Enabling Quality of Service with Cisco SDN

Jon Snyder

• Introduction

• SDN: What Do We Mean, and What’s the Point?

• Background

• Collaboration Applications and the Network

• SDN and APIC-EM

• Network Configuration and EasyQoS

• Dynamic QoS

• SDN-Assisted Troubleshooting

• Conclusion

Agenda

Objectives

• Describe some applications of SDN being developed to improve collaboration:

• Simplify network configuration needed for collaboration

• Operate network using application input

• Identify media flow-related problems

• Help network engineers understand real value of SDN for collaboration

• Fast, predictable, programmatic network configuration

• Dynamic capabilities not possible before

The Real Value of SDN

Changing Network Software Coding StylesUtilise Programmatically “Linked” Interfaces

REST API

SAL

“Semantically linked” interfaces allow

abstraction layers to change while maintaining

the stack integrity

Customer FlexibilityEnables Use Case Evolution

+ Investment Protection

Vendor FlexibilityAllows Various Components

to mature over time while

preserving interoperability

REST API

APIC-EM for LAN/WAN

SECURITY COLLABORATION ORCHESTRATIONSERVICES WAN

SOUTHBOUND ABSTRACTION LAYER

CATALYST NEXUS ASRISR WIRELESSASA

NON CISCO NETWORK ELEMENTS

APIC-EM

Collaboration Applications

Applications of APIC-EM Supporting Collaboration

SAL

REST APIs

Enterprise

ServicesInventory and

State

Identity and

Location

Application

Awareness

Policy

Enforcement

Elastic Infrastructure

Network Devices

APIC EM

Flow Management

(Cisco Unified CM)

Flow Analysis

(Cisco Prime Collaboration)

Network Configuration

(EasyQoS)

APIC-EMSupported Devices

• ISR-G2

• ISR-4000

• ASR1K

• ASR9K

• CSR 1000v

• 3560CG

• SM Etherswitch modules

• Industrial 2000/3000

• 2960-S/X/XR

• 3650/3850

• 3560-X/3750-X

• 4500/4500x/4900

• 6500/6800

• Nexus 5k/7k

• Wireless Controllers (IOS XE and AireOS)

Collaboration and the Network

• Collaboration applications have always been “close” to the network

• CDP for endpoint identification

• Call admission control and locations

• SDN tightens the integration

QoS Management in the Network

Prime

Collaboration

Assurance

WA

N

EF

AF41

BE

Express Business Intent

and Deploy Policies

Identify MediaClassify & Schedule

Resource Control

Monitor Troubleshoot

Optimise

Unified CM

Quality of Service for CollaborationThe Media-Network Relationship

APIC-EM

Network Configuration for QoS

• QoS is a means to an end

• Which business applications matter to the organisation?

• Give them priority

• Setting QoS in the network is a chore

• Devices have different numbers of hardware queues, etc.

• Lots of CLI to identify and mark flows

• Best practices difficult to implement (Cisco CVD is a large book)

Network

Easy QoS App for APIC-EMNetwork-wide QoS configuration from one interface

QoS Policy Abstraction Enables Separation of Business Intent

• Strategic QoS Policy (WHAT you want to do)• reflects business intent

• not constrained by any technical or administrative limitation

• is end-to-end

• Tactical QoS Policy (HOW it gets done)• adapts the strategic business intent to the platform’s capabilities

• is limited by various tactical constraints, including:• Protocol constraints (e.g. the WLAN has only 4 levels of service [access categories])• Platform constraints (e.g. a Catalyst 3750 has only 4 hardware queues)• Interface constraints (e.g. a T1 WAN link has limited bandwidth)• Role constraints (e.g. a CE link may need to map into a reduced sub-set of SP Classes-of-Service)

Strategic vs. Tactical

APIC-EM Operation for QoS Deployment

Deploy Tactical Static QoS Policies

User enters strategic business Intent to APIC-EM

APIC-EM deploys:

1. static (ingress) classification policies on access edgesAPIC-EM

APIC-EM Operation for QoS DeploymentDeploy Tactical Static QoS Policies

User enters strategic business Intent to APIC-EM

APIC-EM deploys:

1. static (ingress) classification policies on access edges

2. static (ingress and egress) queuing policies

APIC-EM

Benefits

• Focuses QoS discussion on business intent – “what, not how”

• Automates the deployment of QoS “rules” into the network

• Understands and maps various network element limitations

• Automates various best practices for QoS management

• Remember the CVD and its hundreds of pages? It’s baked in.

Dynamic QoS

On Premises Hybrid Cloud

Cisco Unified Communications Manager

Cisco Unified

Communications

Manager

Session Management 101

Registration (SIP) – initialisation

Call Signalling (SIP) – contains media addresses (SDP)

Media flows (RTP) – unidirectional, per-media-type

QoS for Media Flows

• QoS settings can be specified in a variety of ways: configuration files, Windows Group Policy, etc.

• Difficult to manage

• Network operators often do not trust PC/mobile endpoint QoS settings

• So they remark all PC/mobile traffic to best effort

• Can reduce session quality

• Unmanaged and hybrid (communications and data) devicesare becoming more common

• Which VLAN to use?

• Trust their QoS settings?

We can do QoS today. Why change?

QoS Marking Via APIC-EM

Unified CM

1. Endpoints signal call setup to Unified CM

2. Unified CM extracts media addresses from call signalling

3. Unified CM requests QoS setting policy on flows from APIC EM

4. APIC EM instructs switch to apply DSCP according to policy

Applies to any selected SIP endpoint or trunk; no endpoint action is needed

APIC-EM

Configuration in CUCM

• Identify which endpoints require dynamic QoS

• Typically only needed for softclients. Hard phones may already have trust extended to them at the switch port

• Ensure that a SIP Profile with the Dynamic QoS option enabled is applied to the required endpoints

• Only calls involving endpoints with a SIP Profile where this option is enabled will have their information sent to APIC-EM

*May not represent final UI

Configuration

• Import APIC-EM HTTPS certificate if not already trusted by Unified CM

• Otherwise, CUCM won’t be able to talk to APIC-EM

• Enter APIC-EM details under Call Routing, HTTP Profile*

• *Menu wording may change in final release

• Set Cluster wide “External QoS Enabled” Service Parameter to True

• This is the global enable switch for the feature. Without it, nothing takes effect

APIC-EM

Details

• Unified CM updates APIC-EM as calls change

• Hold, transfer, conference, drop…

• Uses IP addresses as seen by Unified CM

• Gateways

• Phones

• If APIC-EM is not available, call proceeds as best effort

• APIC-EM has a horizontal scalability and fault-tolerance architecture

• You might have a question about stale policies now…

• clientReference and node restart procedures to prevent this

• Available in the 2nd half of calendar year 2016

Benefits

• QoS enablement does not require endpoint cooperation or trust

• Perfect for soft clients like Jabber

• No more port-range matching. Elegant trust solution

• Reduces number of places where QoS settings are managed

• Unified CM and APIC-EM manage QoS for collaboration flows

Media Flow Troubleshooting

Identifying and Resolving Problems

So What’s the Problem for Collaboration?

EX90

WANHow Do We Differentiate Between all this RTP Traffic?

How do we

Troubleshoot?

Where do the

flows go?

?

RTP (Different Video, Audio and Desktop Share) Media Streams

End-to-End Monitoring

• View all sessions – scheduled, completed, or in

progress.

• Check Session Statistics – Jitter and Packet Loss

• See end point details

Real-Time Diagnostics

• Conduct Path Trace to view CPU, memory, and

interface statistics to locate bottlenecks in the

network.

• Conduct Path Assessment to reveal potential

configuration issues

Video Test Call

• Ensure end-to-end service experience using “Video Test”

call ahead of important upcoming meeting

Cisco Prime Collaboration AssuranceVideo Assurance features

APIC-EM Path Trace

• APIC-EM traces network paths

• L2 and L3 devices from source to destination

• Provides rapid visibility

• Assists in design and troubleshooting

Prime Collaboration Assurance Interaction with APIC-EM

PerfmonPerfmon

PerfmonPerfmon

1. Initiate an APIC EM Path Visualisation Using IP source and destination

1. Request media path

2. Request media flow statistics

2. Collect statistics from endpoints

Prime

Collaboration

Assurance

APIC-EM

Media Flows in Prime Collaboration Assurance

SDN Path View

SDN Path View

Details

• Path determination will be done periodically, so any change in path will be reflected in topology

• Prime gets media stats (loss, jitter, delay) and CPU, Memory stats from Controller periodically

• Available in the 2nd half of calendar year 2016

Benefits

• Lower OPEX: Find the root cause of the media quality problem quickly

• Better Quality: Improves quality of media diagnostics

• Faster Diagnosis and Remedy: Expands “reach” of diagnostics

Deployment Details

Deployment

Prime

Collaboration

AssuranceUnified CM

• APIC-EM: software on virtual platform

• Scales horizontally

• Discovers network from address seeds

REST over HTTPS

APIC-EM

Deployment

• Horizontal scaling supports software fault tolerance

• Spin up a new service when one fails

• Carefully tuning CLI to devices to optimise device performance

• e.g. TCAM

• Scalability (calls per second, etc.) TBD

• APIC-EM performance

• Network element performance

API Flow

• 1001 calls 2001

• Once CUCM knows media addresses and ports, informs APIC-EM via POST to /api/v1/flow:• {"srcIPAddress":"10.1.1.1","dstIPAddress":"10.2.2.2","srcPort":38492,"dstPort":39608,"mediaTyp

e":"video","qosClassName":"conversational.video.avconf.aq", "averageBandwidth":0, "peakBandwidth":0,”clientReference":"cluster7-unique-id","codec":"H.264”}

• APIC-EM responds with a flow ID:• {"response":{"data":"success","flowId":"bc8727b7-76d0-4bac-94b9-

fa6b76a1a803"},"version":"0.0"}

• And it proceeds to set up QoS marking for the flow on the relevant network devices

• When the call is over, CUCM tells APIC-EM via DELETE to /api/v1/flow/bc8727b7-76d0-4bac-94b9-fa6b76a1a803

• And APIC-EM removes the marking from the network devices

A Note About APIC-EM APIs

• Open & fully documented

• DevNet w/ step-by-step tutorials

• Automate manual processes

• Abstracts the network via REST interfaces

• Read and/or write

• Sky’s the limit

Additional Sessions

• BRKRST-2641 - APIC-EM

• BRKRST-2056 - The QoS Paradigm Shift

• BRKCRS-2501 - Campus QoS Design-Simplified

• BRKRST-2515 - QoS Design and Deployment for Wireless LANs

• BRKSDN-2119 - Programming Device APIs

• BRKUCC-2670 - Accelerate and Assure Collaboration Deployments with Cisco Prime Collaboration

Conclusion

• These examples show value of APIC-EM for Collaboration Applications

• Begin your Exploration Today

• Attend additional sessions

• Visit https://developer.cisco.com/site/apic-em/

• Build a lab where you can see SDN in action

Continue the Conversation using Cisco SparkEnabling Quality of Service with Cisco SDN

• Sign up free for Cisco Spark at http://www.ciscospark.com/

• Download the application from iOS App Store, Google Play Store, or from http://download.ciscospark.com/

• Visit the World of Solutions Cisco Spark area for demos

• Use Cisco Spark to continue the conversation or ask any additional questions with the speaker for this session. The room name is BRKCOL-2616

• How to get added to the Cisco Spark room for this session

• To opt in, send an email to collab_anz@cisco.com with the message “Please add me to the BRKCOL-2616 room”

Participate in the “My Favorite Speaker” Contest

• Promote your favorite speaker through Twitter and you could win $200 of Cisco Press products (@CiscoPress)

• Send a tweet and include

• Your favorite speaker’s Twitter handle @thejonsnyder

• Two hashtags: #CLUS #MyFavoriteSpeaker

• You can submit an entry for more than one of your “favorite” speakers

• Don’t forget to follow @CiscoLive and @CiscoPress

• View the official rules at http://bit.ly/CLUSwin

Promote Your Favorite Speaker and You Could Be a Winner

Continue Your Education

• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Table Topics

• Meet the Engineer 1:1 meetings

• Related sessions

Q & A

Complete Your Online Session Evaluation

Learn online with Cisco Live!

Visit us online after the conference

for full access to session videos and

presentations.

www.CiscoLiveAPAC.com

Give us your feedback and receive a

Cisco 2016 T-Shirt by completing the

Overall Event Survey and 5 Session

Evaluations.– Directly from your mobile device on the Cisco Live

Mobile App

– By visiting the Cisco Live Mobile Site http://showcase.genie-connect.com/ciscolivemelbourne2016/

– Visit any Cisco Live Internet Station located

throughout the venue

T-Shirts can be collected Friday 11 March

at Registration

Thank you