asr-9000 качестве платформы внедрения sdn в …...asr-9000 в...
TRANSCRIPT
ASR-9000 в качестве платформы внедрения SDN в сетях операторов связи
Илгар Гасымов ([email protected]) Системный архитектор Департамент операторов связи
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved.
Содержание
• Применение SDN на операторском рынке • SDN технологии на ASR 9000
• BGP-LS • Stateful PCEP • NETCONF/YANG
• Заключение
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 2
Применение SDN на операторском рынке
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 3
Cloud Data Centre
Consumer
DPI CGN WWW
FW CDN IPS
Virtual Private Cloud
Enterprise NfV Services
CPE DPI WAAS
FW NAM IPS
SP IP/MPLS Network
SP DC Fabric
Guaranteed Network SLA Cloud SLA Service Chaining
NSO / VTS / Elastic Service Controller
Cisco WAE
4
CPE
CPE
PE
DCI
vCPE
SDN – Сквозное управление услугой Централизованный контроль ресурсов и обеспечение SLA
Инфраструктура сегодня: управляется раздельно и сложно
Data Center
Customers Wide Area Network Cloud
Optical
IP/MPLS
Software Engineering (Applications)
System Engineering (Compute, Storage, Virtual
Machines)
Network Engineering (WAN Services, NfV) Enterprise
Virtual
5
Новый подход к управлению инфратсруктурой
Data Center
Customers Wide Area Network Cloud
Optical
IP/MPLS
Software Engineering (Applications)
System Engineering (Compute, Storage, Virtual
Machines)
Network Engineering (WAN Services, NfV) Enterprise
Virtual
Physical and Virtual
API’s
Orchestration
API’s
Applications
6
Место SDN в новом подходе
Data Center
Access/Customers Wide Area Network Cloud
Optical
IP/MPLS
DC/Cloud SDN
Enterprise SDN
Applications DC-WAN X-Domain Orch Ent-SP WAN X-Domain Orch
SP SDN (e.g WAN Orchestration)
7
Data Center
Access/Customers Wide Area Network Cloud
Optical
IP/MPLS
DC/Cloud SDN
Enterprise SDN
Applications DC-WAN X-Domain Orch Ent-SP WAN X-Domain Orch
SP SDN (e.g WAN Orchestration)
8
APIC EM
APIC DC
Место SDN в новом подходе
SDN: Большой выбор платформ
9
“Купить” “Разработать” Tail-F NCS
Оркестрация
NETCONFPCEPBGP-LSNETFLOWSNMP CLI
Множество опций управления Физическими и Виртуальными устройствами
Сегодня рассматриваем
Приложения
Оркестрация
API’s + Protocols
10
Оркестрация – Раньше и Теперь
11
OSS/BSS
WAN CPE
Data Center
CPE Prov
WAN Prov
DC Prov
OSS/BSS
WAN CPE
Data Center
Orchestration Platform
YANG Service Models
YANG Device Models
REST, Netconf, …
Customized BSS/OSS and Provisioning Systems Model-driven Network and Service
Orchestration
SDN технологии на ASR 9000
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 12
ASR 9001 ASR9904 ASR 9006 ASR 9010 ASR9912 ASR 9922
Размер 2RU 6RU 10RU 21RU 30RU 44RU
Кол-во I/O слотов 2 MPAs 2 4 8 10 20
Вентиляция Side to side Side to side Side to back Front to back Front to back Front to back
Произв. / слот N/A 770G/385G 440G/220G 440G/220G 770G/660G 770G/660G
Произв. шасси / слот 120Gbps 2Tbps 880Gbps 880Gbps 2Tbps 2Tbps
Произв. всего шасси 120Gbps 8Gbps 3.5 Tbps 7.0 Tbps 20Tbps 40Tbps
Cisco ASR 9000
13
Virtual XR DP
IOS XRv 9000
Поддержка SDN на ASR 9000
Controller
OpenFlow
OpenFlowAgent
Приложения Policy Servers OSS/BSS User App Analytics
Оркестрация
Control Plane Management
Plane
Controller
Контроллеры 3
Программные политики
BGP-LSAPI и Протоколы OpenFlow Agent , BGP-LS, PCEP,
NETCONF
2
SDN Enabled Data Plane
1 E-PBR Data Plane
Policy Fwd Flows
ASR 9000
SDN Платформы Orchestration,
Analytics, Services, etc
4
VSM
Эффект Интеллек-туальной сети
Controller
PCEP
Приложения 5
Различные инструменты для тестирования
OpenDaylight (ODL) https://wiki.opendaylight.org/view/Getting_started http://www.opendaylight.org/software/downloads
REST Client:
Chrome: Postman REST Client Firefox: REST Client
Wireshark: https://www.wireshark.org/ IOS XR 5.2.2 with physical routers and
Virtual Internet Routing Lab (VIRL): virl.cisco.com
For Your Reference
15
ASR-9000 BGP Link State protocol
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 16
Обнаружение и сбор данных по топологии сети
• Традиционные: § Methods: SNMP, SNMPCollect (polling), Netflow, CLI Parsing § Platforms: Network Management Systems (NMS) § Are and will continue to be used…
• Недостатки: § Delay in topology changes to NMS
— E.g. delay based on polling intervals § Unreliable transport
— e.g. missed SNMP traps
• Требуют наращивания по мере роста сети и информации о ее состояниях
17
Обзор BGP Link-State (BGP-LS)
Use BGP to advertise LSDB and TED of a network § New link-state address family
Support for OSPF and ISIS LSDB Advantages
§ Single upstream topology feed (BGP) § IGP isolated from external entities § Leverage well-known BGP security,
transport and policy knobs § Enables operator control
Support introduced in IOS XR 5.1.1 Implementations: WAN Automation Engine (WAE), OpenDaylight (ODL)
Domain 1 Domain 2
Domain 0
BGP-LS
BGP-LS BGP-LS
RR
PCE
TED
LSP DB
18
Референсная диаграмма: BGP-LS
OpenDaylight
192.168.96.0/29
.1
.2
192.168.x.x/31 64.4/31
64.0/31
192.4/31 192.6/31
128.2/31
128.0/31 192.0/31
AG04-4 10.99.8.8/32
AG04-2 10.99.2.2/32
AG06-3 10.99.5.5
AG06-1 10.99.3.3
AG06-2 10.99.4.4
AG06-4 10.99.6.6
AG04-1 10.99.1.1
172.18.152.3/24
For Your Reference
BGP-LS
REST
19
routerospf1distributebgp-lsinstance-id1router-id10.99.8.8area0routerbgp65000bgprouter-id10.99.8.8address-familylink-statelink-state!neighbor192.168.96.2remote-as65000update-sourceLoopback0address-familylink-statelink-state!!
Настройка BGP Link State на ASR 9000
20
Distribute link state database into BGP-LS
Specify BGP-LS peer
Enable address-family link-state
RP/0/RSP0/CPU0:ASR9K-4#shbgplink-statelink-stateTueMay600:09:45.523UTCBGProuteridentifier10.99.8.8,localASnumber100Statuscodes:ssuppressed,ddamped,hhistory,*valid,>besti-internal,rRIB-failure,Sstale,NNexthop-discardOrigincodes:i-IGP,e-EGP,?-incompletePrefixcodes:Elink,Vnode,TIPreacheableroute,u/UunknownIIdentifier,Nlocalnode,Rremotenode,Llink,PprefixL1/L2ISISlevel-1/level-2,OOSPF,Ddirect,Sstaticaarea-ID,llink-ID,ttopology-ID,sISO-ID,cconfed-ID/ASN,bbgp-identifier,rrouter-ID,iif-address,nnbr-address,oOSPFRoute-type,pIP-prefixddesignatedrouteraddressNetworkNextHopMetricLocPrfWeightPath*>[V][O][I0x1][N[c100][b10.99.8.8][a0.0.0.0][r10.99.1.1]]/3760.0.0.00i*>[E][O][I0x1][N[c100][b10.99.8.8][a0.0.0.0][r10.99.1.1]][R[c100][b10.99.8.8][a0.0.0.0][r10.99.2.2]][L[i192.168.192.2][n192.168.192.3]]/7920.0.0.00i
Prefix codes
Node
Link
21
Верификация BGP Link State на ASR 9000
BGP-LS Пример* Topology Visualization
22
*Посетите DevNet чтобы скачать пример программы визуализации BGP-LS https://developer.cisco.com/site/devnetlabs/bgp/
ASR9000 Path Computation Element protocol
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 23
Path Computational Element (PCE) Определение
• Traffic Engineering Database (TED) § Содержит топологию и информацию о ресурсах
§ Основывается на IGP LSDB • PCE Server (PCE) • Path Computation Client (PCC)
§ Агент на маршрутизаторе, который взаимодействует с PCE Server
• PCE Protocol (PCEP) § Протокол работающий между PCC на маршрутизаторе и PCE server
24
Основная функция расчитать путь (напр. MPLS TE LSP) в MPLS/GMPLS сети
• Stateless • PCE не имеет информации о ранее построенных LSP
• Stateful • Синхронизация PCC и PCE • PCC пересылает изменение состояний на PCE • PCC может делегировать упр-е LSP на PCE
• PCE или PCC могут инициировать настройку LSP
• PCC всегда отслеживает состояние LSP
Stateless и Stateful PCE
25
PCEP
Stateful PCE
TED
LSP DB
PCC
PCE-initiated LSP
Stateful PCE
• LSP Database § Contains info/status on active LSPs
communicated by PCCs in LSP state report messages
• Active Stateful PCE § References LSP DB for path
computations § Programs LSP state in network
• PCC reports LSP status to PCE • PCE may reprogram an existing LSP • LSP Delegation
§ PCC delegates LSP control responsibility to PCE
LSP=Label Switch Path
26
ASR9000 туннели инициированные PCE
• Treated as dynamically created tunnels (auto-tunnel)
• Router does NOT verify or compute path that PCE provides § treated as verbatim path
• PCE responsible for LSP re-optimization
• PCE sends an PCEP Update when a better path exists
• Tunnels may be inter-area
• *PCE Initiated tunnel does not appear in configuration § “show mpls traffic-eng tunnels”
PCEP Initiate / Create
Stateful PCE
TED
LSP DB
PCC
27
Референсная диаграмма: PCE Initiated LSP
OpenDaylight
192.168.96.0/29
.1
.2
192.168.x.x/31 64.4/31
64.0/31
192.4/31 192.6/31
128.2/31
128.0/31
192.0/31
AG04-4 10.99.8.8/32
AG04-2 10.99.2.2/32
AG06-3 10.99.5.5
AG06-1 10.99.3.3
AG06-2 10.99.4.4
AG06-4 10.99.6.6
AG04-1 10.99.1.1
172.18.152.3/24
For Your Reference
PCEP
REST
28
Настройка PCC на ASR 9000
hostnameASR9K-AG04-4!ipv4unnumberedmplstraffic-engLoopback0!mplstraffic-engpcepeeripv4192.168.96.2stateful-clientinstantiationdelegation!auto-tunnelpcctunnel-idmin7000max9999!
Allow PCE-initiated LSP
User defined tunnel number
range.
Required for auto-tunnel
PCE server
29
Delegate statically configured tunnels
PCE Add-LSP (OpenDaylight) пример
REST URL: http://localhost:8080/restconf/operations/network-topology-pcep:add-lsp
Method: POST Content-Type:application/xml <input><node>pcc://10.99.8.8</node><name>test-tunnel</name><arguments><endpoints-obj><ipv4><source-ipv4-address>10.99.8.8</source-ipv4-address><destination-ipv4-address>10.99.6.6</destination-ipv4-address></ipv4></endpoints-obj></arguments>
<network-topology-refxmlns:topo="urn:TBD:params:xml:ns:yang:network-topology">/topo:network-topology/topo:topology[topo:topology-id="pcep-topology"]</network-topology-ref></input>
PCC
Source
Destination
30
PCE Update LSP (OpenDaylight) пример
URL: http://localhost:8080/restconf/operations/network-topology-pcep:update-lsp
Method: POST Content-Type:application/xml <input>
<node>pcc://10.99.8.8</node><name>test-tunnel</name>
<network-topology-refxmlns:topo="urn:TBD:params:xml:ns:yang:network-topology">/topo:network-topology/topo:topology[topo:topology-id="pcep-topology"]</network-topology-ref>
<arguments>
<operationalxmlns:stateful02="urn:opendaylight:params:xml:ns:yang:pcep:crabbe:stateful:02">true</operational>
<ero>
<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.64.4/32</ip-prefix></ip-prefix></subobject>
<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.192.4/32</ip-prefix></ip-prefix></subobject>
<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.192.7/32</ip-prefix></ip-prefix></subobject>
<subobject><loose>false</loose><ip-prefix><ip-prefix>192.168.128.3/32</ip-prefix></ip-prefix></subobject>
</ero>
</arguments>
</input> Explicit-Route Object (ERO)
31
ASR9000 проверка PCE тунеля
RP/0/RSP0/CPU0:ASR9K-AG04-4#showmplstraffic-engpcetunnelsMonMay1917:39:38.550UTCTunnel:tunnel-te7004Destination:10.99.6.6State:upCurrentpathoption:10
32
ASR9000 команды проверки состояния
• New commands § show mpls traffic-eng auto-tunnel pcc […]
• Modified Commands § show mpls traffic-eng pce peer [ all|ipv4 <addr>|node-id <id>|stateful|stateless]
• Other useful commands § show mpls traffic-eng pce tunnels <id> § show mpls traffic-eng pce trace […] § show mpls traffic-eng tunnels tabular
33
Traffic Steering into PCE-Initiated Tunnels
Возможные методы:
• Autoroute announce
• Policy-based tunnel selection (forwarding class id)
34
Policy Based Tunnel Selection
• Local mechanism at head-end
• PBR policy sets forwarding class for incoming traffic
• Traffic switched to tunnel with matching forwarding class
• Seven forwarding classes supported (1-7)
• One forwarding class reserved as default (0)
PE1
PE2
Tunnel-te1000 Forwarding class 1
Tunnel-te2000 Forwarding class 0
(default)
Input policy matches traffic based on ACL and sets forwarding
class
35
Traffic Steering PCE Initiated Tunnel
Tunnel-te1000 Forwarding class 1 Tunnel-te2000 Forwarding class 0 (default)
Tunnel-te7000 PCE Initiated LSP Forwarding class 2
ASR9K-1
CE TenGigE0/1/0/1
10.201.7.43
ASR9K-2
ASR9K-3
Set Forward ClassID 2
36
Orchestra?onRESTfulAPIs
PCEPProgramming
Пример: PCE Initiated LSP
WAN
R1
R2
R3 Data Center #1 Data Center #2 4
3
Service Request 1
Analytic to determine LSP 2
PCCreate LSP 3
Traffic steering onto LSP 6
10.201.7.43
2
6
TE LSP Signaling 4
Delegate & LSP State Report 5
5
37
ASR9000 NetConf YANG
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 38
Традиционноый подход - CLI
• Generally a majority of today’s configuration
• Device Specific • Human Friendly • Manual (challenging to automate) • Developer un-friendly
§ Such parsing CLI screen scrape • No Common Data Model • No Built-In Error Reporting
[joerober@rtp-odl~][email protected]@10.99.1.1'spassword:RP/0/RSP0/CPU0:ASR9K-AG04-1#configureterminalTueJan617:18:58.350ESTRP/0/RSP0/CPU0:ASR9K-AG04-1(config)#
39
NETCONF
• Network Configuration Protocol (NETCONF) § XML based interface between network device and NMS § Mechanism to manage, configure, and monitor network device
• Published RFC 4741 (Dec 2006) • Updated RFC 6241 (Jun 2011) • RFC 6242 (Jun 2011) Using the NETCONF Protocol over Secure Shell • Overcome SNMP Limitations
§ 2003 IAB Network Management Workshop (RFC3535)
40
YANG
• Modeling language defined in RFC 6020 • Used by NETCONF to define objects and data in requests and replies • Models configuration, operational, and RPC data • Provides semantics to better define NETCONF data • Provides common data model:
§ In order for NETCONF to be useful as network-wide protocol § To consume NETCONF data from any network device
• YANG modules are for NETCONF what MIBs are for SNMP
41
Сравнение SNMP и NETCONF
SNMP NETCONF
Data Models Defined in MIBs Defined in YANG modules (or XML schema documents)
Data Modeling Language Structure of Management Information (SMI)
YANG (and XML schema)
Management Operations SNMP NETCONF
RPC Encapsulation Basic Encoding Rules (BER) XML
Transport Protocol UDP TCP (reliable transport)
42
NETCONF Уровни
• Content § Configuration and Operational Data
• Operations § Defines base operations § What clients do to servers
• Messages/Remote Procedure Call (RPC) § Transport-independent mechanism for encoding messages § RPC, RPC-Reply
• Transport § Reliable communication between client and server
Content
Operations
Messages
Transport
43
ASR9000 NETCONF Транспорт и операции
SSH NETCONF (1.1) session: § IOS XR 5.3.1 § On client utilize ssh with –s to request invocation of subsystem on server (router)
— ssh [email protected] -p 830 -s netconf
Transport
Messages
Operations
Content
Client Server
<rpc>
<rpc-reply>
44
NETCONF Операции
45
Operation Description <get-config> Retrieve all or part of specified configuration datastore
<edit-config> Loads all or part of a configuration to the specified configuration datastore
<get-schema> Retrieve YANG-based XML Data
<commit> Copy candidate datastore to running datastore
<get> Retrieve running configuration and device state information
<lock> / <unlock> Lock or unlock the entire configuration datastore system
<close-session> Graceful termination of NETCONF session <kill-session> Forced termination of NETCONF session
Complete List Protocol Operations: https://tools.ietf.org/html/rfc6241
Transport
Messages
Operations
Content
ASR9000 NETCONF Data Stores
§ Target of NETCONF Operations
§ Data stores are named containers that may hold an entire copy of the configuration
§ IOS XR Supported Datastores: § <running> § <candidate> § *XR two stage commit (no startup datastore)
Running Candidate Transport
RPC
Operations
Content
46
YANG XR 5.3.1 Data Models
• YANG data modules are part of the software image. • Models can be retrieved from router using <get-schema> operation. • YANG Model file for each configuration module
§ For example, to configure CDP, the relevant yang model is Cisco-IOS-XR-cdp-cfg • 5.3.1 Data Models:
http://www.cisco.com/c/en/us/td/docs/routers/crs/software/crs_r5-3/security/configuration/guide/b-syssec-cg53x-crs/Implementing_the_Network_Configuration_Protocol.pdf#unique_8
47
ASR9000 NETCONF 1.1 Configuration (XR 5.3.1)
• Pre-requisite: § k9sec pie must be installed § Crypto keys must be generated
• Enable NETCONF Agent: • sshservernetconfport830• netconf-yangagentssh
• Session verification: • shownetconf-yangclients• shownetconf-yangstatistics
!IOSXR5.3.1hostnameASR9K-R1domainnamecisco.com!sshserverv2sshservervrfdefaultsshservernetconfport830netconf-yangagentssh!
48
XR 5.3.1 Sample NETCONF/YANG Workflow
49
ASR9000
Orchestration Platform NETCONF Client
1 XR Image contains YANG
2 Client (application) retrieves models with <get-schema>
3 Client installs and processes YANG models
YANG Data Model
1
YANG Data Model
3
4 Client sends operation request Using YANG-based XML data
5 Router understands YANG-based XML data & is configured accordingly
2 <get-schema>
<edit-config> 4
Candidate Running 5 6 Client-router interaction continues Until network configured as desired
<edit-config><PBR><ServicePolicy><Input>PBTS</Input></ServicePolicy></PBR>
Orchestra?onRESTfulAPIs
Programming
Пример:NETCONF Detailed Policy/Traffic Steering
WAN
R1
R2
R3 Data Center #1 Data Center #2 3
3
Service Request 1 Analytic to determine LSP
2
Create LSP Tunnel FCID 2 3
NETCONF to program: -detailed policy* -apply policy inbound
4
10.201.7.43
2
4
*example policy in reference slides 50
Пример <edit-config> <?xml version="1.0" encoding="UTF-8" ?> <rpc message-id="106" xmlns="urn:ietf:params:netconf:capability:candidate:1.0"> <edit-config> <target><candidate/></target> <config> <Configuration><InterfaceConfigurationTable><InterfaceConfiguration><Naming> <Active>act</Active> <InterfaceName>TenGigE0/3/0/0</InterfaceName> </Naming> <Description>NETCONF CONFIG</Description>
<IPV4Network><Addresses><Primary> <Address>10.223.1.1</Address> <Netmask>255.255.255.0</Netmask> </Primary></Addresses></IPV4Network> </InterfaceConfiguration></InterfaceConfigurationTable> </Configuration></config> </edit-config> </rpc> ##
Datastore
Interface
Add interface description
IPv4 Address Netmask
interface TenGigE0/3/0/0 description NETCONF CONFIG ipv4 address 10.223.1.1 255.255.255.0
51
Пример <get-config>(Attribute match) <?xml version="1.0" encoding="UTF-8" ?> <rpc message-id="106" xmlns="urn:ietf:params:netconf:capability:candidate:1.0"> <get-config> <source><running/></source> <filter> <Configuration> <InterfaceConfigurationTable> <InterfaceConfiguration> <Naming> <Active>act</Active> <InterfaceName Match=“TenGigE.*”/> </Naming> </InterfaceConfiguration> </InterfaceConfigurationTable> </Configuration> </filter> </get-config> </rpc>
Attribute match: all TenGigE interfaces
Datastore
52
For Your Reference
Заключение
23.11.15 © 2015 Cisco and/or its affiliates. All rights reserved. 53
Заключение
ASR 9000 под управлением операционной системы IOS-XR поддерживает широкий набор SDN протоколов: BGP LS, PCEP, Netconf /YANG, OpenFlow, Restconf/XML В IOS-XR 6.X и выше этот функционал еще более расшириться, вплоть до хостинга сетевых приложений Благодаря активному участию Cisco в разработке как своих платформ оркестрации и контроллеров, так и со свободным исходным кодом, внедряя ASR 9000 наши клиенты получают отлаженное решение для инфраструктуры программируемой сети
54
CiscoRu Cisco CiscoRussia
Ждем ваших сообщений с хештегом #CiscoConnectRu
CiscoRu
Пожалуйста, заполните анкеты. Ваше мнение очень важно для нас!
Спасибо! Илгар Гасымов ([email protected]) Системный архитектор Департамент операторов связи
© 2015 Cisco and/or its affiliates. All rights reserved.