Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Provider Backbone Bridging Ethernet VPN (PBB-EVPN) Cisco CKN TechAdvantage Webinar

1,072
views

Published on

Building L2VPNs with Provider Backbone Bridging Ethernet VPN (PBB-EVPN) implementation and use cases.

Building L2VPNs with Provider Backbone Bridging Ethernet VPN (PBB-EVPN) implementation and use cases.

Published in: Technology, Education

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,072
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
63
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Building L2VPNs with Provider Backbone Bridging Ethernet VPN (PBB-EVPN) Implementation and Use Cases April 23rd, 2014 Tina Lam (tinalam@cisco.com) Jose Liste (jliste@cisco.com) 1  
  • 2. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Today’s Presenters §  Tina Lam (tinalam@cisco.com) Product Manager Cisco §  Jose Liste (jliste@cisco.com) Technical Marketing Engineer Cisco 2  
  • 3. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Agenda What  is  PBB-­‐EVPN  and  its  benefits?   PBB-­‐EVPN  in  ASR9000   Demonstra?on   Summary   Use  Cases  
  • 4. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public What is PBB-EVPN? §  xEVPN family introduces next generation solutions for Ethernet services ‒  BGP control-plane for Ethernet Segment and MAC distribution and learning over MPLS core ‒  Same principles and operational experience of IP VPNs §  No use of Pseudowires ‒  Uses MP2P tunnels for unicast ‒  Multi-destination frame delivery via ingress replication (via MP2P tunnels) or LSM §  Multi-vendor solutions under IETF standardization E-LAN E-LINE E-TREE EVPN VPWS EVPN E-TREE PBB- EVPN EVPN Focus of Presentation
  • 5. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Business Advantages • All-Active (per-flow) access load-balancing • Fast convergence (link / node / MAC moves) Business Continuity Service Robustness • Control-plane (BGP) learning in the Core. PWs no longer used • Scalability of IP VPN. MAC address scalabilityDesigned to Scale • Per-flow and per-service access load-balancing • PE load-balancing (BGP multi-pathing). Access / core ECMPCapEx Optimization • Peer PEs auto-discovery. Redundancy group auto-sensing • Operational consistency with L3 IP VPN Ease of Provision and Operation • Support existing and new service types (E-LAN, E-Line, E- TREE, VLAN-aware bundling)Service Flexibility • Open standard • Multi-vendor supportInvestment Protection 5  
  • 6. PBB-EVPN in Cisco ASR9000 6  
  • 7. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Introducing PBB-EVPN in Cisco ASR 9000 §  Introducing the next-generation of L2VPNs – Provider Backbone Bridging Ethernet VPN (PBB- EVPN) §  Support across Cisco ASR 9000 series router family ‒ From ASR9001-S to ASR9922 §  Support starting with Cisco IOS- XR release 4.3.21 (FCS 09/2013) §  Enhanced Ethernet Line Cards (Typhoon) required as Ingress and Egress linecards (1) PBB-EVPN support started in IOS-XR 4.3.2 and 5.1.1 releases
  • 8. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB Ethernet VPN §  Next generation solution for Ethernet multipoint (E-LAN) services by combining Provider Backbone Bridging (PBB - IEEE 802.1ah) and Ethernet VPN §  Data-plane learning of local C-MACs and remote C-MAC to B-MAC binding §  PEs run Multi-Protocol BGP to advertise local Backbone MAC addresses (B-MACs) & learn remote B-MACs ‒  Takes advantage of PBB encapsulation to simplify BGP control plane operation – faster convergence ‒  Lowers BGP resource usage (CPU, memory) on deployed infrastructure (PEs and RRs) §  Under standardization at IETF – WG draft: draft-ietf-l2vpn-pbb-evpn Highlights MPLS PE1 CE1 PE2 PE3 CE3 PE4 B-MAC: B-M1 B-M2 B-M2 BGP MAC adv. Route EVPN NLRI MAC B-M1 via PE2 B-MAC: B-M1 Control-plane address advertisement / learning over Core (B-MAC) Data-plane address learning from Access • Local C-MAC to local B- MAC binding Data-plane address learning from Core • Remote C-MAC to remote B-MAC binding PBB Backbone Edge Bridge EVPN PBB-EVPN PE C-MAC: MB C-MAC: MA
  • 9. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public To PBB or not to PBB? §  What is the value of combining PBB and EVPN functions? §  Lower control-plane overhead than EVPN alone ‒  PBB-EVPN uses only a sub-set of EVPN routes ‒  Simpler and Faster failure convergence for all-active multi-homing scenarios ‒  Faster MAC move convergence handled in data-plane §  Lower control-plane scale requirements than EVPN alone ‒  BGP MAC advertisements for smaller Backbone MAC (B-MAC) address space ‒  Requires less resources (CPU, memory) on deployed infrastructure (PEs / RRs) 9   PBB
  • 10. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Provider Backbone Bridging Overview §  PBB (IEEE 802.1ah-2008) defines an architecture that includes ‒  224 service instances (I-SID) per B-VLAN ‒  MAC-in-MAC §  I-Component ‒  Learns & forwards using C-MACs ‒  Maintains a mapping table of C-MACs to B-MACs ‒  Performs PBB encap/decap on PIP §  B-Component ‒  Learns & forwards using B-MACs ‒  Push / pop B-VLAN on CBP 10   B-comp I-comp I-comp I-comp IB-BEB = I-/B-comp Backbone Edge Bridge I-SID = Backbone Service Instance Identifier PIP = Provider Instance Port CBP = Customer Backbone Port PIP CBP IB-BEB L2Core L2Access B-DA / B-SA B-Tag I-TAG C-DA / C-SA Customer Frame B-DA / B-SA I-TAG C-DA / C-SA Customer Frame C-DA / C-SA Customer Frame 6B 4B 12B
  • 11. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Concepts Ethernet Segment •  Represents a ‘site’ connected to one or more PEs •  Uniquely identified by a 10- byte global Ethernet Segment Identifier (ESI) •  Could be a single device or an entire network Single-Homed Device (SHD) Multi-Homed Device (MHD) Single-Homed Network (SHN) Multi-Homed Network (MHN) BGP Routes •  EVPN and PBB-EVPN define a single new BGP NLRI used to carry all EVPN routes •  NLRI has a new SAFI (70) •  Routes serve control plane purposes, including: MAC address reachability MAC mass withdrawal Split-Horizon label adv. Aliasing Multicast endpoint discovery Redundancy group discovery Designated forwarder election EVPN Instance (EVI) •  EVI identifies a VPN in the network •  Encompass one or more bridge-domains, depending on service interface type Port-based VLAN-based (shown above) VLAN-bundling VLAN aware bundling (NEW) BGP Route Attributes •  New BGP extended communities defined •  Expand information carried in BGP routes, including: MAC address moves C-MAC flush notification Redundancy mode MAC / IP bindings of a GW Split-horizon label encoding PE   BD   BD   EVIEVI PE1   PE2   CE1   CE2   SHD   MHD   ESI1   ESI2   Route Types [1] Ethernet Auto-Discovery (AD) Route [2] MAC Advertisement Route [3] Inclusive Multicast Route [4] Ethernet Segment Route Extended Communities ESI MPLS Label ES-Import MAC Mobility Default Gateway Used by PBB-EVPN
  • 12. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Model Cisco ASR 9000 BD-1 BD-2 BD-3 BD-4I-SID X I-Component: PBB Edge Bridges Domain B-Component: PBB Core Bridges Domain I-SID Y I-SID Z BD-5 EVI aaa EVI bbb Interface (Physical / Bundle) Ethernet Segment Identifier (ESI) Source B-MAC MPLS EVPN Forwarder Ethernet Flow Points (EFP) (Layer2 sub-if)
  • 13. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Model Cisco ASR 9000 BD-1 BD-2 BD-3 BD-4I-SID X I-SID Y I-SID Z BD-5 EVI aaa EVI bbb VFI EoMPLS PW VPLS VFI MPLS EVPN Forwarder VPLS VFI (PBB-VPLS)1 VFI (1) Co-existence of VPLS VFI and EVI under same Core BD in IOS-XR 5.1.2 (Apr. 14) Connecting with existing services I-Component: PBB Edge Bridges Domain B-Component: PBB Core Bridges Domain
  • 14. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Encapsulation B-DA B-SA E-type (I-TAG 0x88E7) I-TAG DA SA 802.1q Tag (0x8100) C-VID Payload E-Type Payload DA SA E-type (802.1q 0x8100) C-VID Payload E-Type Payload EVPN MPLS label Control Word PBB Header Customer Frame BD BD I-SID X EVI aaa EVPN Forwarder DA (NH router) SA E-type (MPLS 0x8847) PSN MPLS label EVPN MPLS label Control Word PBB Header Customer Frame 6B 6B 2B 4B 4B 4B 18B 4B 24-bit I-SID inside I-TAG MPLS Ethernet Access
  • 15. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public MPLS PBB-EVPN Operation Multicast Tunnel ID / Endpoint Discovery1 15   BD EVPN Forwarder BD BDI-SID X I-SID Y Flood List Entry 1: PE 2 – label D Entry 2: PE 4 – label E I-SID Y EVI aaa PE2 PE3 PE4 PE1 I-SID X Flood List Entry 1: PE 2 – label A Entry 2: PE 3 – label B Entry 3: PE 4 – label C X X X Y Y RR At start-up, PEs send EVPN Inclusive Multicast routes to signal I-SID membership Inclusive Multicast route signals MPLS label to be used in the downstream direction 1 2 2 EVPN Inclusive Multicast route CE2 CE4 CE1 CE3 (1) Ingress / Head Replication model shown
  • 16. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public MPLS PBB-EVPN Operation B-MAC Reachability Advertisement 16   BD EVPN Forwarder BD BDI-SID X I-SID Y EVI aaa PE3 PE1 L2 Routing Information Base (RIB) B-DA2; Next Hop PE2; label F B-DA3; Next Hop PE3; label G B-DA4; Next Hop PE4; label H CE2 PE2 CE4PE4 B-DA2 B-DA4 RR B-DA1 CE1 2 At start-up, PEs send EVPN MAC Advertisement route for local B-MAC/EVI 1 B-DA3 MAC Advertisement route signals MPLS label to be used in the downstream direction EVPN MAC Advertisement route CE3
  • 17. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public MPLS PBB-EVPN Operation Multi-Destination Traffic Forwarding (Per-ISID Ingress Replication) 17   BD EVPN Forwarder BD BDI-SID X I-SID Y Flood List Entry 1: PE 2 – label D Entry 2: PE 4 – label E I-SID Y EVI aaa PE2 PE3 PE4 PE1 I-SID X Flood List Entry 1: PE 2 – label A Entry 2: PE 3 – label B Entry 3: PE 4 – label C X Ingress replication with Per-ISID flooding 3 copies for I-SID X 2 copies for I-SID Y Multi-destination Traffic •  Unknown unicast •  Broadcast •  Multicast 1 2 CE2 CE4 CE3 X Y X Y CE1 B-DA1C-MAC1a SA: C-MAC1a DA: FFFF.FFFF.FFFF SA: C-MAC1b DA: FFFF.FFFF.FFFF C-MAC1b CAM Table I-SID X Entry1: C-MAC1a; B-DA1 CAM Table I-SID Y Entry1: C-MAC1b; B-DA1 3
  • 18. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public MPLS PBB-EVPN Operation Known Unicast Traffic Forwarding 18   BD EVPN Forwarder BD BDI-SID X I-SID Y EVI aaa PE3 PE1 CAM Table I-SID X Entry1: C-MAC1a; local Entry2: C-MAC2; B-DA2 Entry3: C-MAC4; B-DA4 L2 Routing Information Base (RIB) B-DA2; Next Hop PE2; label F B-DA3; Next Hop PE3; label G B-DA4; Next Hop PE4; label H Known Unicast Traffic CE2 C-MAC2 PE2 CE4 C-MAC4 PE4 B-DA2 B-DA4 B-DA1C-MAC1a CE1 SA: C-MAC1a DA: C-MAC2 SA: C-MAC1a DA: C-MAC4 1 Lookup Lookup B-DA2 B-DA4 PE2; label F PE4; label H Known Unicast delivered to specific remote PEs 2
  • 19. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Failure Scenarios / Convergence Link / Segment Failure – All-Active Load-Balancing MPLS PE1 CE1 PE2 PE3 CE3 PE4 PE3, PE4 RIB VPN MAC ESI RT-a B-M1 n/a Path List NH PE1 PE2 PE1 withdraws B-MAC advertised for failed segment (B-M1) 2 PE2 reruns DF election. Becomes DF for all I- SIDs on segment 4 PE3 / PE4 remove PE1 from path list for B- MAC (B-M1) 3 PE1 detects failure of one of its attached segments 1 PE1 B-M1 B-M1 B-M2 B-M2 PE1 withdraws Ethernet Segment Route 2 At idle state, PE3, PE4 install two (2) next hops for B-MAC B-M1
  • 20. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Operational Scenarios MAC Mobility 20   MAC Mobility MPLS PE1 CE1 PE2 PE3 CE3 PE4 MPLS PE1 CE1 PE2 PE3 CE3 PE4 VID 100 SMAC: M1 DMAC: M2 PE1 learns C-MAC M1 on local port and forwards across core according to C-MAC DA to Remote B-MAC mapping 1 Host M1 moves from CE1 to CE3’s location 3 M1 M1 M1 VID 100 SMAC: M1 DMAC: F.F.F Via data-plane learning, PE3 learns C-MAC M1 via B- MAC B-M1 2 After move, host sends Gratuitous/Reverse ARP at new location, PE3 updates C-MAC M1 location (local port.) PE3 also forwards across core according to C- MAC DA to Remote B-MAC mapping 4 Via data-plane learning, PE1 updates C-MAC M1 location (via B-MAC B-M2) 5 B-M1 B-M1 B-M2 B-M2 L1L2 PBB PE1 MAC Table I-SID xyz C-MAC B-MAC M1 - PE3 MAC Table I-SID xyz C-MAC B-MAC M1 B-M1 PE3 MAC Table I-SID xyz C-MAC B-MAC M1 - PE1 MAC Table I-SID xyz C-MAC B-MAC M1 B-M2 1 4 1 4 2 5 B-M1 B-M1 B-M2 B-M2 L3L4 PBB MAC Mobility event handled entirely by data-plane learning
  • 21. Multi-Homing Use Cases 21  
  • 22. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN §  Null Ethernet Segment Identifier (ESI) §  No DF election / No vlan carving Access Multi-Homing Options 22   PE1 CE1 MPLS Core PE2 BMAC 1 ESI W BMAC 1 ESI W Dual Home Device (DHD) All-Active (Per-Flow) LB VID X VID X PE1 CE1 MPLS Core PE2 BMAC 2 ESI W BMAC 1 ESI W Dual Home Device (DHD) Single-Active (Per-Service) LB VID X VID Y §  Main candidate for Data Center deployments §  Identical B-MAC and ESI on PEs §  Different B-MACs and identical ESI on PEs §  Per service (I-SID) carving (manual or automatic) §  CE flush via STP TCN / MVRP PE1 CE1 MPLS Core ESI Null Single Home Device (SHD) Single Home Network (SHN) VID X VID X CE2 ESI Null
  • 23. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Access Multi-Homing Options (cont.) 23   PE1 CE1 MPLS Core PE3 BMAC 1 ESI W BMAC 1 ESI W Multi Home Device (MHD) All-Active (Per-Flow) LB VID X VID X Multi Home Device (MHD) Single-Active (Per-Service) LB §  More than two (2) PEs in redundancy group §  Same as DHD All-Active Load-balancing §  More than two (2) PEs in redundancy group §  Same as DHD Single- Active Load-balancing PE2 PE1 CE1 MPLS Core PE3 BMAC 3 ESI W BMAC 1 ESI W VID X VID Z PE2 VID YVID X BMAC 1 ESI W BMAC 2 ESI W
  • 24. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Access Multi-Homing Options (cont.) 24   MPLS Core §  Treated as SHN by PEs ‒  Null ESI; No DF election / No service carving §  Ring operation controlled by R-APS protocol MPLS Core §  Treated as SHN by PEs ‒  Null ESI; No DF election / No service carving §  Segment operation controlled by REP protocol §  Different B-MAC on PEs §  Identical ESI on PEs §  Per service (I-SID) carving (manual or automatic) §  CE flush via STP TCN / MVRP PE1 PE2 CE2 CE1 Dual Home Network (DHN) Single-Active (Per-Service) LB MPLS Core BMAC 2 ESI W BMAC 1 ESI W VID X VID Y PE1 PE2 CE2 CE1 REP Dual Home Network (DHN) REP ALT port REP Edge No Neighbour REP-AGREP-AG ESI Null ESI Null VID X VID Y VID X VID Y PE1 PE2 CE2 CE1 G.8032 Open Sub-ring Dual Home Network (DHN) ITU-T G.8032 R-APS RPL Link ESI Null ESI Null VID X VID Y VID X VID Y
  • 25. Demonstration 25  
  • 26. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Demonstration Topology P P P P PE3 ASR9006 PE1 ASR9006 PE2 ASR9001 CE2 CE3 CE1 TG TG TG I-SID 111010 I-SID 111020 I-SID 111030 EVI 111 Three (3) E-LAN services between CE-1, CE-2, CE-3 DHD Active/Active per Flow SHD SHD with Bundle Legend: SHD = Single-Home Device DHD = Dual-Home Device TG = Traffic Generator Lo0 14.14.14.7 Lo0 14.14.14.5 Lo0 14.14.14.6 Focus of Demonstration
  • 27. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Summary §  PBB-EVPN is a next-generation L2VPN solution based on BGP control-plane for MAC distribution/learning over the core §  PBB-EVPN was designed to address following requirements: ‒  All-active Redundancy and Load Balancing ‒  Simplified Provisioning and Operation ‒  Optimal Forwarding ‒  Fast Convergence §  In addition, PBB-EVPN and its inherent MAC-in-MAC hierarchy provides: ‒  Simplified control plane operation and faster convergence ‒  Lower control-plane scale requirements (BGP CPU and memory) ‒  MAC address Scalability §  PBB-EVPN applicability goes beyond DCI into Carrier Ethernet use cases 27  
  • 28. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public References §  Cisco.com PBB-EVPN User Documentation: http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r5-1/lxvpn/ configuration/guide/lesc51x/lesc51pbb.html §  (Video / Slides) Cisco Live 365: BRKMPL-2333: E-VPN and PBB-EVPN: The Next Generation of MPLS-Based Layer 2 VPN (2014 Milan) https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=76547 §  You can also meet us at Cisco Live 2014 – San Francisco (May 19-24) ‒ Breakout Session: BRKMPL-2333 ‒ Request a Meet The Expert (MTE) session 28  
  • 29. © 2012 Cisco and/or its affiliates. All rights reserved.Presentation_ID Cisco Public
  • 30. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Shipping Features IOS-XR 4.3.2 – Aug 2013 XR 5.1.2 – Apr 2014 ASR9K1 PBB-EVPN Introduction • Port, VLAN, VLAN-bundle Mode • PE Auto-discovery • Ethernet Segment Identifier Auto-config w/ LACP • Single-homing • Single-active Multi-homing • All-active Multi-homing • Access Redundancy w/ LACP, G.8032, MST, nV Cluster • Designated Forwarding (DF) election • MAC Mobility • Multicast Ingress Replication • BGP ISSU and NSR • BGP Route Reflector (RR) for PBB-EVPN PBB-EVPN Enhancement • MAC Security on PBB-EVPN • PBB-EVPN and PBB-VPLS Seamless Integration IOS XE 3.11 – Nov 2013 ASR1K • BGP Route Reflector (RR) for PBB-EVPN (1) Requires use of Enhanced Ethernet Linecards (Typhoon) for access-facing and core-facing interfaces