Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Provider Backbone Bridging Ethernet VPN (PBB-EVPN) Cisco CKN TechAdvantage Webinar

6,578 views

Published on

Building L2VPNs with Provider Backbone Bridging Ethernet VPN (PBB-EVPN) implementation and use cases.

Published in: Technology, Education
  • Be the first to comment

Provider Backbone Bridging Ethernet VPN (PBB-EVPN) Cisco CKN TechAdvantage Webinar

  1. 1. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Building L2VPNs with Provider Backbone Bridging Ethernet VPN (PBB-EVPN) Implementation and Use Cases April 23rd, 2014 Tina Lam (tinalam@cisco.com) Jose Liste (jliste@cisco.com) 1  
  2. 2. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Today’s Presenters §  Tina Lam (tinalam@cisco.com) Product Manager Cisco §  Jose Liste (jliste@cisco.com) Technical Marketing Engineer Cisco 2  
  3. 3. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Agenda What  is  PBB-­‐EVPN  and  its  benefits?   PBB-­‐EVPN  in  ASR9000   Demonstra?on   Summary   Use  Cases  
  4. 4. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public What is PBB-EVPN? §  xEVPN family introduces next generation solutions for Ethernet services ‒  BGP control-plane for Ethernet Segment and MAC distribution and learning over MPLS core ‒  Same principles and operational experience of IP VPNs §  No use of Pseudowires ‒  Uses MP2P tunnels for unicast ‒  Multi-destination frame delivery via ingress replication (via MP2P tunnels) or LSM §  Multi-vendor solutions under IETF standardization E-LAN E-LINE E-TREE EVPN VPWS EVPN E-TREE PBB- EVPN EVPN Focus of Presentation
  5. 5. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Business Advantages • All-Active (per-flow) access load-balancing • Fast convergence (link / node / MAC moves) Business Continuity Service Robustness • Control-plane (BGP) learning in the Core. PWs no longer used • Scalability of IP VPN. MAC address scalabilityDesigned to Scale • Per-flow and per-service access load-balancing • PE load-balancing (BGP multi-pathing). Access / core ECMPCapEx Optimization • Peer PEs auto-discovery. Redundancy group auto-sensing • Operational consistency with L3 IP VPN Ease of Provision and Operation • Support existing and new service types (E-LAN, E-Line, E- TREE, VLAN-aware bundling)Service Flexibility • Open standard • Multi-vendor supportInvestment Protection 5  
  6. 6. PBB-EVPN in Cisco ASR9000 6  
  7. 7. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Introducing PBB-EVPN in Cisco ASR 9000 §  Introducing the next-generation of L2VPNs – Provider Backbone Bridging Ethernet VPN (PBB- EVPN) §  Support across Cisco ASR 9000 series router family ‒ From ASR9001-S to ASR9922 §  Support starting with Cisco IOS- XR release 4.3.21 (FCS 09/2013) §  Enhanced Ethernet Line Cards (Typhoon) required as Ingress and Egress linecards (1) PBB-EVPN support started in IOS-XR 4.3.2 and 5.1.1 releases
  8. 8. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB Ethernet VPN §  Next generation solution for Ethernet multipoint (E-LAN) services by combining Provider Backbone Bridging (PBB - IEEE 802.1ah) and Ethernet VPN §  Data-plane learning of local C-MACs and remote C-MAC to B-MAC binding §  PEs run Multi-Protocol BGP to advertise local Backbone MAC addresses (B-MACs) & learn remote B-MACs ‒  Takes advantage of PBB encapsulation to simplify BGP control plane operation – faster convergence ‒  Lowers BGP resource usage (CPU, memory) on deployed infrastructure (PEs and RRs) §  Under standardization at IETF – WG draft: draft-ietf-l2vpn-pbb-evpn Highlights MPLS PE1 CE1 PE2 PE3 CE3 PE4 B-MAC: B-M1 B-M2 B-M2 BGP MAC adv. Route EVPN NLRI MAC B-M1 via PE2 B-MAC: B-M1 Control-plane address advertisement / learning over Core (B-MAC) Data-plane address learning from Access • Local C-MAC to local B- MAC binding Data-plane address learning from Core • Remote C-MAC to remote B-MAC binding PBB Backbone Edge Bridge EVPN PBB-EVPN PE C-MAC: MB C-MAC: MA
  9. 9. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public To PBB or not to PBB? §  What is the value of combining PBB and EVPN functions? §  Lower control-plane overhead than EVPN alone ‒  PBB-EVPN uses only a sub-set of EVPN routes ‒  Simpler and Faster failure convergence for all-active multi-homing scenarios ‒  Faster MAC move convergence handled in data-plane §  Lower control-plane scale requirements than EVPN alone ‒  BGP MAC advertisements for smaller Backbone MAC (B-MAC) address space ‒  Requires less resources (CPU, memory) on deployed infrastructure (PEs / RRs) 9   PBB
  10. 10. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Provider Backbone Bridging Overview §  PBB (IEEE 802.1ah-2008) defines an architecture that includes ‒  224 service instances (I-SID) per B-VLAN ‒  MAC-in-MAC §  I-Component ‒  Learns & forwards using C-MACs ‒  Maintains a mapping table of C-MACs to B-MACs ‒  Performs PBB encap/decap on PIP §  B-Component ‒  Learns & forwards using B-MACs ‒  Push / pop B-VLAN on CBP 10   B-comp I-comp I-comp I-comp IB-BEB = I-/B-comp Backbone Edge Bridge I-SID = Backbone Service Instance Identifier PIP = Provider Instance Port CBP = Customer Backbone Port PIP CBP IB-BEB L2Core L2Access B-DA / B-SA B-Tag I-TAG C-DA / C-SA Customer Frame B-DA / B-SA I-TAG C-DA / C-SA Customer Frame C-DA / C-SA Customer Frame 6B 4B 12B
  11. 11. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Concepts Ethernet Segment •  Represents a ‘site’ connected to one or more PEs •  Uniquely identified by a 10- byte global Ethernet Segment Identifier (ESI) •  Could be a single device or an entire network Single-Homed Device (SHD) Multi-Homed Device (MHD) Single-Homed Network (SHN) Multi-Homed Network (MHN) BGP Routes •  EVPN and PBB-EVPN define a single new BGP NLRI used to carry all EVPN routes •  NLRI has a new SAFI (70) •  Routes serve control plane purposes, including: MAC address reachability MAC mass withdrawal Split-Horizon label adv. Aliasing Multicast endpoint discovery Redundancy group discovery Designated forwarder election EVPN Instance (EVI) •  EVI identifies a VPN in the network •  Encompass one or more bridge-domains, depending on service interface type Port-based VLAN-based (shown above) VLAN-bundling VLAN aware bundling (NEW) BGP Route Attributes •  New BGP extended communities defined •  Expand information carried in BGP routes, including: MAC address moves C-MAC flush notification Redundancy mode MAC / IP bindings of a GW Split-horizon label encoding PE   BD   BD   EVIEVI PE1   PE2   CE1   CE2   SHD   MHD   ESI1   ESI2   Route Types [1] Ethernet Auto-Discovery (AD) Route [2] MAC Advertisement Route [3] Inclusive Multicast Route [4] Ethernet Segment Route Extended Communities ESI MPLS Label ES-Import MAC Mobility Default Gateway Used by PBB-EVPN
  12. 12. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Model Cisco ASR 9000 BD-1 BD-2 BD-3 BD-4I-SID X I-Component: PBB Edge Bridges Domain B-Component: PBB Core Bridges Domain I-SID Y I-SID Z BD-5 EVI aaa EVI bbb Interface (Physical / Bundle) Ethernet Segment Identifier (ESI) Source B-MAC MPLS EVPN Forwarder Ethernet Flow Points (EFP) (Layer2 sub-if)
  13. 13. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Model Cisco ASR 9000 BD-1 BD-2 BD-3 BD-4I-SID X I-SID Y I-SID Z BD-5 EVI aaa EVI bbb VFI EoMPLS PW VPLS VFI MPLS EVPN Forwarder VPLS VFI (PBB-VPLS)1 VFI (1) Co-existence of VPLS VFI and EVI under same Core BD in IOS-XR 5.1.2 (Apr. 14) Connecting with existing services I-Component: PBB Edge Bridges Domain B-Component: PBB Core Bridges Domain
  14. 14. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Encapsulation B-DA B-SA E-type (I-TAG 0x88E7) I-TAG DA SA 802.1q Tag (0x8100) C-VID Payload E-Type Payload DA SA E-type (802.1q 0x8100) C-VID Payload E-Type Payload EVPN MPLS label Control Word PBB Header Customer Frame BD BD I-SID X EVI aaa EVPN Forwarder DA (NH router) SA E-type (MPLS 0x8847) PSN MPLS label EVPN MPLS label Control Word PBB Header Customer Frame 6B 6B 2B 4B 4B 4B 18B 4B 24-bit I-SID inside I-TAG MPLS Ethernet Access
  15. 15. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public MPLS PBB-EVPN Operation Multicast Tunnel ID / Endpoint Discovery1 15   BD EVPN Forwarder BD BDI-SID X I-SID Y Flood List Entry 1: PE 2 – label D Entry 2: PE 4 – label E I-SID Y EVI aaa PE2 PE3 PE4 PE1 I-SID X Flood List Entry 1: PE 2 – label A Entry 2: PE 3 – label B Entry 3: PE 4 – label C X X X Y Y RR At start-up, PEs send EVPN Inclusive Multicast routes to signal I-SID membership Inclusive Multicast route signals MPLS label to be used in the downstream direction 1 2 2 EVPN Inclusive Multicast route CE2 CE4 CE1 CE3 (1) Ingress / Head Replication model shown
  16. 16. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public MPLS PBB-EVPN Operation B-MAC Reachability Advertisement 16   BD EVPN Forwarder BD BDI-SID X I-SID Y EVI aaa PE3 PE1 L2 Routing Information Base (RIB) B-DA2; Next Hop PE2; label F B-DA3; Next Hop PE3; label G B-DA4; Next Hop PE4; label H CE2 PE2 CE4PE4 B-DA2 B-DA4 RR B-DA1 CE1 2 At start-up, PEs send EVPN MAC Advertisement route for local B-MAC/EVI 1 B-DA3 MAC Advertisement route signals MPLS label to be used in the downstream direction EVPN MAC Advertisement route CE3
  17. 17. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public MPLS PBB-EVPN Operation Multi-Destination Traffic Forwarding (Per-ISID Ingress Replication) 17   BD EVPN Forwarder BD BDI-SID X I-SID Y Flood List Entry 1: PE 2 – label D Entry 2: PE 4 – label E I-SID Y EVI aaa PE2 PE3 PE4 PE1 I-SID X Flood List Entry 1: PE 2 – label A Entry 2: PE 3 – label B Entry 3: PE 4 – label C X Ingress replication with Per-ISID flooding 3 copies for I-SID X 2 copies for I-SID Y Multi-destination Traffic •  Unknown unicast •  Broadcast •  Multicast 1 2 CE2 CE4 CE3 X Y X Y CE1 B-DA1C-MAC1a SA: C-MAC1a DA: FFFF.FFFF.FFFF SA: C-MAC1b DA: FFFF.FFFF.FFFF C-MAC1b CAM Table I-SID X Entry1: C-MAC1a; B-DA1 CAM Table I-SID Y Entry1: C-MAC1b; B-DA1 3
  18. 18. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public MPLS PBB-EVPN Operation Known Unicast Traffic Forwarding 18   BD EVPN Forwarder BD BDI-SID X I-SID Y EVI aaa PE3 PE1 CAM Table I-SID X Entry1: C-MAC1a; local Entry2: C-MAC2; B-DA2 Entry3: C-MAC4; B-DA4 L2 Routing Information Base (RIB) B-DA2; Next Hop PE2; label F B-DA3; Next Hop PE3; label G B-DA4; Next Hop PE4; label H Known Unicast Traffic CE2 C-MAC2 PE2 CE4 C-MAC4 PE4 B-DA2 B-DA4 B-DA1C-MAC1a CE1 SA: C-MAC1a DA: C-MAC2 SA: C-MAC1a DA: C-MAC4 1 Lookup Lookup B-DA2 B-DA4 PE2; label F PE4; label H Known Unicast delivered to specific remote PEs 2
  19. 19. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Failure Scenarios / Convergence Link / Segment Failure – All-Active Load-Balancing MPLS PE1 CE1 PE2 PE3 CE3 PE4 PE3, PE4 RIB VPN MAC ESI RT-a B-M1 n/a Path List NH PE1 PE2 PE1 withdraws B-MAC advertised for failed segment (B-M1) 2 PE2 reruns DF election. Becomes DF for all I- SIDs on segment 4 PE3 / PE4 remove PE1 from path list for B- MAC (B-M1) 3 PE1 detects failure of one of its attached segments 1 PE1 B-M1 B-M1 B-M2 B-M2 PE1 withdraws Ethernet Segment Route 2 At idle state, PE3, PE4 install two (2) next hops for B-MAC B-M1
  20. 20. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Operational Scenarios MAC Mobility 20   MAC Mobility MPLS PE1 CE1 PE2 PE3 CE3 PE4 MPLS PE1 CE1 PE2 PE3 CE3 PE4 VID 100 SMAC: M1 DMAC: M2 PE1 learns C-MAC M1 on local port and forwards across core according to C-MAC DA to Remote B-MAC mapping 1 Host M1 moves from CE1 to CE3’s location 3 M1 M1 M1 VID 100 SMAC: M1 DMAC: F.F.F Via data-plane learning, PE3 learns C-MAC M1 via B- MAC B-M1 2 After move, host sends Gratuitous/Reverse ARP at new location, PE3 updates C-MAC M1 location (local port.) PE3 also forwards across core according to C- MAC DA to Remote B-MAC mapping 4 Via data-plane learning, PE1 updates C-MAC M1 location (via B-MAC B-M2) 5 B-M1 B-M1 B-M2 B-M2 L1L2 PBB PE1 MAC Table I-SID xyz C-MAC B-MAC M1 - PE3 MAC Table I-SID xyz C-MAC B-MAC M1 B-M1 PE3 MAC Table I-SID xyz C-MAC B-MAC M1 - PE1 MAC Table I-SID xyz C-MAC B-MAC M1 B-M2 1 4 1 4 2 5 B-M1 B-M1 B-M2 B-M2 L3L4 PBB MAC Mobility event handled entirely by data-plane learning
  21. 21. Multi-Homing Use Cases 21  
  22. 22. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN §  Null Ethernet Segment Identifier (ESI) §  No DF election / No vlan carving Access Multi-Homing Options 22   PE1 CE1 MPLS Core PE2 BMAC 1 ESI W BMAC 1 ESI W Dual Home Device (DHD) All-Active (Per-Flow) LB VID X VID X PE1 CE1 MPLS Core PE2 BMAC 2 ESI W BMAC 1 ESI W Dual Home Device (DHD) Single-Active (Per-Service) LB VID X VID Y §  Main candidate for Data Center deployments §  Identical B-MAC and ESI on PEs §  Different B-MACs and identical ESI on PEs §  Per service (I-SID) carving (manual or automatic) §  CE flush via STP TCN / MVRP PE1 CE1 MPLS Core ESI Null Single Home Device (SHD) Single Home Network (SHN) VID X VID X CE2 ESI Null
  23. 23. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Access Multi-Homing Options (cont.) 23   PE1 CE1 MPLS Core PE3 BMAC 1 ESI W BMAC 1 ESI W Multi Home Device (MHD) All-Active (Per-Flow) LB VID X VID X Multi Home Device (MHD) Single-Active (Per-Service) LB §  More than two (2) PEs in redundancy group §  Same as DHD All-Active Load-balancing §  More than two (2) PEs in redundancy group §  Same as DHD Single- Active Load-balancing PE2 PE1 CE1 MPLS Core PE3 BMAC 3 ESI W BMAC 1 ESI W VID X VID Z PE2 VID YVID X BMAC 1 ESI W BMAC 2 ESI W
  24. 24. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Access Multi-Homing Options (cont.) 24   MPLS Core §  Treated as SHN by PEs ‒  Null ESI; No DF election / No service carving §  Ring operation controlled by R-APS protocol MPLS Core §  Treated as SHN by PEs ‒  Null ESI; No DF election / No service carving §  Segment operation controlled by REP protocol §  Different B-MAC on PEs §  Identical ESI on PEs §  Per service (I-SID) carving (manual or automatic) §  CE flush via STP TCN / MVRP PE1 PE2 CE2 CE1 Dual Home Network (DHN) Single-Active (Per-Service) LB MPLS Core BMAC 2 ESI W BMAC 1 ESI W VID X VID Y PE1 PE2 CE2 CE1 REP Dual Home Network (DHN) REP ALT port REP Edge No Neighbour REP-AGREP-AG ESI Null ESI Null VID X VID Y VID X VID Y PE1 PE2 CE2 CE1 G.8032 Open Sub-ring Dual Home Network (DHN) ITU-T G.8032 R-APS RPL Link ESI Null ESI Null VID X VID Y VID X VID Y
  25. 25. Demonstration 25  
  26. 26. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Demonstration Topology P P P P PE3 ASR9006 PE1 ASR9006 PE2 ASR9001 CE2 CE3 CE1 TG TG TG I-SID 111010 I-SID 111020 I-SID 111030 EVI 111 Three (3) E-LAN services between CE-1, CE-2, CE-3 DHD Active/Active per Flow SHD SHD with Bundle Legend: SHD = Single-Home Device DHD = Dual-Home Device TG = Traffic Generator Lo0 14.14.14.7 Lo0 14.14.14.5 Lo0 14.14.14.6 Focus of Demonstration
  27. 27. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public Summary §  PBB-EVPN is a next-generation L2VPN solution based on BGP control-plane for MAC distribution/learning over the core §  PBB-EVPN was designed to address following requirements: ‒  All-active Redundancy and Load Balancing ‒  Simplified Provisioning and Operation ‒  Optimal Forwarding ‒  Fast Convergence §  In addition, PBB-EVPN and its inherent MAC-in-MAC hierarchy provides: ‒  Simplified control plane operation and faster convergence ‒  Lower control-plane scale requirements (BGP CPU and memory) ‒  MAC address Scalability §  PBB-EVPN applicability goes beyond DCI into Carrier Ethernet use cases 27  
  28. 28. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public References §  Cisco.com PBB-EVPN User Documentation: http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r5-1/lxvpn/ configuration/guide/lesc51x/lesc51pbb.html §  (Video / Slides) Cisco Live 365: BRKMPL-2333: E-VPN and PBB-EVPN: The Next Generation of MPLS-Based Layer 2 VPN (2014 Milan) https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=76547 §  You can also meet us at Cisco Live 2014 – San Francisco (May 19-24) ‒ Breakout Session: BRKMPL-2333 ‒ Request a Meet The Expert (MTE) session 28  
  29. 29. © 2012 Cisco and/or its affiliates. All rights reserved.Presentation_ID Cisco Public
  30. 30. © 2014 Cisco and/or its affiliates. All rights reserved.jliste@cisco.com Cisco Public PBB-EVPN Shipping Features IOS-XR 4.3.2 – Aug 2013 XR 5.1.2 – Apr 2014 ASR9K1 PBB-EVPN Introduction • Port, VLAN, VLAN-bundle Mode • PE Auto-discovery • Ethernet Segment Identifier Auto-config w/ LACP • Single-homing • Single-active Multi-homing • All-active Multi-homing • Access Redundancy w/ LACP, G.8032, MST, nV Cluster • Designated Forwarding (DF) election • MAC Mobility • Multicast Ingress Replication • BGP ISSU and NSR • BGP Route Reflector (RR) for PBB-EVPN PBB-EVPN Enhancement • MAC Security on PBB-EVPN • PBB-EVPN and PBB-VPLS Seamless Integration IOS XE 3.11 – Nov 2013 ASR1K • BGP Route Reflector (RR) for PBB-EVPN (1) Requires use of Enhanced Ethernet Linecards (Typhoon) for access-facing and core-facing interfaces

×