertisement.
MLD Multicast Listener Discovery.
MP-BGP Multiprotocol Extensions for BGP.
nCPE Customer-premises equipment is any equipment that is not the property of the network operator and not located
on the customer premises. nCPE refers to leased or subscribed equipment.

2.1. Acronyms and Terms 8


Nuage Networks Glossary, Release 20.10.R10

NETCONF Mechanisms to install, manipulate, and delete the configuration of network devices, operating on top
of a remote procedure call (RPC) layer. The NETCONF protocol uses an XML-based data encoding for the
configuration data and protocol messages.
NFV Network Function Virtualization
NSG Network Services Gateway
NSG-P A Network Services Gateway physical appliance typically deployed at a branch site.
NSG-V A Network Services Gateway virtual appliance typically deployed at a CO or in a DC environment
ODM Original design manufacturer.
OEM Original equipment manufacturer. A company and its products that are packaged and sold by the OEM’s
customers. for example, ASUS makes the Nexus 7 Android tablet that is sold by Google.
O/G Outgoing traffic or data.
O/G Server
An outgoing server.
ONP Open Network Platform. An Intel hardware platform that runs Intel Open Networking Software (ONS).
ONS Open Network Software. Intel SDN software for the Intel Alta network processor-based platforms.
OpenFlow OpenFlow Protocol–See https://www.opennetworking.org/images/stories/downloads/sdn-resources/
onf-specifications/openflow/openflow-spec-v1.3.1.pdf
OpenShift A platform as a service product from Red Hat.
OpenStack Open source software for building private and public clouds. See http://www.openstack.org/
Open-vSwitch (OvS) See http://openvswitch.org/
OSPF Open Shortest Path First is an adaptive routing protocol for IP networks.
OSPFv3 Extends OSPF routing functionality to IPv6.
OvS See Open-vSwitch
OVSDB Open vSwitch Database Management Protocol (OVSDB) is an OpenFlow configuration protocol that is
designed to manage Open vSwitch implementations.
PAT Port Address Translation. See SNAT.
PIM-SM Protocol Independent Multicast Sparse Mode.
Policy group In VSP, the syntactic equivalent of a security group. A policy group is an abstraction in the form of
vPorts used as sources and destinations.
PVID A port virtual identifier or port VLAN identifier.
Quagga See http://www.nongnu.org/quagga/ . A network routing software suite providing implementations of Open
Shortest Path First (OSPF), Routing Information Protocol (RIP), Border Gateway Protocol (BGP) and Interme-
diate System to Intermediate System (IS-IS) for Unix-like platforms, such as GNU/Linux, Solaris, FreeBSD
and NetBSD.
RADIUS Remote Authentication Dial-In User Service. External authentication security protocol used to control
access into networks. See specification is described in RFC 2865 , which obsoletes RFC 2138.
ReST API The Nuage Virtualized Services Directory (VSP) northbound RESTful API.
VSD ReST API The Nuage Virtualized Services Directory (VSD) northbound ReST API.
RIP Routing Information Protocol. A distance-vector routing protocol that uses the hop count as a routing metric.

2.1. Acronyms and Terms 9


Nuage Networks Glossary, Release 20.10.R10

Round-robin See https://en.wikipedia.org/wiki/Round-robin_scheduling . This algorithm sequences traffic to the


next available router, port, or slot as a simple form of load-distribution.
R-VPLS A routed virtual private LAN server.
SA Security association.
SAP Service Access Point.
SDN Software Defined Networking.
SD-VPN Software defined virtual private network.
SD-WAN Software-defined wide-area network.
Security association A policy that governs encryption and encapsulation parameters between a set of IPSec peers
belonging to a specific domain. Multiple domains on a single NSG have different SAs.
Security group A security model provided by Cloud Management Systems where ACLs are defined using security
groups as source and destination matches. The VSP syntactic equivalent is a policy group.
SEK Seed Encryption Key.
Seed Encryption Key (SEK) A symmetric key that is used to encrypt the seed material during transport to the NSG
through the VSD and VSC. The public key of the NSG, which is generated as part of the bootstrap process, is
used by the Key Server to encrypt the SEK. The encrypted SEK is distributed to every NSG. The NSG uses the
SEK to decrypt the seed material.
Seed material that is generated by the KS and transported to NSG with additional attributes. The seed is en-
crypted using the SEK and stored on the KS. The seed material is used by NSG to generate the Traffic Encryption
Key (TEK).
sFlow® An industry standard technology for monitoring high-speed switched networks. It gives complete visibility
into the network usage enabling performance optimization, accounting/billing for usage, and defense against
security threats.
SNAT Source Network Address Translation (SNAT), commonly known as Port Address Translation (PAT), that allows
the exit traffic to be routed directly from the hypervisors hosting the VMs out to the corporate network or
Internet. This eliminates the need for an external gateway and conserves IP addresses.
Spoofing Allows a VM to send traffic with an address (MAC or IP) other than its assigned address.
SR-IOV Single root input/output (I/O) virtualization. A specification that allows the isolation of the PCI Express
resources for manageability and performance reasons.
Stateful A stateful protocol requires keeping the internal state on the server.
Stateless A stateless protocol does not require the server to retain session information or status about each communi-
cating partner for the duration of multiple requests.
Subnets Subnets are defined in a zone. A subnet is a specific Layer 2 subnet within the Domain instance. The
subnet is instantiated as a routed virtual private LAN server (R-VPLS). A subnet is unique and distinct within a
Domain, that is, subnets within a Domain are not allowed to overlap or to contain other subnets in accordance
with the standard IP subnet definitions. In VNS, a subnet is fully owned by an NSG.
TACACS Terminal Access Controller Access-Control System. A remote authentication protocol used to communi-
cate with an authentication server.
TACACS+ Terminal Access Controller Access-Control System Plus for external authentication. A prominent Cisco
security protocol used to control access into networks.
TAF Test Automation Framework.
TEK Traffic Encryption Key.

2.1. Acronyms and Terms 10


Nuage Networks Glossary, Release 20.10.R10

TEP Tunnel End Point.


TLS Transport Layer Security is a protocol that ensures privacy between communicating applications and their users
on the Internet.
Traffic Encryption Key Symmetric encryption keys that are used to encrypt data traffic sent between NSGs. Also
referred to as Enterprise Group Key.
Tunnel-based IPSec Encapsulating Security Payload (ESP)-based implementation that relies on Internet Key Ex-
change (IKE) for authentication, key generation, and distribution.
UDLD Unidirectional Link Detection. In L2, if two devices, A and B, are connected via a pair of optical fibers, one
used for sending from A to B and the other for sending from B to A, the link is bidirectional. If one of these
fibers is broken, the link has become unidirectional. The UDLD protocol detects a broken bidirectional link.
VCIN vCenter Integration Node.
VCS Virtualized Cloud Services is the data center and cloud networking framework of Nuage Networks Virtualized
Services Platform (VSP). It lets you automate the configuration, management and optimization of virtual net-
works, including security services that provide tenant isolation and access controls to individual applications
and workloads.
VFL Virtual Fabric Link. A pair of Nuage 7850 VSGs are physically connected by user ports.
VFL Visual Fault Locator. A tool for testing fiber-optic cables.
VIP A virtual IP address is the dynamic IP address that is shared by farms of servers or appliances, typically for
redundancy or load balancing, where for a specific VIP only one of the servers or appliances is active at any given
time. Normally these servers are resilient (active/standby) appliances with multiple VIPs (virtual or physical).
VNF Virtualized Network Function.
VNS Virtualized Network Services, a Nuage Networks product.
vPorts A new level in the domain hierarchy, intended to provide more granular configuration than at the subnet level,
and also to support a split workflow, where the vPort is configured and associated with a gateway port before the
port exists on the gateway. vPorts are of type Host or Bridge. When a vPort of type Host or Bridge is created and
attached to a subnet, there is a validation check to ensure that the vPort being attached belongs to the gateway
that owns the subnet. If it does not, the attachment is not allowed.
VPN Virtual Private Network.
Virtual Router VNF or SDN virtual routing functionality.
VRS Virtual Routing and Switching (VRS), a Nuage product. See also dVRS .
VRS-G A software gateway, Nuage product. See the 7850 VSG (hardware gateway) user documentation for a detailed
description.
VRRP and Extended VRRP Virtual Router Redundancy Protocol. A computer networking protocol that provides
for automatic assignment of available IP routers to participating hosts. This increases the availability and relia-
bility of routing paths through automatic default gateway selections on an IP subnetwork.
VSA Virtualized Services Aggregator.
VSAP The Nuage Networks Virtualized Services Assurance Platform (VSAP) shows the connections between SDN
overlays and the underlying physical IP network infrastructure. By providing this correlation, VSAP makes it
possible for Enterprise IT to operationalize their highly dynamic and heterogeneous virtual environments.
VSC Virtualized Services Controller, a Nuage product.
VSD Virtualized Services Directory, a Nuage product.
VSG A Nuage Networks hardware gateway (such as the 7850 VSG).

2.1. Acronyms and Terms 11


Nuage Networks Glossary, Release 20.10.R10

VSL Virtual Switch Link.


VNS Virtual Service Node.
VSP Virtualized Services Platform, a Nuage product.
VSS
Nuage Virtualized Security Services is a software-defined security solution that is based on Nuage VSP
platform to help address protection, detection, and operational challenges in cloud, data center, and branch
environments. VSS is a distributed, end-to-end (cloud, DC, branch) software-defined network security,
visibility and security automation solution.
VTEP Virtual Tunnel End Point.
VxLAN Virtual LAN. See http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-02
WRR Weighted round-robin. Adds weighted parameter factoring to round-robin load balancing.
XML-RPC Extended markup language - remote procedure call. An RPC protocol that uses XML to encode its calls
and HTTP as a transport mechanism.
XMPP Extensible Messaging and Presence Protocol.
Zebra A routing software package that provides TCP/IP based routing services with routing protocols support such
as RIP, OSPF and BGP. Zebra is Quagga’s precursor.
Zones Zones are defined under a domain. A zone does not map to anything on the dVRS or on the network directly,
but instead it acts as an object with which policies are associated such that all endpoints in the zone adhere to
the same set of policies.

2.1. Acronyms and Terms 12


CHAPTER

THREE

OPENSTACK PLUGIN TERMINOLOGY

The acronyms and terms described in this section are defined with respect to the Nuage OpenStack plugin. Interpreta-
tions of these definitions in other contexts may not be accurate.
The OpenStack Networking API provides a number of key abstractions to define network connectivity. These abstrac-
tions are mapped to corresponding Nuage VSP constructs by the Nuage Neutron plugin.

Table 3.1: Network Connectivity Abstraction Mapping


OpenStack Corresponding Description
Resource Nuage Construct
Router Domain A collection of subnets interconnected by IP routing. A domain may be
isolated, or have connectivity to the Internet.
Network N/A Within the Nuage VSP, there is a 1:1 mapping between L2 segments and
subnets.
Subnet Subnet A block of IP addresses and associated configuration state.
Port vPort A Neutron port maps to a VSD vPort and a VSD VM interface. When a
Neutron port is created, only the corresponding VSD vPort is created, which
does not have all the Neutron port characteristics. When the corresponding
VM is booted, the plugin includes the Neutron port IP address and MAC
address in the VM Interface created along with the VM on VSD.

OpenStack Acronyms and Terms

AMQP Advanced Message Queuing Protocol.


BGPVPN BGP-based IP VPN networks in OpenStack.
FWaaS Firewall as a service.
Heat Heat is a service to orchestrate composite cloud applications using a declarative template format through an
OpenStack-native REST API.
Horizon Horizon is the canonical implementation of OpenStack’s Dashboard, which provides a web based user in-
terface to OpenStack services including Nova, Swift, Keystone, and so on.
Introspection An auxiliary service for discovering hardware properties for a node managed by Ironic. Hardware
introspection or hardware properties discovery is a process of getting hardware parameters required for schedul-
ing from a bare metal node, given its power management credentials (such as the IPMI address, user name, and
password).
Ironic Ironic is an OpenStack project which provisions bare metal (as opposed to virtual) machines. It may be
used independently or as part of an OpenStack Cloud, and integrates with the OpenStack Identity (Keystone),
Compute (Nova), Network (Neutron), Image (Glance), and Object (Swift) services.

13
Nuage Networks Glossary, Release 20.10.R10

Neutron The OpenStack project to provide “network connectivity as a service” between interface devices (such as
vNICs) managed by other OpenStack services (such as Nova)
Nova The OpenStack project that provides a way to provision Compute instances (virtual servers). Nova supports
creating virtual machines and bare metal servers (through the use of Ironic). Nova runs as a set of daemons on
top of existing Linux servers to provide that service.
OpenStack-managed subnets Subnets provisioned with the OpenStack APIs. When an OpenStack-managed subnet
is created, the Nuage plugin creates the associated resources in the VSD. OpenStack-managed subnets allow
maximum compatibility with the OpenStack APIs.
OpenStack Platform Director The Red Hat OpenStack Platform director is a toolset for installing and managing
an OpenStack environment. It is based primarily on the OpenStack TripleO project. It uses an OpenStack
deployment, referred to as the Undercloud, to deploy an OpenStack cluster, referred to as an Overcloud.
Overcloud OpenStack cluster.
Physnet A physical network.
TCA See Topology Collection Agent.
Tenant An OpenStack project.
Topology Collection Agent A component of the SR-IOV automated topology discovery process, also referred to as
the topology collector.
Topology collector See Topology Collection Agent.
Undercloud An OpenStack deployment.
VLAN-aware VMs The VM or VNF is responsible for tagging and untagging packets with the VLAN ID. Multiple
VLANs can be mapped to a single Virtual Function (VF) of an SR-IOV NIC. However, each VLAN can be
mapped to a separate overlay subnet in VSD.
VLAN-unaware VMs The VLAN tagging and untagging is done by the SR-IOV NIC driver, and the VM or VNF is
agnostic to the VLAN. A single VLAN can be mapped to a single VF of an SR-IOV NIC. Each VLAN can also
be mapped to a separate overlay subnet in VSD.
vNIC Virtual NIC.
VPNaaS
VPN as a service.
VSD-managed subnets
Subnets provisioned using the VSD UI or VSD API. OpenStack subnets are created and associated with
VSD subnets. The VSD-managed subnets leverage the full capabilities of VSD subnets.

3.1. OpenStack Acronyms and Terms 14

You might also like