Segment Routing in SP Networks - ptnog.pt€¦ · Segment Routing Architecture...
Transcript of Segment Routing in SP Networks - ptnog.pt€¦ · Segment Routing Architecture...
Paulo ValenteSP Systems Engineer, CCIE #134566.June.2019
PTNOG::3Segment Routing in SP Networks
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Access
Aggregation
Challenges of Todays Service Creation
2
HW Appliances
Legacy Central Office
Metro Network Domain Core Network Domain Data Center Domain
Limited Cross-domain Automation
Centralized Delivery of Services
VNF
IPMPLS
L2VPN
Ethernet
L3VPN VXLAN
E2E service provisioning is lengthy and complex:ü Multiple network domains under different management teamsü Manual operationsü Heterogeneous Underlay and Overlay networks
VNF
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
From Unified MPLS to Segment RoutingProtocol stack and network simplification
Domain 1 Domain 2 Domain 3
LDP
RSVP
IGP
BGP-LU
LDP
Intra-Domain CP
Protection FRR/TE
Inter-Domain Connectivity
L2/L3VPN Services
Unified MPLSEPN 4.0
BGP
L2/L3 VPN
IGP IGP IGPLDP LDP LDP
BGP-LU
RSVP-TE RSVP-TE RSVP-TE
IGP+Segment Routing
Inter-Domain Connectivity with SLATraffic Engineering
Protection FRR – TI-LFA Intra -Domain CP
L2/L3VPN EVPN
Segment RoutingStateless Fabric
BGP
3
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Unified “Stateless Fabric” for Service Creation
4
Cloud Scale NetworkingCentral Office
Metro Network Core and Peering Network Network Data CenterAccess
Compute Leaf Spine
Virtualize
Transform the CO into a data center to enable distributed service delivery and speed up service creation
Simplify
Unified underlay and overlay networks with segment routing and EVPN
VNF VNF
VNF
VNF
BGP VPN
IGP Segment Routing
Automate
E2E Cross-domain automation with model-driven programmability and streaming telemetry
Controller
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Intent Based Network Virtualization
5
Cloud Scale NetworkingCentral Office
Metro Network Core and Peering Network Network Data CenterAccess
Compute Leaf Spine
Virtualize
Single infrastructure for different SLA and forwarding requirements
Simplify
Simplified intent based steering, per destination, per flow
VNF
VNF
VNF
VNF
BGP VPN
IGP Segment Routing
Automate
Model driven, Multi Domain Path Computation, Intent aware forwarding and protection.
Controller
uRLLCmMTC
High BandwidthEncrypted
Low Delay
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Years
2013 2014 2015 2016 2017 2018 2019
Segment Routing Customer Adoption
Planning Production
First public SegmentRouting Presentation(MPLS-WC)
FCS (IOS-XR)
First SR live Deployment(15 months after FCS)
IEFT SPRING Working Group
Significant MomentumWorldwide
6
6
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Segment Routing Standardization
IETF standardization in SPRING working group
First RFC document - RFC 7855 (May 2016)
Protocol extensions progressing in multiple groups• IS-IS• OSPF• PCE• IDR• 6MAN• BESS
Broad vendor support
Strong customer adoption and support• WEB, SP, Enterprise
7
Sample IETF Documents
Problem Statement and Requirements(RFC 7855)
Segment Routing Architecture(draft-ietf-spring-segment-routing)
IPv6 SPRING Use Cases (draft-ietf-spring-ipv6-use-cases)
Segment Routing with MPLS data plane(draft-ietf-spring-segment-routing-mpls)
Topology Independent Fast Reroute using Segment Routing(draft-bashandy-rtgwg-segment-routing-ti-lfa)
IS-IS Extensions for Segment Routing(draft-ietf-isis-segment-routing-extensions)
OSPF Extensions for Segment Routing(draft-ietf-ospf-segment-routing-extensions)
PCEP Extensions for Segment Routing(draft-ietf-pce-segment-routing)
40+ IETF drafts in progress
Segment Routing adoption
Simplified
Web / OTT
Service Providers
Enterprise
Segment RoutingThe “state” is in the packet
Seattle
New-York
Barcelona
Mexico
Madrid
Toronto LondonSegment Routing
MEXMAD
BCN
MAD
BCNBCN
1. A unique and global luggage tag is attached to the luggage with the list of stops to the final destination
2. At each stop, the luggage is simply routed to the next hop listed on the luggage tag
Path can be controlledSimple and scalableRESULT:
Intent – Route the luggage to Barcelona via Mexico and Madrid
BRKRST-2124 9© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Path expressed in the packet DataDynamic path
Explicit path
Paths optionsDynamic
(Headend computation)Explicit
(Operator / Controller)
Control PlaneRouting protocols with
extensions(IS-IS,OSPF, BGP)
SDN controller
Data PlaneMPLS
(segment labels)IPv6
(+SR header)
Segment Routing
10
An IP and MPLS source-routing architecture that seeks the right balance between distributed intelligence and centralized
optimization
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Segment Routing – Forwarding PlaneMPLS
A list of segments represented as a one or a stack of labels
IPv6A list of segments encoded directly in the IPv6 extension header
11© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Label 2
Label 3
Label 4
Label 1Active Segment
MPLS header
payload
Segment Routing Segments – MPLSThe active segment is on the top
Label 2
Label 3
Label 4
Active Segment
MPLS header
payload
Label 3
Label 4
Active Segment
MPLS header
payload
12
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Locator 1 Function 1
Locator 2 Function 2
Locator 3 Function 3
Locator 1 Function 1
Active
IPv6 header
Segment Routing Header
payload
Segment Routing Segments – IPv6Active segment is copied in the destination address
DestinationAddress
2
Locator 1 Function 1
Locator 2 Function 2
Locator 3 Function 3
Locator 2 Function 2
Active
IPv6 header
Segment Routing Header
payload
DestinationAddress
1
Locator 1 Function 1
Locator 2 Function 2
Locator 3 Function 3
Locator 3 Function 3
Active
IPv6 header
Segment Routing Header
payload
DestinationAddress
0
13
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Multiple Prefix SIDs for the same end-pointfor different intent
• Operator-defined custom IGP algorithm leveraging dedicated Prefix-SIDs set
• Example:• Operator configure pref-SID 16004
associated to Loopback 0
• Operator defines Flex-Algo 128 as “minimize delay metric”
• Prefix SID flex-algo 128 17004 associated to Loopback 0
• For each destination two different SIDs are installed in FIB
5 1
6 7
8 7
2
4
3
IGP: 100 IGP: 100 Loopback0Default Algo 0Prefix SID: 16004 Metric IGP
5 1
6 7
8 7
2
4
3
D: 1 D: 1 Loopback0Algo 128Prefix SID: 17004Metric Delay
Default IGP metric: 10Default IGP metric: 10
14
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Flex Algo properties
15
One single SID even for complex intente.g. Low Latency, exclude/include affinity..
Protected path stays in Flex Algo virtual topologyTI-LFA aware
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Circuit Optimization vs SR OptimizationIntent: path to 3 avoid links RED
2
15 3
6
8 9
2
4
15 3
6
7
8 9
SR-native algo is needed!No more circuit!
Recognized Innovation - Sigcomm 2015SID List: {7, 3}
ECMP, minimized SID list, IP-optimized
Classic TE algorithm is not efficient!!Need to specify all hops: {4, 5, 7, 3}
No ECMP, Old algorithm and technology , ATM optimized
pkt1600316007
pkt
16003
pkt
With SR we can do much better
4 7
16
Automated Steering
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
SR Policy IdentificationAn SR Policy is uniquely identified by a tuple
(end-point and color)End-point: the destination of the SR PolicyColor: a numerical value to differentiate multiple SRTE Policies between the
same pair of nodes
1
2
3
6
4
5
SR Policy
(green, 6)Color: greenEnd-point: 6
18
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
SR Policy Color
For the same end-point different colors for different SLAe.g.• Green = Low Latency• Blue = High Bandwidth
Enable Auto Steering• Policy color to match BGP ext. community color• color extended community is specified in RFC 5512
1
2
3
6
4
5
green, 6
blue, 6
19
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
SR Policy Binding SID
• A binding SID is associated to every SR policy • Programmed in the headend FIB• Explicitly configured or dynamically allocated• Enable Traffic Steering in a SR policy
• Packet received with Binding-SID as top label is steered into the SRTE Policy associated with the Binding-SID
• Binding-SID label is popped, SRTE Policy’s SID list is pushed
1
2
3
6
4
5
SR Policy
(green, 6)Color: greenEnd-point: 6
Binding SID:99000SID list 4,6
pkt99000
pkt1600616004
pkt16004
pkt
20
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Segment Routing - Automated Steering (AS)Steer traffic into SR Policy based on destination - color
BGP signaled routes: IPv4, VPNv4, EVPN• End-pont = BGP Next Hop• Route color = SR policy color
1
2
3
6
4
5
Traffic for 10.10.10.1 – NH 6
and 20.20.20.1 - NH 6
RR
20.20.20.0/2410.10.10.0/24
10.10.10.0/24 NH=6 color=GREEN20.20.20.0/24 NH=6 color=BLUE
Automated steering directs traffic based on
destination/colors Route policy to advertise routes with
specific color
21
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Conclusion
Simple, Automated and Scalable• No state in the network: state in the packet header• No tunnel interface: “SR Policy”• No head-end a-priori configuration: on-demand policy instantiation• No head-end a-priori steering: automated steering
Multi-Domain• SR Path Computation Element (SR-PCE) for compute
Flexible AlgorithmSpecific metric (e.g. delay) Specific TopologyTI-LFA traffic stay in Flex Algo topologySingle label per intent
Lots of Functionality and flexibility• Designed with lead operators along their use-cases
22
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
5G Technology Innovations
CUPS: Control/User Plane Separation
Cloud RAN – Fronthaul/Midhaul
Multi-Access Edge Computing Network Slicing
23
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Ability to run multiple logical networks as virtually independent business operations
• Simultaneous support strict SLA reqs & best effort traffic over same infra.
• Solution with Virtualisation, SDN control and overall Orchestration from E2E of Access, Transport and Mobile Core Network
5G Technology InnovationNetwork Slicing NGMN, 5G whitepaper
Slice#1_SLA1
Slice#2_SLA2
Slice#3_SLA3
SR_tunnel2 SR_tunnel2
SDN Controller
Orchestration
RAN EPC
SDN Controller
SDN Controller
• Programmability of transport network for dynamic and flexible service creation
• Automation to compute the best path and guarantee the SLA throughout service lifetime
• Independent traffic flows with specific SLAs
• Scalable, Reliable, Simple
• Statistical multiplexing for efficient network resources
24
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 provides reachability
Supports 5G growth and scale
5G
5G
5G
IoT services
Source Address
Destination Address
IPv6
Metro/Core Network
IP
4G
xDSLFTTH
Cable
LegacyDC
Supports container adoption formicro-services
Next-Gen Data Center
Micro-services
25
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Simplicity• Protocol elimination
• SLA• FRR and TE
• SDN• SR is de-facto SDN architecture
• Overlay
• NFV• 5G Slicing
SRv6 – Segment Routing & IPv6
IPv6 for reachability
SR for anything else
26
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
• SRv6 SIDs are 128-bit addresses• Locator: most significant bits are used to route the segment to its parent node• Function: least significant bits identify the action to be performed on the parent node
• Argument [optional]: Last bits can be used as a local function argument
• Flexible bit-length allocation• Segment format is local knowledge on the parent node
• SIDs have to be specifically enabled as such on their parent node• A local address is not by default a local SID• A local SID does not have to be associated with an interface
Network as a ComputerSRv6 Network instruction
Locator Function Argument1111 : 2222 : 3333 : 4444 : 5555 : 6666 : 7777 : 8888
27
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Network as a ComputerSRv6 Network instruction
Next Segment
Locator 1 Function 1
Locator 1 Function 1
Locator 2 Function 2
Locator 3 Function 3
Locator 2 Function 2
Locator 3 Function 3
28© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Network as a ComputerSRv6 Network instruction
Next Segment
Locator 2 Function 2
Locator 1 Function 1
Locator 2 Function 2
Locator 3 Function 3
Locator 1 Function 1Locator 3 Function 3
29© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Network as a ComputerSRv6 Network instruction
Next Segment
Locator 3 Function 3
Locator 1 Function 1
Locator 2 Function 2
Locator 3 Function 3
Locator 1 Function 1
Locator 2 Function 2
30© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
SRv6 for anything
Optimized for HW processinge.g. Underlay & Tenant use-cases
Optimized for SW processinge.g. NFV, Container, Micro-Service
Metadata TLV
Segments Left
Locator 1 Function 1
Locator 2 Function 2
Locator 3 Function 3
TAG
31
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Services are expressed with segments• Flexible• Scalable• Stateless
Packets from are steered through a sequence of services on their way to the server
Network as a Computer Service Chaining with SRv6
S1 S2 S3 DSR: 〈S1, S2, S3, D〉
32
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
SR-UnAware VNFs:• Application is not aware of SR at all • Leverage VPP as a vm/container vSwitch to do SRv6
processing
Service Programming with SRv6
SR-Aware VNFs:• Leverage SRv6 Kernel support to create smarter applications • SERA: SR-Aware Firewall (extension to iptables)
Types of VNFs
33
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
• A3::A32 means• App in Container 32• @ node A3::/64
• Stateless • NSH creates per-chain state
in the fabric• SR does not
• App is SR aware or not
Service ChainingIntegrated NFV
1
2
4
V/64
3
T/64
4
App 76VM
Server 5
5
3 App 32Container
Server 3IPv6 Hdr SA = A1::0, DA = A3::A32
Payload
IPv6 Hdr SA = T::1, DA = V::2
SR Hdr < A3::A32, A4::0, A5::A76, A2::C4 >
IPv6 Hdr SA = T::1, DA = V::2
Payload
34
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Integrated with underlay SLA
Service ChainingIntegrated NFV
1
2
4
V/64
3
T/64
4
App 76VM
Server 5
5
3 App 32Container
Server 3
IPv6 Hdr SA = A1::0, DA = A4::0
Payload
IPv6 Hdr SA = T::1, DA = V::2
SR Hdr < A3::A32, A4::0, A5::A76, A2::C4 >
35
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
• A5::A76 means• App in VM 76• @ node A5::/64
• Stateless • NSH creates per-chain state
in the fabric• SR does not
• App is SR aware or not
Service ChainingIntegrated NFV
1
2
4
V/64
3
T/64
4
App 76VM
Server 5
5
3 App 32Container
Server 3
IPv6 Hdr SA = A1::0, DA = A5::A76
Payload
IPv6 Hdr SA = T::1, DA = V::2
SR Hdr < A3::A32, A4::0, A5::A76, A2::C4 >
36
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Integrated with Overlay
Service ChainingIntegrated NFV
1
2
4
V/64
3
T/64
4
App 76VM
Server 5
5
3 App 32Container
Server 3
IPv6 Hdr SA = A1::0, DA = A2::C4
Payload
IPv6 Hdr SA = T::1, DA = V::2
SR Hdr < A3::A32, A4::0, A5::A76, A2::C4 >
IPv6 Hdr SA = T::1, DA = V::2
Payload
37
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Well-progressed standardization• IETF: draft-ietf-dmm-srv6-mobile-uplane-01• 3GPP: Accepted study item in CT4 (#29.892) – starts July
• SRv6 an alternative to GTP-U• Removing the per-session tunneling has obvious benefits• Optimal data path (ultra-low latency)• Integrated service chaining (allows for NFVs for security, billing, ...)
• Native support for network slicing• Achieved either via a centralized SDN solution or via SR TE with IGP FlexAlg• Optimal resource utilization
SRv6 in Mobile
38