Sie sind auf Seite 1von 36

MPLS on Nexus 7000

DCSTG Product Management

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Session Objectives
At the end of this session, the participants should be able to:
Understand positioning of Nexus 7000 in Borderless Core Have a good understanding of MPLS features supported on Nexus 7000. Articulate how MPLS on Nexus 7000 can enable consolidation virtualization segmentation in the Data Center

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Agenda
Nexus 7000 and Borderless Core Positioning
Data Center Trends Virtualization Drivers Virtualization in Nexus 7000 MPLS on Nexus 7000
Features Deployment options Guidelines & Limitations

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Nexus 7000 Platform


Broad Range of Deployment Options
Nexus 7000 and NX-OS 9, 10 & 18 Slot versions 15+ Terabit System Unified Fabric Ready Modern, Modular OS Device Virtualization Cisco TrustSec Continuous Operations

Nexus 7009
1HCY11 Slots Height BW / Slot Fab 1 BW / Slot Fab 2
2009 Cisco Systems, Inc. All rights reserved.

Nexus 7010
Shipping 8 I/O + 2 sup 21 RU 230 Gig / slot 550 Gig / slot
(2H 2011)

Nexus 7018
Shipping 16 I/O + 2 sup 25 RU 230 Gig / slot 550 Gig / slot
(2H 2011)
4

7 I/O + 2 sup 14 RU N/A 550 Gig / Slot


(1H 2011)
Cisco Confidential

Agenda
Nexus 7000 and Borderless Core Positioning
Data Center Trends Virtualization Drivers Virtualization in Nexus 7000 MPLS on Nexus 7000
Features Deployment options Guidelines & Limitations

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Data Center: New Business Models and Revenue


Examples
Virtual Infrastructure
SAN A LAN Mgmt SAN B

Cloud Computing

Video and Rich Media


Media Aware

Application Acceleration
WAN

Switch

OOB Mgmt 10/100/1000

OOB Mgmt 10/100/1000

Switch

Fabric Switch

Fabric Switch Fabric Extender

Network of Networks
Personal

Evolution of Convergence

Fabric Extender
CMS Mux Mux

CMS
Social Interactive

FILE.DOC

Compute Blade
Service Processor

Adapter IOH CPU CPU

Network Aware
Technologies & new devices

End Point Aware


FILE.DOC
DRE CACHE

Unified Computing Enclosure

LZ

LZ

Cisco medianet
Software-as-a-Service Cloud Interconnects Enterprise Clouds Partnering Models Cloud Computing for the masses HD Streaming TelePresence Session Shifting Home Monitoring Bottomless DVR and Titles Enterprise Apps Corporate Comms Video Production Storage Replication Scalable Branch Apps

Next-Gen Hosting Data Center Services Capacity-on-Demand

Verticalization
Infrastructure-asa-Service

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Virtualization Applications

Network Consolidation Merging Multiple parallel network into a shared infrastructure Network segmentation By user groups or business function Service and policy centralization Security policies and appliances at a central location New applications readiness Converged multiservice network Increased network security User groups segmentation with VPNs
Presentation_ID 2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential

Agenda
Nexus 7000 and Borderless Core Positioning
Data Center Trends Virtualization Drivers Virtualization in Nexus 7000 MPLS on Nexus 7000
Features

Deployment options
Guidelines & Limitations

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Virtualization
Virtual Device Contexts
Layer 2 Protocols Layer 3 Protocols
OSPF PIM GLBP

Virtualization Virtual Device Contexts

VDC 4

STP CTS

SPAN

Layer 2 Protocols

Layer 3 Protocols
BGP PIM MSDP

VDC 3

UDLD LACP

STP

Carve a single Nexus 7000 switch into four network entities


Flexible separation of hardware and software resources Isolate software faults and reduce fate sharing Securely delineate administrative domains

Layer 2 Protocols

Layer 3 Protocols
BGP
EIGRP

VDC 2

CDP
LACP

STP

VRRP

Layer 2 Protocols

Layer 3 Protocols
OSPF PIM HSRP

Default VDC

VLAN CDP

STP

System Infrastructure Linux Kernel

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Virtualization
VRF
Virtualization VRF Logical network segmentation using Virtual Routing and Forwarding All features VRF aware Each VRF learns routes and makes forwarding decisions independently VRF membership of each interface dictates which forwarding table to use 1000 VRFs/system supported on N7K from NX-OS 5.0 release
Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

10

Agenda
Nexus 7000 and Borderless Core Positioning
Data Center Trends Virtualization Drivers Virtualization in Nexus 7000 MPLS on Nexus 7000
Features Deployment options Guidelines & Limitations

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

11

MPLS on Nexus 7000


Layer-3 VPNS
MPLS

Layer-3 VPNs
Customer Requirement

DC Edge

PE

PE

DC Core

Shared Services Route-Leaking Export Import of routes between VPNs

Key L3VPN features


MPLS Label Switching (RFC 3031/3032) LDP (RFC 3036), LDP-IGP sync, session protection, MD5 auth Layer-3 VPNs (RFC4364) PE-CE protocols (BGP, OSPF, IS-IS, Static) Load balancing (Label, IP Src/Dst)
Presentation_ID 2009 Cisco Systems, Inc. All rights reserved.

Agg /Access (L2/L3PE boundary)

VRF A

VRF C

VRF B

VRF D

Secure Segmentation of application/ Departmental traffic

PE

Cisco Confidential

Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server 12

Per-prefix and per-VRF label allocation

MPLS on Nexus 7000


Traffic Engineering
MPLS Traffic Engineering Customer Requirement
Provide on-demand bandwidth for applications
Utilize all paths and bandwidth Link, Node and Bandwidth protection
DC Core DC Edge MPLS TE Tunnel

PE

PE

Fast Convergence
Capacity Planning
Agg /Access (L2/L3PE boundary)

PE

Key MPLS-TE Features


MPLS TE (OSPF, IS-IS), RSVP-TE Forwarding Adjacency Class Based Tunnel Selection TE-FRR (BFD, RSVP-GR) Autobandwidth

Path, Node and link protection Presentation_ID 2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server 13

MPLS on Nexus 7000


Multicast VPN (mVPN)
MPLS

Multicast VPN

Customer Requirements
Virtualization of multicast service delivery Provide many-to-1 content distribution Support emerging cloud applications: Audio-video, Chat, Announcements, Collaboration/conferencing, Monitoring Traffic separation

DC Edge

PE

PE

DC Core

Key mVPN Features


mVRF aware PIM Data and Default MDT BGP mdt send/receive

Agg /Access (L2/L3 boundary)

VRF A

VRF B

VRF C

VRF D

PE

PE

IGMP v1, v2 & v3


SSM, BiDir, PIM MSDP mVRF aware mtrace
Presentation_ID 2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential

Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server 14

MPLS on Nexus 7000


6PE/6VPE
MPLS 6VPE/PE Customer Requirements
DC Core DC Edge

PE

PE

Traffic separation Minimal operational overhead No impact on existing IPv4 and MPLS services Ready for production services with IPv6

Agg /Access (L2/L3 boundary)

VRF A

VRF B

VRF C

VRF D

Seamless IPv4 to IPv6 migration

PE

PE

Key 6PE/6VPE Features


6PE & 6VPE 6PE & 6VPE Multipath 6VPE PIC Core
Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server
Cisco Confidential

Static route and BGPv6 for PE-CE

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

15

MPLS on Nexus 7000


Management
MPLS
MIBs
MPLS LSR MIB - RFC3813 MPLS LSR MIB traps MPLS LDP MIB - RFC3815 MPLS LDP MIB traps MPLS L3VPN MIB - RFC4382 MPLS L3VPN MIB traps MPLS Traffic Engineering MIB -RFC 3812 MPLS Traffic Engineering MIB Traps MPLS FRR STD MIB (IETF draft version) MPLS FRR MIB

OAM and MIBs


Customer Requirement
MPLS LSP Troubleshooting MPLS VPN, TE Health Check

Key OAM Features


MPLS LSP Ping MPLS LSP Trace TE Tunnel Ping (RSVP IPv4 FECs )

TE Tunnel Traceroute (RSVP IPv4 FECs)

LSP Multipath (ECMP) Tree discovery & trace (RFC4379)

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

16

MPLS on Nexus 7000


High Availability
MPLS High Availability MPLS implementation delivers the breadth and depth of NX-OS HA Capabilities
Service Layer-3 VPN Traffic Engineering mVPN 6PE/6VPE Stateful (NSF) ISSU

Process Restart Graceful Restart timers Stateful HA


IS-IS

SUP Switchove

Protocol

Process Restart
Presentation_ID

Stateful (NSF)

BFD

Graceful Restart

ISSU

LDP MP-BGP RSVP


Cisco Confidential

Graceful Restart timers Stateful HA

IS-IS

BGP NSR in NX-OS on Roadmap


2009 Cisco Systems, Inc. All rights reserved.

17

MPLS on Nexus 7000


Management
MPLS
MIBs
MPLS LSR MIB - RFC3813 MPLS LSR MIB traps MPLS LDP MIB - RFC3815 MPLS LDP MIB traps MPLS L3VPN MIB - RFC4382 MPLS L3VPN MIB traps MPLS Traffic Engineering MIB -RFC 3812 MPLS Traffic Engineering MIB Traps MPLS FRR STD MIB (IETF draft version) MPLS FRR MIB

OAM and MIBs


Customer Requirement
MPLS LSP Troubleshooting MPLS VPN, TE Health Check

Key OAM Features


MPLS LSP Ping MPLS LSP Trace TE Tunnel Ping (RSVP IPv4 FECs )

TE Tunnel Traceroute (RSVP IPv4 FECs)

LSP Multipath (ECMP) Tree discovery & trace (RFC4379)

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

18

MPLS on Nexus 7000


High Availability
MPLS High Availability MPLS implementation delivers the breadth and depth of NX-OS HA Capabilities
Service Layer-3 VPN Traffic Engineering mVPN 6PE/6VPE Stateful (NSF) ISSU

Process Restart Graceful Restart timers Stateful HA


IS-IS

SUP Switchove

Protocol

Process Restart
Presentation_ID

Stateful (NSF)

BFD

Graceful Restart

ISSU

LDP MP-BGP RSVP


Cisco Confidential

Graceful Restart timers Stateful HA

IS-IS

BGP NSR in NX-OS on Roadmap


2009 Cisco Systems, Inc. All rights reserved.

19

MPLS on Nexus 7000


QoS
MPLS QoS Customer Requirements
Uniform Mode Pipe Mode

CE

Ability to preserve or remark traffic flows Ability to police to conform to SLA

Short Pipe Mode

Classify and prioritize traffic flows

PE
Core DiffServ

MPLS QoS Features


Classification, Policing, Marking on MPLS EXP bits

QoS Management Pipe, short pipe and uniform mode


No Shaping support

PE
Ingress

(Classificaiton, Marking, Policing

CE
Presentation_ID 2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential

20

VRF Aware Services in NX-OS


in NX-OS, everything is VRF aware NX-OS delivers a rich set of VRF aware services
Service
VRF Specific Static ARP GRE tunnel to VRF mapping PBR-set VRF VRF Aware AAA (RADIUS) VRF Aware AAA (TACACS+) VRF Aware BGP dampening VRF Aware DHCP VRF Aware DHCP-relay (Option 82 with VPN ID) VRF Aware DNS VRF Aware FTP VRF Aware GLBP VRF Aware HSRP VRF Aware NDE
Presentation_ID

NX-OS Support

Service
VRF Aware NTP VRF Aware Ping VRF Aware SCP VRF Aware SNMP agent VRF Aware SSH VRF Aware SSH Client VRF Aware Syslog VRF Aware Telnet VRF Aware TFTP VRF Aware Traceroute VRF Aware uRPF VRF Aware VRRP VRF Aware WCCP

NX-OS Support


Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server 21

Cisco Confidential

2009 Cisco Systems, Inc. All rights reserved.

NX-OS MPLS (Target Q2CY11)


End-to-end Services

Scope of MPLS Phase 1


Layer-2 VPNs

Layer-3 VPNs, mVPNv4, 6PE/VPE

NEXUS 7000 Hardware Forwarding

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

22

Agenda
Nexus 7000 and Borderless Core Positioning
Data Center Trends Virtualization Drivers Virtualization in Nexus 7000 MPLS on Nexus 7000
Features Deployment options Guidelines & Limitations

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

23

Enterprise & Hosting Data Centers


Consolidation & Secure Segmentation
Consolidation Collapsed Architecture MPLS Boundary Access Layer (Layer-2)
24

Global Interconnect

Secure Segmentation via MPLS VPNs One network Infrastructure for Hosted Services

Core
VRF A VRF C VRF B VRF D

Provide XaaS services for customers (IaaS, PaaS, SaaS etc)


Meet strict regulatory requirement of separation of customer traffic Provide for central control for policy management Ability to scale customers

Collapsed Aggregation/ Access

ToR

ToR

UCS
Presentation_ID 2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential

MPLS/VPN:
Supporting Shared Services
Consolidation Shared Services
Edge
VPN B VPN C VPN D

VPN A

Poor efficiency High Traffic Load Management nightmare

Core

Solution IP Services become sharable across VPNs


Increases Enterprise outsourcing flexibility Creates New Service Provider revenue opportunities

Aggregation
Service VRF

VRF A

ERP

Video Server

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Shared Services for all VPNs

VRF C

VRF B

Hosted Content

VRF D

Requirement Services need to be replicated per VPN

25

Enterprise & Hosting Data Centers


Consolidation & Secure Segmentation
Consolidation Collapsed Architecture MPLS Boundary Access Layer (Layer-2)
26

Global Interconnect

Secure Segmentation via MPLS VPNs One network Infrastructure for Hosted Services

Core
VRF A VRF C VRF B VRF D

Provide XaaS services for customers (IaaS, PaaS, SaaS etc)


Meet strict regulatory requirement of separation of customer traffic Provide for central control for policy management Ability to scale customers

Collapsed Aggregation/ Access

ToR

ToR

UCS
Presentation_ID 2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential

MPLS/VPN:
Supporting Shared Services
Consolidation Shared Services
Edge
VPN B VPN C VPN D

VPN A

Poor efficiency High Traffic Load Management nightmare

Core

Solution IP Services become sharable across VPNs


Increases Enterprise outsourcing flexibility Creates New Service Provider revenue opportunities

Aggregation
Service VRF

VRF A

ERP

Video Server

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Shared Services for all VPNs

VRF C

VRF B

Hosted Content

VRF D

Requirement Services need to be replicated per VPN

27

Enterprise and SP Hosted Data Center


Traffic Engineering
MPLS Traffic Engineering Tunnels

Bandwidth/Asset Utilization
Internet

Global Interconnect

Traffic Engineering
Edge

Campus /WAN Edge

Using Tunnels to provide bandwidth for applications, on-demand Path-Diversity: Allow different application traffic to take different paths in the network Utilize all paths in the network MPLS-TE FRR provides automatic protection (<50ms) to the customer data for network failure conditions
Core

Aggregation

Pod-A

Pod-B

Pod-n

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

28

MPLS Boundary

Large Data Centers


Consolidation & Secure Segmentation

Massively Scalable Data Centers Secure Segmentation


P/PE
Internet

Global Interconnect

Campus /WAN Edge

Secure customer segmentation via MPLS VPNs Scale POD based architecture
P
Pod A Pod B Aggregation

Super Core

Core

One network Infrastructure for XaaS architecture, to accommodate for growth


MPLS PE boundary in POD EoR/ToR access/aggregation layer Accommodate POD Scale as well as VPN scalability w/o operational overhead
Presentation_ID

Pod N Aggregation

P
PE
Aggregation

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

29

Access Layer (Layer-2)

MPLS Boundary

Enterprise and SP Hosted Data Center


Traffic Engineering
MPLS Traffic Engineering Tunnels

Bandwidth/Asset Utilization
Internet

Global Interconnect

Traffic Engineering
Edge

Campus /WAN Edge

Using Tunnels to provide bandwidth for applications, on-demand Path-Diversity: Allow different application traffic to take different paths in the network Utilize all paths in the network MPLS-TE FRR provides automatic protection (<50ms) to the customer data for network failure conditions
Core

Aggregation

Pod-A

Pod-B

Pod-n

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

30

MPLS Boundary

Large Data Centers


Consolidation & Secure Segmentation

Massively Scalable Data Centers Secure Segmentation


P/PE
Internet

Global Interconnect

Campus /WAN Edge

Secure customer segmentation via MPLS VPNs Scale POD based architecture
P
Pod A Pod B Aggregation

Super Core

Core

One network Infrastructure for XaaS architecture, to accommodate for growth


MPLS PE boundary in POD EoR/ToR access/aggregation layer Accommodate POD Scale as well as VPN scalability w/o operational overhead
Presentation_ID

Pod N Aggregation

P
PE
Aggregation

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

31

Access Layer (Layer-2)

MPLS Boundary

Building Highly Scalable Data Centers


MPLS LSP

Edge

Secure Segmentation

Secure Segmentation

Edge VRF C VRF D


MPLS

MPLS

VRF C

VRF B

VRF D

VRF A

VRF A

VRF B

Core

Core

Aggregation

Aggregation

Scalable Multi-path Fabric Fabric Path

Workload Mobility
Pod-N Pod-A

Scalable Multi-path Fabric Fabric Path

Pod-A

L2

Pod-N

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

32

L2

Agenda
Nexus 7000 and Borderless Core Positioning
Data Center Trends Virtualization Drivers Virtualization in Nexus 7000 MPLS on Nexus 7000
Features Design options Guidelines

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

33

MPLS on Nexus 7000 Guidelines


Supervisor I/O Modules
N7K-SUP1 & Future 32 x 10GE (N7K-M132GS-12) 8 x 10GE (N7K-M108X2-12) 48 x 1GE (N7K-M148GS-11, N7KM148GT-11) Future M-series line cards 10-slot, 18-slot, 9-slot (Future)

Fully supported in current & future M-series I/O modules (with Earl8 ASIC)

Chassis

MPLS features (L3VPNs, TE etc) can be deployed in VDCs


XL modules are required for achieve 50 ms TE-FRR switchover times M-series Hardware supports L2VPN functionality for future support (EoMPLS, VPLS)

Feature* Number of VPNs MPLS Aggregate Labels MPLS over GRE Label operations in one pass Number of EoMPLS Tunnels EoMPLS Multipoint to Multipoint MPLS QoS Tunnel Modes MPLS Push MPLS Pop EoMPLS Push EoMPLS Pop VPLS (Non v6)

EARL8 16K 16K Yes Push 5, Pop 1 128K Yes Pipe, Short Pipe, Uniform 60Mpps 60Mpps 60Mpps 30Mpps 30Mpps

Presentation_ID

2009 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

*SW support of some functionality is on roadmap 34

MPLS on Nexus 7000 Guidelines


M1 M1

The F1 modules DO NOT support MPLS. MPLS can be deployed in a mixed mode environment (M1 + F1 cards in same chassis or VDC)

Fabric
802.1Q

F1
VLAN 10

F1
F1 VDC VLAN 20

F1

M1

M1 VDC

F1M1
(MPLS in M1)

Fabric
F1 F1
VLAN 20

Fabric
M1 M1

M1

M1
VLAN 10

F1M1
(MPLS in M1)

Fabric
F1
VLAN 10

F1
VLAN 20

F1M1
(MPLS in M1)
Presentation_ID 2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential

35

MPLS on Nexus 7000 Licensing


5.2

MPLS LISP Enterprise

XL

Transport Services

5.1

5.2

Advanced

Enhanced L2

Storage

Base

Licensing: MPLS will be enabled via a license, on a per chassis basis.


Licenses to Enable MPLS in NX-OS
MPLS
Presentation_ID

+
2009 Cisco Systems, Inc. All rights reserved.

Enterprise
Cisco Confidential

Base
36