SRv 6 Network Programming Network as a computer

  • Slides: 84
Download presentation
SRv 6 Network Programming Network as a computer and deployment use-cases Ketan Talaulikar –

SRv 6 Network Programming Network as a computer and deployment use-cases Ketan Talaulikar – Technical Leader, Routing ketant@cisco. com APRICOT 2018

Agenda © 2018 Cisco and/or its affiliates. All rights reserved. 1 SRv 6 101

Agenda © 2018 Cisco and/or its affiliates. All rights reserved. 1 SRv 6 101 2 SRv 6 Local. SIDs Functions 3 Deployment use-cases 4 VPN Overlay 5 Service Chainning 6 Spray 7 SD-WAN 8 5 G and Network Slicing

Industry at large backs up SR Strong customer adoption WEB, SP, DC, Metro, Enterprise

Industry at large backs up SR Strong customer adoption WEB, SP, DC, Metro, Enterprise © 2018 Cisco and/or its affiliates. All rights reserved. De-facto SDN Architecture Standardization IETF Multi-vendor Consensus Open Source Linux, VPP

Segment Routing • Source Routing • • Scalability • • the topological and service

Segment Routing • Source Routing • • Scalability • • the topological and service (NFV) path is encoded in packet header the network fabric does not hold any per-flow state for TE or NFV Simplicity automation: TILFA sub-50 msec FRR • protocol elimination: LDP, RSVP-TE, NSH… • • End-to-End • DC, Metro, WAN © 2018 Cisco and/or its affiliates. All rights reserved.

Two dataplane instantiations MPLS • leverage the mature MPLS HW with only SW upgrade

Two dataplane instantiations MPLS • leverage the mature MPLS HW with only SW upgrade • 1 segment = 1 label Segment Routing • a segment list = a label stack IPv 6 • leverages RFC 8200 provision for source routing extension header • 1 segment = 1 address • a segment list = an address list in the SRH © 2018 Cisco and/or its affiliates. All rights reserved.

IPv 6 adoption is a reality Global IPv 6 traffic grew 241% in 2016

IPv 6 adoption is a reality Global IPv 6 traffic grew 241% in 2016 Globally IPv 6 traffic will grow 16 -fold from 2016 to 2021 IPv 6 will be 37% of total Internet traffic in 2021 % Web pages available over IPv 6 © 2018 Cisco and/or its affiliates. All rights reserved. Sources: 6 lab. cisco. com – Web content Cisco VNI Global IP Traffic Forecast, 2016 -2021

IPv 6 provides reachability © 2018 Cisco and/or its affiliates. All rights reserved.

IPv 6 provides reachability © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 – Segment Routing & IPv 6 • Simplicity • • IPv 6

SRv 6 – Segment Routing & IPv 6 • Simplicity • • IPv 6 for reachability SLA • SR for anything else FRR and TE • Overlay • NFV • SDN • • © 2018 Cisco and/or its affiliates. All rights reserved. Protocol elimination SR is de-facto SDN architecture 5 G

SRv 6 for underlay RSVP for FRR/TE IPv 6 for reachability © 2018 Cisco

SRv 6 for underlay RSVP for FRR/TE IPv 6 for reachability © 2018 Cisco and/or its affiliates. All rights reserved. Horrendous states scaling in k*N^2

SRv 6 for underlay SRv 6 for Underlay IPv 6 for reachability Simplification through

SRv 6 for underlay SRv 6 for Underlay IPv 6 for reachability Simplification through protocol reduction SLA through automated FRR and TE De-facto SDN architecture © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 for underlay and overlay ? NSH for NFV UDP+Vx. LAN Overlay SRv

SRv 6 for underlay and overlay ? NSH for NFV UDP+Vx. LAN Overlay SRv 6 for Underlay Additional Protocol and State Additional Protocol just for tenant ID Simplification, FRR, TE, SDN IPv 6 for reachability Multiplicity of protocols and states hinder network economics Opportunity for further simplification … Service Chaining © 2018 Cisco and/or its affiliates. All rights reserved.

SR for anything: Network as a Computer © 2018 Cisco and/or its affiliates. All

SR for anything: Network as a Computer © 2018 Cisco and/or its affiliates. All rights reserved.

Network instruction Locator • Function 128 -bit SRv 6 SID Locator: routed to the

Network instruction Locator • Function 128 -bit SRv 6 SID Locator: routed to the node performing the function • Function: any possible function • either local to NPU or app in VM/Container • Flexible bit-length selection © 2018 Cisco and/or its affiliates. All rights reserved.

Network instruction Locator • Function Args* 128 -bit SRv 6 SID Locator: routed to

Network instruction Locator • Function Args* 128 -bit SRv 6 SID Locator: routed to the node performing the function • Function: any possible function • either local to NPU or app in VM/Container Arguments: optional argument bits to be used only by that SID • Flexible bit-length selection • © 2018 Cisco and/or its affiliates. All rights reserved.

Network Program Next Segment Locator 1 Function 1 Locator 2 Function 2 Locator 3

Network Program Next Segment Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 Locator 2 Locator 1 © 2018 Cisco and/or its affiliates. All rights reserved. Function 1 Function 2 Locator 3 Function 3

Network Program Next Segment Locator 1 Function 1 Locator 2 Function 2 Locator 3

Network Program Next Segment Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 Locator 2 Locator 1 © 2018 Cisco and/or its affiliates. All rights reserved. Function 1 Function 2 Locator 3 Function 3

Network Program Next Segment Locator 1 Function 1 Locator 2 Function 2 Locator 3

Network Program Next Segment Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 Locator 2 Locator 1 © 2018 Cisco and/or its affiliates. All rights reserved. Function 1 Function 2 Locator 3 Function 3

Network Program in the Packet Header IPv 6 header Segment Routing Header IPv 6

Network Program in the Packet Header IPv 6 header Segment Routing Header IPv 6 payload © 2018 Cisco and/or its affiliates. All rights reserved. Source Address Active Segment Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 TCP, UDP, QUIC

Argument shared between functions TAG Segments Left Locator 1 Function 1 Locator 2 Function

Argument shared between functions TAG Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 “Global” Argument Metadata TLV © 2018 Cisco and/or its affiliates. All rights reserved.

Group-Based Policy TAG Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator

Group-Based Policy TAG Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 Metadata TLV © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 Header TAG Segments Left Locator 1 Function 1 Locator 2 Function 2

SRv 6 Header TAG Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 Metadata TLV © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 for anything TAG Segments Left Locator 1 Function 1 Locator 2 Function

SRv 6 for anything TAG Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 Optimized for HW processing e. g. Underlay & Tenant use-cases Optimized for SW processing e. g. NFV, Container, Micro-Service Metadata TLV © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 for anything TAG Segments Left Locator 1 Function 1 Locator 2 Function

SRv 6 for anything TAG Segments Left Locator 1 Function 1 Locator 2 Function 2 Locator 3 Function 3 Turing Metadata TLV © 2018 Cisco and/or its affiliates. All rights reserved.

Lead Operators • Standardization • Multi-Vendor Consensus © 2018 Cisco and/or its affiliates. All

Lead Operators • Standardization • Multi-Vendor Consensus © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 Local. SIDs © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 Local. SIDs © 2018 Cisco and/or its affiliates. All rights reserved.

Endpoint function >VPP: show sr localsid Local. SID Behavior A 6: : 1 End

Endpoint function >VPP: show sr localsid Local. SID Behavior A 6: : 1 End Total SR Local. SIDs: 1 >VPP: show sr localsid Local. SID Behavior A 4: : 1 End Total SR Local. SIDs: 1 SR: 〈A 4: : 1, A 6: : 1, A 8: : 〉 A 1: : A 3: : A 6: : A 5: : A 8: : 50 A 2: : A 4: : A 7: : Default metric 10 • For simplicity function 1 denotes the most basic function • Shortest-path to the Node © 2018 Cisco and/or its affiliates. All rights reserved.

Endpoint then xconnect to neighbor function >VPP: show sr localsid Local. SID Behavior A

Endpoint then xconnect to neighbor function >VPP: show sr localsid Local. SID Behavior A 6: : 1 End Total SR Local. SIDs: 1 >VPP: show sr localsid Local. SID Behavior A 4: : C 5 End. X {Ten. GE 0/1/0 A 5: : } Total SR Local. SIDs: 1 SR: 〈A 4: : C 5, A 6: : 1, A 8: : 〉 A 1: : A 3: : A 6: : A 5: : A 8: : 50 A 2: : A 4: : A 7: : Default metric 10 • For simplicity Ak: : Cj denotes: • Shortest-path to the Node K and then x-connect (function C) to the neighbor J © 2018 Cisco and/or its affiliates. All rights reserved.

SID allocation for illustration purposes >VPP: show sr localsid Local. SID Behavior A 6:

SID allocation for illustration purposes >VPP: show sr localsid Local. SID Behavior A 6: : 1 End Total SR Local. SIDs: 1 >VPP: show sr localsid Local. SID Behavior A 4: : C 5 End. X {Ten. GE 0/1/0 A 5: : } Total SR Local. SIDs: 1 SR: 〈A 4: : C 5, A 6: : 1, A 8: : 〉 A 1: : A 3: : A 6: : A 5: : A 8: : 50 A 2: : A 4: : A 7: : Default metric 10 • Node K advertises prefix Ak: : /64 • Each node Ak has a function : : 1 associated with End behavior • Each node Ak has a function : : Cj associated with End. X behavior to neighbor j © 2018 Cisco and/or its affiliates. All rights reserved.

Deployment use-cases © 2018 Cisco and/or its affiliates. All rights reserved.

Deployment use-cases © 2018 Cisco and/or its affiliates. All rights reserved.

A 2: : C 4 TILFA • 50 msec Protection upon local link, node

A 2: : C 4 TILFA • 50 msec Protection upon local link, node or SRLG failure • Simple to operate and understand • automatically computed by the router’s IGP process • 100% coverage across any topology • predictable (backup = postconvergence) • Optimum backup path • leverages the post-convergence path, planned to carry the traffic • avoid any intermediate flap via alternate path • Incremental deployment • Distributed and Automated Intelligence © 2018 Cisco and/or its affiliates. All rights reserved. 2 100 4 1 A 5: : 0 6 5 A 5: : 0 <50 mec FRR A 5: : /64 Pri → via 5 FRR → insert A 2: : C 4 A 5: : 0

Distributed & Automated TE A 2: : 0 A 3: : 0 SFO 4

Distributed & Automated TE A 2: : 0 A 3: : 0 SFO 4 NY 5 FIB A 2: : /64 → OIF MOS A 3: : /64 → OIF NY • FIB A 3: : /64 → OIF TOK IGP minimizes cost instead of latency © 2018 Cisco and/or its affiliates. All rights reserved. BRU 1 A 3: : 0 MOS 2 TOK 3 BGP Advert X/64 Advert Y/64 with Latency

Distributed & Automated TE On-Demand distributed TE X/64 via A 3: : 0 along

Distributed & Automated TE On-Demand distributed TE X/64 via A 3: : 0 along IGP path SFO 4 NY 5 BGP X/64 → A 3: : 0 Y/64 → A 3: : 0 with Lat. MOS 2 BRU 1 Y/64 via A 3: : 0 Low-Latency TOK 3 FIB A 2: : /64 → OIF MOS A 3: : /64 → OIF NY X/64 → A 3: : 0 Y/64 → insert <A 2: : 1, A 3: : 1> • Distributed and Automated Intelligence • Dynamic SRTE Policy triggered by learning a BGP route with SLA contract • No PBR steering complexity, No PBR performance tax, No RSVP, No tunnel to configure © 2018 Cisco and/or its affiliates. All rights reserved.

Centralized TE Input Acquisition • BGP-LS • Telemetry Policy Instantiation • PCEP • BGP-TE

Centralized TE Input Acquisition • BGP-LS • Telemetry Policy Instantiation • PCEP • BGP-TE • Netconf / Yang Low-Latency to 7 for application … <A 1: : 1, A 2: : C 4, A 4: : C 7> 12 SR native © 2018 Cisco and/or its affiliates. All rights reserved. 2 50 4 1 3 Low Lat, Low BW 7 13 6 5 11 Algorithm • 10 14 DC (BGP-SR) Default ISIS cost metric: 10 WAN (IGP-SR) PEER

Overlay • 3 1 No tunnel to configure Simple • • IPv 6 Hdr

Overlay • 3 1 No tunnel to configure Simple • • IPv 6 Hdr SA = T: : 1, DA = V: : 2 Payload Automated • • T/64 Protocol elimination Efficient • IPv 6 Hdr SA = A 1: : 0, DA = A 2: : C 4 SA = T: : 1, DA = V: : 2 IPv 6 Hdr Payload SRv 6 for everything 2 IPv 6 Hdr SA = T: : 1, DA = V: : 2 Payload 4 V/64 © 2018 Cisco and/or its affiliates. All rights reserved. Green Overlay V/64 via A 2: : C 4

Overlay - VPNs 10. 0. 3. 0/24 IPv 4 Hdr SA = 10. 0.

Overlay - VPNs 10. 0. 3. 0/24 IPv 4 Hdr SA = 10. 0. 3. 1, DA = 10. 0. 4. 1 Payload • Automated • • No tunnel to configure Protocol elimination Efficient • • 1 Simple • • 3 IPv 4 Hdr IPv 6 Hdr SA = 10. 0. 3. 1, DA = 10. 0. 4. 1 SA = T: : 1, DA = V: : 2 Payload SRv 6 for everything All VPN services • L 2, IPv 4, IPv 6 2 IPv 4 Hdr SA = 10. 0. 3. 1, DA = 10. 0. 4. 1 Payload 4 10. 0. 4. 0/24 © 2018 Cisco and/or its affiliates. All rights reserved. Green Overlay 10/8 via A 2: : C 4

T/64 Overlay with Underlay Control • • SRv 6 does not only eliminate unneeded

T/64 Overlay with Underlay Control • • SRv 6 does not only eliminate unneeded overlay protocols SRv 6 solves problems that these protocols cannot solve 3 IPv 6 Hdr SA = T: : 1, DA = V: : 2 Payload 1 IPv 6 Hdr SA = A 1: : 0, DA = A 3: : 1 SR Hdr < A 3: : 1, A 2: : C 4 > SA = T: : 1, DA = V: : 2 IPv 6 Hdr Payload IPv 6 Hdr SA = A 1: : 0, DA = A 2: : C 4 SR Hdr < A 3: : 1, A 2: : C 4 > SA = T: : 1, DA = V: : 2 IPv 6 Hdr Payload 3 2 IPv 6 Hdr SA = T: : 1, DA = V: : 2 Payload 4 V/64 © 2018 Cisco and/or its affiliates. All rights reserved. Green Overlay V/64 via A 2: : C 4 with Latency

T/64 Integrated NFV • NSH creates per-chain state in the fabric • SR does

T/64 Integrated NFV • NSH creates per-chain state in the fabric • SR does not • IPv 6 Hdr SA = T: : 1, DA = V: : 2 Payload 1 Stateless • • 3 App is SR aware or not IPv 6 Hdr SA = A 1: : 0, DA = A 3: : A 32 < A 3: : A 32, A 4: : 1, A 5: : A 76, SR Hdr A 2: : C 4 > SA = T: : 1, DA = V: : 2 IPv 6 Hdr Payload Server 3 3 4 Server 5 App can work on IPv 4, IPv 6 or L 2 5 2 4 © 2018 Cisco and/or its affiliates. All rights reserved. App 32 Container V/64 App 76 VM

T/64 Integrated NFV • 3 1 Integrated with underlay SLA Server 3 3 IPv

T/64 Integrated NFV • 3 1 Integrated with underlay SLA Server 3 3 IPv 6 Hdr SA = A 1: : 0, DA = A 4: : 1 < A 3: : A 32, A 4: : 1, A 5: : A 76, SR Hdr A 2: : C 4 > SA = T: : 1, DA = V: : 2 IPv 6 Hdr Payload 4 Server 5 5 2 4 © 2018 Cisco and/or its affiliates. All rights reserved. App 32 Container V/64 App 76 VM

T/64 Integrated NFV • 3 1 Stateless NSH creates per-chain state in the fabric

T/64 Integrated NFV • 3 1 Stateless NSH creates per-chain state in the fabric • SR does not • • • App is SR aware or not App can work on IPv 4, IPv 6 or L 2 Server 3 3 IPv 6 Hdr SA = A 1: : 0, DA = A 5: : A 76 < A 3: : A 32, A 4: : 1, A 5: : A 76, SR Hdr A 2: : C 4 > SA = T: : 1, DA = V: : 2 IPv 6 Hdr Payload 4 Server 5 5 2 4 © 2018 Cisco and/or its affiliates. All rights reserved. App 32 Container V/64 App 76 VM

T/64 Integrated NFV • 3 1 Integrated with Overlay Server 3 3 IPv 6

T/64 Integrated NFV • 3 1 Integrated with Overlay Server 3 3 IPv 6 Hdr SA = A 1: : 0, DA = A 2: : C 4 < A 3: : A 32, A 4: : 1, A 5: : A 76, SR Hdr A 2: : C 4 > SA = T: : 1, DA = V: : 2 IPv 6 Hdr Payload IPv 6 Hdr SA = T: : 1, DA = V: : 2 Payload 4 Server 5 5 2 4 © 2018 Cisco and/or its affiliates. All rights reserved. App 32 Container V/64 App 76 VM

Endpoint behaviors specs summary Codename Behavior Endpoint End. X Endpoint with Layer-3 cross-connect End.

Endpoint behaviors specs summary Codename Behavior Endpoint End. X Endpoint with Layer-3 cross-connect End. B 6 Endpoint bound to an SRv 6 policy End. B 6. Encaps Endpoint bound to an SRv 6 Encapsulation policy End. DX 6 Endpoint with decapsulation and IPv 6 cross-connect (per-CE VPN label) End. DX 4 Endpoint with decapsulation and IPv 4 cross-connect (per-CE VPN label) End. DT 6 Endpoint with decapsulation and specific IPv 6 table lookup (per-VRF VPN label) End. DT 4 Endpoint with decapsulation and specific IPv 4 table lookup (per-VRF VPN label) End. DX 2 Endpoint with decapsulation and Layer-2 cross-connect End. DT 2 U/M Endpoint with decapsulation and Layer-2 unicast lookup / flooding (EVPN) End. BM Endpoint bound to an SR/MPLS Policy © 2018 Cisco and/or its affiliates. All rights reserved. [PSP/USP flavors]

Transit behaviors specs summary Codename Behavior T Transit T. Insert Transit with insertion of

Transit behaviors specs summary Codename Behavior T Transit T. Insert Transit with insertion of an SRv 6 policy T. Encaps Transit with encapsulation in an SRv 6 policy T. Encaps. L 2 Transit with encapsulation of L 2 frame in an SRv 6 policy © 2018 Cisco and/or its affiliates. All rights reserved.

Signaling • IGP: • Local SIDs expressing topological functions • e. g. • BGP-LS:

Signaling • IGP: • Local SIDs expressing topological functions • e. g. • BGP-LS: • SRv 6 capabilities • e. g. • • End, End. X for TE and TI-LFA How many SIDs can I push efficiently? My Local SID Table BGP IP/VPN: • Local SIDs expressing the VPN functionalities • e. g. End. DX 2, End. DX 4, End. DX 6, End. DT 4, End. DT 6 © 2018 Cisco and/or its affiliates. All rights reserved.

Endpoint functions signaling Codename Behavior Endpoint End. X Endpoint with Layer-3 cross-connect End. B

Endpoint functions signaling Codename Behavior Endpoint End. X Endpoint with Layer-3 cross-connect End. B 6 Endpoint bound to an SRv 6 policy X End. B 6. Encaps Endpoint bound to an SRv 6 Encapsulation policy X End. DX 6 Endpoint with decapsulation and IPv 6 cross-connect End. DX 4 Endpoint with decapsulation and IPv 4 cross-connect End. DT 6 Endpoint with decapsulation and specific IPv 6 table lookup End. DT 4 End. DX 2 + [PSP/USP] IGP BGP-LS X X X X X Endpoint with decapsulation and specific IPv 4 table lookup X X Endpoint with decapsulation and Layer-2 cross-connect X X © 2018 Cisco and/or its affiliates. All rights reserved. X BGP IP/VPN X

Service chaining © 2018 Cisco and/or its affiliates. All rights reserved.

Service chaining © 2018 Cisco and/or its affiliates. All rights reserved.

Service Chaining Packets from are steered through a sequence of services on their way

Service Chaining Packets from are steered through a sequence of services on their way to the server © 2018 Cisco and/or its affiliates. All rights reserved.

Service Chaining – traditional approach Packets from are steered through a sequence of services

Service Chaining – traditional approach Packets from are steered through a sequence of services on their way to the server • Services are placed on the traffic route • Static configurations • Traffic bottlenecks © 2018 Cisco and/or its affiliates. All rights reserved.

Service Chaining with NSH Packets from are steered through a sequence of services on

Service Chaining with NSH Packets from are steered through a sequence of services on their way to the server • Dedicated encapsulation header • State to be maintained for each service chain © 2018 Cisco and/or its affiliates. All rights reserved.

Service Chaining with SRv 6 Packets from are steered through a sequence of services

Service Chaining with SRv 6 Packets from are steered through a sequence of services on their way to the server SR: 〈S 1, S 2, S 3, D〉 • S 1 S 2 Services are expressed with segments • Flexible • Scalable • Stateless © 2018 Cisco and/or its affiliates. All rights reserved. S 3 D

Service Chaining with SRv 6 Packets from are steered through a sequence of services

Service Chaining with SRv 6 Packets from are steered through a sequence of services on their way to the server S 3 S 1 D SR: 〈S 1, C 1, S 2, S 3, D〉 C 1 • Services are expressed with segments • Flexible • Scalable • Stateless © 2018 Cisco and/or its affiliates. All rights reserved. S 2

Service Chaining with SRv 6 SR-Aware VNFs: • Leverage SRv 6 Kernel support to

Service Chaining with SRv 6 SR-Aware VNFs: • Leverage SRv 6 Kernel support to create smarter applications • SERA: SR-Aware Firewall (extension to iptables) Types of VNFs SR-Un. Aware VNFs: • Application is not aware of SR at all • Leverage VPP as a vm/container v. Switch to do SRv 6 processing © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 support in the Linux Kernel • Linux Kernel 4. 14 includes support

SRv 6 support in the Linux Kernel • Linux Kernel 4. 14 includes support for TE and VPN functions • srext module complements Linux Kernel and provides full support for SRv 6 Network Programming • SERA: SR-aware firewall Firewall rules based on the SRH • Firewall actions on the SRH • © 2018 Cisco and/or its affiliates. All rights reserved.

Vector Packet Processing • Extensible framework that provides out-of-the-box production quality switch/router functionality (dataplane

Vector Packet Processing • Extensible framework that provides out-of-the-box production quality switch/router functionality (dataplane only) • We’ve implemented the entire SRv 6 Network Programming on it Extremely fast Packet processing stack © 2018 Cisco and/or its affiliates. All rights reserved. Open Source Runs on commodity CPU

SR-Un. Aware VNFs • End. AM – Endpoint to SR-unaware app via masquerading •

SR-Un. Aware VNFs • End. AM – Endpoint to SR-unaware app via masquerading • End. AD – Endpoint to SR-unaware app via dynamic proxy • End. ASM – Endpoint to SR-unaware app via shared memory S 1 S 2 D SR: 〈S 1, C 1, S 2, S 3, D〉 C 1 © 2018 Cisco and/or its affiliates. All rights reserved. S 3

SR to the Host • Why Application Responsive Networking? • Revenue opportunities are moving

SR to the Host • Why Application Responsive Networking? • Revenue opportunities are moving towards the applications (hosted experiences, contextual experiences, etc) • Applications have no visibility over the network or mechanisms to request optimization objectives • IETF: Path Aware Networking RG (panrg) “This proposed research group aims to support research in bringing path awareness to transport and application layer protocols…” • Smarter applications allows to distribute function processing over the network’s edges • Let’s rethink service chains policies • Leverage ”Loc: : Fun: Arg” SRv 6 SID format to embed function parameters • Leverage TLVs for complex metadata or in-band telemetry Arguments Locator Function Firewall with Policy Identifier 2605: A 800: FFFE: 1111: A 100: B 1: : 0100 -> Policy ID Rate-Limiting Policy 2605: A 800: FFFE: 1111: A 100: C 1: : 1234 -> Threshold Video transcoder 2605: A 800: FFFE: 1111: A 100: D 1: A 15 : 273 JIT video packaging 2605: A 800: FFFE: 1111: A 100: F 1: A : 0512 © 2018 Cisco and/or its affiliates. All rights reserved. -> Format/bitrate -> Package format

Agenda © 2018 Cisco and/or its affiliates. All rights reserved. 1 SRv 6 101

Agenda © 2018 Cisco and/or its affiliates. All rights reserved. 1 SRv 6 101 2 SRv 6 Local. SIDs functions 3 Deployment use-cases 4 VPN Overlay 5 Service Chaining 6 Spray 7 SD-WAN 8 5 G and network slicing

Spray GW 1 C: : 1 Spray Policy 1: <B 2: : 1, B

Spray GW 1 C: : 1 Spray Policy 1: <B 2: : 1, B 4: : 1, M 1> CMTS 4 4 Spray Policy 2: <B 3: : 1, B 5: : 1, M 1> Content Provider VPP 1 B: : 1 Unicasted GW 3 C: : 3 2 GW 4 C: : 4 3 Replicate traffic to every CMTS through TE-Engineered core path then to access mcast tree then to anycast TV Peering to Content Provider GW 2 C: : 2 CMTS 5 5 GW 5 C: : 5 SRv 6 domain (Unicast) SRv 6 node Non SRv 6 node Multicast domain Subscribed to M 1 channel Flexible, SLA-enabled and efficient content injection without multicast core © 2018 Cisco and/or its affiliates. All rights reserved.

Spray + Service Pipeline CMTS 4 4 BSID A 3: : 10 (Spray): <B

Spray + Service Pipeline CMTS 4 4 BSID A 3: : 10 (Spray): <B 2: : 1, B 4: : 1> <B 3: : 1, B 5: : 1> SR Policy: <A 2: : 1, A 3: : 10, M 1> Content Provider GW 1 C: : 1 VPP 1 A 1: : VPP 3 A 3: : GW 3 C: : 3 2 VPP 2 A 2: : GW 2 C: : 2 3 Perform video transcoding GW 4 C: : 4 CMTS 5 5 GW 5 C: : 5 Peering to Content Provider SRv 6 domain (Unicast) SRv 6 node Non SRv 6 node Efficient distribution with flexible video processing © 2018 Cisco and/or its affiliates. All rights reserved. Multicast domain Subscribed to M 1 channel

SD-WAN © 2018 Cisco and/or its affiliates. All rights reserved.

SD-WAN © 2018 Cisco and/or its affiliates. All rights reserved.

Binding SID • A Binding SID is a unique ‘alias’ of an SR policy.

Binding SID • A Binding SID is a unique ‘alias’ of an SR policy. * • If a packet arrives with the BSID, then the SR policy is applied on such packet • Several Binding SIDs may point to the same SR policy • Upon topology changes within the core of the network, the low-latency path may change. While the path of an intermediate policy changes, its BSID does not change. • Provides scaling, network opacity and service independence. • A BSID acts as a stable anchor point which isolates one domain from the churn of another domain. © 2018 Cisco and/or its affiliates. All rights reserved. * Naïve definition of a BSID

SD-WAN • Delegates the application recognition and policy decision to the Entreprise who knows

SD-WAN • Delegates the application recognition and policy decision to the Entreprise who knows better when an application needs a non-default path and which non-default path is needed • NFV service chaining and Traffic-Engineering policies can be integrated in a SR policy • Applicability to both SR-MPLS and SRv 6 • To simplify, let’s focus on TE/SLA policy • SRv 6 • © 2018 Cisco and/or its affiliates. All rights reserved.

Default versus BW versus Latency • Lisbon (1) to Athens (7) • Default •

Default versus BW versus Latency • Lisbon (1) to Athens (7) • Default • <A 7: : > • 4 BW: Guaranteed 50 Mbps • <A 10: : 1, A 11: : 1, A 7: : > 3 • BSID: A 1: : 999: 1 • Low-Latency 10 • <A 9: : 1, A 7: : > • BSID: A 1: : 999: 2 A 1: : 999: 1 1 A 1: : 999: 2 © 2018 Cisco and/or its affiliates. All rights reserved. 2 8 BW 5 6 11 7 9 Latency

App needs best-effort App 1 needs default Site 2 push no BSID E 1

App needs best-effort App 1 needs default Site 2 push no BSID E 1 E 2 • E 1 encrypts the inner packet and encapsulate in outer packet to E 2 • E 1 does not push any BSID © 2018 Cisco and/or its affiliates. All rights reserved.

App needs guaranteed BW Site 2 push A 1: : 999: 1 App 2

App needs guaranteed BW Site 2 push A 1: : 999: 1 App 2 needs 10 Mbps E 1 E 2 • E 1 encrypts the inner packet and encapsulate in outer packet to E 2 • E 1 pushes A 1: : 999: 1 • The network provides the guaranteed BW service to App 2 © 2018 Cisco and/or its affiliates. All rights reserved.

App needs low-latency Site 2 push A 1: : 999: 2 E 1 E

App needs low-latency Site 2 push A 1: : 999: 2 E 1 E 2 App 3 needs low-latency • E 1 encrypts the inner packet and encapsulate in outer packet to E 2 • E 1 pushes A 1: : 999: 2 • The network provides the low-latency service to App 3 © 2018 Cisco and/or its affiliates. All rights reserved.

Disjointness push A 1: : 999: 3 Flow 4 A Flow 4 B E

Disjointness push A 1: : 999: 3 Flow 4 A Flow 4 B E 1 E 2 Site 2 push A 1: : 999: 4 • App 4 needs flow F 4 A and F 4 B to reach site 2 via disjoint paths • E 1 encrypts the inner packets and encapsulate in outer packet to E 2 • For F 4 A, E 1 additionally pushes A 1: : 999: 3 • For F 4 B, E 1 additionally pushes A 1: : 999: 4 © 2018 Cisco and/or its affiliates. All rights reserved.

Binding SID is crucial in SD-WAN • Identifier for a customized SLA per application

Binding SID is crucial in SD-WAN • Identifier for a customized SLA per application per Entreprise • Secured • Per-BSID counters for usage-based billing • Delegates the application recognition and policy decision to the Entreprise who knows better when an application needs a non-default path and which non-default path is needed © 2018 Cisco and/or its affiliates. All rights reserved.

Performance monitoring • Enterprise-based Enterprise can easily monitors each individual service • Simply sends

Performance monitoring • Enterprise-based Enterprise can easily monitors each individual service • Simply sends the probes with the related BSID • • Service Provider-based The SP can enable per-SR-policy performance monitoring (latency/loss) • These metrics can be leveraged by SDWAN controller and provided to the Enterprise • • BSID Metadata to select which application to steer © 2018 Cisco and/or its affiliates. All rights reserved.

5 G and Network Slicing © 2018 Cisco and/or its affiliates. All rights reserved.

5 G and Network Slicing © 2018 Cisco and/or its affiliates. All rights reserved.

Current mobility networks • Well fragmented RAN, EPC, SGi Does not scale to 5

Current mobility networks • Well fragmented RAN, EPC, SGi Does not scale to 5 G requirements: • Inefficient data paths • Increased number of connected devices • Protocol stack gets large • Ultra-low latency • Per-session tunnel creation • Network slicing • Mobile edge computing • Per-mobility event tunnel handling SGW PGW SGW UE e. NB © 2018 Cisco and/or its affiliates. All rights reserved. L 2 Anchor L 3 Anchor Service Functions Internet

SRv 6 for mobile user-plane • What about if SRv 6 becomes an alternative

SRv 6 for mobile user-plane • What about if SRv 6 becomes an alternative to GTP-U? • Removing the per-session tunneling has obvious benefits • Optimal data path (ultra-low latency) • Integrated service chaining • Native support for network slicing • Achieved either via a centralized SDN solution or via SR TE with IGP Flex. Alg • Optimal resource utilization • Well-progressed standardization • IETF: draft-ietf-dmm-srv 6 -mobile-uplane-00 • 3 GPP: Accepted study item in CT 4 (#29. 892) © 2018 Cisco and/or its affiliates. All rights reserved.

Multi-cloud overlays © 2018 Cisco and/or its affiliates. All rights reserved.

Multi-cloud overlays © 2018 Cisco and/or its affiliates. All rights reserved.

Multi-cloud overlays • How do you interconnect several cloud-provider regions (as an end-customer)? •

Multi-cloud overlays • How do you interconnect several cloud-provider regions (as an end-customer)? • Transit is plain IPv 6 which we do not control • Let’s use SRv 6 for the overlay and service chaining only • Deployed VPP as VPC gateway Cloud provider B in region 2 snor t Cisc o ASA v VPP VPC Cloud provider A in region 1 VPC Serve r 1 Internet VPP VPC iptable s VPP Server 2 Cloud provider A in region 2 © 2018 Cisco and/or its affiliates. All rights reserved. All nodes in green are SRv 6 capable

Multi-cloud use-case Cloud provider B in region 2 snor Cisc t o 4 VPP

Multi-cloud use-case Cloud provider B in region 2 snor Cisc t o 4 VPP C 2 IPv 4 Hdr SA=1. 1. 1. 0, DA=2. 2 ASA v IPv 6 Hdr SA = C 1: : , DA = C 2: : C 4 IPv 6 Hdr SA = C 1: : , DA = C 3: : C 2 SR Hdr ( C 3: : C 2, C 2: : C 4 ) SL=1 SR Hdr ( C 3: : C 2, C 2: : D 3 ) SL=0 IPv 4 Hdr SA = 1. 1. 1. 0, DA = 2. 2 Payload IPv 4 Hdr SA=1. 1. 1. 0, DA=2. 2 Payload Cloud provider A in region 1 iptable s Internet Serve r 1 VPP C 3 Server 2 Cloud provider A in region 2 © 2018 Cisco and/or its affiliates. All rights reserved. All nodes in green are SRv 6 capable

Where are we? © 2018 Cisco and/or its affiliates. All rights reserved.

Where are we? © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 timeline First SRv 6 demo: Spray use-case NCS 55 xx Cisco Live

SRv 6 timeline First SRv 6 demo: Spray use-case NCS 55 xx Cisco Live US SRv 6 VPN SD-WAN summit SRv 6 for the SD-WAN VPP ASR 9 k ASR 1 k First SRv 6 HW demo in merchant sillicon VPN DP use-case ASR 1 k ASR 9 k NCS 55 xx VPP+NFV ASR 1 k BGP Control Plane Apr 2016 Mar 2017 Apr 2017 May 2017 Jun 2017 Aug 2017 Sep 2017 2018 SRv 6 VPN+NFV: MPLS World Con. Barefoot SR VPN Inter. Op More to come… VPP Linux SRv 6 VPN HW demo Fretta ASR 9 k ASR 1 k VPP Linux Barefoot 5 G + Network slicing © 2018 Cisco and/or its affiliates. All rights reserved.

Implementations • Cisco HW – NCS 5 k - XR – ASR 9 k

Implementations • Cisco HW – NCS 5 k - XR – ASR 9 k - XR – ASR 1 k – XE • Open-Source – Linux 4. 10 – FD. IO • Barefoot HW • Others … © 2018 Cisco and/or its affiliates. All rights reserved.

 • VPN (v 4 and v 6) TE & NFV & • Cisco

• VPN (v 4 and v 6) TE & NFV & • Cisco HW with XR and XE • Barefoot HW with P 4 code • FD. IO blogs. cisco. com/sp/segment-routing-ipv 6 -interoperability-demo-is-already-there © 2018 Cisco and/or its affiliates. All rights reserved. • Linux 2018 Cisco and/or its affiliates. All rights reserved.

Conclusion © 2018 Cisco and/or its affiliates. All rights reserved.

Conclusion © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 Leadership • Bold architecture • Numerous use-cases • FRR, TE, SDN, Overlay

SRv 6 Leadership • Bold architecture • Numerous use-cases • FRR, TE, SDN, Overlay with SLA, NFV, Spray, SD-WAN, 5 G & NS, . . . • First HW implementation demonstrated • First FCS, field trial and deployment • Feel free to join the lead-operator team! © 2018 Cisco and/or its affiliates. All rights reserved.

Partnering • Track-record collaboration with operators Focus on real operator needs • Seamless Deployment

Partnering • Track-record collaboration with operators Focus on real operator needs • Seamless Deployment • Standardization • Multi-Vendor consensus • • Looking forward to working together © 2018 Cisco and/or its affiliates. All rights reserved.

IPv 6 provides reachability © 2018 Cisco and/or its affiliates. All rights reserved.

IPv 6 provides reachability © 2018 Cisco and/or its affiliates. All rights reserved.

SRv 6 unleashes IPv 6 potential TE © 2018 Cisco and/or its affiliates. All

SRv 6 unleashes IPv 6 potential TE © 2018 Cisco and/or its affiliates. All rights reserved. FRR VPN NFV Scalability Automation Single protocol

Thank you! ketant@cisco. com www. segment-routing. net

Thank you! ketant@cisco. com www. segment-routing. net