cisco aggregation services routers 1000 positioning
Post on 31-Mar-2022
4 Views
Preview:
TRANSCRIPT
© 2009 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialISR G2 TDM © 2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Tomáš Kelemen
tkelemen@cisco.comChannel Systems Engineer
CCIE #24395
Cisco Aggregation Services Routers 1000 Positioning
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 2
Agenda
Introduction to ASR1000
Hardware Architecture
Software Architecture
Solution Architectures
Cisco ASR1000 Interfaces, Modules
Q&A
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 3
Agenda
Introduction to ASR1000
Hardware Architecture
Software Architecture
Solution Architectures
Cisco ASR1000 Interfaces, Modules
Q&A
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 4
Perf
orm
ance a
nd S
erv
ices S
cala
bili
ty
Cisco Routing Platform Positioning
Branch
Head Office / WAN Aggregation
Routing System with Integrated Services — Security, Voice, Video, Wireless, WAN Optimization
Secure, Reliable, Concurrent WAN Services Aggregation
High-performance embedded Services, Services Flexibility
Hardware/Software Resiliency, Modular Software
Highest Capacity,
Highly Available,
Modular Services
Modular software,
Consistent
LAN/WAN services
ISR Series
7200 Series
ASR 1000 with
ESP-5G or 10G
7600 Series/
Catalyst 6500
SeriesSecure WAN Aggregation
Integrated Threat Control
Application Optimization
ASR 1000
with ESP-20G
ASR 1002-F
(ESP-2.5G)
New
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 5
Cisco ASR 1000 Series Introduction
SPA Interface Processor (SIP)
Can take Up to 4 HH SPAs
SPA Slots
Re-Uses existing SPAs
Embedded Services Processor
(ESP) 40 Cores with Traffic ManagerRoute Processor (RP)
1.5 GHz, Up to 4GB DRAM
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 6
Chassis Options: ASR1006
RP
ESP
SIP
SPAs
6RU
0
1
0
1
0
1
2
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 7
4RU
Chassis Options: ASR1004
RP
ESP
SIP
SPAs
0/0 0/1
0/2 0/3
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 8
Chassis Options: ASR1002
ESP
SIP
SPAs
2RU
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 9
Chassis Options: ASR1002-F1 x HH SPA
slot
Features:
Integrated ESP, SIP10, RP1 with 4GB DRAM
ESP 2.5 Gbps
1 HH SPA slot, /w 4 built-in GE ports
Dual AC/DC power supply
2RU
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 10
Route Processor: ASR1000-RP1
Features:
First Generation ASR1000 Route Processor (RP)
1.5GHz PowerPC Processing Complex
Up to 1M v4 / 256K v6 routes
HDD
Enclosure
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 11
Route Processor: ASR1000-RP2
Features:Second Generation ASR1000 Route Processor (RP)
Dual core 2.66 GHz Intel Xeon Processing Complex
Up to 4M v4, 1M v6 routes
Hot swappable HDD
16 GB DRAM
HDD
Enclosure
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 12
Forwarding Processor: ASR1000-ESP10
Features:
10 Gbps Performance
QFP (QuantumFlow Processor)
800MHz ESP CPU Processing Complex for Control
40 cores – 900MHz each
Cisco
QuantumFlow
Processor
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 13
Forwarding Processor: ASR1000-ESP20
Features:
20 Gbps Performance
QFP (QuantumFlow Processor)
1200MHz ESP CPU Processing Complex for Control
Cisco
QuantumFlow
Processor
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 14
SPA Interface Processor: ASR1000-SIP10
Features:
First Generation ASR1000 SIP
10 Gbps Aggregate Performance
800MHz SIP10 CPU Processing Complex for Control
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 15
Agenda
Introduction to ASR1000
Hardware Architecture
Software Architecture
Solution Architectures
Cisco ASR1000 Interfaces, Modules
Q&A
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 18
Mid-plane
ASR1000 Building Blocks
RP (Route Processor)
Handles control plane traffic
Manages system
ESP
Handles forwarding plane traffic
SIP
Houses the SPAs
SPAs
Provide interface connectivity
Centralized Forwarding Architecture
All traffic flows through the ESP
SPA-SPI, 11.2Gbps
Hyper Transport, 10Gbps
ESI, (Enhanced Serdes Interface) 11.5Gbps
Route
Processor
(standby)
RP
Interconn.
Route
Processor
(active)
RP
Interconn.
Embedded
Services
Processor
(active)
Interconn.
QFP subsys-temCrypto
assist
SP
I4.2
ESP CPU
Embedded
Services
Processor
(standby)
SPASPA
SIP
CPUSPA
Agg.
…
Interconn.
SPASPA
SIP
CPUSPA
Agg.
…
Interconn.
SPASPA
SIP
CPUSPA
Agg.
…
Interconn.
Interconn.
QFP subsys-temCrypto
assist
SP
I4.2
ESP CPU
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 19
Route Processor—RP1
General Purpose CPU clocked at 1.5GHz Freescale CPU
Memory:1. DRAM: Default: 2 GB; Max: 4 GB
2. NVRAM: 32 MB
3. 1GB of Onboard Flash (eUSB) for code storage, boot, crashinfo, etc.
Management Interfaces:Management ethernet management port, auxiliary port, console port
Storage:For core dumps, failure capture, etc; 40 GB Hard Disk Drive (rotary)
External USB flash for IOS configs or File copying
Communications paths to other cards (for control and for network control packets)
Stratum-3 network clock circuitry and BITS reference input (for synchronizing SONET links, etc.)
Miscellaneous control functions for card presence detection, card ID, power/reset control, alarms, redundancy, etc.
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 20
Route Processor—RP2
General Purpose CPU based on Intel dual core
clocked at 2.66 GHz
Memory:1. DRAM: Default: 8 GB; Max: 16 GB
2. NVRAM: 32 MB
3. 2GB of Onboard Flash (eUSB) for code storage, boot, crashinfo, etc.
Management Interfaces:Management ethernet management port, auxiliary port, console port
Storage:For core dumps, failure capture, etc; 80 GB Hard Disk Drive (rotary)
External USB flash for IOS configs or File copying
Communications paths to other cards (for control and for network control packets)
Stratum-3 network clock circuitry and BITS reference input and output (for synchronizing SONET links, etc.)
Miscellaneous control functions for card presence detection, card ID, power/reset control, alarms, redundancy, etc.
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 21
Forwarding Processor—ESP-5G, ESP-10G
Centralized, programmable forwarding engine (i.e. QFP subsystem (PPE) and crypto engine) providing full-packet processing
Packet buffering and queuing/scheduling (BQS or Traffic Manager)
For output traffic to carrier cards/SPA’s
For special features such as input shaping, reassembly, replication, punt to RP, etc.
Interconnect providing data path links (ESI) to/from other cards over mid-plane
Transports traffic into and out of QFP10
Input scheduler for allocating QFP10 BW among ESI’s
ESP CPU managing QFP, crypto device, mid-plane links, etc
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 22
SPA Interface Processor—SIP-10G
Physical termination of SPA
Supports up to 4 SPA’s
4 half-height, 2 full-height, 2 HH+1FH
Full OIR support
Does not participate in forwarding
Limited QoS
Ingress packet classification—high/low
Ingress over-subscription buffering (low priority) until FP can service them. Up to 128MB of ingress oversubscription buffering
Capture stats on dropped packets
Network clock distribution to SPA’s, reference selection from SPA’s
SIP CPU manages Midplane links, SPA OIR, SPA drivers
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 23
QFPQFP
QFP
System Bandwidth and Oversubscription
ESP bandwidth denotes the total ‘output’ bandwidth of the system, regardless of the direction
As long as High priority traffic long is not over-subscribed, i.e., <=10G for ASR1000-ESP10)
5G 5G
5G5GQFP
5G Unicast in each direction
Total Output bandwidth 5+5=10
1G 8G
2G 2G
1G Multicast with 8X replication in one direction
2G unicast in the other direction
Total Output bandwidth 8+2=10G
5G 5G
6G6G
5G Unicast in one direction & 6G Unicast in the other
direction
Total output bandwidth (5+6=11) exceeds 10G; Only 10G
will go through
1G 10G
1G1G
1G Multicast with 10X replication in one direction
1G Unicast in the other direction
Total bandwidth (10+1=11) exceeds 10G; only 10G will go through
Oversubscribed Oversubscribed
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 24
ASR1000 HA Summary
ASR leverages Cisco IOS HA infrastructure—NSF/SSO, ISSU
1+1 redundancy option for RP and ESP
Active and standby
No load balancing
RP’s are separate from ESP’s
Switchover of ESP does not result in switchover of RP
Switchover of RP/IOS does not result in switchover of ESP
Single RP may be configured with dual IOS for SW redundancy (ASR1002 or ASR1004 only)
No redundancy for SIP or other I/O cards
SPA plugs into a single SIP
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 25
System Architecture—Distributed Control Plane
Zero
Packet
Loss
Separate and independent internal communication link for control plane (GE)
Active
Route
Processor
Standby
Route
Processor
RP fails
HW or SW
Standby
Becomes
Active
SPA Interface Processor
SPA SPA
SPA SPA
SPA Interface Processor
SPA SPA
SPA SPA
SPA Interface Processor
SPA SPA
SPA SPA
Active
Embedded Services
Processor
Standby
Embedded Services
Processor
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 26
System Architecture—Centralized Data Plane
SPA Interface Processor
SPA SPA
SPA SPA
SPA Interface Processor
SPA SPA
SPA SPA
SPA Interface Processor
SPA SPA
SPA SPA
Active
Route
Processor
Standby
Route
Processor
Active
Embedded Services
Processor
Standby
Embedded Services
Processor
ESP fails – SW or HWStandby
Becomes Active
Minimal
Data
Interruption
All packets processed by QFP for forwarding
Separate and Independent links for Data Plane communication (ESI 11.5G)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 27
Agenda
Introduction to ASR1000
Hardware Architecture
Software Architecture
Solution Architectures
Cisco ASR1000 Interfaces, Modules
Q&A
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 28
SIP
SPASPA
IOCP
SPA
Agg.
…
ESP FECP
Interconn.QFP subsystem
Crypto assist
RPCPU
IOSChassis Mgr.
Forwarding Mgr.
Linux Kernel
Chassis Mgr.
Forwarding Mgr.QFP
Software
Interconn.
Chassis Mgr.SPA driver
SPA driver
SPA driver
SPA driver
Interconn.
ESI, 11.2Gbps
SPA-SPI, 11.2Gbps
Hypertransport, 10Gbps
Other
QFP code
IOS
Kernel (incl. utilities)
Kernel (incl. utilities)
Linux Kernel
Linux Kernel
GE, 1Gbps
I2C
SPA Control
SPA Bus
IPC Messages
ASR1000 - Software Architecture (IOS XE)
Interconn.
IOS XE = IOS + Middleware + Platform Software
Operational Consistency—same look and feel as IOS Router
IOS runs as its own Linux process for control plane (Routing, SNMP, CLI etc) 32bit and 64bit options.
Linux kernel with multiple processes running in protected memory for
Fault containment
Re-startability
ISSU of individual SW packages
ASR1000 HA
Zero-packet-loss RP Failover
<50ms IOSD and ESP Failover
Software Redundancy
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 29
An IOS XE Innovation—Dual Cisco IOS
An option to run dual IOS images on single RP HW for 2/4 RU chassis results in zero service disruption during IOS upgrades
Failover of IOS instance or RP doesn’t cause service impact to IOS FW or NAT
Route Processor
Embedded Services
Processor
Kernel
QFP
ForwardingManager
ChassisManager
Kernel
Chassis Manager
InterfaceManager
ForwardingManager
IOS
12.2XN(Standby)
IOS
12.2XN(Active)
IOS XE Middleware
SPA Interface
Processor
Kernel
SPA
Driver
SPA
Driver
SPA
Driver
SPA
Driver
InterfaceManager
ChassisManager
Control Messaging
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 30
Connecting to an ASR1000
Console
Normal IOS console
Telnet, SSH
Needs to be configured, but otherwise, nothing new
AUX
Can be used for diagnostic access
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 31
Management Ethernet
ASR has dedicated GigE Management Ethernet
Not usable for ‘normal’ traffic
Supports only basic ACLs
Most forwarding features do not work on this port (traffic not processed by QFP)
Intended for out of band router access—has SW support for rate limiting but that takes CPU cycles to drop packets
Don’t connect to the ‘outside’ world
Must be configured in dedicated VRF
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 32
ASR filesystem Specifics
All media shows up as type ‘disk’ regardless of type of media (SATA disk, USB flash, etc)
harddisk: and bootflash: always formatted as ext2
External usb0:, usb1: can be formatted as FAT16, FAT32, or ext2
No support for multiple partitions at this time—only first partition on each device is visible
IOS does not control these devices directly (ie, no flash driver in IOS, no SATA driver in IOS—Linux has the drivers, does the mount/umount under the covers)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 33
Agenda
Introduction to ASR1000
Hardware Architecture
Software Architecture
Solution Architectures
Cisco ASR1000 Interfaces, Modules
Q&A
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 34
Unified Wan Services Solutions
Internet Edge
Private Wan
WAN Aggregation
Data Center Interconnect
Secure WAN
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 35
Unified WAN Services - Branch Agg
Business Technology Operations
ASR1000
Solution
Benefits
•Nurturing new business
opportunities by adapting to
new services, more bandwidth,
and increased traffic loads at
the Head-end
•Based on multi-generational
custom built network processor,
QFP
•Scalable and modular control,
data and IO plane design
•Integrated QoS, and HA
•Ease of provisioning using
industry standard Cisco IOS
CLI
•Sub-50 ms failover times for
both control and data planes
QFP
Solution
Benefits
•Strategic, highly sophisticated
network processor built in-
house
•Instant Services turn-on using
QFP silicon
•Faster qualification due to
unified data plane architecture
based on QFP
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 36
Unified WAN Services - Optimized
Business Technology Operations
ASR1000
Solution
Benefits
•Adapting to higher BW
applications by adding
optimization, monitoring and
recognition to a Carrier Class
ASR1000
•Based on multi-generational
custom built network processor,
QFP
•Scalable and modular control,
data and IO plane design
•Integrated QoS, and HA
•Ease of provisioning using
Cisco IOS CLI for NBAR, NF
and WCCP
QFP
Solution
Benefits
•Built-in WCCPv2, Application
recognition, and monitoring
in one single processor
•Instant WAN optimization and
application recognition using
QFP s processor
•Faster qualification due to
unified data plane architecture
based on QFP
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 37
Unified WAN Services - Secure
Business Technology Operations
ASR1000
Solution
Benefits
•Highly scalable built-in
encryption engine for both
IPsec and SSLVPN based
solutions
•Scalable IOS Firewall solution
up to 20Gb
•Based on multi-core encryption
engine supporting both IKE and
IPsec acceleration
•Tighter QoS and HA integration
•Support for DMVPN, EasyVPN,
and GETVPN solutions
•Ease of provisioning due to
seamless crypto engine
integration into data plane
•Sub-50 ms failover times for
crypto data plane
QFP
Solution
Benefits
•Efficient QoS, and multicast
interaction with crypto engine
•IOS Zone-based Firewall
integrated with crypto solutions
•Instant Services turn-on using
embedded crypto engine
•IOS Firewall acceleration using
native QFP off-load
•Jumbo frame support
•Crypto feature consistency
across all Embedded Services
Processors (ESP)
•IOS Firewall CLI consistent
with ISRs
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 38
Unified WAN Services - Secure
DMVPN GETVPN Easy VPN
•On-demand point to multipoint
Encrypted VPNs
•Integrated voice, video, and data
encryption with reduced TCO
•Simplified branch to branch connectivity
solutions
•OPEX reduction using zero-touch
deployment
•Resilient VPN solution combining both
crypto and routing control plane
•Tunnel-less Encrypted VPNs
•Any-to-Any VPN connectivity suitable
for IP VPNs
•No overlay routing
•Simplified QoS integration with Crypto
•Reduced latency and jitter due to direct
communication with no central hub
•Eliminates p2p IKE relationship with
group encryption keys
•High availability to avoid key server as
single point of failure
•LAN-like Encrypted VPN experience
for a diverse set of VPN clients
including software clients
•Uses existing basic crypto
technologies
•Enhances interoperability by
consolidating tunnels from teleworkers,
retail stores, or branch offices
•Centralized policy and management
control
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 39
Unified WAN Services - Secure
Internet Firewall VPN Firewall DMZ Firewall
•IOS Firewall applied on Internet traffic
•Protecting Branch offices from attacks
coming from Internet via split tunnel
•Protecting Branch network from Guests
•Protecting Corporate HQ from attacks
coming from Internet
•IOS Firewall applied on VPN traffic
•Protecting both inside and VPN users
from Internet
•Applicable to both interface (VTI/GRE),
and non-interface (classical) IPsec VPNs
•Easy to integrate with DMVPN, Easy
VPNs
•Ability to apply firewalling intra-zone to
firewall traffic between software VPN
client users
•IOS Firewall applied on traffic to/from
DMZ network
•Protecting inside users, and DMZ
servers
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 40
Unified WAN Services - DCI
Business Technology Operations
ASR1000
Solution
Benefits
•Highly scalable DCI solution
that reduces overall WAN TCO
•Support for both L2 and L3 DCI
options
•Loop prevention & redundancy
•Scalable and modular data and
IO plane design to provide an
easier migration beyond 10Gb
•Ease of provisioning using
industry standard Cisco IOS
CLI
•Sub-second resilience using
remote port shutdown for end
to end DCI
QFP
Solution
Benefits
•Native acceleration for all
existing and future (such as
VPLS) services
•Instant Services turn-on for
Ethernet over MPLS, H-QoS,
Encryption, and WCCPv2
•Re-use of existing silicon and
easier to add-on services like
encryption
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 41
Unified WAN Services - DCI
MPLS Transport IP Transport Encryption (MPLS/IP)
•Active/Active EoMPLS PWs solution to
extend Layer 2 over MPLS
transport/cloud up to 10Gbps
•Integrated H-QoS, and WCCPv2 (for
Layer 3 DCI)
•MEC/VSS or VPC based Ether
Channel
•Remote port shutdown for sub-
second end to end convergence
•A/A EoMPLS over GRE solution to
extend Layer 2 over IP transport/cloud up
to 10Gbps
•Integrated H-QoS, and WCCPv2 (for
Layer 3 DCI)
•MEC/VSS or VPC based Ether Channel
•Remote port shutdown for sub-
second end to end convergence
•A/A EoMPLS over GRE over IPsec
using built-in encryption engine in a
seamless manner up to 7Gbps
•Simplified deployment for encryption
using existing IOS CLI
•Interoperable with Nexus 7000’s
802.1AE (TrustSec) solution using
802.1AE over EoMPLS PWs (port
mode)
•TrustSec over EoMPLS provides
native MPLS encryption
•Remote port shutdown for sub-
second end to end convergence
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 42
UWS - Private WAN Virtualization
Business Technology Operations
ASR1000
Solution
Benefits
•Highly scalable WAN and
core VPN/Virtualization
solution that reduces overall
WAN TCO
•Support for both L2 and L3 options
•Fast convergence features,
interface agnostic (Any solution
over IP Tunnel) & redundancy
•Scalable and modular data and IO
plane design to provide an easier
migration beyond 10Gb
•Ease of provisioning using
industry standard Cisco IOS
CLI
•Leverage existing IOS
convergence mechanisms and
tools for virtualization
management
QFP
Solution
Benefits
•Native acceleration for all
existing and future (MPLS
over mGRE, L2TPv3*)
services
•Instant Services turn-on for
L3VPN, Ethernet over MPLS, H-
QoS, Encryption,
•Re-use of existing silicon and
easier to add-on services like
encryption
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 43
Unified WAN Services - Internet Edge
Business Technology Operations
ASR1000
Solution
Benefits
•Highly Scalable routing platform
•Extremely modular, flexible and
integrated design
•Investment Protection
•Scale up to millions of
IPv4/IPv6 internet routes
•Separation of control plane
and forwarding plane
•Application Aware via NBAR
•In Service Software Upgrade
•Sub-50ms failover time
•Small Form Factor and low
power requirement
•Consistent IOS CLI
QFP
Solution
Benefits
•Multicore processor gives powerful
parallel processing capability
•Highly efficient traffic scheduling
•Built-in hardware support for
Firewall, NAT and IPSec.
•Advanced and high scale
QoS support
•Instant Service Turn On
•Netflow processing in
hardware
•Hardware based Control
Plane Policing
Campus Core
Internet
QFP QFP
Campus Core
Branch Office
Internet
Branch OfficeBranch OfficeInternetInternet Internet
QFP QFP
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 44
Unified WAN Services – Internet Edge
Corporate Internet GW Branch Internet GW Teleworker Access
•Internet IPv4/v6 Peering with SPs
•Full Internet BGP routes
•Monitor all network flows extensively
•Protect Corporate network from
internet
•IOS Stateful FW inspection on all
interfaces
•Offer additional services such as NAT
and WCCPv2
•Internet IPv4/v6 Peering
•Protect Branch Network from internet
•Instant-on Services such as NBAR,
IPSec, NAT, etc
•Integrated H-QoS, and WCCPv2
•IOS Stateful FW inspection on internet
traffic as well as VPN traffic.
•Integrated Easy VPN
•Teleworker access internet via
corporate FW
•Protect teleworker’s network from
internet
•Advanced services such as FPM,
netflow, etc.
Campus Core
Internet
QFP QFP
Campus Core
Branch Office
Internet
Branch OfficeBranch OfficeInternetInternet Internet
QFP QFP
QFP
Campus Core
Branch Office
Internet
Branch OfficeInternetInternet
QFP QFP
QFP
Internet
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 45
Agenda
Introduction to ASR1000
Hardware Architecture
Software Architecture
Solution Architectures
Cisco ASR1000 Interfaces, Modules
Q&A
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 46
Ethernet SPAs
Speed Ports Interface Form Factor
FE 4 and 8 TX Half Height
GE 2, 5, 8 SFP Half Height
GE 10 SFP Full Height
10GE 1 XFP Half Height
Detailed SPA/SFP support matrix: http://tinyurl.com/mvpgm2
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 47
Serial/Channelized/ SPAs
Speed Ports Interface Form Factor Details
Channelized T1/E1
8 Copper Half HeightClear Channel and Up to 256 DSO
Independent HDLC Channels
Clear Channel T3/E3
2 and 4 Copper Half Height
Full Duplex, Full Rate and Sub Rate Support
Integrated DSUs
Channelized T3 2 and 4 Copper Half Height
Up to 112 T1 Ports (28 T1 Multiplexed onto a Single T3)
Up to 1024 NxDSO Channels (N=1-24) or 400 with T3 Config
Channelized OC-3/STM-1
1 SFP Half Height
Up to 84 T1 or 63 E1 Ports
Up to 1024 NxDSO Channels (N=1-24) or 400 with T3 Config
Detailed SPA/SFP support matrix: http://tinyurl.com/mvpgm2
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 48
POS/ATM SPAs
Speed Ports Interface Form Factor
OC-3/STM-1
POS2, 4, 8 SFP Half Height
OC-12/STM-4
POS1, 2, 4, 8 SFP Half Height
OC-48/STM-4
POS 2,4 SFP Half Height
OC3/STM1 ATM 1,3 SFP Half Height
Detailed SPA/SFP support matrix: http://tinyurl.com/mvpgm2
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 49
ASR 1000 WebEx NodeIntegrating WebEx Meeting Zone Components on ASR 1000
SP Network
End Customer HQ
ASR 1000
ControlMultimedia & collaboration
ASR 1000
Better performance for user inside a company firewall.
Reduce the bandwidth going out of company firewall.
Seamless to end user
Better security by reducing traffic outside of company
Collaboration
Bridge
MultiMedia
Platform
MZM
MCC
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 50
WebEx without WebEx Node SPA
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 51
WebEx with WebEx Node SPA
QFP
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 52
Data Flow Through ASR 1000
Webex Node SPA has 2.5G internal interface created in the host to handle the TCP/IP traffic for the services running on the node.
The data enter and leaves the Webex Node SPA through the SPI4 interface connected to SIP
Packet arrives on I/O Interfaces, sent to ASR 1000 ESP then to SIP where WebEx Node is attached.
Packets from WebEx Node is sent to SIP where node is connected then to ESP that forwards it to the SIP that has the egress I/O interface
No meeting traffic is sent/received from/on the node to ASR 1000 RP.
ASR1000 Embedded Service
Processor
ASR1000 SPA Interface
Processor (SIP)
2-port GE SPA
Connection to WebEx Data
Center
Connections to WebEx Clients
WebEx Node SPA
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKARC-2001 53
Agenda
Introduction to ASR1000
Hardware Architecture
Software Architecture
Solution Architectures
Cisco ASR1000 Interfaces, Modules
Q&A
top related