Upload
anton-marchenko
View
74
Download
3
Embed Size (px)
Citation preview
BRKARC-2001
Cisco ASR1000 Series Routers' System & Solution Architectures
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 2
Perf
orm
ance a
nd S
erv
ices S
cala
bili
ty
Cisco Routing Platform Positioning
Branch
Head Office / WAN Aggregation
Routing System with Integrated Services — Security, Voice, Video, Wireless, WAN Optimization
Secure, Reliable, Concurrent WAN Services Aggregation
High-performance embedded Services, Services Flexibility
Hardware/Software Resiliency, Modular Software
Highest Capacity,
Highly Available,
Modular Services
Modular software,
Consistent
LAN/WAN services
ISR Series
7200 Series
7600 Series/
Catalyst 6500
SeriesSecure WAN Aggregation
Integrated Threat Control
Application Optimization
ASR 1000 (Up to 40G)
ASR 1001
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 3
Agenda
Cisco ASR1000 Series Routers
Introduction to ASR1000
Hardware Architecture
Software Architecture
Borderless Network Architectures
Cisco ASR1000 Interfaces, Modules
I/O Shared Port Adapters (SPA)
Q&A
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 4
Cisco ASR 1000 Series Introduction
SPA Interface Processor (SIP)
Can take Up to 4 HH SPAs
SPA Slots
Re-Uses existing SPAs
Embedded Services Processor
(ESP) 40 Cores with Traffic ManagerRoute Processor (RP)
2.66x2 GHz, Up to 16GB DRAM
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 5
Chassis Options: ASR1006
RP
ESP
SIP
SPAs
6RU
0
1
0
1
0
1
2
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 6
4RU
Chassis Options: ASR1004
RP
ESP
SIP
SPAs
0/0 0/1
0/2 0/3
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 7
Chassis Options: ASR1002
ESP
SIP
SPAs
2RU
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 8
Chassis Options: ASR1001
SPA4xGigabit Ethernet
Integrated Daughter Card
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 9
Route Processor: ASR1000-RP1
Features:
First Generation ASR1000 Route Processor (RP)
1.5GHz PowerPC Processing Complex
Up to 1M v4 / 256K v6 routes
HDD
Enclosure
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 10
Route Processor: ASR1000-RP2
Features:
Second Generation ASR1000 Route Processor (RP)
Dual core 2.66 GHz Intel Xeon Processing Complex
Up to 4M v4, 1M v6 routes
Hot swappable HDD
HDD
Enclosure
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 11
Forwarding Processor: ASR1000-ESP10
Features:
10 Gbps Performance
QFP (QuantumFlow Processor)
800MHz ESP CPU Processing Complex for Control
Cisco
QuantumFlow
Processor
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 12
Forwarding Processor: ASR1000-ESP20
Features:
20 Gbps Performance
QFP (QuantumFlow Processor)
1.2 GHz ESP CPU Processing Complex for Control
Cisco
QuantumFlow
Processor
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 13
Forwarding Processor: ASR1000-ESP40
Features:
40 Gbps Performance
QFP (QuantumFlow Processor)
Dual core 1.8 GHz ESP CPU Processing Complex for Control
Cisco
QuantumFlow
Processor
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 14
SPA Interface Processor: ASR1000-SIP10, and SIP40
Features:
First and Second Generation ASR1000 SIP
10 or 40 Gbps Aggregate Performance
800 MHz SIP10 CPU Processing Complex for Control
1.3 GHz SIP40 CPU Processor Complex for Control
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 15
Forwarding Processor—Embedded Services Processor (ESP)
Centralized, programmable forwarding engine (i.e. QFP subsystem (PPE) and crypto engine) providing full-packet processing
Packet buffering and queuing/scheduling (BQS or Traffic Manager)
For output traffic to carrier cards/SPA‟s
For special features such as input shaping, reassembly, replication, punt to RP, etc.
Interconnect providing data path links (ESI) to/from other cards over mid-plane
Transports traffic into and out of QFP
Input scheduler for allocating QFP BW among ESI‟s
ESP CPU managing QFP, crypto device, mid-plane links, etc
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 16
SPA Interface Processor
Physical termination of SPA
Supports up to 4 SPA‟s
4 half-height, 2 full-height, 2 HH+1FH
Full OIR support
Does not participate in forwarding
Limited QoS
Ingress packet classification—high/low
Ingress over-subscription buffering (low priority) until FP can service them. Up to 128MB of ingress oversubscription buffering
Capture stats on dropped packets
Network clock distribution to SPA‟s, reference selection from SPA‟s
SIP CPU manages Midplane links, SPA OIR, SPA drivers
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 17
ASR 1000 SeriesModels Comparison Matrix
Chassis ESP2.5 ESP5 ESP10 ESP20 ESP 40 RP1 RP2Integrated
GigE
HH
SPAs
ASR 1001 * 4 1
ASR 1002 4 3
ASR 1004 8
ASR 1006 12
ASR 1013 24
Max Encryption Throughput
1.0Gbps 1.8Gbps 4.0Gbps 7.0Gbps 11.0Gbps*shared with ESP CP
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 18
ASR1000 RP1 and RP2 Hardware Comparison
ASR1000 RP1 ASR1000 RP2
CPU Freescale 1.5GHz Dual-Core Intel Xeon
Processor 2.67GHz
Memory 2GB default (2x1GB)
4GB maximum (2x2GB)
RP1 with 4GB built in
ASR1002
8GB default (4x2GB)
16GB maximum
(4x4GB)
Built-in eUSB bootflash 1GB (8GB on ASR-
1002)
2GB
NVRAM 32MB 32MB
Hard disk drive size 40GB 80GB
Chassis Support ASR 1002 (built-in),
ASR 1004 and ASR
1006
ASR 1004 and ASR
1006, 1013
Cisco IOS XE Operating
System
32 bit 64 bit
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 19
Mid-plane
ASR1000 Building Blocks
RP (Route Processor)Handles control plane traffic
Manages system
ESPHandles forwarding plane traffic
SIPHouses the SPAs
SPAsProvide interface connectivity
Centralized Forwarding Architecture
All traffic flows through the ESP
SPA-SPI, 11.2Gbps
Hyper Transport, 10Gbps
ESI, (Enhanced Serdes Interface) 11.5Gbps
Route
Processor
(standby)
RP
Interconn.
Route
Processor
(active)
RP
Interconn.
Embedded
Services
Processor
(active)
Interconn.
QFP subsys-temCrypto
assist
SP
I4.2
ESP CPU
Embedded
Services
Processor
(standby)
SPASPA
SIP CPUSPA
Agg.
…
Interconn.
SPASPA
SIP CPUSPA
Agg.
…
Interconn.
SPASPA
IOCPSPA
Agg.
…
Interconn.
Interconn.
QFP subsys-temCrypto
assist
SP
I4.2
ESP CPU
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 20
QFPQFP
QFP
System Bandwidth and Oversubscription
ESP bandwidth denotes the total „output‟ bandwidth of the system, regardless of the direction
As long as High priority traffic long is not over-subscribed, i.e., <=10G for ASR1000-ESP10)
5G 5G
5G5GQFP
5G Unicast in each direction
Total Output bandwidth 5+5=10
1G 8G
2G 2G
1G Multicast with 8X replication in one direction
2G unicast in the other direction
Total Output bandwidth 8+2=10G
5G 5G
6G6G
5G Unicast in one direction & 6G Unicast in the other
direction
Total output bandwidth (5+6=11) exceeds 10G; Only 10G
will go through
1G 10G
1G1G
1G Multicast with 10X replication in one direction
1G Unicast in the other direction
Total bandwidth (10+1=11) exceeds 10G; only 10G will go through
Oversubscribed Oversubscribed
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 21
ASR1000 HA Summary
ASR leverages Cisco IOS HA infrastructure—NSF/SSO, ISSU
1+1 redundancy option for RP and ESP
Active and standby
No load balancing
RP‟s are separate from ESP‟s
Switchover of ESP does not result in switchover of RP
Switchover of RP/IOS does not result in switchover of ESP
Single RP may be configured with dual IOS for SW redundancy (ASR 1002-F, ASR 1002 or ASR 1004 only)
No redundancy for SIP or other I/O cards
SPA plugs into a single SIP
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 22
System Architecture—Distributed Control Plane
Zero
Packet
Loss
Separate and independent internal communication link for control plane (GE)
ActiveRoute
Processor
StandbyRoute
Processor
RP fails
HW or SW
StandbyBecomes
Active
SPA Interface Processor
SPA SPA
SPA SPA
SPA Interface Processor
SPA SPA
SPA SPA
SPA Interface Processor
SPA SPA
SPA SPA
ActiveEmbedded Services
Processor
StandbyEmbedded Services
Processor
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 23
System Architecture—Centralized Data Plane
SPA Interface Processor
SPA SPA
SPA SPA
SPA Interface Processor
SPA SPA
SPA SPA
SPA Interface Processor
SPA SPA
SPA SPA
ActiveRoute
Processor
StandbyRoute
Processor
ActiveEmbedded Services
Processor
StandbyEmbedded Services
ProcessorESP fails – SW or HW
StandbyBecomes Active
MinimalData
Interruption
All packets processed by QFP for forwarding
Separate and Independent links for Data Plane communication (ESI 11.5G)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 24
SIP
SPASPA
IOCP
SPA
Agg.
…
ESP FECP
Interconn.QFP subsystem
Crypto assist
RPCPU
IOSChassis Mgr.
Forwarding Mgr.
Linux Kernel
Chassis Mgr.
Forwarding Mgr.QFP
Software
Interconn.
Chassis Mgr.SPA driver
SPA driver
SPA driver
SPA driver
Interconn.
ESI, 11.2Gbps
SPA-SPI, 11.2Gbps
Hypertransport, 10Gbps
Other
QFP code
IOS
Kernel (incl. utilities)
Kernel (incl. utilities)
Linux Kernel
Linux Kernel
GE, 1Gbps
I2C
SPA Control
SPA Bus
IPC Messages
ASR1000 - Software Architecture (IOS XE)
IOS XE = IOS + Middleware + Platform Software
Operational Consistency—same look and feel as IOS Router
IOS runs as its own Linux process for control plane (Routing, SNMP, CLI etc) 32bit and 64bit options.
Linux kernel with multiple processes running in protected memory for
Fault containment
Re-startability
ISSU of individual SW packages
ASR1000 HAZero-packet-loss RP Failover
<50ms IOSD and ESP Failover
Software RedundancyInterconn.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 25
Data Packet Flow: From SPA through SIP
g
Interconn.
Ingress classifier
Ingress Scheduler
Egress Buffer Status
ESI, 11.2Gbps
SPA-SPI, 11.2Gbps
Hypertransport, 10Gbps
Other
4 SPAs
…
Ingress Buffers (per port)
…
Egress Buffers (per port)
ESPs
SPA Agg.
1. SPA receives packet data from its network interfaces and transfers the packet to the SIP
2. SPA Aggregation ASIC classifies the packet into H/L priority
3. SIP writes packet data to external 128B memory (at 40Gbps from 4 full-rate SPA‟s).
4. Ingress buffer memory is carved into 64 queues. The queues are arranged by SPA-SPI channel and optionally H/L. Channels on “channelized” SPA‟s share the same queue.
5. SPA ASIC selects among ingress queues for next pkt to send to ESP over ESI. It prepares the packet for internal transmission
6. The interconnect transmits packet data of selected packet over ESI to active ESP at up to 11.5Gbps.
7. Active ESP can backpressure SIP via ESI ctl message to slow pkt transfer over ESI if overloaded (provides separate backpressure for Hi vs. Low priority pkt data).
Data
SPA
aggregation
ASIC
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 26
Data Packet Flow: Through ESP10
ESI, 11.2Gbps
SPA-SPI, 11.2Gbps
Hypertransport, 10Gbps
Other
Interconnect
Pkt Buffer
DRAM
(128MB)
Part Len/
BW SRAM
Resource
DRAM
(512MB)
SIP-10
TCAM4
(10Mbit)
Processor pool
PPE0PPE0PPE0PPE1
PPE0PPE0PPE0PPE6
PPE0PPE0PPE0PPE2
PPE0PPE0PPE0PPE5
PPE0PPE0PPE0PPE3
… PPE0PPE0PPE0PPE40
PPE0PPE0PPE0PPE4
Buffer, queue, schedule
(BQS)
QuantumFlow
Processor
Buffer, queue, schedule
(BQS)Buffer, queue, schedule (BQS)
Dispatcher/
Pkt Buffer
1. Packet arrives on QFP
2. Packet assigned to a PPE thread.
3. The PPE thread processes the packet in a feature chain similar to 12.2S IOS (very basic view of a v4 use case):
Input Features applied
Netflow, MQC/NBAR Classify, FW, RPF, Mark/Police, NAT, WCCP etc.
Forwarding Decision is made
Ipv4 FIB, Load Balance, MPLS, MPLSoGRE, Multicast etc.
Output Features applied
Netflow, FW, NAT, Crypto, MQC/NBAR Classify, Police/Mark etc.
Finished
4. Packet released from on-chip memory to Traffic Manager (Queued)
5. The Traffic Manager schedules which traffic to send to which SIP interface (or RP or Crypto Chip) based on priority and what is configured in MQC
6. SIP can independently backpressure ESP via ESI control message to pace the packet transfer if overloaded.
ASR System BW
(Depends on
ESP)
Data
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 27
Data Packet Flow: Through SIP To SPA
g
Interconn.
Ingress classifier
Ingress Scheduler
Egress Buffer Status
ESI, 11.2Gbps
SPA-SPI, 11.2Gbps
Hypertransport, 10Gbps
Other
4 SPAs
…
Ingress Buffers (per port)
…
Egress Buffers (per port)
ESPs
SPA Agg.
Data
1. Interconnect receives packet data over ESI from the active ESP at up to 11.5Gbps.
2. SPA Aggregation ASIC receives the packet and writes it to external egress buffer memory.
3. Egress buffer memory is carved into 64 queues. The queues are arranged by egress SPA-SPI channel and optionally H/L. Channels on “channelized” SPA‟s share the same queue.
4. SPA Aggregation ASIC selects and transfers packet data from eligible queues to SPA-SPI channel (Hi queue are selected before Low)
5. SPA can backpressure transfer of packet data burst independently for each SPA-SPI channel using SPI FIFO status.
6. SPA transmits packet data on network interface
SPA
Aggregation
ASIC
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKSPM-2604_c1 28
Connecting to ASR1000
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 29
Connecting to an ASR1000
Console
Normal IOS console
Telnet, SSH
Needs to be configured, but otherwise, nothing new
AUX
Can be used for diagnostic access
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 30
Management Ethernet
ASR has dedicated GigE Management Ethernet
Not usable for „normal‟ traffic
Supports only basic ACLs
Most forwarding features do not work on this port (traffic not processed by QFP)
Intended for out of band router access—has SW support for rate limiting but that takes CPU cycles to drop packets
Don‟t connect to the „outside‟ world
Must be configured in dedicated VRF
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 31
TFTP Package to the RP from ROMMON
Once you‟ve the image in the directory, you need to log onto RP0 and “set” the following variables within the ROMMON (Note: In ASR1000 RP, there is no RxBoot environment, ROMMON is basically beefed up to support TFTP etc.):
rommon 2 > setBOOT_PARAM=root=/dev/ram rw console=ttyS1,9600 max_loop=36 ?=0IP_SUBNET_MASK=255.255.0.0TFTP_SERVER=2.8.54.2TFTP_FILE=mcpude_12_18.binDEFAULT_GATEWAY=2.1.0.1IP_ADDRESS=2.1.35.52
Connect the GE Mgmt port on the RP0 to your GW vlan (so that it can access the TFTP server where the “consolidated” package is located)
Once done, you need to issue the following command at ROMMON:
Boot tftp:
Image will be transferred directly to the RP DRAM for execution
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 32
Configuring RP First Time for File Transfers, and Normal Operation
First thing that you will notice here is the default definition of “Mgmt-intf” VRF (as usual this is case-sensitive), which includes RP Mgmt. Gi0 port
Router#sh ip vrf interfaces
Interface IP-Address VRF Protocol
Gi0 unassigned Mgmt-intf up
Assign the Gi0 interface an IP address, and set the default route in the VRF
ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 <gateway_ip_address>
Set the TFTP source interface to Gi0 for file transfers:
ip tftp source-interface gigabitEthernet 0
While transferring images to the RP, you can use bootflash: (1GB—recommended) harddisk: (40GB—not recommended) for file storage and subsequent booting
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 33
Configuring Management Ethernet
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
...
ip domain name vrf Mgmt-intf cisco.com
ip name-server vrf Mgmt-intf 171.70.168.183
ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 172.27.55.129
...
interface GigabitEthernet0
vrf forwarding Mgmt-intf
ip address 172.27.55.210 255.255.255.128
speed auto
duplex auto
negotiation auto
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 34
ASR File System Specifics
All media shows up as type „disk‟ regardless of type of media (SATA disk, USB flash, etc)
harddisk: and bootflash: always formatted as ext2
External usb0:, usb1: can be formatted as FAT16, FAT32, or ext2
No support for multiple partitions at this time—only first partition on each device is visible
fsck supported for all file system types; /automatic is implicit
IOS does not control these devices directly (ie, no flash driver in IOS, no SATA driver in IOS—Linux has the drivers, does the mount/umount under the covers)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 35
show and debug platform CLIs
asr1000#show platform hardware qfp active statistics drop | e
_0_
--------------------------------------------------------------
--
Global Drop Stats Packets
Octets
--------------------------------------------------------------
--
asr1002-1#show platform hardware qfp active statistics drop
--------------------------------------------------------------
--
Global Drop Stats Packets
Octets
--------------------------------------------------------------
--
AttnInvalidSpid 0 0
BadDistFifo 0 0
BadIpChecksum 0 0
BadLen 0 0
BadUidbIdx 0 0
BadUidbSubIdx 0 0
BqsOor 0 0
ChoiceOce 0 0
Disabled 0 0
Discard 0 0
Erspan 0 0
<snip>
asr1002-1#sh platform hardware qfp active datapath
utilization
CPP 0 5 secs 1 min 5 min 60
min
Input: Priority (pps) 0 0 0
0
(bps) 0 0 0
0
Non-Priority (pps) 1 1 1
1
(bps) 36 89 89
89
Total (pps) 1 1 1
1
(bps) 36 89 89
89
Output: Priority (pps) 0 0 0
0
(bps) 0 0 0
0
Non-Priority (pps) 1 1 1
1
(bps) 345 230 230
230
Total (pps) 1 1 1
1
(bps) 345 230 230
230
Processing: Load (pct) 0 0 0
0
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 36
Platform Shell
Used when there is not enough information from the IOS CLI
Fully functional shell as „root‟—you can see/break everything from here
Shell session is recorded and send to syslog when done
“platform shell” is to be enabled for shell access
asr1000#request platform software system shell r0
Activity within this shell can jeopardize the functioning of the
system.
Are you sure you want to continue? [y/n] y
2009/06/27 16:58:44 : Shell access was granted to user <anon>; Trace
file: , /harddisk/tracelogs/system_shell_R0.log.20090627165844
**********************************************************************
Activity within this shell can jeopardize the functioning
of the system.
Use this functionality only under supervision of Cisco Support.
Session will be logged to:
harddisk:tracelogs/system_shell_R0.log.20090627165844
**********************************************************************
Terminal type 'network' unknown. Assuming vt100
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 37
Core dumps, Crashinfo
Core dumps for all processes (IOS, cmand, fman_rp, …) and kernel all get written to harddisk:core/
File name pattern:
<hostname>_<FRU type>_<unit>_<process>_<time>.core.gz
IOSd generates crashinfo files into bootflash: when it crashes—like other IOS based platforms
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 38
Simplified Image Selection
IP
Base-K9
IP Base
Advanced IP
Services-K9
AIS
Advanced Enterprise
Services-K9
AES
SSH
Advanced
Security
Features
Advanced
Security
Features
Cisco IOS Software in ASR 1000
SSH
SSH
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 39
Cisco IOS XE Images for Enterprise and Managed Services/CPE
Cisco ASR1000 Series RP1 Advanced Enterprise
Services w/o Crypto(SASR1R1-AES)
• Broadband
• L2 & L3 VPN
• MPLS
• IPv6
• ATOM, VPLS
• PfR
• Multicast
• SBC
•Legacy – IPX, Appletalk, DecNet, etc
• BGP, EIGRP, ISIS, OSPF, RIP
• ACL
• HSRP/VRRP
• NAT
• HA: BFD, ISSU
• Netflow
• QoS, WCCPv2
Cisco ASR1000 Series IP Base
(SASR1R1-IPBK9)
• BGP, EIGRP, ISIS, OSPF, RIP
• ACL
• HSRP/VRRP
• HA: BFD, ISSU
• NAT
• Netflow
• QoS, WCCPv2
• IPv6 (rls5)
•SSL, SSH
Cisco ASR1000 Series IP Base w/o Crypto
(SASR1R1-IPB)
• BGP, EIGRP, ISIS, OSPF, RIP
• ACL
• HSRP/VRRP
• HA: BFD, ISSU
• NAT
• Netflow
• QoS, WCCPv2
• IPv6 (rls5)
• SW Redundancy
• SBC
• IPSec
• Firewall
• Flexible Packet Inspection
Cisco ASR 1000 Series Feature Licenses
Optional FeaturesCisco ASR1000 Series
RP1 Advanced Enterprise Services
(SASR1R1-AESK9)
•SSL, SSH
• Broadband
• L2 & L3 VPN
• MPLS
• IPv6
• ATOM, VPLS
• PfR
• Security, LI
• Multicast
• SBC
•Legacy – IPX, Appletalk, DecNet, etc
• BGP, EIGRP, ISIS, OSPF, RIP
• ACL
• HSRP/VRRP
• NAT
• HA: BFD, ISSU
• Netflow
• QoS, WCCPv2
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 40
What Is a Consolidated Package?
It‟s basically a monolithic image presented as one binary file (asr1000rp1-adventprisek9.bin)
Easiest way of managing system, esp. for customers migrating off of 7200/7300
Functionally identical to a system booted from discrete sub-packages
There are four variants of consolidate packages: IP-BASE, IP-BASEK9, AIS-K9, and AES-K9
Booted via “boot <media>: asr1000rp1-adventprisek9.bin”
Naming of the file is under full control of the user
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 41
What Is a sub-package?
It‟s an isolated binary and can be managed separately
There are types and instances; total of 7 types of packages
Each package type is installed only once, but there can be many instances (e.g., 4 in case of SPA per SIP)
packages.conf (provisioning file) contains the software set description
Booted via “boot <media>:packages.conf”
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 42
Cisco ASR 1000 Software Packaging
Each functional element of ASR 1000 will support different modular software packages
In total, 7 different software packages will be available
The packages are designed to maximize the „In Service Software Upgrade‟ capability
At every release of ASR 1000 software, all 7 components will be integrated and available as one software package for download from CCO
RP
RPBase: RP OS
RPControl: Control Plane processes that
interface between IOS and the rest of the
platform
RPIOS
RPAccess: Software required for Router access;
2 versions will be available. One that
contains open SSH & SSL and one without
(RPAccess and RPAccess-K9)
SIP
SIPBase: SIP OS + Control processes
SIPSPA: SPA drivers and FPD (SPA FPGA
image)
ESP
ESPBase: ESP OS + Control processes + CPP
client/driver/ucode
+ ROM Monitor: One ROM Monitor package
containing ROMMON for RP, ESP, SIP
(released when needed)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 43
packages.conf
This file provides description and dictates the provisioning of sub-packages for the RP
This must be in the same directory as the other sub-packages file (being referenced from .conf)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 44
rp_base
This file contains Linux kernel in the same directory as the other sub-packages file (being references from .conf)
This is booted via packages.conf
This requires a restart if installed via “issu” command
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 45
rp_ios
This file contains IOS
This requires a restart if installed via “issu” command on a single IOS mode
With Dual IOS (2/4 RU) or 6RU chassis, this can be upgraded without reboot
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 46
rp_control
This file contains all the middleware processes
This can be installed on all chassis types (2/4/6 RU), or dual IOS without restart
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 47
rp_access
This file contains external ssh, telnet and webUI support
There are two variants of this package (crypto, non-crypto), which corresponds to the rp_ios package included
This can be installed on all chassis types (2/4/6 RU), single or dual IOS without restart
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 48
esp_base
This file contains all software for the ESP
This package requires reboot upon completion of the given ESP; hence causes interruption of the traffic for chassis with single ESP (1002-F/1002/1004)
On a 6RU chassis, this will result in a rolling upgrade (i.e., ESP-standby will get upgraded first and then become active)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 49
sip_base
This file contains all software for the SIP except the SPA drivers
This can be installed on all chassis types (2/4/6 RU), single or dual IOS without affecting system RP/ESP
Upon completion of installation, it does cause reboot of the given SIP, hence loss of traffic for the SPAs housed by it
The loss of user traffic can be avoided using GEC across SIPs
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 50
sip_spa
This file contains SPA drivers and FPD images
There are four independent instances of SPA drivers running on each SIP
This package can be installed without a reboot; upon reboot only the traffic going through the given SPA will be affected
The loss of user traffic can be avoided using GEC across SPAs
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 51
ISSU and Utility CLIs
Describe (to get more information for the package)
Snapshot (to extract packages from RP DRAM)
Expand (to extract packages from a consolidated file)
Issu loadversion (loading the package)
Issu runversion (running the package)
Issu acceptversion (accepting the package)
Issu abortversion (aborting the package)
Issu commitversion (committing the package)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 52
ASR 1000 – Redundancy Support Summary
Software Module SW Redundancy (ASR100X*) ISSU (ASR 1006 / ASR 1013)
RPBase This contains the underlying Linux kernel so cannot be upgraded ―in service‖
Requires reboot
The standby RP in the 6RU chassis may be upgraded and then switched over to active mode ―in service‖
Requires RP (IOS) switchover; No transit packet loss
RPControl Can be upgraded ―in service‖
No transit packet loss
Can be upgraded ―in service‖ on both active RP and standby RP
No transit packet loss
RPAccess Can be upgraded ―in service‖
No transit packet loss
Can be upgraded ―in service‖ on both active RP and standby RP
No transit packet loss
RPIOS Can be upgraded ―in service‖ if the system is running in ―dual mode‖
Requires IOS switchover; No transit packet loss
Can be upgraded on standby RP and switched over to active in service.
Requires RP (IOS) switchover; No transit packet loss
ESPBase Upgrade causes complete loss of local state (eg: Stats, Stateful FW/NAT) on the ESP and is service affecting.
Forwarding Interruption until upgrade is completed. Router is still accessible. No reboot required
Upgrade causes complete loss of local state (eg: Stats, Stateful FW/NAT) on the ESP being upgraded and will result in a small traffic interruption in redundant 6RU systems when switching to the standby ESP
Minimal transit packet Interruption - < 50ms; no RP switchover
SIPSPA SIPSPA upgraded from the active RP cause the specific SPA to completely reboot and is service affecting that specific SPA. SPA can be upgraded one at a time so only the upgraded SPA is affected during the upgrade.
Hitless for other SPAs not being upgraded
SIPSPA upgraded from the active RP cause the specific SPA to completely reboot and is service affecting that specific SPA. SPA can be upgraded one at a time so only the upgraded SPA is affected during the upgrade
Hitless for other SPAs not being upgraded
SIPBase Upgrades cause complete loss of local state on the affected SIP, however other SIP (4RU) is unaffected by this activity.
Hitless for other SIP (4RU) not being upgraded
Upgrades cause complete loss of local state on the affected SIP, however other SIPs are unaffected by this activity.
Hitless for other SIPs not being upgraded
*X=1001/1002/1004
Borderless Network Architectures
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 54
WAN
Internet
Application and Network IntersectionBorderless Routing Infrastructure
Enterprise
Private Cloud
Regional Office
Branch Office
Cloud Providers
Iaas/PaaS
SaaS
Remote Workers
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 55
Branch/ WAN Aggregation
Use Case Wan links oversubscribed
Business Critical Applications
competing for bandwidth
Network Solution Providing the network operator a
mechanism to better manage
bandwidth on the WAN links, in
accordance with business
priority. Support all types of
WAN physical and sub-
interfaces – including VRF
awareness
Benefits Significant saving and low
complexity vs. stand-alone
traffic-managers
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 56
Enterprise Secure WAN
Use Case WAN links oversubscribed
Business Critical Applications
competing for bandwidth
Network Solution Providing the network operator a
mechanism to better manage
bandwidth over VPN IP
transport, in accordance with
business priority. Support for
Application Visibility and QoS
using NBAR2 on p2p GRE/GRE
w/ IPSec and sVTI interfaces
Benefits Significant saving and low
complexity vs. stand-alone
traffic-managers
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 57
Internet Edge
Use Case Internet connection oversubscribed
No visibility on applications consuming
bandwidth
No ability to route to multiple Internet
connection based on application
Network
Solution
Providing the network operator a
mechanism to better manage bandwidth
on the Internet interconnect, in
accordance with business priority
Benefits Significant saving and low
complexity vs. stand-alone traffic-
managers
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 58
Cloud EdgeUse Case Cloud connection oversubscribed
No visibility on applications consuming
bandwidth
No visibility on Application Performance
No ability to route to multiple Cloud providers
based on application/ user
No Cloud SLAs
Network Solution Providing the Network operator a mechanism to
better manage bandwidth on the PE routers and
provide per customer reports
Providing the enterprise customer application
visibility, and ability to route on a per
application and per user basis to different
providers
Benefits Significant saving and complexity vs.
stand-alone traffic-managers
Oracle CRM
Google Apps
Salesforce
Internet
HQ
QFP
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 59
Agenda
Cisco ASR1000 Series Routers
Introduction to ASR1000
Hardware Architecture
Software Architecture
Borderless Network Architectures
Cisco ASR1000 Interfaces, Modules
Cisco Shared Port Adapters (SPA)
Q&A
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 60
Ethernet SPAs
Speed Ports Interface Form Factor
FE 4 and 8 TX Half Height
GE 2, 5, 8 SFP Half Height
GE 10 SFP Full Height
10GE 1 XFP Half Height
10GE WAN PHY 1 XFP Half Height
Detailed SPA/SFP support matrix: http://tinyurl.com/mvpgm2
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 61
Serial/Channelized SPAs
Speed Ports Interface Form Factor Details
Low Speed Serial (4XT)
4 Copper Half HeightTransporting some synchronous legacy protocols (such as X.25)
over an IP network
Channelized T1/E1
8 Copper Half HeightClear Channel and Up to 256 DSO
Independent HDLC Channels
Clear Channel T3/E3
2 and 4 Copper Half Height
Full Duplex, Full Rate and Sub Rate Support
Integrated DSUs
Channelized T3 2 and 4 Copper Half Height
Up to 112 T1 Ports (28 T1 Multiplexed onto a Single T3)
Up to 1024 NxDSO Channels (N=1-24) or 400 with T3 Config
Channelized OC-3/STM-1
1 SFP Half Height
Up to 84 T1 or 63 E1 Ports
Up to 1024 NxDSO Channels (N=1-24) or 400 with T3 Config
Detailed SPA/SFP support matrix: http://tinyurl.com/mvpgm2
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 62
POS/ATM SPAs
Speed Ports Interface Form Factor
OC-3/STM-1
POS2, 4, 8 SFP Half Height
OC-12/STM-4
POS1, 2, 4, 8 SFP Half Height
OC-48/STM-4
POS 2,4 SFP Half Height
OC3/STM1 ATM 1,3,8 SFP Half Height
OC12/STM4 ATM 1 SFP Full Height
CHOC12/DS0 1 SFP Full Height
OC192-POS 1 XFP Full Height
Detailed SPA/SFP support matrix: http://tinyurl.com/mvpgm2
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 63
POS/ATM SPAs
Speed Ports Interface Form Factor
OC3 Circuit Emulation - ATM
1 SFP Half Height
CHT3 Circuit Emulation - ATM
2 SFP Half Height
CHT1 Circuit Emulation - ATM
24 SFP Half Height
Detailed SPA/SFP support matrix: http://tinyurl.com/mvpgm2
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 64
Session Summary
Cisco ASR1000 is a flagship IP routing and services platform with bandwidth ranging from 2.5G to 40G
ASR1000 consists of three major components, namely RP (control plane), ESP (data plane), and SIP (I/O plane)
ASR1000 allows you to deploy highly available, secure BN architectures including Enterprise/Cloud/Internet Edge, and Regional/Branch WAN
ASR1000 is future ready, giving you the flexibility and service richness to meet your NGN requirements
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 65
Recommended Reading
Continue your Cisco Live learning experience with further reading from Cisco Press
Check the Recommended Reading flyer for suggested books
Available On Safari Books Online
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 66
Complete Your Online Session Evaluation
Give us your feedback andyou could win fabulous prizes. Winners announced daily
Receive 20 Cisco Preferred Access points for each session evaluation you complete
Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center
Don‟t forget to activate your Cisco Live
and Networkers Virtual account for access
to all session materials, communities, and
on-demand and live activities throughout
the year. Activate your account at any internet
station or visit www.ciscolivevirtual.com.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 67
ASR1000 Testing Reports
Miercom Phase I: http://tinyurl.com/c2eoeh
Miercom Phase II: http://tinyurl.com/m3t7vq
ISOCORE Phase I: http://tinyurl.com/65xtqh
ISOCORE Phase II: http://tinyurl.com/kmc89b
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 68
Questions
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 69
Thank you.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 70
Glossary
AAA Authentication, authorization and Accounting DSLAM Digital subscriber Line Access Multiplexer
ACL Access Control List DST Destination
ACT Active; referring to ESP or RP in an ASR 1006 EF Expedited Forwarding (see also DSCP)
AF1 Assured Forwarding Per Hop behaviour class 1 EOBC Ethernet out-of-band control channel on the ASR 1000
AF2 Assured Forwarding Per Hop behaviour class 2 ESI Enhanced SerDes Interface
AF3 Assured Forwarding Per Hop behaviour class 3 ESP Embedded Services Processor on the ASR 1000
AF4 Assured Forwarding Per Hop behaviour class 4 FECP Forwarding Engine (ESP) Control Processor
ALG Application Layer Gateway FH Full Hight (SPA)
ASR As in ASR1000; Aggregation Services Router FIB Forwarding Information Base
B2B Business to Business in the context of WebEx or Telepresence FM Forwarding Manager
BB Broadband FPM Flexible Packet Matching
BGP Border Gateway Protocol FR-DE Frame Relay Discard Eligible
BITS Building Integrated Timing Supply FW Firewall
BNG Broadband Network Gateway GigE Gigabit Ethernet
BQS Buffer, Queuing and Scheduling chip on the QFP GRE Generic Route Encapsulation
BRAS Broadband remote Access Server HA High Availability
BW Bandwidth HDTV High Definition TV
CAC Connection Admission Control HH Half-hight (SPA)
CCO Cisco Connection Online (www.cisco.com) HQF Hierarchical Queuing Framework
CDR Call Detail Records H-QoS Hierarchical Quality of Service
CF Checkpointing Facility HW hardware
CLI Command Line Interface I2C Inter-Integrated Circuit
CM Chassis Manager IOCP input output Control Processor
CPE Customer Premise Equipment IOS XE Internet Operating system XE (on the ASR 1000)
CPU Central Processing Unit IPC Inter-process communication
CRC Cyclic Redundancy Check IPS Intrusion Prevention System
Ctrl Control ISG Intelligent Services Gateay
DBE Data Border Element (in Session Border Controller) ISP Internet Service Provider
DMVPN Dynamic Multipoint Virtual Private Network ISSU In-service software upgrade
DPI Deep Packet Inspection L2TP CC Layer 2 Transport Protocol Control connection
DSCP Diffserv Code Point (see also AF, EF) LAC L2TP access concentrator
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicPresentation_ID 71
Glossary
LNS L2TP network Server RACS Resource and admission control subsystem
MFIB Multicast FIB RA-MPLS Remote access into MPLS
mGRE multipoint GRE RF redundancy facility (see also CF)
MPLS Multiprotocol label switching RIB routing information base
MPLS-EXP MPLS Exp bits in the MPLS header RP Route processor
MPV Video RP1 1st generation RP on the ASR 1000
MQC Modular QoS CLI RP2 2nd generation RP on the ASR 1000
mVPN multicast VPN RR Route reflector
NAPT Network address port translation RU rack unit
NAT network address translation SBC session border controller
NBAR network based application recognition SBE signalling border element (of an SBC)
Nr receive sequence number (field in TCP header) SBY standby
Ns send sequence number (field in TCP header) SDTV standard definition TV (see also HDTV)
NSF non-stop forwardign SIP Session initiation protocol
OBFL on board failure logging SPA shared port adapter
OIR online insertion and removal SPA SPI SPA Serial Peripheral Interface
OLT optical line termination SPV Video
P1 Priority 1 queue SRC Source
P2 priority 2 queue SSL Secure Socket Layer
PAL Platform Adaption layer (middleware in the ASR 1000) SSO stateful switch over
PE Provider Edge SW software
POST Power on self test TC traffic class (field in the IPv6 header)
POTS Plain old telephony system TCAM Ternary content addressable memory
PQ priority queue TOS Type of service (field in the IPv4 header)
PSTN public switched telephone network VAI virtual access interface
PTA PPP termination and aggregation VLAN virtual local area network
PWR power VOD video on demand
QFP Quantum Flow Processor VTI virtual tunnel interface
QFP-PPE QFP packet Processing elements WAN wide area network
QFP-TM QFP traffic Manager (see also BQS) WRED weighted random early discard
QoS Quality of Service