Professional Documents
Culture Documents
ASR1000 System and Solution Architecture
ASR1000 System and Solution Architecture
BRKARC-2001
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Glossary
AAA Authentication, authorization and Accounting DSLAM Digital subscriber Line Access Multiplexer
ACL Access Control List DST Destination
ACT Active; referring to ESP or RP in an ASR 1006 EF Expedited Forwarding (see also DSCP)
AF1 Assured Forwarding Per Hop behaviour class 1 EOBC Ethernet out-of-band control channel on the ASR 1000
AF2 Assured Forwarding Per Hop behaviour class 2 ESI Enhanced SerDes Interface
AF3 Assured Forwarding Per Hop behaviour class 3 ESP Embedded Services Processor on the ASR 1000
AF4 Assured Forwarding Per Hop behaviour class 4 FECP Forwarding Engine (ESP) Control Processor
ALG Application Layer Gateway FH Full Height (SPA)
ASR As in ASR1000; Aggregation Services Router FIB Forwarding Information Base
B2B Business to Business in the context of WebEx or Telepresence FM Forwarding Manager
BB Broadband FPM Flexible Packet Matching
BGP Border Gateway Protocol FR-DE Frame Relay Discard Eligible
BITS Building Integrated Timing Supply FW Firewall
BNG Broadband Network Gateway GigE Gigabit Ethernet
BQS Buffer, Queuing and Scheduling chip on the QFP GRE Generic Route Encapsulation
BRAS Broadband remote Access Server HA High Availability
BW Bandwidth HDTV High Definition TV
CAC Connection Admission Control HH Half-height (SPA)
CCO Cisco Connection Online (www.cisco.com) HQF Hierarchical Queuing Framework
CDR Call Detail Records H-QoS Hierarchical Quality of Service
CF Checkpointing Facility HW hardware
CLI Command Line Interface I2C Inter-Integrated Circuit
CM Chassis Manager IOCP input output Control Processor
CPE Customer Premise Equipment IOS XE Internet Operating system XE (on the ASR 1000)
CPU Central Processing Unit IPC Inter-process communication
CRC Cyclic Redundancy Check IPS Intrusion Prevention System
Ctrl Control ISG Intelligent Services Gateway
DBE Data Border Element (in Session Border Controller) ISP Internet Service Provider
DMVPN Dynamic Multipoint Virtual Private Network ISSU In-service software upgrade
DPI Deep Packet Inspection L2TP CC Layer 2 Transport Protocol Control connection
DSCP Diffserv Code Point (see also AF, EF) LAC L2TP access concentrator
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Glossary
LNS L2TP network Server QoS Quality of Service
MFIB Multicast FIB RACS Resource and admission control subsystem
mGRE multipoint GRE RA-MPLS Remote access into MPLS
MPLS Multiprotocol label switching RF redundancy facility (see also CF)
MPLS-
EXP MPLS Exp bits in the MPLS header RIB routing information base
MPV Video RP Route processor
MQC Modular QoS CLI RP1 1st generation RP on the ASR 1000
mVPN multicast VPN RP2 2nd generation RP on the ASR 1000
NAPT Network address port translation RR Route reflector
NAT network address translation RU rack unit
NBAR network based application recognition SBC session border controller
Nr receive sequence number (field in TCP header) SBE signaling border element (of an SBC)
Ns send sequence number (field in TCP header) SBY standby
Nr receive sequence number (field in TCP header) SDTV standard definition TV (see also HDTV)
NF Netflow
NSF non-stop forwarding SIP Session initiation protocol
OBFL on board failure logging SPA shared port adapter
OIR online insertion and removal SPA SPI SPA Serial Peripheral Interface
OLT optical line termination SPV Video
P1 Priority 1 queue SRC Source
P2 priority 2 queue SSL Secure Socket Layer
PAL Platform Adaption layer (middleware in the ASR 1000) SSO stateful switch over
PE Provider Edge SW software
POST Power on self test TC traffic class (field in the IPv6 header)
POTS Plain old telephony system TCAM Ternary content addressable memory
PQ priority queue TOS Type of service (field in the IPv4 header)
PSTN public switched telephone network VAI virtual access interface
PTA PPP termination and aggregation VLAN virtual local area network
PWR power VOD video on demand
QFP Quantum Flow Processor VTI virtual tunnel interface
QFP-PPE QFP packet Processing elements WAN wide area network
QFP-TM QFP traffic Manager (see also BQS) WRED weighted random early discard
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Key Next Generation Cloud Services
ASR1000 Integrated Services Router
Application
Performance Services
(AVP, PfR)
6
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda
Introducing the ASR1000
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
INTRODUCING ASR1000
Introducing Cisco ASR 1000 Series Routers
Compact, Business-Critical Instant On
Powerful Router Resiliency Service Delivery
Line-rate performance 2.5G to Fully separated control and Integrated firewall, VPN,
100G+ with services enabled forwarding planes encryption, NBAR, CUBE
Hardware based QoS engine Hardware and software Scalable on-chip service
with 128K queues redundancy provisioning through
Investment protection with software licensing
In-service software
modular engines, IOS CLI upgrades
and SPAs for I/O
One IOS-XE Feature Set
ASR 1013
ASR 1001 ASR 1002 ASR 1004 ASR 1006
ASR 1000
200G per Slot
Carrier Ethernet
7200 Series + BNG
40G per Slot
IP RAN
Carrier Ethernet
L2/L3 VPNs
IP RAN
20 – 360GB Per System Vidmon
SBC/VoIP
ISR Series Broadband
Broadband
Route Reflector
Vidmon (Video Monitoring)
Distributed PE
Hosted Firewall
IP Sec
SBC/VoIP
DPI
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
ASR 1000 in Service Provider IP Next Generation
Network
Mobile Subscriber Access &
Edge ISP
Aggregation
Wireless
WiMAX Peering
WAG
LNS
BNG
Business
A Wireline IPSec
RR IP/MPLS Core
CPE
Corporate
DSLAM
PE
xDSL
OLT
Residence
xPON SBC
VOD TV SIP
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Enterprise Deployment Scenarios
Mobile Subscriber
Secure WAN Aggregation DCI
Data Centre
WAN Aggregation DCI Peering
IPSec
High Business Internet Gateway
End A Internet
Internet
Branch IPSec
Edge
Corporate CPE
IPSec
Residence
Secure WAN Cloud
Cloud Provider
HGW Cloud
Svcs
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
ASR1000 SYSTEM ARCHITECTURE
ASR 1000 Series Building Blocks
Interconn. Interconn. Two ESIs between ESPs and to every card in the
system
Passive Midplane Additional full set of ESI links to/from standby ESP (not
shown)
SPA IOCP SPA IOCP SPA IOCP ESP-10G: 1 x 11.5G ESI to each SIP slot
Agg. Agg. Agg.
ESP-20G: 2 x 11.5G ESI to two SIP slots; 1 x 11.5G to
third SIP slot
SPA … SPA SPA … SPA SPA … SPA
ESI, (Enhanced Serdes) 11.5Gbps ESP-40G: 2 x 23G ESI to all SIP slots
SPA-SPI, 11.2Gbps
HyperTransport, 10Gbps
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
ASR 1000 Control Plane Links
Ethernet out-of-band Channel (EOBC) Forwarding Route Route Forwarding
– Run between ALL components Processor Processor Processor Processor
(active) (active) (Standby) (Standby)
– Indication if cards are installed and ready
– Loading images, stats collection FECP FECP
RP RP
– State information exchange for
L2 or L3 Protocols
QFP QFP
I2C Crypto
assist
subsys-
tem
Crypto
assist
subsys-
tem
– Monitor health of hardware components
– Control resets Interconn. Interconn.
ASR1000 Systems
g ASR 1001 ASR 1002 ASR 1002-X ASR 1004 ASR 1006 ASR 1013
Height 1.75” (1RU) 3.5” (2RU) 3.5” (2RU) 7” (4RU) 10.5” (6RU) 22.7” (13RU)
Bandwidth 2.5 to 5 Gbps 5 to 10 Gbps 5 to 36 Gbps 10 to 40 Gbps 10 to 100 Gbps 40-100+ Gbps
Maximum
400W 470W 470W 765W 1275W 3200W
Output Power
Airflow Front to back Front to back Front to back Front to back Front to back Front to back
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
ASR1000 Building Blocks: Under the Hood
ASR1000 Series SPA Interface Processor
SIP10 and SIP40
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
SIP40 Block Diagram
To RPs RPs RPs
ESI Links: ESPs
2x 20G to each ESP
(2x10G for SIP10)
Card Output
Infrastructure reference Input reference
clocks clocks
Egress
IO Control Ingress Buffer
Memory
(IOCP) Scheduler Status
Ingress
Buffers (per
port)
HW-based
Network
3-priority Ingress clocks
Chassis
Scheduler Strict, Mgmt. Bus
classifier
C2W
Min, Excess
SIP10: Min, Excess
only
RPs RPs 4 4 4 SPAs 4 SPAs 4 SPAs
Enhanced Classifier
(PPP, HDLC, ATM, SPAs SPAs GE, 1Gbps ESI, 11.5 or 23Gbps
I2C SPA-SPI, 11.2Gbps
FR) SPA Control Hypertransport, 10Gbps
SPA Bus Other
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
For Your
Shared Port Adapters (SPA) and SFPs Reference
First Generation
– 1.5GHz PowerPC architecture
– Up to 4GB IOS Memory
– 1GB Bootflash
RP1
– 33MB NVRAM
– 40GB Hard Drive
HDD Enclosure
Second Generation:
– 2.66Ghz Intel dual-core architecture
– 64-bit IOS XE
– Up to 16GB IOS Memory
– 2GB Bootflash (eUSB)
– 33MB NVRAM
– Hot swappable 80GB Hard Drive RP2
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
ASR 1000 Route Processor Architecture
Highly Scalable Control Plane Processor
Manages all chassis functions
Runs IOS—with over 2500 features!
System Logging
Not a traffic interface!
Core Dumps
Mgmt only
160GB HDD (optional) & 40GB HDD and External 80GB HDD and External
Storage External USB
External USB USB USB
Cisco IOS XE
64 bit 64 bit 32 bit 64 bit
Operating System
ASR1002 (integrated),
Integrated in Integrated in ASR1004, ASR1006, and
Chassis Support ASR1004, and
ASR1001 chassis ASR1002-X chassis ASR1013
ASR1006
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Embedded Services Processors (ESP)
Scalable Bandwidth from 5Gbps to 100Gbps+
Interconnect providing data path links (ESI) to/from other cards over
midplane
–Transports traffic into and out of the Cisco Quantum
Flow Processor (QFP)
–Input scheduler for allocating QFP BW among ESIs
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
ASR 1000 Forwarding Processor
Quantum Flow Processor Drives Integrated Services & Scalability
• Class/Policy Maps: QoS, DPI, FW • QoS Mark/Police • FW hash tables
• ACL/ACE storage • NAT sessions • Per session data
• IPSec Security Association class groups, classes, rules • IPSec SA (FW, NAT, Netflow,
• NAT Tables • Netflow Cache SBC)
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Embedded Services Processors
ESP 100G and Future ESP200G
NSA NSA
“Suite-B” “Suite-B”
Total Bandwidth • 100 Gbps Total Bandwidth • 200 Gbps
Security Security
Performance • Up to 32 Mpps Performance • Up to 64 Mpps
QuantumFlow Processors • 2 QuantumFlow Processors • 4
- Resource Memory • 2 x 2 GB - Resource Memory • 4 x 2 GB
- TCAM • 1 x 80 Mb • 2 x 80 Mb
- TCAM
• 2 x 512 MB • 4 x 512 MB
- Packet Buffer - Packet Buffer
Control CPU • Dual-core CPU Control CPU • Dual-core CPU
- Frequency • 1.73 GHz - Frequency • 1.73 GHz
- Memory • 16 GB - Memory • 32 GB
Broadband • Up to 58 K sessions Broadband • Up to 128 K sessions
QoS • Up to 232 K queues QoS • Up to 464 K queues
IPSec Bandwidth (1400 B) • 25 Gbps IPSec Bandwidth (1400 B) • 50 Gbps
FW/NAT • 6 M sessions FW/NAT • 13 M sessions
Chassis • ASR 1006, ASR 1013 Chassis • ASR 1013
Route Processor • RP2 + Future Route Processor • RP2 + Future
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
ESP-100 Block Diagram
TCAM4
Pkt Buffer
(1x80Mbit) Resource Pkt Buffer Resource
DRAM (512MB)
DRAM (512MB) DRAM (2GB)
DRAM (2GB)
Memory
FECP
(Dual-Core) Dispatcher/Pkt
Dispatcher/Pkt
Buffer
Boot Flash Buffer
(OBFL, …)
Chassis Mgmt
Bus Crypto
Memory Interconnect
ASR 1000
RPs RPs SIPs
ESP RPs
ESI, 11.5 & 23 Gbps
System BW
Interlaken 69 Gbps (69 Gbps Each)
GE, 1Gbps PCIe
I2C Other
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Embedded Services Processors (ESP) For Your
Reference
System
2.5Gbps 5Gbps 10Gbps 20Gbps 5/10/20/ 36Gbps 40Gbps 100Gbps
Bandwidth
Performance 3Mpps 8Mpps 17Mpps 24Mpps 30Mpps 24Mpps 59Mpps
Clock Rate 900 MHz 900 MHz 900 MHz 1.2 GHz 1.2 GHz 1.2 GHz 1.5 GHz
Crypto Engine
1Gbps 1.8Gbps 4.4Gbps 8.5Gbps 4Gbps 11Gbps 29Gbps
BW (1400 bytes)
QFP Resource
256MB 256MB 512MB 1GB 1GB 1GB 4GB
Memory
Packet Buffer 64MB 64MB 128MB 256MB 512MB 256MB 1GB
Dual core 1.73
Control CPU 800 MHz 800 MHz 800 MHz 1.2 GHz 2.13 GHz 1.8 GHz
GHz
Control Memory 1GB 1GB 2GB 4GB 4/8/16GB 8GB 16GB
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Cisco Quantum Flow Processor
ASR1000 Series Innovation
QFP Chip Set
• Five year design and continued evolution – now on 3nd generation
• Massively parallel, 64 multi-threaded cores; 4 threads per core
• QFP Architecture designed to scale to >100Gbit/sec
• 256 processes available to handle traffic
Cisco QFP
• High-priority traffic is prioritised Packet Processor
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Third Generation QFP Details
Used on ASR1002-X, ESP-100 and Beyond
3rd Gen QFP integrates both the PPE engine and the Traffic manager
– 64 PPEs
– 116K queues per 3rd gen QFP ASIC (128K queues for previous QFP)
– But 3rd gen QFP can be latched together, so ESP 100 has total of 232K queues
1 single height SPA slot for I/O connectivity and 4 built-in GE ASR1001-4XT3 (no E3 support)
ports + optional daughter card ASR1001-8XCHT1E1
High Availability: Dual Power Supply with SW redundancy ASR1001-4X1GE
support
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
ASR1001 Block Diagram
Mgmt Console
TCAM4
(10Mbit) Resource Pkt Buffer Temp
ENET and Aux
Route Processor
DRAM Part Len/ Sensor USB
BW DRAM
(512MB) (128MB) BW SRAM
Power (Built-in)
Upgradeable Ctlr
RP2-Class Route
ESP-10 Processor pool EEPROM
PPE0
PPE0
PPE0
PPE1
PPE0
PPE0
PPE0
PPE2 PPE0
PPE0
PPE0
PPE3
PPE0
PPE0
PPE0
PPE4 QFP Processor
CPU 4G/8G/16G
PPE0
PPE0
PPE0
PPE0
PPE0
PPE0
PPE6 … PPE0
PPE0
PPE0 Buffer, queue,
Buffer,Buffer, queue, (BQS) Memory
Memory Options
PPE5 PPE40 queue, schedule
schedule(BQS)
(BQS) nvram
schedule CPU (2.13 Ghz Dual
Core) Bootdisk
Dispatcher SDRAM
/Pkt Buffer MiniDIMM
No Network Sync
Boot Flash
Crypto
(OBFL, …) Capability (BITs, etc)
JTAG Ctrl
SA table
DRAM Soft Upgradeable BW
ESP: 2.5G, 5G
Interconnect
Ingress Egress
…
Schedul
er
Buffer
Status … Built-in 4x1GE SPA
Ingress
SPA Egress
Buffers Aggregation Buffers
(per port) ASIC (per port)
Ingress
classifier
4x1GE
Modular I/O via SPA
SIP-10 SPA
And IDC
ASR1001 (Built-in) IDC*
SPA
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
New!
ASR1002-X Available Now!
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
ASR 1002-X Block Diagram Integrated Control Plane
- Quad Core CPU
ASR1002-X
TCAM4 Pkt Buffer Temp
2nd Generation QFP: (10Mbit)
Resource
DRAM DRAM Part Len/
BW
Sensor
Power Ctlr
USB
Mgmt
ENET
Console
and Aux
Hard disk
(512MB) (128MB)
40 Gbps Forwarding SRAM
EEPROM
Processor pool
and Feature PPE0
PPE0
PPE0
PPE0
PPE0
PPE0
PPE2 PPE0
PPE0
PPE0
PPE0
PPE0
PPE0
PPE4 QFP
PPE1 PPE3
processing CPU
Memory
PPE0
PPE0
PPE0
PPE5
PPE0
PPE0
PPE0
PPE6 … PPE0
PPE0
PPE0
PPE40
Buffer,
Buffer, queue,
queue, schedule
schedule (BQS)
(BQS)
SDRAM
CPU
nvram
MiniDIMM
Dispatcher/Pk (2.13GHz Quad-Core)
t Buffer Boot Flash
Bootdisk
(OBFL, …)
Stratum-3 Network
clock circuit
New Octeon II JTAG Ctrl
- 4G Crypto
- 8G capable
- Suite-B Crypto Interconnect Interconnect
SA table Timing/Syn
DRAM
GE GE GE GE GE GE c
BITS, GPS
SPA SPA
PCIe
SPA Control
SPA Bus
I/L 69Gbps Integrated SIP-40
11.Gbps
Other
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
ASR 1000 Fixed Ethernet Linecards
Fixed Line Card replacing SIPs and SPAs
IOS XE 3.10
Bandwidth up to 40Gbps (July 2013)
ASR 1000 2x10G+20xGE fixed linecard
Three Variants • 2x10GE+20x1GE (Mid CY13) Key Features • All Ethernet related features currently
• 40x1GE –(Future) supported on GE / 10GE SPAs on ASR1k
• 4x10GE –(Future)
• SyncE
Chassis • ASR1004,ASR1006,ASR1013 • IEEE 1588
• Y.1731
RP • RP2
• 40 Gbps BW
ESP • ESP40/100/200 • No SIP needed
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
ASR 1000 System Oversubscription
Key Oversubscription Points
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
For Your
Max. Bandwidth
Chassis SPA to SIP SIP to ESP I/O to ESP
ESP Version SIP Version SIP Slots Bandwidth per on ESP
Version Oversubscription Oversubscription Oversubscription
IP Slot (Gbps) (Gbps)
Example:
ASR 1001 ESP2.5 n.a. n.a. n.a. 2:1 2.5 5.6:1 5.6:1
ASR 4x10G SPAs max
ESP5 n.a. n.a. n.a. 4:1 5 6.8:1 6.8:1 1 per SIP
1001/ASR1002
ESP10 n.a. n.a. n.a. 4:1 10 3.4:1 3.4:1
ASR 1002-X ESP40 SIP40 n.a. n.a. 9:10 36 1:1 9:10
ASR 1004 ESP10 SIP10 2 10 4:1 10 2:1 8:1 2 3 SIPs max per ESP
ESP20 SIP10 2 10 4:1 20 1:1 4:1
ESP40 SIP10 2 10 4:1 40 1:2 4:1 12x10G SPAs max
ASR 1006 ESP10 SIP10 3 10 1 4:1 10 2 3:1 3 12:1 3 per ESP
ESP20 SIP10 3 10 4:1 20 3:2 6:1
ESP40 SIP 10 3 10 4:1 40 3:4 4:1
ESP40 SIP 40 3 40 1:1 40 3:1 3:1
ESP100 SIP40 3 40 1:1 100 6:5 6:5
ASR 1013 ESP40 SIP10 6 10 4:1 40 3:2 6:1
Slots 1, 2, 3,
40 1:1
ESP40 SIP40 4 40 9:2 6:1
Slots 5, 6 10 4:1
ESP100 SIP40 6 40 1:1 100 12:5 12:5
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
SOFTWARE ARCHITECTURE
Software Architecture–IOS XE
Route Processor
IOS XE = IOS + IOS XE Middleware + Platform
IOS IOS
Software. Not a new OS!
(Active) (Standby)
Operational Consistency—same look and feel as
IOS Router IOS XE Platform Adaptation Layer (PAL)
Chassis Forwarding
Manager Manager
IOS runs as its own Linux process for control
plane (Routing, SNMP, CLI etc.) Capable of 64- Kernel
bit operation
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
ASR 1000 Software Architecture
• Initialization and boot of RP Processes
• Detects OIR of other cards and coordinates initialization
• Manages system/card status, Environmentals, Power ctl, EOBC
RP
• Runs Control Plane CPU
Chassis Mgr.
• Generates configurations IOS Forwarding Mgr.
• Populates and maintains routing tables (RIB, FIB…)
SPA Agg.
independently Kernel (incl. utilities)
• Failure or upgrade of driver does not affect other SPAs in same or
different SIPs SPA SPA
…
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Control Plane Process Communication
RP
CPU
Chassis Mgr.
IOS Forwarding Mgr.
Interconn.
QFP subsys-tem
Interconn.
QFP
code
Interconn. OIR / Chassis
Crypto assist messages
Forwarding SIP
IOCP
Control Interconn. SPSP
Chassis Mgr.
A ASP
messages dridriASPA
ver drive
dri
ver
SPA ver r
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Software Sub-packages
RP CPU
Chassis Mgr. 4
2
IOS 3
SSL/SSH
Forwarding Mgr.
1. RPBase: RP OS Interface Mgr.
Why?: Upgrading of the OS will require reload to the RP and 1
expect minimal changes Kernel (incl. utilities)
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
ASR 1000 IOS XE Release Process
Software Lifecycle as of IOS XE 3.7
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
Month #
S1 S2 S3 S4 S5 S6 S7 PSIRT
IOS Legend
15.2(4)S
IOS XE 3.7S Initial CCO
Standard throttle
S1 S2 PSIRT rebuild
Extended
IOS 15.3(1)S throttle rebuild
IOS XE 3.8 S
Platform
Optional
S1 S2 PSIRT PSIRT
IOS 15.3(2)S
IOS XE 3.9 S
S1 S2 S3 S4 S5 S6 S7 PSIRT
IOS 15.3(3)S
IOS XE 3.10S
Standard maintenance
Frequency of Extended Frequency of Length of Standard Maintenance Length of Extended Maintenance Extended Maintenance
rebuild Interval
Maintenance Branches Releases Branch Branch Rebuild Interval (months)
(months)
Every 12 months 4 months 6 months 3 48 months 3-3-3-3-6-6-6
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Packet Flows – Data Plane
Data Packet Flow: From SPA Through SIP
ESPs
– Finished
Dispatcher/
Pkt Buffer 4. Packet released from on-chip memory
to Traffic Manager (Queued)
5. The Traffic Manager schedules which traffic to send to
which SIP interface (or RP or Crypto Chip) based on
priority and what is configured in MQC
Interconnect 6. SIP can independently backpressure ESP via ESI control
message to pace the packet transfer if overloaded
ESI, 11.2Gbps
SPA-SPI, 11.2Gbps
Hypertransport, 10Gbps
SIP-10
BRKARC-2001
Data Other
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
Data Packet Flow: Through SIP to SPA
Data
ESPs
1. Interconnect receives packet data over ESI from
the active ESP at up to 46 Gbps
Interconn.
2. SPA Aggregation ASIC receives the packet and
writes it to external egress buffer memory
Interconnect Interconnect
3.Port rate limiting & weighting 5 Cisco 6 Cisco
QFP QFP
for forwarding to ESP
Interconnect Interconnect
4.Advanced classification
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
ASR 1000 ESP QoS
QFP Processing
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
ASR 1000 QoS
The QFP Traffic Manager (BQS) performs all packet scheduling decisions.
Cisco QFP Traffic Manager implements a 3 parameter scheduler which gives advanced
flexibility. Only 2 parameters can be configured at any level (min/max or max/excess)
– Minimum - bandwidth
– Excess - bandwidth remaining
– Maximum - shape
Priority propagation (via minimum) ensures that high priority packets are forwarded first
without loss
Packet memory is one large pool. Interfaces do not reserve a specific amount of packet
memory.
Out of resources memory exhaustion conditions
– Non-priority user data dropped at 85% packet memory utilization
– Priority user data dropped at 97% packet memory utilization
– Selected IOS control plane packets and internal control packets only dropped at 100% memory utilization
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
For Your
Reference
show plat hard qfp active stat drop all | inc BqsOor
– This gives a counter which shows if any packets have been dropped because of packet
buffer memory exhaustion.
show plat hard qfp active infra bqs status
– Gives metrics on how many active queues and schedules are in use. Also gives
statistics on QFP QoS hierarchies that are under transition.
show plat hard qfp active bqs 0 packet-buffer util
– Gives metrics on current utilization of packet buffer memory
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
ASR 1000 QoS
Level3 “Class”
Queuing Highlights queues
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
ASR 1000 QoS
Classification and Marking
Classification
– IPv4 precedence/DSCP, IPv6 precedence/DSCP, MPLS EXP, FR-DE, ACL, packet-
length, ATM CLP, COS, inner/outer COS (QinQ), vlan, input-interface, qos-group,
discard-class
– QFP is assisted in hardware by TCAM
Marking
– IPv4 precedence/DSCP, IPv6 precedence/DSCP, MPLS EXP, FR-DE, discard-class,
qos-group, ATM CLP, COS, inner/outer COS
Enhanced match and marker stats may be enabled with a global configuration
option
– platform qos marker-statistics
– platform qos match-statistics per-filter
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
ASR 1000 Policing and Congestion Avoidance
Policing
WRED
– 1R2C – 1 rate 2 color
– precedence (implicit MPLS EXP),
– 1R3C – 1 rate 3 color dscp, and discard-class based
– 2R2C – 2 rate 2 color – ECN marking
– 2R3C – 2 rate 3 color – byte, packet, and time based CLI
– color blind and aware in XE 3.2 and – packet based configurations
higher software limited to exponential constant
supports RFC 2697 and RFC 2698 values 1 through 6
– explicit rate and percent based – dedicated WRED block in QFP
configuration hardware
– dedicated policer block in QFP
hardware
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
IPSEC ON ASR1000
ESP-100 and ASR1002-X NextGen Encryption
Introduces Improved Octeon-II Crypto Processor
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
ASR 1000 Forwarding Processor
IPSec Processing is done with Crypto Co-processor Assist
SPA-SPI, 11.2Gbps
Hypertransport, 10Gbps
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
ASR 1000 IPSec Software Architecture For Your
Reference
Function Partitioning
RP
CPU
Chassis Mgr.
• Creation of IPSec Security Associations (SA)
• IKE Control Plane (IKE negogiation, expiry, tunnel IOS Forwarding Mgr.
setup)
Kernel Kernel
(incl. utilities)
(incl. utilities)
• Communicates FIB status to active & standby ESP (or
bulk-download state info in case of restart)
Interconn.
SPA SPA
…
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
For Your
Reference
Encryption Throughput
1.8/1 Gbps 1.8/1 Gbps 4/2.5 Gbps 7/6 Gbps 11/7 Gbps 29/16 Gbps
(Max/IMIX)
VRFs (RP2/RP1) 4,000 1,000 4,000 / 1,000 4,000 / 1,000 4,000 / 1,000 4,000 / 8,000
Total Tunnels
4,000 4,000 4,000 8,000 8,000 8,000
(Site to Site IPSec) *
Tunnel Setup Rate w/ RP2
130 N/A 130 130 130 130
(IPSec, per sec)
Tunnel Setup Rate w/ RP1
NA 90 90 90 90 90
(IPSec, per sec)
DMVPN / BGP Adjacencies
3000 3000 3000 3000 3000 4000
(RP2/RP1, 5 routes per peer)
IOS XE also provides full support for Network Resiliency SPA SPA SPA SPA SPA SPA
Kernel Kernel
Other software crashes (example: SIP or ESP)
cannot benefit from Software redundancy SPA Interface Processor Embedded Services
Processor
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
ASR 1006 High Availability Infrastructure
Infrastructure for Stateful Redundancy
RPact RPsby
Non-HA-Aware IOSact IOSsby Non-HA-Aware
Application Application Provides hitless or
Config
MLD
Config
MLD
near hitless
CF CF switchover
…
…
CEF
I Interconnect
I CEF
Used for
Mcast IPC Message Qs P IPC and P IPC Message Qs Mcast
Driver/Media
Layer
C Check-
pointing
C Driver/Media
Layer
Reliable IPC
RF RF
IDB State Update Msg IDB State Update Msg
transport used for
MFIB FIB RIB IDB MRIB RT
synchronization
IDB
FMRP
MFIB FIB
FMRP
HA operates in a
similar manner to
ESPact ESPsby
other protocols on
the ASR 1000
FMESP QFP Client FMESP QFP Client
SPAs
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
ASR 1000 In-Service Software Upgrade
Ability to perform upgrade of the IOS image on RP Portability - installing & configuring
the single-engine systems hardware that are physically not present in
the chassis
Support for software downgrade
This allows the user to configure an RP in
“In Service” component upgrades (SIP-Base, one system i.e. a 4RU and then move it to
SIP-SPA, ESP-Base) without requiring reboot another system i.e. a fully populated 6RU
to the system
One-shot ISSU procedure available for H/W
Hitless upgrade of some software packages redundant platforms
Software Release
3.1.0 3.1.1 3.1.2 3.2.1 3.2.2
From \ To
3.1.0 N/A SSO Tested SSO SSO via 3.1.2 SSO via 3.1.2
3.1.1 SSO Tested N/A SSO Tested SSO via 3.1.2 SSO via 3.1.2
3.2.1 SSO via 3.1.2 SSO via 3.1.2 SSO Tested N/A SSO Tested
3.2.2 SSO via 3.1.2 SSO via 3.1.2 SSO Tested SSO Tested N/A
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
OPERATIONS & PERFORMANCE
RP2/ESP40 Feature Impact Performance
IPv4 Feature Performance Impact RP2/ESP40
50
45
40
Gbps or MPPS
35
30
25
20
15
10
0
76 132 260 516 1028 1518
Base Mpps ACL Mpps QoS Mpps uRPF Mpps NF Mpps Combined Mpps
Pkt Size (Bytes)
Base Gbps ACL Gbps QoS Gbps uRPF Gbps NF Gbps Combined Gbps
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
Latency Performance Example
3500
Latency (us - Min)
Latency (us -
(microseconds)
Max)
Latency in us
2500
2000
Max – 1.1-1.4ms
1500
Avg – 50-55us
1000
Min – 25us
500
0
90 91 92 93 94 95 96 97 98 99 100
Percentage Load
75%
75%
85%
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
Example: QFP TCAM Utilization
QFP TCAM usage can be found in following command:
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
Which Features Use the TCAM?
TCAM Definition Ternary Content-Addressable Memory is designed for rapid, hardware- For Your
based table lookups of Layer 3 and Layer 4 information. In the TCAM, a Reference
single lookup provides all Layer 2 and Layer 3 forwarding information.
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
Save Your TCAM!
Strategies to Optimize your TCAM Usage
Old Method: 15 TCAM Entries
Avoid use of “Deny” action ACL Entries as ip access-list extended ACL_User1
10 permit ip any 62.6.69.88 0.0.0.7
ip access-list extended ACL_User2
10 permit ip any 62.6.69.88 0.0.0.7
this will cause TCAM entry explosion! 20 permit ip 62.6.69.88 0.0.0.7 any
30 permit ip any 62.6.69.112 0.0.0.15
20 permit ip 62.6.69.88 0.0.0.7 any
30 permit ip any 62.6.69.112 0.0.0.15
40 permit ip 62.6.69.112 0.0.0.15 any 40 permit ip 62.6.69.112 0.0.0.15 any
Deny will be converted to equivalent set 50 permit ip any 62.6.69.128 0.0.0.15 50 permit ip any 62.6.69.128 0.0.0.15
interface
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
ASR1000 APPLICATIONS
ASR1000 Network Applications
Routing, PE, Broadband, WiFi Secure WAN and PE
• IPv4 / IPv6 Routing, Transition • IPSec VPN – DES, 3DES, AES-128-GCM
• BGP, RIP, IS-IS, OSPF, Static routes • DMVPN, GETVPN, FLEXVPN
• GRE, MPLSoGRE, EoMPLSoGREoIPSec, 2700+ Features! • VRF-lite, MPLS-VPN, over DMVPN
ATMoMPLS
• Secure VPLS
• MPLS L3 VPN
• IOS Zone-based Firewall, many ALGs
• L2VPN (ATM, Circuit Emulation)
• Carrier Grade NAT
• VPLS, H-VPLS PE; Carrier Ethernet
Services • VRF-aware
GETVPN PE E-P
Campus-PE
mGRE
VRF-lite, Group Key Mgmt, Compliance-mode GRE
Tunnels IP
Cipher&Hash selection, Key Server Servic
e
DMVPN E-PE
E-PE E-PE
EasyVPN
VRF-lite over DMVPN MPLS
Dynamic Crypto Map Campus
or MAN
RR
NHRP
Site-to-Site and Flex VPN mGRE Server
E-PE
Branch LAN
per
IKEv2 VRF
IP
FlexVPN Multi
-VRF
Service
CE
GRE+IPSec
Multi-
VRF CE
VRF-aware IPSec Remote
Branches
NSA Suite-B Cryptography
80
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
ASR1000 Unified Communications Applications
Session Border Controller Medianet
• Cisco Unified Border Element (ENT) • Performance aware statistics based on
(CUBE(ENT)) media traffic analysis
• Full trunk-side SBC functionality • Packet loss, Jitter, Delay for media flows
• Session Mgmt, Demarcation, Security,
• Media trace (traceroute for mediaflows)
Interworking
• Connect CUCM to SIP trunks • Class Specific threshold crossing alerts
• Connect 3rd party IP BPX to SIP trunks • Netflow and SNMP/MIB based reporting
• DSP-based transcoding up to 9000 calls • Compatible with Cisco Media architecture
with DSP SPA module; Noise cancellation. and equipment
• Hi density Media forking
• UC Service API Routing Baseline
• 3rd Party API for call control • IPv4 / IPv6 Routing, Transition
• SRTP Encryption HW (ESP) - Hi density • BGP, RIP, IS-IS, OSPF, Static routes
SRTP calls
• MPLS L3 VPN, L2VPN, GRE, IPSec
• Line Side SBC functionality for voice
endpoints • VPLS, H-VPLS PE; Carrier Ethernet Services
Perf. Collection
Identify Applications Management Tool Control
and Exporting
DPI Engine (NBAR2) ISR G2 and ASR Collect Cisco Prime Infrastructure Use QoS and PfR to
Identifies Applications Application Bandwidth and Advanced Reporting Tool Control Application
Using L7 Signatures Response Time Metrics, Aggregates and Reports Network Usage to
1000+ applications and Export to Application Performance Improve Application
supported today Management Tool Performance
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
Next Generation NBAR (NBAR2)
Deep Packet Inspection (DPI)
Number of Applications HTTP URI
Supported
1200
HTTP Browser
1000+ Hostname Type
1000
800
600 NBAR1
400 NBAR2
200
0
NBAR1 NBAR2
More than 1000 applications support and Field Extraction – collect application
growing specific information in addition to
identify applications
Categorization to simplify application
management Sub-port Classification – match
parameters of the applications
In-service signature update through
Protocol Pack
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Application-Aware QoS
class-map match-all business-critical
match protocol citrix Application BW Priority
match access-group 101 Committed BW
Business-Critical Committed 50% High (50% of the Line)
policy-map my-network-policy
class business-critical
priority
police percent 50
class browsing
bandwidth remaining percent 30
service-policy internal-browsing-policy Browsing: Remaining:
30% of Excess BW 70% of Excess BW
interface Serial0/0/0 (= 15% of the Line) (= 35% of Line)
service-policy output my-network-policy
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
What is Really in Your Network?
Port Application
Monitoring Monitoring
HTTP?
UNKNOWN?
HTTPS
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Introducing Performance Routing (PfR)
Intelligent Path Control
Email Path
PfR MCs
Video Path
Internet
ASR1K DMVPN Branch
ISR G2 PfR
ASR1K
MC/BR
Email VMs
PfR BRs
SP A ASR1K
Headquarter MPLS
ASR1K SP B
ASR1K GETVPN
Master Controller (MC) MPLS
Border Router (BR) GETVPN
Optimize by:
WAN1 WAN2
Reachability, Delay, Loss, Jitter, MOS,
Throughput, Load, and/or $Cost
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
Performance Routing – The Journey …
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Enterprise WAN Use Case HQ
Blackout and Brownout
Voice - Video
Problem Statement: Critical Application
MC
– Recent carrier routing problem cause a network outage Rest of the Traffic
(Blackout).
– Fluctuating performance over the WAN is causing
intermittent application problems (Brownout) BR BR
The Rest of the
Voice, Video,
– Secondary/Backup WAN path under utilized Critical Traffic
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
AppNav for WAN Optimization
Deep Dive: TECAPP-2001 Inserting and Scaling Virtual and Physical Network Services
WAAS Deployment Challenges Today
WAN
Mask Value Result
Branch office1
CPU/SUP utilization
Branch Office2 00:00:03:00 00:00:00:00 WAE-1
TCAM Entries
Branch Office3 00:00:03:00 00:00:01:00 WAE-2
00:00:03:00 00:00:02:00 WAE-3
Redirect ACL
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
AppNav Addresses the Challenges
Previous
Path
Application Affinity Custom
Persistence Affinity Rules
WAN WAAS
WAAS I/O Device
Load Status
WEB Apps WAAS
Exchange WAAS Traffic
Optimization
Load
WAVE Load
WAVE
AppNav
WAAS High
High
Availability
vWAAS Availability
vWAAS
Region 1 Region 2
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
AppNav Components
AppNav Controllers (ANC)
• Provides service aware flow distribution,
WAAS Node Groups (WNG) to direct traffic to the WAAS Nodes within
the cluster.
• Group of up to 32 WNGs per
cluster.
• Each WNG services a set of AppNav Controller Groups (ANCGs)
traffic flows identified by AppNav • Group of up to 8 ANCs per cluster
policies
• All ANCs in an ANCG share flow state
• Any current WAAS appliance information, for handling of asymmetric
version 5.0 and above can be a traffic and HA conditions
WN, including WAAS appliances
and vWAAS.
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
Example DC Deployment: WAN Edge with VRF
Branch 1
10.1.1.1 (VRF B)
WAAS
Service Node Group
Branch 2
ASR1000 vWAAS
ISR WAN Edge
VRF A
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 97
HQoS for WAN Traffic Optimization
Optimized WAN Aggregation
Bandwidth
Branch # 1 / Dept # 2 or Site # needs to be
1 / Customer # 1 Headend should not overflow
shared here
outbound this limited bandwidth AND
between dept share between departments AND
/ customers. Prioritize Voice and/or Cloud
CIFS WAAS Exchg ERP / CRM
Application traffic.
IPSec
Aggregator
QFP
CPE
ASR1K
Branch #
1 / Dept # ASR1K
1
Internet / IP VPN Firewall
CPE
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 99
ASR 1000 Traffic Manager Queue Hierarchies
Gig0/0/0
VLAN / Tunnel
$$ / CAC
Hierarchy
Best Effort
Hierarchy
…
SIP
VLAN / Tunnel
$$ / CAC ESI BW
Hierarchy 10/40
Gbps
Best Effort
Hierarchy
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
Policies Aggregation Example: No CAC
• New IOS Feature (only on ASR1000 series)
That Allows You to Apply Policies Together policy-map Branch/Dept1 (VLAN100)
Flexibly class class-default fragment ALL-P
bandwidth remaining ratio 24
service-policy ALL-CHILD
Policy-map main-interface (local)
policy-map ALL-CHILD
Class data service-fragment class EF
ALL-P priority This queue is shaped at
class AF4 main interface
shape average 40 Mbps
LINKED
bandwidth remaining ratio 25
class AF41
bandwidth remaining ratio 15
class class-default
bandwidth remaining ratio 50
policy-map ALL-CHILD
class EF
priority
class AF4
bandwidth remaining ratio 25
class AF41
bandwidth remaining ratio 15
Cisco.com: class class-default
bandwidth remaining ratio 50
http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/qos_policies_agg_ps9587_TSD_Prod
ucts_Configuration_Guide_Chapter.html
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
Policies Aggregation Example : with CAC
policy-map AF1plusDefault
class AF1
bandwidth percent 35
LINKED
class class-default
bandwidth percent 65
policy-map AF1plusDefault
class AF1
bandwidth percent 35
class class-default
Cisco.com: http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/qos_ bandwidth percent 65
policies_agg_ps9587_TSD_Products_Configuration_Guide_Chapter.html
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 102
Medianet
Lab: LTREVT-2300 Enterprise Medianet: Video Applications and Network Design Lab:A
What is Medianet?
Medianet is:
• An architecture for successful deployment of multiple media and business applications
Medianet solutions:
• Include compliant products and features in both Smart Endpoints/Applications and Smart Network
Infrastructure
• DO NOT REQUIRE an entirely end-to-end Cisco network with medianet enabled in every hop
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
ASR1000 Medianet Features
Performance Monitor – Detects voice/video issues and reports to Cisco Prime
– RTP, TCP and IP-CBR traffic
– A la carte metric selection (loss, latency, jitter etc.)
– Fault isolation and network span validation
– Thresholding and action triggering (Alarms, SNMP traps, Syslog); Netflow-based metrics
MediaTrace – collects information from multiple routers along the media path
– Like traceroute for Media! Can also be requested by a remote device.
– Discover & query medianet capable nodes along path at L2 and L3
– Gather key resource, interface and flow Performance Monitor stats
– Consolidate information on a single-screen: what I/F is dropping packets? where is DSCP getting reset?
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
Medianet Metadata Integration
Putting it all Together
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
WiFi Aggregation with Mobile Core Integration
WiFi Subscriber Aggregation
Enabling Roaming and Wholesale Services with iWAG MNO Home Network
Policy
HLR OCS PCRF CG
F
AP
Portal DHCP AAA
WLC
WLC
AP Roaming Internet Services
Partner Core
AP
iWAG
Optional
GGSN
Public/Large NAT Retailer
Venue Providers
AP/CPE
Home Internet Services
Network
Core
Wholesale Provider
Community
WiFi
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 108
Intelligent WiFi Access Gateway
Common Subscriber Management and Routing Functions
IP Aggregation support:
– DHCP Server and Relay capability
– Support for routed and switched access networks
– Efficient solution for IP control-plane to Mobile network control plane interworking – i.e. link model mediation
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 109
SUMMARY
Summary and Key Takeaways
ASR 1000 is Cisco’s strategic next-generation Midrange router leveraging powerful hardware
capabilities of QFP
Horsepower of 64 Cisco 7200 on a single chip; State-of-the-art QoS in hardware
Rich IOS feature set protecting your investment in training and experience
ASR 1000 is positioned for both Service Provider and Enterprise Architectures
SP: Broadband Network Gateway,Wifi Offload, PE, Manage CPE,
Enterprise: WAN aggregation / optimization, Unified Communications
ASR 1000 enables reduction in network edge complexity by
Enabling single-platform consolidated PoP / Edge architectures
Integrating advanced services without additional hardware blades
(SBC, NBAR, IPSec, Firewall, BNG, PE etc)
Reduction in power consumption through integration of feature
ASR1000 is designed with High-Availability in mind
Fully redundant forwarding and control processors; backplane
Fault tolerant SW architecture with process restart-ability and protected memory architecture
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 111
Complete Your Online Session Evaluation
Give us your feedback and
you could win fabulous prizes.
Winners announced daily.
Receive 20 Cisco Daily Challenge
points for each session evaluation
you complete.
Complete your session evaluation
online now through either the mobile
app or internet kiosk stations.
Maximize your Cisco Live experience with your
free Cisco Live 365 account. Download session
PDFs, view sessions on-demand and participate in
live activities throughout the year. Click the Enter
Cisco Live 365 button in your Cisco Live portal to
log in.
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
RP1/ESP5 Feature Impact Performance
IPv4 Feature Performance Impact RP1/ESP10
10
8
Gbps or MPPS
0
76 132 260 516 1028 1518
Base Mpps ACL Mpps QoS Mpps uRPF Mpps NF Mpps Combined Mpps Pkt Size (Bytes)
Base Gbps ACL Gbps QoS Gbps uRPF Gbps NF Gbps Combined Gbps
Individual features have small impact with small packet sizes (76B)
Individual features have no impact at large packet sizes (above 260B)
QFP has excellent behavior even with combined features for larger packet sizes!
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 114
ASR1002-X Performance Summary
NDR with features 30
NDR by traffic Type
30
25 25
20 20
Mpps
Mpps
15 15
10 10
5 5
0 0
Base ACL uRPF Netflow FW NAT AVC IPv4 Unicast IPv6 Unicast IPv4 Multicast IPv6 Multicast
ASR1002-X-36G 28 25 25 19 15 10 6 ASR1002-X-36G 28 20 17 15
ESP Type Encryption VRFs Total Tunnels DMVPN w/ DMVPN w/ DMVPN w/ Easy Firewall
Throughput Tunnel Setup Rate BGP Adj (5 EIGRP Adj (5 OSPF Adj (5 VPN + Sessions
(IMIX/MAX) s routes/peer) routes/peer) routes/peer) dVTI
ASR1001 1.8/1 Gbps 1000 4000 130cps 3500 3500 1000 2000 250K
BRKARC-2001 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 115