Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Traffic Engineering with
Segment Routing
Leonir Hoxha
Cisco Systems @ccie49534
Agenda
• Segment Routing Building Blocks
• SR Traffic Engineering
• Low Latency paths
• Disjoint paths
• L3VPN
Segment Routing
• Source Routing
• the source chooses a path and encodes it in the packet header as an
ordered list of seg...
Segment Routing – Forwarding Plane
• MPLS: an ordered list of segments is represented as a stack of
labels
• Segment Routi...
Global and Local Segments
• Global Segment
• Any node in SR domain understands associated instruction
• Each node in SR do...
Global Segments – Global Label Indexes
• Global Segments always distributed as a label range (SRGB) + Index
• Index must b...
IGP Segment Identifiers
• Two types of Segment IDs distributed by IGP
- Prefix Segments (also known as Node Segment)
- Adj...
Node Segment ID
• Shortest-path to the IGP prefix
• Global Segment
• Label = 16000 + Index
• Advertised as index
Node Segment ID
• Shortest-path to the IGP prefix
- Equal Cost MultiPath (ECMP)-aware
• Distributed by ISIS/OSPF
- A node ...
Adjacency Segment
• C advertises the Adjacency Segment via ISIS/OSPF
• C is the only node to install the adjacency segment...
Combining IGP Segments
• Steer traffic on any path through
the network
• Path is specified by list of
segments in packet h...
SRTE
High Level Architecture
Area XArea Y Area Z
PCE controller
Router
PCC Router
Router Router
BGP-LS
BGP-LS
PCEP
• SR PCE hav...
Binding Segment ID
• Binding Segment represents a tunnel at SR
• The Binding Segment is a local segment
• Has local signif...
Binding Segment
• Binding-SID use-case examples:
– Label stack “compression”: nesting and stitching SRTE Policies
DC
WAN
P...
DC WAN Access
Unicast-SID 17001
Anycast-SID 18001 Unicast-SID 16001
Service Orchestrator
Unicast-SID 17002
Anycast-SID 180...
XML YANG:
- PW-123 from ToR1 to AC1
Hint:
1. PCE collect topology and SID via BGP LS
2. Service Orchestrator to configure ...
DC WAN Access
Unicast SID 17001
Anycast SID 18001 Unicast-SID 16001
Service Orchestrator
Unicast SID 17002
Anycast SID 180...
DC WAN Access
Unicast SID 17001
Anycast SID 18001 Unicast-SID 16001
Service Orchestrator
Unicast SID 17002
Anycast SID 180...
Hint:
1. PCE collect topology and SID via BGP LS
2. Service Orchestrator to configure service
3. ToR1 check if he has LSP ...
DC WAN Access
Unicast SID 17001
Anycast SID 18001 Unicast-SID 16001
Service Orchestrator
Unicast SID 17002
Anycast SID 180...
DC WAN Access
Unicast SID 17001
Anycast SID 18001 Unicast-SID 16001
Service Orchestrator
Unicast SID 17002
Anycast SID 180...
DC WAN Access
Unicast SID 17001
Anycast SID 18001 Unicast-SID 16001
Service Orchestrator
Unicast SID 17002
Anycast SID 180...
Hint:
1. Isolated domains with no redistribution.
2. CPE send BGP update for prefix X and add LL
community ex: 100:777
Tec...
Hint:
1. Isolated domains with no redistribution.
2. CPE send BGP update for prefix X and add LL
community ex: 100:777
NLR...
Hint:
1. CPE send BGP update for prefix X and add LL
community
2. AC1 PE announce VPN prefix X with LL
community
Technical...
Hint:
1. CPE send BGP update for prefix X and add LL
community
2. AC1 PE announce VPN prefix X with LL
community
3. On dem...
• De Facto next generation Network Transport Architecture
• Traffic Engineering with SR made simple and flexible
• Distrib...
Thank you.
@ccie49534
Upcoming SlideShare
Loading in …5
×

PLNOG 18 - Leonir Hoxha - Traffic Engineering with Segment Routing

101 views

Published on

YouTube: https://www.youtube.com/watch?v=uh6x_0BE2ls&index=17&list=PLnKL6-WWWE_VNp6tUznu7Ca8hBF8yjKj2

Published in: Technology
  • Be the first to comment

  • Be the first to like this

PLNOG 18 - Leonir Hoxha - Traffic Engineering with Segment Routing

  1. 1. Traffic Engineering with Segment Routing Leonir Hoxha Cisco Systems @ccie49534
  2. 2. Agenda • Segment Routing Building Blocks • SR Traffic Engineering • Low Latency paths • Disjoint paths • L3VPN
  3. 3. Segment Routing • Source Routing • the source chooses a path and encodes it in the packet header as an ordered list of segments • the rest of the network executes the encoded instructions • Segment: an identifier for any type of instruction • forwarding or service
  4. 4. Segment Routing – Forwarding Plane • MPLS: an ordered list of segments is represented as a stack of labels • Segment Routing re-uses MPLS data plane without any change • Segment represented as MPLS label • IPv6: an ordered list of segments is encoded in a routing extension header • SR Operations: PUSH, CONTINUE, NEXT.
  5. 5. Global and Local Segments • Global Segment • Any node in SR domain understands associated instruction • Each node in SR domain installs the associated instruction in its forwarding table • Local Segment • Only originating node understands associated instruction • MPLS: locally allocated label
  6. 6. Global Segments – Global Label Indexes • Global Segments always distributed as a label range (SRGB) + Index • Index must be unique in Segment Routing Domain • Best practice: same SRGB on all nodes • Global Segments are global label values, simplifying network operations • Default SRGB: 16,000 – 23,999 • All vendors also use this label range
  7. 7. IGP Segment Identifiers • Two types of Segment IDs distributed by IGP - Prefix Segments (also known as Node Segment) - Adjacency Segment (Adj-SID)
  8. 8. Node Segment ID • Shortest-path to the IGP prefix • Global Segment • Label = 16000 + Index • Advertised as index
  9. 9. Node Segment ID • Shortest-path to the IGP prefix - Equal Cost MultiPath (ECMP)-aware • Distributed by ISIS/OSPF - A node segment to 16078 distributes traffic across all ECMP paths to node O.
  10. 10. Adjacency Segment • C advertises the Adjacency Segment via ISIS/OSPF • C is the only node to install the adjacency segment in FIB • Advertised as label value
  11. 11. Combining IGP Segments • Steer traffic on any path through the network • Path is specified by list of segments in packet header, a stack of labels • No path is signaled • No per-flow state is created • Single protocol: IS-IS or OSPF 1 2 3 4 5 16004 24045 16004 24045 Packet to 5 24045 Packet to 5 All nodes use default SRGB 16,000 – 23,999
  12. 12. SRTE
  13. 13. High Level Architecture Area XArea Y Area Z PCE controller Router PCC Router Router Router BGP-LS BGP-LS PCEP • SR PCE have multi-domain topology view --feed via BGP-LS from multiple domains • Stateful PCE with native SRTE algorithms. • PCEP Messages: • PCEP Request (PCC -> PCE) • PCEP Reply (PCE -> PCC) • PCC Report (PCC -> PCE) • PCE Update (PCE -> PCC) • PCE Initiate (PCE -> PCC) TEDLSP-DB
  14. 14. Binding Segment ID • Binding Segment represents a tunnel at SR • The Binding Segment is a local segment • Has local significance • A Binding-Segment ID identifies a SRTE Policy • Each SRTE Policy is associated 1-for-1 with a Binding-SID • Packets received with Binding-SID as top label are steered into the SRTE Policy associated with the Binding-SID • Binding-SID label is popped, SRTE Policy’s SID list is pushed
  15. 15. Binding Segment • Binding-SID use-case examples: – Label stack “compression”: nesting and stitching SRTE Policies DC WAN PCE controller WAN Headend TOR AC1 PCC Report - 17002,17003,17004 - Binding SID 4001 Unicast-SID 17001 Unicast-SID 17003 Unicast-SID 17004 Unicast-SID 17002 PCEP Reply - 17001,4001 - Instead of 17001,17002,17003,17004 PCEP Request Could you provide me the ERO for AC1? IP 4001 17001 IP 17004 17003 17002 IP 4001 IP 17004 17003 IP 17004 IP 1 2 3
  16. 16. DC WAN Access Unicast-SID 17001 Anycast-SID 18001 Unicast-SID 16001 Service Orchestrator Unicast-SID 17002 Anycast-SID 18001 Unicast-SID 17003 Anycast-SID 18002 Unicast-SID 17004 Anycast-SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 BGP Link State Hint: 1. PCE collect topology and SID via BGP LS 2. Including ip address and SID On demand SR Next Hop ISIS SR2 SRGB 16000-16999 ISIS SR3 SRGB 16000-16999 ISIS SR1 SRGB 17k-18k BGP Route Reflector
  17. 17. XML YANG: - PW-123 from ToR1 to AC1 Hint: 1. PCE collect topology and SID via BGP LS 2. Service Orchestrator to configure service DC WAN Access Unicast SID 17001 Anycast SID 18001 Unicast-SID 16001 Service Orchestrator Unicast SID 17002 Anycast SID 18001 Unicast SID 17003 Anycast SID 18002 Unicast SID 17004 Anycast SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 XML YANG: - PW-123 from AC1 to ToR1 On demand SR Next Hop BGP Route Reflector
  18. 18. DC WAN Access Unicast SID 17001 Anycast SID 18001 Unicast-SID 16001 Service Orchestrator Unicast SID 17002 Anycast SID 18001 Unicast SID 17003 Anycast SID 18002 Unicast SID 17004 Anycast SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 Hint: 1. PCE collect topology and SID via BGP LS 2. NMS/OSS to configure service 3. ToR1 check if he has LSP to AC1 Yes -> use it No -> next slide Do I have LSP to AC1 ? On demand SR Next Hop BGP Route Reflector
  19. 19. DC WAN Access Unicast SID 17001 Anycast SID 18001 Unicast-SID 16001 Service Orchestrator Unicast SID 17002 Anycast SID 18001 Unicast SID 17003 Anycast SID 18002 Unicast SID 17004 Anycast SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 Hint: 1. PCE collect topology and SID via BGP LS 2. Service Orchestrator to configure service 3. ToR1 check if he has LSP to AC1 4. ToR1 request LSP to PCEPCEP request - Could you provide me the ERO to reach AC1 ? PCEP reply - ERO is: 18001,18002,16001 1 2 3 On demand SR Next Hop BGP Route Reflector
  20. 20. Hint: 1. PCE collect topology and SID via BGP LS 2. Service Orchestrator to configure service 3. ToR1 check if he has LSP to AC1 4. ToR1 request LSP to PCE 5. ToR1 report service state to orchestrator DC WAN Access Unicast-SID 17001 Anycast-SID 18001 Unicast-SID 16001 Service Orchestrator Unicast-SID 17002 Anycast-SID 18001 Unicast-SID 17003 Anycast-SID 18002 Unicast-SID 17004 Anycast-SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 XML YANG notification: - PW-123 is UP On demand SR Next Hop Ethernet PW 16001 18002 18001 Ethernet PW 16001 18002 Ethernet PW 16001 Ethernet Ethernet BGP Route Reflector
  21. 21. DC WAN Access Unicast SID 17001 Anycast SID 18001 Unicast-SID 16001 Service Orchestrator Unicast SID 17002 Anycast SID 18001 Unicast SID 17003 Anycast SID 18002 Unicast SID 17004 Anycast SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 ODN with policy XML YANG: - PW-123 from ToR1 to AC1 - PW-124 from ToR2 to AC2 - Policy: Disjoin GID 123 XML YANG: - PW-123 from AC1 to ToR1 - PW-124 from AC2 to ToR2 - Policy: Disjoin GID 123 Hint: 1. PCE collect topology and SID via BGP LS 2. Service Orchestrator to configure service BGP Route Reflector
  22. 22. DC WAN Access Unicast SID 17001 Anycast SID 18001 Unicast-SID 16001 Service Orchestrator Unicast SID 17002 Anycast SID 18001 Unicast SID 17003 Anycast SID 18002 Unicast SID 17004 Anycast SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 Hint: 1. PCE collect topology and SID via BGP LS 2. Service Orchestrator to configure service 3. ToR1 and ToR2 check if they has LSP to AC1 and AC2 respectively. 4. ToR1 and ToR2 request LSP to PCE PCEP request - Could you provide me the ERO to reach AC1 ? - Policies are G-ID 123 1 ODN with policy 2 BGP Route Reflector PCEP request - Could you provide me the ERO to reach AC2 ? - Policies are G-ID 123
  23. 23. DC WAN Access Unicast SID 17001 Anycast SID 18001 Unicast-SID 16001 Service Orchestrator Unicast SID 17002 Anycast SID 18001 Unicast SID 17003 Anycast SID 18002 Unicast SID 17004 Anycast SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 Hint: 1. PCE collect topology and SID via BGP LS 2. Service Orchestrator to configure service 3. ToR1 and ToR2 check if they has LSP to AC1 and AC2 respectively. 4. ToR1 and ToR2 request LSP to PCE 5. PCE sees the same Disjoint ID and computes two Disjoint paths PCEP reply - ERO is: 17002,17004,16002 3 4 ODN with policy PCEP reply - ERO is: 17001,17003,16001 BGP Route Reflector Ethernet PW 16001 17003 17001 Ethernet PW 16002 17004 17002 Ethernet PW 16001 17003 Ethernet PW 16002 17004 Ethernet PW 16001 Ethernet PW 16002
  24. 24. Hint: 1. Isolated domains with no redistribution. 2. CPE send BGP update for prefix X and add LL community ex: 100:777 Technical name: BGP SR-TE dynamic DC WAN Access Unicast SID 17001 Anycast SID 18001 Unicast-SID 16001 Unicast SID 17002 Anycast SID 18001 Unicast SID 17003 Anycast SID 18002 Unicast SID 17004 Anycast SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 CPE2CPE1 On demand steering for BGP services BGP Route Reflector BGP-LS BGP-LS BGP-LS
  25. 25. Hint: 1. Isolated domains with no redistribution. 2. CPE send BGP update for prefix X and add LL community ex: 100:777 NLRI: 1.1.1.1/32 Community: 100:777 Technical name: BGP SR-TE dynamic DC WAN Access Unicast SID 17001 Anycast SID 18001 Unicast-SID 16001 Unicast SID 17002 Anycast SID 18001 Unicast SID 17003 Anycast SID 18002 Unicast SID 17004 Anycast SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 CPE2 BGP Route Reflector CPE1 On demand steering for BGP services
  26. 26. Hint: 1. CPE send BGP update for prefix X and add LL community 2. AC1 PE announce VPN prefix X with LL community Technical name: BGP SR-TE dynamic DC WAN Access Unicast SID 17001 Anycast SID 18001 Unicast-SID 16001 Unicast SID 17002 Anycast SID 18001 Unicast SID 17003 Anycast SID 18002 Unicast SID 17004 Anycast SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 CPE2 BGP Route Reflector NLRI: 1.1.1.1/32 Community: 100:777 CPE1 On demand steering for BGP services
  27. 27. Hint: 1. CPE send BGP update for prefix X and add LL community 2. AC1 PE announce VPN prefix X with LL community 3. On demand Next Hop LL to PCE controller 4. Install explicit path for prefix X in VRF Technical name: BGP SR-TE dynamic DC WAN Access Unicast SID 17001 Anycast SID 18001 Unicast-SID 16001 Unicast SID 17002 Anycast SID 18001 Unicast SID 17003 Anycast SID 18002 Unicast SID 17004 Anycast SID 18002 ToR1 ToR2 ABR1 ABR2 ABR3 ABR4 AC1 Unicast-SID 16002 Unicast-SID 16001 Unicast-SID 16002 PCE controller AC2 CPE2 BGP Route Reflector CPE1 PCEP request - Could you provide me the ERO to reach AC1 ? - Policy is LL PCEP reply - ERO is: 17001,17003,16001 1 2 3 On demand steering for BGP services
  28. 28. • De Facto next generation Network Transport Architecture • Traffic Engineering with SR made simple and flexible • Distributed or Centralized • No State in the network • Supports IPv6 as Data Plane Summary SR hands-on demo?... contact me 
  29. 29. Thank you. @ccie49534

×