Advanced Topics and Future Directions in MPLS

Transcription

1 Toronto, Canada May 30, 2013 Advanced Topics and Future Directions in MPLS Matt Gillies Customer Solutions Architect Cisco and/or its affiliates. All rights reserved. Cisco Connect 1

2 Agenda IETF Update Unified MPLS Ethernet Virtual Private Network Segment Routing Summary 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 2 2

3 IETF update 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 3

4 Internet Engineering Task Force Responsible for MPLS standardization Six active working groups MPLS Layer 3 Virtual Private Networks (L3VPN) Pseudowire Edge-to-Edge (PWE3) Layer 2 Virtual Private Networks (L2VPN) Common Control and Measurement Plane (CCAMP) Path Computation Element (PCE) 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 4 4

5 MPLS Working Group Defined MPLS architecture and base protocols (LDP, RSVP-TE) Over 130 RFCs published to date Mature set of IP/MPLS specifications for both unicast and multicast Areas of focus MPLS Transport Profile (MPLS-TP) Seamless MPLS (building large scale, consolidated MPLS networks) 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 5 5

6 L2VPN WG Mature specifications for: -Virtual Private Wire Service (VPWS): point-to-point L2 service -Virtual Private LAN Service (VPLS): multipoint-to-multipoint Ethernet service New service definition: - Virtual Private Multicast Service (VPMS): point-to-multipoint L2 service Areas of focus -Enhancing VPLS - Ethernet VPN (E-VPN) and PBB Ethernet VPN (PBB-EVPN) -Optimizing E-Tree support over VPLS No major RFC publications in recent past 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 6 6

7 IETF Summary Rich set of MPLS specifications covering MPLS forwarding (unicast and multicast) Layer-3 and layer-2 services (unicast and multicast) Current main focus areas: Seamless MPLS MPLS transport profile (MPLS-TP) L2VPN enhancements (PBB-EVPN, VPMS) Segment Routing ( ISIS WG ) 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 7 7

8 Unified MPLS 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 8

9 Introduction End-to-end, high-scale MPLS transport architecture for any service Simplifies end to end architecture by eliminating control and management plane translations inherent in legacy designs (MPLS, Ethernet, IP, ATM, etc) Enables flexible placement of the L3 and L2 service termination Delivers a new level of scale for MPLS transport with RFC-3107 hierarchical labeled BGP LSPs Provides simplified carrier class operations with end to end OAM, Performance Monitoring and protection 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 9 9

10 Evolving MPLS Networks ACCESS AGG EDGE CORE EDGE AGG ACCESS L2 L2VPN PE L3VPN PE IP MPLS L2VPN PE L3VPN PE L2 L2 + IP L2VPN PE L3VPN PE IP MPLS L3VPN PE L2VPN PE L2+ IP L2VPN PE IP L3VPN PE L3VPN PE IP IP MPLS L2VPN PE L2VPN PW 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 10 10

11 IP NGN Scaling Number of Nodes Core Nodes few 10s IP Edge Nodes s Distribution Nodes 100s 1,000s Aggregation Nodes 1,000s 10,000s Access Nodes 10,000s 100,000s Transport CPE / NT 100,000s 1,000,000 As MPLS moves into aggregation and access number of nodes increases sharply 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 11 11

12 Unified MPLS Requirements Access Aggregation Core Aggregation Access PE MPLS ABR ABR PE MPLS MPLS Minimize management touch points for service provisioning Minimize network state Flexibility in service termination High network availability (protection or fast restoration) End-to-end MPLS forwarding with a single routing domain 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 12 12

13 Scale Challenges with Traditional MPLS Network Designs Access Aggregation Core Aggregation Access PE MPLS ABR ABR PE MPLS MPLS Building end-to-end LSPs between access devices requires flooding loopback prefixes IGP protocol would be required to support 100K prefixes Access devices would need to support 100K prefixes and 200K label (assuming two paths per prefix) Prefix aggregation with LDP inter-area LSPs can only partially alleviate scale challenge 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 13 13

14 Hierarchal End-to-End LSP Access Aggregation Core Aggregation Access PE MPLS ABR ABR PE MPLS MPLS Inter-domain LSP Intra-domain LSP Intra-domain LSP Intra-domain LSP Hierarchical LSP approach with two transport labels (intra domain and inter domain) Intra domain (IGP+LDP or RSVP-TE) Inter domain (ibgp+label per RFC3107) No IP prefix redistribution between IGP domains Only access nodes and ABRs have reachability information for other access nodes BGP Inbound prefix filtering and Outbound Route Filtering (ORF) help reduce network state 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 14 14

15 Control Plane Operation (Pseudowire) PE1 P ABR1 P ABR2 P PE2 LDP / RSVP-TE LDP / RSVP-TE LDP / RSVP-TE LDP / RSVP-TE LDP / RSVP-TE LDP / RSVP-TE ibgp IP+Label ibgp IP+Label ibgp IP+Label T-LDP 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 15

16 Forwarding Plane Operation (Pseudowire) PE1 P ABR1 P ABR2 P PE2 Push Push Push Pop Swap Push Pop Pop Push Pop Pop IGP Label IGP Label BGP Label BGP Label BGP Label BGP Label IGP Label PW Label PW Label PW Label PW Label PW Label PW Label Payload Payload Payload Payload Payload Payload Payload Payload 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 16

17 Network Availability Access Aggregation Core Aggregation Access ibgp (IP+Label) ibgp (IP+Label) ibgp (IP+Label) PE MPLS ABR ABR PE MPLS MPLS Restoration/protection for intra-domain LSP can rely on IGP Fast Convergence, IP FRR or MPLS-TE FRR Restoration/protection for inter-domain (ibgp IP+Label) can use BGP Prefix Independent Convergence 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 17 17

18 Applicability and Deployment Considerations Unified MPLS benefits become more compelling as network scale increases Architecture leverages existing mechanisms (no major protocol extensions required) Architecture allows for numerous design variations (e.g. MPLS to access, MPLS to aggregation, static labels, LDP DoD, etc.) 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 18 18

19 Ethernet VPN 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 19

20 Motivation for EVPN Technology evolution requirements Multi-homing Scale (MAC-addresses, Number of Service Instances) Load balancing Optimal Forwarding Multicast optimization Multi-tenancy Enhancements bring benefits to L2 services: Business services Mobile backhaul Data center interconnect (DCI) solution Ent DC1 PE CE DCPE DCE DCE SP DC1 Enterprise DCI back door DCPE SP NGN Ent DC2 PE CE SP DC2 Standalone DCI network 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 20 20

21 Ethernet VPN Highlights Next generation solution for Ethernet multipoint connectivity services Data-plane address learning from Access Control-plane address advertisement / learning over Core PEs run Multi-Protocol BGP to advertise & learn MAC addresses over Core Learning on PE Access Circuits via data-plane transparent learning VID 100 SMAC: M1 DMAC: F.F.F CE1 PE1 PE3 CE3 No pseudowires Unicast: use MP2P tunnels Multicast: use ingress replication over MP2P tunnels or use LSM Full-Mesh of PW no longer required Under standardization at IETF draftietf-l2vpn-evpn PE2 MPLS BGP MAC adv. Route E-VPN NLRI MAC M1 via PE1 PE Cisco and/or its affiliates. All rights reserved. Cisco Connect 21

22 PBB Ethernet VPN Highlights Combines Ethernet Provider Backbone Bridging (PBB - IEEE 802.1ah) with Ethernet VPN Data-plane address learning from Core Remote C-MAC to remote B-MAC binding Control-plane address advertisement / learning over Core (B-MAC) PEs perform as PBB Backbone Edge Bridge (BEB) Reduces number of BGP MAC advertisements routes by aggregating Customer MACs (C- MAC) via Provider Backbone MAC (B-MAC) Addresses virtualized data centers with C-MAC count into the millions Data-plane address learning from Access Local C-MAC to local B- MAC binding CE1 B-MAC: B-M1 PE1 MPLS PE3 B-M2 CE3 PEs advertise local Backbone MAC (B-MAC) addresses in BGP C-MAC and C-MAC to B-MAC mapping learned in data-plane B-MAC: B-M1 B-M2 Under standardization at IETF draft-ietfl2vpn-pbb-evpn PE2 BGP MAC adv. Route E-VPN NLRI MAC B-M1 via PE2 PE Cisco and/or its affiliates. All rights reserved. Cisco Connect 22

23 Solution Requirements All-Active Redundancy and Load Balancing Active / Active Multi-Homing with flow-based load balancing in CE to PE direction Maximize bisectional bandwidth Flows can be L2/L3/L4 or combinations Vlan X - F1 Vlan X F2 P E P E Flow Based Load-balancing CE to PE direction P E P E Flow-based load balancing in PE to PE direction Multiple RIB entries associated for a given MAC Exercises multiple links towards CE Vlan X - F1 Vlan X F2 P E P E Flow Based Load-balancing PE to PE direction P E P E 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 23 23

24 Solution Requirements Optimal Forwarding Optimal forwarding for unicast and multicast CE1 PE1 PE3 CE2 Shortest path no triangular forwarding at steady-state Triangular Forwarding PE2 PE4 Loop-Free & Echo-Free Forwarding CE1 PE1 PE3 CE2 Avoid duplicate delivery of flooded traffic Echo Multiple multicast tunneling options: Ingress Replication P2MP LSM tunnels MP2MP PE2 PE4 CE1 PE1 PE3 CE2 Duplicate PE2 PE Cisco and/or its affiliates. All rights reserved. Cisco Connect 24 24

25 Solution Requirements MAC Address Scalability N * 1M 1M s WAN 1K s 10K s DC Site 1 DC Site 2 Server Virtualization fueling growth in MAC Address scalability: 1 VM = 1 MAC address. 1 server = 10 s or 100 s of VMs MAC address scalability most pronounced on Data Center WAN Edge for Layer 2 extensions over WAN. Example from a live network: 1M MAC addresses in a single SP data center DC Site N 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 25 25

26 E-VPN / PBB-EVPN Concepts E-VPN Instance (EVI) Ethernet Segment BGP Routes BGP Route Attributes PE BD BD EVI EVI SHD ESI1 MHD ESI2 CE1 CE 2 PE1 PE2 Route Types [1] Ethernet Auto-Discovery (AD) Route [2] MAC Advertisement Route [3] Inclusive Multicast Route [4] Ethernet Segment Route Extended Communities ESI MPLS Label ES-Import MAC Mobility Default Gateway EVI identifies a VPN in the network Encompass one or more bridge-domains, depending on service interface type Port-based VLAN-based (shown above) VLAN-bundling VLAN aware bundling (NEW) Represents a site connected to one or more PEs Uniquely identified by a 10- byte global Ethernet Segment Identifier (ESI) Could be a single device or an entire network Single-Homed Device (SHD) Multi-Homed Device (MHD) Single-Homed Network (SHN) Multi-Homed Network (MHN) E-VPN and PBB-EVPN define a single new BGP NLRI used to carry all E- VPN routes NLRI has a new SAFI (70) Routes serve control plane purposes, including: MAC address reachability MAC mass withdrawal Split-Horizon label adv Cisco and/or its affiliates. All rights reserved. Cisco Connect 26 Aliasing Multicast endpoint discovery Redundancy group discovery Designated forwarder election New BGP extended communities defined Expand information carried in BGP routes, including: MAC address moves C-MAC flush notification Redundancy mode MAC / IP bindings of a GW Split-horizon label encoding

27 Split Horizon For Ethernet Segments E-VPN Challenge: How to prevent flooded traffic from echoing back to a multi-homed Ethernet Segment? CE1 Echo ESI-1 PE1 PE3 ESI-2 CE3 CE5 PE advertises in BGP a split-horizon label (ESI MPLS Label) associated with each multi-homed Ethernet Segment Split-horizon label is only used for multi-destination frames (Unknown Unicast, Multicast & Broadcast) When an ingress PE floods multi-destination traffic, it encodes the Split- Horizon label identifying the source Ethernet Segment in the packet Egress PEs use this label to perform selective split-horizon filtering over the attachment circuit 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 27 CE4 PE2 PE4

28 Split Horizon For Ethernet Segments PBB-EVPN Challenge: How to prevent flooded traffic from echoing back to a multi-homed Ethernet Segment? CE1 Echo ESI-1 B-MAC1 B-MAC1 PE1 PE3 ESI-2 CE3 CE5 CE4 PE2 PE4 PEs connected to the same MHD use the same B-MAC address for the Ethernet Segment 1:1 mapping between B-MAC and ESI (for All-Active Redundancy with flow-based LB) Disposition PEs check the B-MAC source address for Split-Horizon filtering Frame not allowed to egress on an Ethernet Segment whose B-MAC matches the B- MAC source address in the PBB header 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 28

29 Designated Forwarder (DF) DF Election Challenge: How to prevent duplicate copies of flooded traffic from being delivered to a multi-homed Ethernet Segment? CE1 ESI-1 PE1 PE3 ESI-2 CE2 Duplicate PEs connected to a multi-homed Ethernet Segment discover each other via BGP PE2 PE4 These PEs then elect among them a Designated Forwarder responsible for forwarding flooded multi-destination frames to the multi-homed Segment DF Election granularity can be: Multiple DFs for load-sharing Per Ethernet Tag on Ethernet Segment (E-VPN) Per I-SID on Ethernet Segment (PBB-EVPN) 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 29

30 Comparison of L2VPN Solutions Requirement VPLS PBB-VPLS E-VPN PBB-EVPN Multi-Homing with All-Active Forwarding VLAN Based Load-balancing CE-to-PE Flow Based Load-balancing CE-to-PE x x Flow Based Load-balancing PE-to-PE x x Flow Based Multi-Pathing in the Core MAC Scalability Scale to Millions of C-MAC Addresses x x Confinement of C-MAC entries to PE with active flows x MAC Summarization x x MAC Summarization co-existence with C-MAC Mobility x x x Flexible VPN Policies Per C-MAC Forwarding Control Policies x x x Per-Segment Forwarding Control Policies x x 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 30 30

31 Summary E-VPN / PBB-EVPN are next-generation L2VPN solutions based on a BGP control-plane for MAC distribution/learning over the core E-VPN / PBB-EVPN were designed to address following requirements: All-active Redundancy and Load Balancing Simplified Provisioning and Operation Optimal Forwarding Fast Convergence In addition, PBB-EVPN and its inherent MAC-in-MAC hierarchy provides: Scale to Millions of C-MAC (Virtual Machine) Addresses MAC summarization co-existence with C-MAC (VM) mobility E-VPN / PBB-EVPN applicability goes beyond DCI into Carrier Ethernet use cases 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 31

32 Segment Routing 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 32

33 Key Takeaways Simple to deploy and operate Leverage MPLS services & hardware straightforward ISIS/OSPF extension Provide for optimum scalability, resiliency and virtualization Perfect integration with applications

34 Simplicity Operators ask drastic LDP/RSVP improvement less protocols to operate less protocol interactions to troubleshoot avoid directed LDP sessions between core routers deliver automated FRR for any topology Scale avoid millions of labels in LDP database avoid millions of TE LSP s in the network avoid millions of tunnels to configure 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 34

35 Segment Routing Key Concepts Forwarding state (segment) is established by IGP LDP and RSVP-TE are not required Agnostic to forwarding dataplane: IPv6 or MPLS MPLS Dataplane is leveraged without any modification push, swap and pop: all what we need segment = label Source Routing source encodes path as a label or stack of segments two segments: node or adjacency 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 35

36 Adjacency Segments A B C D Z N O P Nodes advertises adjacency label per link simple IGP extension Only advertising node installs adjacency segment in data plane Enables source routing along any explicit path (segment list) 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 36

37 Node Segment FEC Z push 65 A B C 65 swap 65 to swap 65 to 65 pop D Z 65 A packet injected anywhere with top label 65 will reach Z via IGP shortest path Packet to Z Packet to Z Packet to Z Packet to Z Packet to Z Nodes advertise a node segment simple IGP extension All remote nodes install node segment ids in data plane 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 37

38 Combining Segments Packet to Z Packet to Z Packet to Z A B C D Pop 9003 Z 65 Source Routing M N O 65 Packet to Z Any explicit path can be expressed: ABCOPZ 65 P 65 Packet to Z Packet to Z 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 38

39 ISIS automatically installs segments Nodal segment to C Nodal segment to C A B C D Adj Segment Z M N O P Nodal segment to Z Simple extension Excellent Scale: a node installs N+A FIB entries N node segments and A adjacency segments 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 39

40 Automated & Guaranteed FRR IP-based FRR is guaranted in any topology Backbone 2002, LFA FRR project at Cisco C1 C2 draft-bryant-ipfrr-tunnels-03.txt Directed LFA (DLFA) is guaranteed when metrics are symetric E1 E4 No extra computation (RLFA) E2 E Simple repair stack node segment to P node adjacency segment from P to Q Node segment to P node Default metric: Cisco and/or its affiliates. All rights reserved. Cisco Connect 40

41 Scalable TE and Segment Routing An SR core router scales much than with RSVP-TE The state is not in the router but in the packet N+A vs N^2 N: # of nodes in the network A: # of adjacencies per node 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 41

42 MPLS Control and Forwarding Operation with Segment Routing Services PE1 BGP / LDP PE2 IPv4 IPv6 IPv4 VPN IPv6 VPN VPWS VPLS No changes to control or forwarding plane Packet Transport PE1 IGP PE2 LDP RSVP BGP Static IS-IS OSPF MPLS Forwarding IGP label distribution, same forwarding plane

43 Reality SR EFT is available 12k, ASR9k, CRS1, CRS3 get it to your lab Working aggressively with lead customers towards productization 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 43

44 IETF Simple ISIS/OSPF extension Welcoming contribution 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 44

45 Segment Routing Use Cases 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 45

46 Application controls network delivers 2G from A to Z please Tunnel AZ onto {66, 68, 65} 66 FULL Path ABCOPZ is ok. I account the BW. Then I steer the traffic on this path The network is simple, highly programmable and responsive to rapid changes 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 46

47 Simple and Efficient Transport of MPLS services Efficient packet networks leverage ecmpaware shortest-path node segment Simplicity one less protocol to operate No complex LDP/ISIS synchronization to troubleshoot PE1 A M B N PE2 All VPN services ride on the node segment to PE Cisco and/or its affiliates. All rights reserved. Cisco Connect 47

48 Simple Disjointness Non-Disjoint Traffic A sends traffic with [65] Classic ecmp a la IP SR avoids state in the core SR avoids enumerating RSVP-TE tunnels for each ECMP paths Disjoint Traffic A sends traffic with [111, 65] Packet gets attracted in blue plane and then uses classic ecmp a la IP ECMP-awareness 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 48

49 CoS-based TE Tokyo to Brussels data: via US: cheap capacity VoIP: via Russia: low latency CoS-based TE with SR IGP metric set such as > Tokyo to Russia: via Russia > Tokyo to Brussels: via US > Russia to Brussels: via Europe Anycast segment Russia advertised by Russia core routers Tokyo CoS-based policy Data and Brussels: push the node segment to Brussels Node segment to Brussels Node segment to Russia VoIP and Brussels: push the anycast node to Russia, push Brussels 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 49

50 LFIB with Segment Routing LFIB populated by IGP (ISIS / OSPF) Forwarding table remains constant (Nodes + Adjacencies) regardless of number of paths Other protocols (LDP, RSVP, BGP) can still program LFIB PE PE PE PE P PE PE PE PE Node Segment Ids Adjacency Segment Ids In Label Out Label Out Interface L1 L1 Intf1 L2 L2 Intf1 L8 L8 Intf4 L9 Pop Intf2 L10 Pop Intf2 Ln Pop Intf5 Forwarding table remains constant

51 Segment Routing Configuration 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 51

52 L3VPN Using Segment Routing VRF RED /32 PE1 IP/MPLS (segment routing) PE2 VRF RED /32

53 Topology /32 SID=16101 P1 PE1 PE /32 SID= /32 SID=16002 P /32 SID=16102

54 Edge Configuration (Node Segment Id) asr9000-pe1 router isis DEFAULT is-type level-2-only net address-family ipv4 unicast metric-style wide interface Loopback0 passive address-family ipv4 unicast nodal-sid sid-value interface GigabitEthernet0/0/0/4 point-to-point address-family ipv4 unicast interface GigabitEthernet0/0/0/5 point-to-point address-family ipv4 unicast Packets with label forwarded towards PE1 via IS-IS shortest path. PHP enabled by default. PE /32 SID= /32 SID=16101 P2 P /32 SID=16102 PE /32 SID=16002

55 Core Configuration (Node Segment Id) asr9000-p2 router isis DEFAULT is-type level-2-only net address-family ipv4 unicast metric-style wide interface Loopback0 passive address-family ipv4 unicast nodal-sid sid-value PHP-disable interface GigabitEthernet0/0/0/4 point-to-point address-family ipv4 unicast interface GigabitEthernet0/0/0/5 point-to-point address-family ipv4 unicast interface GigabitEthernet0/0/0/6 point-to-point address-family ipv4 unicast Packets with label forwarded towards P2 via IS-IS shortest path. PHP disabled. PE /32 SID= /32 SID=16101 P2 P /32 SID=16102 PE /32 SID=16002

56 IS-IS Database Verification for Edge Node (Node Segment Id) RP/0/RSP0/CPU0:asr9000-pe1#sh isis database detail verbose asr9000-pe2.00 Tue May 7 12:49: PDT IS-IS DEFAULT (Level-2) Link State Database LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL asr9000-pe x b 0xe36c /0/0 Area Address: NLPID: 0xcc Hostname: asr9000-pe2 IP Address: Metric: 10 IS-Extended asr9000-p2.00 Metric: 10 IS-Extended asr9000-p1.00 Metric: 10 IP-Extended /31 Metric: 10 IP-Extended /31 Metric: 0 IP-Extended /32 Nodal-SID: PHP-off:1 Ext:0 Total Level-2 LSP count: 1 Local Level-2 LSP count: 0 RP/0/RSP0/CPU0:asr9000-pe1# Node segment id associated with PE2 loopback /32 SID=16101 P1 PE1 PE /32 SID= /32 SID=16002 P /32 SID=16102

57 IS-IS Database Verification for Core Node (Node Segment Id) RP/0/RSP0/CPU0:asr9000-pe1#sh isis database detail verbose asr9000-p2.00 Tue May 7 12:54: PDT IS-IS DEFAULT (Level-2) Link State Database LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL asr9000-p x a 0x39d /0/0 Area Address: NLPID: 0xcc Hostname: asr9000-p2 IP Address: Metric: 10 IS-Extended asr9000-pe2.00 Metric: 10 IS-Extended asr9000-pe1.00 Metric: 10 IS-Extended asr9000-p1.00 Metric: 10 IP-Extended /31 Metric: 10 IP-Extended /31 Metric: 10 IP-Extended /31 Metric: 0 IP-Extended /32 Nodal-SID: PHP-off:1 Ext:0 Total Level-2 LSP count: 1 Local Level-2 LSP count: 0 RP/0/RSP0/CPU0:asr9000-pe1# Node segment id associated with P2 loopback /32 SID=16101 P1 PE1 PE /32 SID= /32 SID=16002 P /32 SID=16102

58 Edge Forwarding Plane Verification (Node Segment Id) RP/0/RSP0/CPU0:asr9000-pe1#sh mpls forwarding Tue May 7 12:22: PDT Local Outgoing Prefix Outgoing Next Hop Bytes Label Label or ID Interface Switched Aggregate default: Per-VRF Aggr[V] \ default No ID Gi0/0/0/ No ID Gi0/0/0/ Aggregate RED: Per-VRF Aggr[V] \ RED No ID Gi0/0/0/ No ID Gi0/0/0/ RP/0/RSP0/CPU0:asr9000-pe1# Local node segment id Node segment id to reach PE1 via ECMP Node segment id to reach P1 Node segment id to reach P /32 SID=16101 P1 PE1 PE /32 SID= /32 SID=16002 P /32 SID=16102

59 Core Forwarding Plane Verification (Node Segment Id) RP/0/RSP0/CPU0:asr9000-p2#sh mpls forwarding Tue May 7 13:17: PDT Local Outgoing Prefix Outgoing Next Hop Bytes Label Label or ID Interface Switched Pop No ID Gi0/0/0/ No ID Gi0/0/0/ No ID Gi0/0/0/ RP/0/RSP0/CPU0:asr9000-p2# Node segment id to reach PE1 (PHP) Node segment id to reach PE2 Node segment id to reach P /32 SID=16101 P1 PE1 PE /32 SID= /32 SID=16002 P /32 SID=16102

60 L3VPN Configuration (Node Segment Id) hostname asr9000-pe1 vrf RED address-family ipv4 unicast import route-target 65172:0 export route-target 65172:0 interface Loopback11 vrf RED ipv4 address router bgp address-family ipv4 unicast address-family vpnv4 unicast neighbor remote-as update-source Loopback0 address-family ipv4 unicast address-family vpnv4 unicast vrf RED rd 65172:0 address-family ipv4 unicast redistribute connected L3VPN usual configuration VRF RED /32 PE /32 SID=16001 IP/MPLS (segment routing) PE /32 SID=16002 VRF RED /32

61 L3VPN Control and Forwarding Plane Verification (Node Segment Id) RP/0/RSP0/CPU0:asr9000-pe1#sh bgp vpnv4 unicast labels Tue May 7 13:21: PDT BGP router identifier , local AS number BGP generic scan interval 60 secs BGP table state: Active Table ID: 0x0 RD version: BGP main routing table version 23 BGP scan interval 60 secs Status codes: s suppressed, d damped, h history, * valid, > best i - internal, r RIB-failure, S stale, N Nexthop-discard Origin codes: i - IGP, e - EGP,? - incomplete Network Next Hop Rcvd Label Local Label Route Distinguisher: 65172:0 (default for vrf RED) *> / nolabel *>i / nolabel Processed 2 prefixes, 2 paths RP/0/RSP0/CPU0:asr9000-pe1# RP/0/RSP0/CPU0:asr9000-pe1#sh cef vrf RED Tue May 7 13:20: PDT /32, version 15, internal 0x (ptr 0xad279764) [1], 0x0 (0x0), 0x410 (0xadf7a4b0) Updated May 7 09:41: Prefix Len 32, traffic index 0, precedence n/a, priority 3 via , 3 dependencies, recursive [flags 0x6010] path-idx 0 [0xae0429a8 0x0] next hop VRF - 'default', table - 0xe next hop via 16002/0/21 next hop /32 Gi0/0/0/4 labels imposed { } next hop /32 Gi0/0/0/5 labels imposed { } RP/0/RSP0/CPU0:asr9000-pe1# BGP local/remote labels for VPNv4 prefixes (as usual) VRF RED /32 Label stack to forward traffic to /32 (VRF RED) via ECMP (as usual) PE /32 SID=16001 IP/MPLS (segment routing) PE /32 SID=16002 VRF RED /32

62 Summary New MPLS enhancements focus on Increased deployment scale (unified MPLS) L2VPN (VPLS) efficiency and scaling (PBB-EVPN) Unified MPLS defines scalable (hierarchical) architecture to extend MPLS to access/aggregation for an SP IP NGN PBB-EVPN defines BGP extensions to enhance scale and resiliency of existing VPLS deployments and meet data centers requirements Segment Routing offers an elegant way to scale SP networks and support application interaction with SDN s 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 62 62

63 Complete Your Paper Session Evaluation Give us your feedback and you could win 1 of 2 fabulous prizes in a random draw. Complete and return your paper evaluation form to the room attendant as you leave this session. Winners will be announced today. You must be present to win..visit them at BOOTH# 100

64 Thank you Cisco and/or its affiliates. All rights reserved. Cisco Connect 64

65 PBB-EVPN: A Closer Look DF Election with VLAN Carving PE PE Prevent duplicate delivery of flooded frames. Uses BGP Ethernet Segment Route. Non-DF ports are blocked for flooded traffic (multicast, broadcast, unknown unicast). PE PE Performed per Segment rather than per (VLAN, Segment). Split Horizon for Ethernet Segment Prevent looping of traffic originated from a multi-homed segment. PE PE Performed based on B-MAC source address rather than ESI MPLS Label. Aliasing PE PE PEs connected to the same multi-homed Ethernet Segment advertise the same B-MAC address. Remote PEs use these MAC Route advertisements for aliasing load-balancing traffic destined to C-MACs reachable via a given B-MAC. PE B-MAC1 B-MAC1 PE PE 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 65 65

66 PBB-EVPN: Dual Homed Device VLAN 2, 3 PE1 PE3 VPN B-MAC NH RT3 B-MAC1 PE1 RIB RT3 B-MAC1 PE2 B-MAC1 MPLS/ IP RT2 B-MAC1 PE1 RT2 B-MAC1 PE2 VLAN 2,3 PE2 VPN B-MAC NH RT3 B-MAC1 PE1, PE2 FIB RT2 B-MAC1 PE1, PE2 Each PE advertises a MAC route per Ethernet Segment (carries B-MAC associated with Ethernet Segment). Both PEs advertise the same B-MAC for the same Ethernet Segment. Remote PE installs both next hops into FIB for associated B-MAC. Hashing used to load-balance traffic among next hops. PE1 MAC Routes: Route: RD11, B-MAC1, RT2, RT3 PE2 MAC Routes: Route: RD22, B-MAC1, RT2, RT Cisco and/or its affiliates. All rights reserved. Cisco Connect 66 66