Professional Documents
Culture Documents
Segment Routing in Service Provider Network - Dejan Jaksic
Segment Routing in Service Provider Network - Dejan Jaksic
Value
Session
Transport
Network
Data-Link The complexity should
Physical Complexity be where the ROI is best
Complex Network
19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia
The 2 faces
The next wave of segment
What is segment routing? routing
An LS IGP protocol extension
An IP/MPLS architecture
bringing network
designed with SDN in mind
simplification/optimization
• No LDP
• Lighter protocol suite • Right balance between distributed
• Less adjacencies, less states to intelligence and centralized
maintain optimization and programming
• No IGP to LDP synchronization • SR-TE
• Eliminates delays in activating a path • Wide applications
• Topology independent fast reroute using • (SP, OTT/Web, GET) across
post convergence back up path (WAN, Metro/Agg, DC)
• 50 ms protection • MPLS and IPv6 dataplanes
• no microloops • SDN controller
• 100% coverage of network topologies
Easy troubleshooting
19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia
Segment Routing
§ Source Routing
– the source chooses a path and encodes it in the packet header as an ordered list of
segments
– the rest of the network executes the encoded instructions
§ Segment: an identifier for any type of instruction
– forwarding or service
§ This presentation: IGP-based forwarding construct
§ Simplicity
PE1 PE2
– one less protocol to operate
– No complex LDP/ISIS synchronization to M N
troubleshoot
65 9105
A Z A 9107 Z
N O P N O P
9105
– Advertised as index
§ Distributed by ISIS/OSPF
3 4
1.1.1.4/32
16004
All nodes use default SRGB
16,000 – 23,999
§ Distributed by ISIS/OSPF
Adj to 5
3 4 24045
24043
Adj to 3
3 4
16004 24045
11
14
DC (BGP-SR) WAN (IGP-SR) PEER
Packet
Transport LDP RSVP Static BGP IS-IS OSPF IGP or BGP label
distribution for
PE1 IGP PE2
IPv4 and IPv6.
MPLS Forwarding
Forwarding plane
remains the same
§ Adjacency SID
– Locally significant
– Automatically allocated by the IGP for each adjacency
– Always encoded as an absolute (i.e. not indexed) value
Adjacency
SID = X
Swap Pop
X
X X Y Y
§ Packet forwarded along IGP shortest path (ECMP) § Packet forwarded along IGP adjacency
§ Swap operation performed on input label § Pop operation performed on input label
§ Same top label if same/similar SRGB § Top labels will likely differ
§ PHP if signaled by egress LSR
§ Penultimate hop always pops last adjacency SID
19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia
MPLS Data Plane Operation (Prefix SID)
SRGB [16,000 – 23,999 ] SRGB [16,000 – 23,999 ] SRGB [16,000 – 23,999 ] SRGB [16,000 – 23,999 ]
A B C D Loopback X.X.X.X
Prefix SID Index = 41
16041 16041
VPN Label VPN Label VPN Label
SRGB [16,000 – 23,999 ] SRGB [16,000 – 23,999 ] SRGB [16,000 – 23,999 ] SRGB [16,000 – 23,999 ]
A B X D Loopback X.X.X.X
Adjacency Prefix SID Index = 41
SID = 30206
Push Pop Pop Pop
Push
Push
30206
16041 16041
VPN Label VPN Label VPN Label
§ Each LSR must ensure that it can uniquely interpret its incoming labels
– Adjacency segment: locally unique label allocated by the label manager
– Prefix segment: operator ensures the unique allocation of each label within the allocated
SRGB
§ If both an SR and LDP label exist for a prefix, LDP is preferred by default,
but SR can be configured as preferred
19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia
MPLS-to-MPLS – label switching
24003 24005
LDP Payload Payload
16004 16004
SR Payload Payload
19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia
MPLS-to-IP – label disposition
24005
LDP Payload Payload
16004
SR Payload Payload
19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia
IP-to-MPLS label imposition
§ The preference of SR labels over LDP labels for IP-to-MPLS entries can
be configured in IS-IS/OSPF
§ If both labels are available, the preference setting indicates which one to
install in the FIB
§ Default: prefer LDP
§ See SR/LDP coexistence and interworking section
router isis 1
address-family ipv4 unicast
segment-routing mpls sr-prefer
OSPF) PE PE
Z ?, 0 ? 16, 1
§ Incremental deployment
– also protects LDP and unlabeled traffic
A B C
§ Protecting link D-E on node D
§ LFA: D switches all traffic
destined to PE2 towards the F
D E
edge node PE1
à an edge node and edge links are
used to protect the failure of a core 100 100 100 100
link
§ TI-LFA: D switches all traffic PE2
PE1
destined to PE2 via core links Default metric: 10
Default metric:10
TE LSP
1 3 1 3
5 5 pkt
4 7 16007 4 7
6 16003 16003
6
pkt pkt
8 9 8 9
Node1
traffic-eng
Use-Case policy POLICY1
color 20 end-point ipv4 1.1.1.3
T:15 T:15
candidate-paths
I:10 I:10
1 2 3 preference 100
T:8 dynamic mpls
SID-list: <16005, 16004, 16003> I:10 metric
T:10 type te
I:30
5 4
Node1
traffic-eng
policy POLICY1
POLICY1 SID-list: 2 I:100
3 color 20 end-point ipv4 1.1.1.7
<16002, 30203, 16007>
candidate-paths
preference 100
dynamic mpls
1 4 7 metric
type igp
POLICY2 SID-list: association group 1 type node
<16005, 16006, 16007> !
5 I:100
6 policy POLICY2
color 30 end-point ipv4 1.1.1.7
Default IGP link metric: I:10 candidate-paths
preference 100
dynamic mpls
§ The head-end computes two, metric
type igp
disjoint paths association group 1 type node
I: 50
2 4
1 CE Basic VPN should
D: 15
use lowest cost
6 5 underlay path
IGP cost 30
Default IGP cost: I:10 Objective:
Default Delay cost: D:10 operationalize this
service for simplicity,
scale and performance
TE cost 20
I: 50
2 4
Premium VPN
1 CE should use lowest
D: 15 delay path
6 5
A BR5
topology to XTC via BGP-LS BR1 BR1 BR3 BR3 BR5
Peering
links
BR2 BR4 BR6 Z
BGP-LS
XTC = XR Transport Controller 19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia
Service Disjointness segment-routing
Node1
traffic-eng
policy POLICY1
Intra and inter domain color 20 end-point ipv4 1.1.1.3
candidate-paths
preference 100
XTC XTC dynamic mpls pce
metric
type igp
SID-list:
1 I:100
2 I:100
3 association group 1 type node
Node6
traffic-eng
5 4
7 policy POLICY2
color 20 end-point ipv4 1.1.1.8
candidate-paths
preference 100
SID-list:
6 I:100
7 I:100
8 dynamic mpls pce
metric
{16007, 16008} type igp
Default IGP link metric: I:10 association group 1 type node
§ Two dynamic paths between two different pairs of (head-end, end-point) must
be disjoint from each other
4 3
AS1
– DEMOS:
https://www.youtube.com/watch?v=8mwhagiNv9s&list=PLcSD8Cbk0fFHTO4bnb3NC8pJk
a3_ZvoRY 19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia
Sneak peak on SRv6
Network instruction for Network as a Computer
TAG
Segments Left
Locator 1 Function 1
Locator 2 Function 2
Locator 3 Function 3
Metadata TLV
Next header field: 43 → Routing
19 - 21 March 2018 | Cisco Routing Type
Connect | Rovinj, Croatia field: 4 → Segment routing
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| Traffic Class | Flow Label |
IPv6 SR Header +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload Length | Next 43
Header | Hop Limit |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| Source Address |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
• Each segment is an IPv6 address |
| Destination Address
|
|
| |
Active Segment
• Segments are encoded in reverse order |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
header .
.
Active Segment
...
.
.
. @Segment List [Segments Left] .
• Additional data can be stored in TLVs |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
IPv6 Hdr
Payload Length Next = 43 Hop Limit
• IP DA is set to the first segment Source Address = A::
Destination Address = B::
• Packet is send according to the IP DA Next Header Len= 6 Type = 4 SL = 2
= Normal IPv6 forwarding First = 2 Flags RESERVED
SR Hdr
Segment List [ 0 ] = D::
Segment List [ 1 ] = C::
Segment List [ 2 ] = B::
19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia Payload
Non-SR Transit Node
A B C D
A:: B:: C:: D::
IPv6 Hdr
Payload Length Next = 43 Hop Limit
Source Address = A::
Destination Address = C::
Next Header Len= 6 Type = 4 SL = 1
First = 2 Flags RESERVED
SR Hdr
Segment List [ 0 ] = D::
Segment List [ 1 ] = C::
Segment List [ 2 ] = B::
Payload
19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia
SR Segment Endpoints
• SR Endpoints: SR-capable nodes A B C D
whose address is in the IP DA A:: B:: C:: D::
• SR Endpoints inspect the SRH and do: IPv6 Hdr SA = A::, DA = D::
SR Hdr ( D::, C::, B:: ) SL=0
IF Segments Left > 0, THEN Payload
IPv6 Hdr
Payload Length Next = 43 Hop Limit
Process the payload:
Source Address = A::
Inner IP: Lookup DA and forward
TCP / UDP: Send to socket Standard IPv6 processing Destination Address = D::
The final destination does
… Next Header Len= 6 Type = 4 SL = 0
not have to be SR-capable.
First = 2 Flags RESERVED
SR Hdr
Segment List [ 0 ] = D::
Segment List [ 1 ] = C::
Segment List [ 2 ] = B::
19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia Payload
END – Default endpoint
• Default endpoint behavior (node segment)
Decrement Segments Left, update DA
Forward according to new DA
• Node B advertises prefix B::/64 (B::/64 is the SID locator)
Packets are forwarded to B along the default routes (shortest path)
• On B, the default endpoint behavior is associated with ID 0 (0 is the function)
• The SID corresponding to the default endpoint behavior on node B is B::0
Controller
Cloud Scale Networking
Central Office
Access
Metro Network Core and Peering Network Network Data Center
VNF
Segment Routing
VNF
Unified underlay and overlay E2E Cross-domain automation Transform the CO into a data center
networks with segment with model-driven programmability to enable distributed service delivery
routing and EVPN and streaming telemetry and speed up service creation
Simplify Automate Virtualize
§ Platforms:
– IOS-XR (ASR9000, CRS-1/CRS-3, NCS5000, NCS5500, NCS6000)
– IOS-XE (ASR1000, CSR1000v, ASR903, ASR907, ASR920, ISR4400)
– NX-OS (N3K, N9K)
– Open Source (FD.io/VPP, Linux Kernel, ODL, ONOS, OpenWRT)
– PCE (WAN Automation Engine, XTC)
Data Plane
Path expressed in the packet Data
MPLS IPv6
Dynamic path (segment labels) (+ SR extension header)
Control Plane
Explicit path
Paths options
Dynamic Explicit
(STP computation) (expressed in the packet)
segment-routing.net
linkedin.com/groups/8266623
twitter.com/SegmentRouting
facebook.com/SegmentRouting/
19 - 21 March 2018 | Cisco Connect | Rovinj, Croatia