sdn solution for serviced2zmdbbm9feqrf.cloudfront.net/2016/eur/pdf/brkspg-2064.pdf · vmware esxi...

SDN Solution for Service Provider Access Network

Dennis Pai, Product Manager

Ahmed Abeer, Technical Marketing Engineer

BRKSPG-2064

• Overview and Business Drivers

• SDN Technologies and Protocols

• SDN Products and Solution

• Example Use Cases

• SDN Application Demo

• Summary and Conclusion

Agenda

3

Scope of Discussion

• Focus on SDN technologies and solutions in the context of Service Provider IP networks

• Data Center and Enterprise related technologies will not be discussed

• See Related Sessions for more detailed information on these Cisco solutions

Session Objective

Explore SDN Use Cases

Understand Key Benefits

Learn about SDN Technology

Overview and Business Drivers

6

Software Defined Networking

Applications

Control Plane

Data Plane

Virtual

Physical

• Decoupled Control and Data Planes

• Highly Centralized Control (aka SDN Controller)

• Greater application interaction with the network

• An opportunity to re-think the relationship between network hardware and software

SDN Definition (ONF): The physical separation of the

network control plane from the forwarding plane, and

where a control plane controls several devices.

Network Functions Virtualization

Purpose built appliances Servers!

VNFs

• Transition of network services to run on virtualized compute infrastructure

• Decoupling the service from the device

• Elastic, consumption-based service model

Network Programmability

Physical and Virtual Network Infrastructure

Model Drivern Programmable Interfaces

Programmatic

Interfaces

Open

Protocols

Configuration

Management

Traffic

Engineering

Operational

State

Service Provider Market Trends

Changing Customer Expectations

The World Has Gone Mobile Massive Traffic Growth, Driven by Video

Soon to Change SP Architectures/

Service Delivery

Emergence of the Internet of Everything

Process ThingsPeople Data

Ubiquitous Access

to Apps & Services

Changing Enterprise

Business Models

Efficiency & Capacity

Rise of Cloud Computing M2M Driving Enterprise Business Value

+ + +

10X Mobile Traffic Growth

From 2013-2019

OPEX Reduction is Key to Contain Cost

$300 $313 $316 $315 $304

$1,331 $1,341 $1,299 $1,321 $1,282

2011 2012 2013 2014 2015

Worldwide Service Provider CAPEX vs OPEX ($B)

Capex Opex

Infonetics Service Provider Capex, Opex, Revenue, and Subscribers, Oct 2015

Cisco SP Routing Platforms

DCISP Data Center

NCS6KASR9K

nV, AN, MPLS,

EthernetMPLS

(SR, LDP, BGP, mLDP, nV) CoreMPLS (SR, SRTE, mLDP, BGP)

AccessCE/NID Preggregation

InternetMPLS

(SR, LDP, BGP, mLDP)

ASR900ASR9K

ASR9000v

ASR920

ASR920-12SZ-IM

Aggregation

ASR9K

ASR900

Service Edge

ASR9K

Internet

Gateway

ME1200

NCS5500

NCS5000

NCS5000NCS5000

NCS5500

NCS5500

CRS

Access Network

Access Network Characteristics

Simple DevicesHeterogeneous/Multi-

Vendor Environment

Special Device

Requirements

Right-size

Purchase

Long Installation and

Setup Time

Service

Orchestration

SDN

Interfaces

Packet

Transport

Services MEF Services Mobile Infrastructure Business VPNResidential

Services

CLI,

SNMPNETCONF/YANG BGP Openstack/vCenter PCEP

ME1200

ASR907/903

ASR920

ASR9000v

NCS5500

NCS5000

ASR9K

NCS6K

XRv-9000

CSR1Kv

Physical VirtualApplication Engineered Routing AER Routing, AER-TE, AER-LDP Interworking, BGP LU

Orchestration, Service and Policy Implementation

(NSO enabled by Tail-f)

Multi Layer Manager

(EPN-M)DC & NFV Controller

(ESC, VTS, APIC)Open Source Controller

(OSC, ODL)

Multilayer WAN

Automation Engine

(WAE, AER)

Multi Vendor End to End Management & Orchestration (Physical & Virtual)

Cloud PolicerApplications Rapid Service Deployment

Service-Intent API

SDN / APIs

Bandwidth on Demand

& Calendaring

Optical

Transport Optical

IPoDWDM

Intelligent Traffic Steering

& Virtual Patch Panel

Cisco SDN Strategy for SPs – Evolved Programmable Networks (EPN)

SDN Technologies and Protocols

15


Service

Orchestration

SDN

Interfaces

Packet

Transport


Services

CLI,


ME1200

ASR907/903

ASR920

ASR9000v

NCS5500

NCS5000

ASR9K

NCS6K

XRv-9000

CSR1Kv




Multi Layer Manager



(OSC, ODL)

Multilayer WAN

Automation Engine

(WAE, AER)



Service-Intent API

SDN / APIs

Bandwidth on Demand

& Calendaring

Optical

Transport Optical

IPoDWDM



etc

MPLS

BGP

NETCONF (or REST), YANG, and Open ConfigTaking Service Automation to the next level: Declarative Configuration and Model-Driven Management

NETCONF (or REST)

Yang

Models

YANG Modules

YANGModulesManagement

Applications

Operating System

Data Plane

Programmatic Interfaces

Control Plane / AgentYANG

Modules

YANG Modules

Network

Elements

What is OpenConfig?

“An informal working group of network operators

sharing the goal of moving our networks toward

a more dynamic, programmable

infrastructure…declarative configuration and

model-driven management and operations. The

initial focus of the effort is on the development of

vendor-neutral data models for configuration and

management that will be supported natively on

networking hardware and software platforms”

source: www.openconfig.net

Path Computation Element Protocol (PCEP)

• Used between head-end router and PCE to:

• Request/receive path from PCE subject to constraints

• State synchronization between PCE and router

• Hybrid CSPF

• Two current modes based on Stateful PCE initiative:

• PCE Initiated: App + PCE initiate tunnel setup

• LSP Delegation: router initiates tunnel setup (e.g. via CLI or NMS) then delegates tunnel management to PCE

4 5

3

6 7

AS2

2

1AS1

PCE

PCEP

• Allows BGP to push IGP topology (LSDB) and resource utilization up to central SDN controller

• New link state address family

• BGP provides a familiar operational model to aggregate topology information across domains

• Multi-hop sessions

• Need at minimum single BGP-LS speaker per domain

• Topology information distributed from IGP into BGP (only if changed)

Domain 1 Domain 2

Domain 0

BGP-LS

BGP-LS BGP-LS

RR

BGP Link State (BGP-LS)

SDNControl

• Base specification defined in IETF RFC 5575

• Various extensions defined in other IETF documents (see IDR working group docs)

• Provides the following key capabilities:

1. Distribute ACLs via BGP, thereby, enabling rapid inter-domain distribution of flow-based traffic filters at large-scale (network wide)

2. Flow-based traffic redirection, for example, to traffic scrubber for DDoS mitigation

• Open Daylight Lithium release will support origination of BGP Flowspec rules

• Recent Cisco contribution

• Enables centralized policy engine to dynamically program network wide traffic filtering and steering policies via Open Daylight SDN controller REST interface

• Facilitates SDN-based DDoS mitigation

BGP Flow Specification (aka Flowspec)

• IP/MPLS architecture that seeks the right balance between distributed intelligence and centralized optimization and programming

• Drastic reduction of control-plane and hardware state

• Better utilization of the installed infrastructure

• Wide applicability: DC, WAN, Metro, Peering (end-to-end)

• An architecture designed with SDN in mind

• Unleash application-network innovation

• Open IETF proposed standard (SPRING working group)

Segment Routing

www.segment-routing.net

21

Segment Identifiers

Segment Routing Overview

C -> D -> E C -> D -> B ->E C -> D -> B ->E

SDN Products and Solutions

24


Service

Orchestration

SDN

Interfaces

Packet

Transport


Services

CLI,


ME1200

ASR907/903

ASR920

ASR9000v

NCS5500

NCS5000

ASR9K

NCS6K

XRv-9000

CSR1Kv




Multi Layer Manager



(OSC, ODL)

Multilayer WAN

Automation Engine

(WAE, AER)



Service-Intent API

SDN / APIs

Bandwidth on Demand

& Calendaring

Optical

Transport Optical

IPoDWDM



Network Services Orchestrator (NSO)

• Enabled by tail-f

• Multi-vendor service orchestrator for existing and future networks o Includes distributed (multi-device) service

configuration management, transaction integrity, validation and rollback

• Single pane of glass for:o L2-L7 networking

o Hardware Devices

o Virtual Appliances

• YANG Model Driven Orchestration

o Service Data models (declarative)

o Device Data Model (for auto config)

o Fastmap engine translates models to device configuration including CLI

• Highly Scalable for large infrastructure

o One of the existing deployment is managing 60K devices on the network

Network Element Drivers

Device Manager

Service Manager

Network Services Orchestrator (NSO) Service

Models

Device

Models

Network-wide CLI, Web UIREST, Java, NETCONF

Network

Engineer

Management

Applications

End-to-End

Transactions

NETCONF, CLI, SNMP, REST, etc.

• Applications

• Controllers

26

Cisco’s Open SDN ControllerCisco’s Commercial Edition Of Open Daylight

“One-Click” Install

VMware ESXi and Oracle

Virtual Box hypervisor ready Pre-Installed Apps

•BGPLS Manager – visualizes

network topology from BGP database

• Inventory – augmented

OpenDaylight “Nodes” app

identifies all connected devices

•(YANG) Model Explorer – exposes

system models and previews JSON

API body

•OpenFlow Manager – manages,

visualizes and troubleshoots flows +

previews JSON API body

•PCEP Manager – creates, modifies

and deletes MPLS LSPs

Centralized OA&M

Robust user, application and

feature administration

Status monitoring: system,

cluster, node

Event logging

Real-time CPU, memory,

disk, heap size, load and

network utilization metrics

See also: http://www.cisco.com/c/en/us/products/cloud-systems-management/open-sdn-controller/index.html

27

http://www.cisco.com/c/en/us/products/cloud-systems-management/open-sdn-controller/index.html

• Multi-Application Engine for the SP WAN

• Enables applications to make queries about placing demands

• Run demand placement and network failure simulations

• Request demand placement or optimization on the network

• WAE is really an advanced suite of network optimization, planning and calendaring capabilities which can be leveraged by applications

• Capabilities exposed via northbound REST/Java/Thrift APIs

• WAE uses topology and traffic abstraction

• By collecting information from the network

• Multi-Vendor platform

• Compliments NSO and Open SDN Controller (ODL)

WAE: WAN Automation Engine

http://www.cisco.com/go/wae

Sourc

eDestination

SDN Orchestration & ControlConfiglet NSO EMS/NMSODL/OSC …

Traffic Management Applications

REST

REST/NETCONF

NETCONF/PCEP/BGP-LS

http://www.cisco.com/go/wae

Example Use Cases

29

1. Service Automation

2. Automated Traffic Engineering

3. Bandwidth on Demand / Calendaring

4. DDoS Mitigation

5. Agile Carrier Ethernet

Example Use Cases

Access

Backbone

Metro

DC

Use Case #1 – Service Automation (1/2)End-to-End Service Provisioning Across Multi-Vendor Network

Homegrown

Inventory DB

PortalPartner API

NETCONF/YANG

CLI

REST

NSO

1. Customer adding new site to L3VPN

2. Portal or Partner REST API call to Tail-F NCS with new service parameters

3. NCS performs customer lookup and calls L3VPN service model

4. Service model contains multi-device logic which includes provisioning of backhaul circuit(s) and PE configuration

5. Service model parameters are mapped to the appropriate NCS Network Element Driver (NED) for each device in the service topology

6. NCS’ NED pushes configuration to devices via CLI or NETCONF/YANG

Customer_L3VPNManagement Plane

Control Plane

Host OS

Data Plane

Access

Backbone

Metro

DC

Use Case #1 – Service Automation (2/2)End-to-End Service Provisioning Across Multi-Vendor Network

Homegrown

Inventory DB

PortalPartner API

REST

Benefits

•Massive reduction in provisioning errors

•Customer self-selection (and automation)

•Developed new Flexible-VPN service offerings

•10x increase in transactions vs. previous manual process

•Scale Ops Staff: increased services-to-engineers ratio

NSO

NETCONF/YANG

CLI

Backbone

DC

Use Case #2 – Automated Traffic EngineeringImprove Capacity Management and Network Utilization

1. WAE and ODL continuously collect topology and traffic information

2. PCE application queries WAE for topology and traffic info

3. PCE application computes optimal load placement for traffic matrix

4. PCE application programs re-optimized load placement via WAE

5. WAE creates, modifies and/or deletes RSVP-TE tunnels or SR-TE paths as needed via ODL

6. Go back to step 2 and repeat → Automated Traffic EngineeringREST

PCEPBGP-LS

REST

MetroAccess

ApplicationMATE

Apps

REST

NETCONFSNMP

NETFLOW

CLI

(Real-Time)(Non-Real-Time)

TE Tunnels

WAN Automation Engine

(WAE)

Backbone

DC

Use Case #3 – Bandwidth on Demand / CalendaringNew Service and Revenue Opportunity

1. WAE and ODL continuously collect topology and traffic information

2. Customer uses SP web portal to reserve bandwidth between its sites (effective immediately or at a future date and time)

3. PCE application queries WAE to verify if traffic demand can be admitted and, if so, to identify optimal paths

4. PCE application decides load placement for traffic demand

5. PCE application admits traffic demand via WAE

6. WAE admits traffic demand onto network topology which may include creation, modification and/or deletion of RSVP-TE tunnels or SR-TE paths as needed via ODL

REST

PCEPBGP-LS

MetroAccess

Application

REST

NETCONFSNMP

NETFLOW

CLI

Portal

TE Tunnels

WAN Automation Engine

(WAE)

Backbone

DC

Use Case #4 – DDoS MitigationMitigate Security Attacks using SDN Controller

1. Network telemetry provides visibility to detect DoS attacks

2. Once detected, DDoS mitigation application programs attack mitigation policy using REST interface of Open Daylight SDN controller

3. Open Daylight SDN controller originates BGP flowspec rules to either filter attack or redirect attack traffic to scrubbing center

4. BGP flowspec rules are propagated to wider network (e.g., border routers) using BGP route reflector (physical or virtual)

5. Border routers install security policy to mitigate attack

BGP Flowspec

BGP Flowspec

MetroAccess

DDoS Mitigation Application

REST

BGP Route Reflector

Backbone SR Metro

Use Case #5 – Agile Carrier Ethernet (1/2)Extending Segment Routing into Carrier Ethernet Access Network

1. Simplify MPLS protocol stack: IGP + SR (no LDP, RSVP, etc.)

2. Eliminate Layer-2 Control Plane and scale challenges

3. IP Unnumbered links, zero-touch node insertion (Autonomic Networking)

4. Use SR Node Label for Intra-Area traffic

5. Use Service Node Label for Inter-Area Traffic

6. Link and Node protection with Topology Independent FRR (TiFRR)

IGP Segment Routing

Domain. Single IGP Area

Core / Backbone

Segment Routing or MPLS-TE

BGP-LU

IGP Segment Routing

Domain. Single IGP Area

Service Nodes

Access Nodes

Backbone SR MetroSR Metro

Use Case #5 – Agile Carrier Ethernet (2/2)Extending Segment Routing into Carrier Ethernet Access Network

Static

Label

REST

7. Service Topology Decoupled from SR Transport Topology

8. Controller (NSO + XRv) receives IGP topology data via BGP-LS advertisement

9. Controller receives Service Node Label information via BGP-LU

10. Controller provisions attachment circuit parameters (EVC, QOS), and Service Node reachability (static label + FIB entry)

11. Service Node receives inbound static PW traffic, decapsulates and places in

12. Two Provisioning Touch-Points

BGP-LS

BGP-LU

PortalPartner API

Customer_E-LINE

NSO IOS-XRv+

Static

LabelBGP-LS

BGP-LU

BGP-LU

Rapid Service Deployment (RSD) Demo

Service

Orchestration

SDN

Interfaces

Packet

Transport


Services

CLI,


ME1200

ASR907/903

ASR920

ASR9000v

NCS5500

NCS5000

ASR9K

NCS6K

XRv-9000

CSR1Kv




Multi Layer Manager



(OSC, ODL)

Multilayer WAN

Automation Engine

(WAE, AER)



Service-Intent API

SDN / APIs

Bandwidth on Demand

& Calendaring

Optical

Transport Optical

IPoDWDM




• Introducing new access nodes and provisioning new services are costly and time consuming

• Service Provisioning is often a manual and vendor specific solution

• CLI requires expertise on user side

• NMS solutions are vendor specific

• Current processes hinder new services deployment time

SP Deployment Problem Statement

Solution: Rapid Service Deployment (RSD) ODL Application

Secure Zero Touch Device Activation• Secure Channel Discovery & Device Bootstrap (Autonomic Network)

• Automated Services Discovery (TFTP, AAA, Syslog etc.) and Configuration Download

• Virtual Out of Band Management

Open and Multi Vendor Service Provisioning• Multi-vendor Open API (NETCONF/YANG, REST) based Service Deployment

• L2VPN & L3VPN Service Provisioning

Service Validation and Performance Monitoring•Industry StandardsY.1564, RFC 2544 and Y.1731 PM based Network Performance

Management

Coexist with NMS• NMS can be used for incremental configuration, element & service management after initial

bootstrapping and configuration by RSD

Open Daylight (ODL)

Services (L2VPN/L3VPN)

ProvisioningApplication Image & Configuration

Download (CSM)

Core Edge Access

RSD High Level Block Diagram

Service & NetworkController

Physical & Virtual Devices

Performance

Management &

Topology Discovery

RESTCONF

PACKAGED

IN

ONE

APP

BGP LS Netconf/Yang Autonomic Configlets SNMP

Cisco NSO

Cost Impact

RSD Business Outcome – Reduced OpEx

After

RSD

Greater than 56%

Cost Savings

Enabling 75% Reduction in Truck Rolls

Traditional RSD

Node

Insertion

$625 -

$1500

$275

RSD Demo

SR + WAE Demo

• In this demonstration you will experience the following:

• Cisco WAE acting as Controller of an MPLS Segment Routing network built with ASR 9000 and XRv devices

• Programmatic access to Cisco WAE requesting instantiation of traffic engineering policies in the network

• PCE-initiated Segment Routing Traffic Engineering (SR-TE) policies

• Automatic re-optimization of existing paths triggered by network topology changes

Demonstration Objectives

P1

PE1

P2

PE2CE1

CE2

Demo Components

WAEAPP

PCEP BGP-LS

REST APIs

IS-IS Segment Routing

IP / MPLS network BGP-LS = BGP Link State

PCEP = Path Computation Element Protocol

WAN Controller

P1

PE1

P2

PE2CE1

CE2

Initial State

Lo0

SID 16041

Lo0

SID 16141

Lo0

SID 16142

Lo0

SID 16042

10

100

10

10

10

10

10

10

5

1005

30

5

20

0Using MPLS labels propagated via SR ISIS extensions,

traffic CE1-CE2 travels over LSP following IGP best path

IGP metric = RED

TE metric = BLUE

16042

IP

IPIP

IP

POP (PHP)

P1

PE1

P2

PE2CE1

CE2

Lo0

SID 16142

Lo0

SID 16042

APP RequestWAEAPP

10

100

10

10

10

10

10

10

5

1005

30

5

20

16142

16042

1REST API

APP requests PATH PE1-PE2 with latency < 45 msec;

or otherwise lowest possible when out-of-contract

IPIP

16142

16042

IPIP

POP (PHP) IGP metric = RED

TE metric = BLUE

2 WAE computes path meeting constraints

Path found !!!

In-contract == cumulative TE metric = 20

3WAE deploys path onto the network using PCEP

Forwarding instructions in SR ERO:

Follow IGP path to P2

then follow IGP path to PE2

POP (PHP)

4WAE replies to APP

Path found – in-contract

1

4

P1

PE1

P2

PE2CE1

CE2

Lo0

SID 16142

Lo0

SID 16042

Link Failure A (1/2)WAEAPP

10

100

10

10

10

10

5

1005

30

5

20

6Network self-heals in less than 50-msec

via IP Fast Reroute (TI-LFA)

Optimal backup path

IGP re-converges

No controller involvement !!!

IPIP

IGP metric = RED

TE metric = BLUE

TI-LFA = Topology Independent Loop Free Alternate

IP

POP (PHP)

16142

16042

IP

POP (PHP)

16042

IP

5 Link Fails

7BGP-LS update

sent to WAE

P1

PE1

P2

PE2CE1

CE2

Lo0

SID 16142

Lo0

SID 16042

Link Failure A (2/2)WAEAPP

10

100

10

10

10

10

5

1005

30

5

20

IPIP

IGP metric = RED

TE metric = BLUE

Adj SID = Adjacency SID

16142

24001

16042

IP

POP (PHP)

8WAE reacts to topology changes

Re-optimizes path in the network

Path found !!!

In-contract == cumulative TE metric = 40

No need to communicate to APP !!!

16142

24000

16042

9 WAE deploys new path onto the network

Forwarding instructions in SR ERO:

Follow IGP path to P2

then follow low TE metric link P2-P1


Adj SID

24001

P1

PE1

P2

PE2CE1

CE2

Lo0

SID 16142

Link Failure BWAEAPP

10

100

10

10

10

10

5

1005

30

5

20

IPIP

IGP metric = RED

TE metric = BLUE

TI-LFA = Topology Independent Loop Free Alternate

24003

16042

IP

POP (PHP)

11WAE reacts to topology changes

Re-optimizes path in the network

Path found !!!

Out-of-contract == cumulative TE metric = 50

24001

16042

12 WAE deploys new path onto the network

Forwarding instructions in SR-ERO:

Follow low TE metric link PE1-P1


10 Second link fails

13

Adj SID

24003

13WAE replies to APP

Path found – out-off-contract

Additional Information

53

• BRKSDN-1119 – Hitchhiker's Guide to Device APIs

• BRKNMS-2032 - YANG Data Modeling and NETFCONF: Cisco and Industry Developments

• BRKGEN-2999 - Autonomic Networking

• BRKSPG-4006 - Next Generation Programmable SP/Web/OTT Routing Infrastructure for Core, Edge and DCI

Related Sessions

• LTRSDN-1913 - Cisco Open SDN Controller Hands-on Lab

• LTRSPG-2516 - Evolved Programmable Networks: Design and Orchestration

• DevNet-1081 - Introduction to RESTCONF

• DevNet-1082 - Introduction to Data Models and Cisco's NextGen Device Level APIs

• DevNet-1177 - Network programming using Yang service models with Cisco Network Services Orchestrator

• DevNet-1083 - Introduction to YANG Data Models and Their Use in OpenDaylight

Related Sessions

Summary

Apply SDN technologies today from

core to access

Leverage Cisco SDN solutions to help

simplify network operations

Write your own SDN application now!

Call to Action

• Visit the World of Solutions for

• Cisco Campus

• Walk in Labs

• Technical Solution Clinics

• Meet the Engineer

• Lunch and Learn Topics

• DevNet zone related sessions

Complete Your Online Session Evaluation

• Please complete your online sessionevaluations after each session.Complete 4 session evaluations& the Overall Conference Evaluation(available from Thursday)to receive your Cisco Live T-shirt.

• All surveys can be completed viathe Cisco Live Mobile App or theCommunication Stations

Thank you

59

sdn solution for serviced2zmdbbm9feqrf.cloudfront.net/2016/eur/pdf/brkspg-2064.pdf · vmware esxi...

Documents