(This was a Live Webinar on July 21, 2016 at 10:00 am Pacific Time / 1:00 pm Eastern Time)
Watch the Replay at: bit.ly/29Mw58Q
Catch the original TV episode or any other topics at www.techwisetv.com
Description:
Networks are moving toward simplification, increased operational efficiency, and programmability using technologies such as software-defined networking. Cisco continues to demonstrate innovation by introducing the concept of segment routing in the data center, making the network more intelligent and adaptive to the applications running on top of it. Segment routing delivers application-optimized network transport. Encoding the path information directly at the source (that is, either at the virtual switch or at the top of rack) and using per-app policies, segment routing puts control in the hands of the network operators by empowering them to create secure, adaptive, and optimal paths based on the requirements of the application itself.
Please join us in the session to learn how Cisco is helping organizations increase network efficiency by allocating resources on demand and optimizing the network to better support business-critical applications, all while preserving security.
Agenda
Topics to discuss include:
- Introducing segment routing
- Why the need for application-optimized transport
- Features and benefits of segment routing
- Differences between segment routing and MPLS transport
- Relevance of segment routing in the data center
- Use cases and applicability of segment routing
- Summary and conclusion
2. • Deliver an amazing user experience
• Differentiated user outcomes
• System resiliency
• Maximize productivity
• Efficient return on capex
• Stretched opex / scale
The goals…
3. • Amazing user experiences:
• Inability to treat individual packets the way they really want or need to be
treated
• Spray and pray
• Assumption network has little value above connectivity
• Lack of granular method of signaling application’s intent
• Blunt traffic steering tools
• Productivity / costs: What are the challenges?
• Stranded and/or underutilized resources
• Organizational disconnect (no link from app dev to network intent)
What was holding us back?
4. • Multiple forwarding domains,
teams, mechanisms
• Diverse and sometimes
unpredictable behaviors
• Network policy separated from
application intentions or needs
Forwarding in today’s networks
Peering
Data center fabric
Core /
backbone
Data center fabric
Compute and storage
Compute and storage
InternetInternet
MPLS
IP / ECMP
Overlay
IP / ECMP
Overlay
How do you build SDN
capability into that?
5. What is Segment Routing?
Segment Routing…..
• is an application-optimized network transport that
provides strict network performance guarantees
• leverages the source routing paradigm
• Label path is encoded at the source which
allows for traffic engineering based on the
application requirements
Orchestrator
Applications
Segment
Routing
6. • Predictable traffic steering technology
• Policy expression in the packet / “stateless”
• Capability independent of the “place in the network”
• An scalable, flexible, extensible framework
• The underpinnings of true SDN
The big picture
Scalable,
Flexible,
Extensible,
Programmable,
and Predictable
Traffic Steering
In summary
Segment Routing is an architectural approach to
creating an end-to-end unified forwarding paradigm
7. • Source Routing
• the source chooses a path and encodes it in the packet header as an ordered
list of segments
• the rest of the network executes the encoded instructions
• Segment: an identifier for any type of instruction
• forwarding or service
• Forwarding Plane:
• MPLS: an ordered list of segments is represented as a stack of labels
• IPv6: an ordered list of segments is encoded in a routing extension header
• Multi-Vendor solution
The technical picture
8. • Strong commitment for standardization and
multi-vendor support
• SPRING Working-Group (started Nov 2013)
• All key documents are WG-status
• Over 25 drafts maintained by SR team
• Over 50% are WG status
• Over 75% have a Cisco implementation
• Several interop reports are available
• First RFC document - RFC 7855 (May 2016)
IETF
www.segment-routing.net
tools.ietf.org/wg/spring/
9. • First deployments in 2015 with adoption in the WAN
• Strong start in 2016 with many new deployments.
• Soon-to-deploy in large Service Provider networks
for end-to-end switching (DC to WAN)
Technology Adoption
10. • Leverage source routing for explicit path control to
• create logical forwarding planes over the physical infrastructure
• champion performance guarantee for SLA
• create deterministic, yet adaptive networks
• provide capacity and bandwidth management capability with on-demand provisioning
• create stateless transit networks
• Network visibility for applications
• Consistent forwarding architecture between datacenter and WAN
• Reduce OpEx with simplified forwarding solution
• All the above & more with easy to Configure, Scale and Orchestrate
SR relevance inside datacenter
11. Segment Routing Platform Support
Supported with all Nexus 3000 and Nexus 9000 series
Other Nexus platforms in the roadmap
Shipping
since Feb
CY 2016
13. Overview
• Built on top of existing MPLS forwarding infrastructure.
• MPLS label as a forwarding construct to identify segment (Segment ID).
• Predictable Label allocation schema across the network.
• BGP-LU as a control protocol to distribute Label.
13
14. Dataplane
• MPLS: an ordered list of segments is represented as a stack of labels
• SR re-uses MPLS dataplane without any change – Current implementation
• IPv6: an ordered list of segments is represented as a routing extension header,
see 4.4 of RFC2460
Control Plane
• BGP-based segments with minor extensions to communicate neighbor
relationships – Current implementation
• IGP-based segments require minor extension to the existing link-state routing
protocols (OSPF and IS-IS)
Segment Routing
15. • Node segment ID
• A global value “100” means “100”
everywhere inside the domain
• An instruction to forward the packet over the
ECMP-aware shortest-path to the node(s) that
own(s) the SID
• Adjacency segment ID
• A local value representing an outgoing
adjacency or set of adjacencies
• An adjacency can be thought of similar to
“outgoing interface”
What is a segment?
9001
9002
Adjacency
SID
Nodal SID
66
65
65900166Data
900166Data
66Data Data
1.1.1.0
Prefix
A
Z
16. SR operations illustration • Steer traffic on any path through
the network
• Path is specified by list of
segments in packet header, a
stack of labels
• No path is signaled
• No per-flow state is created
• IS-IS, OSPF, BGP all supported
Node Z
56056
1 3 5 7
2 4 6 8
101
Payload to Z
16101
56056
16005
Payload to Z
16101
56056
16005
Payload to Z
16101
56056
Payload to Z
16101
Payload to Z
16101
Payload to Z
Goal: Go to Z
but avoid node 7
Source A
17. Control Plane: Segment Routing Global Block (SRGB)
• Consistent and predictable label values across
network.
• Carve a subset of Label block from wider MPLS Label
range.
• Default SRGB range is 16,000 to 23,999.
• New attribute “Label Index” is carried in BGP update.
• Label at every node is calculated based on following
formula.
Label = SRGB base + Label Index (Received in BGP
update)
E.g. Prefix 172.0.11.0/24 with Label Index of 1 gets
label 16001
3
2
1
3
2
1…
…
…
…
2022 1600116001
1600116001
Application
172.0.11.0/24 Label Index: 1
18. • Anycast prefixes: same prefix advertised by multiple nodes
• Anycast prefix-SID: prefix-SID associated with anycast prefix
• Same prefix-SID for the same prefix!
• Traffic is forwarded to one of the Anycast prefix-SID originators based
on best IGP path
• If primary node fails, traffic is auto re-routed to another node
• High-availability
• If one of the Eastern Region routers fail, the policy survives
Anycast prefix segments
19. BGP-LS used to signal topology
information to route controller
BGP Peering Segment
DC
10
11
12
13
14
3
1
PEERS
• Used to identify peer
adjacencies that are either
internal or external to the
administrative domain
• Three types:
PeerNode
PeerAdj
PeerSet
20. AS1
AS3
AS4B
C
D
E
BGP-LS
Controller
A
9.9.9.9/32
1. Node C configures EPE for eBGP Peers
2. Node C allocates unique PeerNode SID to
peer D & E
3. Node C allocates Adjacency SID for ECMP
links for each E
4. Node C allocates a single PeerSet SID for both
D & E
The controller learns the BGP
Peering SID’s and the external
topology of the egress border
router
BGP-LU
Controller can program the
ingress node A to steer traffic to
9.9.9.9/32 via egress node C
and AS3 (peer E)
Egress Peer Engineering (EPE)
END RESULT
AS2
21. How is Segment Routing different than Traditional
MPLS?
21
• Simple extensions in IGP/BGP protocol
• No LDP/RSVP complexities and limitsStandardized Control Plane
• Dedicated forwarding path & bandwidth
• Performance guarantees
Adaptive SLA
• End-to-end forwarding and TE
• Removes multiple layers of technology
Single Operational Model
• Support ECMP
• Minimize LSP state in network
• CPU & memory saving
Efficient Datapath
• Optimal path creation directly at source
• Remove complexities of RSVP
Simplified Traffic Engineering
• Support for NXAPI/DME
• Future support for Puppet/Ansible
Programmatic Interface
25. Content Delivery or Service Provider Network
Application Traffic Steering Across Optimal Path
• BGP-LU control plane establishes SR
channels from ToRs to Spines for a
particular IP segment
• Label allocated at the ToRs for IP
segments. Multiple IP segments
can be associated with single
labels
• Stack of labels is encoded at TOR or
host to allow path splicing
• Traffic is directed to Spines over
desired path
ToR ToR ToR ToR
Leaf Leaf Leaf Leaf
Spine Spine
POD 1
IP (1.1.1.0/24)
IP or MPLS
packet
26. Financial Application
Multi-plane Network
• Explicit path expressed in labeled
packets either at the TOR or at
the Hypervisor
• Each ToR can have multiple
uplinks and each uplink takes the
flow to a different routing plane
for traffic segmentation
ToR ToR ToR ToR
Leaf Leaf Leaf Leaf
Spine Spine
IP or MPLS
packet
IP (1.1.1.0/24) IP (2.2.2.0/24)
POD 1
27. Enterprise Networks
Anycast Forwarding
• Anycast prefixes: same prefix
advertised by multiple nodes
• Anycast prefix-SID: prefix-SID
associated with anycast prefix.
Same prefix-SID for the same prefix
• Traffic is forwarded to one of the
Anycast prefix-SIDs based on best
path.
• If primary node fails, traffic is re-
routed through another node
ToR ToR ToR ToR
Leaf Leaf Leaf Leaf
Spine Spine
POD 1
IP (1.1.1.0/24)
IP or MPLS
packet
28. Route scale with Multi hop BGP overlay and SR underlay
• Multi-hop eBGP sessions between
Spines and TORs to advertise Vanilla
IP prefixes
• ToRs install routes for learnt
prefixes with Spines as ECMP next
hops over Tunnel underlays
• ToRs impose Labels on IP packets
received from Hosts and direct
them to Spines over ECMP Tunnels
Benefits
• Optimize label usage in SR
domain (labels are tied to the next-hop
through MPLS)
ToR ToR ToR ToR
Leaf Leaf L L
Spine Spine
POD 1
BGP-LU
BGP-LU
IP
MPLS
MPLS
Multihop
eBGP
IP or MPLS
packet
29. MPLS layer 2 VPNs, L3
VPNs are most common
applications of IP/MPLS
networks.
Segment Routing can provide
an efficient and scalable
transport for VPN services
IGP/EGP only
– No LDP, no RSVP-TE
ECMP support
1
2 3
4
6 5
7
Site1
CPE
pkt
16200
VPN Label
pkt
16100
VPN label
pkt
pkt
vpn
pkt
PE
SR
Transport
w/ ECMP
Site2
CPE
Site2
CPE
Site1
CPE
pkt
vpn
Enterprise Networks
Simple and Efficient Transport of MPLS services
30. • Solve Micro-loop avoidance
• Topology Independent Loop-free Alternate Fast Re-route (TI-LFA)
• Egress Peering for low latency vs high cost path
• Low Latency path selection
• Multi-pod stitching
• DC to DC transit
• etc
And the possibilities are many more…..
These are suggested use case for future validation
32. Zero Touch Node Isolation
Controller
16004
18101
17104
18101
17104
18101
… … … …ToR
Leaf
Spine
16001 16002
17001 17002 17003 17004 17101 17102 17103 17104
18001 18050 18101 18150
Applications
20001
• Isolate a node with
zero touch
provisioning.
• A new Anycast SID
represents only Active
members.
• Controller pushes the
new SID/Label to the
network
BRKDCN-2050 32
33. • Orchestrate an end-to-end segment routing path, as governed with a stateful PCE controller
running native SRTE algorithms
• Deliver performance-engineered paths per the SLA
• Real-time reactive feed via BGP-LS/ISIS/OSPF from multiple domains
• SR PCE deployment model more like BGP Route Reflectors
SR PCE
vPE1
20001
ToR
20002
Spine
20003
LSR
17002
LSR
16003
vPE2
20001
ToR
20002
Spine
20003
LSR
18002
DC A1 METRO A METRO BWAN DC B2
Multi-Domain Topology
SR PCE
Compute
38. • Amazing user experiences
• Differentiated user outcomes by treating individual packets the way
they really want or need to be treated
• Built-in resiliency
• Unprecedented application control of its own destiny
• One forwarding domain / behavior / organization
• Cost containment / productivity enhancement
• Simple method to scale network capacity with minimal network state
on low-cost devices
• Policy framework with no need to constantly reconfigure the network
• Optimal use of internal resources
• One forwarding domain / behavior / organization
Meeting the goals…
39. Key Benefits of Segment Routing
Label Switching Domain
Inter-DC Network
and Peering Sites
Optical Core
Disaggregated
Core
DC Fabric
Layers
Compute
and Storage
Internet
Peers
100G
… … … …
…
…
Other
DC
Application aware network creation1
No Signaling - All state travels in the packet!2
Performance guarantees3
ECMP-aware traffic steering4
Adaptive traffic switching5
Significant cost reduction & Investment protection6
40. • http://www.segment-routing.net
• http://www.segment-routing.net/home/tutorial
• http://www.cisco.com/c/en/us/products/collateral/switches/nexus-
9000-series-switches/white-paper-c11-737536.html
• http://blogs.cisco.com/datacenter/application-level-intelligence-in-
the-data-center-using-segment-
routing?_ga=1.127143757.1347823405.1468366647
Still need more info