Advanced Topics and Future Directions in MPLS

  • 1,603 views
Uploaded on

This session presents the most recent extensions to the MPLS architecture. The material has a special focus on standardization and forward – looking directions for the evolution of the technology.

This session presents the most recent extensions to the MPLS architecture. The material has a special focus on standardization and forward – looking directions for the evolution of the technology.

More in: Technology , Education
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,603
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Connect 11© 2012 Cisco and/or its affiliates. All rights reserved.Toronto, CanadaMay 30, 2013Advanced Topics andFuture Directions in MPLSMatt GilliesCustomer Solutions Architect
  • 2. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 2Agenda• IETF Update• Unified MPLS• Ethernet Virtual Private Network• Segment Routing• Summary2
  • 3. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 3IETF update
  • 4. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 4Internet Engineering Task Force• Responsible for MPLS standardization• Six active working groupsMPLSLayer 3 Virtual Private Networks (L3VPN)Pseudowire Edge-to-Edge (PWE3)Layer 2 Virtual Private Networks (L2VPN)Common Control and Measurement Plane (CCAMP)Path Computation Element (PCE)4
  • 5. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 5MPLS Working Group• Defined MPLS architecture and base protocols (LDP, RSVP-TE)• Over 130 RFCs published to date• Mature set of IP/MPLS specifications for both unicast and multicast• Areas of focusMPLS Transport Profile (MPLS-TP)Seamless MPLS (building large scale, consolidated MPLS networks)5
  • 6. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 6L2VPN WG Mature specifications for:-Virtual Private Wire Service (VPWS): point-to-point L2 service-Virtual Private LAN Service (VPLS): multipoint-to-multipoint Ethernet service New service definition:- Virtual Private Multicast Service (VPMS): point-to-multipoint L2 service Areas of focus-Enhancing VPLS - Ethernet VPN (E-VPN) and PBB Ethernet VPN (PBB-EVPN)-Optimizing E-Tree support over VPLS No major RFC publications in recent past6
  • 7. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 7IETF Summary• Rich set of MPLS specifications coveringMPLS forwarding (unicast and multicast)Layer-3 and layer-2 services (unicast and multicast)• Current main focus areas:Seamless MPLSMPLS transport profile (MPLS-TP)L2VPN enhancements (PBB-EVPN, VPMS)Segment Routing ( ISIS WG )7
  • 8. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 8Unified MPLS
  • 9. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 9IntroductionEnd-to-end, high-scale MPLS transport architecture for any service Simplifies end to end architecture by eliminating control and management planetranslations inherent in legacy designs (MPLS, Ethernet, IP, ATM, etc) Enables flexible placement of the L3 and L2 service termination Delivers a new level of scale for MPLS transport with RFC-3107 hierarchical labeledBGP LSPs Provides simplified carrier class operations with end to end OAM, PerformanceMonitoring and protection9
  • 10. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 10Evolving MPLS Networks10MPLSL2VPNPWL2VPN PEL3VPN PEL2VPN PEL3VPN PEEDGE EDGECOREAGGACCESS ACCESSAGGL2 L2IPIP L2+ IPL2 + IPL2VPN PEL3VPN PE L3VPN PEL2VPN PEMPLSMPLSIP IP IPL3VPN PE L3VPN PEL2VPN PE L2VPN PE
  • 11. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 11IP NGN Scaling – Number of Nodes11TransportCPE / NT100,000s–1,000,000AccessNodes10,000s–100,000sDistributionNodes100s–1,000sIP EdgeNodes10–100sCoreNodesfew–10sAggregationNodes1,000s–10,000sAs MPLS moves into aggregation and accessnumber of nodes increases sharply
  • 12. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 12Unified MPLS Requirements• Minimize management touch points for service provisioning• Minimize network state• Flexibility in service termination• High network availability (protection or fast restoration)• End-to-end MPLS forwarding with a single routing domain12Access AccessMPLSMPLSMPLSAggregation Core AggregationPE ABR ABR PE
  • 13. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 13Scale Challenges with Traditional MPLS Network Designs• Building end-to-end LSPs between access devices requires flooding loopback prefixes• IGP protocol would be required to support 100K prefixes• Access devices would need to support 100K prefixes and 200K label (assuming two paths perprefix)• Prefix aggregation with LDP inter-area LSPs can only partially alleviate scale challenge13Access AccessMPLSMPLSMPLSAggregation Core AggregationPE ABR ABR PE
  • 14. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 14Hierarchal End-to-End LSP• Hierarchical LSP approach with two transport labels (intra domain and inter domain)Intra domain (IGP+LDP or RSVP-TE)Inter domain (iBGP+label per RFC3107)• No IP prefix redistribution between IGP domains• Only access nodes and ABRs have reachability information for other access nodes• BGP Inbound prefix filtering and Outbound Route Filtering (ORF) help reduce network state14Access AccessMPLSMPLSMPLSAggregation Core AggregationPE ABR ABR PEInter-domainLSPIntra-domainLSPIntra-domainLSPIntra-domainLSP
  • 15. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 15Control Plane Operation (Pseudowire)PE1 P ABR1 ABR2P P PE2LDP /RSVP-TEiBGPIP+LabelLDP /RSVP-TELDP /RSVP-TELDP /RSVP-TELDP /RSVP-TELDP /RSVP-TEiBGPIP+LabeliBGPIP+LabelT-LDP
  • 16. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 16Forwarding Plane Operation (Pseudowire)PE1 P ABR1 ABR2P P PE2PayloadPushPushPushPop PopPopPW LabelBGP LabelIGP LabelPayloadPW LabelBGP LabelPayloadPW LabelBGP LabelIGP LabelPayloadPW LabelBGP LabelPayloadPW LabelIGP LabelPayloadPW LabelPayload PayloadSwapPushPopPushPop
  • 17. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 17Network Availability17• Restoration/protection for intra-domain LSP can rely on IGP Fast Convergence, IPFRR or MPLS-TE FRR• Restoration/protection for inter-domain (iBGP IP+Label) can use BGP PrefixIndependent ConvergenceAccess AccessMPLSMPLSMPLSAggregation Core AggregationPE ABR ABR PEiBGP (IP+Label)iBGP (IP+Label) iBGP (IP+Label)
  • 18. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 18Applicability and Deployment Considerations• Unified MPLS benefits become more compelling as network scale increases• Architecture leverages existing mechanisms (no major protocol extensions required)• Architecture allows for numerous design variations (e.g. MPLS to access, MPLS toaggregation, static labels, LDP DoD, etc.)18
  • 19. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 19Ethernet VPN
  • 20. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 20Motivation for EVPN• Technology evolution requirementsMulti-homingScale (MAC-addresses, Number of Service Instances)Load balancingOptimal ForwardingMulticast optimizationMulti-tenancy• Enhancements bring benefits to L2services:Business servicesMobile backhaulData center interconnect (DCI) solution20SP DC1 SP DC2Ent DC1 Ent DC2SP NGNDCPEDCPEDCEDCEPE PECE CEEnterprise DCI “back door”Standalone DCI network
  • 21. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 21• Next generation solution for Ethernetmultipoint connectivity services• PEs run Multi-Protocol BGP to advertise& learn MAC addresses over Core• Learning on PE Access Circuits viadata-plane transparent learning• No pseudowiresUnicast: use MP2P tunnelsMulticast: use ingress replication over MP2Ptunnels or use LSMFull-Mesh of PW no longer required !!• Under standardization at IETF – draft-ietf-l2vpn-evpnEthernet VPNHighlightsMPLSPE1CE1PE2PE3CE3PE4VID 100SMAC: M1DMAC: F.F.FBGP MAC adv. RouteE-VPN NLRIMAC M1 via PE1Data-plane addresslearning from AccessControl-plane addressadvertisement / learningover Core
  • 22. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 22• Combines Ethernet Provider BackboneBridging (PBB - IEEE 802.1ah) with EthernetVPNPEs perform as PBB Backbone Edge Bridge (BEB)• Reduces number of BGP MAC advertisementsroutes by aggregating Customer MACs (C-MAC) via Provider Backbone MAC (B-MAC)Addresses virtualized data centers with C-MAC countinto the millionsPEs advertise local Backbone MAC (B-MAC)addresses in BGPC-MAC and C-MAC to B-MAC mapping learned indata-plane• Under standardization at IETF – draft-ietf-l2vpn-pbb-evpnPBB Ethernet VPNHighlightsMPLSPE1CE1PE2PE3CE3PE4B-MAC:B-M1 B-M2B-M2BGP MAC adv. RouteE-VPN NLRIMAC B-M1 via PE2B-MAC:B-M1Control-plane addressadvertisement / learningover Core (B-MAC)Data-plane addresslearning from Access• Local C-MAC to local B-MAC bindingData-plane addresslearning from Core• Remote C-MAC to remoteB-MAC binding
  • 23. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 23• Active / Active Multi-Homingwith flow-based loadbalancing in CE to PEdirectionMaximize bisectional bandwidthFlows can be L2/L3/L4 orcombinations• Flow-based load balancing inPE to PE directionMultiple RIB entries associatedfor a given MACExercises multiple links towardsCE23Solution RequirementsAll-Active Redundancy and Load BalancingPEPEPEPEVlan X - F1Vlan X –F2Flow Based Load-balancing – CE to PE directionPEPEPEPEFlow Based Load-balancing – PE to PE directionVlan X - F1Vlan X –F2
  • 24. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 24• Optimal forwarding for unicast andmulticast• Shortest path – no triangular forwardingat steady-state• Loop-Free & Echo-Free Forwarding• Avoid duplicate delivery of flooded traffic• Multiple multicast tunneling options:Ingress ReplicationP2MP LSM tunnelsMP2MP24Solution RequirementsOptimal ForwardingPE1PE2PE3PE4CE1 CE2Echo !PE1PE2PE3PE4CE1 CE2 Duplicate !CE1 CE2PE1PE2PE3PE4TriangularForwarding!
  • 25. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 25Solution Requirements• Server Virtualization fueling growth in MAC Address scalability:1 VM = 1 MAC address.1 server = 10’s or 100’s of VMs• MAC address scalability most pronounced on Data Center WAN Edge for Layer 2extensions over WAN.Example from a live network: 1M MAC addresses in a single SP data centerMAC Address Scalability25WANDC Site 1DC Site 2DC Site N1K’s10K’s1M’sN * 1M
  • 26. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 26E-VPN / PBB-EVPN ConceptsEthernet Segment• Represents a ‘site’connected to one or morePEs• Uniquely identified by a 10-byte global EthernetSegment Identifier (ESI)• Could be a single device oran entire networkSingle-Homed Device (SHD)Multi-Homed Device (MHD)Single-Homed Network (SHN)Multi-Homed Network (MHN)BGP Routes• E-VPN and PBB-EVPNdefine a single new BGPNLRI used to carry all E-VPN routes• NLRI has a new SAFI (70)• Routes serve control planepurposes, including:MAC address reachabilityMAC mass withdrawalSplit-Horizon label adv.AliasingMulticast endpoint discoveryRedundancy group discoveryDesignated forwarder electionE-VPN Instance (EVI)• EVI identifies a VPN in thenetwork• Encompass one or morebridge-domains,depending on serviceinterface typePort-basedVLAN-based (shown above)VLAN-bundlingVLAN aware bundling (NEW)BGP RouteAttributes• New BGP extendedcommunities defined• Expand informationcarried in BGP routes,including:MAC address movesC-MAC flush notificationRedundancy modeMAC / IP bindings of a GWSplit-horizon label encodingPEBDBDEVIEVIPE1PE2CE1CE2SHDMHDESI1ESI2Route Types[1] Ethernet Auto-Discovery (AD) Route[2] MAC Advertisement Route[3] Inclusive Multicast Route[4] Ethernet Segment RouteExtended CommunitiesESI MPLS LabelES-ImportMAC MobilityDefault Gateway
  • 27. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 27Split HorizonFor Ethernet Segments – E-VPN• PE advertises in BGP a split-horizon label (ESI MPLS Label) associated witheach multi-homed Ethernet Segment• Split-horizon label is only used for multi-destination frames (UnknownUnicast, Multicast & Broadcast)• When an ingress PE floods multi-destination traffic, it encodes the Split-Horizon label identifying the source Ethernet Segment in the packet• Egress PEs use this label to perform selective split-horizon filtering over theattachment circuitPE1PE2PE3PE4CE1 CE3ESI-1 ESI-2CE4CE5Challenge:How to prevent flooded traffic from echoingback to a multi-homed Ethernet Segment?Echo !
  • 28. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 28Split HorizonFor Ethernet Segments – PBB-EVPN• PEs connected to the same MHD use the same B-MAC address for theEthernet Segment1:1 mapping between B-MAC and ESI (for All-Active Redundancy with flow-based LB)• Disposition PEs check the B-MAC source address for Split-Horizon filteringFrame not allowed to egress on an Ethernet Segment whose B-MAC matches the B-MAC source address in the PBB headerPE1PE2PE3PE4CE1 CE3ESI-1 ESI-2CE4CE5Challenge:How to prevent flooded traffic from echoingback to a multi-homed Ethernet Segment?Echo !B-MAC1B-MAC1
  • 29. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 29Designated Forwarder (DF)DF Election• PEs connected to a multi-homed Ethernet Segment discover each other via BGP• These PEs then elect among them a Designated Forwarder responsible for forwardingflooded multi-destination frames to the multi-homed Segment• DF Election granularity can be:Multiple DFs for load-sharingPer Ethernet Tag on Ethernet Segment (E-VPN)Per I-SID on Ethernet Segment (PBB-EVPN)PE1PE2PE3PE4CE1 CE2ESI-1 ESI-2Challenge:How to prevent duplicate copies of floodedtraffic from being delivered to a multi-homedEthernet Segment? Duplicate !
  • 30. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 30Comparison of L2VPN Solutions30Requirement VPLS PBB-VPLS E-VPN PBB-EVPNMulti-Homing with All-Active ForwardingVLAN Based Load-balancing CE-to-PE ✔ ✔ ✔ ✔Flow Based Load-balancing CE-to-PE x x ✔ ✔Flow Based Load-balancing PE-to-PE x x ✔ ✔Flow Based Multi-Pathing in the Core ✔ ✔ ✔ ✔MAC ScalabilityScale to Millions of C-MAC Addresses x ✔ x ✔Confinement of C-MAC entries to PE with active flows ✔ ✔ x ✔MAC Summarization x x ✔ ✔MAC Summarization co-existence with C-MAC Mobility x x x ✔Flexible VPN PoliciesPer C-MAC Forwarding Control Policies x x ✔ xPer-Segment Forwarding Control Policies x x ✔ ✔
  • 31. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 31Summary• E-VPN / PBB-EVPN are next-generation L2VPN solutions based on a BGPcontrol-plane for MAC distribution/learning over the core• E-VPN / PBB-EVPN were designed to address following requirements:–All-active Redundancy and Load Balancing–Simplified Provisioning and Operation–Optimal Forwarding–Fast Convergence• In addition, PBB-EVPN and its inherent MAC-in-MAC hierarchy provides:–Scale to Millions of C-MAC (Virtual Machine) Addresses–MAC summarization co-existence with C-MAC (VM) mobility• E-VPN / PBB-EVPN applicability goes beyond DCI into Carrier Ethernet usecases
  • 32. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 32Segment Routing
  • 33. Key Takeaways• Simple to deploy and operateLeverage MPLS services & hardwarestraightforward ISIS/OSPF extension• Provide for optimum scalability, resiliency and virtualization• Perfect integration with applications
  • 34. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 34Operators ask drastic LDP/RSVP improvement• Simplicity– less protocols to operate– less protocol interactions to troubleshoot– avoid directed LDP sessions between core routers– deliver automated FRR for any topology• Scale– avoid millions of labels in LDP database– avoid millions of TE LSP’s in the network– avoid millions of tunnels to configure
  • 35. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 35Segment Routing Key Concepts• Forwarding state (segment) is established by IGP– LDP and RSVP-TE are not required– Agnostic to forwarding dataplane: IPv6 or MPLS• MPLS Dataplane is leveraged without any modification– push, swap and pop: all what we need– segment = label• Source Routing– source encodes path as a label or stack of segments– two segments: node or adjacency
  • 36. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 36Adjacency Segments• Nodes advertises adjacency label per link– simple IGP extension• Only advertising node installs adjacency segment in data plane• Enables source routing along any explicit path (segment list)B CN OZDPA91019105910791039105910191059107910391059105910791039105910791039105910391059105
  • 37. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 37Node Segment• Nodes advertise a node segment– simple IGP extension• All remote nodes install node segment ids in data planeA packet injected anywherewith top label 65 will reach Zvia IGP shortest pathA B CZD65FEC Zpush 65swap 65to 65swap 65to 65 pop 65Packetto ZPacketto Z65Packetto Z65Packetto Z65Packetto Z
  • 38. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 38Combining Segments• Source Routing• Any explicit path can be expressed: ABCOPZA B CM N OZDPPop9003Packet to Z659003Packet to Z65Packet to ZPacket to Z65Packet to Z65900372Packet to Z6590037272726565
  • 39. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 39ISIS automatically installs segments• Simple extension• Excellent Scale: a node installs N+A FIB entries– N node segments and A adjacency segmentsA B CM N OZDPNodal segment to CNodal segment to ZAdj SegmentNodal segment to C
  • 40. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 40Automated & Guaranteed FRR• IP-based FRR is guaranted in anytopology– 2002, LFA FRR project at Cisco– draft-bryant-ipfrr-tunnels-03.txt• Directed LFA (DLFA) is guaranteed whenmetrics are symetric• No extra computation (RLFA)• Simple repair stack– node segment to P node– adjacency segment from P to QBackboneC1 C2E1 E4E3E21000Node segmentto P nodeDefault metric: 10
  • 41. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 41Scalable TE and Segment Routing• An SR core router scales much than with RSVP-TE– The state is not in the router but in the packet– N+A vs N^2N: # of nodes in the networkA: # of adjacencies per node
  • 42. MPLS Control and Forwarding Operation with Segment RoutingPE1 PE2IGPPE1 PE2ServicesIPv4 IPv6IPv4VPNIPv6VPNVPWS VPLSPacketTransportLDPMPLS ForwardingRSVP BGP Static IS-IS OSPFNo changes tocontrol orforwarding planeIGP labeldistribution, sameforwarding planeBGP / LDP
  • 43. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 43Reality• SR EFT is available!– 12k, ASR9k, CRS1, CRS3– get it to your lab• Working aggressively with lead customers towards productization
  • 44. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 44IETF• Simple ISIS/OSPF extension• Welcoming contribution
  • 45. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 45Segment RoutingUse Cases
  • 46. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 46Application controls – network deliversPath ABCOPZ is ok. I account the BW.Then I steer the traffic on this pathFULL666568Tunnel AZ onto{66, 68, 65}The network is simple, highly programmable and responsive to rapid changes2G from A to Z please
  • 47. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 47Simple and Efficient Transport of MPLS services• Efficient packet networks leverage ecmp-aware shortest-path!– node segment!• Simplicity– one less protocol to operate– No complex LDP/ISIS synchronization totroubleshootA BM NPE2PE1All VPN services ride on the node segmentto PE2
  • 48. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 48Simple DisjointnessNon-Disjoint TrafficA sends traffic with [65]Classic ecmp “a la IP”Disjoint TrafficA sends traffic with [111, 65]Packet gets attracted in blue plane and thenuses classic ecmp “a la IP”SR avoids state in the coreSR avoids enumerating RSVP-TEtunnels for each ECMP pathsECMP-awareness!
  • 49. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 49CoS-based TE• Tokyo to Brussels– data: via US: cheap capacity– VoIP: via Russia: low latency• CoS-based TE with SR– IGP metric set such as> Tokyo to Russia: via Russia> Tokyo to Brussels: via US> Russia to Brussels: via Europe– Anycast segment “Russia” advertised by Russia core routers• Tokyo CoS-based policy– Data and Brussels: push the node segment to Brussels– VoIP and Brussels: push the anycast node to Russia, pushBrusselsNode segment to BrusselsNode segment to Russia
  • 50. LFIB with Segment RoutingPEPEPEPEPEPEPEPEPIn Label Out LabelOutInterfaceL1 L1 Intf1L2 L2 Intf1… … …L8 L8 Intf4L9 Pop Intf2L10 Pop Intf2… … …Ln Pop Intf5NodeSegmentIdsAdjacencySegmentIdsForwardingtable remainsconstant• LFIB populated by IGP (ISIS / OSPF)• Forwarding table remains constant(Nodes + Adjacencies) regardless ofnumber of paths• Other protocols (LDP, RSVP, BGP) canstill program LFIB
  • 51. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 51Segment RoutingConfiguration
  • 52. L3VPN Using Segment RoutingPE2PE1VRF RED192.168.255.1/32VRF RED192.168.255.2/32IP/MPLS(segment routing)
  • 53. 172.16.255.101/32SID=16101TopologyPE2P1P2PE1172.16.255.102/32SID=16102172.16.255.2/32SID=16002172.16.255.1/32SID=16001
  • 54. asr9000-pe1!router isis DEFAULTis-type level-2-onlynet 49.0000.1720.1625.5001.00address-family ipv4 unicastmetric-style wide!interface Loopback0passiveaddress-family ipv4 unicastnodal-sid sid-value 16001!!interface GigabitEthernet0/0/0/4point-to-pointaddress-family ipv4 unicast!!interface GigabitEthernet0/0/0/5point-to-pointaddress-family ipv4 unicast!!!Edge Configuration (Node Segment Id)Packets with label16001 forwardedtowards PE1 via IS-ISshortest path. PHPenabled by default.172.16.255.101/32SID=16101PE2P1P2PE1172.16.255.102/32SID=16102172.16.255.2/32SID=16002172.16.255.1/32SID=16001
  • 55. asr9000-p2!router isis DEFAULTis-type level-2-onlynet 49.0000.1720.1625.5102.00address-family ipv4 unicastmetric-style wide!interface Loopback0passiveaddress-family ipv4 unicastnodal-sid sid-value 16102 PHP-disable!!interface GigabitEthernet0/0/0/4point-to-pointaddress-family ipv4 unicast!!interface GigabitEthernet0/0/0/5point-to-pointaddress-family ipv4 unicast!!interface GigabitEthernet0/0/0/6point-to-pointaddress-family ipv4 unicast!!!Core Configuration (Node Segment Id)Packets with label16102 forwardedtowards P2 via IS-ISshortest path. PHPdisabled.172.16.255.101/32SID=16101PE2P1P2PE1172.16.255.102/32SID=16102172.16.255.2/32SID=16002172.16.255.1/32SID=16001
  • 56. 172.16.255.101/32SID=16101PE2P1P2PE1172.16.255.102/32SID=16102172.16.255.2/32SID=16002172.16.255.1/32SID=16001RP/0/RSP0/CPU0:asr9000-pe1#sh isis database detail verbose asr9000-pe2.00Tue May 7 12:49:07.939 PDTIS-IS DEFAULT (Level-2) Link State DatabaseLSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OLasr9000-pe2.00-00 0x0000076b 0xe36c 1123 0/0/0Area Address: 49.0000NLPID: 0xccHostname: asr9000-pe2IP Address: 172.16.255.2Metric: 10 IS-Extended asr9000-p2.00Metric: 10 IS-Extended asr9000-p1.00Metric: 10 IP-Extended 172.16.0.0/31Metric: 10 IP-Extended 172.16.0.2/31Metric: 0 IP-Extended 172.16.255.2/32Nodal-SID: 16002 PHP-off:1 Ext:0Total Level-2 LSP count: 1 Local Level-2 LSP count: 0RP/0/RSP0/CPU0:asr9000-pe1#IS-IS Database Verification for Edge Node(Node Segment Id)Node segment idassociated with PE2loopback
  • 57. RP/0/RSP0/CPU0:asr9000-pe1#sh isis database detail verbose asr9000-p2.00Tue May 7 12:54:57.779 PDTIS-IS DEFAULT (Level-2) Link State DatabaseLSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OLasr9000-p2.00-00 0x0000001a 0x39d4 1169 0/0/0Area Address: 49.0000NLPID: 0xccHostname: asr9000-p2IP Address: 172.16.255.102Metric: 10 IS-Extended asr9000-pe2.00Metric: 10 IS-Extended asr9000-pe1.00Metric: 10 IS-Extended asr9000-p1.00Metric: 10 IP-Extended 172.16.0.2/31Metric: 10 IP-Extended 172.16.0.4/31Metric: 10 IP-Extended 172.16.0.8/31Metric: 0 IP-Extended 172.16.255.102/32Nodal-SID: 16102 PHP-off:1 Ext:0Total Level-2 LSP count: 1 Local Level-2 LSP count: 0RP/0/RSP0/CPU0:asr9000-pe1#IS-IS Database Verification for Core Node(Node Segment Id)172.16.255.101/32SID=16101PE2P1P2PE1172.16.255.102/32SID=16102172.16.255.2/32SID=16002172.16.255.1/32SID=16001Node segment idassociated with P2loopback
  • 58. RP/0/RSP0/CPU0:asr9000-pe1#sh mpls forwardingTue May 7 12:22:53.650 PDTLocal Outgoing Prefix Outgoing Next Hop BytesLabel Label or ID Interface Switched------ ----------- ------------------ ------------ --------------- ------------16001 Aggregate default: Per-VRF Aggr[V] default 5916002 16002 No ID Gi0/0/0/4 172.16.0.4 1872216002 No ID Gi0/0/0/5 172.16.0.7 016020 Aggregate RED: Per-VRF Aggr[V] RED 450016101 16101 No ID Gi0/0/0/5 172.16.0.7 016102 16102 No ID Gi0/0/0/4 172.16.0.4 0RP/0/RSP0/CPU0:asr9000-pe1#Edge Forwarding Plane Verification (Node Segment Id)Local node segment idNode segment id toreach PE1 via ECMPNode segment id toreach P1Node segment id toreach P2172.16.255.101/32SID=16101PE2P1P2PE1172.16.255.102/32SID=16102172.16.255.2/32SID=16002172.16.255.1/32SID=16001
  • 59. RP/0/RSP0/CPU0:asr9000-p2#sh mpls forwardingTue May 7 13:17:35.480 PDTLocal Outgoing Prefix Outgoing Next Hop BytesLabel Label or ID Interface Switched------ ----------- ------------------ ------------ --------------- ------------16001 Pop No ID Gi0/0/0/4 172.16.0.5 016002 16002 No ID Gi0/0/0/6 172.16.0.2 2125816101 16101 No ID Gi0/0/0/5 172.16.0.8 0RP/0/RSP0/CPU0:asr9000-p2#Core Forwarding Plane Verification (Node Segment Id)Node segment id toreach PE1 (PHP)Node segment id toreach P1Node segment id toreach PE2172.16.255.101/32SID=16101PE2P1P2PE1172.16.255.102/32SID=16102172.16.255.2/32SID=16002172.16.255.1/32SID=16001
  • 60. PE2PE1VRF RED192.168.255.1/32VRF RED192.168.255.2/32IP/MPLS(segment routing)hostname asr9000-pe1!vrf REDaddress-family ipv4 unicastimport route-target65172:0!export route-target65172:0!!!interface Loopback11vrf REDipv4 address 192.168.255.1 255.255.255.255!router bgp 65172address-family ipv4 unicast!address-family vpnv4 unicast!neighbor 172.16.255.2remote-as 65172update-source Loopback0address-family ipv4 unicast!address-family vpnv4 unicast!!vrf REDrd 65172:0address-family ipv4 unicastredistribute connected!!!L3VPN Configuration (Node Segment Id)L3VPN usualconfiguration172.16.255.1/32SID=16001172.16.255.2/32SID=16002
  • 61. RP/0/RSP0/CPU0:asr9000-pe1#sh bgp vpnv4 unicast labelsTue May 7 13:21:11.106 PDTBGP router identifier 172.16.255.1, local AS number 65172BGP generic scan interval 60 secsBGP table state: ActiveTable ID: 0x0 RD version: 1269798720BGP main routing table version 23BGP scan interval 60 secsStatus codes: s suppressed, d damped, h history, * valid, > besti - internal, r RIB-failure, S stale, N Nexthop-discardOrigin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Rcvd Label Local LabelRoute Distinguisher: 65172:0 (default for vrf RED)*> 192.168.255.1/32 0.0.0.0 nolabel 16020*>i192.168.255.2/32 172.16.255.2 16000 nolabelProcessed 2 prefixes, 2 pathsRP/0/RSP0/CPU0:asr9000-pe1#RP/0/RSP0/CPU0:asr9000-pe1#sh cef vrf RED 192.168.255.2Tue May 7 13:20:58.960 PDT192.168.255.2/32, version 15, internal 0x14004001 (ptr 0xad279764) [1], 0x0 (0x0), 0x410(0xadf7a4b0)Updated May 7 09:41:16.371Prefix Len 32, traffic index 0, precedence n/a, priority 3via 172.16.255.2, 3 dependencies, recursive [flags 0x6010]path-idx 0 [0xae0429a8 0x0]next hop VRF - default, table - 0xe0000000next hop 172.16.255.2 via 16002/0/21next hop 172.16.0.4/32 Gi0/0/0/4 labels imposed {16002 16000}next hop 172.16.0.7/32 Gi0/0/0/5 labels imposed {16002 16000}RP/0/RSP0/CPU0:asr9000-pe1#L3VPN Control and Forwarding Plane Verification(Node Segment Id)Label stack toforward traffic to192.168.255.2/32(VRF RED) viaECMP (as usual)PE2PE1VRF RED192.168.255.1/32VRF RED192.168.255.2/32IP/MPLS(segment routing)172.16.255.1/32SID=16001172.16.255.2/32SID=16002BGP local/remotelabels for VPNv4prefixes (as usual)
  • 62. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 62Summary• New MPLS enhancements focus onIncreased deployment scale (unified MPLS)L2VPN (VPLS) efficiency and scaling (PBB-EVPN)• Unified MPLS defines scalable (hierarchical) architecture to extend MPLS toaccess/aggregation for an SP IP NGN• PBB-EVPN defines BGP extensions to enhance scale and resiliency of existing VPLSdeployments and meet data centers requirements• Segment Routing offers an elegant way to scale SP networks and support applicationinteraction with SDN’s62
  • 63. Complete Your Paper“Session Evaluation”Give us your feedback and you could win1 of 2 fabulous prizes in a random draw.Complete and return your paperevaluation form to the room attendantas you leave this session.Winners will be announced today.You must be present to win!..visit them at BOOTH# 100
  • 64. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 64Thank you.
  • 65. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 65PBB-EVPN: A Closer LookDF Election with VLAN CarvingPrevent duplicate delivery of flooded frames.Uses BGP Ethernet Segment Route.Non-DF ports are blocked for flooded traffic (multicast, broadcast,unknown unicast).Performed per Segment rather than per (VLAN, Segment).Split Horizon for Ethernet SegmentPrevent looping of traffic originated from a multi-homed segment.Performed based on B-MAC source address rather than ESIMPLS Label.AliasingPEs connected to the same multi-homed Ethernet Segmentadvertise the same B-MAC address.Remote PEs use these MAC Route advertisements for aliasingload-balancing traffic destined to C-MACs reachable via a givenB-MAC.65PE PEPE PEPE PEPE PEPE PEPEB-MAC1B-MAC1
  • 66. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 66PBB-EVPN: Dual Homed Device• Each PE advertises a MAC route per Ethernet Segment (carries B-MAC associated with Ethernet Segment).Both PEs advertise the same B-MAC for the same Ethernet Segment.• Remote PE installs both next hops into FIB for associated B-MAC.Hashing used to load-balance traffic among next hops.• PE1 MAC Routes:Route: RD11, B-MAC1, RT2, RT3• PE2 MAC Routes:Route: RD22, B-MAC1, RT2, RT366VPN B-MAC NHRT3 B-MAC1 PE1RT3 B-MAC1 PE2RT2 B-MAC1 PE1RT2 B-MAC1 PE2RIBVPN B-MAC NHRT3 B-MAC1 PE1, PE2RT2 B-MAC1 PE1, PE2FIBPE1PE2VLAN 2, 3VLAN 2,3B-MAC1PE3MPLS/ IP