Traffic Engineering using Segment Routing Santiago Álvarez

Thank you for attending Cisco Connect Toronto 2015, here are a few housekeeping notes to ensure we all enjoy the session today.

§  Please ensure your cellphones / laptops are set on silent to ensure no one is disturbed during the session

§  A power bar is available under each desk in case you need to charge your laptop (Labs only)

House Keeping Notes

§  Technology Overview §  Use Cases

§  A Closer Look to Control and Data Plane

§  Traffic Engineering

§  Conclusions

Agenda

Technology Overview

§  Source Routing §  the source chooses a path and encodes it in the packet header as an ordered

list of segments §  the rest of the network executes the encoded instructions without any further

per-flow state

§  Segment: an identifier for any type of instruction §  forwarding or service

Segment Routing

§  Shortest-path to the IGP prefix

§  Global

§  16000 + Index

§  Signaled by ISIS/OSPF

IGP Prefix Segment

DC (BGP-SR)

10

11

12

13

14

2 4

6 5

7

WAN (IGP-SR)

3

1

PEER

16005

§  Forward on the IGP adjacency

§  Local

§  1XY §  X is the “from” §  Y is the “to”

§  Signaled by ISIS/OSPF

IGP Adjacency Segment

DC (BGP-SR)

10

11

12

13

14

2 4

6 5

7

WAN (IGP-SR)

3

1

PEER

124

§  Shortest-path to the BGP prefix

§  Global

§  16000 + Index

§  Signaled by BGP

BGP Prefix Segment

DC (BGP-SR)

10

11

12

13

14

2 4

6 5

7

WAN (IGP-SR)

3

1

PEER

16001

§  Forward to the BGP peer

§  Local

§  1XY §  X is the “from” §  Y is the “to”

§  Signaled by BGP-LS (topology information) to the controller

BGP Peering Segment

DC (BGP-SR)

10

11

12

13

14

2

6

7

WAN (IGP-SR)

3

1

PEER

Low Lat, Low BW 4

5 High Lat, High BW

147

§  WAE collects via BGP-LS §  IGP segments §  BGP segments §  Topology

WAN Controller

DC (BGP-SR)

10

11

12

13

14

2 4

6 5

7

WAN (IGP-SR)

3

1

PEER

Low Lat, Low BW

BGP-LS

BGP-LS

BGP-LS

§  WAE computes that the green path can be encoded as §  16001 §  16002 §  124 §  147

§  WAE programs a single per-flow state to create an application-engineered end-to-end policy

An end-to-end path as a list of segments

DC (BGP-SR)

10

11

12

13

14

2 4

6 5

7

WAN (IGP-SR)

3

1

PEER

Low Lat, Low BW

50

Default ISIS cost metric: 10

{16001, 16002, 124, 147}

PCEP, Netconf, BGP

§  IETF standardization in SPRING working group

§  Protocol extensions progressing in multiple groups §  IS-IS §  OSPF §  PCE §  IDR §  6MAN

§  Broad vendor and customer support

Segment Routing Standardization Sample IETF Documents

Segment Routing Architecture (draft-ietf-spring-segment-routing)

Problem Statement and Requirements (draft-ietf-spring-problem-statement)

IPv6 SPRING Use Cases (draft-ietf-spring-ipv6-use-cases)

Segment Routing Use Cases (draft-filsfils-spring-segment-routing-use-cases)

Topology Independent Fast Reroute using Segment Routing (draft-francois-spring-segment-routing-ti-lfa)

IS-IS Extensions for Segment Routing (draft-ietf-isis-segment-routing-extensions)

OSPF Extensions for Segment Routing (draft-ietf-ospf-segment-routing-extensions)

PCEP Extensions for Segment Routing (draft-ietf-pce-segment-routing)

Close to 30 IETF drafts in progress

§  Platforms: ASR9000, CRS-1/CRS-3 (shipping) §  IS-IS IPv4 (shipping)

§  Node/Adjacency SID advertisement §  LDP interworking (mapping server/client) §  Traffic protection (topology independent LFA link protection)

§  OSPFv2 (shipping) §  Node SID advertisement §  Traffic protection (LFA)

§  Upcoming §  IS-IS IPv6 §  IS-IS / OSPFv2 parity §  SR Traffic Engineering (manual provisioning and PCEP) §  OAM (Ping/Trace)

Segment Routing Product Support

Use Cases

§  IGP only §  No LDP, no RSVP-TE

§  ECMP

IPv4/6 VPN/Service transport

1

2 3

4

6 5

7

Site1 Site2

pkt

16007 vpn

pkt

16007 vpn

pkt

pkt vpn

pkt

§  Seamless deployment

Seamless interworking with LDP

1

2 3

4

6 5

7

Site1 Site2

pkt

pkt vpn

pkt

pkt

16007 vpn

pkt

16007 vpn

pkt vpn

LDP(7)

§  50msec FRR in any topology

§  IGP Automated §  No LDP, no RSVP-TE

§  Optimum §  Post-convergence path

§  No midpoint backup state

§  Detailed operator report §  S. Litkowski, B. Decraene, Orange

§  Mate Design §  How many backup segments §  Capacity analysis

Topology-Independent LFA (TI-LFA FRR)

1

2 3

4

6 5

7

pkt 16007 16005

pkt 16007

pkt 16007

§  Traffic Matrix is fundamental for §  capacity planning §  centralized traffic engineering §  IP/Optical optimization

§  Most operators do not have an accurate traffic matrix

§  With SR, the traffic matrix collection is automated

Automated Traffic Matrix Collection 1 2 3 4

1 2 3 4

1

2

4

3

§  On a per-content, per-user basis, the content delivery application can engineer §  the path within the AS §  the selected border router §  the selected peer

§  Also applicable for engineering egress traffic from DC to peer §  BGP Prefix and Peering Segments

Optimized Content Delivery

1 2

6

4 3 AS1

5

7

AS6 AS5

AS7

pkt

16003 16002

126

§  Per-application flow engineering

§  End-to-End §  DC, WAN, AGG, PEER

§  Millions of flows §  No signaling §  No midpoint state §  No reclassification at

boundaries

Application Engineered Routing

DC (or AGG)

10

11

12

13

14

Push {16001, 200, 147}

Low-Latency to 7 for application A12

2 4

6 5

7

Default ISIS cost metric: 10 Default Latency metric: 10

ISIS: 35

WAN

3

1

BSID: 200

200: pop and push {16002, 16004}

PEER

Low Lat, Low BW

Low-Lat to 4

PeerSID: 147, Low Lat, Low BW

PeerSID: 147, High Lat, High BW

§  Per-application flow engineering

§  End-to-End §  DC, WAN, AGG, PEER

§  Millions of flows §  No signaling §  No midpoint state §  No reclassification at

boundaries

Application Engineered Routing

DC (or AGG)

10

11

12

13

14

Push {16010, 16001, 200, 147}

Low-Latency to 7, DC Plane 0 only, for application A12

2 4

6 5

7

Default ISIS cost metric: 10 Default Latency metric: 10

ISIS: 35

WAN

3

1

BSID: 200

200: pop and push {16002, 16004}

PEER

Low Lat, Low BW

Low-Lat to 4

PeerSID: 147, Low Lat, Low BW

PeerSID: 147, High Lat, High BW

A Closer Look to Control and Data Plane

MPLS Control and Forwarding Operation with Segment Routing

PE1 PE2

IGP PE1 PE2

Services

IPv4 IPv6 IPv4 VPN

IPv6 VPN VPWS VPLS

Packet Transport LDP

MPLS Forwarding

RSVP BGP Static IS-IS OSPF

No changes to control or forwarding plane

IGP label distribution for IPv4 and IPv6, same forwarding plane

BGP / LDP

§  Prefix SID §  SID encoded as an index §  Index represents an offset from SRGB base §  Index globally unique §  SRGB may vary across LSRs §  SRGB (base and range) advertised with router capabilities

§  Adjacency SID §  SID encoded as absolute (i.e. not indexed) value §  Locally significant §  Automatically allocated for each adjacency

SID Encoding

SRGB = [ 16000 - 23999 ]. Advertised as base = 16,000, range = 7,999 Prefix SID = 16041. Advertised as Prefix SID Index = 41 Adjacency SID = 24000. Advertised as Adjacency SID = 24000

SR-enabled Node

§  Level 1, level 2 and multi-level routing §  Prefix Segment ID (Prefix-SID) for host prefixes on loopback interfaces

§  Adjacency SIDs for adjacencies

§  Prefix-to-SID mapping advertisements (mapping server)

§  MPLS penultimate hop popping (PHP) signaling

§  MPLS explicit-null label signaling

SR IS-IS Control Plane Overview

§  Required §  Wide metrics §  SR enabled under unicast address family

§  Optional §  Prefix-SID configured under loopback(s) AF IPv4

§  MPLS forwarding enabled automatically on all (non-passive) IS-IS interfaces

§  Adjacency-SIDs are automatically allocated for each adjacency

IS-IS Configuration

§  IPv4 Prefix Segment ID (Prefix-SID) for host prefixes on loopback interfaces

§  MPLS penultimate hop popping (PHP) signaling

§  MPLS explicit-null label signaling

SR OSPF Control Plane Overview

§  OSPFv2 control plane §  Required

§  Enable segment-routing under instance or area(s) §  Command has area scope, usual inheritance applies

§  Enable segment-routing forwarding under instance, area(s) or interface(s) §  Command has interface scope, usual inheritance applies

§  Optional §  Prefix-SID configured under loopback(s)

§  MPLS forwarding enabled on all OSPF interfaces with segment-routing forwarding configured

OSPF Configuration

§  Packet forwarded along IGP shortest path §  Packet leverages ECMP load balancing §  Swap operation performed on input label §  Same top label if same/similar SRGB §  PHP if signaled by egress LSR

MPLS Data Plane Operation

Payload

SRGB [16,000 – 23,999 ]

X

Payload

Swap

Y

Payload

SRGB [16,000 – 23,999 ]

Y

Payload

Pop

Y

Adjacency SID = X

X

Prefix SID Adjacency SID

§  Packet forwarded along IGP adjacency §  Pop operation performed on input label §  Top labels will likely differ §  Penultimate hop always pops last adjacency SID

Payload

VPN Label

MPLS Data Plane Operation (Prefix SID)

SRGB [16,000 – 23,999 ] SRGB [16,000 – 23,999 ] SRGB [26,000 – 23,999 ] SRGB [16,000 – 23,999 ]

Loopback X.X.X.X Prefix SID Index = 41

A B C D

Payload

16041

Payload

Push Push

Swap Pop

Payload Payload

VPN Label

26041

VPN Label

Pop

Payload

VPN Label

MPLS Data Plane Operation (Adjacency SIDs)

MPLS Label Range [ 24000– 265535 ]

MPLS Label Range [ 24000– 265535 ]

MPLS Label Range [ 24000– 265535 ]

MPLS Label Range [ 24000– 265535 ]

Payload

24000

Payload

Push Push Push

Pop Pop

Payload Payload

VPN Label

24000

VPN Label

Pop

Adjacency SID = 24000 Adjacency SID = 24000 Adjacency SID = 24010

24000

A B C D

§  LFIB populated by IGP (ISIS / OSPF)

§  Forwarding table remains constant (Nodes + Adjacencies) regardless of number of paths

§  Other protocols (LDP, RSVP, BGP) can still program LFIB

MPLS LFIB with Segment Routing

32

PE

PE

PE

PE

PE

PE

PE

PE

P

In Label

Out Label

Out Interface

L1 L1 Intf1 L2 L2 Intf1 … … … L8 L8 Intf4 L9 L9 Intf2 L10 Pop Intf2 … … … Ln Pop Intf5

Network Node Segment Ids

Node Adjacency Segment Ids

Forwarding table remains constant

Traffic Engineering

§  Provides explicit routing §  Supports constraint-based routing §  Supports centralized admission

control §  No RSVP-TE to establish LSPs §  Uses existing ISIS / OSPF

extensions to advertise link attributes

§  Provides ECMP

Traffic Engineering with Segment Routing

TE LSP

Segment Routing

§  Link information Distribution §  ISIS-TE §  OSPF-TE

§  Path Calculation §  Path Setup §  Forwarding Traffic down path

§  Auto-route (announce / destinations) §  Static route §  PBR §  PBTS / CBTS §  Forwarding Adjacency §  Pseudowire Tunnel select

How Traffic Engineering Works

IP/MPLS

Head end

Mid-point Tail end

TE LSP

§  Addresses complex requirements for path computation in large, multi-domain and multi-layer networks §  Path computation element (PCE)

§  Computes network paths based on network information (topology, paths, etc.) §  Stores TE topology database (synchronized with network) §  May reside on a network node or on out-of-network server §  May initiate path creation §  Stateful - stores path database included resources used (synchronized with network) §  Stateless - no knowledge of previously established paths

§  Path computation client (PCC) §  May send path computation requests to PCE §  May send path state updates to PCE

§  PCC and PCE communicate via Path Computation Element Protocol (PCEP)

§  Cisco WAN orchestration provides network path instantiation driven by an out-of-network stateful PCE

PCE Architecture Introduction

H E L L O my name is

PCE

§  PCE maintains topology and path database (established paths)

§  More optimal centralized path computation

§  Enables centralized path initiation and update control

§  Well suited for SDN deployments

Stateful PCE

PCEP

Stateful PCE

TED

LSP DB

PCC

§  An external PCE requires some form of topology acquisition

§  A PCE may learn topology using BGP-LS, IGP, SNMP, etc.

§  BGP-LS characteristics §  aggregates topology across one or more

domains §  provides familiar operational model

§  New BGP-LS attribute TLVs for SR §  IGP: links, nodes, prefixes §  BGP: peer node, peer adjacency, peer set

Topology Acquisition

Domain 1 Domain 2

Domain 0

BGP-LS

TED

BGP-LS BGP-LS

RR

PCE

§  PCC or PCE may initiate path setup

§  PCC may delegate update control to PCE

§  PCC may revoke delegation

§  PCE may return delegation

Active Stateful PCE

PCEP

Active Stateful PCE

TED

LSP DB

Stateful PCC

PCE has update control over

delegated paths

Active Stateful PCE PCE-Initiated and PCC-Initiated LSPs

PCEP

PCC-Initiated (Active Stateful PCE)

TED

LSP DB

Stateful PCC

PCEP

PCE-Initiated (Active Stateful PCE)

TED

LSP DB

Stateful PCC

PCC initiates LSP and

delegates update control

PCE initiates LSP and

maintains update control

§  PCE part of controller architecture managing full path life cycle

§  Tighter integration with application demands

§  PCC may initiate path setup based on distributed network state

§  Can be used in conjunction with PCE-initiated paths

§  Segment routing enables source routing based on segment ids distributed by IGP

§  PCE specifies path as list of segment ids §  PCC forwards traffic by pushing segment

id list on packets §  No path signaling required §  Minimal forwarding state §  Maximum network forwarding virtualization §  The state is no longer in the network but in

the packet §  Paths may be PCE- or PCC-initiated

PCE Extensions for Segment Routing (SR)

PCEP Segment List:: 10,20,30,40

Stateful PCE

TED

LSP DB

Stateful PCC

Node SID

Adjacency SID

Forwarding table remains constant

In Out Int L1 L1 Intf1 … … … L7 L7 Int3 L8 Pop Intf3 … … … L9 Pop Intf5

Application Path

Request

§  Segment Routing capability (when opening PCEP session)

§  Existing ERO object with new Segment Routing Explicit Route Object (SR-ERO) sub-object

§  Sub-objects include a segment id (SID) and/or an associated “Node or Adjacency Identifier”(NAI)

§  A NAI can specify a §  IPv4 node §  IPv6 node §  IPv4 adjacency §  IPv6 adjacency §  Unnumbered adjacency with IPv4 node ids

§  Request parameters indicate path type (SR or RSVP)

PCEP Extensions for Segment Routing

SID / NAI

SID / NAI

SID / NAI

SR-ERO subobject (1) SR-ERO subobject (2)

SR-ERO subobject (n)

ERO Object

Conclusions

§  Minimal midpoint forwarding state required §  No extra protocol (LDP or RSVP-TE) required to signal path

§  Native ECMP

§  Few segments required (apply Cisco Mate Design on your data)

§  Distributed computation or centralized

§  Integration with IP/Optical optimization

Conclusions

§  Cisco dCloud is a self-service platform that can be accessed via a browser, a high-speed Internet connection, and a cisco.com account

§  Customers will have direct access to a subset of dCloud demos and labs

§  Restricted content must be brokered by an authorized user (Cisco or Partner) and then shared with the customers (cisco.com user).

§  Go to dcloud.cisco.com, select the location closest to you, and log in with your cisco.com credentials

§  Review the getting started videos and try Cisco dCloud today: https://dcloud-cms.cisco.com/help

dCloud

Customers now get full dCloud experience!

§  Give us your feedback and you could win a Plantronics headset. Complete the session survey on your Cisco Connect Toronto Mobile app at the end of your session for a chance to win

§  Winners will be announced and posted at the Information desk and on Twitter at the end of the day (You must be present to win!)

Complete your session evaluation – May 14th

#CiscoSpark

Let’s continue this conversation on…

Spark

Cisco’s mobile collaboration

team application Visit the Collaboration booth in the

World of Solutions to join the Connect Spark room

Thank you