Case Study of a SP Customer running ACI based SDN Solution for Telecom Datacenter

Transcription

1

2 Case Study of a SP Customer running ACI based SDN Solution for Telecom Datacenter BRKSPG-3489 Abhishek Mande, Technical Solution Architect, Cisco Sonu Khandelwal, Technical Marketing Engineer, Cisco

3 Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#brkspg Cisco and/or its affiliates. All rights reserved. Cisco Public

4 Agenda Evolution of Telco Datacenter Customer Profile & Technical Requirements How ACI solves the challenge Looking Ahead Conclusion

5 Distributed Services Architecture of Telco Datacenter Cust Prem vbranch Analytics Access Nothing is seen today CO vbng, volt, vcmts, vpe Biz Services (vms), vran, vcdn, Analytics Edge DCs User Plane, OTT Caching, Gi-LAN Central DCs VPC, Gi-LAN, vims, Biz Services (vms), cdvr, CDN OTT Chahing Virtualized RR, Analytics Co-Lo / Peering vcvms, DN, vddos, Cloud Hosted XaaS delivered from the Multi- Cloud Remote DC Near Edge Co-Lo DCI Peering Carrier-E / Transport Edge ` DCI DCI Central Data Centers Peering VPN CPE Internet / Partner SP Edge DCI DCI DCI Peering Cust. Prem Access Aggregation Remote DC Near Edge Co-Lo Core and Edge Multi-Cloud BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 5

6 Agenda Evolution of Telco Datacenter Customer Profile & Technical Requirements Applications Datacenter Fabric How ACI solves the challenge Looking Ahead Conclusion

7 Customer Profile Subscriber 150Mn->400Mn Services Offered Unlimited voice calls 1 GB data per day per subscriber Unlimited home grown multimedia content Many more home grown application planned Challenges Extremely aggressive timelines Brownfield environment Data Capacity 1.5EB -> 6.5EB per Month Scale 1M networking elements 150K Base Station-> 250K Base Station End to End IPv6 BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 7

8 High Level Network Architecture Telco DC 31 Locations PGW, SGW, MME,WLC,ISG Other LTE /Wi-Fi backend systems IT DC OSS & BSS, CDN EPC IMS CDN CSR CSR CSR CSR WiFi MAP WiFi RAP WiFi MAP Pre-Aggregation (IP/MPLS) Aggregation (IP/MPLS) Core & Super Core (IP/MPLS) DC-WAN IGW IBR Domestic Peering Internet CSR WiFi RAP Residential OLT OLT OLT CPE STB FTTx OLT OLT Enterprise Customer / Med ISP BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 8

9 Telco Applications Requirement IMS SGW & PGW Gi-LAN CDN & OTT Caching Faster Convergence Consistent low latency Active/standby connectivity Active/standby connectivity Failover & Redundancy Optimizers Deep Packet Inspection (DPI) CG-NAT Service Chaining URL Filtering Caching managed by OTT Provider Self created Media Content Driving 25G & 100G interfaces embms PCRF Voice over Wifi DNS, AAA, DHCP IPv6 Multicast IPv4 & IPv6 connectivity Faster Convergence Consistent low latency IPv4 & IPv6 connectivity BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 9

10 Datacenter Fabric Requirement Fabric Automation Day-0 and Day-1 Controller based design Programmable North bound Interfaces for home grown tools Multi-Hypervisor support Low and Predictable Latency with minimum Network Hops Distributed default gateway IPv4, IPv6 and Dual stack connectivity Carrier Grade Availability Convergence - Less than 100msec Service Chaining Simplified Operations & Troubleshooting Security & Segmentation BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 10

11 Datacenter Fabric Protocol & Scale Requirement Physical Fabric Leaf Per Physical Fabric Multi-Speed Interfaces on Same Leaf & Spine Traffic Throughput Tbps Linerate Protocol BGPv4, BGPv6 Static route BFD IPv6 Multicast SNMP NTP TACACS Carrier Grade Scale 500 Vlans 50 VRFs 1K Mac, ARP & ND per switch 10-50K end hosts 10-20K IPv4 & IPv6 LPM addresses BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 11

12 Solution Approach Fabric Automation Day-0 and Day-1 Controller based design Programmable North bound Interfaces for home grown tools OSS & BSS Systems Multi-Hypervisor support Low and Predictable Latency with minimum Network Hops Distributed default gateway IPv4, IPv6 and Dual stack connectivity ACI Fabric Carrier Grade Availability Convergence - Less than 100msec Service Chaining Simplified Operations & Troubleshooting Security & Segmentation SGW PGW SGW PGW Gi LAN SGW EMB MS PCRF HYPERVISOR HYPERVISOR Physical Appliance BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 12

13 Agenda Evolution of Telco Datacenter Customer Profile & Technical Requirements How ACI solves the challenge Looking Ahead Conclusion

14 Application to Fabric Connectivity Spine N9508 N9732C-EX OSS & BSS, NTP, Syslog, TACACS+ Out of Band Network SAE GW DPI (L1 Device) Service Leaf N93180YC-EX SAE GW Service Leaf N93180YC-EX Border Leaf N93180LC-EX Optimizer-1 Optimizer-N CG-NAT Service IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 14

15 Application to Fabric Connectivity Spine N9508 N9732C-EX OSS & BSS, NTP, Syslog, TACACS+ Out of Band Network SAE GW DPI (L1 Device) Service Leaf N93180YC-EX SAE GW Server Leaf N93180YC-EX Service Leaf N93180YC-EX Service Leaf N93180YC-EX Service Leaf N93180YC-EX N93180LC-EX Border Leaf N93180LC-EX Optimizer-1 IMS, MME, PCRF, Voice over wifi, OTT Applications and Other Telco Appliances Optimizer-N Active/Active Firewall Cluster Active LB Standby LB CG-NAT Service IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 15

16 Application to Fabric Connectivity DNS-1 DNS-N Spine N9508 N9732C-EX OSS & BSS, NTP, Syslog, TACACS+ Out of Band Network SAE GW DPI (L1 Device) Service Leaf N93180YC-EX SAE GW 40G/100G Links Server Leaf N93180YC-EX Service Leaf N93180YC-EX Service Leaf N93180YC-EX Service Leaf N93180YC-EX N93180LC-EX Border Leaf N93180LC-EX Optimizer-1 IMS, MME, PCRF, Voice over wifi, OTT Applications and Other Telco Appliances Optimizer-N Active/Active Firewall Cluster Active LB Standby LB CG-NAT Service IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 16

17 Agenda Evolution of Telco Datacenter Customer Profile & Technical Requirements How ACI solves the challenge Automation & Scale Services Integration Migration & Operational Simplification Faster Convergence OSS & BSS Integration Looking Ahead Conclusion

18 Fully Automated Provisioning of ACI Fabric Connect switches in Spine Leaf topology Connect APICs to Leaf Pair Power on APIC and switches Input simple details like Fabric Subnet, APIC Out of Band Management IP & Login credential on APIC CIMC Login to APIC and register switches Fabric is up and running BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 18

19 Topology View BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 19

20 Automatic Policy deployment Gateway Automatic deployment of Tenant, VRF, BD (Gateway IP) when End Point is detected Vlan 100 Host A Vlan 100 Host B Vlan 100 Host C BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 20

21 Automatic Policy deployment Gateway End Point Table (Host A) (Host B) Automatic deployment of Tenant, VRF, BD (Gateway IP) when End Point is detected End Point Table (Host A) (Host B) Vlan 100 Host A Vlan 100 Host B Vlan 100 Host C BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 21

22 Automatic Policy deployment End host information into hardware tables even with same vlan is updated based on communication for better scale Gateway End Point Table (Host A) (Host B) Automatic deployment of Tenant, VRF, BD (Gateway IP) when End Point is detected End Point Table (Host A) (Host B) (Host C) End Point Table (Host B) (Host C) Vlan 100 Host A Vlan 100 Host B Vlan 100 Host C BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 22

23 Host to ACI Fabric Connectivity Gateway Vlan 100 Active/Active (vpc) links from server BRKSPG-3489 Active/Standby links from server Vlan Cisco and/or its affiliates. All rights reserved. Cisco Public 23

24 Host to ACI Fabric Connectivity Fabric Automation Day-0 and Day-1 Controller based design Multi-Hypervisor support Low and Predictable Latency with minimum Network Hops Distributed default gateway Gateway Vlan 100 Active/Active (vpc) links from server BRKSPG-3489 Active/Standby links from server Vlan Cisco and/or its affiliates. All rights reserved. Cisco Public 24

25 Agenda Evolution of Telco Datacenter Customer Profile & Technical Requirements How ACI solves the challenge Automation & Scale Services Integration Migration & Operational Simplification Faster Convergence OSS & BSS Integration Looking Ahead Conclusion

26 Gi-LAN Services

27 SAE GW Connectivity to ACI Leaf ebgp connection from ACI BorderLeaf to Active Standby Standby Active CG-NAT Service SAE GW /8 & 2000::/64 SAE GW /8 & 2001::/64 IP/MPLS Internet Subscriber Pool Subscriber Pool BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 27

28 SAE GW Connectivity to ACI Leaf Advertise subscriber pool through static route /8 -> SAE GW-1 IPv4 address 2000::1/64-> SAE GW-1 IPv6 address /8 -> SAE GW-2 IPv4 address 2001::1/64-> SAE GW-2 IPv6 address ebgp connection from ACI BorderLeaf to /8 2000::/64 Active Standby Standby Active CG-NAT Service /8 2001::/64 SAE GW /8 & 2000::/64 SAE GW /8 & 2001::/64 IP/MPLS Internet Subscriber Pool Subscriber Pool BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 28

29 SAE GW Connectivity to ACI Leaf Handling Failure No BFD No Dynamic Routing Support Active VLAN Standby SAE GW /8 & 2000::/64 Subscriber Pool VLAN Standby Active SAE GW /8 & 2001::/64 Subscriber Pool ebgp connection from ACI BorderLeaf to IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 29

30 SAE GW Connectivity to ACI Leaf Handling Failure No BFD No Dynamic Routing Support Active VLAN Standby SAE GW /8 & 2000::/64 Subscriber Pool VLAN Standby Active SAE GW /8 & 2001::/64 Subscriber Pool ebgp connection from ACI BorderLeaf to IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 30

31 SAE GW Connectivity to ACI Leaf Handling Failure Static route over SVI should be removed when both active & standby link goes down No BFD No Dynamic Routing Support Active VLAN Standby SAE GW /8 & 2000::/64 Subscriber Pool VLAN Standby Active SAE GW /8 & 2001::/64 Subscriber Pool ebgp connection from ACI BorderLeaf to IP/MPLS /8 2000::/ /8 2001::/64 Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 31

32 Handling Failure of SAE GW Delivered through APP in two weeks ctrac Static route over SVI should be removed when all interfaces in SVI goes down APP Infrastructure is available for any customer or partner to develop Apps Multiple Free Apps including ctrac for static route monitoring available at Easy way to integrate with Eco system partners Visually monitor externally routed interface states And next hop add/delete Monitoring and Troubleshooting Feature also delivered in ACI 3.1(1) Dynamic routing is being supported by SAE GW BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 32

33 Deep Packet Inspection (DPI) Services

34 Deep Packet Inspection (DPI) connectivity to ACI Leaf Inline Layer1 (L1) DPI between ACI Leaf and SAE GW DPI (L1 Device) Active Standby SAE GW /8 & 2000::/64 Subscriber Pool Standby Active SAE GW /8 & 2001::/64 Subscriber Pool Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 34

35 Service Chaining for Optimizers

36 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 OPT N N- Optimizers in a group Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 36

37 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 N- Optimizers in a group Symmetric PBR ensure return traffic choses same optimize OPT N Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 37

38 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 N- Optimizers in a group Symmetric PBR ensure return traffic choses same optimize OPT N Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 38

39 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 N- Optimizers in a group Symmetric PBR ensure return traffic choses same optimize OPT N Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 39

40 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 N- Optimizers in a group Symmetric PBR ensure return traffic choses same optimize OPT N Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 40

41 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 N- Optimizers in a group Symmetric PBR ensure return traffic choses same optimize OPT N Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 41

42 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 N- Optimizers in a group Symmetric PBR ensure return traffic choses same optimize OPT N Internet Automatic load-balancing of traffic across different optimizers based on forwarding table hash (Source IP, Destination IP, Source Port, Destination Port) BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 42

43 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 N- Optimizers in a group Symmetric PBR ensure return traffic choses same optimize OPT N Internet Automatic load-balancing of traffic across different optimizers based on forwarding table hash (Source IP, Destination IP, Source Port, Destination Port) BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 43

44 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 N- Optimizers in a group Symmetric PBR ensure return traffic choses same optimize OPT N Internet Automatic load-balancing of traffic across different optimizers based on forwarding table hash (Source IP, Destination IP, Source Port, Destination Port) BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 44

45 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 N- Optimizers in a group Symmetric PBR ensure return traffic choses same optimize OPT N Internet Automatic load-balancing of traffic across different optimizers based on forwarding table hash (Source IP, Destination IP, Source Port, Destination Port) BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 45

46 Optimizer Integration with ACI Automatic Load-balancing and Symmetry of traffic flow Flow 1 Flow 2 SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 N- Optimizers in a group Symmetric PBR ensure return traffic choses same optimize OPT N Internet Automatic load-balancing of traffic across different optimizers based on forwarding table hash (Source IP, Destination IP, Source Port, Destination Port) BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 46

47 Optimizer Integration with ACI Simplified Configuration SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 OPT N N- Optimizers in a group Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 47

48 Optimizer Integration with ACI Simplified Configuration Source EPG All prefixes learnt from SAE GW SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 OPT N N- Optimizers in a group Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 48

49 Optimizer Integration with ACI Simplified Configuration Source EPG All prefixes learnt from SAE GW Destination EPG All prefixes learnt from SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 OPT N N- Optimizers in a group Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 49

50 Optimizer Integration with ACI Simplified Configuration Source EPG All prefixes learnt from SAE GW Contract (PBR) = Any or UDP =443 YES NO Destination EPG All prefixes learnt from SAE GW Subscriber Pool SAE GW OPT 1 OPT 2 OPT 3 OPT N N- Optimizers in a group Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 50

51 Optimizer Integration with ACI Tracking Optimizer Liveliness ICMP & Tracking of Inside & Outside Interface SAE GW Subscriber Pool SAE GW Inside OPT 1 Outside OPT 2 OPT 3 OPT N N- Optimizers in a group Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 51

52 Optimizer Integration with ACI Tracking Optimizer Liveliness ICMP & Tracking of Inside & Outside Interface SAE GW Subscriber Pool SAE GW Inside OPT 1 Outside OPT 2 OPT 3 OPT N Removes whole Optimizer if either Inside or Outside interface goes down N- Optimizers in a group Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 52

53 Optimizer Integration with ACI Tracking Optimizer Liveliness ICMP & Tracking of Inside & Outside Interface Automatic Load-Balancing to remaining Optimizers after failure SAE GW Subscriber Pool SAE GW Inside OPT 1 Outside OPT 2 OPT 3 OPT N Removes whole Optimizer if either Inside or Outside interface goes down N- Optimizers in a group Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 53

54 Optimizer Integration with ACI Bypassing Optimizers to avoid congestion Traffic is directly send to internet when more than defined number of Optimizers fails SAE GW Subscriber Pool SAE GW Inside OPT 1 Outside OPT 2 OPT 3 OPT N N- Optimizers in a group Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 54

55 Firewall & Load Balancer Connectivity

56 Firewall Connectivity with ACI Packet Flow Internal servers to outside Inside BD & VRF Outside BD & VRF Inside VLAN IP outside VLAN IP ebgp connection to Inside Server Active/Active Firewall Cluster IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 56

57 Firewall Connectivity with ACI Packet Flow Internal servers to outside Inside VRF > Inside BD & VRF Outside BD & VRF Inside VLAN IP outside VLAN IP ebgp connection to Inside Server Active/Active Firewall Cluster IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 57

58 Firewall Connectivity with ACI Packet Flow Internal servers to outside Inside VRF > > Inside BD & VRF Outside BD & VRF Inside VLAN IP outside VLAN IP ebgp connection to Inside Server Active/Active Firewall Cluster IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 58

59 Firewall Connectivity with ACI Packet Flow Internal servers to outside Inside VRF > > Inside BD & VRF Outside BD & VRF Inside VLAN IP outside VLAN IP ebgp connection to Inside Server Active/Active Firewall Cluster IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 59

60 Firewall Connectivity with ACI Packet Flow Outside to Inside Server Inside BD & VRF Outside BD & VRF Inside Server Inside VLAN IP outside VLAN IP Active/Active Firewall Cluster ebgp connection to IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 60

61 Firewall Connectivity with ACI Packet Flow Outside to Inside Server Outside VRF /24-> Inside BD & VRF Outside BD & VRF Inside Server Inside VLAN IP outside VLAN IP Active/Active Firewall Cluster ebgp connection to IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 61

62 Firewall Connectivity with ACI Packet Flow Outside to Inside Server Outside VRF /24-> Inside VRF /24-> Inside BD & VRF Outside BD & VRF Inside Server Inside VLAN IP outside VLAN IP Active/Active Firewall Cluster ebgp connection to IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 62

63 Load-Balancer Connectivity with ACI Packet flow from clients to internal servers ebgp to advertise VIP ebgp to advertise VIP ebgp connection to Internal Servers Active LB Standby LB Clients IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 63

64 Load-Balancer Connectivity with ACI Packet flow from clients to internal servers clients access Load- Balancers VIP ebgp to advertise VIP ebgp to advertise VIP ebgp connection to Internal Servers Active LB Standby LB Clients IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 64

65 Load-Balancer Connectivity with ACI Packet flow from clients to internal servers Load-Balancer forward request to Internal servers clients access Load- Balancers VIP ebgp to advertise VIP ebgp to advertise VIP ebgp connection to Internal Servers Active LB Standby LB Clients IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 65

66 Load-Balancer Connectivity with ACI Packet flow from internal servers to clients ebgp to advertise VIP ebgp to advertise VIP ebgp connection to Internal Servers Active LB Standby LB Clients IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 66

67 Load-Balancer Connectivity with ACI Packet flow from internal servers to clients Internal servers sends the packet to LB ebgp to advertise VIP ebgp to advertise VIP ebgp connection to Internal Servers Active LB Standby LB Clients IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 67

68 Load-Balancer Connectivity with ACI Packet flow from internal servers to clients Internal servers sends the packet to LB Load-Balancer sends packet to clients ebgp to advertise VIP ebgp to advertise VIP ebgp connection to Internal Servers Active LB Standby LB Clients IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 68

69 IPv6 Multicast for embms Service

70 Evolved Multimedia Broadcast Multicast Service (embms) Multimedia services to end customers through IPv6 Multicast Fabric is L2 for embms Vlan (EPG) embms GW 2001::3/64 Multicast Source IP is embms GW IP 2001::3 Multicast IP ffe1::10 Default GW for Multicast service is on ::1 enodeb Joins mcast group ff1e::10 using MLDv2 IP/MPLS (PIMv6 enabled Mobile Backhaul) 2001::1/64 BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 70

71 Internet Connectivity

72 External Connectivity from ACI Fabric to Multiple Links to reach to BorderLeaf Multiple BorderLeaf for high speed internet connectivity SAE GW SAE GW ebgp connection from ACI BorderLeaf to IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 72

73 Agenda Evolution of Telco Datacenter Customer Profile & Technical Requirements How ACI solves the challenge Automation & Scale Services Integration Migration & Operational Simplification Faster Convergence OSS & BSS Integration Looking Ahead Conclusion

74 Migration

75 Migration Process 1. Collected Existing configuration 3. Created simple python scripts to develop XML based ACI configuration 5. Uploaded XML configuration using POSTMAN tool 7. Troubleshooting using ACI Operations tool 2. Mapped Existing Configuration to ACI Constructs such as Tenant, VRF, EPG, BD, L3out etc. 4. Built ACI Fabric 6. Migrated Physical ports, 30 VRF, 300+ Vlans, 200+ Static Routes, 50+ BGP neighbors BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 75

76 Migration Process Convert vlan and default GW to ACI EPG and BD interface Vlan133 vrf member SUBSCRIBER no ip redirects ip address ipv6 address 2001::100/64 hsrp version 2 hsrp 100 authentication md5 key-chain HSRP-KEY preempt delay minimum 60 reload 300 priority 254 forwarding-threshold lower 1 upper 254 ip hsrp 100 ipv6 authentication md5 key-chain HSRP-KEY preempt delay minimum 60 reload 300 priority 254 forwarding-threshold lower 1 upper 254 timers 5 15 ip 2001::1 no shutdown Created XML configuration for Tenant and VRF EPG for each Vlan Add interfaces into EPG BD for each SVI No need to configure HSRP since ACI fabric is active/active with default GW on every leaf BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 76

77 Migration Process Convert Interface configuration to Interface policies interface port-channel1 description ## Port Channel-1 for SGI LENA0 ## switchport access vlan 161 spanning-tree port type edge interface Ethernet1/1 description ## Port Channel-1 for SGI LENA0 ## switchport access vlan 161 channel-group 1 interface Ethernet1/2 description ## Port Channel-1 for SGI LENA0 ## switchport access vlan 161 channel-group 1 vpc domain 100 peer-switch role priority 90 peer-keepalive destination source delay restore 90 auto-recovery ip arp synchronize Created XML configuration for ACI Interface policies - LACP Policy, Speed, LLDP, CDP etc. Interface policy group Groups all the above policies for Regular Physical interface, PC or vpc Vlan Pool Vlans that are required for the Fabric Interface & switch profile defines the switch & interface where the policy will be applied BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 77

78 Migration Process Convert external routed neighbors to ACI L3out vrf context SUBSCRIBER ip route / track 160 name SAEGW-01 ipv6 route 2002::/ ::1 track 160 name LTE_SAEGW-01 router bgp vrf SUBSCRIBER router-id template peer SAR-IPv4 remote-as address-family ipv4 unicast send-community maximum-prefix warning-only template peer SAR-IPv6 remote-as address-family ipv6 unicast send-community both maximum-prefix warning-only neighbor 2405:200:801:c00::7b inherit peer SAR-IPv6 address-family ipv6 unicast route-map SAR-IPv6-OUT out neighbor inherit peer SAR-IPv4 address-family ipv4 unicast route-map SAR-IPv4-OUT out Created XML configuration for Static Route (L3out) Static route tracking was needed to track L2 nodes from L2/L3 aggregation router that was two Hop away. ACI Leaf is directly connected to these L2 nodes hence no need for static route tracking. BGP neighbors, route-maps, allowed prefixes (L3 out) BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 78

79 Migration Process Other Configuration Migration Created XML configuration for vzany Contract that permits communication within VRF Default policy is not to allow communication that reduced the ACL requirement NTP, SNMP, Syslog, TACACS, PBR BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 79

80 Migration Process POST Using POSTMAN Any Operating Model CLI GUI API BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 80

81 Automation for ACI Fabric in Production Self developed Provisioning tool for pushing Configuration Provisioning Tool API Calls to provisioning Tenant, VRF, BD, EPG etc. BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 81

82 Operations Simplification

83 Operations Tools Topology Dashboard Troubleshooting Wizard End Point Tracker Faults Capacity DashBoard Link Statistics Health Score Card Traffic Map Upgrade/Downgrade BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 83

84 Troubleshooting with Health Score Card Drill Down from Dashboard BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 84

85 Troubleshooting with Health Score Card BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 85

86 End Point Tracker BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 86

87 Capacity Dashboard BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 87

88 Fabric wide Traffic BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 88

89 Easy Upgrade Process for whole Fabric BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 89

90 Agenda Evolution of Telco Datacenter Customer Profile & Technical Requirements How ACI solves the challenge Automation & Scale Services Integration Migration & Operational Simplification Faster Convergence OSS & BSS Integration Looking Ahead Conclusion

91 ACI Fabric Convergence Active/Active Server IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 91

92 ACI Fabric Convergence Controller Failure - No Loss Active/Active Server IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 92

93 ACI Fabric Convergence Controller Failure - No Loss Fabric Failure - 5 to 10msec Convergence happens within ASIC Active/Active Server IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 93

94 ACI Fabric Convergence Controller Failure - No Loss Fabric Failure - 5 to 10msec Convergence happens within ASIC Access Failure - within 100msec ACI Fabric to vpc connected host failure External Connectivity Failure - within 100msec ACI Fabric to external connectivity failure Active/Active Server IP/MPLS Internet BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 94

95 Agenda Evolution of Telco Datacenter Customer Profile & Technical Requirements How ACI solves the challenge Automation & Scale Services Integration Migration & Operational Simplification Faster Convergence OSS & BSS Integration Looking Ahead Conclusion

96 OSS & BSS Integration Syslog Servers OOB Network TACACS Servers TRAP Aggregator Each ACI Switch sends TRAP Telecom Network Management platform based on SNMP BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 96

97 OSS & BSS Integration Syslog Servers OOB Network APIC aggregates traps of switches in ACI 3.1 TACACS Servers Telecom Network Management platform based on SNMP BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 97

98 ACI Integration with Splunk Syslog Splunk APP for ACI Dashboard APIC SDK BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 98

99 Agenda Evolution of Telco Datacenter Customer Profile & Technical Requirements How ACI solves the challenge Automation & Scale Services Integration Migration & Operational Simplification Faster Convergence OSS & BSS Integration Looking Ahead Conclusion

100 Management of Multiple Sites with ACI Multi-Site Solution IP Network Site 1 Site 2 Availability Zone A REST API GUI Availability Zone B Separate ACI Fabrics with independent APIC clusters ACI Multi-Site pushes cross-fabric configuration to multiple APIC clusters providing scoping of all configuration changes End-to-end policy definition and enforcement BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 100

101 Architecture for Distributed Datacenters ACI Remote Physical Leaf IP Network Main Datacenter vswitch Hypervisor Bare- Metal Any traffic that requires use of the Spine Proxy will be forwarded to the primary site(s) Remote Datacenter All local traffic is switched directly between endpoints, both virtual and bare metal BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 101

102 Questions? BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 102

103 Agenda Evolution of Telco Datacenter Customer Profile & Technical Requirements How ACI solves the challenge Automation & Scale Services Integration Migration & Operational Simplification Faster Convergence OSS & BSS Integration Looking Ahead Conclusion

104 Conclusion Automation Massive Scale Time to Market Simplicity ACI Requirement Solution Scale Simplified Operation Choices of Integration with North-bound and South-bound devices Looking Ahead Consistent Policy & Management across Geography BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 104

105 Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#brkspg Cisco and/or its affiliates. All rights reserved. Cisco Public

106 Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Complete Your Online Session Evaluation Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at Cisco and/or its affiliates. All rights reserved. Cisco Public

107 Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Tech Circle Meet the Engineer 1:1 meetings Related sessions BRKSPG Cisco and/or its affiliates. All rights reserved. Cisco Public 107

108 Thank you

109