Traffic Engineering using Segment Routing Santiago Álvarez
Traffic Engineering using Segment Routing Santiago Álvarez
Thank you for attending Cisco Connect Toronto 2015, here are a few housekeeping notes to ensure we all enjoy the session today.
§ Please ensure your cellphones / laptops are set on silent to ensure no one is disturbed during the session
§ A power bar is available under each desk in case you need to charge your laptop (Labs only)
House Keeping Notes
§ Technology Overview § Use Cases
§ A Closer Look to Control and Data Plane
§ Traffic Engineering
§ Conclusions
Agenda
Technology Overview
§ Source Routing § the source chooses a path and encodes it in the packet header as an ordered
list of segments § the rest of the network executes the encoded instructions without any further
per-flow state
§ Segment: an identifier for any type of instruction § forwarding or service
Segment Routing
§ Shortest-path to the IGP prefix
§ Global
§ 16000 + Index
§ Signaled by ISIS/OSPF
IGP Prefix Segment
DC (BGP-SR)
10
11
12
13
14
2 4
6 5
7
WAN (IGP-SR)
3
1
PEER
16005
§ Forward on the IGP adjacency
§ Local
§ 1XY § X is the “from” § Y is the “to”
§ Signaled by ISIS/OSPF
IGP Adjacency Segment
DC (BGP-SR)
10
11
12
13
14
2 4
6 5
7
WAN (IGP-SR)
3
1
PEER
124
§ Shortest-path to the BGP prefix
§ Global
§ 16000 + Index
§ Signaled by BGP
BGP Prefix Segment
DC (BGP-SR)
10
11
12
13
14
2 4
6 5
7
WAN (IGP-SR)
3
1
PEER
16001
§ Forward to the BGP peer
§ Local
§ 1XY § X is the “from” § Y is the “to”
§ Signaled by BGP-LS (topology information) to the controller
BGP Peering Segment
DC (BGP-SR)
10
11
12
13
14
2
6
7
WAN (IGP-SR)
3
1
PEER
Low Lat, Low BW 4
5 High Lat, High BW
147
§ WAE collects via BGP-LS § IGP segments § BGP segments § Topology
WAN Controller
DC (BGP-SR)
10
11
12
13
14
2 4
6 5
7
WAN (IGP-SR)
3
1
PEER
Low Lat, Low BW
BGP-LS
BGP-LS
BGP-LS
§ WAE computes that the green path can be encoded as § 16001 § 16002 § 124 § 147
§ WAE programs a single per-flow state to create an application-engineered end-to-end policy
An end-to-end path as a list of segments
DC (BGP-SR)
10
11
12
13
14
2 4
6 5
7
WAN (IGP-SR)
3
1
PEER
Low Lat, Low BW
50
Default ISIS cost metric: 10
{16001, 16002, 124, 147}
PCEP, Netconf, BGP
§ IETF standardization in SPRING working group
§ Protocol extensions progressing in multiple groups § IS-IS § OSPF § PCE § IDR § 6MAN
§ Broad vendor and customer support
Segment Routing Standardization Sample IETF Documents
Segment Routing Architecture (draft-ietf-spring-segment-routing)
Problem Statement and Requirements (draft-ietf-spring-problem-statement)
IPv6 SPRING Use Cases (draft-ietf-spring-ipv6-use-cases)
Segment Routing Use Cases (draft-filsfils-spring-segment-routing-use-cases)
Topology Independent Fast Reroute using Segment Routing (draft-francois-spring-segment-routing-ti-lfa)
IS-IS Extensions for Segment Routing (draft-ietf-isis-segment-routing-extensions)
OSPF Extensions for Segment Routing (draft-ietf-ospf-segment-routing-extensions)
PCEP Extensions for Segment Routing (draft-ietf-pce-segment-routing)
Close to 30 IETF drafts in progress
§ Platforms: ASR9000, CRS-1/CRS-3 (shipping) § IS-IS IPv4 (shipping)
§ Node/Adjacency SID advertisement § LDP interworking (mapping server/client) § Traffic protection (topology independent LFA link protection)
§ OSPFv2 (shipping) § Node SID advertisement § Traffic protection (LFA)
§ Upcoming § IS-IS IPv6 § IS-IS / OSPFv2 parity § SR Traffic Engineering (manual provisioning and PCEP) § OAM (Ping/Trace)
Segment Routing Product Support
Use Cases
§ IGP only § No LDP, no RSVP-TE
§ ECMP
IPv4/6 VPN/Service transport
1
2 3
4
6 5
7
Site1 Site2
pkt
16007 vpn
pkt
16007 vpn
pkt
pkt vpn
pkt
§ Seamless deployment
Seamless interworking with LDP
1
2 3
4
6 5
7
Site1 Site2
pkt
pkt vpn
pkt
pkt
16007 vpn
pkt
16007 vpn
pkt vpn
LDP(7)
§ 50msec FRR in any topology
§ IGP Automated § No LDP, no RSVP-TE
§ Optimum § Post-convergence path
§ No midpoint backup state
§ Detailed operator report § S. Litkowski, B. Decraene, Orange
§ Mate Design § How many backup segments § Capacity analysis
Topology-Independent LFA (TI-LFA FRR)
1
2 3
4
6 5
7
pkt 16007 16005
pkt 16007
pkt 16007
§ Traffic Matrix is fundamental for § capacity planning § centralized traffic engineering § IP/Optical optimization
§ Most operators do not have an accurate traffic matrix
§ With SR, the traffic matrix collection is automated
Automated Traffic Matrix Collection 1 2 3 4
1 2 3 4
1
2
4
3
§ On a per-content, per-user basis, the content delivery application can engineer § the path within the AS § the selected border router § the selected peer
§ Also applicable for engineering egress traffic from DC to peer § BGP Prefix and Peering Segments
Optimized Content Delivery
1 2
6
4 3 AS1
5
7
AS6 AS5
AS7
pkt
16003 16002
126
§ Per-application flow engineering
§ End-to-End § DC, WAN, AGG, PEER
§ Millions of flows § No signaling § No midpoint state § No reclassification at
boundaries
Application Engineered Routing
DC (or AGG)
10
11
12
13
14
Push {16001, 200, 147}
Low-Latency to 7 for application A12
2 4
6 5
7
Default ISIS cost metric: 10 Default Latency metric: 10
ISIS: 35
WAN
3
1
BSID: 200
200: pop and push {16002, 16004}
PEER
Low Lat, Low BW
Low-Lat to 4
PeerSID: 147, Low Lat, Low BW
PeerSID: 147, High Lat, High BW
§ Per-application flow engineering
§ End-to-End § DC, WAN, AGG, PEER
§ Millions of flows § No signaling § No midpoint state § No reclassification at
boundaries
Application Engineered Routing
DC (or AGG)
10
11
12
13
14
Push {16010, 16001, 200, 147}
Low-Latency to 7, DC Plane 0 only, for application A12
2 4
6 5
7
Default ISIS cost metric: 10 Default Latency metric: 10
ISIS: 35
WAN
3
1
BSID: 200
200: pop and push {16002, 16004}
PEER
Low Lat, Low BW
Low-Lat to 4
PeerSID: 147, Low Lat, Low BW
PeerSID: 147, High Lat, High BW
A Closer Look to Control and Data Plane
MPLS Control and Forwarding Operation with Segment Routing
PE1 PE2
IGP PE1 PE2
Services
IPv4 IPv6 IPv4 VPN
IPv6 VPN VPWS VPLS
Packet Transport LDP
MPLS Forwarding
RSVP BGP Static IS-IS OSPF
No changes to control or forwarding plane
IGP label distribution for IPv4 and IPv6, same forwarding plane
BGP / LDP
§ Prefix SID § SID encoded as an index § Index represents an offset from SRGB base § Index globally unique § SRGB may vary across LSRs § SRGB (base and range) advertised with router capabilities
§ Adjacency SID § SID encoded as absolute (i.e. not indexed) value § Locally significant § Automatically allocated for each adjacency
SID Encoding
SRGB = [ 16000 - 23999 ]. Advertised as base = 16,000, range = 7,999 Prefix SID = 16041. Advertised as Prefix SID Index = 41 Adjacency SID = 24000. Advertised as Adjacency SID = 24000
SR-enabled Node
§ Level 1, level 2 and multi-level routing § Prefix Segment ID (Prefix-SID) for host prefixes on loopback interfaces
§ Adjacency SIDs for adjacencies
§ Prefix-to-SID mapping advertisements (mapping server)
§ MPLS penultimate hop popping (PHP) signaling
§ MPLS explicit-null label signaling
SR IS-IS Control Plane Overview
§ Required § Wide metrics § SR enabled under unicast address family
§ Optional § Prefix-SID configured under loopback(s) AF IPv4
§ MPLS forwarding enabled automatically on all (non-passive) IS-IS interfaces
§ Adjacency-SIDs are automatically allocated for each adjacency
IS-IS Configuration
§ IPv4 Prefix Segment ID (Prefix-SID) for host prefixes on loopback interfaces
§ MPLS penultimate hop popping (PHP) signaling
§ MPLS explicit-null label signaling
SR OSPF Control Plane Overview
§ OSPFv2 control plane § Required
§ Enable segment-routing under instance or area(s) § Command has area scope, usual inheritance applies
§ Enable segment-routing forwarding under instance, area(s) or interface(s) § Command has interface scope, usual inheritance applies
§ Optional § Prefix-SID configured under loopback(s)
§ MPLS forwarding enabled on all OSPF interfaces with segment-routing forwarding configured
OSPF Configuration
§ Packet forwarded along IGP shortest path § Packet leverages ECMP load balancing § Swap operation performed on input label § Same top label if same/similar SRGB § PHP if signaled by egress LSR
MPLS Data Plane Operation
Payload
SRGB [16,000 – 23,999 ]
X
Payload
Swap
Y
Payload
SRGB [16,000 – 23,999 ]
Y
Payload
Pop
Y
Adjacency SID = X
X
Prefix SID Adjacency SID
§ Packet forwarded along IGP adjacency § Pop operation performed on input label § Top labels will likely differ § Penultimate hop always pops last adjacency SID
Payload
VPN Label
MPLS Data Plane Operation (Prefix SID)
SRGB [16,000 – 23,999 ] SRGB [16,000 – 23,999 ] SRGB [26,000 – 23,999 ] SRGB [16,000 – 23,999 ]
Loopback X.X.X.X Prefix SID Index = 41
A B C D
Payload
16041
Payload
Push Push
Swap Pop
Payload Payload
VPN Label
26041
VPN Label
Pop
Payload
VPN Label
MPLS Data Plane Operation (Adjacency SIDs)
MPLS Label Range [ 24000– 265535 ]
MPLS Label Range [ 24000– 265535 ]
MPLS Label Range [ 24000– 265535 ]
MPLS Label Range [ 24000– 265535 ]
Payload
24000
Payload
Push Push Push
Pop Pop
Payload Payload
VPN Label
24000
VPN Label
Pop
Adjacency SID = 24000 Adjacency SID = 24000 Adjacency SID = 24010
24000
A B C D
§ LFIB populated by IGP (ISIS / OSPF)
§ Forwarding table remains constant (Nodes + Adjacencies) regardless of number of paths
§ Other protocols (LDP, RSVP, BGP) can still program LFIB
MPLS LFIB with Segment Routing
32
PE
PE
PE
PE
PE
PE
PE
PE
P
In Label
Out Label
Out Interface
L1 L1 Intf1 L2 L2 Intf1 … … … L8 L8 Intf4 L9 L9 Intf2 L10 Pop Intf2 … … … Ln Pop Intf5
Network Node Segment Ids
Node Adjacency Segment Ids
Forwarding table remains constant
Traffic Engineering
§ Provides explicit routing § Supports constraint-based routing § Supports centralized admission
control § No RSVP-TE to establish LSPs § Uses existing ISIS / OSPF
extensions to advertise link attributes
§ Provides ECMP
Traffic Engineering with Segment Routing
TE LSP
Segment Routing
§ Link information Distribution § ISIS-TE § OSPF-TE
§ Path Calculation § Path Setup § Forwarding Traffic down path
§ Auto-route (announce / destinations) § Static route § PBR § PBTS / CBTS § Forwarding Adjacency § Pseudowire Tunnel select
How Traffic Engineering Works
IP/MPLS
Head end
Mid-point Tail end
TE LSP
§ Addresses complex requirements for path computation in large, multi-domain and multi-layer networks § Path computation element (PCE)
§ Computes network paths based on network information (topology, paths, etc.) § Stores TE topology database (synchronized with network) § May reside on a network node or on out-of-network server § May initiate path creation § Stateful - stores path database included resources used (synchronized with network) § Stateless - no knowledge of previously established paths
§ Path computation client (PCC) § May send path computation requests to PCE § May send path state updates to PCE
§ PCC and PCE communicate via Path Computation Element Protocol (PCEP)
§ Cisco WAN orchestration provides network path instantiation driven by an out-of-network stateful PCE
PCE Architecture Introduction
H E L L O my name is
PCE
§ PCE maintains topology and path database (established paths)
§ More optimal centralized path computation
§ Enables centralized path initiation and update control
§ Well suited for SDN deployments
Stateful PCE
PCEP
Stateful PCE
TED
LSP DB
PCC
§ An external PCE requires some form of topology acquisition
§ A PCE may learn topology using BGP-LS, IGP, SNMP, etc.
§ BGP-LS characteristics § aggregates topology across one or more
domains § provides familiar operational model
§ New BGP-LS attribute TLVs for SR § IGP: links, nodes, prefixes § BGP: peer node, peer adjacency, peer set
Topology Acquisition
Domain 1 Domain 2
Domain 0
BGP-LS
TED
BGP-LS BGP-LS
RR
PCE
§ PCC or PCE may initiate path setup
§ PCC may delegate update control to PCE
§ PCC may revoke delegation
§ PCE may return delegation
Active Stateful PCE
PCEP
Active Stateful PCE
TED
LSP DB
Stateful PCC
PCE has update control over
delegated paths
Active Stateful PCE PCE-Initiated and PCC-Initiated LSPs
PCEP
PCC-Initiated (Active Stateful PCE)
TED
LSP DB
Stateful PCC
PCEP
PCE-Initiated (Active Stateful PCE)
TED
LSP DB
Stateful PCC
PCC initiates LSP and
delegates update control
PCE initiates LSP and
maintains update control
§ PCE part of controller architecture managing full path life cycle
§ Tighter integration with application demands
§ PCC may initiate path setup based on distributed network state
§ Can be used in conjunction with PCE-initiated paths
§ Segment routing enables source routing based on segment ids distributed by IGP
§ PCE specifies path as list of segment ids § PCC forwards traffic by pushing segment
id list on packets § No path signaling required § Minimal forwarding state § Maximum network forwarding virtualization § The state is no longer in the network but in
the packet § Paths may be PCE- or PCC-initiated
PCE Extensions for Segment Routing (SR)
PCEP Segment List:: 10,20,30,40
Stateful PCE
TED
LSP DB
Stateful PCC
Node SID
Adjacency SID
Forwarding table remains constant
In Out Int L1 L1 Intf1 … … … L7 L7 Int3 L8 Pop Intf3 … … … L9 Pop Intf5
Application Path
Request
§ Segment Routing capability (when opening PCEP session)
§ Existing ERO object with new Segment Routing Explicit Route Object (SR-ERO) sub-object
§ Sub-objects include a segment id (SID) and/or an associated “Node or Adjacency Identifier”(NAI)
§ A NAI can specify a § IPv4 node § IPv6 node § IPv4 adjacency § IPv6 adjacency § Unnumbered adjacency with IPv4 node ids
§ Request parameters indicate path type (SR or RSVP)
PCEP Extensions for Segment Routing
SID / NAI
SID / NAI
SID / NAI
SR-ERO subobject (1) SR-ERO subobject (2)
SR-ERO subobject (n)
ERO Object
Conclusions
§ Minimal midpoint forwarding state required § No extra protocol (LDP or RSVP-TE) required to signal path
§ Native ECMP
§ Few segments required (apply Cisco Mate Design on your data)
§ Distributed computation or centralized
§ Integration with IP/Optical optimization
Conclusions
§ Cisco dCloud is a self-service platform that can be accessed via a browser, a high-speed Internet connection, and a cisco.com account
§ Customers will have direct access to a subset of dCloud demos and labs
§ Restricted content must be brokered by an authorized user (Cisco or Partner) and then shared with the customers (cisco.com user).
§ Go to dcloud.cisco.com, select the location closest to you, and log in with your cisco.com credentials
§ Review the getting started videos and try Cisco dCloud today: https://dcloud-cms.cisco.com/help
dCloud
Customers now get full dCloud experience!
§ Give us your feedback and you could win a Plantronics headset. Complete the session survey on your Cisco Connect Toronto Mobile app at the end of your session for a chance to win
§ Winners will be announced and posted at the Information desk and on Twitter at the end of the day (You must be present to win!)
Complete your session evaluation – May 14th
#CiscoSpark
Let’s continue this conversation on…
Spark
Cisco’s mobile collaboration
team application Visit the Collaboration booth in the
World of Solutions to join the Connect Spark room
Thank you