ASR-9000 в качестве платформы внедрения SDN в сетях операторов связи

1. ASR-9000 в качестве платформы
внедрения SDN в сетях операторов
связи
Илгар Гасымов (igasymov@cisco.com)
Системный архитектор
Департамент операторов связи
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved.

2. Содержание
• Применение SDN на операторском рынке
• SDN технологии на ASR 9000
• BGP-LS
• Stateful PCEP
• NETCONF/YANG
• Заключение
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved.2

3. Применение SDN на операторском рынке
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved.3

4. Cloud Data Centre
Consumer
DPI CGN WWW
FW CDN IPS
Virtual Private Cloud
Enterprise NfV Services
CPE DPI WAAS
FW NAM IPS
SP IP/MPLS
Network
SP
DC Fabric
Guaranteed Network SLA Cloud SLA
Service Chaining
NSO / VTS / Elastic
Service Controller
Cisco WAE
4
CPE
CPE
PE
DCI
vCPE
SDN – Сквозное управление услугой
Централизованный контроль ресурсов и обеспечение SLA

5. Инфраструктура сегодня:
управляется раздельно и сложно
Data
Center
Customers
Wide Area Network Cloud
Optical
IP/MPLS
Software Engineering (Applications)
System Engineering
(Compute, Storage, Virtual
Machines)
Network Engineering
(WAN Services, NfV)
Enterprise
Virtual
5

6. Новый подход к управлению инфратсруктурой
Data
Center
Customers
Wide Area Network Cloud
Optical
IP/MPLS
Software Engineering (Applications)
System Engineering
(Compute, Storage, Virtual
Machines)
Network Engineering
(WAN Services, NfV)
Enterprise
Virtual
Physical and Virtual
API’s
Orchestration
API’s
Applications
6

7. Место SDN в новом подходе
Data
Center
Access/Customers
Wide Area Network Cloud
Optical
IP/MPLS
DC/Cloud
SDN
Enterprise
SDN
Applications DC-WAN X-Domain OrchEnt-SP WAN X-Domain Orch
SP SDN
(e.g WAN Orchestration)
7

8. Data
Center
Access/Customers Wide Area Network Cloud
Optical
IP/MPLS
DC/Cloud
SDN
Enterprise
SDN
Applications DC-WAN X-Domain OrchEnt-SP WAN X-Domain Orch
SP SDN
(e.g WAN Orchestration)
8
APIC
EM
APIC
DC
Место SDN в новом подходе

9. SDN: Большой выбор платформ
9
“Купить” “Разработать”
Tail-F
NCS
Оркестрация
NETCONF PCEP BGP-LS NETFLOW SNMP CLI
Множество опций управления Физическими и Виртуальными устройствами

10. Сегодня рассматриваем
Приложения
Оркестрация
API’s + Protocols
10

11. Оркестрация – Раньше и Теперь
OSS/BSS
WANCPE Data Center
CPE
Prov
WAN
Prov
DC
Prov
OSS/BSS
WANCPE Data Center
Orchestration
Platform
YANG
Service
Models
YANG
Device
Models
REST, Netconf, …
Customized BSS/OSS and
Provisioning Systems Model-driven Network and Service
Orchestration

12. SDN технологии на ASR 9000
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved.12

13. ASR 9001 ASR9904 ASR 9006 ASR 9010 ASR9912 ASR 9922
Размер 2RU 6RU 10RU 21RU 30RU 44RU
Кол-во I/O слотов 2 MPAs 2 4 8 10 20
Вентиляция Side to side Side to side Side to back Front to back Front to back Front to back
Произв. / слот N/A 770G/385G 440G/220G 440G/220G 770G/660G 770G/660G
Произв. шасси /
слот
120Gbps 2Tbps 880Gbps 880Gbps 2Tbps 2Tbps
Произв. всего
шасси
120Gbps 8Gbps 3.5 Tbps 7.0 Tbps 20Tbps 40Tbps
Cisco ASR 9000
Virtual
XR DP
IOS XRv 9000

14. Поддержка SDN на ASR 9000
Controller
OpenFlow
OpenFlow
Agent
Приложения
Policy Servers OSS/BSS User AppAnalytics
Оркестрация
Control Plane
Management
Plane
Controller
Контроллеры3
Программные
политики
BGP-LS
API и Протоколы
OpenFlow Agent ,
BGP-LS, PCEP,
NETCONF
2
SDN Enabled Data
Plane
1
E-PBR Data Plane
Policy Fwd Flows
ASR 9000
SDN Платформы
Orchestration,
Analytics, Services, etc
4
VSM
Эффект
Интеллек-
туальной
сети
Controller
PCEP
Приложения5

15. Различные инструменты для тестирования
OpenDaylight (ODL)
https://wiki.opendaylight.org/view/Getting_started
http://www.opendaylight.org/software/downloads
REST Client:
Chrome: Postman REST Client
Firefox: REST Client
Wireshark: https://www.wireshark.org/
IOS XR 5.2.2 with physical routers and
Virtual Internet Routing Lab (VIRL): virl.cisco.com
For Your
Reference
15

16. ASR-9000 BGP Link State protocol
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved.16

17. Обнаружение и сбор данных по топологии сети
• Традиционные:
§ Methods: SNMP, SNMPCollect (polling), Netflow, CLI Parsing
§ Platforms: Network Management Systems (NMS)
§ Are and will continue to be used…
• Недостатки:
§ Delay in topology changes to NMS
— E.g. delay based on polling intervals
§ Unreliable transport
— e.g. missed SNMP traps
• Требуют наращивания по мере роста сети и информации о ее состояниях
17

18. Обзор BGP Link-State (BGP-LS)
Use BGP to advertise LSDB and TED of a network
§ New link-state address family
Support for OSPF and ISIS LSDB
Advantages
§ Single upstream topology feed (BGP)
§ IGP isolated from external entities
§ Leverage well-known BGP security,
transport and policy knobs
§ Enables operator control
Support introduced in IOS XR 5.1.1
Implementations: WAN Automation Engine (WAE),
OpenDaylight (ODL)
Domain 1 Domain 2
Domain 0
BGP-LS
BGP-LS BGP-LS
RR
PCE
TED
LSP DB
18

19. Референсная диаграмма: BGP-LS
OpenDaylight
192.168.96.0/29
.1
.2
192.168.x.x/31
64.4/31
64.0/31
192.4/31 192.6/31
128.2/31
128.0/31
192.0/31
AG04-4
10.99.8.8/32
AG04-2
10.99.2.2/32
AG06-3
10.99.5.5
AG06-1
10.99.3.3
AG06-2
10.99.4.4
AG06-4
10.99.6.6
AG04-1
10.99.1.1
172.18.152.3/24
For Your
Reference
BGP-LS
REST
19

20. router ospf 1
distribute bgp-ls instance-id 1
router-id 10.99.8.8
area 0
router bgp 65000
bgp router-id 10.99.8.8
address-family link-state link-state
!
neighbor 192.168.96.2
remote-as 65000
update-source Loopback0
address-family link-state link-state
!
!
Настройка BGP Link State на ASR 9000
20
Distribute link state
database into BGP-LS
Specify BGP-LS peer
Enable address-family
link-state

21. RP/0/RSP0/CPU0:ASR9K-4#sh bgp link-state link-state
Tue May 6 00:09:45.523 UTC
BGP router identifier 10.99.8.8, local AS number 100
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Prefix codes: E link, V node, T IP reacheable route, u/U unknown
I Identifier, N local node, R remote node, L link, P prefix
L1/L2 ISIS level-1/level-2, O OSPF, D direct, S static
a area-ID, l link-ID, t topology-ID, s ISO-ID,
c confed-ID/ASN, b bgp-identifier, r router-ID,
i if-address, n nbr-address, o OSPF Route-type, p IP-prefix
d designated router address
Network Next Hop Metric LocPrf Weight Path
*> [V][O][I0x1][N[c100][b10.99.8.8][a0.0.0.0][r10.99.1.1]]/376
0.0.0.0 0 i
*> [E][O][I0x1][N[c100][b10.99.8.8][a0.0.0.0][r10.99.1.1]][R[c100][b10.99.8.8]
[a0.0.0.0][r10.99.2.2]][L[i192.168.192.2][n192.168.192.3]]/792
0.0.0.0 0 i
Prefix codes
Node
Link
21
Верификация BGP Link State на ASR 9000

22. BGP-LS Пример* Topology Visualization
22
*Посетите DevNet чтобы скачать пример программы визуализации BGP-LS
https://developer.cisco.com/site/devnetlabs/bgp/

23. ASR9000 Path Computation Element protocol
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved.23

24. Path Computational Element (PCE)
Определение
• Traffic Engineering Database (TED)
§ Содержит топологию и информацию
о ресурсах
§ Основывается на IGP LSDB
• PCE Server (PCE)
• Path Computation Client (PCC)
§ Агент на маршрутизаторе, который
взаимодействует с PCE Server
• PCE Protocol (PCEP)
§ Протокол работающий между PCC
на маршрутизаторе и PCE server
24
Основная функция расчитать путь (напр. MPLS TE LSP)
в MPLS/GMPLS сети

25. • Stateless
• PCE не имеет информации о ранее построенных LSP
• Stateful
• Синхронизация PCC и PCE
• PCC пересылает изменение состояний на PCE
• PCC может делегировать упр-е LSP на PCE
• PCE или PCC могут инициировать настройку
LSP
• PCC всегда отслеживает состояние LSP
Stateless и Stateful PCE
25
PCEP
Stateful PCE
TED
LSP DB
PCC
PCE-initiated
LSP

26. Stateful PCE
• LSP Database
§ Contains info/status on active LSPs
communicated by PCCs in LSP state
report messages
• Active Stateful PCE
§ References LSP DB for path
computations
§ Programs LSP state in network
• PCC reports LSP status to PCE
• PCE may reprogram an existing LSP
• LSP Delegation
§ PCC delegates LSP control
responsibility to PCE
LSP=Label Switch Path
26

27. ASR9000 туннели инициированные PCE
• Treated as dynamically created tunnels
(auto-tunnel)
• Router does NOT verify or compute path
that PCE provides
§ treated as verbatim path
• PCE responsible for LSP re-optimization
• PCE sends an PCEP Update when a better
path exists
• Tunnels may be inter-area
• *PCE Initiated tunnel does not appear in
configuration
§ “show mpls traffic-eng tunnels”
PCEP
Initiate /
Create
Stateful PCE
TED
LSP DB
PCC
27

28. Референсная диаграмма: PCE Initiated LSP
OpenDaylight
192.168.96.0/29
.1
.2
192.168.x.x/31
64.4/31
64.0/31
192.4/31 192.6/31
128.2/31
128.0/31
192.0/31
AG04-4
10.99.8.8/32
AG04-2
10.99.2.2/32
AG06-3
10.99.5.5
AG06-1
10.99.3.3
AG06-2
10.99.4.4
AG06-4
10.99.6.6
AG04-1
10.99.1.1
172.18.152.3/24
For Your
Reference
PCEP
REST
28

29. Настройка PCC на ASR 9000
hostname ASR9K-AG04-4
!
ipv4 unnumbered mpls traffic-eng Loopback0
!
mpls traffic-eng
pce
peer ipv4 192.168.96.2
stateful-client
instantiation
delegation
!
auto-tunnel pcc
tunnel-id min 7000 max 9999
!
Allow PCE-initiated LSP
User defined
tunnel number
range.
Required for
auto-tunnel
PCE server
29
Delegate statically
configured tunnels

30. PCE Add-LSP (OpenDaylight) пример
REST URL: http://localhost:8080/restconf/operations/network-topology-pcep:add-lsp
Method: POST Content-Type:application/xml
<input>
<node>pcc://10.99.8.8</node>
<name>test-tunnel</name>
<arguments>
<endpoints-obj><ipv4>
<source-ipv4-address>10.99.8.8</source-ipv4-address>
<destination-ipv4-address>10.99.6.6</destination-ipv4-address>
</ipv4></endpoints-obj>
</arguments>
<network-topology-ref xmlns:topo="urn:TBD:params:xml:ns:yang:network-topology">/
topo:network-topology/topo:topology[topo:topology-id="pcep-topology"]</network-
topology-ref>
</input>
PCC
Source
Destination
30

31. PCE Update LSP (OpenDaylight) пример
URL: http://localhost:8080/restconf/operations/network-topology-pcep:update-lsp
Method: POST Content-Type:application/xml
<input>
<node>pcc://10.99.8.8</node> <name>test-tunnel</name>
<network-topology-ref xmlns:topo="urn:TBD:params:xml:ns:yang:network-topology">/topo:network-topology/
topo:topology[topo:topology-id="pcep-topology"]</network-topology-ref>
<arguments>
<operational xmlns:stateful02="urn:opendaylight:params:xml:ns:yang:pcep:crabbe:stateful:02">true</operational>
<ero>
<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.64.4/32</ip-prefix></ip-prefix></subobject>
<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.192.4/32</ip-prefix></ip-prefix></subobject>
<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.192.7/32</ip-prefix></ip-prefix></subobject>
<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.128.3/32</ip-prefix></ip-prefix></subobject>
</ero>
</arguments>
</input>
Explicit-Route Object (ERO)
31

32. ASR9000 проверка PCE тунеля
RP/0/RSP0/CPU0:ASR9K-AG04-4#show mpls traffic-eng pce tunnels
Mon May 19 17:39:38.550 UTC
Tunnel : tunnel-te7004
Destination : 10.99.6.6
State : up
Current path option : 10
32

33. ASR9000 команды проверки состояния
• New commands
§ show mpls traffic-eng auto-tunnel pcc […]
• Modified Commands
§ show mpls traffic-eng pce peer [ all|ipv4 <addr>|node-id <id>|stateful|stateless]
• Other useful commands
§ show mpls traffic-eng pce tunnels <id>
§ show mpls traffic-eng pce trace […]
§ show mpls traffic-eng tunnels tabular
33

34. Traffic Steering into PCE-Initiated Tunnels
Возможные методы:
• Autoroute announce
• Policy-based tunnel selection (forwarding class id)
34

35. Policy Based Tunnel Selection
• Local mechanism at head-end
• PBR policy sets forwarding class for
incoming traffic
• Traffic switched to tunnel with matching
forwarding class
• Seven forwarding classes supported (1-7)
• One forwarding class reserved as default (0)
PE1
PE2
Tunnel-te1000
Forwarding class 1
Tunnel-te2000
Forwarding class 0
(default)
Input policy matches
traffic based on ACL
and sets forwarding
class
35

36. Traffic Steering PCE Initiated Tunnel
Tunnel-te1000
Forwarding
class 1
Tunnel-te2000
Forwarding
class 0 (default)
Tunnel-te7000
PCE Initiated LSP
Forwarding class 2
ASR9K-1
CE
TenGigE0/1/0/1
10.201.7.43
ASR9K-2
ASR9K-3
Set Forward ClassID 2
36

37. Orchestra?on
RESTful APIs
PCEP Programming
Пример: PCE Initiated LSP
WAN
R1
R2
R3
Data Center #1 Data Center #2
4
3
Service Request
1
Analytic to determine LSP
2
PCCreate LSP
3
Traffic steering onto LSP
6
10.201.7.43
2
6
TE LSP Signaling
4
Delegate & LSP State Report
5
5

38. ASR9000 NetConf YANG
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved.38

39. Традиционноый подход - CLI
• Generally a majority of today’s
configuration
• Device Specific
• Human Friendly
• Manual (challenging to automate)
• Developer un-friendly
§ Such parsing CLI screen scrape
• No Common Data Model
• No Built-In Error Reporting
[joerober@rtp-odl ~]$ ssh lab@10.99.1.1
lab@10.99.1.1's password:
RP/0/RSP0/CPU0:ASR9K-AG04-1#configure terminal
Tue Jan 6 17:18:58.350 EST
RP/0/RSP0/CPU0:ASR9K-AG04-1(config)#
39

40. NETCONF
• Network Configuration Protocol (NETCONF)
§ XML based interface between network device and NMS
§ Mechanism to manage, configure, and monitor network device
• Published RFC 4741 (Dec 2006)
• Updated RFC 6241 (Jun 2011)
• RFC 6242 (Jun 2011) Using the NETCONF Protocol over Secure Shell
• Overcome SNMP Limitations
§ 2003 IAB Network Management Workshop (RFC3535)
40

41. YANG
• Modeling language defined in RFC 6020
• Used by NETCONF to define objects and data in requests and replies
• Models configuration, operational, and RPC data
• Provides semantics to better define NETCONF data
• Provides common data model:
§ In order for NETCONF to be useful as network-wide protocol
§ To consume NETCONF data from any network device
• YANG modules are for NETCONF what MIBs are for SNMP
41

42. Сравнение SNMP и NETCONF
SNMP NETCONF
Data Models Defined in MIBs Defined in YANG modules (or
XML schema documents)
Data Modeling Language Structure of Management
Information (SMI)
YANG (and XML schema)
Management Operations SNMP NETCONF
RPC Encapsulation Basic Encoding Rules (BER) XML
Transport Protocol UDP TCP (reliable transport)
42

43. NETCONF Уровни
• Content
§ Configuration and Operational Data
• Operations
§ Defines base operations
§ What clients do to servers
• Messages/Remote Procedure Call (RPC)
§ Transport-independent mechanism for encoding messages
§ RPC, RPC-Reply
• Transport
§ Reliable communication between client and server
Content
Operations
Messages
Transport
43

44. ASR9000 NETCONF Транспорт и операции
SSH NETCONF (1.1) session:
§ IOS XR 5.3.1
§ On client utilize ssh with –s to request invocation of subsystem on server (router)
— ssh lab@172.18.152.20 -p 830 -s netconf
Transport
Messages
Operations
Content
Client Server
<rpc>
<rpc-reply>
44

45. NETCONF Операции
45
Operation Description
<get-config> Retrieve all or part of specified configuration datastore
<edit-config> Loads all or part of a configuration to the specified configuration
datastore
<get-schema> Retrieve YANG-based XML Data
<commit> Copy candidate datastore to running datastore
<get> Retrieve running configuration and device state information
<lock> / <unlock> Lock or unlock the entire configuration datastore system
<close-session> Graceful termination of NETCONF session
<kill-session> Forced termination of NETCONF session
Complete List Protocol Operations: https://tools.ietf.org/html/rfc6241
Transport
Messages
Operations
Content

46. ASR9000 NETCONF Data Stores
§ Target of NETCONF Operations
§ Data stores are named containers that may hold an entire copy of the configuration
§ IOS XR Supported Datastores:
§ <running>
§ <candidate>
§ *XR two stage commit (no startup datastore)
Running Candidate
Transport
RPC
Operations
Content
46

47. YANG XR 5.3.1 Data Models
• YANG data modules are part of the software image.
• Models can be retrieved from router using <get-schema> operation.
• YANG Model file for each configuration module
§ For example, to configure CDP, the relevant yang model is Cisco-IOS-XR-cdp-cfg
• 5.3.1 Data Models:
http://www.cisco.com/c/en/us/td/docs/routers/crs/software/crs_r5-3/security/
configuration/guide/b-syssec-cg53x-crs/
Implementing_the_Network_Configuration_Protocol.pdf#unique_8
47

48. ASR9000 NETCONF 1.1 Configuration (XR 5.3.1)
• Pre-requisite:
§ k9sec pie must be installed
§ Crypto keys must be generated
• Enable NETCONF Agent:
• ssh server netconf port 830
• netconf-yang agent ssh
• Session verification:
• show netconf-yang clients
• show netconf-yang statistics
! IOS XR 5.3.1
hostname ASR9K-R1
domain name cisco.com
!
ssh server v2
ssh server vrf default
ssh server netconf port 830
netconf-yang agent
ssh
!
48

49. XR 5.3.1 Sample NETCONF/YANG Workflow
49
ASR9000
Orchestration Platform
NETCONF Client
1 XR Image contains YANG
2 Client (application) retrieves
models with <get-schema>
3 Client installs and processes
YANG models
YANG
Data Model
1
YANG
Data Model
3
4 Client sends operation request
Using YANG-based XML data
5 Router understands YANG-based
XML data & is configured
accordingly
2 <get-schema>
<edit-config>4
Candidate Running5 6 Client-router interaction continues
Until network configured as desired

50. <edit-config>
<PBR>
<ServicePolicy>
<Input>PBTS</Input>
</ServicePolicy>
</PBR>
Orchestra?on
RESTful APIs
Programming
Пример:NETCONF Detailed Policy/Traffic Steering
WAN
R1
R2
R3
Data Center #1 Data Center #2
3
3
Service Request
1 Analytic to determine LSP
2
Create LSP Tunnel FCID 2
3
NETCONF to program:
-detailed policy*
-apply policy inbound
4
10.201.7.43
2
4
*example policy in reference slides 50

51. Пример <edit-config>
<?xml version="1.0" encoding="UTF-8" ?>
<rpc message-id="106" xmlns="urn:ietf:params:netconf:capability:candidate:1.0">
<edit-config>
<target><candidate/></target>
<config>
<Configuration><InterfaceConfigurationTable><InterfaceConfiguration><Naming>
<Active>act</Active>
<InterfaceName>TenGigE0/3/0/0</InterfaceName>
</Naming>
<Description>NETCONF CONFIG</Description>
<IPV4Network><Addresses><Primary>
<Address>10.223.1.1</Address>
<Netmask>255.255.255.0</Netmask>
</Primary></Addresses></IPV4Network>
</InterfaceConfiguration></InterfaceConfigurationTable>
</Configuration></config>
</edit-config> </rpc>
##
Datastore
Interface
Add interface
description
IPv4 Address
Netmask
interface TenGigE0/3/0/0
description NETCONF CONFIG
ipv4 address 10.223.1.1 255.255.255.0
51

52. Пример <get-config>(Attribute match)
<?xml version="1.0" encoding="UTF-8" ?>
<rpc message-id="106" xmlns="urn:ietf:params:netconf:capability:candidate:1.0">
<get-config>
<source><running/></source>
<filter>
<Configuration>
<InterfaceConfigurationTable>
<InterfaceConfiguration>
<Naming>
<Active>act</Active>
<InterfaceName Match=“TenGigE.*”/>
</Naming>
</InterfaceConfiguration>
</InterfaceConfigurationTable>
</Configuration>
</filter>
</get-config> </rpc>
Attribute match: all TenGigE interfaces
Datastore
52
For Your
Reference

53. Заключение
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved.53

54. Заключение
ASR 9000 под управлением операционной системы IOS-XR поддерживает
широкий набор SDN протоколов: BGP LS, PCEP, Netconf /YANG, OpenFlow,
Restconf/XML
В IOS-XR 6.X и выше этот функционал еще более расшириться, вплоть до
хостинга сетевых приложений
Благодаря активному участию Cisco в разработке как своих платформ
оркестрации и контроллеров, так и со свободным исходным кодом, внедряя
ASR 9000 наши клиенты получают отлаженное решение для инфраструктуры
программируемой сети
54

55. CiscoRu Cisco CiscoRussia
Ждем ваших сообщений с хештегом
#CiscoConnectRu
CiscoRu
Пожалуйста, заполните анкеты.
Ваше мнение очень важно для нас!
Спасибо!
Илгар Гасымов (igasymov@cisco.com)
Системный архитектор
Департамент операторов связи
© 2015 Cisco and/or its affiliates. All rights reserved.