Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SRv6 Network Programming: deployment use-cases

Presentation by Ketan Talaulikar at APRICOT 2018 on Monday, 26 February 2018.

  • Login to see the comments

SRv6 Network Programming: deployment use-cases

  1. 1. Ketan Talaulikar – Technical Leader, Routing ketant@cisco.com APRICOT 2018 Network as a computer and deployment use-cases SRv6 Network Programming
  2. 2. © 2018 Cisco and/or its affiliates. All rights reserved. © 2018 Cisco and/or its affiliates. All rights reserved. Agenda 1 SRv6 101 2 SRv6 LocalSIDs Functions 3 Deployment use-cases 4 VPN Overlay 5 Service Chainning 7 SD-WAN 6 Spray 8 5G and Network Slicing
  3. 3. © 2018 Cisco and/or its affiliates. All rights reserved. Industry at large backs up SR De-facto SDN Architecture Standardization IETF Multi-vendor Consensus Open Source Linux, VPP Strong customer adoption WEB, SP, DC, Metro, Enterprise
  4. 4. © 2018 Cisco and/or its affiliates. All rights reserved. • Source Routing • the topological and service (NFV) path is encoded in packet header • Scalability • the network fabric does not hold any per-flow state for TE or NFV • Simplicity • automation: TILFA sub-50msec FRR • protocol elimination: LDP, RSVP-TE, NSH… • End-to-End • DC, Metro, WAN Segment Routing
  5. 5. © 2018 Cisco and/or its affiliates. All rights reserved. IPv6 • leverages RFC8200 provision for source routing extension header • 1 segment = 1 address • a segment list = an address list in the SRH Two dataplane instantiations MPLS • leverage the mature MPLS HW with only SW upgrade • 1 segment = 1 label • a segment list = a label stack Segment Routing
  6. 6. © 2018 Cisco and/or its affiliates. All rights reserved. IPv6 adoption is a reality % Web pages available over IPv6 Sources: 6lab.cisco.com – Web content Cisco VNI Global IP Traffic Forecast, 2016-2021 Global IPv6 traffic grew 241% in 2016 Globally IPv6 traffic will grow 16-fold from 2016 to 2021 IPv6 will be 37% of total Internet traffic in 2021
  7. 7. © 2018 Cisco and/or its affiliates. All rights reserved. IPv6 provides reachability
  8. 8. © 2018 Cisco and/or its affiliates. All rights reserved. • Simplicity • Protocol elimination • SLA • FRR and TE • Overlay • NFV • SDN • SR is de-facto SDN architecture • 5G SRv6 – Segment Routing & IPv6 IPv6 for reachability SR for anything else
  9. 9. © 2018 Cisco and/or its affiliates. All rights reserved. IPv6 for reachability SRv6 for underlay RSVP for FRR/TE Horrendous states scaling in k*N^2
  10. 10. © 2018 Cisco and/or its affiliates. All rights reserved. IPv6 for reachability SRv6 for underlay SRv6 for Underlay Simplification through protocol reduction SLA through automated FRR and TE De-facto SDN architecture
  11. 11. © 2018 Cisco and/or its affiliates. All rights reserved. IPv6 for reachability Multiplicity of protocols and states hinder network economics SRv6 for underlay and overlay SRv6 for Underlay Simplification, FRR, TE, SDN UDP+VxLAN Overlay Additional Protocol just for tenant ID NSH for NFV Additional Protocol and State Opportunity for further simplification … Service Chaining ?
  12. 12. © 2018 Cisco and/or its affiliates. All rights reserved. SR for anything: Network as a Computer
  13. 13. © 2018 Cisco and/or its affiliates. All rights reserved. • 128-bit SRv6 SID • Locator: routed to the node performing the function • Function: any possible function either local to NPU or app in VM/Container • Flexible bit-length selection Network instruction FunctionLocator
  14. 14. © 2018 Cisco and/or its affiliates. All rights reserved. • 128-bit SRv6 SID • Locator: routed to the node performing the function • Function: any possible function either local to NPU or app in VM/Container • Arguments: optional argument bits to be used only by that SID • Flexible bit-length selection Network instruction FunctionLocator Args*
  15. 15. © 2018 Cisco and/or its affiliates. All rights reserved. Network Program Next Segment Locator 1 Function 1 Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 Locator 2 Function 2 Locator 3 Function 3
  16. 16. © 2018 Cisco and/or its affiliates. All rights reserved. Network Program Next Segment Locator 2 Function 2 Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 Locator 1 Function 1 Locator 3 Function 3
  17. 17. © 2018 Cisco and/or its affiliates. All rights reserved. Network Program Next Segment Locator 3 Function 3 Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 Locator 1 Function 1 Locator 2 Function 2
  18. 18. © 2018 Cisco and/or its affiliates. All rights reserved. Network Program in the Packet Header Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 TCP, UDP, QUIC Locator 1 Function 1Source Address Active Segment IPv6 header Segment Routing Header IPv6 payload
  19. 19. © 2018 Cisco and/or its affiliates. All rights reserved. Argument shared between functions “Global” Argument Metadata TLV Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 TAG
  20. 20. © 2018 Cisco and/or its affiliates. All rights reserved. Group-Based Policy Metadata TLV Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 TAG
  21. 21. © 2018 Cisco and/or its affiliates. All rights reserved. SRv6 Header Metadata TLV Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 TAG
  22. 22. © 2018 Cisco and/or its affiliates. All rights reserved. SRv6 for anything Optimized for HW processing e.g. Underlay & Tenant use-cases Optimized for SW processing e.g. NFV, Container, Micro-Service Metadata TLV Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 TAG
  23. 23. © 2018 Cisco and/or its affiliates. All rights reserved. SRv6 for anything Turing Metadata TLV Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 TAG
  24. 24. © 2018 Cisco and/or its affiliates. All rights reserved. • Standardization • Multi-Vendor Consensus Lead Operators
  25. 25. © 2018 Cisco and/or its affiliates. All rights reserved. SRv6 LocalSIDs
  26. 26. © 2018 Cisco and/or its affiliates. All rights reserved. • For simplicity function 1 denotes the most basic function • Shortest-path to the Node Endpoint function A1 A1:: A3 A3:: A2 A2:: A5 A5:: A4 A4:: 50 A6 A6:: A7 A7:: A8 A8:: Default metric 10 SR: 〈A4::1, A6::1, A8::〉 >VPP: show sr localsid LocalSID Behavior A6::1 End Total SR LocalSIDs: 1 >VPP: show sr localsid LocalSID Behavior A4::1 End Total SR LocalSIDs: 1
  27. 27. © 2018 Cisco and/or its affiliates. All rights reserved. Endpoint then xconnect to neighbor function A1 A1:: A3 A3:: A2 A2:: A5 A5:: A4 A4:: 50 A6 A6:: A7 A7:: A8 A8:: Default metric 10 SR: 〈A4::C5, A6::1, A8::〉 >VPP: show sr localsid LocalSID Behavior A6::1 End Total SR LocalSIDs: 1 >VPP: show sr localsid LocalSID Behavior A4::C5 End.X {TenGE0/1/0 A5::} Total SR LocalSIDs: 1 • For simplicity Ak::Cj denotes: • Shortest-path to the Node K and then x-connect (function C) to the neighbor J
  28. 28. © 2018 Cisco and/or its affiliates. All rights reserved. SID allocation for illustration purposes A1 A1:: A3 A3:: A2 A2:: A5 A5:: A4 A4:: 50 A6 A6:: A7 A7:: A8 A8:: Default metric 10 SR: 〈A4::C5, A6::1, A8::〉 >VPP: show sr localsid LocalSID Behavior A6::1 End Total SR LocalSIDs: 1 >VPP: show sr localsid LocalSID Behavior A4::C5 End.X {TenGE0/1/0 A5::} Total SR LocalSIDs: 1 • Node K advertises prefix Ak::/64 • Each node Ak has a function ::1 associated with End behavior • Each node Ak has a function ::Cj associated with End.X behavior to neighbor j
  29. 29. © 2018 Cisco and/or its affiliates. All rights reserved. Deployment use-cases
  30. 30. © 2018 Cisco and/or its affiliates. All rights reserved. • 50msec Protection upon local link, node or SRLG failure • Simple to operate and understand • automatically computed by the router’s IGP process • 100% coverage across any topology • predictable (backup = postconvergence) • Optimum backup path • leverages the post-convergence path, planned to carry the traffic • avoid any intermediate flap via alternate path • Incremental deployment • Distributed and Automated Intelligence TILFA 2 4 6 5 1 A5::0 A5::/64 Pri → via 5 A2::C4 A5::0 FRR → insert A2::C4 A5::0 <50mec FRR 100
  31. 31. © 2018 Cisco and/or its affiliates. All rights reserved. • IGP minimizes cost instead of latency Distributed & Automated TE SFO 4 NY 5 BRU 1 MOS 2 TOK 3 A2::0 A3::0 A3::0 FIB A2::/64 → OIF MOS A3::/64 → OIF NY FIB A3::/64 → OIF TOK BGP Advert X/64 Advert Y/64 with Latency
  32. 32. © 2018 Cisco and/or its affiliates. All rights reserved. • Distributed and Automated Intelligence • Dynamic SRTE Policy triggered by learning a BGP route with SLA contract • No PBR steering complexity, No PBR performance tax, No RSVP, No tunnel to configure Distributed & Automated TE SFO 4 NY 5 BRU 1 MOS 2 TOK 3 Y/64 via A3::0 Low-Latency X/64 via A3::0 along IGP path BGP X/64 → A3::0 Y/64 → A3::0 with Lat. FIB A2::/64 → OIF MOS A3::/64 → OIF NY X/64 → A3::0 Y/64 → insert <A2::1, A3::1> On-Demand distributed TE
  33. 33. © 2018 Cisco and/or its affiliates. All rights reserved. Input Acquisition • BGP-LS • Telemetry Policy Instantiation • PCEP • BGP-TE • Netconf / Yang Algorithm • SR native Centralized TE DC (BGP-SR) 10 11 12 13 14 2 4 6 5 7 WAN (IGP-SR) 3 1 PEER Low Lat, Low BW 50 Default ISIS cost metric: 10 <A1::1, A2::C4, A4::C7> Low-Latency to 7 for application …
  34. 34. © 2018 Cisco and/or its affiliates. All rights reserved. • Automated • No tunnel to configure • Simple • Protocol elimination • Efficient • SRv6 for everything Overlay 1 2 4 V/64 3 T/64 IPv6 Hdr SA = A1::0, DA = A2::C4 Payload IPv6 Hdr SA = T::1, DA = V::2 Green Overlay V/64 via A2::C4 IPv6 Hdr SA = T::1, DA = V::2 Payload IPv6 Hdr SA = T::1, DA = V::2 Payload
  35. 35. © 2018 Cisco and/or its affiliates. All rights reserved. • Automated • No tunnel to configure • Simple • Protocol elimination • Efficient • SRv6 for everything • All VPN services • L2, IPv4, IPv6 Overlay - VPNs 1 2 4 10.0.4.0/24 3 10.0.3.0/24 IPv4 Hdr SA = 10.0.3.1, DA = 10.0.4.1 Payload IPv6 Hdr SA = T::1, DA = V::2 Green Overlay 10/8 via A2::C4 IPv4 Hdr SA = 10.0.3.1, DA = 10.0.4.1 Payload IPv4 Hdr SA = 10.0.3.1, DA = 10.0.4.1 Payload
  36. 36. © 2018 Cisco and/or its affiliates. All rights reserved. • SRv6 does not only eliminate unneeded overlay protocols • SRv6 solves problems that these protocols cannot solve Overlay with Underlay Control 1 2 4 V/64 3 T/64 Green Overlay V/64 via A2::C4 with Latency IPv6 Hdr SA = T::1, DA = V::2 Payload IPv6 Hdr SA = T::1, DA = V::2 Payload 3 IPv6 Hdr SA = A1::0, DA = A3::1 Payload IPv6 Hdr SA = T::1, DA = V::2 SR Hdr < A3::1, A2::C4 > IPv6 Hdr SA = A1::0, DA = A2::C4 Payload IPv6 Hdr SA = T::1, DA = V::2 SR Hdr < A3::1, A2::C4 >
  37. 37. © 2018 Cisco and/or its affiliates. All rights reserved. • Stateless • NSH creates per-chain state in the fabric • SR does not • App is SR aware or not • App can work on IPv4, IPv6 or L2 Integrated NFV 1 2 4 V/64 3 T/64 4 App 76 VM Server 5 5 3 App 32 Container Server 3IPv6 HdrSA = A1::0, DA = A3::A32 Payload IPv6 Hdr SA = T::1, DA = V::2 SR Hdr < A3::A32, A4::1, A5::A76, A2::C4 > IPv6 Hdr SA = T::1, DA = V::2 Payload
  38. 38. © 2018 Cisco and/or its affiliates. All rights reserved. • Integrated with underlay SLA Integrated NFV 1 2 4 V/64 3 T/64 4 App 76 VM Server 5 5 3 App 32 Container Server 3 IPv6 Hdr SA = A1::0, DA = A4::1 Payload IPv6 Hdr SA = T::1, DA = V::2 SR Hdr < A3::A32, A4::1, A5::A76, A2::C4 >
  39. 39. © 2018 Cisco and/or its affiliates. All rights reserved. • Stateless • NSH creates per-chain state in the fabric • SR does not • App is SR aware or not • App can work on IPv4, IPv6 or L2 Integrated NFV 1 2 4 V/64 3 T/64 4 App 76 VM Server 5 5 3 App 32 Container Server 3 IPv6 HdrSA = A1::0, DA = A5::A76 Payload IPv6 Hdr SA = T::1, DA = V::2 SR Hdr < A3::A32, A4::1, A5::A76, A2::C4 >
  40. 40. © 2018 Cisco and/or its affiliates. All rights reserved. • Integrated with Overlay Integrated NFV 1 2 4 V/64 3 T/64 4 App 76 VM Server 5 5 3 App 32 Container Server 3 IPv6 Hdr SA = A1::0, DA = A2::C4 Payload IPv6 Hdr SA = T::1, DA = V::2 SR Hdr < A3::A32, A4::1, A5::A76, A2::C4 > IPv6 Hdr SA = T::1, DA = V::2 Payload
  41. 41. © 2018 Cisco and/or its affiliates. All rights reserved. Endpoint behaviors specs summary Codename Behavior End Endpoint [PSP/USP flavors] End.X Endpoint with Layer-3 cross-connect [PSP/USP flavors] End.B6 Endpoint bound to an SRv6 policy End.B6.Encaps Endpoint bound to an SRv6 Encapsulation policy End.DX6 Endpoint with decapsulation and IPv6 cross-connect (per-CE VPN label) End.DX4 Endpoint with decapsulation and IPv4 cross-connect (per-CE VPN label) End.DT6 Endpoint with decapsulation and specific IPv6 table lookup (per-VRF VPN label) End.DT4 Endpoint with decapsulation and specific IPv4 table lookup (per-VRF VPN label) End.DX2 Endpoint with decapsulation and Layer-2 cross-connect Codename Behavior End Endpoint [PSP/USP flavors] End.X Endpoint with Layer-3 cross-connect [PSP/USP flavors] End.B6 Endpoint bound to an SRv6 policy End.B6.Encaps Endpoint bound to an SRv6 Encapsulation policy End.DX6 Endpoint with decapsulation and IPv6 cross-connect (per-CE VPN label) End.DX4 Endpoint with decapsulation and IPv4 cross-connect (per-CE VPN label) End.DT6 Endpoint with decapsulation and specific IPv6 table lookup (per-VRF VPN label) End.DT4 Endpoint with decapsulation and specific IPv4 table lookup (per-VRF VPN label) Codename Behavior End Endpoint [PSP/USP flavors] End.X Endpoint with Layer-3 cross-connect [PSP/USP flavors] End.B6 Endpoint bound to an SRv6 policy End.B6.Encaps Endpoint bound to an SRv6 Encapsulation policy Codename Behavior End Endpoint [PSP/USP flavors] End.X Endpoint with Layer-3 cross-connect [PSP/USP flavors] Codename Behavior End Endpoint [PSP/USP flavors] End.X Endpoint with Layer-3 cross-connect [PSP/USP flavors] End.DT2U/M Endpoint with decapsulation and Layer-2 unicast lookup / flooding (EVPN) End.BM Endpoint bound to an SR/MPLS Policy
  42. 42. © 2018 Cisco and/or its affiliates. All rights reserved. Transit behaviors specs summary Codename Behavior T Transit T.Insert Transit with insertion of an SRv6 policy T.Encaps Transit with encapsulation in an SRv6 policy T.Encaps.L2 Transit with encapsulation of L2 frame in an SRv6 policy Codename Behavior T Transit T.Insert Transit with insertion of an SRv6 policy T.Encaps Transit with encapsulation in an SRv6 policy Codename Behavior T Transit T.Insert Transit with insertion of an SRv6 policy Codename Behavior T Transit
  43. 43. © 2018 Cisco and/or its affiliates. All rights reserved. • IGP: • Local SIDs expressing topological functions • e.g. End, End.X for TE and TI-LFA • BGP-LS: • SRv6 capabilities • e.g. How many SIDs can I push efficiently? • My Local SID Table • BGP IP/VPN: • Local SIDs expressing the VPN functionalities • e.g. End.DX2, End.DX4, End.DX6, End.DT4, End.DT6 Signaling
  44. 44. © 2018 Cisco and/or its affiliates. All rights reserved. Endpoint functions signaling Codename Behavior IGP BGP-LS BGP IP/VPN End Endpoint + [PSP/USP] X X End.X Endpoint with Layer-3 cross-connect + [PSP/USP] X X End.B6 Endpoint bound to an SRv6 policy X End.B6.Encaps Endpoint bound to an SRv6 Encapsulation policy X End.DX6 Endpoint with decapsulation and IPv6 cross-connect X X X End.DX4 Endpoint with decapsulation and IPv4 cross-connect X X End.DT6 Endpoint with decapsulation and specific IPv6 table lookup X X X End.DT4 Endpoint with decapsulation and specific IPv4 table lookup X X End.DX2 Endpoint with decapsulation and Layer-2 cross-connect X X
  45. 45. © 2018 Cisco and/or its affiliates. All rights reserved. Service chaining
  46. 46. © 2018 Cisco and/or its affiliates. All rights reserved. Service Chaining Packets from are steered through a sequence of services on their way to the server
  47. 47. © 2018 Cisco and/or its affiliates. All rights reserved. Packets from are steered through a sequence of services on their way to the server Service Chaining – traditional approach • Services are placed on the traffic route • Static configurations • Traffic bottlenecks
  48. 48. © 2018 Cisco and/or its affiliates. All rights reserved. Service Chaining with NSH • Dedicated encapsulation header • State to be maintained for each service chain Packets from are steered through a sequence of services on their way to the server
  49. 49. © 2018 Cisco and/or its affiliates. All rights reserved. • Services are expressed with segments • Flexible • Scalable • Stateless Packets from are steered through a sequence of services on their way to the server Service Chaining with SRv6 S1 S2 S3 DSR: 〈S1, S2, S3, D〉
  50. 50. © 2018 Cisco and/or its affiliates. All rights reserved. • Services are expressed with segments • Flexible • Scalable • Stateless Packets from are steered through a sequence of services on their way to the server Service Chaining with SRv6 S1 S2 S3 DSR: 〈S1, C1, S2, S3, D〉 C1
  51. 51. © 2018 Cisco and/or its affiliates. All rights reserved. SR-UnAware VNFs: • Application is not aware of SR at all • Leverage VPP as a vm/container vSwitch to do SRv6 processing Service Chaining with SRv6 SR-Aware VNFs: • Leverage SRv6 Kernel support to create smarter applications • SERA: SR-Aware Firewall (extension to iptables) Types of VNFs
  52. 52. © 2018 Cisco and/or its affiliates. All rights reserved. • Linux Kernel 4.14 includes support for TE and VPN functions • srext module complements Linux Kernel and provides full support for SRv6 Network Programming • SERA: SR-aware firewall • Firewall rules based on the SRH • Firewall actions on the SRH SRv6 support in the Linux Kernel
  53. 53. © 2018 Cisco and/or its affiliates. All rights reserved. • Extensible framework that provides out-of-the-box production quality switch/router functionality (dataplane only) • We’ve implemented the entire SRv6 Network Programming on it Vector Packet Processing Extremely fast Packet processing stack Open Source Runs on commodity CPU
  54. 54. © 2018 Cisco and/or its affiliates. All rights reserved. • End.AM – Endpoint to SR-unaware app via masquerading • End.AD – Endpoint to SR-unaware app via dynamic proxy • End.ASM – Endpoint to SR-unaware app via shared memory SR-UnAware VNFs S1 DSR: 〈S1, C1, S2, S3, D〉 C1 S2 S3
  55. 55. © 2018 Cisco and/or its affiliates. All rights reserved. • Why Application Responsive Networking? • Revenue opportunities are moving towards the applications (hosted experiences, contextual experiences, etc) • Applications have no visibility over the network or mechanisms to request optimization objectives • IETF: Path Aware Networking RG (panrg) “This proposed research group aims to support research in bringing path awareness to transport and application layer protocols…” • Smarter applications allows to distribute function processing over the network’s edges • Let’s rethink service chains policies • Leverage ”Loc::Fun:Arg” SRv6 SID format to embed function parameters • Leverage TLVs for complex metadata or in-band telemetry SR to the Host B1:2605:A800:FFFE:1111:A100: :0100Firewall with Policy Identifier -> Policy ID C1:2605:A800:FFFE:1111:A100: :1234Rate-Limiting Policy -> Threshold D1:2605:A800:FFFE:1111:A100: A15 : 273Video transcoder -> Format/bitrate F1:2605:A800:FFFE:1111:A100: A :0512JIT video packaging -> Package format Locator Function Arguments
  56. 56. © 2018 Cisco and/or its affiliates. All rights reserved. © 2018 Cisco and/or its affiliates. All rights reserved. Agenda 1 SRv6 101 2 SRv6 LocalSIDs functions 3 Deployment use-cases 4 VPN Overlay 5 Service Chaining 7 SD-WAN 6 Spray 8 5G and network slicing
  57. 57. © 2018 Cisco and/or its affiliates. All rights reserved. GW1 C::1 GW3 C::3 GW5 C::5 Content Provider Replicate traffic to every CMTS through TE-Engineered core path then to access mcast tree then to anycast TV 2 3 SRv6 domain (Unicast) SRv6 node Non SRv6 node Peering to Content Provider Multicast domain Subscribed to M1 channel Flexible, SLA-enabled and efficient content injection without multicast core Spray CMTS4 4 CMTS5 5 Spray Policy 2: <B3::1, B5::1, M1> Spray Policy 1: <B2::1, B4::1, M1> Unicasted VPP1 B::1
  58. 58. © 2018 Cisco and/or its affiliates. All rights reserved. GW1 C::1 GW3 C::3 GW5 C::5 Content Provider Perform video transcoding 2 3 SRv6 domain (Unicast) SRv6 node Non SRv6 node Peering to Content Provider Multicast domain Subscribed to M1 channel Efficient distribution with flexible video processing Spray + Service Pipeline CMTS4 4 CMTS5 5 BSID A3::10 (Spray): <B2::1, B4::1> <B3::1, B5::1> VPP3 A3:: VPP1 A1:: VPP2 A2:: SR Policy: <A2::1, A3::10, M1>
  59. 59. © 2018 Cisco and/or its affiliates. All rights reserved. SD-WAN
  60. 60. © 2018 Cisco and/or its affiliates. All rights reserved. • A Binding SID is a unique ‘alias’ of an SR policy. * • If a packet arrives with the BSID, then the SR policy is applied on such packet • Several Binding SIDs may point to the same SR policy • Upon topology changes within the core of the network, the low-latency path may change. While the path of an intermediate policy changes, its BSID does not change. • Provides scaling, network opacity and service independence. • A BSID acts as a stable anchor point which isolates one domain from the churn of another domain. Binding SID * Naïve definition of a BSID
  61. 61. © 2018 Cisco and/or its affiliates. All rights reserved. • Delegates the application recognition and policy decision to the Entreprise who knows better when an application needs a non- default path and which non-default path is needed • NFV service chaining and Traffic-Engineering policies can be integrated in a SR policy • Applicability to both SR-MPLS and SRv6 • To simplify, let’s focus on • TE/SLA policy • SRv6 SD-WAN
  62. 62. © 2018 Cisco and/or its affiliates. All rights reserved. • Lisbon (1) to Athens (7) • Default • <A7::> • BW: Guaranteed 50Mbps • <A10::1, A11::1, A7::> • BSID: A1::999:1 • Low-Latency • <A9::1, A7::> • BSID: A1::999:2 1 2 3 4 5 6 7 8 9 Default Latency A1::999:2 10 11 A1::999:1 BW Default versus BW versus Latency
  63. 63. © 2018 Cisco and/or its affiliates. All rights reserved. • E1 encrypts the inner packet and encapsulate in outer packet to E2 • E1 does not push any BSID App needs best-effort E1 E2 App 1 needs default Site 2 push no BSID
  64. 64. © 2018 Cisco and/or its affiliates. All rights reserved. • E1 encrypts the inner packet and encapsulate in outer packet to E2 • E1 pushes A1::999:1 • The network provides the guaranteed BW service to App2 App needs guaranteed BW E1 E2 App 2 needs 10Mbps Site 2 push A1::999:1
  65. 65. © 2018 Cisco and/or its affiliates. All rights reserved. • E1 encrypts the inner packet and encapsulate in outer packet to E2 • E1 pushes A1::999:2 • The network provides the low-latency service to App3 App needs low-latency E1 E2 App 3 needs low-latency Site 2 push A1::999:2
  66. 66. © 2018 Cisco and/or its affiliates. All rights reserved. • App 4 needs flow F4A and F4B to reach site 2 via disjoint paths • E1 encrypts the inner packets and encapsulate in outer packet to E2 • For F4A, E1 additionally pushes A1::999:3 • For F4B, E1 additionally pushes A1::999:4 Disjointness E1 E2 push A1::999:4 push A1::999:3 Flow 4A Flow 4B Site 2
  67. 67. © 2018 Cisco and/or its affiliates. All rights reserved. • Identifier for a customized SLA per application per Entreprise • Secured • Per-BSID counters for usage-based billing • Delegates the application recognition and policy decision to the Entreprise who knows better when an application needs a non-default path and which non-default path is needed Binding SID is crucial in SD-WAN
  68. 68. © 2018 Cisco and/or its affiliates. All rights reserved. • Enterprise-based • Enterprise can easily monitors each individual service • Simply sends the probes with the related BSID • Service Provider-based • The SP can enable per-SR-policy performance monitoring (latency/loss) • These metrics can be leveraged by SDWAN controller and provided to the Enterprise • BSID Metadata to select which application to steer Performance monitoring
  69. 69. © 2018 Cisco and/or its affiliates. All rights reserved. 5G and Network Slicing
  70. 70. © 2018 Cisco and/or its affiliates. All rights reserved. • Well fragmented RAN, EPC, SGi • Inefficient data paths • Protocol stack gets large • Per-session tunnel creation • Per-mobility event tunnel handling Current mobility networks UE eNB SGW SGW L2 Anchor PGW L3 Anchor Service Functions Internet Does not scale to 5G requirements: • Increased number of connected devices • Ultra-low latency • Network slicing • Mobile edge computing
  71. 71. © 2018 Cisco and/or its affiliates. All rights reserved. • What about if SRv6 becomes an alternative to GTP-U? • Removing the per-session tunneling has obvious benefits • Optimal data path (ultra-low latency) • Integrated service chaining • Native support for network slicing • Achieved either via a centralized SDN solution or via SR TE with IGP FlexAlg • Optimal resource utilization • Well-progressed standardization • IETF: draft-ietf-dmm-srv6-mobile-uplane-00 • 3GPP: Accepted study item in CT4 (#29.892) SRv6 for mobile user-plane
  72. 72. © 2018 Cisco and/or its affiliates. All rights reserved. Multi-cloud overlays
  73. 73. © 2018 Cisco and/or its affiliates. All rights reserved. snort Cisco ASAv VPC • How do you interconnect several cloud-provider regions (as an end-customer)? • Transit is plain IPv6 which we do not control • Let’s use SRv6 for the overlay and service chaining only • Deployed VPP as VPC gateway Multi-cloud overlays All nodes in green are SRv6 capable Server 2 iptables Server 1 Internet Cloud provider A in region 1 Cloud provider B in region 2 Cloud provider A in region 2 VPP VPC VPP VPC VPP
  74. 74. © 2018 Cisco and/or its affiliates. All rights reserved. Multi-cloud use-case VPP C2 snort 4 Cisco ASAv All nodes in green are SRv6 capable VPP C3 Server 2 iptables VPP C1 Server 1 Internet Cloud provider A in region 1 Cloud provider B in region 2 Cloud provider A in region 2 IPv6 Hdr SA = C1::, DA = C2::C4 SR Hdr ( C3::C2, C2::C4 ) SL=1 IPv4 Hdr SA = 1.1.1.0, DA = 2.2.2.2 Payload IPv4 Hdr SA=1.1.1.0, DA=2.2.2.2 Payload IPv4 Hdr SA=1.1.1.0, DA=2.2.2.2 Payload IPv6 Hdr SA = C1::, DA = C3::C2 SR Hdr ( C3::C2, C2::D3 ) SL=0 IPv4 Hdr SA = 1.1.1.0, DA = 2.2.2.2 Payload
  75. 75. © 2018 Cisco and/or its affiliates. All rights reserved. Where are we?
  76. 76. © 2018 Cisco and/or its affiliates. All rights reserved. Mar 2017 Apr 2017 Jun 2017 Aug 2017 2018Apr 2016 May 2017 SRv6 timeline First SRv6 demo: Spray use-case VPP ASR9k ASR1k NCS55xx First SRv6 HW demo in merchant sillicon VPN DP use-case Cisco Live US SRv6 VPN ASR1k ASR9k NCS55xx VPP+NFV BGP Control Plane SD-WAN summit SRv6 for the SD-WAN ASR1k SRv6 VPN+NFV: MPLS World Con. VPP Linux Barefoot SRv6 VPN HW demo SR VPN InterOp Fretta ASR9k ASR1k VPP Linux Barefoot More to come… 5G + Network slicing Sep 2017
  77. 77. © 2018 Cisco and/or its affiliates. All rights reserved.  2018 Cisco and/or its affiliates. All rights reserved. Implementations • Cisco HW – NCS5k - XR – ASR9k - XR – ASR1k – XE • Open-Source – Linux 4.10 – FD.IO • Barefoot HW • Others …
  78. 78. © 2018 Cisco and/or its affiliates. All rights reserved.  2018 Cisco and/or its affiliates. All rights reserved. • VPN (v4 and v6) & TE & NFV • Cisco HW with XR and XE • Barefoot HW with P4 code • FD.IO • Linux blogs.cisco.com/sp/segment-routing-ipv6-interoperability-demo-is-already-there
  79. 79. © 2018 Cisco and/or its affiliates. All rights reserved. Conclusion
  80. 80. © 2018 Cisco and/or its affiliates. All rights reserved. • Bold architecture • Numerous use-cases • FRR, TE, SDN, Overlay with SLA, NFV, Spray, SD-WAN, 5G & NS, ... • First HW implementation demonstrated • First FCS, field trial and deployment • Feel free to join the lead-operator team! SRv6 Leadership
  81. 81. © 2018 Cisco and/or its affiliates. All rights reserved. • Track-record collaboration with operators • Focus on real operator needs • Seamless Deployment • Standardization • Multi-Vendor consensus • Looking forward to working together Partnering
  82. 82. © 2018 Cisco and/or its affiliates. All rights reserved. IPv6 provides reachability
  83. 83. © 2018 Cisco and/or its affiliates. All rights reserved. SRv6 unleashes IPv6 potential Scalability Single protocol NFVVPNFRRTE Automation
  84. 84. © 2018 Cisco and/or its affiliates. All rights reserved. Stay Up-To-Date http://www.segment-routing.net/ https://www.linkedin.com/groups/8266623 https://twitter.com/SegmentRouting https://www.facebook.com/SegmentRouting/
  85. 85. Thank you! ketant@cisco.com www.segment-routing.net

×