Segment Routing – Updated2zmdbbm9feqrf.cloudfront.net/2015/eur/pdf/BRKRST-3122.pdf · Segment Routing • Unified – DC ... push 16065 swap 16065 to 16065 to 16065 ... Centralized

Segment RoutingClarence FilsfilsDistinguished [email protected]

Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Segment Routing

• Unified

– DC + WAN + Aggregation

– from server in the DC, through WAN and to the service edge

• Policy-aware

– DC: disjoint planes, flow-based congestion avoidance

– WAN: disjoint services, latency-sensitive traffic, scheduled bulk transfer

• Application programs the end-to-end policy

– The end-to-end policy is encoded by the application as an SR segment list in the packet header

• Balance between distributed and centralized intelligence

– Distributed: automated sub-30msec FRR link/node in any topology with optimum backup path

– Centralized: traffic optimization for better use of the installed capacity

• Applicable to MPLS and IPv6 dataplanes

• Much simpler to operate than MPLS Classic

Key Concepts


Source Routing: the source chooses a path and encodes it in the packet header as an ordered list of segments.

Segment: an identifier for any type of instruction

Service

Context

Locator

IGP-based forwarding construct

BGP-based forwarding construct

Local value or Global Index

Segment Routing

Segment = Instructions such as "go to node N using the shortest path"


MPLS: an ordered list of segments is represented as a stack of labels

SR re-uses MPLS dataplane without any change

IPv6: an ordered list of segments is represented as a routing extension header, see 4.4 of RFC2460

IGP-based segments require minor extension to the existing link-state routing protocols (OSPF and IS-IS).

Segment Routing

The remainder of this session focuses on SR on MPLS dataplane


Simple extension to let IGP install segments in the MPLS dataplane

Excellent Scale: a node installs N+A FIB entries

N node segments and A adjacency segments

IGP Segments

A B C

M N O

Z

D

P

Node segment to C

Node segment to Z

Adj Segment

Node segment to C


Node Segment

• Z advertises a global node segment 16065 with its loopback

– simple ISIS sub-TLV extension

> default SRGB [16000, 23999] at all nodes is a request from all lead operators for operational simplicity. The protocol and implementation allows for different SRGB at every node

• All remote nodes install in their FIB the node segment 16065 to Z

A B C

Z

D

16065

FEC Z push 16065

swap 16065 to 16065

swap 16065 to 16065

pop 16065

A packet injected anywhere with top

segment 16065 will reach Z via

shortest-path

Packet to Z

Packet to Z

16065

Packet to Z

16065

Packet to Z

16065

Packet to Z


Node Segment

• ECMP– A node segment to 16078 distributes traffic across all ECMP paths

to O

A B C

M N O

Z

D

P

16078


Adjacency Segment

• C allocates a local segment 29003 and maps it to the instruction “complete the segment and forward along the interface CO”

• C advertises the adjacency segment in ISIS

– simple sub-TLV extension

• C is the only node to install the adjacency segment in FIB

A B C

M N O

Z

D

P

Pop 29003

A packet injected at node C with segment

29003 is forced through datalink CO


Explicit path as Segment List

• ECMP– Node segment

• Per-flow state only at head-end– not at midpoints

• Source Routing– the path state is in the packet

header

A B C

M N O

Z

D

P

16078

Packet to Z

1606516078

Packet to Z

16065

Packet to Z

Packet to Z

16065

Packet to Z

16065

16078

16072

Packet to Z

16065

16078

16072

1607216072

16065

16065


Guaranteed Link/Node FRR in any topology

50msec protection

Simplicity

Entirely automated

No directed LDP session

No RSVP-TE tunnels

Incremental deployment

Applicable to LDP primary traffic

Optimal backup path along postconvergence path

Prevents transient congestion and suboptimal routing

Automated 50-msec Protection for IGP Segments


IP/MPLS architecture that seeks the right balance between distributed intelligence and centralizedoptimization and programming.

simplifies operation (lower opex)

enables application-based service creation (new revenue)

allows for better utilization of the installed infrastructure (lower capex)

An IP/MPLS architecture with wide application

(SP, OTT/Web, GET) across (WAN, Metro/Agg, DC)

MPLS and IPv6 dataplanes

SDN controller

An architecture designed with SDN in mind

What is Segment Routing?

Industry Acceptance & Standardization


Fundamental to the velocity and success

Significant commitment

technical transparency

multi-vendor commitment

beta and poc

Many more operators now involved

Deployments in a few months

Strong Operator Partnership


IETF

• Working-Group is created

• Use-Case is WG status

• Architecture is WG status

• Protocol Extension is WG status

• ~ 25 drafts maintained by SR teamOver 50% are WG status

Over 75% have a Cisco implementation

www.segment-routing.net

SR ToolBox


SR ToolBoxImpressive in < 24months

ISIS Prefix and Adjacency Segment with 50msec link-FRR IOS-XR 5.2.2

SR/LDP seamless interworking for ISIS IOS-XR 5.2.2

OSPF Prefix and Adjacency Segment with 50msec link-FRR IOS-XR 5.3.0

SRTE Head-end on ASR9k Beta

SRTE head-end on VPEF Beta

BGP Peering Segment Beta

BGP Prefix Segment Beta

SR Planning and Design Mate Design 6.0

Get involved and provide ideas and requirementsLeverage dcloud.cisco.com virtual labs

SR Traffic Engineering


SRTE Headend

• Classify packets and push the matching segment-list

– All the TE functionality is leveraged (counters, autoroute, PBTS...)

• Network Design– Virtual PE facing Application VM’s: VPP beta available

– DCI, PE or Aggregation: IOS-XR/ASR9k beta available


SRTE midpoint

• Does not exist– No state overhead

– No signalling overhead


SR Policy Computation

Router (headend) WAE Mate Design

Latency V V V

Avoid a topological resource V V V

Disjoint from another service V (if both originate on the same head-

end)

V V

BW - V V

Inter-Area/Inter-Domain - V V

Integration with IP/Optical - V V


The benefits of centralized TE

www.opennetsummit.org/archives/apr12/hoelzle-tue-openflow.pdf


The benefits of centralized TE

• Centralized Traffic Engineering

Better optimum

Better predictability

Faster convergence

Better suited for Application Programmability (Nbound-API)

Network Programmability (Sbound-API, PCEP)

• Centralized TE with Segment Routing

Controller expresses path as segment list

Network maintains segments and provide FRR for them

ECMP-awareness

No signalling and per-flow state at midpoint

www.opennetsummit.org/archives/apr12/hoelzle-tue-openflow.pdf


Centralized Traffic Engineering

2G from A to Z please

Link CD is full, I cannot use the shortest-path 65 straight to Z

16065

FULL

16065


Centralized Traffic Engineering

Path ABCOPZ is ok. I account the BW. Then I steer the traffic on this path

FULL

16066

1606516068

• Highly programmable and responsive to rapid changes– perfect support for centralized optimization efficiency, if required

Tunnel AZ onto {16066, 16068, 16065}


SR-TE and Centralized Controller: 50% capex gain with better predictibility and optimality than RSVP-TE and with 1000 times less

tunnels

1000 times less

tunnels

Real Data-Set 2014

SRTE Optimization

Real Data Sets

BGP Peering Segment


Automated BGP Peering SID allocation

BGP Peering SID’s in C’s MPLS Dataplane

PeerNode SID’s:16012: pop and fwd to 1.0.1.2/3216022: pop and fwd to 1.0.2.2/3216052: pop and fwd to 1.0.5.2/32 (ecmp!)

PeerAdj SID’s:16032: pop and fwd to 1.0.3.2/3216042: pop and fwd to 1.0.4.2/32


BGP-LS extensions to signal Peering SID to controller

• The controller learns the BGP Peering SID’s and the external topology of the egress border router via BGP-LS EPE routes

BGP EPE Signalling from egress PE to Controller

BGP Prefix Segment


MSDC

• Massive Scale DC

– Built on BGP3107

• BGP Prefix Segment

– Straightforward BGP3107 extension

– BGP equivalent to IGP Prefix SID

– Any node within the topology allocates the same BGP Segment for the same switch

eBGP ipv4labeled-unicast

eBGP ipv4 unicast

https://www.nanog.org/meetings/nanog55/presentations/Monday/Lapukhov.pdfhttps://www.nanog.org/sites/default/files/wed.general.brainslug.lapukhov.20.pdf

https://www.nanog.org/meetings/nanog55/presentations/Monday/Lapukhov.pdf

https://www.nanog.org/sites/default/files/wed.general.brainslug.lapukhov.20.pdf


BGP Prefix SID

• Same benefits as IGP Prefix SID– ECMP

– Automated FRR (BGP PIC)

– Building block for Traffic Engineering

Use-Cases and Benefits


Guaranteed Link/Node FRR in any topology

50msec protection

Simplicity

Entirely automated

No directed LDP session

No RSVP-TE tunnels

Incremental deployment

Applicable to LDP primary traffic

Optimal backup path along postconvergence path

Prevents transient congestion and suboptimal routing

TI-LFA: Automated 50-msec Protection for IGP Segments


Mate Design – TILFA Simulation

• How many segments in backup chain

• Capacity analysis during FRR transient state


IPv4 MPLS Transport with FRR

• IPv4 over MPLS: the obvious way it should have been done

– Just the IGP to operate

– Sub50msec FRR integrated and automated

• Seamless migration

– SR/LDP interworking

A B

M N

PE2PE1

All VPN services ride on the prefix segment to PE2

Any service resolving on IGP IPv4 Prefix SID

Internet

VPNv4

6PE

PW


IPv6 MPLS Transport with FRR

• IPv6: the opportunity to do it right from the start

– Just the IGP to operate

– Sub50msec FRR integrated and automated

A B

M N

PE2PE1

Internet/v6 rides on the Prefix segment to PE2

Any service resolving on IGP IPv6 Prefix SID

Internet v6

VPNv6


MPLS dataplane monitoring

B C

N O

A

9101

9105

9107

9104

9101

9105

9107

9108

9104

9105

Nanog57, Feb 2013

9108 91059108

9102

9108

9102

draft-geib-spring-oam-usecase-02

OAM


Disjoint TE Service• A to Z any plane

– IGP shortest-path

– PrefixSID of Z (65)

• A to Z via blue plane

– SRTE policy pushes one additional segment “Blue Anycast” (111)

• Benefits

– ECMP

– No hop-by-hop signalling load and delay

– No midpoint state

Beta Available

16065

pkt

16065

pkt

16111


Latency TE Service

• Data from Tokyo to Brussels

– IGP shortest-path via US, higher and cheaper capacity

– PrefixSID of Brussels

• Voice from Tokyo to Brussels

– SRTE policy pushes one additional segment “Russia Anycast”

– Low-latency path

• Benefits

– ECMP

– Availability of the anycast segment against node failure

– No hop-by-hop signalling load and delay

– No midpoint state

Node segment to Brussels

Node segment to Russia

Brussels

pkt

Data

Brussels

pkt

Russia

Voice


AS1

AS2

AS3

Content producer engineers its WAN traffic to egress peers

AS4

B

C

D

E

Payload

9.9.9.9/32

Payload

PeeringSID(E)

PrefixSID (C)

Engineered Path

TE Policyinstalled by Controller

Payload

PrefixSID(B) Payload

Best BGP and IGP

Path

Payload

PeeringSID(E)

Engineered Path

ISIS/SR-based WAN

A


SR-based MSDC

• MPLS dataplane

• BGP control-plane

– No LDP, No RSVP-TE

– Integrated/Automated FRR

> no hop-by-hop manual configuration of static routes and their FRR behaviors

• Global label for easier operation

– Same SRGB at each switch

• SRTE WAN Optimization Controller applicable to DC fabric


AS1

AS2

AS3

Distributed DC for Content Engineering to local Peers

AS4

B

C

D

E

Payload

9.9.9.9/32

Payload

PeeringSID(E)

PrefixSID (C)

Engineered Path

TE Policyinstalled by Controller

Payload

PrefixSID(B) Payload

Best BGP Path

Payload

PeeringSID(E)

Engineered Path

BGP/SR-based DC Fabric


End-to-end policy from DC, through WAN to peer

vPEF

App

App

ToR Leaf Spine DCE BRLSR

BR

BR

Classify flow and push SR segment

list

SR DC SR WAN

Top Segment provides

ECMP-path to selected DCI

Next segments implement

WAN Policy:Cost vs Latency

DisjointnessSelect egress

BR

Last segment selects egress

peer




BR

BR

SR DC SR WAN

Illustrated end-to-end policy implemented by the application:

• Two service hops in the DC

• Low-latency path in the WAN

• Engineered peering exit to Internet consumer


Large-Scale Aggregation

• Only IGP/SR (no BGP)

– Automated FRR including ASBR failure

• SRGB (k) << # access nodes (100k)

• SDN Controller programs the segment list together with service creation

CoreAcces1 Acces2A 70

B72

ASBR2A 1002

ASBR2B 1002

C 72

ASBR SID’s are anycast

ASBR SID’s are unique across the entire domain

ASBR anycast prefixes and SID are redistributed within each access region

Access Nodes are provided a SID which is unique with respect to its attached ASBR’s but not necessarily unique across the whole domain

{72} leads to B within Access1{72} leads to C within Access2{1001, 72} leads to B from anywhere{1002, 72} leads to C from anywhere

ASBR1A 1001

ASBR1B 1001

Conclusion


Segment Routing

• Unified

– DC + WAN + Aggregation

– from server in the DC, through WAN and to the service edge

• Policy-aware

– DC: disjoint planes, flow-based congestion avoidance

– WAN: disjoint services, latency-sensitive traffic, scheduled bulk transfer

• Application programs the end-to-end policy

– The end-to-end policy is encoded by the application as an SR segment list in the packet header

• Balance between distributed and centralized intelligence

– Distributed: automated sub-30msec FRR link/node in any topology with optimum backup path

– Centralized: traffic optimization for better use of the installed capacity

• Applicable to MPLS and IPv6 dataplanes

• Much simpler to operate than MPLS Classic


Get involved

• All of these use-cases are either FCS or beta available

• Leverage dcloud.cisco.com virtual labs

• Get involved and provide ideas and requirements

• SR is operator driven

• Visit the lab/demo offered by Kris Michielsen

• Your help is key

Thank you.


Complete Your Online Session Evaluation

• Please complete your online sessionevaluations after each session.Complete 4 session evaluations& the Overall Conference Evaluation(available from Thursday)to receive your Cisco Live T-shirt.

• All surveys can be completed viathe Cisco Live Mobile App or theCommunication Stations

52


Leverage MPLS dataplane and services

Drastically improve MPLS control-plane while enabling new services

Simplicity, Scale, Functionality, Centralized Optimization and Programmability

Strong operator adoption and tight involvement

Innovation and Standardization

Aggressive productization by Cisco

PoC and Beta code available

Segment Routing


http://www.segment-routing.net/

Stay Informed

http://wikicentral.cisco.com/display/SLA/Segment+Routing



vPEF

App

App


BR

BR

SR DC SR WAN

Documents

Segment Routing – Updated2zmdbbm9feqrf.cloudfront.net/2015/eur/pdf/BRKRST-3122.pdf · Segment Routing • Unified – DC ... push 16065 swap 16065 to 16065 to 16065 ... Centralized