ASR 1000 Architecture Overview and Use Cases
ASR 1000 Architecture Overview and Use Cases
ASR 1000 Architecture Overview and Use Cases
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
cs.co/ciscolivebot#BRKARC-2001
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
ASR 1000 Enterprise Applications
Flexible WAN Services Edge & CPE
Mobile subscriber WAN aggregation
DCI
Corporate office
Internet gateway
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
ASR 1000 Service Provider Applications
A Wide Variety of Use Cases
Mobile Access and Aggregation
Subscriber
Edge
ISP
L2/L3 VPNs CGN Peering
Wireless IPsec/NAT/FW
NBAR2
LNS
Business
Wire line
iWAG
ETTx
RR IP/MPLS Core
CPE
xDSL BNG
CPE
DSLAM
xPON PE
Residence OLT
PPP or IP Aggregation
ATM or Ethernet
Cable Intelligent Services Gateway
M-CMTS Wireless Access Gateway Content Farm
DOCSIS
VOD TV SIP
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
ASR 1000 System Architecture
ASR 1000 Building Blocks
• Centralized Forwarding Architecture
RPstby
CPU • AllCPU
RPact
FECP
FECP FECP
FECP
traffic flows through the active ESP,
ESPstby
standby is synchronized with all the states
ESPact
• Manages system
Embedded Service Processor
Midplane
• Handles forwarding plane traffic
ELC
SIP
MIP
AGG AGG AGG
IOCP IOCP IOCP
ASIC ASIC ASIC
ASR 1013
RP Slots 1 2 2 2 2
Height 7” (4RU) 10.5” (6RU) 10.5” (6RU) 15.7” (9RU) 22.7” (13RU)
Bandwidth 10 – 40 Gbps 10 -100 Gbps 40 - 100 Gbps 40 - 200 Gbps 40 - 200 Gbps
Airflow Front to back Front to back Front to back Front to back Front to back
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
ASR 1009-X Forwarding Plane (ESP)
Hardware Redundancy
I/O Connectivity
Dual ESP and RP slots
12x SPA slots (SIP-40) for data plane and control
3x ELC slots plane redundancy
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
ASR1000-MIP100 (Modular Interface Processor)
1006-X/1009-X with
ESP100/ESP200
ESP100/200
10x10G
Line rate
No oversubscription
Mid plane
1x100G
Line rate
100G
No oversubscription
MIP100 1x100G
1x100G
2 to 1 oversubscription
100G
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Ethernet Port Adapter (EPA)
EPA Modular Chassis ASR1002-HX Optics Modules
with MIP-100
EPA-QSFP-1X100GE XE 16.9.1 (MACSec) XE 16.9.1 (MACSec) MMF, SMF, SR, LR, ER, –S Class transceivers
EPA-1x40GE XE 16.6.2 XE 16.6.2 MMF, SMF, SR, LR, ER, –S Class transceivers
EPA-2x40GE XE 16.8.1 (MACSec) XE 16.8.1 (MACSec)
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Modular Route Processors: RP2 & RP3
RP2 RP3 30%+
Faster!
60%+
Scale!
CPU 2.66GHz Intel Xeon Dual-core 2.2GHz Intel Broadwell Quad-core
Default memory 8GB (4x2GB) – DDR2 8GB (2x4GB) – DDR4
Memory upgrade options 16GB (4x4GB) 16GB (2x8GB), 32GB (4x8GB); 64GB (4x16GB)
Built-In eUSB Bootflash 2GB 8GB
80GB HDD 100GB SSD default, 200GB and 400GB upgrade options
Storage
external USB external USB
IOS XE OS 64 bits 64 bits
ASR 1004
ASR 1006 ASR 1006-X
Chassis Support ASR 1013 ASR 1009-X
ASR 1006-X ASR 1013
ASR 1009-X
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
ASR1000 Embedded Services Processor (ESP)
Centralized, programmable, multiprocessor forwarding engine providing full-packet processing
Packet Buffering and Queuing/Scheduling (BQS) ESP40
For output traffic to carrier cards/SPAs/EPAs
For special features such as traffic shaping, reassembly,
replication, punt to RP, cryptography, etc.
5 levels of HQoS scheduling, up to 464K Queues,
Priority Propagation
Dedicated crypto co-processor
Interconnect providing data path links (ESI) to/from
other cards over midplane
Transports traffic into and out of the Cisco
Quantum Flow Processor (QFP)
Input scheduler for allocating QFP BW among ESIs
FECP CPU manages QFP, crypto device, midplane links, etc.
ESP100
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
ESP Bandwidth
• Overall throughput is determined by the type of ESP and SIPs used in modular platforms.
• Modular platforms are rate limited by speed of bus from QFP complex to backplane ASIC
• Bandwidth is expressed in terms of aggregated throughput, use ESP100 as example:
• 50G Unicast in each direction • 10G Multicast with 8X replication in one direction
• Total Output bandwidth 50+50=100 • 20G unicast in the other direction
• Total Output bandwidth 80+20=100G
50 Gbps 50 Gbps 10G 100G
70 Gbps 70 Gbps 20G 20G
• 50Gbps Unicast in one direction and 70Gbps Unicast in • 10Gbps Multicast with 10X replication in one direction
the other direction • 10Gbps Unicast in the other direction
• Total output bandwidth (50+70=120) exceeds 100Gbps; • Total bandwidth (100+20=110) exceeds 100Gbps; only
only 100Gbps will be forwarded. 100 Gbps will be forwarded
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Cisco Quantum Flow Processor (QFP)
ASR1000 series innovation
QFP Chip Set
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Cisco Enterprise Routing NPU Leadership 4th Gen QFP
> 200G
Continuing Investment in Network Processor Technology
40G
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
ASR 1000 Fixed Chassis Overview
ASR 1001-X ASR 1002-X ASR 1001-HX ASR 1002-HX
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
ASR 1001-HX
Control plane Pay as you grow
Multi-Core Network Processor
CPU: Quad Core @ 2.5 GHz License on built-in ports
60Gbps forwarding capacity
Memory: 8GB DDR3 default 4x TenGE+ 4xGE enabled by default
62 Cores
memory, upgradeable to 16GB The remaining ports can be enabled in pairs
4 HW Threads / Core
Secure Boot + Image Signing
248 simultaneous threads
Miscellaneous
RJ45 & mini-USB console
Secure Boot
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
ASR 1001-HX Crypto Module
• ASR 1001-HX can be ordered with or without the crypto module
• Crypto module can be installed in the field unit when it need the function
• Crypto bandwidth licensed from factory
(default 8Gbps, upgradeable to 16Gbps on demand)
• 16Gbps crypto license unlocks crypto
performance cap of 29Gbps (1400bytes)
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
ASR 1002-HX
Multi-Core Network Processor
100 Gbps forwarding capacity
Pay as you grow 124 Cores
License on built-in ports 4 HW Threads / Core
4x TenGE+ 4xGE enabled by default 496 simultaneous threads
The remaining ports can be enabled in pairs Miscellaneous Network Interface Module
Control plane RJ45 & mini-USB console 1 double wide or 1 single wide
CPU: Quad Core @ 2.5 GHz eUSB: 32GB NIM
Memory: 16GB DDR3 Secure Boot
default memory,
upgradeable to 32GB
Secure Boot + Image Signing
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
ASR 1002-HX Crypto Module
• ASR 1002-HX can be ordered with or without the crypto hardware
• Crypto module can be installed in the field unit when it need the function
• Crypto bandwidth licensed from factory (default 8Gbps, upgradeable to 16Gbps and
25Gbps on demand)
• 25Gbps crypto license unlocks crypto performance cap of 39Gbps (1400bytes)
• ASR 1002-HX must be powered down to install/remove crypto module
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Software Architecture
IOS XE Software architecture IOS IOS
active standby
• IOS XE = IOS + IOS XE Middleware + Platform Software Platform Adaptation Layer
RP
(PAL)
• Operational Consistency—same look and feel as IOS Router Chassis Forwarding
manager manager
• IOS runs as its own Linux process for control plane
(Routing, SNMP, CLI etc.) 64-bit operation Linux Kernel
SIP/MIP
driver
• ASR 1000 HA Innovations QFP driver
ESP
Chassis
Chassis Forwarding manager
• Zero packet loss with RP Failover manager manager
• <50ms ESP Failover
Linux Kernel Linux Kernel
• Software redundancy
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Software Architecture – Modular Platform
RP
(PAL) • Provides abstraction layer between
• Initialization of RP processes Chassis Forwarding hardware & IOS
• Initialization of installed cards
manager manager • Manages ESP redundancy
• Detects and manages OIR of cards • Maintains copy of FIB and interface list
• Manages system status, Linux Kernel • Communicates FIB status to active &
environments, power, EOBC standby ESP
Control
messaging
• Driver Software for SPA/EPA
• Programs QFP forwarding plane and interface
QFP DRAM QFP client / driver SPASPA
driver cards is loaded independently
driver
SPA/EPA •
• Statistics collection & RP Failure or upgrade of driver
SIP/MIP
driver
communication QFP code does not affect other
ESP
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Software Architecture – Fixed Platform
• Single Control CPU
• Quad-core
Chassis Mgr.
• 64 bit OS IOSact
Forwarding Mgr.
• 8GB, 16GB, 32GB memory support IOSstby
RP Subsystem
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
IOS XE Release and support timelines
Standard releases – twice a year (March, November) supported for 18 months
• 6 months of active bug-fix, 6 months of limited bug fix, and 6 months of PSIRT
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
16.6
IOS XE Software Innovation 16.6
Use Cases
Security Vulnerabilities/PSIRTs
Cost Critical Issues
Scope
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
IOS XE SMU Features
Components Components Components Components
MPLS
MACSec ISIS SNMP
(TE/RSVP/OAM/LDP)
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
IOS XE Software Innovation
Programmable Interface “Stack”
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
16.7
IOS XE Software Innovation
Telemetry
Publication Subscription
• Periodic or on change
• Structured data
NETCONF RESTconf gRPC
• XML encoding
• Increased Scale
• Reduced CPU YANG Data Model
Configuration Operational
Device Features
SNMP
Physical and Virtual Network Infrastructure Interface BGP QoS ACL …
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
16.7
IOS XE Software Innovation
Guest Shell Application
• Maintain IOS-XE system integrity
• Isolated User Space
• Fault Isolation
• Resource Isolation
Linux
• On-box rapid prototyping applications
• Device-level API Integration
• Scripting (Python) Guest Shell
• Linux Commands
Open Application Container
• Application Hosting API
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
IOS XE Software Innovation
Using Python with IOS XE
“Off-Box” Python
“On-Box” Python 16.7
External Python
Python
Execution Environment
Python SSH/NETCONF
IOS-XE Device
IOS
IOS IOS-XE Device
• scripts executed locally on switch or router • scripts executed externally from switch or
• Ideal for: router
• provisioning automation (ZTP) • Ideal for:
• automating Embedded Event Manager • configuration management automation
responses • telemetry / operational data
• application development • controller use cases including DNA-C / Cisco
• IOT Network PNP
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
IOS XE Software Innovation
Provisioning Automation
Zero Touch 16.7 Cisco Network Plug
Provisioning and Play
Key Values Heterogeneous / multi-vendor network • Optimized for Cisco enterprise networks
environments • Highly secure
• Scalable
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Resources on GitHub & DevNet
• https://github.com/YangModels/yang/tree/master/vendor/cisco/xe • https://developer.cisco.com/site/odp/
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Applications & Solutions
Joint
Validated
Cloud Edge to Microsoft Azure via ExpressRoute Design
VPC GW
IPsec Tunnels
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
WAN MACSec Applications
DC1 DC2
• Standards Based MKA key framework
• IEEE 802.1x, PKI (EAP-TLS) Carrier Ethernet
Service
• IEEE 802.1X-2010, PSK
(1) High Speed Site to Site
• 802.1AE strong encryption
• 128/256 bits AES-GCM, NIST approved Branch
• Line rate performance @ 1G, 10G, 40G, 100G
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Segment Routing
Simplifying the Transport
• Source Routing: the source chooses a path and
encodes it in the packet header as an ordered list SR
of segment IGP
VPN
• Segment: an identifier for any type of instructions:
forwarding or service VPN
segment
to N
Adj
• Support all existing VPN services H T
N O
SR WAN
• Engineered for SDN
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Segment Routing Traffic Engineering
PE2
• Simple – Auto Discovery and Easy CE1
MPLS/SR Core
Provisioning CE2
CE3
• Resiliency - Active-Standby Multi- PE3
PE4
Data Plane Learning
homing, All-Active Multi-homing ES2 (dual home all-active) Dynamic or Static (Provisioned)
(3) VLAN Based Service Instance (4) VLAN Aware Bundle Service Instance
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
EVPN Components
EVPN Instance (EVI) BGP NLRI
Ethernet Segment
& MAC-VRF & Communities
ESI1 Route Types Extended Communities
CE1 PE1
[1] Ethernet AD Route ESI Label
PE
[2] MAC Advertisement Route ES-Import RT
MAC-VRF1
ESI2 [3] Inclusive Multicast Route MAC Mobility
• EVI identifies a VPN in the • ES: Represents a site (device or • AFI 25 (L2VPN), • Carry information:
network network) is connected to one or SAFI 70 (EVPN) MAC address moves
• MAC-VRF: A VRF table for MAC more PEs via a set of Ethernet • Purposes: C-MAC flush notification
MAC address reachability Redundancy mode
addresses on a PE links, then that set of links is MAC / IP bindings of GW
MAC mass withdraw
• Encompass one or more bridge- referred to as an Ethernet Split-Horizon label adv Split-Horizon label encoding
domains, depending on service Segment Aliasing
interface type: • Could be Multicast endpoint
discovery
Port Based Service Interface Single-Homed Device (SHD) Redundancy group
VLAN Based Service Interface Multi-homed Device (MHD) discovery
Vlan Bundle Service Interface Designated forwarder
Single-homed Network (SHN) election
Vlan-Aware Bundle Service Interface Multi-Homed Network (MHN)
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
SDA Border Deployment
Shared Services with LISP Extranet Host Entry
100.0.0.0/24
VRF
P
Location
Border
10.1.1.1 G Edge 1
• Extranet Provider: Provider VRF or 10.1.1.3 G Edge 3
Instance (IID) is where provider
of the shared services or internet C 20.1.1.1 R Edge 1
20.1.1.2 R Edge 2
located.
Shared Services
• Extranet Subscriber: Subscriber B (100.0.0.0/24)
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Conclusion
Summary and Key Takeaways
• ASR 1000 is the Swiss Army Knife to solve your tough
network problems
• Reduce complexity in your network edge.
• ASR 1000 is well positioned for both Enterprise and Service
Provider Architectures.
• ASR 1000 is fully embedded in the Cisco Digital Network
Architecture
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
cs.co/ciscolivebot#BRKARC-2001
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Please complete your Online Complete Your Online
Session Evaluations after each
session
Session Evaluation
• Complete 4 Session Evaluations
& the Overall Conference
Evaluation (available from
Thursday) to receive your Cisco
Live T-shirt
• All surveys can be completed via
the Cisco Live Mobile App or the
Communication Stations
Don’t forget: Cisco Live sessions will be available
for viewing on-demand after the event at
www.ciscolive.com/global/on-demand-library/.
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Tech Circle
• Meet the Engineer 1:1 meetings
• Related sessions
• BRKCRS-3147 - Advanced troubleshooting of the ASR1K and ISR (IOS-XE) made easy
• BRKRST-2124 - Introduction to Segment Routing
• BRKMPL-2333 - EVPN: the NG of MPLS-based L2VPN
• BRKCRS-2811 - Connecting the Fabric to External Networks
• BRKRST-2309 - Aligning Encryption Technologies with WAN Transport
BRKARC-2001 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
Thank you