2. Project Quadra
- PaaS built on Docker
- Python
- Run on EC2, OpenStack, Bare Metal

3. Amazon EC2
- VPC
- direct connect
- extends our internal network
- secondary ip address limitations

4. Overlay network
- GRE
- MTU issues
- EC2 instances with jumbo frame support
CC2, C3, R3, CG1, CR1
G2, HS1, HI1, I2, M3

5. GRE configuration
#ip tunnel del gre1
ip tunnel add gre1 mode gre remote 67.215.78.24 local 10.70.74.187 ttl 255
ip tunnel add gre1 mode gre remote 10.1.1.1 local 10.70.74.187 ttl 255
ip link set gre1 up
ip addr add 10.71.0.2/30 dev gre1
echo 200 quadranet >> /etc/iproute2/rt_tables
ip rule add from 10.71.1.0/24 table quadranet
ip route add default via 10.71.0.1 dev gre1 table quadranet

6. BGP: Border Gateway Protocol
● dynamic routing protocol
● core internet routing protocol
● quagga, bird, exabgp

7. Quagga configuration
router bgp 65535
bgp router-id 10.70.74.187
redistribute kernel
timers bgp 3 20
neighbor 10.71.0.1 remote-as 36692
neighbor 10.71.0.1 prefix-list DOCKER out
neighbor 10.71.0.1 next-hop-self
neighbor 10.71.0.1 route-map anycast-out out
!
ip prefix-list DOCKER seq 5 permit 10.71.1.0/24 le 32
ip prefix-list DOCKER seq 10 deny any
!
route-map anycast-out permit 10
set local-preference 100
set origin igp

11. Docker Networking
- docker0 bridge
- veth interfaces
- 172.17.0.0/16
- iptables nat rules

12. Linux Network Namespaces
# Add the address to the containers loopback interface
ip netns exec "${NSPID}" ip addr add "${GUEST_IPADDR}" dev lo
# Add a route to the host's table for the guest's new IP
ip route add "${GUEST_IPADDR}/32" via "${DOCKER_IPADDR}"

13. DEMO

14. Whats next?
● OSPF?
● fully meshed network
● automated GRE tunnels
● public ip addresses

15. SORRY NO QUESTIONS!!!