TechWiseTV Workshop: Segment Routing for the Datacenter

Manager, Product Management
Segment Routing in Datacenter
July 2016
Vipul Shah

• Deliver an amazing user experience
• Differentiated user outcomes
• System resiliency
• Maximize productivity
• Efficient return on capex
• Stretched opex / scale
The goals…

• Amazing user experiences:
• Inability to treat individual packets the way they really want or need to be
treated
• Spray and pray
• Assumption network has little value above connectivity
• Lack of granular method of signaling application’s intent
• Blunt traffic steering tools
• Productivity / costs: What are the challenges?
• Stranded and/or underutilized resources
• Organizational disconnect (no link from app dev to network intent)
What was holding us back?

• Multiple forwarding domains,
teams, mechanisms
• Diverse and sometimes
unpredictable behaviors
• Network policy separated from
application intentions or needs
Forwarding in today’s networks
Peering
Data center fabric
Core /
backbone
Data center fabric
Compute and storage
Compute and storage
InternetInternet
MPLS
IP / ECMP
Overlay
IP / ECMP
Overlay
How do you build SDN
capability into that?

What is Segment Routing?
Segment Routing…..
• is an application-optimized network transport that
provides strict network performance guarantees
• leverages the source routing paradigm
• Label path is encoded at the source which
allows for traffic engineering based on the
application requirements
Orchestrator
Applications
Segment
Routing

• Predictable traffic steering technology
• Policy expression in the packet / “stateless”
• Capability independent of the “place in the network”
• An scalable, flexible, extensible framework
• The underpinnings of true SDN
The big picture
Scalable,
Flexible,
Extensible,
Programmable,
and Predictable
Traffic Steering
In summary
Segment Routing is an architectural approach to
creating an end-to-end unified forwarding paradigm

• Source Routing
• the source chooses a path and encodes it in the packet header as an ordered
list of segments
• the rest of the network executes the encoded instructions
• Segment: an identifier for any type of instruction
• forwarding or service
• Forwarding Plane:
• MPLS: an ordered list of segments is represented as a stack of labels
• IPv6: an ordered list of segments is encoded in a routing extension header
• Multi-Vendor solution
The technical picture

• Strong commitment for standardization and
multi-vendor support
• SPRING Working-Group (started Nov 2013)
• All key documents are WG-status
• Over 25 drafts maintained by SR team
• Over 50% are WG status
• Over 75% have a Cisco implementation
• Several interop reports are available
• First RFC document - RFC 7855 (May 2016)
IETF
www.segment-routing.net
tools.ietf.org/wg/spring/

• First deployments in 2015 with adoption in the WAN
• Strong start in 2016 with many new deployments.
• Soon-to-deploy in large Service Provider networks
for end-to-end switching (DC to WAN)
Technology Adoption

• Leverage source routing for explicit path control to
• create logical forwarding planes over the physical infrastructure
• champion performance guarantee for SLA
• create deterministic, yet adaptive networks
• provide capacity and bandwidth management capability with on-demand provisioning
• create stateless transit networks
• Network visibility for applications
• Consistent forwarding architecture between datacenter and WAN
• Reduce OpEx with simplified forwarding solution
• All the above & more with easy to Configure, Scale and Orchestrate
SR relevance inside datacenter

Segment Routing Platform Support
Supported with all Nexus 3000 and Nexus 9000 series
Other Nexus platforms in the roadmap
Shipping
since Feb
CY 2016

Segment Routing
Architecture on Nexus 9000
and 3000

Overview
• Built on top of existing MPLS forwarding infrastructure.
• MPLS label as a forwarding construct to identify segment (Segment ID).
• Predictable Label allocation schema across the network.
• BGP-LU as a control protocol to distribute Label.
13

Dataplane
• MPLS: an ordered list of segments is represented as a stack of labels
• SR re-uses MPLS dataplane without any change – Current implementation
• IPv6: an ordered list of segments is represented as a routing extension header,
see 4.4 of RFC2460
Control Plane
• BGP-based segments with minor extensions to communicate neighbor
relationships – Current implementation
• IGP-based segments require minor extension to the existing link-state routing
protocols (OSPF and IS-IS)
Segment Routing

• Node segment ID
• A global value  “100” means “100”
everywhere inside the domain
• An instruction to forward the packet over the
ECMP-aware shortest-path to the node(s) that
own(s) the SID
• Adjacency segment ID
• A local value representing an outgoing
adjacency or set of adjacencies
• An adjacency can be thought of similar to
“outgoing interface”
What is a segment?
9001
9002
Adjacency
SID
Nodal SID
66
65
65900166Data
900166Data
66Data Data
1.1.1.0
Prefix
A
Z

SR operations illustration • Steer traffic on any path through
the network
• Path is specified by list of
segments in packet header, a
stack of labels
• No path is signaled
• No per-flow state is created
• IS-IS, OSPF, BGP all supported
Node Z
56056
1 3 5 7
2 4 6 8
101
Payload to Z
16101
56056
16005
Payload to Z
16101
56056
16005
Payload to Z
16101
56056
Payload to Z
16101
Payload to Z
16101
Payload to Z
Goal: Go to Z
but avoid node 7
Source A

Control Plane: Segment Routing Global Block (SRGB)
• Consistent and predictable label values across
network.
• Carve a subset of Label block from wider MPLS Label
range.
• Default SRGB range is 16,000 to 23,999.
• New attribute “Label Index” is carried in BGP update.
• Label at every node is calculated based on following
formula.
Label = SRGB base + Label Index (Received in BGP
update)
E.g. Prefix 172.0.11.0/24 with Label Index of 1 gets
label 16001
3
2
1
3
2
1…
…
…
…
2022 1600116001
1600116001
Application
172.0.11.0/24 Label Index: 1

• Anycast prefixes: same prefix advertised by multiple nodes
• Anycast prefix-SID: prefix-SID associated with anycast prefix
• Same prefix-SID for the same prefix!
• Traffic is forwarded to one of the Anycast prefix-SID originators based
on best IGP path
• If primary node fails, traffic is auto re-routed to another node
• High-availability
• If one of the Eastern Region routers fail, the policy survives
Anycast prefix segments

BGP-LS used to signal topology
information to route controller
BGP Peering Segment
DC
10
11
12
13
14
3
1
PEERS
• Used to identify peer
adjacencies that are either
internal or external to the
administrative domain
• Three types:
PeerNode
PeerAdj
PeerSet

AS1
AS3
AS4B
C
D
E
BGP-LS
Controller
A
9.9.9.9/32
1. Node C configures EPE for eBGP Peers
2. Node C allocates unique PeerNode SID to
peer D & E
3. Node C allocates Adjacency SID for ECMP
links for each E
4. Node C allocates a single PeerSet SID for both
D & E
The controller learns the BGP
Peering SID’s and the external
topology of the egress border
router
BGP-LU
Controller can program the
ingress node A to steer traffic to
9.9.9.9/32 via egress node C
and AS3 (peer E)
Egress Peer Engineering (EPE)
END RESULT
AS2

How is Segment Routing different than Traditional
MPLS?
21
• Simple extensions in IGP/BGP protocol
• No LDP/RSVP complexities and limitsStandardized Control Plane
• Dedicated forwarding path & bandwidth
• Performance guarantees
Adaptive SLA
• End-to-end forwarding and TE
• Removes multiple layers of technology
Single Operational Model
• Support ECMP
• Minimize LSP state in network
• CPU & memory saving
Efficient Datapath
• Optimal path creation directly at source
• Remove complexities of RSVP
Simplified Traffic Engineering
• Support for NXAPI/DME
• Future support for Puppet/Ansible
Programmatic Interface

Deployment reasons for SR
23
• VRF Segmentation and Multi-Tenancy
• Optimal path programmed at host/TORApplication Segmentation
• Controller Solution for network visibility
• Leverage congestion feedback for
better intelligence
Adaptive network
• Create deterministic networks
• Network-wide resource optimization
Traffic steering
• Allocate bandwidth capacity on-demand
• Control which path apps can takeOn-demand Bandwidth
• Logical separation of physical infra
• Separation of different traffic typesMulti-plane networks

Cisco Confidential 24© 2013 Cisco and/or its affiliates. All rights reserved.
SR Datacenter Transport Network : Topology Reference
ToR
16111
ToR ToR
ToR
1611
4
Leaf
17111
18100
Lef
17112
18200
L L
Spine
Unicast:17101
Anycast:18100
Spine
17102
18100
Spine
17201
18200
Spine
17202
18200
Spine
17301
18300
Spine
17302
18300
Spine
17401
18400
Spine
17402
18400
ToR
16121
ToR
1612
2
ToR ToR
L
17211
18100
L L L
ToR ToR
ToR
1613
3
ToR
L L L L
POD 1 POD 2 POD 3
DCI DCI
2 path options:
- Full ECMP: ToR/DCI prefix-SID
- Specific plane: anycast SID + ToR/DCI prefix-SID
PCE
BGP LU
+ prefix-
SID
PCE
ToR ToR
ToR
1613
7
ToR
L L L
Leaf
17418
18400
Spine
17403
18400
Spine
17404
18400

Content Delivery or Service Provider Network
Application Traffic Steering Across Optimal Path
• BGP-LU control plane establishes SR
channels from ToRs to Spines for a
particular IP segment
• Label allocated at the ToRs for IP
segments. Multiple IP segments
can be associated with single
labels
• Stack of labels is encoded at TOR or
host to allow path splicing
• Traffic is directed to Spines over
desired path
ToR ToR ToR ToR
Leaf Leaf Leaf Leaf
Spine Spine
POD 1
IP (1.1.1.0/24)
IP or MPLS
packet

Financial Application
Multi-plane Network
• Explicit path expressed in labeled
packets either at the TOR or at
the Hypervisor
• Each ToR can have multiple
uplinks and each uplink takes the
flow to a different routing plane
for traffic segmentation
ToR ToR ToR ToR
Leaf Leaf Leaf Leaf
Spine Spine
IP or MPLS
packet
IP (1.1.1.0/24) IP (2.2.2.0/24)
POD 1

Enterprise Networks
Anycast Forwarding
• Anycast prefixes: same prefix
advertised by multiple nodes
• Anycast prefix-SID: prefix-SID
associated with anycast prefix.
Same prefix-SID for the same prefix
• Traffic is forwarded to one of the
Anycast prefix-SIDs based on best
path.
• If primary node fails, traffic is re-
routed through another node
ToR ToR ToR ToR
Leaf Leaf Leaf Leaf
Spine Spine
POD 1
IP (1.1.1.0/24)
IP or MPLS
packet

Route scale with Multi hop BGP overlay and SR underlay
• Multi-hop eBGP sessions between
Spines and TORs to advertise Vanilla
IP prefixes
• ToRs install routes for learnt
prefixes with Spines as ECMP next
hops over Tunnel underlays
• ToRs impose Labels on IP packets
received from Hosts and direct
them to Spines over ECMP Tunnels
Benefits
• Optimize label usage in SR
domain (labels are tied to the next-hop
through MPLS)
ToR ToR ToR ToR
Leaf Leaf L L
Spine Spine
POD 1
BGP-LU
BGP-LU
IP
MPLS
MPLS
Multihop
eBGP
IP or MPLS
packet

 MPLS layer 2 VPNs, L3
VPNs are most common
applications of IP/MPLS
networks.
 Segment Routing can provide
an efficient and scalable
transport for VPN services
 IGP/EGP only
– No LDP, no RSVP-TE
 ECMP support
1
2 3
4
6 5
7
Site1
CPE
pkt
16200
VPN Label
pkt
16100
VPN label
pkt
pkt
vpn
pkt
PE
SR
Transport
w/ ECMP
Site2
CPE
Site2
CPE
Site1
CPE
pkt
vpn
Enterprise Networks
Simple and Efficient Transport of MPLS services

• Solve Micro-loop avoidance
• Topology Independent Loop-free Alternate Fast Re-route (TI-LFA)
• Egress Peering for low latency vs high cost path
• Low Latency path selection
• Multi-pod stitching
• DC to DC transit
• etc
And the possibilities are many more…..
These are suggested use case for future validation

SR Provisioning &
Orchestration

Zero Touch Node Isolation
Controller
16004
18101
17104
18101
17104
18101
… … … …ToR
Leaf
Spine
16001 16002
17001 17002 17003 17004 17101 17102 17103 17104
18001 18050 18101 18150
Applications
20001
• Isolate a node with
zero touch
provisioning.
• A new Anycast SID
represents only Active
members.
• Controller pushes the
new SID/Label to the
network
BRKDCN-2050 32

• Orchestrate an end-to-end segment routing path, as governed with a stateful PCE controller
running native SRTE algorithms
• Deliver performance-engineered paths per the SLA
• Real-time reactive feed via BGP-LS/ISIS/OSPF from multiple domains
• SR PCE deployment model more like BGP Route Reflectors
SR PCE
vPE1
20001
ToR
20002
Spine
20003
LSR
17002
LSR
16003
vPE2
20001
ToR
20002
Spine
20003
LSR
18002
DC A1 METRO A METRO BWAN DC B2
Multi-Domain Topology
SR PCE
Compute

Global Configuration
!Enable Required Feature sets
N9K1#config terminal
N9K1(config)#feature-set mpls
N9K1(config)#install feature-set mpls
N9K1(config)#feature bgp
N9K1(config)#feature mpls segment-routing
N9K1(config)#segment-routing mpls
N9K1(config-segment-routing-mpls))#end
N9K1#
..
!Enable mpls forwarding on respective interfaces
N9K1#config terminal
N9K1(config)#interface <x>
N9K1(config-if)#mpls ip forwarding
N9K1(config-if)#end
34

Orchestration
Programmability support with Nexus 3K/9K platforms
35

Orchestration
Programmability support with Nexus 3K/9K platforms
36
import requests
import json
url='http://172.x.x.x/ins'
switchuser='administrator'
switchpassword='cisco123'
myheaders={'content-type':'application/json-rpc'}
payload=[
{
"jsonrpc": "2.0",
"method": "cli",
"params": {
"cmd": "config t",
"version": 1
},
"id": 1
},
{
"jsonrpc": "2.0",
"method": "cli",
"params": {
"cmd": "segment-routing mpls",
"version": 1
},
"id": 2
}
]
response = requests.post(url,data=json.dumps(payload), headers=myheaders,auth=(switchuser,switchpassword)).json()

• Amazing user experiences
• Differentiated user outcomes by treating individual packets the way
they really want or need to be treated
• Built-in resiliency
• Unprecedented application control of its own destiny
• One forwarding domain / behavior / organization
• Cost containment / productivity enhancement
• Simple method to scale network capacity with minimal network state
on low-cost devices
• Policy framework with no need to constantly reconfigure the network
• Optimal use of internal resources
• One forwarding domain / behavior / organization
Meeting the goals…

Key Benefits of Segment Routing
Label Switching Domain
Inter-DC Network
and Peering Sites
Optical Core
Disaggregated
Core
DC Fabric
Layers
Compute
and Storage
Internet
Peers
100G
… … … …
…
…
Other
DC
Application aware network creation1
No Signaling - All state travels in the packet!2
Performance guarantees3
ECMP-aware traffic steering4
Adaptive traffic switching5
Significant cost reduction & Investment protection6

• http://www.segment-routing.net
• http://www.segment-routing.net/home/tutorial
• http://www.cisco.com/c/en/us/products/collateral/switches/nexus-
9000-series-switches/white-paper-c11-737536.html
• http://blogs.cisco.com/datacenter/application-level-intelligence-in-
the-data-center-using-segment-
routing?_ga=1.127143757.1347823405.1468366647
Still need more info

TechWiseTV Workshop: Segment Routing for the Datacenter

TechWiseTV Workshop: Segment Routing for the Datacenter

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (19)

Similar to TechWiseTV Workshop: Segment Routing for the Datacenter

Similar to TechWiseTV Workshop: Segment Routing for the Datacenter (20)

More from Robb Boyd

More from Robb Boyd (20)

Recently uploaded

Recently uploaded (20)

TechWiseTV Workshop: Segment Routing for the Datacenter