#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Embracing SDN in the Next Gen Network
1. 1Cisco Public
Embracing SDN in the Next Gen Network
Introduction and Use Cases Moving SDN Beyond the Hype
Craig Hill
Distinguished Systems Engineer
U.S. Federal, CCIE #1628
crhill@cisco.com
@Netwrkr95
C-MUG – Columbia, MD
June 17, 2015
2. 6Cisco Public
Virtualization = explosion in Objects
Cost per Object must Agility must Operations mustAdapt
Evolving choices in abstraction
Easy ButtonGUICLI API
50%+ of outages from mis-config
Speed to activation too slow
Mechanization of logic in CCIE brains
Peering of Controller
& Network Element
Intelligence
3. 7Cisco Public
The target of SDN?
…to “Automate” and “Simplify”
the centralized provisioning
administration of the
network…
5. 9Cisco Public
Traditional Control Plane
Architecture
(Distributed)
• Control plane is tightly coupled to the network device
• Minimal application programmability of network devices (CLI, SNMP,
NETCONF)
• EX: Cisco Routers, Catalyst L2/L3 switches, Nexus switches, etc…
Application
Distributed Control Plane
Data Plane
Centralized Control Plane
APIs
6. 10Cisco Public
• Control plane is centralized
• Control plane abstracted from the forwarding HW
• Communications channel exists between control plane and forwarding
HW (OpenFlow agent on device)
• EX: OpenFlow Model (controller, agent on network element)
Application
Distributed Control Plane
Data Plane
Centralized Control Plane
APIs
SDN Control Plane Architecture
(Centralized)
OpenFlow
7. 12Cisco Public
Hybrid Control Plane Models
Application
Distributed Control Plane
Data Plane
Centralized Control Plane
APIs
Applications
Network Devices:
On-Box Control Plane
Centralize When Needed, Default
Distributed Control Plane for All Else
Source: ONF Hybrid WG
9. 14Cisco Public
Hybrid Control Plane Models
• Utilizes existing distributed and central control plane
• Leverage existing routing innovations and services (IP/MPLS, TE,
convergence, LISP…) with benefits of a “controller” for tighter
applications integration to the network
• DC may leverage overlay’s (VXLAN) while still leveraging an
intelligent underlay (analytics, fast convergence, dynamic LB, etc…)
Application
Distributed Control Plane
Data Plane
Centralized Control Plane
APIs
Applications
Network Middleware
Network Devices:
On-Box Control Plane
Centralize When Needed, Default
Distributed Control Plane for All Else
Source: ONF Hybrid WG
• Campus, Branch Controller (APIC-EM)
• WAN Orchestration Controller
• NFV Orchestration Engine
• Policy Controller (APIC) for ACI
10. 15Cisco Public
ACI (N9K,UCS,FW,LB,IPS)
Data Center
APIC
EM
ISR/ASR1K Router, Catalyst
Switch
Enterprise Network
ASR9K,CRS, NCS6k/4k/2k
WAE
on
ODL
APIs
Deployer
Collector
SP WAN
VNF VM, Orchestration
(vCPE,vPE,vFW,vIPS)
NFV
vCPE vFW vIPS
Customer Business Oriented Applications
• Focus is on specific
campus applications on
Cisco HW
• SSH into platform
• Focus is on self-
deployed IP/MPLS
WAN
• ODL, open standard
protocols
• Focus is providing NFV
orchestration (vMS)
• Targeting SP like
agencies
• Streamlined use cases
• Focus is on private DC
and cloud deployments
• Lead DC solution,
integration with UCS,
eco-system
11. 17Cisco Public
• Target all areas of customer functions and networks
• Data Center (Enterprise & SP), Enterprise (WAN, Campus), SP and/or large Enterprise WAN, SP Cloud offerings
• Programmability and open API’s, orchestration, virtualization, rapid provisioning and automation
ACI (N9K,UCS,FW,LB,IPS)
Data Center
APIC
EM
ISR/ASR1K Router, Catalyst
Switch
Ent Network
ASR9K,CRS, NCS6k/4k/2k
WAE
APIs
Deployer
Collector
SP WAN
VNF VM
(vCPE,vPE,vFW,vIPS)
NFV
vCPE vFW vIPS
Customer Business Oriented Applications
12. 21Cisco Public
Cisco APIC Enterprise Module Architecture
Cisco APIC Enterprise Module
Cisco and Third Party Applications
Network Devices
Catalyst, ASR, ISR
Network Info
Database
Policy
Infrastructure
Automation
REST API
Southbound Interface: CLI
Security QoS IWAN Network PnP
Masking Network Complexity, Exposing Network Intelligence
.
1. Cisco Visualization Application a.k.a UI
2. Cisco Applications for specific solutions:
• IWAN
• Network PnP
• Collaboration
• Security (integration w/ ISE)
• QoS, etc…
3. DevNet Community
4. Customer developed (internal to org)
Application Eco System for APIC-EM
14. 23Cisco Public
• Target all areas of customer functions and networks
• Data Center (Enterprise & SP), Enterprise (WAN, Campus), SP and/or large Enterprise WAN, SP Cloud offerings
• Programmability and open API’s, orchestration, virtualization, rapid provisioning and automation
ACI (N9K,UCS,FW,LB,IPS)
Data Center
APIC
EM
ISR/ASR1K Router, Catalyst
Switch
Ent Network
ASR9K,CRS, NCS6k/4k/2k
WAE
APIs
Deployer
Collector
SP WAN
VNF VM
(vCPE,vPE,vFW,vIPS)
NFV
vCPE vFW vIPS
Customer Business Oriented Applications
18. 27Cisco Public
Tightening the Engineering Cycle
Years/Months Weeks/Days Minutes/Seconds
Must Increase Service Velocity provisioning, Increase Link utilization, Limit Time to Deploy
19. 28Cisco Public
SDN WAN Orchestration Platform
• Application platform for placing traffic demands and
paths across an IP/MPLS WAN
• North-Bound API: Java/REST
• South-Bound (Bi-Directional): BGP-LS (update
link-state TO controller), stateful PCEP (programs
network elements FROM controller), NC/YANG
• Intelligent collector, planner, and optimizer engine
and can leverage “what if” exercises for load
placement
• Multi-vendor enabled & extensible
• Leverages OpenDaylight Infrastructure with “WAN
Orchestration” applications (uses REST to
controller)
Collector Programming
Application
Engine
WAN
Databases
MATE
Apps
Client
Apps
Cross Domain
Orchestration
APIs
IP/MPLS
Segment
RoutingMulti-
Layer
SDN WAN
BGP-LS
PCEP
configlet
20. 29Cisco Public
1 - Can I place this requested BW load
on my network?
2 - If I do, which link(s) is outside my
network capacity threshold?
WAN
IP/MPLS
Segment
RoutingMulti-
Layer
… In Real-Time!!!
21. 30Cisco Public
WAN Orchestration Framework
Example: Bandwidth Calendaring
WAN App
Program
NB API
WAN
R1
R2
R3
1
Data Center #1 Data Center #2
1. Network conditions reported to
collector consistently
2. WAN Orch pulls latest Plan File every 20
min from existing MATE Collector
3. Customer App requests DC #1 – DC #2
bandwidth at Future Date/Time (in app)
4. Demand admission response:
<R1-R3, B/W, Future Date/time>
5. Customer App confirms booking
6. Two hours prior to activation placement
APP applies config in Traffic Mgr (app)
7. Traffic Mgr programs the LSP on devices
8. LSP setup for traffic
3
4
8
30
Collector
2
6
Customer App
Congested
BGP-LS PCEP
5
7
23. 33Cisco Public
WAN Application
RESTful APIs
ProgrammingCollection
Use Case: Demand Admission & Placement
Problem:
Demand placement requirement must take
in account LOCATION as well as network
impact (link over-subscription)
Solution:
Application places demand on the suggested
path/location and the network remains healthy
leveraging under-subscribed links
BW
Demand
App
WAN
R1
R2
R3
Cloud Consumer
Customer Site
Content
Sites
Simple REST API
Hides Complexity;
Utilizes Infrastructure Intelligence
24. 35Cisco Public
WAN Application
RESTful APIs
ProgrammingCollection
Use Case: Bandwidth Scheduling (Calendaring)
Problem:
Provider’s customer has an “on demand”
need for nightly DC backup or to move
workloads
Solution:
After determining a best path, Platform
programs an LSP via PCEP.
WAN
R1
R2
R3Data Center #1 Data Center #2
Congested!!
Simple REST API
Enables Faster Solution without
Complexity
BW
Calendar
App
PCEP
26. 37Cisco Public
WAN Application
RESTful APIs
ProgrammingCollection
Use-Case: TE Load Balancing
Problem:
A customer needs to efficiently use expensive
BW links (EX: high cost links, perhaps trans-
oceanic) and must optimize usage.
Solution:
The most expensive network resources are
fully optimized by calculation assigning best
load share metrics using PCEP (extensions).
AS Foo
WAN
R1
TE Tunnel
Builder
App
REST API Enables Solution;
Hides Complexity
PCEP
27. 42Cisco Public
• Target all areas of customer functions and networks
• Data Center (Enterprise & SP), Enterprise (WAN, Campus), SP and/or large Enterprise WAN, SP Cloud offerings
• Programmability and open API’s, orchestration, virtualization, rapid provisioning and automation
ACI (N9K,UCS,FW,LB,IPS)
Data Center
APIC
EM
ISR/ASR1K Router, Catalyst
Switch
Ent Network
ASR9K,CRS, NCS6k/4k/2k
WAE
APIs
Deployer
Collector
SP WAN
VNF VM
(vCPE,vPE,vFW,vIPS)
NFV
vCPE vFW vIPS
Customer Business Oriented Applications
32. 47Cisco Public
Cisco NFV Orchestration Solution Architecture
Service Catalog
Network Service Orchestrator
VNF ManagerVirtual Topology System
RT-OSS or
Upper layer Orchestrator
REST API
Service Lifecycle
management
Service
Provisioning
DCI
Routing
Service
Routing
Address
Mgmt.
Openstack / Jcloud API
SystemManagement,HighAvailability
ServiceAssuranceFramework
Tenant 1
VNF1
Tenant 2
VNF1
VTF
VRF1 VRF2
Tenant 1
VNF2
Tenant 2
VNF2
VTF
VRF1 VRF2
Tenant 2
VNF3
Tenant 1
VM1
Tenant 2
VM1
VTF
VRF1 VRF2
DC gateway
VRF1
VRF2
SW Overlay
MPLSoGRE, L2TPv3, VXLAN
VM Orchestrator
Servers
RESTCONF/
YANG
MP-
BGP
EPN
SP WAN
VRF1
VRF2
End-User
CE2
CE1
Open Standards Based
33. 48Cisco Public
Cisco NFV Orchestration Solution - Multi-Tenant Service
Instantiation & Service Chaining
Customer 1
Wants FW, NAT
External WAN, access to
Cloud (IaaS, Storage,…)
SP Managed Service POD
SP Datacenter
Customer 2
Wants vCPE,
vFW, vWAAS
vFW NAT
vCPE vFW vWAAS
Customer service is instantiated as a virtual service in
the managed service POD. Multiple services combined
into a service chain
Multi-tenanted
service chains
Dynamic Services Composer
Service Orchestrator
DSC Services Controller DSC Network Controller
System
Management
and High
Availability
Internet/VPN
(Managed CPE)
Security
(Managed FW)
NAT WAAS
Managed Services
34. 52Cisco Public
Service Description
Virtual Managed Services
Using CSR, vASA to deliver managed services / managed security to
enterprise customers
Virtual CPE
Cloud based or on-prem virtual CPE to augment capabilities of
physical on-premise CPE
Virtual Private Cloud
Single-tier, 2-tier, 3-tier applications with optional NFV service
chaining for enterprise customers
Routing-as-a-service Using CSR to deliver routing/BNG as a cloud service
Hosted Collaboration Service
Integrating HCS provisioning with VPN configuration for single click
customer deployment
Virtualized Video Headend Cloud DVR, CDN/streaming as a service
Virtual PE Router Fully virtualized PE router delivered as an on demand cloud service
Virtual Wireless LAN
Controller, vWAAS, vNAM,
vSCE
Other Service VNFs that may be used to offer WLAN, DPI, NAM etc
as cloud based services
NFV Customer Use Cases
35. 53Cisco Public
SP SDN/Programmability Investment Focus
Consumer
Corporate
Aggregation Core
NAT
VM
Firewall
VM
SBC
VM
dDOS
VM
Virus Scan
VM
IPS
VM
DPI
VM
CGN
VM
Portal
VM
PCRF
VM
DNS
VM
DHCP
VM
BRAS
VM
SDN Ctrl.
VM
RaaS
VM
WLC
VM
WAAS
VM
CDN
VM
Caching
VM
NMS
VM
SP-cloudEdge
DC Core
Access
DCI
Internet
Wholesale
Business: Optimize time to qualify new IP services and reduce
TCO, plug and play services
Elements: NETCONF/YANG, Tail-F, NMS
Business: Monetize SP Core, MPLS Simplification, Maximize BW
utilisation
Elements: WAE, Open Daylight; PCEP, BGP-LS, SR
Business: DDoS Mitigation services
Elements: Scrubbers; BGP-Flowspec, Netflow
Business: NfV Managed Services, Virtual
Private Cloud
Elements: vPE/NSO; RESTCONF, YANG
Cloud Services
Orchestration
Infra/DDoS Security
EPN Agility: CarrierE/Optical Fast Provisioning
WAN Optimization
Business: Optimize DC Core and DC
Interconnect management
Elements: ACI, N9K, A9K
DCI automation
NfV
36. 59Cisco Public
Policy
(Application + Network + Security)
Expose Network Intelligence – Bi-Directionally
Services
Orchestration
Analytics
Applications
Network
Workflow and Intent
Programmability
Network
Intelligence,
Guidance
Statistics, States,
Objects and Events
Harvest Network
Intelligence, Telemetry,
and Events
Program for Optimized
Performance and
“Application Driven”
Control
37. 60Cisco Public
Science DMZ Reference
Implementation
Nexus 3K
Internet2/AL2S
Commodity
Internet
DMZ
Secure
Corporate
Networks
High-‐Throughput
Science
Networks
BGP
Null
Routes
Ac=ve
Blocking
DTN
Compute
Flow
No=fica=on
• Event Correlation
• Log Storage
• Auditing
• Analysis
Next
Genera=on
Firewall
• Commodity:
In-‐Line
• Internet
2:
In-‐Line
or
OOB
w/Steering
Campus
Corporate
DC
External
Services
ASR 1K ASR 9K
Nexus 9K
ASA 5585
BGP
REST API
Open DayLight
Controller
38. 61Cisco Public
Open platform for SDN app development
Single Northbound REST Interface
Multiple Southbound Interfaces
Cisco Open SDN Controller
39. 62Cisco Public
Use Case: Leverage Cisco OSC for “Event Driven”
Remote-Trigger Blackhole for DDoS Attacks in a Data
Center
1. Sensor solutions is built OOB so as
not to disrupt traffic flow.
2. Splunk is used for event-correlation
using events from SourceFire and
other security elements (IDS or FW
logs).
3. Splunk blocks traffic by making a
REST API call to the OSC
4. OSC responds for the block request
by using the NETCONF API in OSC,
applying a BGP null-route in the
ASR 9000 for those prefixes.
5. Optional: OSC can select traffic to
monitor via OpenFlow.
ASR 9K
SourceFire
OSC
Block
Mirrored
Traffic
Splunk
Alerts
REST
N3K “Tap”
N9K Core
LAN
WAN
C-OSC – Cisco Open SDN Controller
40. 63Cisco Public
“One-Click” install
• VMware ESXi and Oracle
Virtual Box hypervisor ready
Cisco Open SDN Controller 1.0
Pre-Installed Apps
• BGPLS Manager - visualizes
network topology from BGP
database
• Inventory – augmented
OpenDaylight “Nodes” app
identifies all connected devices
• (YANG) Model Explorer –
exposes system models and
previews JSON API body
• OpenFlow Manager –
manages, visualizes and
troubleshoots flows + previews
JSON API body
• PCEP Manager – creates,
modifies and deletes MPLS
LSPs
Centralized OA&M
§ Robust user, application
and feature administration
§ Status monitoring; system,
cluster, node
§ Event logging
§ Real-time CPU, memory,
disk, heap size, load and
network utilization metrics
42. 65Cisco Public
• Target all areas of customer functions and networks
• Data Center (Enterprise & SP), Enterprise (WAN, Campus), SP and/or large Enterprise WAN, SP Cloud offerings
• Programmability and open API’s, orchestration, virtualization, rapid provisioning and automation
ACI (N9K,UCS,FW,LB,IPS)
Data Center
APIC
EM
ISR/ASR1K Router, Catalyst
Switch
Ent Network
ASR9K,CRS, NCS6k/4k/2k
WAE
APIs
Deployer
Collector
SP WAN
VNF VM
(vCPE,vPE,vFW,vIPS)
NFV
vCPE vFW vIPS
Customer Business Oriented Applications
43. 66Cisco Public
ACI is Cisco’s attempt to solve the most significant and
important problems facing data center managers: how to more
closely link the provisioning of data center networks with
the applications running over those networks (i.e. “how do
the apps talk to each other).
… the goal is to reduce human error, shorten application
deployment times, and minimize the confusion that can
occur when application managers and network managers
speak very different vocabularies.
JOEL SNYDER
NETWORK WORLD
44. 74Cisco Public
WHAT ARE THE KEY COMPONENTS OF ACI?
APPLICATION-CENTRIC INFRASTRUCTURE
CONTROLLER
(APPLICATION POLICY
INFRASTRUCTURE
CONTROLLER)
APIC
OPEN STANDARDS OPEN SOURCE
HARDWARE - FABRIC
(NEXUS
9000 SERIES)
ECOSYSTEM
(INDUSTRY LEADING, OPEN)
45. Cisco Confidential 75
Application
Network Profile
Systems
Management
Hypervisor
Management
OVM
Orchestration
Frameworks
Centralized Policy Management
Open APIs, Open Source,
Open StandardsAPIC
Fabric
Automation Enterprise
MonitoringACI
Ecosystem
Partners
End Points
Physical &
Virtual
Physical
Networking
Nexus 2K
Nexus 7K
Hypervisors and
Virtual Networking
Compute L4–L7
Services
Storage Multi DC
WAN and Cloud
Integrated
WAN Edge
APPLICATION CENTRIC INFRASTRUCTURE
MULTI-FUNCTIONAL, HYPERVISOR AGNOSTIC, VIRTUAL/PHY, OPEN ECO-SYSTEM
46. 76Cisco Public
APPLICATION CENTRIC INFRASTRUCTURE
MULTI-FUNCTIONAL, HYPERVISOR AGNOSTIC, VIRTUAL/PHY
Physical
Networking
Multi DC
WAN and Cloud
L4–L7
Services Storage
Integrated
WAN Edge
Hypervisors
and Virtual
Networking
Nexus 2K
Nexus 7K
APICOpen
EcoSystem
Centralized
Management and
Automation
Compute (virtual/
physical)
47. Cisco Confidential 78
Define Intent: How do apps talk to each other?
ACI: Automate the instrumentation of intent
48. Cisco Confidential 80
Control & Audit Connectivity
(Security – Firewall, ACL, …)
IP Address, VLAN, VRF
Enable Connectivity
(The Network)
Application Requirements
IP Addressing
Application Requirements
• Classical approach to connectivity requires mapping
the various connectivity service layers manually
Application Specific Connectivity
Dynamic provisioning of connectivity explicitly
defined for the application
Application RequirementsApplication Requirements
• Defining the network for the application
• ACI directly maps the application connectivity
requirements onto the fabric
• Security is ‘always’ enabled
• Fabric is aware how the applications connect
• Services can be inserted dynamically
Redirect and Load Balance Connectivity
IP Address, VLAN, VRF
Modern Data Center Network Properties
Define the Network for the Application
49. Cisco Confidential 81
APPLICATION LANGUAGE
?
NETWORK LANGUAGE
• VLAN
• IP Address
• Subnets
• Firewalls
• Quality of Service
• Load Balancer
• Access Lists
• Application Tier Policy and
Dependencies
• Security Requirements
• Service Level Agreement
• Application Performance
• Compliance
• Geo Dependencies
• Etc.
… the “loss in translation” between App and Network
51. Cisco Confidential 88
VM
VM
…
VM
VM
…
VM
VM
…
web app db
application
The
Outside
a collection of end-points
connecting to
the network… VMs, physical
compute, …
Component
Tier
End Point Group
Or VMware Port Group
a set of network requirements
specifying how application
components communicate with
each other
Policy (Contracts)
Access Control
QoS
Firewall
L4 – L7 Services
rules of how application
communicates to the
external private or public
networks
52. Cisco Confidential 89
VM
VM
…
VM
VM
…
VM
VM
…
web app db
application
The
Outside
a collection of end-points
connecting to
the network… VMs, physical
compute, …
Component
Tier
End Point Group
Or VMware Port Group
a set of network requirements
specifying how application
components communicate with
each other
Policy (Contracts)
Access Control
QoS
Firewall
L4 – L7 Services
rules of how application
communicates to the
external private or public
networks
Application Profile
application-centric network policy
Application Level Metadata
Describes Application infrastructure dependencies
54. Cisco Confidential 96
• Elastic service insertion architecture for
physical and virtual services
• Helps enable administrative separation
between application tier policy and service
definition
• APIC as central point of network control
with policy coordination
• Automation of service bring-up / tear-down
through programmable interface
• Supports existing operational model when
integrated with existing services
• Service enforcement guaranteed,
regardless of endpoint location
Web
Server
App Tier
A
Web
Server
Web
Server
App Tier
B
App
Server
Chain
“Security 5”
Policy Redirection
Application
Admin
Service
Admin
Service
Graph
begin endStage 1
…..
Stage N
Providers
……..
ServiceProfile
“Security 5” Chain Defined
ASA Netscaler VPX
55. Cisco Confidential 97
APPLICATION CENTRIC INFRASTRUCTURE
ABSTRACTION FROM THE NETWORK + L4-L7 SERVICES
Outside
(Tenant VRF)
Web App DB
QoS Policy QoS Policy
FW Service
Policy
QoS Policy
Access PolicyLB Service
Policy
56. Cisco Confidential 98
APPLICATION CENTRIC INFRASTRUCTURE
ABSTRACTION FROM THE NETWORK + L4-L7 SERVICES
Outside
(Tenant VRF)
Web App DB
QoS Policy QoS Policy
FW Service
Policy
QoS Policy
Access PolicyLB Service
Policy
APIC
Decouple Application
from Infrastructure
Decouple Application
from Infrastructure
57. Cisco Confidential 101
DEVICE PACKAGE
• Defines services appliances
• Lists service functions offered by
the services appliance
• Provides scripts for driving service
configuration
• Plan is to open the API so that
anyone can create a device
package and have a community
similar to Puppet manifests or Chef
recipes
SERVICE AUTOMATION
ARCHITECTURE
Configuration Model
Device Interface: REST/CLI
APIC Script Interface
Device Specific Python Scripts
Script Engine
APIC – Policy Element
APIC Appliance
59. Cisco Confidential 107
• Integrated Overlay
• Encapsulation Normalization
• Scale
• Host Based Forwarding
• Distributed GW & Spine Proxy
• ARP/GARP Forwarding
• Efficiency
• Flowlet Switching
• Flowlet Prioritization
• Dynamic Load Balancing
• Telemetry
• Atomic Counters
• Latency Measurements
• Distributed Systems Approach to
Infrastructure Management
SCALABLE FABRIC DESIGN
LEVERAGES STANDARD PROTOCOLS TO FABRIC
• 2-tier CLOS fabric design (beyond 2 in future), all 40Gb links
• Standard ingress encapsulation: 802.1Q VLAN, VXLAN, NVGRE
• Fabric uses IS-IS non-loops, VTEP advertisement
• Removal of flooding requirements for IP control plane (ARP, GARP)
• L2 and IP Host routing fabric, including Distributed L3 gateway
• Highly resilient APIC Cluster configuration (not part of data plane)
APIC
Ethernet NVGRE VXLAN 802.1Q 802.1Q
Tertiary (3) Redundancy for
APIC cluster
60. Cisco Confidential 108
FULL APPLICATION VISIBILITY
A SINGLE VIEW OF YOUR APPLICATION IN A DISTRIBUTED ENVIRONMENT
Cisco Confidential
HEALTH SCORE
LATENCY
DROP COUNT
VISIBILITY
VMs
Physical
Application Delivery Controller
Firewall
108
96%
Microsecond(s)
Packets Dropped
5
25
7
3
64. Cisco Confidential 119
A.K.A SEGMENT ROUTING
Path expressed in the packet Data
Dynamic path
Explicit path
Paths options
Dynamic
(STP computation)
Explicit
(expressed in the packet)
Control Plane
Routing protocols with
extensions
(IS-IS,OSPF, BGP)
SDN controller
Data Plane
MPLS
(segment labels)
IPv6
(+SR header)
65. Cisco Confidential 120
APPLICATION ENGINEERED ROUTING (A.K.A. SEGMENT
ROUTING)
• Source Routing
the source chooses a path and encodes it in the packet header as an ordered list of segments
the rest of the network executes the encoded instructions without any further per-flow state
• Segment: an identifier for any type of instruction
forwarding or service
• Segment Routing Resources
draft-previdi-filsfils-isis-segment-routing-02
www.segment-routing.net
66. 122Cisco Public
Innovations to Watch
• Tail-f - Cisco Network Services Orchestration
• Virtual Topology System (VTS)
Standards-based, open software-overlay management and provisioning system for DC
• Software Defined WAN (SD-WAN)
Cisco IWAN targets this space
• Virtual Branch Evolution
Router + x86/LXC/VM, Standalone x86/LXC/VM
• Virtual Managed Services (vMS) – SP offered and consumption models
• Distributed Analytics
Leveraging distributed compute, NFV, and applications for intelligent analytics behavior
• Evolving NFV Use Cases – analytics, security, IoE/IoT