Cisco TechAdvantage Webinars    Enhancing Media Awareness with    Media Services Proxy (MSP)            Karthik Dakshinamo...
Register for a Technical Seminar with our Cisco Software SMEs:http://www.ciscolive.com/london/registration-packages/   Ses...
Speaker           Panelist                         Karthik Dakshinamoorthy              Balaji B L                        ...
•  Submit questions in Q&A panel and send to “All Panelists”       Avoid CHAT window for better access to panelists    •  ...
•  What is MSP: User Stories, Problem Space•  MSP Solutions: Use Cases, How they work•  Customer & Partner Benefits with M...
webex                                              •  Architectural play -                                                ...
Media Services Proxy:    User Stories & Solutions© 2012 Cisco and/or its affiliates. All rights reserved.   7
Multi Vendor                  Environment           Multi Application            Environment              Multi Services  ...
Auto device detection with MSP                                                           Third Party support with MSP:    ...
With Metadata,                                                           •                                                ...
Media Services Proxy (MSP)    Overview, Use Cases &    Solutions© 2012 Cisco and/or its affiliates. All rights reserved.  ...
MSP is a network-based solution where the switches and routers automatically identify end points and applications,flows co...
mDNS                                                                           End point       SIP                        ...
Device/Endon the port based on                                                                           Apply ASP Point/A...
Initiate RSVP reservation for the flow                                                                                 Dev...
Propagate Metadata to                                                                              Device/Flow Identificat...
•  Media Type•  App-ID , Sub App ID                                     •  Bandwidth•  App-Name                           ...
All packets marked into the same                                                             MSP on Switch identifies CUCM...
•  Enhance Per-Port value with value added services (auto device and flow                detection, auto service instantia...
•  Seamless end point integration with the Pervasive Cisco Network         •  No end point upgrades, no additional develop...
MSP : How does it work?© 2012 Cisco and/or its affiliates. All rights reserved.   21
Device Class                                              Device Identification      Attributes Used                 Flow ...
Protocol                                                   Metadata Attributes                Values                      ...
Gather device info into                                                                 Interface            Device       ...
Gather device info into                                                               Interface             Device        ...
Interface                                        Device                    Attributes                                     ...
•  Session Description Protocol is used as a message body in many protocols like RTSP (for           IP surveillance) and ...
H.323                                          Purpose                                                           Protocols...
The following fields from H.225 can be used for flow and MetadataDetection:                        destCallsignalAddress  ...
SIP Invite Message                                                                                                        ...
SIP Register Message                                                                User Agent field contains             ...
SIP OK Message                                                            User Agent field contains                       ...
SIP/SDP Message                                                              Session ID for the flow  MSP Looks for Sessio...
SIP/SDP Message in OK                                                                Session ID/Name                      ...
SIP/SDP Message in ACK                                                           Session ID/Name                          ...
Metadata Alignment: MSP as a    Producer© 2012 Cisco and/or its affiliates. All rights reserved.   36
•  Metadata is an architecture that enables end-to-end signaling of  flow parameters and attributes to the network•  Metad...
Important charter in the App-Velocity space, enabling network as a platform for delivering intelligent network services fo...
Branch	                                                  MSP at                                                Access     ...
Metadata                           Flow IdentifierIP Src                   IP Dst                       Prot        L4 Src...
Metadata                         Flow IdentifierIP Src                   IP Dst                       Prot        L4 Src  ...
Metadata and MSP :    Deployability, Status and    Roadmap© 2012 Cisco and/or its affiliates. All rights reserved.   42
CYQ1 CYQ2           CYQ3 CYQ4 CYQ1 CYQ2 CYQ3 CYQ4 CYQ1 CYQ2 CYQ1 CYQ2                                        ‘10  ‘10     ...
Metadata needs to be produced by the end point or the network, and there should be network servicesready to act on it for ...
MSP Configurations© 2012 Cisco and/or its affiliates. All rights reserved.   45
Step 1: Enabling Media Services Proxy (MSP) functionality                    Router(config)#profile flow             Step ...
•  Configuration                  [no] profile flow [protocol { sip | h323 | rtsp | mdns } ]             E.g.:To enable fl...
The user can specify RSVP params to be used in RSVP signaling.             •  Create RSVP params list             Router(c...
•      Create metadata params list             Router(config)#media services metadata <name> •      Add metadata attribute...
•  Attach a media service profile globally:                   Router(config)#media services <name>     •  Attach a media s...
Show Device Information:msp-cat4k1#sh profile deviceMAC Address                           Interface             Device cla...
•  show profile flow               Displays the flows and attached profiles             Router#show profile flow          ...
•  show profile flow statistics <int>Displays the profile statistics. (Platform specific output)Router#show profile flow s...
Debugging flow profiling             debug profile flow [error | events]             debug profile flow stateful-inspectio...
•  With Metadata, its now possible to    Know characteristics of the flow passing through the network    Configure QoS pol...
•  Thank you!                                •  Please complete the post-event survey                                •  Jo...
Upcoming SlideShare
Loading in …5
×

Enhancing Media Awareness with Media Services Proxy Webinar (IOS Advantage Webinar)

2,534 views
2,394 views

Published on

Review the information presented on Media Services Proxy (MSP) for enhanced media awareness and building plug-and-play media networks.

MSP is a software capability running on selected Cisco routers and switches that can learn information about media devices connected to them. For endpoints that use the standard signaling protocols supported by MSP, no change should be required on the endpoint side. Once the device and flows coming from endpoints are identified, MSP provides a platform for the user to enforce policies in the network that are aligned to business priorities in a logical and intuitive manner.

MSP uses lightweight packet inspection techniques on standards-based signaling protocols and produces flow metadata attributes that can be shared among network nodes. It uses a variety of standard signaling protocols (SDP, SIP, H.323, H.245, RTSP, mDNS, etc.) to learn about the characteristics of endpoints and applications from legacy systems and 3rd party endpoints, allowing sharing of flow attributes amongst network nodes. The information learnt can be seamlessly integrated with various other services in the network like bandwidth reservation for flows, differential treatment for these flows along the network, and easy deployment of end points in the network.

Benefits
- Seamless endpoint integration with the pervasive Cisco network that benefits a wide installed base without endpoint upgrades or additional development
- Ability to prioritize traffic based on business policies for optimal quality
- Reduced integration and deployment costs
- Easy deployment and management of video endpoints, which mitigates admin complexities: one of the key current challenges in surveillance and conferencing space

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,534
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
45
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Enhancing Media Awareness with Media Services Proxy Webinar (IOS Advantage Webinar)

  1. 1. Cisco TechAdvantage Webinars Enhancing Media Awareness with Media Services Proxy (MSP) Karthik Dakshinamoorthy We’ll get started a few minutes past the top of the hour. Note: you may not hear any audio until we get started.© 2012 Cisco and/or its affiliates. All rights reserved. Follow us @GetYourBuildOn 1
  2. 2. Register for a Technical Seminar with our Cisco Software SMEs:http://www.ciscolive.com/london/registration-packages/ Session Title Session Number Advanced LISP Techtorial TECIPM-3191 Advanced Network Automation TECNMS-3601 Application Awareness in the network; the Route to Application Visibility and Control TECRST-2672 Converged Access: Wired/Wireless System Architecture, Design and Operations TECCRS-2678 Enterprise QoS Design Strategy TECRST-2501 IP Mobility Deep Dive TECSPG-3668 IPv6 for Dummies: An Introduction to IPv6 TECMPL-2192 IPv6 Security TECRST-2680 Scaling the IP NGN with Unified MPLS TECNMS-3601 Software Defined Networking and Use Cases TECSPG-2667 Understanding and Deploying IP Multicast Networks TECIMP-1008© 2012 Cisco and/or its affiliates. All rights reserved. 2
  3. 3. Speaker Panelist Karthik Dakshinamoorthy Balaji B L Product Manager Principal Engineer Engineering Engineering karthikd@cisco.com blbalaji@cisco.com© 2012 Cisco and/or its affiliates. All rights reserved. 3
  4. 4. •  Submit questions in Q&A panel and send to “All Panelists” Avoid CHAT window for better access to panelists •  For Webex audio, select COMMUNICATE > Join Audio Broadcast •  For Webex call back, click ALLOW phone button at the bottom of participants side panel •  Where can I get the presentation? Or send email to: ask_techadvantage@cisco.com •  Please complete the post-event survey •  Join us December 5th for our next TechAdvantage Webinar: Preparing for BYOD and IPv6 with a Single Security Policy www.cisco.com/go/techadvantage© 2012 Cisco and/or its affiliates. All rights reserved. 4
  5. 5. •  What is MSP: User Stories, Problem Space•  MSP Solutions: Use Cases, How they work•  Customer & Partner Benefits with MSP•  Metadata as an MSP service: How can Metadata be leveraged for applications?•  MSP Status and Roadmap© 2012 Cisco and/or its affiliates. All rights reserved. 5
  6. 6. webex •  Architectural play - Intelligent endpoints + Cisco Video & Voice Applications intelligent network Medianet Services Interface APIs Optimize User •  Core to Cisco’s video Enable Rich Flow Metadata Experience strategy Media Solutions Multicast NetFlow Media Monitoring •  Multiple video & voice, Media Aware RSVP business critical Routing Media Services SAF Proxy applications intelligently IPSLA sharing the same IP Resource Control PfR QoS Network Media Optimization •  Integration with key Seamless Security network servicesMSP is a solution to enable plug and play deployments of Media end points into the network by offeringintegration with many network based services in a simple, intuitive manner © 2012 Cisco and/or its affiliates. All rights reserved. 6
  7. 7. Media Services Proxy: User Stories & Solutions© 2012 Cisco and/or its affiliates. All rights reserved. 7
  8. 8. Multi Vendor Environment Multi Application Environment Multi Services Environment Media Monitoring Netflow QoS How do I manage these variations and diversity in the network?? With Medianet: Metadata + Media Services Proxy MSP !!!© 2012 Cisco and/or its affiliates. All rights reserved. 8
  9. 9. Auto device detection with MSP Third Party support with MSP: Metadata: QoS, Netflow and Monitoring. MSP produces Metadata !© 2012 Cisco and/or its affiliates. All rights reserved. 9
  10. 10. With Metadata, •  •  •  •  Intelligent, automatic QoS remarking for soft-phones with Metadata Metadata “device-class” or “application”© 2012 Cisco and/or its affiliates. All rights reserved. 10
  11. 11. Media Services Proxy (MSP) Overview, Use Cases & Solutions© 2012 Cisco and/or its affiliates. All rights reserved. 11
  12. 12. MSP is a network-based solution where the switches and routers automatically identify end points and applications,flows coming from them and provide the right set of network services to them automatically Identification Services mDNS ASP H323/ RAS MSP provides a subset of RSVP Medianet services on behalf DHCP of media end points Flow Metadata supporting a range of SIP/SDP snooping standard protocols QoS/C3PL RTSP MSP   Would work with Netflow non-Cisco end points also as long as they support the set of standard protocols for device and flow identification   Position at user edge (access)   MSP 1.0 initial focus –  Access (Cat4k & ISR-G2) –  Group video conferencing and IP surveillance applications© 2012 Cisco and/or its affiliates. All rights reserved. 12
  13. 13. mDNS End point SIP Identification H.323 Gateway Discovery MSP : Apps à Services QoS Auto Smart Ports SIP/SDP snooping Metadata Network Flow H.323 RSVP CAC Services Identification RTSP/SDP© 2012 Cisco and/or its affiliates. All rights reserved. 13
  14. 14. Device/Endon the port based on Apply ASP Point/Application Identification profile for the device downloaded by MSP. G 3/1 G 4/1 • QoS configuration G 5/1 • High availability - (spanning-tree portfast) Learn: • Port security Device Type • Put port into certain Name Version VLAN Application AppID • Enable multicast Version • EnergyWise - Power reporting, prioritization© 2012 Cisco and/or its affiliates. All rights reserved. 14
  15. 15. Initiate RSVP reservation for the flow Device/Flow Identification by MSP. Learn locally and downstream flow bandwidth parameters needed for RSVP reservations G 3/1 G 4/1 RSVP G 5/1 CAC RSVP Reservation IP Header, Prot=46 Learn: RSVP Header MsgType=PATH TTL=255 Bandwidth Session=IP=A,Prot=17,Port=3000 IP Dst Address/ 0 Port SenderTemplate:sIP,sPort IP Src Address/ HOP Object Port Policy Object: App=TP MTU Tspec RSVP Packet is formed and sent downstream with learnt flow parameters and bandwidth© 2012 Cisco and/or its affiliates. All rights reserved. 15
  16. 16. Propagate Metadata to Device/Flow Identification by MSP. downstream nodes: Metadata Update Metadata in local node Proxy G 3/1 G 4/1 RSVP G 5/1 Transport Metadata Signaling Metadata Database 1.1.1.1 10.1.1.1 2134 80 http 10.76.109.45 10.76.109.51 1200 2000 Telepresence 10.76.109.45 10.76.109.50 450 5060 SIP 30.1.1.1 135.1.1.1 1500 1600 Telepresence 20.1.1.1 125.1.1.1 1500 1600 Surveillance© 2012 Cisco and/or its affiliates. All rights reserved. 16
  17. 17. •  Media Type•  App-ID , Sub App ID •  Bandwidth•  App-Name •  Device Name•  App-Version •  End Point IP address•  App-Vendor •  End point Software Version•  Clock Frequency •  SIP User Name•  Global Session ID •  SIP Email ID•  Multi Party ID •  Audio/Video Codec•  SSRC •  Payload Type •  SDP Session ID•  End Point Model •  Domain name•  Application Group •  SIP proxy server IP Address•  Application Category •  H.323/SCCP DN•  Device Class© 2012 Cisco and/or its affiliates. All rights reserved. 17
  18. 18. All packets marked into the same MSP on Switch identifies CUCM queue applications, remarks packetsIT-supportedUC ClientsBest-effortApplications Network Traffic •  Common challenge is to have the DSCP of soft phone remarked at the edge to offer good quality of experience for IT enabled soft phones •  Today all traffic from untrusted devices like laptops marked to best effort and no easy way to remark based on intelligent policies •  MSP Metadata helps identify soft phones automatically and remark based on easy global policies © 2012 Cisco and/or its affiliates. All rights reserved. 18
  19. 19. •  Enhance Per-Port value with value added services (auto device and flow detection, auto service instantiation with Metadata proxy, CAC support, QoS capabilities) •  No end point upgrades, secures investment protection for the customer. Network oriented feature allowing customers to benefit from MSP with a network IOS upgrade •  Easy deployment and management of video end points, mitigates admin complexities •  Covers for most standard protocols in conferencing and IP surveillance space, thereby supporting all equipments supporting those protocols© 2012 Cisco and/or its affiliates. All rights reserved. 19
  20. 20. •  Seamless end point integration with the Pervasive Cisco Network •  No end point upgrades, no additional development for the partner •  Network oriented feature allowing customers to benefit from MSP with a network IOS upgrade (that benefits numerous connected end points) •  Ability to get their traffic prioritized or “visible” in the Cisco network, key differentiator •  Can address the huge installed base unlike many new features that are operational only on new deployments •  MSP based on open & standard protocols, no proprietary implementations •  Easy deployment and management of video end points, mitigates admin complexities: One of the key current challenges in surveillance and conferencing space© 2012 Cisco and/or its affiliates. All rights reserved. 20
  21. 21. MSP : How does it work?© 2012 Cisco and/or its affiliates. All rights reserved. 21
  22. 22. Device Class Device Identification Attributes Used Flow Identification Attributes Used IP Surveillance mDNS Authoritative Nameservers RTSP/SDP Request/Response/Session info (RTSP), Media description Camera field (SDP) Video Conferencing H.323, SIP H.225 RAS “endPoint SIP/SDP, H.225/ Media attribute/description Vendor” field, H.225 field, openLogicalChannel unit H.245 sourceInfo vendor field, SIP “User Agent” field Protocol Standard IP Standard port mDNS 224.0.0.251 5353 SIP N/A 5060 H.323 Gateway Discovery 224.0.0.41 1719 H.225 (RAS) N/A 1718 H.225 (Signaling) N/A 1720 RTSP N/A 554© 2012 Cisco and/or its affiliates. All rights reserved. 22
  23. 23. Protocol Metadata Attributes Values PrioritymDNS Device-class (surveillance) “video” or “rtsp” or “IP Camera” Mandatory “surveillance” OptionalSDP (RTSP & SIP) Application Name m=<media> <port> <proto> <fmt> Mandatory Media Type m=<media> <port> <proto> <fmt> Mandatory Mime-Type a=rtpmap:<payload type> <encoding name>/ <clock rate> Mandatory Payload-Type a=rtpmap:<payload type> <encoding name>/ <clock rate> Mandatory Bandwidth b=<bwtype>:<bandwidth> Mandatory Clock Frequency a=rtpmap:<payload type> <encoding name>/ <clock rate> MandatorySIP Register Device-class (Video-conference) User Agent: Mandatory User Agent: video-conference OptionalH.323 RAS Device-class (Video-conference) Terminal Type: Mandatory Terminal Type: video-conference OptionalH.245 Media Type dataType MandatoryOpenlogicalChannel Payload-Type dynamicRTPPayloadType Mandatory Bandwidth maxBitRate Mandatory© 2012 Cisco and/or its affiliates. All rights reserved. 23
  24. 24. Gather device info into Interface Device Attributes device classifier G 4/1 Axis IP Camera Model: 233D - through mDNS 00408C9412D3 MPEG-4/RTSP capable Snoop mDNS on standard IP/port to know device info from PTR record Or answer/query fields mDNS messages sent by client MSP IP Camera VSM / Media server •  mDNS compatible devices will send mDNS messages for DNS service discovery to multicast IP address(224.0.0.251) on standard mDNS port 5353 •  MDNS client module on switch will listen to this standard UDP port and receive this mDNS message. •  For example, we want to use the following PTR record from mDNS packet for pelco camera –pelco-skewer._tcp.local: type PTR, class IN, IP Camera - CIVS-IPC-ABBBB34._pelco-skewer._tcp.local© 2012 Cisco and/or its affiliates. All rights reserved. 24
  25. 25. Gather device info into Interface Device Attributes device classifier G 4/1 Polycom HDX Video Dev name: HDX 7000 through H.323 RAS conferencing Version: HF-2.5.0.6_Cisco-3966 Snoop H.225 RAS on standard port 1718 to know device info from endPointVendor field MSP H.323 Based conferencing•  H.225 RAS client registration message is used for H.323 based device discovery•  “endpoint Vendor” field in the H.225 RAS message is interpreted to identify the device class, vendor and version details•  Following fields are considered: productId: HDX 7000, versionId: HF - 2.5.0.6_00_Cisco-3966© 2012 Cisco and/or its affiliates. All rights reserved. 25
  26. 26. Interface Device Attributes Leverage SIP/SDP G 4/1 Round Table Video Phone DEV_NAME, DEV_VER Data exchanged Branch, Contact field updates Device Initialization SIP SIP 200 OK Register G 3/1 G 4/1 REGISTER sip:engineering.cisco.com SIP/2.0 SIP/2.0 200 OK Via: SIP/2.0/TCP u2.engineering.cisco.com:5060; Via: SIP/2.0/TCP u2.engineering.cisco.com:5060; From: <sip:bob@engineering.cisco.com>;tag=0015629 branch=z9hG4bKcc06d1ec To: <sip:bob@engineering.cisco.com> From: <sip:bob@engineering.cisco.com>;tag=0015629 Call-ID: 0015629e-82be0004@u2.engineering.cisco.com To: <sip:bob@engineering.cisco.com> >;tag=0088629 CSeq: 973 REGISTER Call-ID: 0015629e-82be0004@u2.engineering.cisco.com User-Agent: Cisco-CP7971G-GE/8.0 Contact: <sip:bob@u2.engineering.cisco.com:5060; Contact: <sip:bob@u2.engineering.cisco.com:5060; transport=tcp>” transport=tcp>”© 2012 Cisco and/or its affiliates. All rights reserved. 26
  27. 27. •  Session Description Protocol is used as a message body in many protocols like RTSP (for IP surveillance) and SIP (for conferencing) and is used to carry session related info like IP address and port numbers in addition to other Metadata •  Wide variety of MSP 1.0 devices support SDP in the message body. A wide spread way for flow detection is hence to learn and parse SDP content •  Media Description field in SDP has the port numbers for audio and video •  Media Attribute field has details of the format of video and codec type •  Bandwidth field has information about flow bandwidth© 2012 Cisco and/or its affiliates. All rights reserved. 27
  28. 28. H.323 Purpose Protocols H.225 Registration, Used between an H.323 endpoint and a Gatekeeper to provide address Admission and Status resolution and admission control (RAS) services. H.225 Call Signaling Used between any two H.323 entities I n order to establish communication. This happens over port 1720 and is of interest as it would provide the necessary metadata required to establish CAC or a metadata session. H.245 control protocol for Describes the messages and procedures used for capability exchange, opening multimedia and closing logical channels for audio, communication video and data, control and indications. This will happen in parallel in a separate TCP session, but on a dynamic port.© 2012 Cisco and/or its affiliates. All rights reserved. 28
  29. 29. The following fields from H.225 can be used for flow and MetadataDetection: destCallsignalAddress sourceCallSignalAddress h245Address destinationInfo mediaControlChannel Event Action On System Start UP Open 1720 globally (Src & Dest Port) On Receiving Connect on 1720 Open H.245 Ports (Derived from connect) On OpenLogicalChannelsACK •  Open (RTCP) Monitoring •  Create RSVP/Metadata Session based on policy© 2012 Cisco and/or its affiliates. All rights reserved. 29
  30. 30. SIP Invite Message User Agent field contains Vendor, Model MSP Looks for User Agent Field in SIP Invite Messages© 2012 Cisco and/or its affiliates. All rights reserved. 30
  31. 31. SIP Register Message User Agent field contains Vendor, Model MSP Looks for User Agent Field in SIP Register Messages© 2012 Cisco and/or its affiliates. All rights reserved. 31
  32. 32. SIP OK Message User Agent field contains Vendor, Model MSP Looks for User Agent Field in SIP OK Messages© 2012 Cisco and/or its affiliates. All rights reserved. 32
  33. 33. SIP/SDP Message Session ID for the flow MSP Looks for Session ID in SDP contained in SIP INVITE Messages© 2012 Cisco and/or its affiliates. All rights reserved. 33
  34. 34. SIP/SDP Message in OK Session ID/Name Bandwidth App-ID, L4 Ports Codec, Clock Frequency Flow Based Metadata App-ID, L4 Ports Bandwidth Codec, Clock Frequency Flow Based Metadata MSP Looks for Bandwidth Info, Media Description and Media Attribute elements in SDP to extract Flow Metadata (for BOTH AUDIO & VIDEO streams)© 2012 Cisco and/or its affiliates. All rights reserved. 34
  35. 35. SIP/SDP Message in ACK Session ID/Name Bandwidth App-ID, L4 Ports Codec, Clock Frequency App-ID, L4 Ports Bandwidth Codec, Clock Frequency Flow Based Metadata MSP Looks for Bandwidth Info, Media Description and Media Attribute elements in SDP to extract Flow Metadata (for BOTH AUDIO & VIDEO streams)© 2012 Cisco and/or its affiliates. All rights reserved. 35
  36. 36. Metadata Alignment: MSP as a Producer© 2012 Cisco and/or its affiliates. All rights reserved. 36
  37. 37. •  Metadata is an architecture that enables end-to-end signaling of flow parameters and attributes to the network•  Metadata can be explicitly produced by the end user, implicitly produced by the network DPI engine or indirectly produced by a proxy (e.g. Call manager)•  Metadata used by various network services like QoS, Netflow, Media monitoring, PBR etc to facilitate application aware deployments•  Metadata would produce a set of “attributes” that the network can use for traffic classification and export•  Leverage RSVP to became the Metadata transport protocol for L2 switches and L3 router© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
  38. 38. Important charter in the App-Velocity space, enabling network as a platform for delivering intelligent network services for amultitude of applications Build Infrastructure Network Readiness: ISRG2, Cat3k, Cat4k, ASR1k, Cat6k Expand Production MSI Based End points (WebEx, VXI, TP), MSP, NBAR Expand Consumption Video Monitoring, QoS, FNF, PBR, PfR Video PfR/PBR Monitoring Netflow QoS WAN M M NBAR and MSP Producing Metadata WebEx Metadata Database VXI/VNA 1.1.1.1 10.1.1.1 2134 80 http TP/Tandberg 10.76.109.45 10.76.109.51 1200 2000 WebEx Video 10.76.109.45 10.76.109.50 450 5060 SIP 30.1.1.1 135.1.1.1 1500 1600 WebEx Video 20.1.1.1 125.1.1.1 1500 1600 Surveillance © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
  39. 39. Branch   MSP at Access MC/BR MC/BR BR MSI  from   WAN1   endpoint   (IP-­‐VPN)   BR NBAR at Edge BR HQ   MC/BR Flow Identifier Metadata App-Layer IP Src IP Dst Prot L4 Src L4 Dst Application Vendor Dial From Dial To User 10.1.1.1 125.1.1.1 90 4080 1234 telepresence Cisco Priority-1 rtp 1001 2002 Bob Priority-3 telepresence-video Priority-2© 2012 Cisco and/or its affiliates. All rights reserved. 39
  40. 40. Metadata Flow IdentifierIP Src IP Dst Prot L4 Src L4 Dst Application Vendor Dial From Dial To User telepresence-video Cisco10.1.1.1 125.1.1.1 90 4080 1234 Priority-1 rtp 1001 2002 Bob Priority-3 telepresence Priority-2 App-Layer match succeeds for telepresence-video due to Priority-1 match policy-map P1 MSI class-map C1 pass!! fails!! match application rtp Packet class-map C2 match application telepresence-video NBAR MSP Prioritizes more granular MSI classification BY DEFAULT in case of conflict © 2012 Cisco and/or its affiliates. All rights reserved. 40
  41. 41. Metadata Flow IdentifierIP Src IP Dst Prot L4 Src L4 Dst Application Vendor Dial From Dial To User telepresence-video Cisco10.1.1.1 125.1.1.1 90 4080 1234 Priority-1 rtp 1001 2002 Bob Priority-3 telepresence Priority-2 App-Layer match succeeds for telepresence-video due to Priority-1 policy-map P1 match class-map C1 pass!! Packet match application rtp source msp Prioritizes user specific source for backward compatibility © 2012 Cisco and/or its affiliates. All rights reserved. 41
  42. 42. Metadata and MSP : Deployability, Status and Roadmap© 2012 Cisco and/or its affiliates. All rights reserved. 42
  43. 43. CYQ1 CYQ2 CYQ3 CYQ4 CYQ1 CYQ2 CYQ3 CYQ4 CYQ1 CYQ2 CYQ1 CYQ2 ‘10 ‘10 ‘10 ‘10 ‘11 ‘11 ‘11 ‘11 ‘12 ‘12 ‘13 ‘13 ISRG2 Cat4k Cat3kNote: MSP 1.0 works on basis of a statefulinspection model, where selected protocol packets MSP 1.0 Deliverableswould be intercepted/parsed to arrive at •  Surveillance End Points suport (RTSP)conclusions on device and flow types. The solutionwould ideally work with any device supporting this •  Group VC solution support (SIP/H.323)list of protocols. However it is to be noted that the •  Softphones (SIP/H.323)solution would be tested and validated only against •  Device Identification supportsome end points and models •  Flow Identification support •  Services: •  RSVP Proxy, Metadata Proxy, ASP, QoS services (Trusted Application Recognition)© 2012 Cisco and/or its affiliates. All rights reserved. 43
  44. 44. Metadata needs to be produced by the end point or the network, and there should be network servicesready to act on it for making the solution deployable Supported from/on: ISRG2, March 2012 •  MSP Catalyst 4k, May 2012 •  NBAR ISRG2, July 2012 Producers ASR1k, TBD •  MSI Various collaboration /conferencing clients ISRG2, March 2012 Catalyst 4k, May 2012 ASR1k, XE 3.7, July 2012 •  QoS/C3PL Cat6k/sup-2T, Nov 2012 •  Flexible Netflow TBD Services •  Performance Monitoring ISRG2, March 2012 •  PBR/PfR TBD © 2012 Cisco and/or its affiliates. All rights reserved. 44
  45. 45. MSP Configurations© 2012 Cisco and/or its affiliates. All rights reserved. 45
  46. 46. Step 1: Enabling Media Services Proxy (MSP) functionality Router(config)#profile flow Step 2: Creating a profile Router(config)#media services profile video_cisco_msp Router(config-ms)# rsvp  Enable RSVP Router(config-ms-rsvp)#exit Router(config-ms)# metadata  Enable Metadata Router(config-ms-md)#exit Router(config)#exit© 2012 Cisco and/or its affiliates. All rights reserved. 46
  47. 47. •  Configuration [no] profile flow [protocol { sip | h323 | rtsp | mdns } ] E.g.:To enable flow/device detection for SIP protocol: Router(config)#profile flow protocol sip.© 2012 Cisco and/or its affiliates. All rights reserved. 47
  48. 48. The user can specify RSVP params to be used in RSVP signaling. •  Create RSVP params list Router(config)#media services rsvp <name> •  Add RSVP attribute and corresponding value. Router(config-ms-rsvp)#bandwidth <1-10000000> (kbps) Router(config-ms-rsvp)# max-burst <1-65535> (KB) Router(config-ms-rsvp)#peak-rate <1-10000000> (kbps) Router(config-ms-rsvp)# priority defending <1-7> Router(config-ms-rsvp)# priority preemption <1-7>© 2012 Cisco and/or its affiliates. All rights reserved. 48
  49. 49. •  Create metadata params list Router(config)#media services metadata <name> •  Add metadata attribute and corresponding value. Router(config-ms-md)#ssrc <0-4294967295> Router(config-ms-md)#bandwidth < 1-10000000> (kbps) Router(config-ms-md)#payload-type <0-127> Router(config-ms-md)#clock-frequency <0-4294967295> Router(config-ms-md)#domain-name <WORD> 24 characters. Router(config-ms-md)#mime-type <WORD> 16 characters. Router(config-ms-md)#session-id <WORD> 80 characters Router(config-ms-md)# email <word> 24 characters. Router(config-ms-md)#username <word> 16 characters. Router(config-ms-md)#application name <name> [ vendor <name> version <number>]© 2012 Cisco and/or its affiliates. All rights reserved. 49
  50. 50. •  Attach a media service profile globally: Router(config)#media services <name> •  Attach a media service profile to an interface: Router(config)#interface gig1/14 Router(config-if)#media services <name>© 2012 Cisco and/or its affiliates. All rights reserved. 50
  51. 51. Show Device Information:msp-cat4k1#sh profile deviceMAC Address Interface Device class Device Name Device Vendor0040.8ca2.0615 Gi2/12 Surveillance-Camera AXIS-Camera AXIS COMMUNICATIONS© 2012 Cisco and/or its affiliates. All rights reserved. 51
  52. 52. •  show profile flow Displays the flows and attached profiles Router#show profile flow Source-IP sPort Dest-IP dPort protocol Media Services profile 1.1.1.1 2000 2.2.2.2 2001 UDP msp_service_A 1.1.1.4 3000 2.2.2.4 2001 UDP msp_service_B© 2012 Cisco and/or its affiliates. All rights reserved. 52
  53. 53. •  show profile flow statistics <int>Displays the profile statistics. (Platform specific output)Router#show profile flow statistics interface gi1/0/41Protocol Input Pkts OutPut Pkt InputDrops OutDrops PolicedSIP 100 100 2 1 0H.323 200 100 2 1 0RTSP 0 0 0 0 0© 2012 Cisco and/or its affiliates. All rights reserved. 53
  54. 54. Debugging flow profiling debug profile flow [error | events] debug profile flow stateful-inspection [api | error | events] debug profile flow protocol [sip | H.323 | rtsp] [event | error] Conditions for debugging debug condition profile flow source-ip <ip addr> debug condition profile flow dest-ip <ip addr> debug condition profile flow interface <interface-name>© 2012 Cisco and/or its affiliates. All rights reserved. 54
  55. 55. •  With Metadata, its now possible to Know characteristics of the flow passing through the network Configure QoS policies based on wider set of classification parameters Export application specific information via Netflow/FNF Ability to route traffic with PfR based on application aware criteria Enable performance monitor on only the necessary applications•  With MSP, its now possible to Automatically detect a wide range of media end points, mainly third party conferencing and surveillance devices, and know about their attributes (device + flow) Render intelligent and relevant network services like Metadata, CAC, QoS to applications based on easy intuitive config Proxy for end points not having MSI and for network nodes not capable of generating info themselves© 2012 Cisco and/or its affiliates. All rights reserved. 55
  56. 56. •  Thank you! •  Please complete the post-event survey •  Join us December 5th for our next webinar: Preparing for BYOD and IPv6 with a Single Security Policy Register: www.cisco.com/go/techadvantage Follow us @GetYourBuildOn© 2012 Cisco and/or its affiliates. All rights reserved. 56

×