Cisco Next Generation Router Os Architecture

IOS-XR
Cisco Next Generation Router OS Architecture

Lim Fung, CTG Technical Marketing
Session ID 20PT
limfung@cisco.com
Router OS Evolution
Control Plane Applications Control Plane Data Plane Management Plane

Management Plane Applications
Control Plane Data Plane Management Plane

Forwarding Plane Applications
SSH
Control Plane Data Plane Management Plane
Host Service
SSH
L2 Drivers
Per.fMgmt
Interface
NetFlow
Routing
SNMP
Alarm
OSPF
LPTS
IGMP
BGB
SSH
QoS
ACL
XML
Network Stack
HA Infrastructure
ISIS
PIM
FIB
RIB
PFI
RIP
CLI
System Forward Checkpoint DB Multicast IPC System DB
Infrastructure Infrastructure Distributed Infrastructure
Scheduler Synch. Services IPC Mech Memory Mgmt

OS Scheduler
Kernel System Services
 Monolithic Kernel  Micro Kernel

 Centralized Infrastructure  Distributed Infrastructure
 Integrated Network stack  Independent Network stack
 Centralized applications  Distributed applications
BRKSPM-2604_c1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
IOS-XR Software Architecture
• Modular—Runtime SW upgrade/downgrade support
• Distributed—scalable with multi chassis support
• Platform Independent—POSIX compliant
• Management Interface—Unified Data Model (XML)
• High Availability—Hot Standby and Process Restart
• Security—Control, Data and Management Plane
• Logical Router—Router Partitioning (SDR)
Cisco IOS-XR Software Modularity
Microkernel architecture
BGP OSPF BGP RIP OSPF BGP OSPF
EIGRP ISIS LDP VPN ISIS EIGRP ISIS
RIP VPN Telnet RIP VPN

SSH
Server
SSH Telnet SSH Telnet
Server Server
LDP ACLs ACLs LDP ACLs
IPv4 Forwarding IPv4 Forwarding IPv4 Forwarding

TCP/IP Drivers
TCP/IP Drivers TCP/IP Drivers
Timers Scheduler Timers Scheduler Timers Scheduler
Monolithic Kernel Microkernel

IOS BSD based routers IOS XR
IOS XR Modular Packaged Software
RP DRP LC
Manage- Manage- Multi-cast Opt’l
Security Security GMPLS
ability ability
Opt’l Opt’l
GMPLS Multi-cast GMPLS Multi-cast

Line Card
Forwarding
RPL BGP RPL BGP
Mand
Base
OSPF ISIS OSPF ISIS
Forwarding Forwarding OS Mand

Mand Mand
Base Base
SC
Admin OS
Base
OS
Admin Mand
OS
 Upgrade specific packages/Composites

Across Entire system
Useful once a feature is qualified and you want to roll it without lot of cmd
Targeted Install to specific cards
Useful while a feature is being qualified
Reduces churn in the system to card boundary
 Point Fix for software faults
 Ability to upgrade independently Multi-
MPLS
MPLS, Multicast, Routing protocols cast
and Line Cards

RPL BGP
Routing
 Ability to run different versions on Composite
OSPF ISIS
different nodes
 Ability to release software
Manageability
packages async Security
 Ability to have composites into Forwarding

Host
one manageable unit if desired Composite
Base
 Notion of optional packages if IOX Admin
technology not desired on device OS
(Multicast, MPLS)
Line card
Distributed In-Memory Database (IMDB)
 Reliable DRP RP-A

Management
Multicast IPC Applications
(CLI/XML?SNMP)
Local-
improves scale DRP Global
and performance Consolidated

Local-Ra Global
System View
 Distributed data
management IP
Intf
OSPF BGP ISIS IP
Intf
OSPF BGP ISIS
model improves
performance and
Reliable Multicast and Unicast IPC
Scale
 Single LCa
Consolidated Local-LCa
view of the
system eases IP ARP ACL QOS
maintenance Intf PPP VLAN
Distributed Control Plane
BGP BGP MPLS Multicast RESILLIENT

IS-IS SYSTEM PROCESS
DISTRIBUTION
RP1 RP2 RP3 RP4 RPn
 Routing protocols and signaling protocols can

run in one or more (D)RP
 Each (D)RP can have redundancy support
with standby (D)RP
 Out of resources handling for proactive planning
Distributed Forwarding Infrastructure
RP RP LC-CPU
IP IM VLAN PPP
IM NetFlow
Stack Drivers
Global
Int. Mgr. ARP HDLC NetFlow
VLAN PPP ARP
Ingress CPU
FIB
FIB
Global Ingress Egress

IDB & AIB CPU AIB & IDB FIB
Switching Fabric Switching Fabric Egress

CPU CPU AIB & IDB
LC LC LC LC
Single Stage Forwarding Two Stage Forwarding

 Single global Adjacency Information  Each line card has independent AIB only
Base (AIB) distributed to all line cards for local interfaces
 Single global Interface Management  Each line card has independent Interface
DB distributed to all line cards DB for local interfaces
 Only Ingress FIB – forces forwarding  Both Ingress and Egress FIB – allows
features to be run in RP forwarding features to be independently
run in LCs
IOS XR HA Software Design Principles
(Layered Approach)
NSR (GR), ISSU
Non-Stop Forwarding
Separate Control and Data Planes
RP/DRP Redundancy Active/Standby Failover
Process Restartability: Active State Check pointing
All subsystems: Separate Address Spaces

memory faults affect only 1 process, recovery = restart process
IOS XR Software Architecture Overview
 TRUE Microkernel Process

Manager
File System
(Mach, QNX)
MMU with full
protection
Applications, drivers, and
protocols are protected Application
FAULT DriverFAULT
 Monolithic Kernel
(BSD/Linux, NT) FAULT
Application Application
MMU with partial protection

Applications are protected
Kernel File System Network FAULTDriver
In Service Software Upgrade (ISSU)
 Changing software with no impact to transit traffic

 What customers expect
Maintenance release upgrades without impact
Major release upgrades to/from any version without any impact
 What we have today
Some SMUs with limited scope will “ISSU” on same RP
Other upgrades may require node or chassis reset
Major releases
Maintenance releases
Complex SMUs
Minimally Disruptive Restart (MDR)
 Reduces forwarding disruption during software upgrade

 Forwarding hardware keeps forwarding while software resets
 RP spoofs packets normally generated by LC CPU
FR LMI
ATM OAM
PPP
HDLC
Protected Process Memory Space
 Each process has a virtual memory space

Kernel/MMU maps virtual address to physical address (at page level)
Threads share the memory space
 One process cannot corrupt another’s memory
Process can only access virtual space
In IOS – all processes shared same virtual space 0x000000
 Communication between processes via controlled APIs 0x100000
 Limited use of shared memory 0x200000
0x300000
0x400000
1 0x00000
0x500000
OSPF 2 0x10000
3 0x20000 0x600000
0x700000
0x800000
0x900000
0xa00000
Preemptive Multitasking
Sleeping Waiting
 Default priority is 10
 Higher priority processes can interrupt
In IOS, must wait for running process to finish
 FIFO within same priority
 Threads run while parent process is running 50
10
50
 CRS/16 and DRP have two CPUs 16 50
62 50
10
10
Running Ready 50 50
16
50
62 10
16 10 10 10 16
50
16
16
62
62 50 50 50 16 16 10 10 10
Local Packet Transport Services:
Protection of Control Plane
Application1
Received Traffic on RP
Transit Traffic
Application1
LPTS
on RP
Forwarding Internal
Information FIB (IFIB)
Base (FIB)
Bad packets Local Stack
on LC
 LPTS enables applications to reside on any or all RPs, DRPs, or LCs

Active/Standby, Distributed Applications, Local processing
 IFIB forwarding is based on matching control plane flows
Built in dynamic “firewall” for control plane traffic
 LPTS is transparent and automatic
Local Packet Transport Service
LPTS Overview
 There is no longer a single RP
 IOS XR is a fully distributed operating system with
applications running in multiple physical locations
 LPTS enables distributed applications to reside on any
or all RPs, DRPs, or LCs
 Filters and polices (in hardware) local ‘receive’
packets and sends them only to the nodes that need
them
 Packet rate correlates with trust
 Handles fragments, also checks TTL/hop count
 High Availability for NSR (Non-Stop Routing)
IOS XR LPTS in action
 LPTS is an automatic, built in “firewall” for
control plane traffic. Router bgp
 Every Control and Management packet from neighbor 202.4.48.99
the line card is rate limited in hardware to …
ttl_security
!
protect RP and LC CPU from attacks mpls ldp
…
!
LC 1 IFIB TCAM HW Entries
Local port Remote port Rate Priority
Any ICMP ANY ANY 1000 low

any 179 any any 100 medium
Socket
LPTS
any 179 202.4.48.99 any 1000 medium ttl BGP
202.4.48.1 179 202.4.48.99 2223 10000 medium 255
200.200.0.2 13232 200.200.0.1 646 100 medium
LDP
SSH
LC 2 IFIB TCAM HW Entries …
BRKSPM-2604_c1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
TCP Handshake
22
IOS-XR CLI and Configuration
XR Command Modes
SDR Exec – Normal operations - monitoring routing and CEF
RP/0/RP0/CPU0:router#
show ipv4 interfaces brief show running-config
show install active show cef summary location 0/5/CPU0
SDR Config – Configuration for L3 Node
RP/0/RP0/CPU0:router(config)#
router bgp 100 taskgroup admins policy-map foo
mpls ldp ipv4 access-list block-junk
Admin – Chassis operations, outside of SDRs
RP/0/RP0/CPU0:router(admin)#
show controllers fabric plane all (CRS) config-register 0x0
show controllers fabric clock (12K) install add (also in SDR)
Admin Config
RP/0/RP0/CPU0:router(admin-config)#
sdr backbone location 0/5/*
pairing reflector location 0/3/* 0/4/*
Node Addressing Example using CRS
POWER [RACK]/SM0/SP POWER

SUPPLIES SUPPLIES
interface gig [RACK/SLOT/BAY/PORT]
CRS-1 AIR OUT
CABLE MGMT FAN TRAY
[RACK]/0/CPU0
F
A
FAN
[RACK]/0/SM0 B
PLIM PLIM [RACK]/RP1/CPU0 MSC MSC
CTRL R
I
C
CABLE MGMT CABLE MGMT
RP/0/RP0/CPU0:CRS#show platform F
Thu Nov 3 08:41:20.462 DST
Node Type PLIM State Config State A
R R ------------- ----------------- ---------------- --------------- --------------- B
PLIM P P PLIM 0/0/CPU0 MSC Jacket Card IOS XR RUN PWR,NSHUT,MON MSC MSC
0/0/0 MSC(SPA) 8X1GE OK PWR,NSHUT,MON R
0/1/CPU0 MSC-140G 14-10GbE IOS XR RUN PWR,NSHUT,MON I
0/3/CPU0 MSC 4OC192-POS/DPT IOS XR RUN PWR,NSHUT,MON
0/RP0/CPU0 RP(Active) N/A IOS XR RUN PWR,NSHUT,MON C
0/RP1/CPU0 RP(Standby) N/A IOS XR RUN PWR,NSHUT,MON
AIR FAN TRAY
INTAKE
Two Stage Commit
hostname Backbone-CRS
Active Configuration line default
exec-timeout 1440 0
Before Commit !
taskgroup ops
task read boot
task write boot
task execute bgp
!
router static
address-family ipv4 unicast
0.0.0.0/0 7.1.9.1
7.7.7.77/32 7.1.9.1
hostname Backbone-CRS
line default
Enter Proposed Changes Active Configuration exec-timeout 1440 0
After Commit !
Interface gig 0/3/0/0
ipv4 address 9.9.9.9/24
!
interface gig 0/3/0/0 taskgroup ops
task read boot
ipv4 address 9.9.9.9/24 task write boot
task execute bgp
Commit !
router ospf 100 router ospf 100
area 0 area 0
interface gig 0/3/0/0 interface gig 0/3/0/0
Changes take effect area 1
area 1 interface pos 0/4/0/0
interface pos 0/4/0/0 !
router static
0.0.0.0/0 7.1.9.1
Target Configuration 7.7.7.77/32 7.1.9.1
Monitoring Configuration
From SDR Exec Mode
RP/0/RP0/CPU0:CRS#show running-config
Building configuration...
!! Last configuration change at 12:17:03 UTC Wed Jun 28 2006 by ww
!
hostname CRS
line default
exec-timeout 1440 0
…
RP/0/RP0/CPU0:CRS#show config commit list

SNo. Label/ID User Line Client Time Stamp
~~~~ ~~~~~~~~ ~~~~ ~~~~ ~~~~~~ ~~~~~~~~~~
1 1000000296 ww con0_RP0_C CLI 12:17:03 UTC Wed Jun 28 2006
2 1000000295 ww con0_RP0_C CLI 12:16:47 UTC Wed Jun 28 2006
3 1000000294 ww vty0 CLI 12:09:03 UTC Wed Jun 28 2006
4 1000000293 admin vty0 CLI 06:47:51 UTC Wed Jun 28 2006
5 1000000292 admin vty0 CLI 06:47:18 UTC Wed Jun 28 2006
RP/0/RP0/CPU0:CRS#show config commit changes last 5

Building configuration...
hostname CRS
policy-map edge
class prec_5
bandwidth remaining percent 50
RP/0/RP0/CPU0:CRS#show config sessions

Session Line User Date Lock
00000201-0014e0da-00000000 vty0 ww Wed Jun 28 12:58:14 2006 *
IOS-XR: Task Based Authentication
Read Write Execute Debug

aaa aaa aaa aaa
acl acl acl acl
admin admin admin admin
atm atm atm atm
basic-services basic-services basic-services basic-services
bcdl bcdl bcdl bcdl
bfd bfd bfd bfd
bgp bgp bgp bgp
taskgroup basic-admin
usergroup noc-staff
task read acl
taskgroup operator
task read bfd
taskgroup basic-admin
task read bgp
inherit usergroup all-users
task write acl
!
task write bfd
usergroup allusers
task write bgp
taskgroup basic-stuff
task debug bgp
Software Installation
Software Install Terminology
Mini?
PIE?
Package? SMU?
IOS XR Software Packages
MPLS Multicast Security Manageability
IPSec, Encryption, ORB, XML,
MPLS, UCP PIM, MFIB, IGMP
Decryption Alarms management
Routing:
RIB, BGP, ISIS, OSPF, RPL
Forwarding Line Card

Platform independent Platform Dependent
FIB, ARP, QoS, ACL, etc LC ucode & drivers
Base Admin
Interface manager,
Resource Management:
System database, checkpoint services
Rack, Fabric, LR management
Configuration management, etc.
OS:
Kernel, file system, memory management, and other slow changing core
PIE – Package Installation Envelope
 PIEs are a delivery mechanism for packages

Used to deliver
Major release – New functionality (4.0, 4.1, 4.2)
Maintenance release – SW fixes (4.0.1, 4.0.2, 4.1.1)
SMU – Fix for a specific bug
 Includes authentication info
 Installed from admin or SDR exec mode
(self study students check speaker notes)
 .vm files are the other delivery mechanism
.vm files are bootable images
Used as the Initial Install for GSR migration
Mini – Bundle of Mandatory Packages
 Composite image with mandatory packages

 Two types - .vm and .pie (both approx 80MB)
 Multiple uses
Quickly run an image without installing it (.vm)
Initial install of IOS XR software (.vm)
Recovery if system is corrupted (.vm)
Major/Maintenance upgrade (.pie)
Software Release Delivery
 Example from CCO – ASR9K-iosxr-4.1.1.tar

 Which includes
Unicast Routing Composite PIE (aka mini)
Routing, LC, Forwarding, Admin, Base, MBI (min boot
image)
Optional PIEs
Manageability
MPLS
Multicast
Security
RP/0/RSP0/CPU0:PE1(admin)#show install active
Thu Nov 3 13:40:45.771 UTC
Secure Domain Router: Owner
Node 0/RSP0/CPU0 [RP] [SDR: Owner]

Boot Device: disk0:
Boot Image: /disk0/asr9k-os-mbi-4.1.1/mbiasr9k-rp.vm
Active Packages:
disk0:asr9k-mini-p-4.1.1
disk0:asr9k-k9sec-p-4.1.1
disk0:asr9k-mpls-p-4.1.1
disk0:asr9k-mgbl-p-4.1.1
disk0:asr9k-mcast-p-4.1.1
Node 0/0/CPU0 [LC] [SDR: Owner]

Boot Device: mem:
Boot Image: /disk0/asr9k-os-mbi-4.1.1/lc/mbiasr9k-lc.vm
Active Packages:
disk0:asr9k-mini-p-4.1.1
disk0:asr9k-mpls-p-4.1.1
Software Maintenance Updates (SMU)
 SMU is named by (1) release and (2) Bug ID

 Usually 50-200kb PIE file
 Examples:
hfr-rout-3.2.2.CSCei63263.pie
hfr-base-3.2.2.CSCeh52427.pie
TURBOBOOT Install (CRS-1)
Boot from .vm file and install to RP disks and LC flash
Step 1
Load “mini” .vm image into memory
Boot from disk or network
Routing
Line card
MEM DISK MEM DISK MEM DISK MEM DISK
Forwarding
RP0 RP1 DRP0 DRP1
Admin
MEM MEM MEM MEM MEM MEM MEM MEM

Base
OS-MBI Flash Flash Flash Flash Flash Flash Flash Flash

LC0 LC1 LC2 LC3 LC4 LC5 LC6 LC7
Disk0, Disk1, or TFTP Server
Step 2 Step 3
Router installs packages to flash Reload from disk
disks on RPs and flash on LCs
PIE Installation Concepts
 PIE install used once system is operational

 Packages can be added or upgraded
 System performs sanity checks
 Install from SDR Exec or Admin Mode
Install from SDR impacts just that SDR
 3 phase install
Add – Copy package and unpack
Activate – Restart processes/nodes with new code
Commit – Lock activated packages through reload
install add Command
Copy image to disk, verify, and unpack
RP/0/0/CPU0:P4(admin)#install add tftp://172.21.116.8/c12k-mcast.pie-3.2.85.3I
Install: The idle timeout on this line will be suspended for synchronous install operations
Install: Starting install operation. Do not insert or remove cards until the operation
completes.
RP/0/0/CPU0:P4(admin)#
Install: Now operating in asynchronous mode. Do not attempt subsequent install operations
until this operation is complete.
Install 3: [ 0%] Install operation 'add /tftp://172.21.116.8/c12k-mcast.pie-3.2.85.3I to
disk0:' assigned request id: 3
Install 3: [ 1%] Downloading PIE file from /tftp://172.21.116.8/c12k-mcast.pie-3.2.85.3I
Install 3: [ 1%] Transferred 3298994 Bytes
Install 3: [ 1%] Downloaded the package to the router
Install 3: [ 1%] Verifying the package
Install 3: [ 1%] [OK]
Install 3: [ 1%] Verification of the package successful [OK]
Install 3: [ 95%] Going ahead to install the package...
Install 3: [ 95%] Add of '/tftp://172.21.116.8/c12k-mcast.pie-3.2.85.3I' completed.
Install 3: [100%] Add successful.
Install 3: [100%] The following package(s) and/or SMU(s) are now available to be activated:
Install 3: [100%] disk0:c12k-mcast-3.2.85
Install 3: [100%] Please carefully follow the instructions in the release notes when
activating any software
Install 3: [100%] Idle timeout on this line will now be resumed for synchronous install
operations
install activate Command
Begin executing new software
RP/0/0/CPU0:P4(admin)#install activate disk0:c12k-mcast-3.2.85
Install: The idle timeout on this line will be suspended for synchronous install
operations
Install: Starting install operation. Do not insert or remove cards until the operation...
Install 3: [ 0%] Install operation 'activate disk0:c12k-mcast-3.2.85' assigned request id: 3
Install 3: [ 1%] Performing Inter-Package Card/Node/Scope Version Dependency Checks
Install 3: [ 1%] Checking API compatibility in software configurations...
Install 3: [ 10%] Updating software configurations.
Install 3: [ 10%] RP,DRP:
Install 3: [ 10%] Activating c12k-mcast-3.2.85
Install 3: [ 10%] Checking running configuration version compatibility with newly activated…
Install 3: [ 10%] No incompatibilities found between the activated software and router…
configuration.
…
RP/0/0/CPU0:Nov 12 14:24:01.249 : instdir[181]: %INSTMGR-6-SOFTWARE_CHANGE_END :
Software change transaction 3 is COMPLETE.
Install 3: [100%] Performing software change
Install 3: [100%] Activation operation successful.
Install 3: [100%] NOTE: The changes made to software configurations will not be
Install 3: [100%] persistent across RP reloads. Use the command 'install commit'
Install 3: [100%] to make changes persistent.
Install 3: [100%] Idle timeout on this line will now be resumed for synchronous
install operations
install commit Command
Lock in activated software across reload
RP/0/0/CPU0:P5(admin)#install commit
Install: The idle timeout on this line will be suspended for synchronous
install operations
Install 5: [ 1%] Install operation 'commit' assigned request id: 5
Install 5: [100%] Committing uncommitted changes in software configurations.
Install 5: [100%] Commit operation successful.
Install 5: [100%] Idle timeout on this line will now be resumed for
synchronous operations
Deactivating Packages
RP/0/0/CPU0:P5(admin)#install deactivate disk0:c12k-rp-mgbl-3.2.85

Install: The idle timeout on this line will be suspended for synchronous install
operations
Install: Starting install operation. Do not insert or remove cards until the operation
completes.
Install 8: [ 0%] Install operation 'deactivate disk0:c12k-mgbl-3.2.85' assigned
request id: 8
Install 8: [ 1%] Package 'disk0:c12k-mgbl-3.2.85' is not active and cannot be deactivated.
Install 8: [ 1%] Idle timeout on this line will now be resumed for synchronous
install operations
Package features no longer available

Package still installed
Package can be reactivated
Routing Protocols
OSPF Configuration Basics
 Enable by assigning interfaces to areas

 All configuration under router ospf
router ospf 100
area 0 area 1
interface gig 0/5/0/5 passive enable
interface gig 0/3/0/2
cost 40
OSPF Sample Configuration
router ospfv3 32
area 0
interface GigabitEthernet0/5/0/0
!
cost 30
!
!
area 1
cost 40
passive
!
router ospf 101
area 0
!
!
ISIS Configuration Basics
 Enable by assigning interfaces to ISIS

 All configuration under router isis
router isis <label>
net 49.0001.0000.0000.000c.00
ISIS Sample Configuration
router isis 7
net 49.0001.0000.0000.000c.00
interface Loopback0
!
!
!
!
!
!
EIGRP Configuration Basics
 Enable by assigning interfaces to EIGRP

 All configuration under router eigrp
router eigrp <AS>
address-family ipv4
interface mgmtEth 0/7/CPU0/0
passive-interface
EIGRP Sample Configuration
router eigrp 7
address-family ipv4
interface MgmtEth0/7/CPU0/0
passive-interface
!
!
!
!
!
!
Static Routes
Static Routing Configuration Modes
router static
0.0.0.0/0 7.1.9.1
7.7.7.77/32 7.1.9.1
8.8.8.1/32 GigabitEthernet0/5/0/1.101
8.8.8.1/32 GigabitEthernet0/5/0/1.102
8.8.8.2/32 5.1.1.2
8.8.8.2/32 5.2.1.2
!
router static
…
IOS XR BGP – Key Concepts
 Address Families
Configure separately
Must be initialized
 Neighbor Based Configuration

 Configuration Templates
Neighbor Group
Session Group
Address Family Group
 Distributed BGP
 (Route Policy Language)
Address Families
 Most configuration is address family specific

 Must be initialized under bgp global configuration
router bgp 600
 Additional configuration under neighbor AF mode

router bgp 600
neighbor 5.5.5.5
route-policy filter_peers in
 Examples of address families supported in 4.1.0

IPv4 unicast/multicast/mvpn
IPv6 unicast/multicast/mvpn
L2 VPN
VPNv4 unicast
VPNv6 unicast
Configuration Basics
Minimal Configuration
 Assign BGP AS Number

 Initialize an address family
 Create a neighbor
 Assign a remote AS
 Enable an address family within the neighbor
 Apply filters in and out on EBGP links
router bgp 100

!
neighbor 1.1.1.1
remote-as 200
route-policy filter-in in
route-policy filter-out out
Comparison of Cisco IOS and IOS XR
BGP
IOS BGP Configuration IOS XR BGP Configuration
router bgp 1 RP/0/1/CPU0:IOS XR#sh run router bgp
no bgp default ipv4-unicast router bgp 300
bgp log-neighbor-changes bgp router-id 2.2.2.2
neighbor 1.1.1.1 remote-as 1 address-family ipv4 unicast
neighbor 1.1.1.1 update-source Loopback0 !
maximum-paths 8 neighbor 192.1.1.2
! remote-as 400
address-family ipv4 address-family ipv4 unicast
neighbor 1.1.1.1 activate route-policy filter-in in
maximum-paths 8 route-policy filter-out out
no auto-summary !
no synchronization !
exit-address-family
!
IOS-XR RPL Big Picture
 Programming Language
 Used to filter routing information
Remove routes
Change attributes
 Common tool for XR applications

BGP policy and show commands
IGPs
 Replaces route maps (and more!)

 Scalable – fewer CLI lines, improved clarity
RPL Concept Map
Control Flow Sets Using RPL

if, then, else Named vs. Inline Attach Points
Boolean Types BGP
Order of Ops AS Path Process
Compound Prefix Neighbor
Community VPN
Hierarchy
Extended Com Show CMDs
Parameters
VPN RD IGP
Actions
Default
Pass
Redistribution
Drop
Set Show Commands
Basic Flow Control
 Basic Conditional Statement

if as-path in as-path-set-1 then
drop
endif
 Branching Options
if med eq 150 then
set local-preference 10
elseif med eq 200 then
else
endif
RPL Attach Points
 Attach points connect policies to things that use

them
BGP neighbor policy
IGP redistribution
Show commands
Many others
MPLS Big Picture
 Functionality Similar to IOS

No TDP
Traffic Engineering supported (not covered)
 L3 VPN support since release 3.3

 L2 VPN support since release 3.4
 Basic Configuration
mpls ldp
router-id 6.6.6.6
!
vrf <NAME> Create VRF
import route-target
<A:B>
export route-target
<C:D>
import route-policy <name> Attach to interface
export route-policy <name>
interface <INT> Initialize address

vrf <NAME> family
ipv4 address <ADDR/MASK> (note: must remove old address)
router bgp <AS>

address-family vpnv4 unicast
neighbor <neighbor>
address-family vpnv4 unicast Advertise Local
Route
vrf <NAME>
rd <E:F>

redistribute connected
Reusable template for VPN
l2vpn type (MPLS or L2TPv3)
pw-class [class-name]
encapsulation mpls
protocol ldp
Tunnel Parameters
xconnect group [group-name]

p2p [circuit-name]
neighbor 12.12.12.12 pw-id 100
pw-class [class-name]
l2transport
Put interface into
L2VPN mode
Carrier Grade v6 (CGv6)
What Is CGv6?
 Solutions that enable IPv4 to IPv6 Transition

 Offers set of functions that can be deployed as
needed to achieve:
IPv4 Preservation – continue to use existing legacy IPv4
assets, infrastructure, back-end ops, etc. as needed in the
post-IPv4 run-out world
Incremental IPv6 Transition – select network elements
supporting and enabling IPv6 connectivity
 Advantages are:
Post run-out business continuity
Low-risk, minimal cost transition to IPv6
Enterprise NAT Carrier Grade NAT (CGN)
 Positioned for Enterprise  Positioned for Service Providers
 Emphasis on ALGs  Emphasis on Scale, Performance,

Throughput
 Expensive logging using Syslog
 Lightweight logging using Netflow v9
 Legacy Enterprise NAT ‘unfriendly’  OTT Applications just work (e.g.
Applications (e.g. SunRPC, YouTube, Skype, Bitorrent, etc) as
NetBIOS, etc.) per NAT CPE
 Limited Scale + Performance  Massive Scale + Performance
 (e.g. few Thousand conn/sec rate)  (e.g. 1 Million conns/sec rate, 20
Million concurrent connections)
 High CAPEX / OPEX per subscriber
 Low CAPEX / OPEX per subscriber
 Expensive to scale
 Designed to scale
CGv6 NAT44 Feature Set
 SP-Class  1 + 1 Warm Standby

Performance/Scale
20M Translations  TCP/UDP Timers
1M connection setups/sec  Active FTP ALG
10G full-duplex performance
 Hairpinning
 NAT Behavior Compliance
RFC4787, RFC5382,  Static Port Forwarding
RFC5508
 Port Limit per private IP
 CGN Bypass source address
 Endpoint Independent
Mapping  Multi-core Load Sharing
(VRF ID, SA) in Private 
 Netflow v9 Logging without Public
performance impact
(DA) in Private  Public
Conclusion
 IOS XR is designed to meet the stringent
requirements of network operators
• A high level of scalability
• Distributed forwarding architecture
• Exceptionally high reliability and resiliency
• Service separation and flexibility
• Robust security
• Hierarchical configuration and robust configuration
management
• Better manageability
Complete Your Session Evaluation
 Please give us your feedback!!

Complete the evaluation form you were
given when you entered the room
 This is session 5.4
Don’t forget to complete the overall

event evaluation form included in
your registration kit
YOUR FEEDBACK IS VERY

IMPORTANT FOR US!!! THANKS

Cisco Next Generation Router Os Architecture

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Cisco Next Generation Router Os Architecture

Hochgeladen von

Copyright:

Verfügbare Formate

IOS-XR

Cisco Next Generation Router OS Architecture

Control Plane Applications Control Plane Data Plane Management Plane

Control Plane Data Plane Management Plane

Scheduler Synch. Services IPC Mech Memory Mgmt

Kernel System Services

 Monolithic Kernel  Micro Kernel

BGP OSPF BGP RIP OSPF BGP OSPF

EIGRP ISIS LDP VPN ISIS EIGRP ISIS

RIP VPN Telnet RIP VPN

IPv4 Forwarding IPv4 Forwarding IPv4 Forwarding

Timers Scheduler Timers Scheduler Timers Scheduler

Monolithic Kernel Microkernel

GMPLS Multi-cast GMPLS Multi-cast

Forwarding Forwarding OS Mand

 Upgrade specific packages/Composites

and Line Cards

 Ability to have composites into Forwarding

technology not desired on device OS

 Reliable DRP RP-A

and performance Consolidated

BGP BGP MPLS Multicast RESILLIENT

RP1 RP2 RP3 RP4 RPn

 Routing protocols and signaling protocols can

Global Ingress Egress

Switching Fabric Switching Fabric Egress

Single Stage Forwarding Two Stage Forwarding

NSR (GR), ISSU

Separate Control and Data Planes

RP/DRP Redundancy Active/Standby Failover

Process Restartability: Active State Check pointing

All subsystems: Separate Address Spaces

 TRUE Microkernel Process

MMU with partial protection

 Changing software with no impact to transit traffic

 Reduces forwarding disruption during software upgrade

 Each process has a virtual memory space

 Communication between processes via controlled APIs 0x100000

 Limited use of shared memory 0x200000

 LPTS enables applications to reside on any or all RPs, DRPs, or LCs

Any ICMP ANY ANY 1000 low

SDR Exec – Normal operations - monitoring routing and CEF

SDR Config – Configuration for L3 Node

Admin – Chassis operations, outside of SDRs

POWER [RACK]/SM0/SP POWER

RP/0/RP0/CPU0:CRS#show config commit list

RP/0/RP0/CPU0:CRS#show config commit changes last 5

RP/0/RP0/CPU0:CRS#show config sessions

Read Write Execute Debug

Forwarding Line Card

 PIEs are a delivery mechanism for packages

 Composite image with mandatory packages

 Example from CCO – ASR9K-iosxr-4.1.1.tar

Node 0/RSP0/CPU0 [RP] [SDR: Owner]

Node 0/0/CPU0 [LC] [SDR: Owner]

 SMU is named by (1) release and (2) Bug ID

MEM MEM MEM MEM MEM MEM MEM MEM

OS-MBI Flash Flash Flash Flash Flash Flash Flash Flash

 PIE install used once system is operational

RP/0/0/CPU0:P4(admin)#install add tftp://172.21.116.8/c12k-mcast.pie-3.2.85.3I

RP/0/0/CPU0:P5(admin)#install deactivate disk0:c12k-rp-mgbl-3.2.85

Package features no longer available

 Enable by assigning interfaces to areas

router ospf 100