ASR-9000 в качестве платформы внедрения SDN в сетях операторов связи

Илгар Гасымов (igasymov@cisco.com) Системный архитектор Департамент операторов связи

23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved.

Содержание

•  Применение SDN на операторском рынке •  SDN технологии на ASR 9000

•  BGP-LS •  Stateful PCEP •  NETCONF/YANG

•  Заключение

23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 2

Применение SDN на операторском рынке

23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 3

Cloud Data Centre

Consumer

DPI CGN WWW

FW CDN IPS

Virtual Private Cloud

Enterprise NfV Services

CPE DPI WAAS

FW NAM IPS

SP IP/MPLS Network

SP DC Fabric

Guaranteed Network SLA Cloud SLA Service Chaining

NSO / VTS / Elastic Service Controller

Cisco WAE

4

CPE

CPE

PE

DCI

vCPE

SDN – Сквозное управление услугой Централизованный контроль ресурсов и обеспечение SLA

Инфраструктура сегодня: управляется раздельно и сложно

Data Center

Customers Wide Area Network Cloud

Optical

IP/MPLS

Software Engineering (Applications)

System Engineering (Compute, Storage, Virtual

Machines)

Network Engineering (WAN Services, NfV) Enterprise

Virtual

5

Новый подход к управлению инфратсруктурой

Data Center

Customers Wide Area Network Cloud

Optical

IP/MPLS

Software Engineering (Applications)

System Engineering (Compute, Storage, Virtual

Machines)

Network Engineering (WAN Services, NfV) Enterprise

Virtual

Physical and Virtual

API’s

Orchestration

API’s

Applications

6

Место SDN в новом подходе

Data Center

Access/Customers Wide Area Network Cloud

Optical

IP/MPLS

DC/Cloud SDN

Enterprise SDN

Applications DC-WAN X-Domain Orch Ent-SP WAN X-Domain Orch

SP SDN (e.g WAN Orchestration)

7

Data Center

Access/Customers Wide Area Network Cloud

Optical

IP/MPLS

DC/Cloud SDN

Enterprise SDN

Applications DC-WAN X-Domain Orch Ent-SP WAN X-Domain Orch

SP SDN (e.g WAN Orchestration)

8

APIC EM

APIC DC

Место SDN в новом подходе

SDN: Большой выбор платформ

9

“Купить” “Разработать” Tail-F NCS

Оркестрация

NETCONFPCEPBGP-LSNETFLOWSNMP CLI

Множество опций управления Физическими и Виртуальными устройствами

Сегодня рассматриваем

Приложения

Оркестрация

API’s + Protocols

10

Оркестрация – Раньше и Теперь

11

OSS/BSS

WAN CPE

Data Center

CPE Prov

WAN Prov

DC Prov

OSS/BSS

WAN CPE

Data Center

Orchestration Platform

YANG Service Models

YANG Device Models

REST, Netconf, …

Customized BSS/OSS and Provisioning Systems Model-driven Network and Service

Orchestration

SDN технологии на ASR 9000

23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 12

ASR 9001 ASR9904 ASR 9006 ASR 9010 ASR9912 ASR 9922

Размер 2RU 6RU 10RU 21RU 30RU 44RU

Кол-во I/O слотов 2 MPAs 2 4 8 10 20

Вентиляция Side to side Side to side Side to back Front to back Front to back Front to back

Произв. / слот N/A 770G/385G 440G/220G 440G/220G 770G/660G 770G/660G

Произв. шасси / слот 120Gbps 2Tbps 880Gbps 880Gbps 2Tbps 2Tbps

Произв. всего шасси 120Gbps 8Gbps 3.5 Tbps 7.0 Tbps 20Tbps 40Tbps

Cisco ASR 9000

13

Virtual XR DP

IOS XRv 9000

Поддержка SDN на ASR 9000

Controller

OpenFlow

OpenFlowAgent

Приложения Policy Servers OSS/BSS User App Analytics

Оркестрация

Control Plane Management

Plane

Controller

Контроллеры 3

Программные политики

BGP-LSAPI и Протоколы OpenFlow Agent , BGP-LS, PCEP,

NETCONF

2

SDN Enabled Data Plane

1 E-PBR Data Plane

Policy Fwd Flows

ASR 9000

SDN Платформы Orchestration,

Analytics, Services, etc

4

VSM

Эффект Интеллек-туальной сети

Controller

PCEP

Приложения 5

Различные инструменты для тестирования

OpenDaylight (ODL) https://wiki.opendaylight.org/view/Getting_started http://www.opendaylight.org/software/downloads

REST Client:

Chrome: Postman REST Client Firefox: REST Client

Wireshark: https://www.wireshark.org/ IOS XR 5.2.2 with physical routers and

Virtual Internet Routing Lab (VIRL): virl.cisco.com

For Your Reference

15

ASR-9000 BGP Link State protocol

23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 16

Обнаружение и сбор данных по топологии сети

•  Традиционные: §  Methods: SNMP, SNMPCollect (polling), Netflow, CLI Parsing §  Platforms: Network Management Systems (NMS) §  Are and will continue to be used…

•  Недостатки: §  Delay in topology changes to NMS

—  E.g. delay based on polling intervals §  Unreliable transport

—  e.g. missed SNMP traps

•  Требуют наращивания по мере роста сети и информации о ее состояниях

17

Обзор BGP Link-State (BGP-LS)

Use BGP to advertise LSDB and TED of a network §  New link-state address family

Support for OSPF and ISIS LSDB Advantages

§  Single upstream topology feed (BGP) §  IGP isolated from external entities §  Leverage well-known BGP security,

transport and policy knobs §  Enables operator control

Support introduced in IOS XR 5.1.1 Implementations: WAN Automation Engine (WAE), OpenDaylight (ODL)

Domain 1 Domain 2

Domain 0

BGP-LS

BGP-LS BGP-LS

RR

PCE

TED

LSP DB

18

Референсная диаграмма: BGP-LS

OpenDaylight

192.168.96.0/29

.1

.2

192.168.x.x/31 64.4/31

64.0/31

192.4/31 192.6/31

128.2/31

128.0/31 192.0/31

AG04-4 10.99.8.8/32

AG04-2 10.99.2.2/32

AG06-3 10.99.5.5

AG06-1 10.99.3.3

AG06-2 10.99.4.4

AG06-4 10.99.6.6

AG04-1 10.99.1.1

172.18.152.3/24

For Your Reference

BGP-LS

REST

19

routerospf1distributebgp-lsinstance-id1router-id10.99.8.8area0routerbgp65000bgprouter-id10.99.8.8address-familylink-statelink-state!neighbor192.168.96.2remote-as65000update-sourceLoopback0address-familylink-statelink-state!!

Настройка BGP Link State на ASR 9000

20

Distribute link state database into BGP-LS

Specify BGP-LS peer

Enable address-family link-state

RP/0/RSP0/CPU0:ASR9K-4#shbgplink-statelink-stateTueMay600:09:45.523UTCBGProuteridentifier10.99.8.8,localASnumber100Statuscodes:ssuppressed,ddamped,hhistory,*valid,>besti-internal,rRIB-failure,Sstale,NNexthop-discardOrigincodes:i-IGP,e-EGP,?-incompletePrefixcodes:Elink,Vnode,TIPreacheableroute,u/UunknownIIdentifier,Nlocalnode,Rremotenode,Llink,PprefixL1/L2ISISlevel-1/level-2,OOSPF,Ddirect,Sstaticaarea-ID,llink-ID,ttopology-ID,sISO-ID,cconfed-ID/ASN,bbgp-identifier,rrouter-ID,iif-address,nnbr-address,oOSPFRoute-type,pIP-prefixddesignatedrouteraddressNetworkNextHopMetricLocPrfWeightPath*>[V][O][I0x1][N[c100][b10.99.8.8][a0.0.0.0][r10.99.1.1]]/3760.0.0.00i*>[E][O][I0x1][N[c100][b10.99.8.8][a0.0.0.0][r10.99.1.1]][R[c100][b10.99.8.8][a0.0.0.0][r10.99.2.2]][L[i192.168.192.2][n192.168.192.3]]/7920.0.0.00i

Prefix codes

Node

Link

21

Верификация BGP Link State на ASR 9000

BGP-LS Пример* Topology Visualization

22

*Посетите DevNet чтобы скачать пример программы визуализации BGP-LS https://developer.cisco.com/site/devnetlabs/bgp/

ASR9000 Path Computation Element protocol

23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 23

Path Computational Element (PCE) Определение

•  Traffic Engineering Database (TED) §  Содержит топологию и информацию о ресурсах

§  Основывается на IGP LSDB •  PCE Server (PCE) •  Path Computation Client (PCC)

§  Агент на маршрутизаторе, который взаимодействует с PCE Server

•  PCE Protocol (PCEP) §  Протокол работающий между PCC на маршрутизаторе и PCE server

24

Основная функция расчитать путь (напр. MPLS TE LSP) в MPLS/GMPLS сети

•  Stateless •  PCE не имеет информации о ранее построенных LSP

•  Stateful •  Синхронизация PCC и PCE •  PCC пересылает изменение состояний на PCE •  PCC может делегировать упр-е LSP на PCE

•  PCE или PCC могут инициировать настройку LSP

•  PCC всегда отслеживает состояние LSP

Stateless и Stateful PCE

25

PCEP

Stateful PCE

TED

LSP DB

PCC

PCE-initiated LSP

Stateful PCE

•  LSP Database §  Contains info/status on active LSPs

communicated by PCCs in LSP state report messages

•  Active Stateful PCE §  References LSP DB for path

computations §  Programs LSP state in network

•  PCC reports LSP status to PCE •  PCE may reprogram an existing LSP •  LSP Delegation

§  PCC delegates LSP control responsibility to PCE

LSP=Label Switch Path

26

ASR9000 туннели инициированные PCE

•  Treated as dynamically created tunnels (auto-tunnel)

•  Router does NOT verify or compute path that PCE provides §  treated as verbatim path

•  PCE responsible for LSP re-optimization

•  PCE sends an PCEP Update when a better path exists

•  Tunnels may be inter-area

•  *PCE Initiated tunnel does not appear in configuration §  “show mpls traffic-eng tunnels”

PCEP Initiate / Create

Stateful PCE

TED

LSP DB

PCC

27

Референсная диаграмма: PCE Initiated LSP

OpenDaylight

192.168.96.0/29

.1

.2

192.168.x.x/31 64.4/31

64.0/31

192.4/31 192.6/31

128.2/31

128.0/31

192.0/31

AG04-4 10.99.8.8/32

AG04-2 10.99.2.2/32

AG06-3 10.99.5.5

AG06-1 10.99.3.3

AG06-2 10.99.4.4

AG06-4 10.99.6.6

AG04-1 10.99.1.1

172.18.152.3/24

For Your Reference

PCEP

REST

28

Настройка PCC на ASR 9000

hostnameASR9K-AG04-4!ipv4unnumberedmplstraffic-engLoopback0!mplstraffic-engpcepeeripv4192.168.96.2stateful-clientinstantiationdelegation!auto-tunnelpcctunnel-idmin7000max9999!

Allow PCE-initiated LSP

User defined tunnel number

range.

Required for auto-tunnel

PCE server

29

Delegate statically configured tunnels

PCE Add-LSP (OpenDaylight) пример

REST URL: http://localhost:8080/restconf/operations/network-topology-pcep:add-lsp

Method: POST Content-Type:application/xml <input><node>pcc://10.99.8.8</node><name>test-tunnel</name><arguments><endpoints-obj><ipv4><source-ipv4-address>10.99.8.8</source-ipv4-address><destination-ipv4-address>10.99.6.6</destination-ipv4-address></ipv4></endpoints-obj></arguments>

<network-topology-refxmlns:topo="urn:TBD:params:xml:ns:yang:network-topology">/topo:network-topology/topo:topology[topo:topology-id="pcep-topology"]</network-topology-ref></input>

PCC

Source

Destination

30

PCE Update LSP (OpenDaylight) пример

URL: http://localhost:8080/restconf/operations/network-topology-pcep:update-lsp

Method: POST Content-Type:application/xml <input>

<node>pcc://10.99.8.8</node><name>test-tunnel</name>

<network-topology-refxmlns:topo="urn:TBD:params:xml:ns:yang:network-topology">/topo:network-topology/topo:topology[topo:topology-id="pcep-topology"]</network-topology-ref>

<arguments>

<operationalxmlns:stateful02="urn:opendaylight:params:xml:ns:yang:pcep:crabbe:stateful:02">true</operational>

<ero>

<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.64.4/32</ip-prefix></ip-prefix></subobject>

<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.192.4/32</ip-prefix></ip-prefix></subobject>

<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.192.7/32</ip-prefix></ip-prefix></subobject>

<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.128.3/32</ip-prefix></ip-prefix></subobject>

</ero>

</arguments>

</input> Explicit-Route Object (ERO)

31

ASR9000 проверка PCE тунеля

RP/0/RSP0/CPU0:ASR9K-AG04-4#showmplstraffic-engpcetunnelsMonMay1917:39:38.550UTCTunnel:tunnel-te7004Destination:10.99.6.6State:upCurrentpathoption:10

32

ASR9000 команды проверки состояния

•  New commands §  show mpls traffic-eng auto-tunnel pcc […]

•  Modified Commands §  show mpls traffic-eng pce peer [ all|ipv4 <addr>|node-id <id>|stateful|stateless]

•  Other useful commands §  show mpls traffic-eng pce tunnels <id> §  show mpls traffic-eng pce trace […] §  show mpls traffic-eng tunnels tabular

33

Traffic Steering into PCE-Initiated Tunnels

Возможные методы:

•  Autoroute announce

•  Policy-based tunnel selection (forwarding class id)

34

Policy Based Tunnel Selection

•  Local mechanism at head-end

•  PBR policy sets forwarding class for incoming traffic

•  Traffic switched to tunnel with matching forwarding class

•  Seven forwarding classes supported (1-7)

•  One forwarding class reserved as default (0)

PE1

PE2

Tunnel-te1000 Forwarding class 1

Tunnel-te2000 Forwarding class 0

(default)

Input policy matches traffic based on ACL and sets forwarding

class

35

Traffic Steering PCE Initiated Tunnel

Tunnel-te1000 Forwarding class 1 Tunnel-te2000 Forwarding class 0 (default)

Tunnel-te7000 PCE Initiated LSP Forwarding class 2

ASR9K-1

CE TenGigE0/1/0/1

10.201.7.43

ASR9K-2

ASR9K-3

Set Forward ClassID 2

36

Orchestra?onRESTfulAPIs

PCEPProgramming

Пример: PCE Initiated LSP

WAN

R1

R2

R3 Data Center #1 Data Center #2 4

3

Service Request 1

Analytic to determine LSP 2

PCCreate LSP 3

Traffic steering onto LSP 6

10.201.7.43

2

6

TE LSP Signaling 4

Delegate & LSP State Report 5

5

37

ASR9000 NetConf YANG

23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 38

Традиционноый подход - CLI

•  Generally a majority of today’s configuration

•  Device Specific •  Human Friendly •  Manual (challenging to automate) •  Developer un-friendly

§  Such parsing CLI screen scrape •  No Common Data Model •  No Built-In Error Reporting

[joerober@rtp-odl~]$sshlab@10.99.1.1lab@10.99.1.1'spassword:RP/0/RSP0/CPU0:ASR9K-AG04-1#configureterminalTueJan617:18:58.350ESTRP/0/RSP0/CPU0:ASR9K-AG04-1(config)#

39

NETCONF

•  Network Configuration Protocol (NETCONF) §  XML based interface between network device and NMS §  Mechanism to manage, configure, and monitor network device

•  Published RFC 4741 (Dec 2006) •  Updated RFC 6241 (Jun 2011) •  RFC 6242 (Jun 2011) Using the NETCONF Protocol over Secure Shell •  Overcome SNMP Limitations

§  2003 IAB Network Management Workshop (RFC3535)

40

YANG

•  Modeling language defined in RFC 6020 •  Used by NETCONF to define objects and data in requests and replies •  Models configuration, operational, and RPC data •  Provides semantics to better define NETCONF data •  Provides common data model:

§  In order for NETCONF to be useful as network-wide protocol §  To consume NETCONF data from any network device

•  YANG modules are for NETCONF what MIBs are for SNMP

41

Сравнение SNMP и NETCONF

SNMP NETCONF

Data Models Defined in MIBs Defined in YANG modules (or XML schema documents)

Data Modeling Language Structure of Management Information (SMI)

YANG (and XML schema)

Management Operations SNMP NETCONF

RPC Encapsulation Basic Encoding Rules (BER) XML

Transport Protocol UDP TCP (reliable transport)

42

NETCONF Уровни

•  Content §  Configuration and Operational Data

•  Operations §  Defines base operations §  What clients do to servers

•  Messages/Remote Procedure Call (RPC) §  Transport-independent mechanism for encoding messages §  RPC, RPC-Reply

•  Transport §  Reliable communication between client and server

Content

Operations

Messages

Transport

43

ASR9000 NETCONF Транспорт и операции

SSH NETCONF (1.1) session: §  IOS XR 5.3.1 §  On client utilize ssh with –s to request invocation of subsystem on server (router)

—  ssh lab@172.18.152.20 -p 830 -s netconf

Transport

Messages

Operations

Content

Client Server

<rpc>

<rpc-reply>

44

NETCONF Операции

45

Operation Description <get-config> Retrieve all or part of specified configuration datastore

<edit-config> Loads all or part of a configuration to the specified configuration datastore

<get-schema> Retrieve YANG-based XML Data

<commit> Copy candidate datastore to running datastore

<get> Retrieve running configuration and device state information

<lock> / <unlock> Lock or unlock the entire configuration datastore system

<close-session> Graceful termination of NETCONF session <kill-session> Forced termination of NETCONF session

Complete List Protocol Operations: https://tools.ietf.org/html/rfc6241

Transport

Messages

Operations

Content

ASR9000 NETCONF Data Stores

§  Target of NETCONF Operations

§  Data stores are named containers that may hold an entire copy of the configuration

§  IOS XR Supported Datastores: §  <running> §  <candidate> §  *XR two stage commit (no startup datastore)

Running Candidate Transport

RPC

Operations

Content

46

YANG XR 5.3.1 Data Models

•  YANG data modules are part of the software image. •  Models can be retrieved from router using <get-schema> operation. •  YANG Model file for each configuration module

§  For example, to configure CDP, the relevant yang model is Cisco-IOS-XR-cdp-cfg •  5.3.1 Data Models:

http://www.cisco.com/c/en/us/td/docs/routers/crs/software/crs_r5-3/security/configuration/guide/b-syssec-cg53x-crs/Implementing_the_Network_Configuration_Protocol.pdf#unique_8

47

ASR9000 NETCONF 1.1 Configuration (XR 5.3.1)

•  Pre-requisite: §  k9sec pie must be installed §  Crypto keys must be generated

•  Enable NETCONF Agent: •  sshservernetconfport830•  netconf-yangagentssh

•  Session verification: •  shownetconf-yangclients•  shownetconf-yangstatistics

!IOSXR5.3.1hostnameASR9K-R1domainnamecisco.com!sshserverv2sshservervrfdefaultsshservernetconfport830netconf-yangagentssh!

48

XR 5.3.1 Sample NETCONF/YANG Workflow

49

ASR9000

Orchestration Platform NETCONF Client

1 XR Image contains YANG

2 Client (application) retrieves models with <get-schema>

3 Client installs and processes YANG models

YANG Data Model

1

YANG Data Model

3

4 Client sends operation request Using YANG-based XML data

5 Router understands YANG-based XML data & is configured accordingly

2 <get-schema>

<edit-config> 4

Candidate Running 5 6 Client-router interaction continues Until network configured as desired

<edit-config><PBR><ServicePolicy><Input>PBTS</Input></ServicePolicy></PBR>

Orchestra?onRESTfulAPIs

Programming

Пример:NETCONF Detailed Policy/Traffic Steering

WAN

R1

R2

R3 Data Center #1 Data Center #2 3

3

Service Request 1 Analytic to determine LSP

2

Create LSP Tunnel FCID 2 3

NETCONF to program: -detailed policy* -apply policy inbound

4

10.201.7.43

2

4

*example policy in reference slides 50

Пример <edit-config> <?xml version="1.0" encoding="UTF-8" ?> <rpc message-id="106" xmlns="urn:ietf:params:netconf:capability:candidate:1.0"> <edit-config> <target><candidate/></target> <config> <Configuration><InterfaceConfigurationTable><InterfaceConfiguration><Naming> <Active>act</Active> <InterfaceName>TenGigE0/3/0/0</InterfaceName> </Naming> <Description>NETCONF CONFIG</Description>

<IPV4Network><Addresses><Primary> <Address>10.223.1.1</Address> <Netmask>255.255.255.0</Netmask> </Primary></Addresses></IPV4Network> </InterfaceConfiguration></InterfaceConfigurationTable> </Configuration></config> </edit-config> </rpc> ##

Datastore

Interface

Add interface description

IPv4 Address Netmask

interface TenGigE0/3/0/0 description NETCONF CONFIG ipv4 address 10.223.1.1 255.255.255.0

51

Пример <get-config>(Attribute match) <?xml version="1.0" encoding="UTF-8" ?> <rpc message-id="106" xmlns="urn:ietf:params:netconf:capability:candidate:1.0"> <get-config> <source><running/></source> <filter> <Configuration> <InterfaceConfigurationTable> <InterfaceConfiguration> <Naming> <Active>act</Active> <InterfaceName Match=“TenGigE.*”/> </Naming> </InterfaceConfiguration> </InterfaceConfigurationTable> </Configuration> </filter> </get-config> </rpc>

Attribute match: all TenGigE interfaces

Datastore

52

For Your Reference

Заключение

23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 53

Заключение

ASR 9000 под управлением операционной системы IOS-XR поддерживает широкий набор SDN протоколов: BGP LS, PCEP, Netconf /YANG, OpenFlow, Restconf/XML В IOS-XR 6.X и выше этот функционал еще более расшириться, вплоть до хостинга сетевых приложений Благодаря активному участию Cisco в разработке как своих платформ оркестрации и контроллеров, так и со свободным исходным кодом, внедряя ASR 9000 наши клиенты получают отлаженное решение для инфраструктуры программируемой сети

54

CiscoRu Cisco CiscoRussia

Ждем ваших сообщений с хештегом #CiscoConnectRu

CiscoRu

Пожалуйста, заполните анкеты. Ваше мнение очень важно для нас!

Спасибо! Илгар Гасымов (igasymov@cisco.com) Системный архитектор Департамент операторов связи

© 2015 Cisco and/or its affiliates. All rights reserved.