Инновации cisco для операторов связи
TRANSCRIPT
Операторы связи
Cisco Club’16
Инновации Cisco для операторов
связи
Денис Коденцев
Инженер-консультант, CCIE
14.12.2016
О чем пойдет речь?
• Развитие BNG на ASR 9000
• Развитие EVPN технологий
• Развитие Segment Routing технологии
• Другие новости
ASR 9000 – 6.0.1+
Развитие BNG
AvgSpeed
YoY Peek Speed
India 3.4Mbps 55% 21Mbps
Global 6.5Mbps 8% 104Mbps
Exhibit 1 : Akamai Report’16
Exhibit 2 : Huffington Post
0
5
10
15
20
25
30
6Mbps 10Mbps 25Mbps
Scale vs Per-Chassis Throughput
128K 256K 512K
Chas
sis
BW T
bps
à
Основные тренды ШПД
CISCO BNG CHASSIS
CAPACITY
ALUBNG
CHASSIS CAPACITY
• The niche market segment of subscribers with > 15Mbps
is growing at a very high rate driving average subscriber
throughput requirements
• Cisco BNG solution leads the industry in providing highest
subscriber density per chassis
• Cisco solution is truly positioned to meet multi-year growth
demands
• Versatility to support on
10G/40G/100G Breakout
options
• Two Traffic Managers
• UIDB’s increased from 16-
bit to 18-bit
• Higher Throughput
• Faster Lookups
• More Memory
Поддержка BNG на картах 3-ого поколения
Without LAG support (Session hosted on LC)
With LAG Support (Session hosted on RP)
Session Type 6.1.1 (2017)
IPv4 Only sessions (PPPoE + IPoE) 256k 512k
IPv6 Only sessions (PPPoE + IPoE) 128k 512k
Dual Stack sessions (PPPoE + IPoE) 128k 384k
Sessions/LC ( Min 2 x NPU) 64k 128k
Sessions/NPU/Port / 1 NPU Linecard 32k 64k
CPS (N: Number of LC) N x 200 600
DHCP 256k 512k
Session Type 6.1.1 (2016-2017)
IPv4 Only sessions (PPPoE + IPoE) 128k 192k
IPv6 Only sessions (PPPoE + IPoE) 96k** 128k
Dual Stack sessions (PPPoE + IPoE) 96k** 128k
Sessions/LC (Min 2 x NPU) 64k 128k
Sessions/NPU/Port / 1 NPU Linecard 32k 64k
CPS 150 300
DHCP 128k 128k
Target for Dense SP Agg(10G/100G)
Skywarp (NCS 5001/5002)
NCS 5000 как сателит
MC-LAG on the Host
NCS5k
CE
NCS5k
ICCP
ASR9K BNG
ASR9K BNG
nV Dual Head for BNG
Access
NCS5kCE ICCP
ASR9K BNG
ASR9K BNG
• High Availability
• Huge 10GE/100GE Fan-out toward
DSLAM
• Single-Chassis-like look&feel and
Management of Cluster Members
and Satellite
• Satellites appear like ASR 9000
Linecards
• Simplified topology, No Spanning
tree/MC-LAG or other L2
redundancy protocols needed
Advanced SW Licenses
“Consumption Model” для BNG
Commons:
Fans, Power, Chassis,
Fabric, RP, IOS-XR RTU
Linecards:
Reduced
Price
Same
Price as
Today
Foundation Software
Metered Per
10G/100G Port
Hardware1 Foundation SW2 Advanced SW Licenses3
BNG License
Optional
Advanced SW
(also per port)
Smart Software Licensing
Smart Call Home
Transport Gateway
Or Smart Licensing
Satellite
Netw
ork
Depl
oym
ent
Cisco Commerce
Workspace
Cisco
Smart
Software
Manager
Place Order
Manage Licenses
Usage ReportingCisco Smart
SoftwareManager
Cisco.com Portal
ASR 9K
Routers
How it works…
1
3
Activate and Use
Software
2
Cisco Software UsageLicense
Name
Usage
L2VPN
L3VPN
nV Satellite
Optical
BNG
How many I am using?
How many do I own?
Exceeded number of
L3VPN licenses owned!
ASR9K BNG cегодня
Topology independent
Geo-Redundancy
Residential, Enterprise,
FMC, MLLLowest TCO
nV Support
LC Based Subscribers
9001 to 9922
A Solution for every need
XR BNG
Highest Density
BNG on Tomahawk, Powerglide LC’s
Skywarp as Satellite
M:N Geo-Red Active/Active Solution
Geo-Red for LC subscribers
Geo-Red Warm Standby
BNG Most Resilient
True PAYG
Network-Wide Licenses
Hardware Consumption Model
Programmable
Data Modelling Support
Telemetry driven analytics
Network-wide manageability
PCRF
PMIPv6
RADIUS
NASREQ
250+ Customers, 70 Million+ Subscribers
Публичные анонсы о BNG на базе ASR9000
(1) MTS Belarus
http://www.telegeography.com/products/commsupdate/articles/2013/10/10/mts-belarus-kicks-
off-implementation-of-ipv6-in-its-ethernet-network/
(2) Antel Uruguay
• http://newsroom.cisco.com/press-release-
content?type=webcontent&articleId=1438313&utm_source=Email
ASR 9000 - 6.0.0+
Aggregated Bundle QoS
Cisco Confidential 12© 2013 Cisco and/or its affiliates. All rights reserved.
• In pre-6.0 IOS-XR releases, when a QoS policy-map is applied to a bundle interface,
the policy is replicated to all active and non-active members of that bundle.
• Any percentage based configuration is resolved to nominal values by using the
bundle-member bandwidth as the reference rate.
• Above example policy will be applied to each member of the bundle, therefore traffic
will be shaped to 135 mpbs instead of the desired 45 mbps.
• A solution would be to configure 45/3=15 mbps in the policy-map. But this would lead
to a too low shaping rate in case a bundle member fails. So this is also not an option.
Aggregated Bundle QoSОграничения предудыщей модели QoS на LAG интерфейсах
policy-map example interface GigabitEthernet0/0/0/0class class-default bundle id 1shape average 45 mbps interface GigabitEthernet0/0/0/1
! bundle id 1interface Bundle-Ether1 interface GigabitEthernet0/0/0/2service-policy output example bundle id 1
Cisco Confidential 13© 2013 Cisco and/or its affiliates. All rights reserved.
• With IOS-XR 6.0, we introduce an Aggregated Bundle-QOS mode.
• In this mode, the following parameters are divided by the weighted number of active
bundle-members before they get applied to each bundle-member:
• shape rate
• bandwidth value
• police rate
• burst size (no change if value is in time units)
• WRED/queue-limit threshold (no change if value is in time units)
• In case the number of active bundle-members is changing (link up/down or manual
addition/removal of bundle-member), those values will be immediately adjusted.
• As a result, well load-balanced traffic is always shaped/ratelimited to the intended
rate, irrespective of the number of active bundle-members at that time.
• In case of unequal bandwidth members, the link bandwidth ratio will be incorporated.
Aggregated Bundle QoSПреимущества новой модели QoS
Cisco Confidential 14© 2013 Cisco and/or its affiliates. All rights reserved.
• Enable Aggregated Bundle-QoS mode:
• Disable Aggregated Bundle-QoS mode:
• These commands take effect chassis-wide.
• When Aggregated Bundle-QoS mode is enabled or disabled, the QoS policies on
all bundle-members are modified automatically.
• No linecard reload required!
Aggregated Bundle QoSКонфигурация
hw-module all qos-mode bundle-qos-aggregate-mode
no hw-module all qos-mode bundle-qos-aggregate-mode
Cisco Confidential 15© 2013 Cisco and/or its affiliates. All rights reserved.
• Supported hardware
• Trident linecards
• Typhoon linecards
• Tomahawk linecards
• Not supported on SIP-700
• Supported interface types
• Bundle Main interface
• Bundle Sub-interface
• Not supported on SVLAN
• Not supported on subscriber interfaces
Aggregated Bundle QoSПоддержка
ASR 9000 - 6.0.0+CGN - VSM static source NAT
Обзор• Static source NAT is mapping (1:1) between a given private source IP, port number to a given
public source IP, port number.
• I2O or O2I should work for static source 1:1 NAT irrespective of who triggered the traffic first.
• This Enhancement is for ASR9K – VSM only.
• ALG FTP is not supported with static source NAT.
Обзорпродолжение…….
Two variations to be supported:
a) naptstatic-mapping i2o-src 192.168.1.100,100.0.1.1,80,88
This would nat source ip address (192.168.1.100: source port number 80) of the
in-to-out packet to ip address 100.0.1.1: source port number 88
b) natstatic-mapping i2o-src 192.168.1.200 100.0.1.10
This would nat source ip address (192.168.1.200: source port number x) of the
in-to-out packet to ip address 100.0.1.10: source port number x
In this case complete public ip address 100.0.1.10 gets reserved for
192.168.1.200.
Настройка
RP/0/RSP1/CPU0:DEEPA#sh run service cgn cgn1
service cgn cgn1
service-location preferred-active 0/3/CPU0
service-type nat44 nat11
port limit 65535
dynamic-port-range start 65534
inside-vrf red
map outside-vrf blue address-pool 100.1.1.0/24
static-mapping-file direction i2o-src /disk0:/trans10.csv
Обзорпродолжение…….
• Sample format for CSV MAP file:
1)<gsr-india02-lnx:/auto/tftp-blr-users2/gudhayak:>cat trans5.csv
20.1.1.2,100.1.1.2
20.1.1.3,100.1.1.3
20.1.1.3,100.1.1.3,5000,8000
2)<gsr-india02-lnx:/auto/tftp-blr-users2/gudhayak:>cat trans1.csv
20.1.1.2,100.1.1.2
20.1.1.3,100.1.1.3
Проверка работы
RP/0/RSP1/CPU0:DEEPA#show cgn nat44 nat11 static-map i2o-src inside-vrf red forward staticnat-
address 20.1.1.3
-----------------------------------------------------------------------------------------------
NAT44 instance : nat11
VRF name : red
------------------------------------------------------------------------------------------------
Address: Port Mapped Address: Port I2O Packet Count O2I Packet Count
------------------------------------------------------------------------------------------------
20.1.1.3:17767 100.1.1.3:9158 0 0
20.1.1.3:34299 100.1.1.3:42281 0 0
EVPNновое поколение технологий для L2VPN
Обзор L2VPN
802.1ah
PBB802.1ad
qinq
802.1ad
qinq
802.1Q
802.1Q802.3
802.3
.1ad/qinq:
High VLAN scale
.1ah: High VLAN
and MAC scale
L2 over MPLS
EoMPLS, VPLS
L2 over IP
L2TPv3
L2 over MPLS
E-VPN/PBB-EVPN
L2 over IP
OTV
L2VPN: MAC RoutingL2VPN: P2P or MP
MAC Bridging
L2VPN Technologies
Native L2 Bridging Technologies
VXLAN
Overlay
NV-GRE STT
DC Overlay
VPLS – принципы и ограничения
24
VPLS full mesh
PEPEPE1
PE2
VFI
VFI
VFI
VFI
PE4
PE3
MAC:
A
MAC:
BNot Scale
Full mesh PWs
Non-optimized forwardingPer-VLAN vs. Per-flow LB
Single path vs. Multiple paths
CE multi-homingPer-VLAN vs. Per-flow LB
Complex provisioning
Build L2 tunnel (PW) over MPLS, follow the same
forwarding rules as native L2 bridging
• Initial Flooding and Learn MAC in Data Plane
• Packet Forwarding based on L2 MAC Table
• MAC Aging and Withdrawal
• Loop Prevention
• Split Horizon to avoid loop
• Require full mesh of PWs (or use H-VPLS)
Data Center Interconnect requirements not fully addressed by current L2VPN technologies
Требования к современному L2VPN
Ethernet Virtual Private Network (E-VPN) and Provider Backbone Bridging EVPN (PBB-EVPN) designed to address these
requirements
§ All-active Redundancy and Load Balancing
§ Simplified Provisioning and Operation
§ Optimal Forwarding
§ Fast Convergence
§ High Scalability: MAC, VLAN, PW
Network and Services Evolution with Cisco EVPN
EVPN L3
IPVPN
Services
Ethernet
L2VPN
Services
VPLS, EoMPLS for L2 Services over MPLS
IPVPN
Services
Ethernet
L2VPN
Services
L2VPN L3VPN
EVPN
BGP VPN
VPLS
L2 and L3 Services
One Control Plane à EVPN
Common policies Operation à BGP
Control Plane: LDP, BGP
Service Plane: VPLS, EoMPLS
Data Plane Learning
Control Plane: BGP
Service Plane: MP-BGP
Separate Operation, Control plane
• Next generation solution for Ethernet
multipoint connectivity services
• Learning on PE Access Circuits via
data-plane transparent learning
• PEs run Multi-Protocol BGP to advertise & learn MAC addresses over Core
• No pseudowires• Unicast: use MP2P tunnels
• Multicast: use ingress replication over MP2Ptunnels or use LSM
• Under standardization at IETF – draft-ietf-l2vpn-evpn
Ethernet VPNОбзор
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
VID 100SMAC: M1DMAC: F.F.F
BGP MAC adv. RouteE-VPN NLRIMAC M1 via PE1
Data-plane address learning from Access
Control-plane address advertisement / learning over Core
• Combines Ethernet Provider Backbone
Bridging (PBB - IEEE 802.1ah) with Ethernet
VPN
• PEs perform as PBB Backbone Edge Bridge (BEB)
• Reduces number of BGP MAC advertisements
routes by aggregating Customer MACs (C-
MAC) via Provider Backbone MAC (B-MAC)
• Addresses virtualized data centers with C-MAC count
into the millions
• PEs advertise local Backbone MAC (B-MAC)
addresses in BGP
• C-MAC and C-MAC to B-MAC mapping learned in
data-plane
• Under standardization at IETF – draft-ietf-l2vpn-pbb-evpn
PBB Ethernet VPNОбзор
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
B-MAC:B-M1 B-M2
B-M2
BGP MAC adv. RouteE-VPN NLRIMAC B-M1 via PE2
B-MAC:B-M1
Control-plane address advertisement / learning over Core (B-MAC)
Data-plane address learning from Access• Local C-MAC to local B-
MAC binding
Data-plane address learning from Core• Remote C-MAC to remote
B-MAC binding
Сравнение реализаций L2VPN
29
Requirement VPLS PBB-VPLS E-VPN PBB-EVPN
Multi-Homing with All-Active ForwardingVLAN Based Load-balancing CE-to-PE � � � �
Flow Based Load-balancing CE-to-PE x x � �
Flow Based Load-balancing PE-to-PE x x � �
Flow Based Multi-Pathing in the Core � � � �
MAC ScalabilityScale to Millions of C-MAC Addresses x � x �
Confinement of C-MAC entries to PE with active flows � � x �
MAC Summarization x x � �
MAC Summarization co-existence with C-MAC Mobility x x x �
Flexible VPN PoliciesPer C-MAC Forwarding Control Policies x x � x
Per-Segment Forwarding Control Policies x x � �
ASR 9000 – 6.0.1+
EVPN VPWS
EVPN VPWS• xEVPN is next generation solution for Ethernet services
• Relies on BGP control-plane for Segment / MAC
learning reachability among PEs
• Same principles as L3VPNs
• Benefits of xEVPN solutions
• No signaling of PWs. Instead signals MP2P LSPs
instead (ala L3VPN)
• All-active CE multi-homing (per-flow LB)
• Solution for P2P services uses a subset of EVPN
routes
• i.e. Per-EVI Ethernet Auto-Discovery route
• Handles double-sided provisioning with remote PE
auto-discovery
• draft-boutros-l2vpn-evpn-vpws
31
xEVPN
EVPN PBB-EVPNEVPN-VPWS
E-LINE E-LAN
EVPN VPWS
• Introduced on ASR 9000 with IOS XR release 6.0.1
• Supported on ASR9000 Typhoon and Tomahawk line cards
• Support for Single Home (SH) only.
• Multi-Home support planned for later release. Consult the roadmap for
more information.
• Reference: See IETF draft at http://www.ietf.org/id/draft-ietf-bess-evpn-
vpws-03.txt
EVPN VPWS – сценарий single-homed
33
MPLS
PE1CE1
PE2CE2
PE 1 Eth A-D Route
RD = RD-1aESI = ES1
Eth.Tag ID = AC1 Label (e.g. X)
RT ext. community
RT-a
PE 2 Eth A-D Route
RD = RD-2aESI = ES2
Eth.Tag ID = AC2Label (e.g. Y)
RT ext. community
RT-a
PE1 RIB
VPN MAC ESI Eth.TAG
RT-a - ES2 AC2
Path List
NHPE2
ES1 ES2
RT – RT associated with a given EVI
RD – RD unique per adv. PE per EVI
MPLS Label – (downstream assigned) used by remote PEs to reach segment
ESI – 10 bytes ESI as specify by EVPN Ethernet segment IETF draft
VPWS Service Config:EVI = 100Local AC ID = AC1Remote AC ID = AC2
VPWS Service Config:EVI = 100Local AC ID = AC2Remote AC ID = AC1
1
ES2 – Since CE2 is single homed to PE2, ES2 = 0
Eth.Tag ID – 4-bytes local AC-ID
PE2 RIB
VPN MAC ESI Eth.TAG
RT-a - ES1 AC1
Path List
NHPE1
2
3
4
5 6
EVPN VPWS настройка (SHD)
PE1
interface Bundle-Ether1.777 l2transportencapsulation dot1q 777rewrite ingress tag pop 1 symmetric
l2vpnxconnect group XG-POD1p2p XC-POD1-EVPN-VPWS-777interface Bundle-Ether1.777neighbor evpn evi 1000 target 100 source 200
router bgp 64bgp router-id 1.100.100.100address-family l2vpn evpn!neighbor 2.100.100.100remote-as 64update-source Loopback0address-family l2vpn evpn
PE1
CE1MPLSCore
Bundle-Eth1.777XC neighbor command
with local and remote AC-IDs
BGP configuration with new EVPN AF
MINIMAL
Configuration
Auto RT for EVIAuto RD for EVI
Note: MPLS / LDP configuration required on core-facing interfaces (not shown)
EVPN-VPWS – детали энкапсуляции на PE
DASA
E-type (802.1q 0x8100)C-VID
Payload E-Type
Payload
EVPN MPLS label
Control Word
Customer Frame
P2P
EVI aaa
EVPN Forwarder
DA (NH router)SA
E-type (MPLS 0x8847)PSN MPLS label
EVPN MPLS labelControl Word
Customer Frame
4B
4B
4B
MPLSEthernetAccess
Traffic Direction
35
Pseudowire Head End (PW-HE) with EVPN VPWSIOS XR 6.1.1+
VLAN
VLAN
VLAN
VPLSInternet
VRF
H-QOS
BFD
ACL
Netflow
MAC Sec
Storm CTL
VLAN rewrite
uRPF
EVPN VPWS PWPWHE virtual interface
Time To MarketOPEX CAPEX
Less Touch-points Single Service
Management Point
Converged Transport PE and ESERSimplified
Access/Aggregation
Virtual Service
Interface
Access Edge
L2VPN
L3VPN
Services
Развитие EVPN DCI в IOS XR 6.1.1
• EVPN VxLAN L2 GW (L2 fabric integration)
• EVPN control plane for VXLAN Fabric
• EVPN MPLS (L2 DCI support)
• Layer 2 gateway forwards intra subnet traffic towards DC
• EVPN ESI Multi-Path
• All Active Ethernet segment
• Anycast gateway for VXLAN
• OPFLEX support for GOLF (Giant Overlay Fabric)
• Framework to distribute DCI policy model from ACI Spines to the ASR9000 DCI
gateway
Cisco EVPN Одна технология для всех типов VPN
Network efficiencyEasier Provisioning Opex SavingCommon policiesCommon Operation
EVPN L3
One VPN for L2 and L3 Services
Ethernet Services
IP Services
IPVPN
Services
Ethernet
L2VPN
Services
EVPN a common Services Platform
Unified L2 and IP VPN Services
Single Control Plane
Common EVPN operation,
troubleshooting and provisioning
E-Line and E-LAN Services
EVPN L2
IPVPN Services
EVPN L3
One VPN
EVPN L2
Обзор Segment Routing
Основы Segment Routing§ Информация о сегментах пересылки (forwarding state) формируется и распространяется
IGP
•Протоколы LDP и RSVP-TE не нужны!
•Работает с любым протоколом: IPv4, IPv6 or MPLS
§ В сетях MPLS внедрение SR не требует никаких изменений
•push, swap и pop: все что нам нужно
•segment = label
§ Source Routing
•Первый узел “программирует” путь как метку или стек сегментов
•Два типа сегментов: node и adjacency (узел и сегмент/соединение)
40
Что изменяется?
IPv4 IPv6 IPv4 VPN
IPv6 VPN VPWS VPLS Ничего не меняем
MPLS-сервисы (Control Plane и Forwarding)
MPLS – forwarding plane
LDP
MPLS ForwardingLabel / Label Stack + Push/Pop/Swap
RSVP BGP Static IS-IS OSPF
Ничего не меняем
Все изменения здесь
MPLS – control plane
Segment Routing – Базируется на ISIS/OSPF
• ISIS автоматически строит и обслуживает сегменты
• Nodal: кратчайший путь до узла (shortest path)
• Adjacency: конкретное соединение (one-hop)
42
A B C
M N O
Z
D
P
Nodal segment to C
Nodal segment to Z
Adj Segment
Nodal segment to C
Комбинирование сегментов
§ Source Routing:
•Высокая гибкость при комбинировании меток
•Маршрут ABCOPZ можно закодировать стеком из 3-х SR меток
A B C
M N O
Z
D
P
Pop 9003
Packet to Z
65
9003
Packet to Z
65
Packet to Z
Packet to Z
65
Packet to Z
65
9003
72
Packet to Z
65
9003
72
7272
65
65
43
Масштабируемость SR-TE
• Размер forwarding-таблиц зависит только от
• Nodes + Adj и не зависит от количества
• TE-тоннелей
• N+A vs N^2 N: # количество узловA: # количество интерфейсов
Centralized Traffic Engineering
FULL66
6568
Нет per-tunnel state на mid-point à можно перейти к tunnel per-application
ECMP + Explicit routing à позволяет уменьшить количество TE tunnels
Не нужно программировать mid-point à проще контролировать сеть
Tunnel AZ onto {66, 68, 65}
Cisco WAVE
App App App
API
BGP-LS, Netconf, SNMP
Критика Segment Routing
Проблема: HW ограничения глубины стекаВ большинстве случаев для TE достаточно 2-3 сегментаДля NG NPU глубина стека >10 меток
Проблема: Segment routing TE не учитывает ресурсыЭто так, но для этого есть контроллер
Cisco Confidential 47© 2013 Cisco and/or its affiliates. All rights reserved.
Зачем вообще нужен IPv6SR?
• MPLS SR do allow to express explicit path (express policy), native IPv4 don’t.
• MPLS SR doesn’t allow summarization (scale issue), native IPv4 does.
• Running out of IPv4 addresses
• IPv6SR fix all J• - Does allow to express policy, does summarization, does ECMP LB, and plenty of unreserved IPv6 addresses
• Why summarization is important ?
- Network growing on average 100% every 18 months, meaning will be 16 times bigger in next 6 years.
- MPLS can’t scale for tomorrow networks, will hit scale limit in next 5 years.
Текущий статус Segment Routing
Cisco Confidential 49© 2013 Cisco and/or its affiliates. All rights reserved.
Поддержка SR на платформах
ASR1000 / ISR400 / cBR8
ASR9000NCS6000 CRS-3 / CRS-X
ASR900
NCS5000
NCS5500
NEXUS 9000
FD.io
CSR1000v
IOS classic
IOS XR NexOS
Linux
XRV-9000
Cisco Confidential 50© 2013 Cisco and/or its affiliates. All rights reserved.
Фаза 1 Фаза 2
• MPLS SR baseline
• MPLS Control Plane plane simplification
• Automated 50ms convergence
• SR-TE policies
- Distributed & Centralized
- Low Latency path
- Disjoint path
- Avoiding specific path
- Capacity optimization
• Basic operation tooling (OAM+BFD)
• SR-TE for dynamic / automatic WAN/CE/DC
policies
- Bandwidth auto-measurement
- Delay/Drop performance management
- On demand LSP for L3VPN & L2VPN
• Operation excellence
- Advance OAM, MP tree discovery
- Error detection (example: consistency check)
- YANG
• IPv6 SR
- Initial development to address well defined use-cases
(Comcast & Conduit).
Архитектура Agile Carrier Ethernet (ACE)
SR PCE
• Multi-domain topology
•Realtime reactive feed via BGP-LS/ISIS/OSPF from multiple domains
•Including ip address and SID
• Multi-domain path compute with TE optimization and constraint
•SRTE algorithms (see later)
vPE120001
ToR20002
Spine20003
DCI117001
LSR17002
AGG116001
LSR16002
AGG216003
vPE220001
ToR20002
Spine20003
DCI218001
LSR18002
DC A1 METRO A METRO BWAN DCB2
BGP-LS - Multi-Domain Topology
SR PCESTATEFUL PATH COMPUTE with TE optimization
and constraint
NSO
Seamless MPLS vs. Agile Carrier Ethernet
Seamless / Unified MPLS Agile Carrier Ethernet
Separation into IGP Domains Yes Yes
Transport Path E2E Yes Yes
Intra-Area Path Provisioning IGP/LDP IGP with Segment Routing
Inter-Area Path Provisioning BGP-3107 (only best effort) Dynamic (ODN) PCE + Attributes/SLA
Service Provisioning BGP & T-LDP Programmed - Netconf/YANG & BGP
Redundancy LFA/R-LFA TI-LFA
Traffic Engineering RSVP TE (5% adoption, mostly FRR) SR TE (simple, stateless, scalable)
Application Engineered Routing N/A Yes (through SDN Controller)
https://tools.ietf.org/html/draft-filsfils-spring-large-scale-interconnect-01
ACE
Core
Metro1
Metro2
A B
GW21 1002
GW221002
GW11 1001
GW121001
NSO
A1
CE1 CE2
GUI/CLI/RESTService (L2/L3VPN) + SLA
NSO:
1. Creates L2/L3 VPN2. Creates SR Tunnel InterfaceDestination = B
SLA „tag“ (e.g. 1)
PCE IP
3. Creates static route to Tunnel
ACE – PCE with static SR-TE Tunnels
ACE
192.168.0.1
Sid 16010
192.168.0.4
Sid 16040
PCE
BGP-LS
L2/L3VPN
Развитие Segment Routing
Static SR-TE – ASR9K (6.0.0+) ACE Architecture
2
CPE2
Anycast GW1SID: 1001
1.1.1.1/32, SID: 101 2.2.2.1/32, SID: 201
Anycast GW2SID: 2002
ip route 2.2.2.1 sid-list {1001, 201} ip route 1.1.1.1 sid-list {2002, 101}
ACE1
ACE2
Agg/PE
1
Agg/PE
1
101
3
PE
PEbackbone
Metro area 1 Metro area 2
PE
PE
Agg/PE
2
Agg/PE
2
201CPE1
BGP-RR
BGP-LU
Tail-f NCS
• Agg/PE redistribute local metro prefixes into BGP
• All Agg/PE and L3 PE learn all metro prefixes via BGP-LU
• Access nodes only learn prefixes in the same metro area: single IGP process, shortest path forwarding
• For inter-metro LSP, NCS provisioning SID-list: {local anycast GW, remote node}
SR label stack {1001, 201} 3107 {LDP to PE2, BGP label: 201} SR {201}
SR Label stack as Static Route
• Simple and direct configuration
ip route 2.2.2.1 sid-list {1001, 201}
• If SID list contains large number of labels or if same list is to be used for considerable number of static routes, define an explicit path with labels and associate the path with routes.
On System Configuration Example
explicit-path name fooindex 1 next-label 17001index 2 next-label 18001index 3 next-label 18005
……….
router static
address-family ipv4 unicast
1.1.1.1/32 32 segment-routing mpls path name foo
Подводя итог
• BNG для ASR 9000 – продолжает успешно развиваться!
• EVPN – новая универсальная VPN технология уже доступная
для использования на большинстве моделей Cisco!
• Segment Routing – MPLS нового поколения доступная уже
сегодня!
Клуб Cisco
Есть вопросы по приобретению оборудования Cisco?
8 800 700 05 22
Благодарим за участие
Cisco CiscoRu CiscoRussia CiscoRu