sdn-enabled carrier ethernet - · pdf filesolution technical marketing engineer: jiri...
TRANSCRIPT
Solution Technical Marketing Engineer: Jiri ChaloupkaArchitect and project lead: Dennis Cai
Released: 04/2016
ACE ArchitectureSDN-enabled Carrier Ethernet
ACE: Agile Carrier Ethernet
2© 2016 Cisco and/or its affiliates. All rights reserved.
• Large scale à Operational simplicity is the key, low OPEX and CAPEX
• Differentiate the service à Optimized Routing and Application-aware, network slicing (5G)
• Rapid service deployment à Fully programmable and automation
• Strict service SLA: QoS, HA• Network is simple à low OPEX and CAPEX, de-protocols
Key Characters/Requirements of the CE Network
Ultimate Goal: Simple, fully programmable, application-aware
3© 2016 Cisco and/or its affiliates. All rights reserved.
eBGPIPv4+label
eBGPIPv4+label CSG
CSG
CSGFAN
FAN
FAN
CN-RR
RR
iBGPIPv4+label
MTG
MTG
iBGPIPv4+label iBGP
IPv4+labeliBGP
IPv4+label
iBGPIPv4+label
PANInline RR
ç next-hop-self è
PANInline RR
ç next-hop-self è
CN-ASBRç next-hop-self è
CN-ASBRç next-hop-self è
RR
AGN-RR
RR
AGN-RR
AS-B AS-A AS-C
AGN-ASBRç next-hop-self è
AGN-ASBRç next-hop-self è
Core NetworkIS-IS L2
Fixed Access NetworkIS-IS L1
Aggregation NetworkIS-IS L2
Aggregation NetworkIS-IS L2
Mobile Access NetworkIS-IS L1
LDP LSP LDP LSP LDP LSP LDP LSP LDP LSP
iBGP Hierarchical LSP iBGP Hierarchical LSPiBGP Hierarchical LSPeBGP LSP eBGP LSP
AGN-SE
Unified MPLS Transport Model Baseline
4© 2016 Cisco and/or its affiliates. All rights reserved.
Carrier Ethernet with Open Segment RoutingAutonomic, Self-protected Transport
Service protocols
Transportprotocols
SRBGP
SDN
5© 2016 Cisco and/or its affiliates. All rights reserved.
Applications
CLIs
Applications
APIs
APIs
Router
Apps
Router
Apps
Controller/Orchestration
Unified IP/MPLSACE (baseline)
What’sACE(AgileCarrierEthernet)?
Transport:Segment Routing
Service:BGP/EVPN + static PW
NSO WAE/PCE EPN-M
Simplified control plane (distributed on router)Centralized management and policy control
https://tools.ietf.org/html/draft-filsfils-spring-large-scale-interconnect-01
6© 2016 Cisco and/or its affiliates. All rights reserved.
Segment Routing
• Source Routing• the source chooses a path and encodes it in the packet header as an ordered list of
segments• the rest of the network executes the encoded instructions
• Segment: an identifier for any type of instruction• forwarding or service
• In this presentation: IGP-based forwarding construct
7© 2016 Cisco and/or its affiliates. All rights reserved.
Segment Routing – Forwarding Plane
• MPLS: an ordered list of segments is represented as a stack of labels• Segment Routing re-uses MPLS data plane without any change• Segment represented as MPLS label• Applicable to IPv4 and IPv6 address families
8© 2016 Cisco and/or its affiliates. All rights reserved.
Segment Routing
• Source Routing• the source chooses a path and encodes it in the packet header as an ordered list of
segments• the rest of the network executes the encoded instructions
• Segment: an identifier for any type of instruction• forwarding or service
• In this presentation: IGP-based forwarding construct
9© 2016 Cisco and/or its affiliates. All rights reserved.
IGP Prefix Segment
• Shortest-path to the IGP prefix• Equal Cost MultiPath (ECMP)-aware
• Global Segment• Label = 16000 + Index
• Advertised as index
• Distributed by ISIS/OSPF
1 2
3 4
516005
16005
16005
16005
16005
16005
160051.1.1.5/32
All nodes use default SRGB16,000 – 23,999
10© 2016 Cisco and/or its affiliates. All rights reserved.
IGP Adjacency Segment
• Forward on the IGP adjacency• Local Segment• Advertised as label value• Distributed by ISIS/OSPF
1 2
3 4
524024
24025Adj to 5
Adj to 4
All nodes use default SRGB16,000 – 23,999
11© 2016 Cisco and/or its affiliates. All rights reserved.
Combining IGP Segments• Steer traffic on any path through
the network• Path is specified by list of
segments in packet header, a stack of labels
• No path is signaled• No per-flow state is created• Single protocol: IS-IS or OSPF
1 2
3 4
5
16004 24045
1600424045
Packet to 5
24045Packet to 5
All nodes use default SRGB16,000 – 23,999
12© 2016 Cisco and/or its affiliates. All rights reserved.
TI-LFA – double-segment example• To steer packets on the TI-LFA backup path:
“forward the packet on interface to R5 and push the segments {prefix-SID(R4) and adj-SID(R4-R3)}”
P-space Q-space
Default metric: 10
5
21
A Z
R3R4 34Packet to Z
prefix-SID(Z)
Packet to Z
Packet to Zprefix-SID(Z)
adj-SID(R4-R3)prefix-SID(R4)
Packet to Zprefix-SID(Z)
adj-SID(R4-R3)
1000
Packet to Zprefix-SID(Z)
13© 2016 Cisco and/or its affiliates. All rights reserved.
Applications
CLIs
Applications
APIs
APIs
Router
Apps
Router
Apps
Controller/Orchestration
Unified IP/MPLSACE (baseline)
What’sACE(AgileCarrierEthernet)?
Transport:Segment Routing
Service:BGP/EVPN + static PW
NSO WAE/PCE EPN-M
Simplified control plane (distributed on router)Centralized management and policy control
https://tools.ietf.org/html/draft-filsfils-spring-large-scale-interconnect-01
14© 2016 Cisco and/or its affiliates. All rights reserved.
xEVPN Business Advantages• All-Active (per-flow) access load-balancing• Fast convergence (link / node / MAC moves)
Business Continuity Service Robustness
• Control-plane (BGP) learning in the Core. PWs no longer used• Scalability of IP VPN. MAC address scalabilityDesigned to Scale
• Per-flow and per-service access load-balancing• PE load-balancing (BGP multi-pathing). Access / core ECMPCapEx Optimization
• Peer PEs auto-discovery. Redundancy group auto-sensing• Operational consistency with L3 IP VPN
Ease of Provision and Operation
• Support existing and new service types (E-LAN, E-Line, E-TREE, VLAN-aware bundling)Service Flexibility
• Open standard• Multi-vendor supportInvestment Protection
15© 2016 Cisco and/or its affiliates. All rights reserved.
EVPN - RFCs/Drafts
16© 2016 Cisco and/or its affiliates. All rights reserved.
VPWS
VPWS Signaling• LDP-based (RFC 4447)• BGP-based (informational draft)
• draft-kompella-l2vpn-l2vpn
VPWS with LDP-signaling and No auto-discovery
• Most widely deployed solution• Auto-discovery for point-to-point
services not as relevant as for multipoint
Discovery and Signaling Alternatives
16
ManualNo Auto-
Discovery
Border Gateway Protocol (BGP)
StaticNo Signaling BGP
Label Distribution
Protocol (LDP)
VPN Discovery
Signaling
Most widely deployed
17© 2016 Cisco and/or its affiliates. All rights reserved.
VPLSVPLS Signaling
• LDP-based (RFC 4762)• BGP-based (RFC 4761)
VPLS with LDP-signaling and No auto-discovery
• Most widely deployed solution• Operational complexity for larger
deployments
BGP-based Auto-Discovery (BGP-AD) (RFC 6074)
• Enables discovery of PE devices in a VPLS instance
Discovery and Signaling Alternatives
17
ManualNo Auto-
Discovery
Border Gateway Protocol (BGP)
StaticNo Signaling BGP
Label Distribution
Protocol (LDP)
VPN Discovery
Signaling
Most widely deployed RFC
6074
RFC4761
18© 2016 Cisco and/or its affiliates. All rights reserved.
Next-Generation Solutions for L2VPNSolving VPLS challenges for per-flow Redundancy
• Existing VPLS solutions do not offer an All-Active per-flow redundancy
• Looping of Traffic Flooded from PE
• Duplicate Frames from Floods from the Core
• MAC Flip-Flopping over Pseudowire• E.g. Port-Channel Load-Balancing does not
produce a consistent hash-value for a frame with the same source MAC (e.g. non MAC basedHash-Schemes)
PE1
PE2
PE3
PE4
CE1 CE2
Echo !
PE1
PE2
PE3
PE4
CE1 CE2Duplicate !
M1
M1
M2
PE1
PE2
PE3
PE4
CE1 CE2MAC
Flip-Flop
M1 M2
19© 2016 Cisco and/or its affiliates. All rights reserved.
What is EVPN?• EVPN family introduces next generation
solutions for Ethernet services• BGP control-plane for Ethernet Segment
and MAC distribution and learning over MPLS core
• Same principles and operational experience of IP VPNs
• No use of Pseudowires• Uses MP2P tunnels for unicast• Multi-destination frame delivery via ingress
replication (via MP2P tunnels) or LSM
• Multi-vendor solutions
• Cisco is author of most RFCs/Drafts
EVPN-VPWS
P2P Multipoint
EVPN PBB-EVPN
EVPN RFC 7432
RFC 7623draft-ietf-bess-evpn-vpws
RFC 7432
20© 2016 Cisco and/or its affiliates. All rights reserved.
EVPN – Ethernet VPNControl Plane/Data-plane separation
Control-Plane
EVPN(MP-BGP)
RFC7432
Data-Plane
Multi-Protocol Label Switching (MPLS)RFC7432
Provider Backbone Bridges(PBB+MPLS)
RFC7623
Network Virtualization Overlay (VXLAN, NVGRE,
MPLSoGRE)draft-ietf-bess-evpn-overlay
21© 2016 Cisco and/or its affiliates. All rights reserved.
Unified MPLS vs. Agile Carrier EthernetUnified MPLS Agile Carrier Ethernet
Separation into IGP Domains Yes Yes
Transport Path E2E Yes Yes
Intra-Area Path Provisioning IGP/LDP IGP with Segment Routing
Inter-Area Path Provisioning BGP-3107 Programmed - Netconf/YANG, PCEP
Service Provisioning MP-BGP Programmed - Netconf/YANG & MP-BGP
Redundancy LFA/R-LFA TI-LFA
Traffic Engineering RSVP TE SR TE
Application Engineered Routing N/A Yes (with WAE integration)
22© 2016 Cisco and/or its affiliates. All rights reserved.
Core
Metro areaSingle IGP SR domain
A
GW
GW
ACE Transport Architecture(1)Intra-domain transport
A
A
Simple Network Transport• Access node only run IGP segment routing (ospf/isis extension)• Link use IPv4 unnumbered or IPv6 to get rid of IP address management overhead• Node is plug-n-play
Self-protected and optimized • Link and node protection by segment routing TI-LFA• GW nodes redundancy by anycastSID• Shortest path, ECMPs
IPv4 unnumbered interfaces or IPv6
A
A
Network Transport Underlay
23© 2016 Cisco and/or its affiliates. All rights reserved.
CoreMetro1 Metro2
A B
GW21 1002
GW221002
GW11 1001
GW12 1001
IGP/SR metro island
IGP/SR metro island
Core IGP
Controller Controller program/provision the inter-domain LSP with SR SID list statically or dynamically
SR label: [1001, 1002,B]
SR label: [1002, 1001, A]
SDN controlled end-to-end LSP (SR segment list)
ACE Transport Architecture (2.1)Inter-domain: End-to-End SR
router staticaddress-family ipv4 unicast
20.0.0.4/32 sid-list 1001 1002 16002
SID: 16002SID: 16001
Netconf/yangPCEP
Shortest pathLow-latency path, disjointed path …
Network Transport Underlay
draft-filsfils-spring-large-scale-interconnect
24© 2016 Cisco and/or its affiliates. All rights reserved.
Core
Metro1
Metro2
A B
GW21 1002
GW221002
GW11 1001
GW121001
NSO
A1
CE1 CE2
GUI/CLI/REST
1. Creates L2/L3 VPN services2. Creates SR path based on local prefix-SID tableDestination = BSLA „tag“ (e.g. 1)Sid-list 1001, 1002, B
TransportControllerOption1–StaticbyNSO
ACE App
25© 2016 Cisco and/or its affiliates. All rights reserved.
Core
Metro1
Metro2
A B
GW21 1002
GW221002
GW11 1001
GW121001
NSO
A1
CE1 CE2
XRv (PCEP)
GUI/CLI/RESTService (L2/L3VPN) + SLA
• Service provisioning on the node will trigger the request the PCEP request
• Upon receiving the request, PCEP server will program the SR-TE path: shortest path, low latency path, disjointed path per SLA tag
• Service provisioning and transport SR-TE de-couple
BGP-LS
TransportControllerOption2–XRv(PCEP)Controller
26© 2016 Cisco and/or its affiliates. All rights reserved.
Core
Metro1
Metro2
A B
GW21 1002
GW221002
GW11 1001
GW121001
NSO
A1
CE1 CE2
WAEOSC/ODL
GUI/CLI/RESTService (L2/L3VPN) + SLA
BGP-LS
TransportControllerOption3–WAE/OSC/ODL
• Service provisioning on the node will trigger the PCEP request
• Upon receiving the request, WAE/OSC/ODL will program the SR-TE path:shortest path, low latency path, disjointed path per SLA tag
• Service provisioning and transport SR-TE de-couple
27© 2016 Cisco and/or its affiliates. All rights reserved.
Vrf BLUE
Vrf BLUE
3
7
22
23
21
5
9
2 13 14
10 11
T:30
T:30
Dynamic VPN instantiation of SRTE policies • CE21 advertises prefixes to PE
BGP:1.1.1.21/32,via 21
28© 2016 Cisco and/or its affiliates. All rights reserved.
Vrf BLUE
Vrf BLUE
3
7
22
23
21
5
9
2 13 14
10 11
T:30
T:30
Dynamic VPN instantiation of SRTE policies • CE21 advertises prefixes to PE
• PE22 checks its policy and finds that 1.1.1.21/32 must receive low latency service
MAP: 1.1.1.21/32 in vrf BLUE must receive low latency service à tag with community (100:777)
BGP:1.1.1.21/32,via 21
29© 2016 Cisco and/or its affiliates. All rights reserved.
Vrf BLUE
Vrf BLUE
3
7
22
23
21
5
9
2 13 14
10 11
T:30
T:30
Dynamic VPN instantiation of SRTE policies • CE21 advertises prefixes to PE
• PE22 checks its policy and finds that 1.1.1.21/32 must receive low latency service
• PE22 tags 1.1.1.21/32 with a BGP community (e.g. 100:777)and sends to RR11
MAP: 1.1.1.21/32 in vrf BLUE must receive low latency service à tag with community (100:777)
BGP:1.1.1.21/32,via 21
30© 2016 Cisco and/or its affiliates. All rights reserved.
Vrf BLUE
Vrf BLUE
3
7
22
23
21
5
9
2 13 14
10 11
T:30
T:30
Dynamic VPN instantiation of SRTE policies • CE21 advertises prefixes to PE
• PE22 checks its policy and finds that 1.1.1.21/32 must receive low latency service
• PE22 tags 1.1.1.21/32 with a BGP community (e.g. 100:777)and sends to RR11
• RR11 sends to PE3
MAP: 1.1.1.21/32 in vrf BLUE must receive low latency service à tag with community (100:777)
BGP:1.1.1.21/32,via 21
31© 2016 Cisco and/or its affiliates. All rights reserved.
Vrf BLUE
Vrf BLUE
3
7
22
23
21
5
9
2 13 14
10 11
T:30
T:30
Dynamic VPN instantiation of SRTE policies • PE3 checks its policy and finds it must use a path
to BGP NH (PE22) with optimized TE Metric1
• A TE attribute-set (e.g. attr-set “LTCY”) defines Optimization Objective and Constraints
1 TE metric is used here to express link latency
MAP: Community (100:777) means “minimize TE Metric” and “compute at PCE”
32© 2016 Cisco and/or its affiliates. All rights reserved.
Vrf BLUE
Vrf BLUE
3
7
22
23
21
5
9
2 13 14
10 11
T:30
T:30
Dynamic VPN instantiation of SRTE policies • PE3 requests a path towards PE22 from PCE
(10)
COMPUTE: minimize TE Metric to PE22
PCreq
33© 2016 Cisco and/or its affiliates. All rights reserved.
Vrf BLUE
Vrf BLUE
3
7
22
23
21
5
9
2 13 14
10 11
T:30
T:30
Dynamic VPN instantiation of SRTE policies • PE3 requests a path towards PE22 from PCE
(10)
• PCE computes a dynamic path with the required Optimization Objective and Constraints• Result: SID list {S5, S14, S22}
• PE3 instantiates SRTE Policy withBinding-SID: 30022
COMPUTE: minimize TE Metric to PE22
RESULT: SID list {S5, S14, S22}
PCreq/reply
BSID:30022
SID list: Segment ID list,list of segments
34© 2016 Cisco and/or its affiliates. All rights reserved.
Dynamic VPN instantiation of SRTE policies 1.1.1.21/32; NH: PE22Received VPN label: L_VPNCommunity 100:777BG
P
35© 2016 Cisco and/or its affiliates. All rights reserved.
Dynamic VPN instantiation of SRTE policies 1.1.1.21/32; NH: PE22Received VPN label: L_VPNCommunity 100:777BG
P
SRTE Policy to PE22:SID List {S0, S1, S2}, OIF 3Binding Label: 30022TE
36© 2016 Cisco and/or its affiliates. All rights reserved.
Local label: 30022OIF: SRTE; Label stack {L1, L2}
Dynamic VPN instantiation of SRTE policies • TE installs SRTE Policy in FIB:
Binding-SID (e.g. 30022): push {label L1, label L2}
1.1.1.21/32; NH: PE22Received VPN label: L_VPNCommunity 100:777BG
PFI
B
SRTE Policy to PE22:SID List {S0, S1, S2}, OIF 3Binding Label: 30022TE
37© 2016 Cisco and/or its affiliates. All rights reserved.
Dynamic VPN instantiation of SRTE policies • TE installs SRTE Policy in FIB:
Binding-SID (e.g. 30022): push {label L1, label L2}
• TE provides theBinding-SID of the SRTE Policy to BGP
1.1.1.21/32; NH: PE22Received VPN label: L_VPNCommunity 100:777Binding Label: 30022BG
PFI
B
SRTE Policy to PE22:SID List {S0, S1, S2}, OIF 3Binding Label: 30022TE
Local label: 30022OIF: SRTE; Label stack {L1, L2}
38© 2016 Cisco and/or its affiliates. All rights reserved.
SRTE Policy to PE22:SID List {S0, S1, S2}, OIF 3Binding Label: 30022TE
Dynamic VPN instantiation of SRTE policies • BGP installs best-path in FIB:
• 1.1.1.21/32 via 30022• Push VPN label and steer in SRTE Policy
1.1.1.21/32; NH: PE22Received VPN label: L_VPNCommunity 100:777Binding Label: 30022
1.1.1.21/32; recursion-via-segmentlabel L_VPN, NH via 30022
Local label: 30022OIF: SRTE; Label stack {L1, L2}
BGP
FIB
39© 2016 Cisco and/or its affiliates. All rights reserved.
CoreMetro1 Metro2
A B
GW21 1002
GW221002
GW11 1001
GW121001
IGP/SR metro island
IGP metro islandCore IGP
Tail-f NSO Static PW provisioning by Tail-f NSOInter-domain or intra-domain
PW label: 24001
ACE Service Architecture (1): L2VPN P2P
A
CE1 CE2
In-band PW OAM
Remote-port shutdown
ServiceOverlay
Remote-port shutdown
40© 2016 Cisco and/or its affiliates. All rights reserved.
CoreMetro1 Metro2
A B
GW21 1002
GW221002
GW11 1001
GW121001
PW label: 24001
ACE Service Architecture (2): L2VPN MP
A
CE1 CE2
EVPN Static PWStatic PW
Simple GW node redundancy solution• Transport: anycast GW label• EVPN: Static PW as EVPN virtual Ethernet
Segment
PW label: 24002
EVPN
Static PW Static
PW
Tail-f NSO
H-EVPN: Static PW provisioning in accessEVPN between service nodesVirtual EVPN ES using anycastaddress
ServiceOverlay
BD
BD BD
BD
41© 2016 Cisco and/or its affiliates. All rights reserved.
CoreMetro1 Metro2
A B
GW21 1002
GW221002
GW11 1001
GW121001A
CE1 CE2
EVPN Static PWStatic PW
BD
EVPN
Static PW Static
PW
ServiceOverlay
All-activeusing anycast
address
Single-active (PBB-EVPN) All-active (EVPN)
Draft-sajassi-bess-pbb-evpn-anycast-ip-tunnels (need for evpn as well)
BD BD
BD
42© 2016 Cisco and/or its affiliates. All rights reserved.
CoreMetro1 Metro2
A
GW21 1002
GW221002
GW11 1001
GW121001
Provision static PW label on both access nodes and the GW nodes
PW label: 24001
ACE Service Architecture (3): L3VPN centralized
CE1 CE2
PWHE
GW node redundancy options• Static PW terminated into PWHE or EVPN IRB interface for L3 service• CE A/A dual-homing to multiple service nodes using anycastaddress
PW label: 24002, 24003
IP-VPN
Static PW
Static PWPWHE
EVPN IRB
PWHE IRB
Default route: anycast GW
B
ServiceOverlay
Tail-f NSO
EVPN IRB
Default route: anycast GW
43© 2016 Cisco and/or its affiliates. All rights reserved.
EVPN BGP Routes RFC7432
• EVPN defines a new BGP NLRI used to carry all EVPN routes• BGP Capabilities Advertisement used to ensure that two speakers support EVPN NLRI (per
RFC4760)
Overview
Route Type
Length
Route type specific
1 byte
1 byte
[1] Ethernet Auto-Discovery (AD) Route[2] MAC Advertisement Route[3] Inclusive Multicast Route[4] Ethernet Segment Route
EVPN NLRI
Variable
44© 2016 Cisco and/or its affiliates. All rights reserved.
EVPN BGP route typeRoute type Usage EVPN PBB-EVPN EVPN VPWS
0x1 Ethernet Auto-Discovery (A-D) Route
• MAC Mass-Withdraw• Aliasing (load balancing)• Split-Horizon “Tagged with ESI Label Extended Community”
ü NOT used ü
0x2 MAC Advertisement Route • Advertise MAC addresses• Provide MAC / IP address bindings for ARP
broadcast suppression“Tagged with MAC Mobility Extended Community”
ü ü NOT used
0x3 Inclusive Multicast Route • Multicast tunnels used to transport Broadcast, Multicast and Unknown Unicast frames (BUM)
“Tagged with PMSI tunnel attribute” (P tunnel type & ID) – RFC6514
ü üNOT used
0x4 Ethernet Segment Route • Auto discovery of Multi-homed Ethernet Segments, i.e. redundancy group discovery
• Designated Forwarder (DF) Election“Tagged with ES-Import Extended Community”
ü ü ü
45© 2016 Cisco and/or its affiliates. All rights reserved.
EVPN BGP Extended Community
Attribute Usage Tagged BGP route
EVPN PBB-EVPN EVPN VPWS
ESI label Extended Community
• Split-Horizon for Ethernet Segment.
• Indicate Redundancy Mode (Single Active vs. All-Active)
Ethernet A-D Route
üNot used
ü
ES-Import Extended Community
• Limit the import scope of the Ethernet Segment routes.
Ethernet Segment Route ü ü ü
MAC Mobility Extended Community
• E-VPN: Indicate that a MAC address has moved from one segment to another across PEs.
• PBB-EVPN: Signal C-MAC address flush notification
MAC Advertisement Route
ü ü Not used
46© 2016 Cisco and/or its affiliates. All rights reserved.
E-VPN Startup Sequence (cont.)ESI Auto-Sensing
46
Segment Auto-Discovery
Ethernet Segment ID (ESI) Auto-Sensing
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
CE LACP info:LACP System Priority (2B)
e.g. 0000LACP System ID (MAC) (6B)
e.g. 0011.0022.0033LACP Port Key (2B)
e.g. 0018
ESI (10B) can be auto-generated* from CE’s LACP information àConcatenation of CE’s LACP System Priority + System ID + Port Key
Example:0000. 0011.0022.0033.0018
LACPPDU exchange
(*) ESI can also be manually configured
System Priority
2 bytes 6 bytes 2 bytes
System MAC Address Port Key
47© 2016 Cisco and/or its affiliates. All rights reserved.
E-VPN Startup Sequence (cont.)BGP Ethernet Segment Route
47
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
PE 1 Eth Segment RouteRD = RD10ESI = ESI1
ES-Import ext. comm.e.g. 0011.0022.0033
MAC address portion of ESI (6B)
PE 2 Eth Segment RouteRD = RD20ESI = ESI1
ES-Import ext. comm.e.g. 0011.0022.0033
Segment Auto-Discovery
Ethernet Segment ID (ESI) Auto-Sensing
Redundancy Group Membership Auto-Discovery
RD – RD unique per advertising PE
48© 2016 Cisco and/or its affiliates. All rights reserved.
E-VPN Startup SequenceDesignated Forwarder (DF) Election*
48
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
Ordered List of discovered PEs starting from zero (lowest IP add)
Segment Auto-Discovery
Ethernet Segment ID (ESI) Auto-Sensing
Redundancy Group Membership Auto-Discovery
PE Ordered ListPosition PE
0 PE11 PE2
Modulo Operation
E-VPN ID (EVI)
EVI mod N (N = # of PEs)
(e.g. EVI mod 2)100 0101 1102 0103 1
PE Ordered ListPosition PE
0 PE11 PE2
Modulo OperationE-VPN ID
(EVI) (EVI mod 2)
100 0101 1102 0103 1
Exchange of Ethernet Segment Routes
Result of modulo operation is used to determine DF and BDF status
DF – Designated ForwarderBDF – Backup Designated Forwarder
Example:PE2 DF for EVIs 101, 103PE2 BDF for EVIs 100, 102
Example:PE1 DF for EVIs 100, 102PE1 BDF for EVIs 101, 103
(*) DF election with Service Carving shown (i.e. one DF per EVI in the segment)
49© 2016 Cisco and/or its affiliates. All rights reserved.
E-VPN Startup Sequence (cont.)BGP Ethernet AD Routes – Per-ESI
49
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
PE 2 Eth A-D Route (Per-ESI)RD = RD20ESI = ESI1
ESI MPLS Label ext. comm.Flag = All-Active
Label (e.g. LESI21)RT ext. community
RT-a, RT-b, RT-c, RT-d
Segment Auto-Discovery
Ethernet Segment ID (ESI) Auto-Sensing
Redundancy Group Membership Auto-Discovery
Ethernet Segment Reachability Advertisement
Per-ESIadv.
PE 1 Eth A-D Route (Per-ESI)RD = RD10ESI = ESI1
ESI MPLS Label ext. comm.Flag (e.g. All-Active)Label (e.g. LESI11)
RT ext. communityRT-a, RT-b, RT-c, RT-d
Flags– Redundancy mode - All-Active or Active-Standby
Multiple RTs – all RTs for EVIs present in the segment
ESI MPLS Label – used by local PEs for split-horizon. Downstream assigned (ingress replication) or Upstream assigned (P2MP LSP)
RD – RD unique per advertising PE
50© 2016 Cisco and/or its affiliates. All rights reserved.
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
E-VPN Startup Sequence (cont.)BGP Ethernet AD Routes – Per-EVI
50
PE 1 Eth A-D Route (Per-EVI)RD = RD-1aESI = ESI1
Label (e.g. LES11)RT ext. community
RT-a
Aliasing MPLS Label –used by remote PEs to load-balance among local PEs
PE 2 Eth A-D Route (Per-EVI)RD = RD-2aESI = ESI1
Label (e.g. LES21)RT ext. community
RT-a
RT – RT associated with a given EVI
PE3 / PE4 RIBVPN MAC ESIRT-a - ES1
Path ListNHPE1PE2
Segment Auto-Discovery
Ethernet Segment ID (ESI) Auto-Sensing
Redundancy Group Membership Auto-Discovery
Per-ESIadv.
Per-EVI adv.
Ethernet Segment Reachability Advertisement
RD – RD unique per advertising PE per EVI
51© 2016 Cisco and/or its affiliates. All rights reserved.
E-VPN Startup Sequence (cont.)BGP Inclusive Multicast Route
51
VPN Auto-Discovery
Multicast Tunnel ID / Endpoint Discovery
PE 1 Inclusive Multicast RouteRD = RD-1a
PMSI Tunnel AttributeTunnel Type (e.g. Ing. Repl.)
Label (e.g. XXXX)RT ext. community
RT-a
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
Tunnel Type – Ingress Replication or P2MP LSP
Mcast MPLS Label – used to transmit BUM traffic -downstream assigned (ing. repl.) or upstream assigned (Aggregate Inclusive P2MPLSP1)
PMSI - P-Multicast Service InterfaceBUM – Broadcast / Unknown Unicast / Multicast
RD – RD unique per advertising PE per EVI
RT – RT associated with a given EVI
PE 2 Inclusive Multicast RouteRD = RD-2a
PMSI Tunnel AttributeTunnel Type (e.g. Ing. Repl.)
Label (e.g. YYYY)RT ext. community
RT-a(1) Mcast MPLS label is not assigned with Inclusive Trees (P2MP LSP)
52© 2016 Cisco and/or its affiliates. All rights reserved.
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
Life of a PacketIngress Replication – Multi-destination Traffic Forwarding
52
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
VID 100SMAC: M1DMAC: F.F.F L3
L2 L5
L4
Mcast MPLS Label assigned by PE3 for incoming BUM traffic on a given EVI
PSN MPLS label to reach PE3
ESI (split-horizon) MPLS label allocated by PE2 for segment ES1
PE4 – non-DF for given EVI drops BUM traffic
PE2 – drops BUM traffic originated on ES1
PE1 receives broadcast traffic from CE1. PE1 forwards it using ingress replication – 3 copies created PE3 – as DF, it
forwards BUM traffic towards segment
During start-up sequence, PE2 sent Per-ESI Ethernet AD route with ESI MPLS label (split-horizon) (see below)
PE 4 Inclusive Multicast Route
RD = RD-4aPMSI Tunnel AttributeTunnel Type = Ing. Repl.
Label = L4RT ext. community
RT-aMcast MPLS Label – used to transmit BUM traffic -downstream assigned (for ingress replication)
During start-up sequence, PE1, PE2, PE3, PE4 sent Inclusive Multicast route which include Mcast label
PE 2 Eth A-D Route (Per-ESI)RD = RD20ESI = ESI1
ESI MPLS Label ext. comm.Redund. Flag = All-Active
Label = L5RT ext. community
RT-a, RT-b, RT-c, RT-d
ESI MPLS Label – used by local PEs for split-horizon -downstream assigned (for ingress replication)
53© 2016 Cisco and/or its affiliates. All rights reserved.
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
Life of a Packet (cont.)Unicast Traffic Forwarding
53
PE1 MAC RouteRD = RD-1aESI = ESI1MAC = M1Label = L1
RT ext. communityRT-a
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
L1
MP2P VPN Label assigned by PE1 for incoming traffic for the target EVI
PSN MPLS label to reach PE1
PE3 forwards traffic destined to M1 based on RIB information (PE1)
PE3 RIBVPN MAC ESIRT-a M1 ES1
Path ListNHPE1
VID 100SMAC: M2DMAC: M1VID 100
SMAC: M1DMAC: F.F.F
MP2P VPN Label –downstream allocated label used by other PEs to send traffic to advertised MAC
MAC advertised by route
54© 2016 Cisco and/or its affiliates. All rights reserved.
Life of a Packet (cont.)Unicast Forwarding and Aliasing
54
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
PE3, PE4 RIBVPN MAC ESIRT-a M1 ES1
Path ListNHPE1PE2
MPLS
PE1
CE1
PE2
PE3
CE3
PE4
L2
Aliasing MPLS Label assigned by PE2 for (ES1, EVI) pair
PSN MPLS label to reach PE2
PE3 forwards traffic on a flow (flow 2) based on RIB information (towards PE2)
VID 100SMAC: M4DMAC: M1
L1
MP2P VPN Labelassigned by PE1 for incoming for target EVI
PSN MPLS label to reach PE1
PE3 forwards traffic on a flow (flow 1) based on RIB information (towards PE1)
VID 100SMAC: M3DMAC: M1
During start-up sequence, PE2 sent Per-EVI Ethernet AD route (see below)
PE1 MAC RouteRD = RD-1aESI = ESI1MAC = M1Label = L1
RT ext. communityRT-a
MP2P VPN Label –downstream allocated label used by other PEs to send traffic to advertised MAC
MAC advertised by route
PE 2 Eth A-D Route (Per-EVI)RD = RD-2aESI = ESI1Label = L2
RT ext. communityRT-a
Aliasing MPLS Label –used by remote PEs to load-balance among local PEs
During start-up sequence, PE1 sent Per-EVI Ethernet AD route
VID 100SMAC: M1DMAC: F.F.F