© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Agenda
Per-Prefix LFA
Remote LFA
Segment Routing
Topology-Independent LFA
3
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Acknowledgement
Stephane Litkowski and Bruno Decraene, Orange
4
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Per-Prefix LFA
IGP pre-computes a backup path per primary path to an IGP destination
FIB pre-installs the backup path in dataplane
Upon local failure, all the backup paths of the impacted destinations are enabled in a prefix-independent manner (<50msec LoC)
– Hierarchical HW FIB organization
– Similar to BGP-PIC FRR behavior
S F
C
E
D1
D2
C is an LFA for D1 if CD1 < CS + SD1
6
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Benefits
Simple
Sub-50msec
Link, Node and SRLG Protection
Deployment friendly
– no protocol change, no interop testing, incremental deployment
Good Scaling
No degradation on IGP convergence for primary paths
7
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Constraints
Coverage is topology dependent
– availability of a backup path depends on topology
In some rare cases, there are multiple LFA candidates and the one taken might not be the best choice
8
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
LFA Coverage is in fact excellent
11 real Core Topologies
– average coverage: 94% of destinations
– 5 topologies higher than 98% coverage
Real Aggregation
– simple design rules help ensure 100% link/node protection coverage for most frequent real aggregation topologies
– RFC6571
– Sweet Spot A simple solution is essential for access/aggregation as it represents 90% of the network size
hence complexity
9
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
High interest for access/aggregation
Is there a way to also support the ring and “biased square”?
Biased Square
(a<c)
Ring
10
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
One backup path per primary path
Default tie-break
1. Prefer primary over secondary
2. Prefer lowest backup path metric
3. Prefer linecard disjointness
4. Prefer node disjointness
CLI to customize the tie-break policy
– Default is recommended. Simplicity.
11
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Primary vs Secondary
S has two primary paths to D
– E1 and E2
S has one LFA candidate to D: N1
Which backup to prefer? – Another primary path or a secondary path?
S F D E1
E2
N1
S F D E1
E2
N1
N2
12
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Guaranteed-Node-Protecting
Definition: ND < NF + FD (Eq2)
– “does the path from the neighbor to D avoid node F?”
S’s primary path to D: E0
S’s LFA candidates: E1 and E2
– E1: not guaranteed node protecting N1 does not meet Eq2
– E2: guaranteed node protecting N2 meets Eq2
S F D E0
E2
N1
N2
20
E1
13
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
De Facto Node Protection
Choosing a guaranteed node-protecting LFA is not the only way to benefit from LFA node protection
A non-guaranteed node protecting LFA candidate might turn to be node protecting. We call this “De Facto Node Protection”
– N2 is not guaranteed node protecting for D: 20 !< 10+10
– But if F fails, N2 will trigger its own LFA for the path N2FD (via N2D) and hence the traffic SD avoids F!
S F D E0
E2
N2
20 20
14
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Lowest backup path metric
S’s primary path to D: F
Two LFA Candidates: N1 and N2
Lowest backup path metric: N2
– SN2 + N2D < SN1 + N1D
– 10 + 20 < 10 + 100 S F D E0
E2
N1
N2
E1 100
20
15
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Still in some cases, the LFA is suboptimal
16
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Remote-LFA Objective
Keep Per-prefix LFA benefits
– simplicity
– incremental deployment
Increase coverage for real topologies
– primarily for ring and biased-square access topologies
– potentially for core topology
– “98/99%” is seen as good-enough
– 100% coverage is “icing on the cake”
18
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
The Ring
No LFA protection in the ring
– if E4 sends a C1-destined packet to E3, E3 sends it back to E4
19
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
PQ Algorithm
Any node which meets the P and Q properties
– P: the set of nodes reachable from E4 without traversing E4E5
– Q: the set of nodes which can reach E5 without traversing E4E5
Best PQ node
– the closest from A: E1
Establish a directed LDP session with the selected PQ node
C1
E5
E4
E3
E1
E2
C2
Backbone
Access Region
E1
20
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Remote LFA Protection
E4’s LIB
– E5’s label for FEC C2 = 20
– E3’s label for FEC E1 = 99
– E1’s label for FEC C2 = 21
E4’s FIB for destination C2 – Primary: out-label = 20, oif = E5
– Backup: out-label = 21
oif = [push 99, oif = E3]
RLFA is LFA from a remote node (E1)
C1
E5
E4
E3
E1
E2
C2
20 21
99
With Node and SRLG protection!
21
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Remote LFA applied in the backbone
PQ’s coverage extension is significant for some SP’s
22
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Targeted LDP - Scalable
Odd ring: 2 LDP additional sessions per node
Even ring: 1 LDP additional session per node
23
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Targeted LDP - Scalable
Small number of automatically signaled LDP sessions per node
24
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Very simple rules – RFC6571
In a square, any metric should be less than the sum of the 3 other links
Simple rule: any link in a square should have a metric less than the sum of the 3 other links
E1 can send a C2-destined packet to E2 whatever the E1E2 metric, but E2 forwards it to C2 only if E2C2 is < E2E1C1C2 C2 sends a C1-bound packet to C1 only if C2C1 < C2E2E1C1. Applying this for any link in the square we see that a link metric should be less than the sum of the other 3 link metrics 25
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Not yet 100%-guaranteed…
E1 has no LFA for C1
– E2 routes back
E1 has no RemoteLFA for C1
– P and Q intersection is null
26
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
100% - Icing on the cake
When the P and Q space do not intersect, then setup an Explicit-Path-LSP to the closest Q node
– use SR explicit path! See next.
Automated
100% guarantee
Node protection
27
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Remote LFA Benefits
Seamless integration with Per-Prefix LFA
– Packets take their shortest paths from the PQ node
– Destinations use per-prefix LFA onto physical oif when available (i.e. per-prefix LFA), and per-prefix LFA onto LDP LSP (i.e. Remote LFA) otherwise
Simple
– Automated computation, negligible CPU, low TLDP requirement
Incremental Deployment
– New code only at the protecting node
Meet the real coverage requirements – backbone and access/aggreation
28
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Segment Routing
: the source chooses a path and encodes it in the packet header as an ordered list of segments
: an identifier for any type of instruction
– Service
– Context
– Locator
– IGP-based forwarding construct
– BGP-based forwarding construct
– Local value or Global Index
30
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Segment Routing
: an ordered list of segments is represented as a stack of labels
– a completed segment is popped
: an ordered list of segments is represented as a routing extension header, see 4.4 of RFC2460
– Type 0 could be used. A new type is proposed to enhance functionality while improving forwarding performance and security
– upon completion of a segment, the pointer is incremented
31
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
ISIS automatically installs segments
Simple extension
Excellent Scale: a node installs N+A FIB entries
– N node segments and A adjacency segments
A B C
M N O
Z
D
P
Nodal segment to C
Nodal segment to Z
Adj Segment
Nodal segment to C
32
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Node Segment
Z advertises a global node segment 65 with its loopback
– simple ISIS sub-TLV extension
– we assume the same SRGB at every node
All remote nodes install in their FIB the node segment 65 to Z
A B C
Z
D
65
FEC Z
push 65
swap 65
to 65
swap 65
to 65 pop 65
A packet injected
anywhere with top
segment 65 will
reach Z via
shortest-path
Packet
to Z
Packet
to Z
65
Packet
to Z
65
Packet
to Z
65
Packet
to Z
33
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Adjacency Segment
C allocates a local segment 9003 and maps it to the instruction “complete the segment and forward along the interface CO”
C advertises the adjacency segment in ISIS
– simple sub-TLV extension
C is the only node to install the adjacency segment in FIB
A B C
M N O
Z
D
P
Pop
9003
A packet injected at
node C with segment
9003 is forced
through datalink CO
34
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Combining Segments
ECMP
– Node segment
Per-flow state only at head-end
– not at midpoints
Source Routing
– the path state is in the packet header
A B C
M N O
Z
D
P
78
Packet to Z
65
78
Packet to Z
65
Packet to Z
Packet to Z
65
Packet to Z
65
78
72
Packet to Z
65
78
72
72 72
65
65
35
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Simple and Efficient Transport of MPLS services
Efficient packet networks leverage ecmp-aware shortest-path! – node segment!
Simplicity
– no complex LDP/ISIS synchronization to troubleshoot
– one less protocol to operate
A B
M N
PE2 PE1
All VPN services ride on the node
segment
to PE2
IPv4 over MPLS/IGP
VPN over MPLS/IGP
Internet over MPLS/IGP
PW over MPLS/IGP IPv6 over MPLS/IGP
36
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Topology Independent LFA (TI-LFA)
Guaranteed Link/Node FRR in any topology
– even with asymmetric metrics
No Directed LDP session
Simplicity
– entirely automated (no need for customization)
Incremental deployment
– Applicable to LDP and IP primary traffic Only the repair tunnel is SR-based
For networks with symmetric metric & link protection
– No extra computation
– Simple repair stack
– Node segment to P node
– Adjacency segment from P to Q
Demo available
Backbone
C1 C2
E1 E4
E3 E2 1000
Node segment
to P node
Default metric: 10
Adj segment
to Q node
37
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Central OptimizationN
Centralized Optimization – - find a path meeting the SLA requirement
– - encode it as a list of nodal and adjacent segments
Agility and Scalability
Hybrid Central/Distributed CP
Encoded path for
traffic to Z {66, 9001, 65}
66
65 9001
ABCOPZ meets SLA. I account the BW.
I encode the path as nodal segment to C, adj
segment to O, nodal segment to Z
Congested
A B C
M N O
Z
D
P
Collect network
status information Need 2Gbps
from A to Z
with SLA
38
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Many other use-cases
See www.segment-routing.net
39
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Benefits
100%-coverage 50-msec link and node protection
Simple to operate and understand
– automatically computed by the IGP
Prevents transient congestion and suboptimal routing
– leverages the post-convergence path, planned to carry the traffic
Incremental deployment
– applicable to primary IP and LDP traffic only the repair tunnel needs to be SR-enabled
Demo available
41
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Explicit Post-Convergence Path
What is the more optimal and natural path upon a failure ?
– the post-convergence path
Why have we never used it before SR?
– the post-convergence path may not be an LFA and hence may loop
Thanks to SR, we can always use the post-convergence path
– Explicit Post-Convergence (EPC): the non-LFA portion of the path is encoded as an explicit list of segments
42
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Explicit Post-Convergence Path
Computation leverages proven and existing LFA technology
– intersection of post-convergence SPT with P and Q spaces
Number of Segments to form the Repair Tunnel
– Symmetric network, link protection: Proven: <= 2 segments to get into Q space
– Asymmetric network or node protection: No theoretical bound
In reality, as we already saw for RLFA, things are much simpler !
Orange use-case
– 100% link protection 100% use <= 2 segments
– 100% node protection (<=4 segments) 99.72% use <= 2 segments
0.24% use 3 segments
0.04% use 4 segments
43
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
FRR Path Optimality
44
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Segment Routing
Wide Applicability
Simple to deploy and operate
More scalable and functional IP and MPLS
Agile Wan Orchestration with hybrid centralized/distributed
Massive operator interest and support
ISIS/SR demonstrated in Feb 2013
TI-LFA demonstrated in Oct 2013
Much more happening! Join the community.
www.segment-routing.net
47
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
TI-LFA
Applicable to native IP, LDP and SR traffic
– does not require a migration from LDP to SR
Incremental deployment
– does not require an overall SR deployment
100% coverage
– link, node and SRLG
100% automated
– fit the post-convergence path
48
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
References
http://www.segment-routing.net/
Per-prefix LFA Applicability: RFC 6571
Remote LFA: draft-ietf-rtgwg-remote-lfa-04
Topology-Independent LFA: draft-francois-segment-routing-ti-lfa-00
50
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Call to Action…
Visit the World of Solutions:-
Cisco Campus
Walk-in Labs
Technical Solutions Clinics
Meet the Engineer
Lunch Time Table Topics, held in the main Catering Hall
Recommended Reading: For reading material and further resources for this session, please visit www.pearson-books.com/CLMilan2014
51
© 2014 Cisco and/or its affiliates. All rights reserved. BRKIPM-2000 Cisco Public
Complete your online session evaluation
Complete four session evaluations and the overall conference evaluation to receive your Cisco Live T-shirt
Complete Your Online Session Evaluation
52