BRKSPG 2210 PDF

BRKSPG-2210
Network Automation
and Programmability
for Service Providers
Ahmed Abeer, Technical Marketing Engineer

Nicolas Breton, Manager Product Marketing
Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
cs.co/ciscolivebot#BRKSPG-2210
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda
• Programmable network
• Automatic Device Provisioning
• Design the programmable underlay
• Building a Programmable Transport
• Network Topology Discovery
• Compute & Program the Transport Path
• Next Step: Service Enablement

• Summary
• Conclusion
Session Objectives
• To understand how programmability impacts existing network designs.
• To learn techniques and tips to design programmable underlay and overlay.
• To learn network automation and discovery.
• To learn concrete design recommendations.
BRKSPG-2210 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Programmable Network
Trends in the Service Provider Transport
Access and Aggregation
• Scale the access within a domain Access Domain C
• Number of nodes and services increasing
• Bandwidth growth 10GE -> 100G
• Traffic load optimization
Core
• Agile service deployment across domains
• End to End service deployments
Access Domain A
• Virtualization
• Virtual CPE, Virtual NID
Access Domain B
At the same time, keep the same Services KPI’s

OAM, Traffic load management,
Transparent Node and Service insertion
Network Programmability
What is changing in the network?
Traditional Programmatic Approach
Access Domain C Access Domain C
IP/MPLS/ L2
Segment Routing
Core Core
Access Domain A Access Domain A

Topology Path Programmable
SNMP Discovery Computation Interfaces
CLI
Access Domain B Access Domain B
Service WAN XR
NMS Assurance OSS BSS
Orchestration Optimization Transport Open Source
Engine Controller
Programmable Network – New Operation Model
Configuration Operational Traffic
Management State Engineering
APIC EM Netconf
IOS XR XML Telemetry BGP-LS PCEP
Restconf
API Protocols
Programmatic
Interfaces Model Driven Programmable Interfaces
Open
Protocols
Automatic Device Provisioning
“The Day 0 Challenge”
The Day 0 Challenges
5G Large Simplify Day 0 device
number of
devices to deployments
Rapid Nodes and bring up
•
Service
deployments
SD-WAN
Expected Devices
to be distributed
service in different
Service- ready on physical
Ready bringup locations
Infrastructure
IoT
ZTD – Two Different Deployment Scenarios
Servers
(DHCP/NMS)
1 • Routers are connected to a
management network via out-of-band
management port “out-of-band”
Management
network
• Popular in Data Center, Enterprise,
and Web customers
Sub-int
2
L2 EVC
• There is no dedicated management Servers
network. Routers are managed via (DHCP/HTTP)
in-band, the same as user data L3 link L3 link
network “in-band”
management
• Typical deployment in the SP L3 link
L3 link
Access/Metro
ZTD requirements
Layer 3 Ring Topology
Baseline requirements across both
deployment scenarios
Layer 3 MPLS MPLS
• No pre-staging required
• DHCP for management IP address
• Configuration download Layer 2 Ring Topology
• Image upgrade/downgrade
• Connection to the NMS
Layer 2 Layer 2 MPLS
Baseline requirement for “in-band
management” deployment scenario
Compound Topology
• Auto L3 adjacency configuration in any
topology Layer 2 L3 Network MPLS
• L2 VLAN auto-discovery
Value added requirements

Hub & Spoke Network
• Robust connection to NMS
• Secure MPLS
• Multi-vendor support
• Configuration template
Option 1: Provisioning from the DHCP Server Server
Initiated
1
Device boot up and initiate a DHCP
Discover DHCP
DHCP server provides a script using

“bootfilname” (option 67) 1
2
2 Upon commit DHCP server: HTTP
Registers device to NSO using REST 3
Get Script
Asks NSO to retrieve RSA keys from device
Provision.py
3 Device Downloads scripts from HTTP 4
NSO
server.
Scripts is executed on the device.
4 Once registered, the script perform a
sync from the NSO server
Option 1: NSO Initiated
When Device do not run any Script or Compute Server
Initiated
0 Run ZTP.sh
DHCP Request DHCP Request
( Broadcast) ( Unicast) DHCP
1 Server Notification Python Script
address leased
1
NSO
2 Registration NSO
3 3
2
3 IP Address, Default GW
DHCP Option 67 DHCP Response ( Unicast)
Bootfile name
HTTP Request Config

4
HTTP File: Script
5 Run Script
Enables: SSH, User
name, Password,
Netconf
6 NSO Operations
Sync from, Get Serial Number, Apply Day 1 Configuration
Config
Config
Synch
Option 2: Provisioning from the Device Device
Initiated
1 Device boot up and initiates a DHCP Discover
DHCP
DHCP server provides a script using “boot-file-
name” (option 67)
1
2 Device Downloads scripts from HTTP/FTP
server HTTP
2
Get Script
Provision.py
NSO
3-4
3 Scripts is executed on the device and registers

to NSO using REST/RESTCONF API
4 Once registered, the script perform a sync from
the NSO server
Option 2: Device Initiated
When Device runs Script or Compute Device
Initiated
0 Run ZTP.sh
DHCP Request DHCP Request
( Broadcast) ( Unicast) DHCP
1 Server
1
2 2 NSO
2 IP Address, Default GW
DHCP Option 67 DHCP Response ( Unicast)
Bootfile name
HTTP Request Config

3
HTTP File: Script 6
4 Run Script
Enables: SSH, User 5 NSO Registration
name, Password,
Netconf NSO Operations
Sync from, Get Serial Number, Apply Day 1 Configuration
Config
Config
Synch
Different download method with IOS XE versus XR
IOS XR IOS XE XR XE
Boot BootUp Script Yes Separate

daemon DHCP DHCP
server server
Option 67 Option
DHCP DHCP Option 67 150 150
Download HTTP server TFTP server HTTP TFTP

server
Script server Configuration
Method
Download Download and Yes No
Options run Script NSO
Download No Yes
Configuration Script
NSO Initiated Yes Yes

NSO NSO NSO
Script
Device Initiated Yes No Script
Designing the Programmable Underlay
Step 1: Build a Programmable Transport
Why Segment Routing?
• More Control and Programmable
Program MPLS labels
• Segment Routing Labels are assigned Service label
manually or programmed SR-TE path
OR
• Simplifies the Control plane stack. Programmable MPLS
• Extension to IGP’s ( ISIS , OSPF) CLI>
• Seamless migration ABR 1 ABR 2

• SR mapping server
• Traffic Engineering: SR-TE Domain A Domain B Domain C

• Single touch point at the headend Head-End
• Flexibility to optimize traffic load
• Control the path at very granular level
Program MPLS labels:
Prefix SID
Unified MPLS vs Segment Routing Service Label
OR
Intra Domain
Service Label
CLI>
LDP/IGP
LDP LDP Prefix SIDs
PW LDP
PW
LDP LDP
ISIS-SR
Unified MPLS Programmable MPLS
MPLS Labels Unifed MPLS Segment Routing
Transport Labels Dynamic Label allocation (LDP) Programmed or cli
Service Labels Dynamic Label allocation (LDP) Programmed or cli
Program MPLS labels
Unified MPLS vs Segment Routing Prefix SID
Service Label
OR
Inter Domain
Unified MPLS Programmable MPLS CLI>
ABR 1 ABR 2 ABR 1 ABR 2
Head-End
Domain A Domain B Domain C Domain A Domain B Domain C
3 Service Label 3 3 4 Service Label 4 4

1 BGP Label 2 Swap 2 3 Destination Label 3 3
2 LDP Label 2 Swap 3 Swap 2 ABR 2 Label 2 Next Hop Label
2 TE Label 3 4 1 ABR1 Label
IGP / LDP IGP / LDP IGP / LDP

IGP IGP IGP
BGP-LU
SR TE
TE FRR / Remote LFA
Prefix SID
Reference Topology Loopback IP
Link Addresses
Interfaces
Configure
Segment Routing Configuration
IGP - OSPF IGP - ISIS
RP/0/0/CPU0:A11#config t A11 RP/0/0/CPU0:A21#config t A21
segment-routing segment-routing
global-block 16000 23999 global-block 16000 23999
! ! SRGB Block
router ospf 1 SRGB Block router isis 2
router-id 1.1.1.11 is-type level-2-only
segment-routing mpls net 49.0001.0000.0000.0021.00
segment-routing forwarding mpls address-family ipv4 unicast
fast-reroute per-prefix Enable Segment metric-style wide
fast-reroute per-prefix ti-lfa enable Routing segment-routing mpls Enable Segment
address-family ipv4 ! Routing
area 0 interface Loopback0
interface Loopback0 Link Protection (TI- address-family ipv4 unicast
prefix-sid index 11 LFA) prefix-sid index 21
Configure Prefix SID
! !
interface GigabitEthernet0/0/0/1 router isis 2 (Node SID)
network point-to-point Configure Prefix SID !
! (Node SID) address-family ipv4 unicast
interface GigabitEthernet0/0/0/0 !
network point-to-point interface GigabitEthernet0/0/0/0
! point-to-point
commit address-family ipv4 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
Link Protection (TI-
!
[SNIP…]
LFA)
!
commit © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
ISIS Validation Only
Segment Routing Validation
Control Plane Control Plane
RP/0/0/CPU0:A21#sh isis neighbors A21 RP/0/0/CPU0:A21#show route 3.3.3.122/32 detail A21
Mon Jan 29 02:07:57.650 UTC Mon Jan 29 02:06:47.650 UTC
ISIS Neighbors Routing entry for 3.3.3.122/32
IS-IS 2 neighbors: Known via "isis 2", distance 115, metric 30, labeled SR, type level-2
System Id Interface SNPA State Holdtime Type IETF- Installed Jan 25 04:13:15.316 for 3d21h
NSF Routing Descriptor Blocks SR Label
A22 Gi0/0/0/1 *PtoP* Up 23 L2 Capable 21.121.0.121, from 3.3.3.122, via GigabitEthernet0/0/0/0, Protected
PE121 Gi0/0/0/0 *PtoP* Up 22 L2 Capable Route metric is 30
Label: 0x3efa (16122)
Total neighbor count: 2 Tunnel ID: None
SRGB Block Binding Label: None Primary Path (TI-LFA
!
RP/0/0/CPU0:A21#show mpls label table label 16000 detail Extended communities count: 0 Protected Link)
Thu Feb 23 21:30:43.546 UTC Path id:1 Path ref count:0
Table Label Owner State Rewrite NHID:0x3(Ref:10)
----- ------- ------------------------------- ------ ------- Backup path id:65
0 16000 ISIS(A):2 InUse No 21.22.1.22, from 3.3.3.122, via GigabitEthernet0/0/0/1, Backup
(Lbl-blk SRGB, vers:0, (start_label=16000, size=8000) (Local-LFA)
! Route metric is 40
RP/0/0/CPU0:A21#show isis route 3.3.3.122/32 detail Label: 0x3efa (16122)
Tunnel ID: None
Backup Path
Mon Jan 29 02:08:17.650 UTC
Route to Core Binding Label: None
L2 3.3.3.122/32 [30/115] medium priority Extended communities count: 0
via 21.121.0.121, GigabitEthernet0/0/0/0, PE121, SRGB Base: Path id:65 Path ref count:1
16000, Weight: 0 NHID:0x4(Ref:10)
src PE122.00-00, 3.3.3.122, prefix-SID index 122, R:0 N:1 P:0 Route version is 0xd (13)
E:0 V:0 L:0 Local Label: 0x3efa (16122)
[SNIP] © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
ISIS Validation Only
Segment Routing Validation
Forwarding Plane Forwarding Plane
RP/0/0/CPU0:A21#show cef 3.3.3.122/32 detail A21 RP/0/0/CPU0:A21#show mpls forwarding labels 16122 A21
3.3.3.122/32, version 104, labeled SR, internal 0x1000001 0x81 (ptr Local Outgoing Prefix Outgoing Next Hop Bytes
0xa134e63c) [1], 0x0 (0xa1333878), 0xa28 (0xa18190d4) Label Label or ID Interface Switched
Updated Jan 25 04:13:15.336 ------ ----------- ------------------ ------------ --------------- ------------
local adjacency 21.121.0.121 16122 16122 SR Pfx (idx 122) Gi0/0/0/0 21.121.0.121 957044
Prefix Len 32, traffic index 0, precedence n/a, priority 1 16122 SR Pfx (idx 122) Gi0/0/0/1 21.22.1.22 0 (!)
gateway array (0xa1299a48) reference count 3, flags 0x500068, !
source rib (7), 0 backups Primary & Backup Path
[2 type 5 flags 0x8401 (0xa15ef5f0) ext 0x0 (0x0)]
LW-LDI[type=5, refc=3, ptr=0xa1333878, sh-ldi=0xa15ef5f0] RP/0/0/CPU0:A21#ping 3.3.3.122 source 2.2.2.21
gateway array update type-time 1 Jan 25 04:13:15.336 Mon Jan 29 02:16:11.032 UTC
Ping
LDI Update time Jan 25 04:13:15.336 Type escape sequence to abort.
LW-LDI-TS Jan 25 04:13:15.336 Sending 5, 100-byte ICMP Echos to 3.3.3.122, timeout is 2 seconds:
via 21.121.0.121/32, GigabitEthernet0/0/0/0, 10 dependencies, !!!!!
weight 0, class 0, protected [flags 0x400] Success rate is 100 percent (5/5), round-trip min/avg/max = 9/9/9 ms
path-idx 0 bkup-idx 1 NHID 0x0 [0xa1833544 0x0] Primary Path & !
next hop 21.121.0.121/32 Label Imposed
local label 16122 labels imposed {16122}
via 21.22.1.22/32, GigabitEthernet0/0/0/1, 10 dependencies, RP/0/0/CPU0:A21#traceroute 3.3.3.122 source 2.2.2.21
weight 0, class 0, backup (Local-LFA) [flags 0x300] Mon Jan 29 02:16:33.810 UTC
path-idx 1 NHID 0x0 [0xa171c250 0x0] Traceroute
next hop 21.22.1.22/32 Type escape sequence to abort.
local adjacency Backup Path & Tracing the route to 3.3.3.122
local label 16122 labels imposed {16122} Label Imposed
[SNIP] 1 21.121.0.121 [MPLS: Label 16122 Exp 0] 19 msec 9 msec 9 msec
2 121.122.2.122 9 msec * 9 msec
Step 2: Network Topology Discovery
BGP-LS Overview
Path PCE Traffic
Computation Engineering
• Build TED for Multi-Domain Optimal Element (PCE) Database (TED)
Path Computation
• Scalable Solution is BGP, not IGP.
CLI>
• BGP-LS is an address-family BGP-LS
ABR 1 ABR 2
• afi=16388, safi=71
Head-End
• Defined to carry IGP link-state
Domain A Domain B Domain C
database via BGP
• Supports both IS-IS and OSPF
• Delivers topology information to outside
agents
• Only one BGP-LS speaker required
per domain
XR Transport Controller (XTC)
An IOS XR-powered Stateful Path Computation Element (PCE)
WAE Custom app
• Multi-Domain Topology Collection
• Real-time reactive feed
XTC
• Computation
North-Bound API
• Native SR Policy algorithms
Multi-Domain
Computation
• Applicable to Centralized (Controller) Topology
and Distributed (Router) deployments
“Collection” “Deployment”
BGP-LS PCEP
ISIS / OSPF
XTC – Real-time Topology Feed
• XTC learns real-time topologies via BGP-LS and/or IGP
• BGP-LS is intended to carry link-state topology information
• Hence the name “LS” that stands for “Link State”
• BGP-LS has been extended multiple times in order to incorporate other types of
topology information:
• SR Extensions
• Traffic Engineering Metric Extensions
• Egress Peer Engineering
• SR TE Policies
BGP Link State Configuration
• Common topology abstraction model
• IGP network modeled
• Three classes of objects
• Nodes
• Links
• prefixes
BGP-LS Objects
• 11 nodes
• 29 links
• 98 prefixes
• 248 Paths
Configure
BGP Link State Device Configuration
IGP Configuration BGP Configuration
RP/0/0/CPU0:PE122#config t PE122 RP/0/0/CPU0:PE122#sh run router bgp PE122
! Mon Jan 29 04:09:49.717 UTC
router isis 3 Instance ID = router bgp 1
distribute bgp-ls instance-id 3 bgp router-id 3.3.3.122 BGP ID
Domain ID
! !
RP/0/0/CPU0:PE122#sh run router isis 2 [SNIP]
Mon Jan 29 04:18:22.432 UTC !
router isis 2 neighbor-group epn
is-type level-2-only remote-as 1
net 49.0001.0000.0000.0122.00 update-source Loopback0
distribute link-state instance-id 2 address-family ipv4 labeled-unicast
address-family ipv4 unicast route-reflector-client
Specify BGP-LS
segment-routing mpls Domain 2 next-hop-self
! Neighbor
!
interface Loopback0 !
address-family ipv4 unicast neighbor 4.4.4.4 XR Transport
prefix-sid index 122 remote-as 1 Controller (XTC)
! update-source Loopback0 Address
! address-family ipv4 labeled-unicast
interface GigabitEthernet0/0/0/1 !
point-to-point address-family link-state link-state
address-family ipv4 unicast ! Enable BGP Link
fast-reroute per-prefix ! State
fast-reroute per-prefix ti-lfa neighbor 2.2.2.21
[SNIP] use neighbor-group epn
!
[Output TRIMMED]
Configure
BGP Link State XTC Configuration
RP/0/0/CPU0:XTC-RR4#sh run router bgp XTC-RR4
Mon Jan 29 04:07:50.050 UTC
router bgp 1
bgp router-id 4.4.4.4
BGP ID
address-family ipv4 unicast
table-policy fib
additional-paths receive
additional-paths send
additional-paths selection route-policy multipath
!
address-family link-state link-state
!
neighbor-group epn
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
Enable Address
route-reflector-client
Family Link State
!
address-family link-state link-state
!
neighbor 3.3.3.111
use neighbor-group epn
! BGP-LS Neighbors
neighbor 3.3.3.112
use neighbor-group epn
!
[SNIP]
BGP -LS Validation Only
BGP Link State Verification

RP/0/0/CPU0:XTC-RR4#show bgp link-state link-state summary XTC-RR4
Mon Jan 29 03:24:02.000 UTC
BGP router identifier 4.4.4.4, local AS number 1
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 95
BGP main routing table version 95
BGP NSR Initial initsync version 95 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Neighbors:
BGP is operating in STANDALONE mode.
3.3.3.111 62 Paths
Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer 3.3.3.112 62
Speaker 95 95 95 95 95 0 3.3.3.121 62
3.3.3.122 62
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd Total = 62x4 = 248 Paths
3.3.3.111 0 1 2792 2758 95 0 0 1d21h 62
3.3.3.112 0 1 2792 2758 95 0 0 1d21h 62
3.3.3.121 0 1 2788 2758 95 0 0 1d21h 62
3.3.3.122 0 1 2788 2758 95 0 0 1d21h 62

RP/0/0/CPU0:XTC-RR4#show bgp link-state link-state XTC-RR4
Mon Jan 29 03:24:49.337 UTC
Check here for the
BGP NSR Initial initsync version 95 (Reached) Prefix codes
Status codes: s suppressed, d damped, h history, * valid, > best

i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete Node
Prefix codes: E link, V node, T IP reacheable route, u/U unknown V= node
I Identifier, N local node, R remote node, L link, P prefix
L1/L2 ISIS level-1/level-2, O OSPF, D direct, S static/peer-node
O= OSPF
a area-ID, l link-ID, t topology-ID, s ISO-ID, N= local node
c confed-ID/ASN, b bgp-identifier, r router-ID, c= Confed ID/ ASN -- 1
i if-address, n nbr-address, o OSPF Route-type, p IP-prefix
d designated router address b=bgp-id – 0.0.0.0
Network Next Hop Metric LocPrf Weight Path a=area-id -- 0.0.0.0
*>i[V][L2][I0x2][N[c1][b0.0.0.0][s0000.0000.0021.00]]/328
3.3.3.121 100 0i
r=router-id -- 1.1.1.11
*i 3.3.3.122 100 0i
*>i[V][O][I0xb][N[c1][b0.0.0.0][a0.0.0.0][r1.1.1.11]]/376
3.3.3.111 100 0i
i 3.3.3.112 100 0i
[SNIP]

*i 3.3.3.112 100 0i
*>i[E][O][I0xb][N[c1][b0.0.0.0][a0.0.0.0][r3.3.3.112]][R[c1][b0.0.0.0][a0.0.0.0][r1.1.1.13]][L[i13.112.0.112][n13.112.0.13]]/792
3.3.3.111 100 0i
*i 3.3.3.112 100 0i
*>i[E][O][I0xb][N[c1][b0.0.0.0][a0.0.0.0][r3.3.3.112]][R[c1][b0.0.0.0][a0.0.0.0][r3.3.3.111]][L[i111.112.3.112][n111.112.3.111]]/792
3.3.3.111 100 0i
*i 3.3.3.112 100 0i
*>i[T][L2][I0x2][N[c1][b0.0.0.0][s0000.0000.0021.00]][P[p21.22.1.0/24]]/392
3.3.3.121 100 0i
*i 3.3.3.122 100 0i Link
*>i[T][L2][I0x2][N[c1][b0.0.0.0][s0000.0000.0021.00]][P[p21.121.0.0/24]]/392
3.3.3.121 100 0i
E=link
• i 3.3.3.122 100 0i N=node
[SNIP] c= Confed ID/ ASN -- 64496
!
*>i[T][O][I0xb][N[c1][b0.0.0.0][a0.0.0.0][r3.3.3.112]][P[o0x01][p111.112.3.0/24]]/480 b=bgp-id – 0.0.0.0
3.3.3.111 100 0i a=area-id -- 0.0.0.0
*i 3.3.3.112 100 0i r=router-id -- 3.3.3.112
*>i[T][O][I0xb][N[c1][b0.0.0.0][a0.0.0.0][r3.3.3.112]][P[o0x01][p3.3.3.112/32]]/488
3.3.3.111 100 0i
Prefix R= remote node
*i 3.3.3.112 100 0i T= IP reacheable route c= Confed ID/ ASN -- 1
N=node b=bgp-id – 0.0.0.0
Processed 94 prefixes, 248 paths c= Confed ID/ ASN -- 1 a=area-id -- 0.0.0.0
b=bgp-id – 0.0.0.0 r=router-id -- 3.3.3.111
a=area-id -- 0.0.0.0 L=link
r=router-id -- 3.3.3.112 i= if-address -- 111.112.3.112
P=prefix n=nbr-address – 111.112.3.111
o= ospf-route-typ -- 0x01
p= ip prefix – 111.112.3.0/24
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Step 3: Compute & Program the Transport Path
Program MPLS labels
SR Policy
PCE
PCEP Architectural Introduction LSP DB
• Path computation PCEP TED

• Large, multi-domain and multi-layer networks
ABR 1 ABR 2
• Path computation element (PCE)
• Computes network paths (topology, paths, etc.)
• Stores TE topology database (synchronized with network)
Domain A Domain B Domain C
• May initiate path creation
• Stateful - stores path database included resources used
(synchronized with network) PCC
• Path computation client (PCC)

• May send path computation requests to PCE
Open/Close/Keepalive
• May send path state updates to PCE
PCC PCE
• Used between head-end router (PCC) and PCE to: Open/Close/Keepalive
• Request/receive path from PCE subject to constraints Request

• State synchronization between PCE and router PCC PCE
Reply
• Hybrid CSPF
Notification
PCC PCE
Notification
Configure
MPLS Traffic Engineering To SR Policy
RSVP-TE SR Policy
A23
segment-routing
Define a path traffic-eng
segment-list name SIDLIST1
explicit-path name OLD-PE112-PE122-A31 index 10 mpls label 16122
index 10 next-label 16112 index 20 mpls label 16112
index 20 next-label 16121 index 30 mpls label 16013
index 30 next-label 16023 !
! Configure a tunnel interface, policy POLICY1 Policy needs:
interface tunnel-te20 that uses the path binding-sid mpls 1000
ipv4 unnumbered Loopback0 1) Color
color 30 end-point ipv4 1.1.1.13
path-option 1 explicit name OLD-PE112-PE122-A31 candidate-paths 2) End Point
! preference 100 3) Candidate Path
router isis 100 Enable TE extensions in IGP dynamic mpls
address-family ipv4 unicast metric
mpls traffic-eng level-1-2 type igp Multiple Paths can be defined
mpls traffic-eng router-id Loopback0 with a Preference. Higher
!
Preference Path is preferred, if
! ! valid
mpls traffic-eng !
Announce the path to be used preference 200
by specific traffic
explicit segment-list SIDLIST1
!
Verification
SR Policy Verification
RP/0/0/CPU0:A23#sh segment-routing traffic-eng policy 4.4.4.4/32
Sun Jan 28 15:23:57.734 UTC
XTC-RR4
XTC-RR4
SR-TE policy database
---------------------
1.1.1.11/32 3.3.3.121/3
Name: POLICY1 (Color: 30, End-point: 1.1.1.13) 3.3.3.111/32
2
Status: 2.2.2.21/32
Admin: up Operational: up for 00:00:07 (since Jan 28 A11 Gig0/0/0/0
PE111
Gig0/0/0/1
PE121
Gig0/0/0/0 A21
15:23:50.464)
1.1.1.12/32 Gig0/0/0/1 Gig0/0/0/1
Candidate-paths:
2.2.2.22/32
Preference 200:
Explicit: segment-list SIDLIST1 (active)
A12 OSPF 1 ISIS 3 ISIS 2 A22
Weight: 0, Metric Type: TE
Gig0/0/0/2 3.3.3.112/32 3.3.3.122/32 Gig0/0/0/2
16122 1.1.1.13/32
2.2.2.23/32
16112
16013
A13 Gig0/0/0/0
PE112
Gig0/0/0/1
PE122
Gig0/0/0/0 A23
Preference 100:
Dynamic (inactive)
Access Domain ID 1 Core Domain ID 3Access Domain ID 2
Weight: 0, Metric Type: IGP
Attributes:
Binding SID: 1000
Allocation mode: explicit
State: Programmed
Policy selected: yes
Forward Class: 0
XTC – IOS XR PCE Configuration Configure
• PCE functionality is available in IOS XR base

RP/0/0/CPU0:XTC-RR4#config t XTC-RR4
image pce
• Physical and virtual IOS XR devices address ipv4 4.4.4.4
commit
• Enable it by configuring its PCEP* session IP

address
Enable PCE
PCC – Device Configuration Configure
• PCE functionality is available in IOS XR base RP/0/0/CPU0:A11#config t A11

!
image segment-routing
global-block 16000 23999
Global Configuration under
• Physical and virtual IOS XR devices
traffic-eng SR Policy
on-demand color 10 PCE Modes: Stateful PCE
• Enable it by configuring its PCEP* session IP dynamic mpls Initiated LSP or PCC Initiated
address pce
& Delegated to PCE
!
metric
type te
!
!
!
on-demand color 20
dynamic mpls
pce
!
metric
type igp
!
!
!
pcc Tunnel ID Rance.
source-address ipv4 1.1.1.11
pce address ipv4 4.4.4.4
Add LSP by PCE.
! PCE creates tunnel
! using assign Tunnel
ID from given range
Verification
PCEP Verification – IOS XR PCE

RP/0/0/CPU0:XTC-RR4#sh pce ipv4 peer XTC-RR4
Mon Jan 29 13:18:58.815 UTC
PCE's peer database:

--------------------
Peer address: 1.1.1.11
State: Up
Capabilities: Stateful, Segment-Routing, Update, Instantiation
Peer address: 2.2.2.21

State: Up
Capabilities: Stateful, Segment-Routing, Update, Instantiation
Verifying PCEP session

on the server ( PCE)
Verification
RP/0/0/CPU0:XTC-RR4#show pce ipv4 topology summary XTC-RR4
Mon Jan 29 13:30:30.987 UTC
PCE's topology database summary:

--------------------------------
Topology nodes: 11
Prefixes: 14
Prefix SIDs:
Total: 14 PCE Topology Information:
Regular: 14
Strict: 0 Nodes = 11
Links:
Total: 29 Prefix SID = 14
EPE:
Adjacency SIDs:
0 Links = 29
Total: 58 Adjancey SIDs = 58
Unprotected: 29
Protected: 29
EPE: 0
Private Information:
Lookup Nodes 15
Consistent yes
Update Stats (from IGP and/or BGP):

Noded added: 15
Noded deleted: 0
Links added: 30
Links deleted: 0
Prefix added: 49
Prefix deleted: 0
Verification
RP/0/0/CPU0:XTC-RR4#show pce ipv4 topology 1.1.1.11
Mon Jan 29 13:35:12.578 UTC
PCE's topology database - detail: XTC-RR4

---------------------------------
Node 9
TE router ID: 1.1.1.11
OSPF router ID: 1.1.1.11 area ID: 0 domain ID: 11 ASN: 1
Prefix SID:
Prefix 1.1.1.11, label 16011 (regular), domain ID 11
SRGB INFO:
OSPF router ID: 1.1.1.11 area ID: 0 SRGB Start: 16000 Size: 8000
Link[0]: local address 11.12.1.11, remote address 11.12.1.12

Local node:
Remote node:
Metric: IGP 1, TE 1
Bandwidth: Total 125000000 Bps, Reservable 0 Bps
Adj SID: 24012 (protected) 24011 (unprotected)
Link[1]: local address 11.111.0.11, remote address 11.111.0.111

Local node:
Remote node:
Host name: PE111
Metric: IGP 1, TE 1
Bandwidth: Total 125000000 Bps, Reservable 0 Bps
Adj SID: 24001 (protected) 24000 (unprotected)
Next Step:
Service Enablement or Service
Provisioning
Network Services Orchestrator (NSO)
Management Network
• Multi-vendor service orchestrator Applications Engineer
o Distributed service configuration management
o Transaction integrity REST, Java, NETCONF Network-wide CLI, Web UI
o Validation and rollback
• Single pane of glass for: Network Services Orchestrator (NSO) Service

Models
o L2-L7 networking Service Manager
o Hardware Devices
Device Manager
o Virtual Appliances
• YANG Model Driven Orchestration Device

Network Element Drivers Models
o Service Data models
o Device Data Model
o Network Element Driver NETCONF, CLI, SNMP, REST, etc. End-to-End
• Highly Scalable for large infrastructure Transactions
o One of the existing deployment is managing 60K
devices on the network
• Applications
• Controllers
Configure
Step 1: L3VPN Provisioning
RP/0/0/CPU0:A11#config t A11
• Configure L3VPN Service on Node A11 and A21 vrf epn
import route-target
1:1
!
export route-target
XTC- 1:1
RR NSO !
interface Loopback10
vrf epn
ipv4 address 9.9.9.11 255.255.255.255
!
interface Loopback11
vrf epn
A11 PE111 PE121 A21 ipv4 address 8.8.8.11 255.255.255.255
!
router bgp 1
!
A12 OSPF ISIS ISIS A22 address-family vpnv4 unicast
!
neighbor 4.4.4.4
remote-as 1
A13 PE112 PE122 A23 address-family vpnv4 unicast
!
vrf epn
rd 11:11
redistribute connected
Configure
Step 2: XTC Configuration – L3VPN Route Reflector

• Note that XTC-RR4 is also acting like BGP VPNv4 RP/0/0/CPU0: XTC-RR4#config t XTC-RR4
router bgp 1
Route-Reflector address-family vpnv4 unicast
!
neighbor-group epn-vpnv4
Enable PCE
remote-as 1
XTC- update-source Loopback0
RR NSO address-family vpnv4 unicast
route-reflector-client
VPNv4 VPNv4 !
!
neighbor 1.1.1.11
use neighbor-group epn-vpnv4
!
A11 PE111 PE121 A21 neighbor 2.2.2.21
use neighbor-group epn-vpnv4
!
commit
A12 OSPF ISIS ISIS A22
A13 PE112 PE122 A23
Verification
BGP VPNv4 Session Verification

RP/0/0/CPU0:XTC-RR4#sh bgp vpnv4 unicast summary
Mon Mar 6 18:39:44.111 UTC
XTC-RR4
BGP generic scan interval 60 secs XTC-
Non-stop routing is enabled RR NSO
Table ID: 0x0 RD version: 0 VPNv4 VPNv4
BGP NSR/ISSU Sync-Group versions 0/0 A11 PE111 PE121 A21
BGP is operating in STANDALONE mode.

Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTbl
Ver StandbyVer
Speaker 5 5 5 5 5 0 A13 PE112 PE122 A23
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ
OutQ Up/Down St/PfxRcd
1.1.1.11 0 1 7 9 5 0 0 00:03:19 2
2.2.2.21 0 1 7 8 5 0 0 00:03:39 2
Verfication
BGP VPNv4 Session Verification

RP/0/0/CPU0:A11#show bgp vpnv4 unicast A11
Mon Mar 6 18:42:41.895 UTC
Remote Prefix Routes
Status codes: s suppressed, d damped, h history, * valid, > best 8.8.8.21/32
i - internal, r RIB-failure, S stale, N Nexthop-discard 9.9.9.21/32
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 11:11 (default for vrf epn)
*> 8.8.8.11/32 0.0.0.0 0 32768 ?
*> 9.9.9.11/32 0.0.0.0 0 32768 ?
Route Distinguisher: 21:21
* i8.8.8.21/32 2.2.2.21 0 100 0?
* i9.9.9.21/32 2.2.2.21 0 100 0?
Configure
Step 3: Configure Route Policy on A11 and A21

extcommunity-set opaque BLUE A11
10
end-set
!
extcommunity-set opaque GREEN
20
end-set
!
route-policy SET_COLOR
if destination in (8.8.8.0 0.0.0.255 ) then
set extcommunity color BLUE
else
set extcommunity color GREEN
endif If Prefix 8.8.8.0/24 then color=10
end-policy If Prefix = Any thing else then color =20
Configure
Step 4: Apply the route-policy to the BGP VPNv4 unicast
peering between A11 and the route reflector (XTC-RR4)
router bgp 1 A11
!
address-family vpnv4 unicast
!
neighbor 4.4.4.4
remote-as 1
address-family vpnv4 unicast
route-policy SET_COLOR out
Egress PE Policy
If Prefix 8.8.8.0/24 then set Color 10
else
Set Color 20
Configure
Step 5: Enable Traffic Engineering on A11 and A12

RP/0/0/CPU0:A11#config t A11
router ospf 1
area 0
mpls traffic-eng
!
mpls traffic-eng router-id Loopback0
!
ipv4 unnumbered mpls traffic-eng Loopback0
Enable Traffic Engineering Under
! IGP
mpls traffic-eng
commit
L3VPN Verfication
L3VPN Service Validation
Control Plane Control Plane
RP/0/0/CPU0:A11# show bgp vrf epn A11 RP/0/0/CPU0:A11#sh bgp vpnv4 unicast vrf epn 8.8.8.21/32 A11
BGP VRF epn, state: Active BGP routing table entry for 8.8.8.21/32, Route Distinguisher: 11:11
BGP Route Distinguisher: 11:11 Versions:
VRF ID: 0x60000001 Process bRIB/RIB SendTblVer
BGP router identifier 1.1.1.11, local AS number 1 Speaker 57 57
Non-stop routing is enabled Last Modified: Jan 27 05:41:18.359 for 2d09h
BGP table state: Active Paths: (1 available, best #1)
Table ID: 0xe0000010 RD version: 61 Not advertised to any peer
BGP main routing table version 62 Path #1: Received by speaker 0
BGP NSR Initial initsync version 13 (Reached) Not advertised to any peer
BGP NSR/ISSU Sync-Group versions 0/0 Local
2.2.2.21 C:10 (bsid:24018) from 4.4.4.4 (2.2.2.21)
Status codes: s suppressed, d damped, h history, * valid, > best Received Label 24007
i - internal, r RIB-failure, S stale, N Nexthop-discard Origin incomplete, metric 0, localpref 100, valid, internal, best, group-
Origin codes: i - IGP, e - EGP, ? - incomplete best, import-candidate, imported
Network Next Hop Metric LocPrf Weight Path Received Path ID 0, Local Path ID 0, version 55
Route Distinguisher: 11:11 (default for vrf epn) Extended community: Color:10 RT:1:1
*> 8.8.8.11/32 0.0.0.0 0 32768 ? Originator: 2.2.2.21, Cluster list: 4.4.4.4
*>i8.8.8.21/32 2.2.2.21 C:10 0 100 0? SR ODN policy color 10, up, registered, bsid 24018, if-handle
*> 9.9.9.11/32 0.0.0.0 0 32768 ? 0x00000190
*>i9.9.9.21/32 2.2.2.21 C:20 0 100 0? SR Policy Color
Processed 4 prefixes, 4 paths Source AFI: VPNv4 Unicast, Source VRF: default, Source Route
Color Distinguisher: 21:21
Verification
L3VPN Service Validation
Forwarding Plane Forwarding Plane
RP/0/0/CPU0:A11#sh segment-routing traffic-eng policy A11 RP/0/0/CPU0:A11#sh segment-routing traffic-eng policy A11
SR-TE policy database Policy Color SR-TE policy database Policy Color
--------------------- and End Point --------------------- and End Point
Name: bgp_AP_1 (Color: 20, End-point: 2.2.2.21) Name: bgp_AP_8 (Color: 10, End-point: 2.2.2.21)
Status: Status:
Admin: up Operational: up for 1d22h (since Jan 27 16:40:54.734) Admin: up Operational: up for 2d09h (since Jan 27 05:41:18.356)
Candidate-paths: Candidate-paths:
Preference 100: Preference 100:
Dynamic (pce 4.4.4.4) (active) Dynamic (pce 4.4.4.4) (active)
Weight: 0, Metric Type: IGP Weight: 0, Metric Type: TE
TE Path
16111 [Prefix-SID, 3.3.3.111] 16112 [Prefix-SID, 3.3.3.112]
16121 [Prefix-SID, 3.3.3.121]
IGP Path 16122 [Prefix-SID, 3.3.3.122]
16021 [Prefix-SID, 2.2.2.21] 24006 [Adjacency-SID, 121.122.2.122 - 121.122.2.121]
Attributes: 16021 [Prefix-SID, 2.2.2.21]
Binding SID: 24013 Attributes:
Allocation mode: dynamic Binding SID: 24018
State: Programmed Allocation mode: dynamic
Policy selected: yes State: Programmed
Forward Class: 0 Policy selected: yes
Distinguisher: 0 Forward Class: 0
Auto-policy info: Distinguisher: 0
Creator: BGP Auto-policy info:
IPv6 caps enable: no Creator: BGP
IPv6 caps enable: no
Data Plane (IGP Metric) 4.4.4.4/32
NSO
XTC-RR4
3.3.3.111/32 3.3.3.121/32
1.1.1.11/32 2.2.2.21/32
11.111.0/24 111.121.1/24 21.121.0/24
A11 Gig0/0/0/0
PE111 Gig0/0/0/1
PE121 Gig0/0/0/0 A21
Gig0/0/0/1 OSPF 1 ISIS 3 ISIS 2
Gig0/0/0/1
111.112.3/24
111.112.2/24
121.122.2/24
Prefix-SID-List [16111,16121,16021]
121.122.3/24
Gig0/0/0/3
Gig0/0/0/2
1.1.1.12/32
Gig0/0/0/2
Gig0/0/0/3
2.2.2.22/32
A12 16111 PHP 16021 service

A22 frame
16121 service frame
Gig0/0/0/2 Gig0/0/0/2
3.3.3.112/32 3.3.3.122/32
16021 frame
1.1.1.13/32 2.2.2.23/32
service 13.112.0/24 112.122.1/24 23.122.0/24
A13 Gig0/0/0/0 PE112 Gig0/0/0/1
PE122 Gig0/0/0/0 A23
frame
Access Domain ID 1 Core Domain ID 3 Access Domain ID 2
16112
4.4.4.4/32
Data Plane 16122 NSO
Adj-SID
(TE Metric) XTC-RR4 16021
16021
service service
service
frame frame frame
frame
3.3.3.111/32 3.3.3.121/32
1.1.1.11/32 2.2.2.21/32
11.111.0/24 TE Metric 100
111.121.1/24 21.121.0/24
A11 Gig0/0/0/0
PE111 Gig0/0/0/1
PE121 Gig0/0/0/0 A21
Gig0/0/0/1
OSPF 1 ISIS 3 ISIS 2 Gig0/0/0/1
TE Metric 100
111.112.3/24
111.112.2/24
121.122.2/24
16112
121.122.3/24
Gig0/0/0/3
Gig0/0/0/2
1.1.1.12/32
Gig0/0/0/2
Gig0/0/0/3
2.2.2.22/32
A12
16122 A22
Adj-SID
16021
Gig0/0/0/2
3.3.3.112/32 3.3.3.122/32 Gig0/0/0/2
1.1.1.13/32 service 2.2.2.23/32

13.112.0/24 112.122.1/24 23.122.0/24
A13
frame Gig0/0/0/0 PE112 Gig0/0/0/1
PE122 Gig0/0/0/0 A23
16122 Adj-SID
Adj-SID 16021
16021 service
service frame
frame BRKSPG-2210 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Verification
L3VPN Service Validation Forwarding Plane
Forwarding Plane
RP/0/0/CPU0:XTC-RR4#show pce lsp detail XTC-RR4
RP/0/0/CPU0:A11#sh cef vrf epn 8.8.8.21/32 A11
8.8.8.21/32, version 38, internal 0x5000001 0x0 (ptr 0xa134e4a4) [1], PCE's tunnel database:
0x0 (0x0), 0x208 (0xa15d54d8) ----------------------
Updated Jan 27 05:41:18.405 PCC 1.1.1.11:
Prefix Len 32, traffic index 0, precedence n/a, priority 3
SR Policy Status
via local-label 24018, 3 dependencies, recursive [flags 0x6000] Tunnel Name: bgp_AP_1
path-idx 0 NHID 0x0 [0xa163e96c 0x0] LSPs:
recursion-via-label
Primary Path & LSP[0]:
next hop VRF - 'default', table - 0xe0000000 Label Imposed source 1.1.1.11, destination 2.2.2.21, tunnel ID 1, LSP ID 84
next hop via 24018/0/21 State: Admin up, Operation active
next hop bgp_AP_8 labels imposed {ImplNull 24007} Setup type: Segment Routing
! Binding SID: 24013
Reported Path
RP/0/0/CPU0:A11#traceroute 8.8.8.21 source 8.8.8.11 vrf epn Bandwidth: signaled 0, applied 0
Type escape sequence to abort. ! [Output Trimmed]
Tracing the route to 8.8.8.21 TE Path Reported path:
Metric type: IGP, Accumulated Metric 0
1 11.111.0.111 [MPLS: Labels 16112/16122/24006/16021/24007 Exp SID[0]: Node, Label 16111, Address 3.3.3.111
0] 29 msec 19 msec 19 msec SID[1]: Node, Label 16121, Address 3.3.3.121
2 111.112.2.112 [MPLS: Labels 16122/24006/16021/24007 Exp 0] 29 SID[2]: Node, Label 16021, Address 2.2.2.21
msec 19 msec 19 msec Computed path: (Local PCE)
3 112.122.1.122 [MPLS: Labels 24006/16021/24007 Exp 0] 29 Computed Time: Mon Jan 29 15:10:39 2018 (00:09:57 ago)
msec 29 msec 19 msec Metric type: IGP, Accumulated Metric 21
4 121.122.2.121 [MPLS: Labels 16021/24007 Exp 0] 19 msec 19 SID[0]: Node, Label 16111, Address 3.3.3.111
msec 19 msec SID[1]: Node, Label 16121, Address 3.3.3.121
5 21.121.0.21 29 msec * 29 msec SID[2]: Node, Label 16021, Address 2.2.2.21
!
[SNIP] Computed Path
Summary
• Multi-domain Segment Routing (SR-TE) policies
computed by a stateful SR PCE
• Coupled with SR On-Demand Next-hops (ODN)
XTC-RR NSO
• Scalable – automatic SR-TE policies triggered by service
(VPN) routes
• Auto-Steering – automatic steering of service traffic into SR-
TE policies
A11 PE111 PE121 A21

VPN acme
Site 2
VPN acme
Site 1
A13 PE112 PE122 A23
Routing defined path

Resource constraint path
Summary
BGP-LS for Topology Discovery
XTC-RR NSO
BGP-LS
BGP-LS
A11 PE111 PE121 A21

BGP-LS BGP-LS
A13 PE112 PE122 A23
Summary
PCEP Session between PCE and PCC
XTC-RR as SR PCE
XTC-RR NSO
PCEP PCEP
A1x as SR PCC
A2x as SR PCC
A11 PE111 PE121 A21
A13 PE112 PE122 A23
Summary
Step 1 – NSO Instantiate the L3VPN Service
NSO
• NSO instantiates an L3 VPN service on PEs

1
• Note: NO transport elements configured by NSO
A11 PE111 PE121 A21

VPN acme
VPN acme Site 2
Site 1
A13 PE112 PE122 A23
Summary
Step 2 - VPN routes propagated via BGP
XTC- XTC-RR as BGP RR
RR
A11 PE111 PE121 A21

A21
VPN acme VPN acme
Site 1 Site 2
A13 PE112 PE122 A23
Summary
RR
A11 PE111 PE121 A21

A21
VPN acme VPN acme
Site 1 Site 2
A13 PE112 PE122 A23
Summary
BGP VPNv4 RR BGP VPNv4
• Routes tagged with user-defined community to convey SLA requirements

2 • VPN routes propagated via BGP
A11 PE111 PE121 A21

A21
VPN acme VPN acme
Site 1 Site 2
A13 PE112 PE122 A23
Summary
Step 3 - PCE Path Computation - Request
XTC- XTC-RR as SR PCE
RR
A11 as SR PCC
A11 PE111 PE121 A21
VPN acme VPN acme
Site 1 Site 2
A12 ISIS A22
OSPF ISIS
A13 PE112 PE122 A23
Summary
RR
• Ingress PE matches on user-specified BGP community
3 • Ingress PE enforces policy associated with the community
A11 as SR PCC
A11 PE111 PE121 A21
VPN acme VPN acme
Site 1 Site 2
A12 ISIS A22
OSPF ISIS
A13 PE112 PE122 A23
Summary
<policy_sample>
IF color = 10
THEN RR
PCEP
contact PCE
Need a path to node (A21)
request path to BGP NH Rule: Minimize TE metric • Ingress PE matches on user-specified BGP community
minimize TE metric 3 • Ingress PE enforces policy associated with the community
A11 as SR PCC
A11 PE111 PE121 A21
VPN acme VPN acme
Site 1 Site 2
A12 ISIS A22
OSPF ISIS
A13 PE112 PE122 A23
Summary
Step 4 - PCE Path Computation - Response
RR
PCEP
SR-EROs
• PCE computes path
Label 1 4 • PCE replies to PCC with SR-EROs (segment (SID) list)
A11 as SR PCC Label 2
Label 3
A11 PE111 PE121 A21

VPN acme VPN acme
Site 1 Site 2
A13 PE112 PE122 A23
Summary
Step 5 - Service Up and Running with the path established.
FIB
Y/24 via label 24018
A11 PE111 PE121 A21

VPN acme VPN acme
Site 1 Site 2
A13 PE112 PE122 A23
Summary
• PE programs SR-TE policy in FIB

5 • PE allocates a Binding-SID (B-SID) to it
• PE programs forwarding for VPN route via B-SID of SR-TE policy
FIB
B-SID = 24018
A11 PE111 PE121 A21

VPN acme VPN acme
Site 1 Site 2
A13 PE112 PE122 A23
Summary
FIB
B-SID = 24018
A11 PE111 PE121 A21

VPN acme VPN acme
Site 1 Site 2
A13 PE112 PE122 A23
Summary
• Traffic destined to VPN prefixes automatically steered onto SR policy

6 • Note: NO feature required for steering (no auto-route announce, no PBR,
FIB
no PBTS)
IP
DA Y/24 via label 24018
Y.0.0.1
B-SID = 24018
A11 PE111 PE121 A21

VPN acme VPN acme
Site 1 Site 2
A13 PE112 PE122 A23
Conclusions
Controllers, Orchestrators
Summary 5- Turn on PCEP
• Automation 4- Turn on BGP-LS

Access Domain C
• Configuration through Netconf/Yang
Models 2- Use of Netconf/Yang
• Network Simplification with Segment

Routing Core
• Enable Topology Discovery

1- Automate the network setup
• Enable inter Domains Traffic
Engineering
Access Domain B
3- Simplify MPLS transport with Segment routing
Programmatic Approach
References
• LTRMPL-2104 - Cisco WAN Automation Engine (WAE) Network Programmability with
Segment Routing
• Agile Carrier Ethernet Demonstration on Youtube -
https://www.youtube.com/watch?v=biYqyAn9rl0
• Segment Routing .net - http://www.segment-routing.net/
• Segment Routing Demo Friday - https://www.sdxcentral.com/resources/sdn-
demofriday/segment-routing-cisco-demofriday/
• Cisco Programmability Yang blog - http://blogs.cisco.com/tag/yang
• Tail-f netconf yang tutorials - http://www.tail-f.com/education/
• BGP-LS linkedin blog: https://www.linkedin.com/pulse/introduction-open-api-bgp-link-state-
bgp-ls-source-controller-abeer?trk=prof-post
• Netconf linkedin blog: https://www.linkedin.com/pulse/netconf-rfc-6242-protocol-tutorial-
ahmed-n-abeer?trk=prof-post
Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
cs.co/ciscolivebot#BRKSPG-2210
• Please complete your Online Complete Your Online
Session Evaluations after each
session
Session Evaluation
• Complete 4 Session Evaluations
& the Overall Conference
Evaluation (available from
Thursday) to receive your Cisco
Live T-shirt
• All surveys can be completed via
the Cisco Live Mobile App or the
Communication Stations
Don’t forget: Cisco Live sessions will be available
for viewing on-demand after the event at
www.ciscolive.com/global/on-demand-library/.
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Tech Circle
• Meet the Engineer 1:1 meetings
• Related sessions
Thank you

BRKSPG 2210 PDF

Uploaded by

Copyright:

Available Formats

BRKSPG 2210 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BRKSPG 2210 PDF

Uploaded by

Copyright:

Available Formats

BRKSPG-2210

Ahmed Abeer, Technical Marketing Engineer

• Next Step: Service Enablement

At the same time, keep the same Services KPI’s

Access Domain A Access Domain A

Value added requirements

DHCP server provides a script using

HTTP Request Config

3 Scripts is executed on the device and registers

HTTP Request Config

Boot BootUp Script Yes Separate

Download HTTP server TFTP server HTTP TFTP

NSO Initiated Yes Yes

• Seamless migration ABR 1 ABR 2

• Traffic Engineering: SR-TE Domain A Domain B Domain C

LDP LDP Prefix SIDs

Unified MPLS Programmable MPLS

MPLS Labels Unifed MPLS Segment Routing

Transport Labels Dynamic Label allocation (LDP) Programmed or cli

Service Labels Dynamic Label allocation (LDP) Programmed or cli

ABR 1 ABR 2 ABR 1 ABR 2

Domain A Domain B Domain C Domain A Domain B Domain C

3 Service Label 3 3 4 Service Label 4 4

IGP / LDP IGP / LDP IGP / LDP

Reference Topology Loopback IP

BGP Link State Verification

BGP Link State Verification

Status codes: s suppressed, d damped, h history, * valid, > best

BGP Link State Verification

• Path computation PCEP TED

• Path computation client (PCC)

• Request/receive path from PCE subject to constraints Request

• PCE functionality is available in IOS XR base

• Enable it by configuring its PCEP* session IP

• PCE functionality is available in IOS XR base RP/0/0/CPU0:A11#config t A11

PCEP Verification – IOS XR PCE

PCE's peer database:

Peer address: 2.2.2.21

Verifying PCEP session

PCE's topology database summary:

Update Stats (from IGP and/or BGP):

PCE's topology database - detail: XTC-RR4

Link[0]: local address 11.12.1.11, remote address 11.12.1.12

Link[1]: local address 11.111.0.11, remote address 11.111.0.111

• Single pane of glass for: Network Services Orchestrator (NSO) Service

• YANG Model Driven Orchestration Device

Step 2: XTC Configuration – L3VPN Route Reflector

A12 OSPF ISIS ISIS A22

A13 PE112 PE122 A23

BGP VPNv4 Session Verification

BGP is operating in STANDALONE mode.

BGP VPNv4 Session Verification

Step 3: Configure Route Policy on A11 and A21

Step 5: Enable Traffic Engineering on A11 and A12

A12 16111 PHP 16021 service

Access Domain ID 1 Core Domain ID 3 Access Domain ID 2

1.1.1.13/32 service 2.2.2.23/32

A11 PE111 PE121 A21

A13 PE112 PE122 A23