Post on 09-Sep-2015
description
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Presented by Lim Fung HEROBU Technical Marketing
July 2013
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
CE S-PE P1
L2 PE, e.g. DSLAM
PW
Access Network
Global IP/MPLS Network
AC
L2 PE
AC
1. Customer edge (CE) node. This is typically a router but could be a host, DSLAM or Ethernet aggregation switch of some sort.
2. L2/PW feeder switch. The element may be a specialized, low-cost network node designed and optimized around Ethernet and PW functions. Most commonly it will be an aggregation node or an access node.
3. IOS-XR Service PE. This is where the PW termination onto a virtual interface and then attachment of the virtual interface to a L3 service instance is performed.
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
CPE S-PE P1
L2 PE, e.g. DSLAM
PW
Access Network
Global IP/MPLS Network
AC
PWs originate on L2/PW feeder nodes and terminated on an L3 service instance (VRF) at the S-PE
Cisco Confidential 2010 Cisco and/or its affiliates. All rights reserved. 4
EMSE ASR9K
Transport
Network
Residential
STB
Business
Corporate
Mobile 2G/3G / LTE
ASR9000 PE
L2/L3 VPN, BNG PW PW-HE*
ME3600 ME3800 ASR903 ASR901
IP/ MPLS Core VRF
BNG
VPLS/EVPN
1. Decoupling of service models from transport
2. Simplify transport models Unified MPLS 3. Sonet/SDH like OAM and resiliency with
MPLS-TP/MPLS-TE
4. Collapse Metro-PE and MSE
1. Leased transport or Multiple management domains
2. Multi-technology access/aggregation
3. SLA management 4. Capex optimizations
PW-HE any service anywhere
PW
-HE
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
PW
MPLS
CE PE PE
CE
xconnect xconnect
PW
MPLS
CE PE PE
xconnect xconnect
interface gig 0/0/0/1.1 l2transport
l2vpn
xconnect group vpws
p2p pwhe-red
interface gig 0/0/0/1.1
neighbor 100.100.100.100 pw-id 1
interface pw-ether 100 PWHE virtual interface
vrf vpn-red
ipv4 address 10.1.1.2/24
service-policy input pw_parent_in
service-policy output pw_parent_out
ipv4 access-group p-in-filter in
ipv4 access-group p-out-filter out
l2vpn
xconnect group pwhe
p2p pwhe-red
interface pw-ether 100
neighbor 100.100.100.100 pw-id 1
Regular VPWS
PWHE
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
PW
MPLS
CE PE PE
xconnect xconnect
PW
MPLS
CE
PE
xconnect
BD
PW
interface pw-ether 100
vrf vpn-red
ipv4 address 10.1.1.2/24
l2vpn
xconnect group pwhe
p2p pwhe-red
interface pw-ether 100
neighbor 100.100.100.100 pw-id 1
interface bvi 100
vrf vpn-red
ipv4 address 10.1.1.2/24
l2vpn
bridge group irb
bridge-domain irb
neighbor 100.100.100.100 pw-id 1
neighbor 100.100.100.100 pw-id 2
routed interface bvi 100
PWHE: p2p xconnect
IRB: multi-point bridging
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Unified MPLS end-to-end transport architecture
Flexible service edge placement with virtual PWHE interface o L3 interface in phase 1 o L2 interface/sub-interface and L3 sub-interface in future o Feature parity as regular L3 interface (please refer the later slides for the gaps and roadmaps)
CE-PE routing is over MPLS transport network. It doesnt need direct L3 link any more
CE-PE virtual link is protected by the MPLS transport network
LDP Core / Internet Core
Access PE (A-PE)
Service PE (S-PE)
CE
Pseudowire
CE L3PE
Pseudowire
Internet Peering
Business L3 VPNs
Aggregation LDP domain
CE-PE L3 link over PW
L2 PW PWHE virtual interface
L2 (port or vlan)
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Features are configured under pwhe virtual interface but they are applied on the physical interfaces
There is pwhe virtual interface to physical interface mapping
To assure QoS SLA, all traffic to/from a given pwhe interface must be mapped to a certain physical interface. So load balancing for pwhe must be per-PW basis, or per-VC load balancing
Per-VC load balancing is forced on the S-PE by the configuration
Per-VC load balancing must also be configured on the A-PE Router for ingress direction as well
Gig0/1/0/0
Pseudowire-foo
Pseudowire-foo
S-PE
Pseudowire-bar
Pseudowire-bar
Gig0/2/0/0
hash
PW-HE-foo
PW-HE-bar
Per-VC load balancing Features are applied to
physical interfaces
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
PW-HE (sub)interface is a virtual interface that is in theory global in scope and every LC has it replicated.
When features are applied on PW-HE, resources like uidb, statistics, TCAM, QOS would need to be applied on every LC/interface.
In order to overcome the scaling challenges pin-down interface list configuration has been chosen.
Both Tx and Rx of the PW-HE traffic is expected to be using the interfaces on the pin-down list
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Generic interface list (aka pin down list) generic-interface-list atom interface TenGigE0/3/1/0
PWHE interface (VC type 4 and 5) interface PW-Ether1 ipv4 address 102.102.102.1 255.255.255.0 attach generic-interface-list atom
L2VPN l2vpn pw-class atom
encapsulation mpls xconnect group one
p2p vista interface PW-Ether1
neighbor 11.0.0.1 pw-id 1 pw-class atom
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
TX pindown For core to access case, PW TX traffic will only be sent to
one of the paths in interface list (based on VC-label hash)
Make sure the paths in the Interface-List are subset of the classic ECMP pathset chosen by IGPs for APE Loopback.
If classic IGP pathset and IF-list set are disjoint PW TX traffic will be dropped.
RX path steering / Pindown For access to core case, to make sure PW RX traffic arrives
only over IF-list, the routers in Access need to steer traffic towards these interface
To achieve this we need FLEX-LDP configured on S-PE Other MPLS traffic will use existing Loopback that is used as router-ID, as we know today.
Configure Static routes in access router (P/PE) directly connected to S-PE such that these new S-PE loopbacks are only reachable only over links in the IF-list. Redistribute these static routes into IGP config on these P/PE router that is directly connected to S-PE
Note: PW traffic arriving on Non-hosting LC will be dropped.
S-PE
Pseudowire foo
Pseudowire bar
Pseudowire bar
Pseudowire bar
Pseudowire foo
Gig0/1/0/0
Gig0/2/0/0
Gig0/1/0/1
Gig0/2/0/1
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
S-PE
Gig0/1/0/0
Gig0/2/0/0
Gig0/1/0/1
Gig0/2/0/1
Pseudowire foo
Pseudowire bar
Pseudowire bar
Pseudowire bar
Pseudowire foo
Configuration in IOS XR : generic-interface-list il1
interface gig0/1/0/0
interface gig0/1/0/1
interface gig0/2/0/0
generic-interface-list il2
interface gig0/2/0/0
interface gig0/2/0/1
interface pw-ether 200
vrf vpn-green
ipv4 address 10.1.1.2/24
service-policy input pw_parent_in
service-policy output pw_parent_out
attach generic-interface-list il1
interface pw-ether 100
vrf vpn-blue
ipv4 address 10.1.2.2/24
service-policy input pw_parent_in
service-policy output pw_parent_out
attach generic-interface-list il2
l2vpn
xconnect group pwhe
p2p pwhe-foo
interface pw-ether100
neighbor 100.100.100.100 pw-id 1
p2p pwhe2-bar
interface pw-ether200
neighbor 100.100.100.100 pw-id 2
Note: Up to 8 interfaces per interface list are supported Only physical links and bundles in interface-list. No tunnels or sub-interfaces.
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
For PW-HE to be up the PW has to be up
For PW to be up, the same conditions apply as for other PWs: attributes (CW, VC type, MTU) have to match, no fault indicated by PW status etc.
PW-HE forwarding also has to be up (this means at least one interface which can carry traffic), otherwise remote (A-PE) could black-hole
Note that if user mis-configures interface-list, e.g. by adding only link(s) which dont provide the reachability to A-PE, we might black-hole traffic (the PW-HE will be up since we dont detect mismatch between interface-list and forwarding)
Thank you.