Independent Validation of Cisco’s Multi-Vendor Support

European Advanced Networking Test Center

Jambi Ganbar, ganbar@eantc.de, 2015-03-16

Agenda

About EANTC SDN and NFV multi-vendor tests

NETCONF+YANG Cisco’s Network Service Orchestrator PCE Communication Protocol (PCEP) Cisco’s WAN Automation Engine

Advanced transport multi-vendor tests Ethernet VPN Segment Routing

Use Case Example: Cisco’s Managed Cloud VPN

About the European Advanced Networking Test Center

Service Providers

Governments & Enterprises

Vendors

EANTC Customer Groups

Vendor independent network quality assurance since 1991

Unique technical expertise of network design and testing in latest technology areas

20-year testing experience matches highest quality standards

Past Vendor Interoperability Test Events

EANTC periodically invites vendors to join our Interoperability Test Events: Since 2005: Carrier Ethernet World Congress Since 2008: Carrier Ethernet APAC Since 2003: MPLS SDN World Congress Since 2013: SDN & OpenFlow World Congress Since 2014: MEF Global Ethernet Networking Congress

Recent Participants: Alcatel-Lucent, ADVA, Aviat, Brocade, BTI,

Calnex, Ceragon, Ciena, Cisco, ECI Telecom,

Ericsson, Extreme, Hitachi, Huawei, Ixia, Juniper,

Meinberg, Metaswitch, Microsemi, MRV, NEC,

Pica8, RAD, Spirent, Tail-f, Telco Systems, Tellabs,

ZTE, …

Testing NETCONF in a Multi-vendor Environment

NETCONF-Console by tail-f acted as a management client

Three vendors participated as managed network elements

NETCONF server instance was running on each managed element

Used three YANG models Cisco’s Cisco-IOS-XR-ifmgr-cfg Ixia’s ports.yang BTI’s atlas-interfaces.yang

Validating Cisco’s Network Service Orchestrator (NSO)

Cisco’s NSO is an orchestration tool Enabled by Tail-f division of Cisco Interfaced with two layers

Northbound programmable interface to service tools (CLI, JSON-RPC, REST…)

Southbound network elements interface (NETCONF, SNMP…)

EANTC verification areas of Cisco’s NSO Service enablement, restoration, verification Configuration push, update, repair and error mitigation Multi-vendor capabilities

Validating Cisco’s Network Service Orchestrator (NSO)

Test Lab Physical Topology

ASR9000 Core

Third party Router

NSO

Third party Router

ASR9000 PE:2

ASR9000 PE:1

CE:5 CE:4 CE:3 CE:2 CE:1

Nexus 5500 Switch (Single VLAN per PE-CE)

Management Network

Validating Cisco’s Network Service Orchestrator (NSO)

Service Provisioning

Synchronized existing elements to GUI

Created P, PE, CE device groups via the GUI

Provision L3VPN on two CEs connected to Cisco PEs

Used tester traffic to verify service bandwidth limit

Validating Cisco’s Network Service Orchestrator (NSO)

Service Modification

Added two third party PE Routers

Extended the L3VPN to a new CE on one third party router

Verified service continuity

Open Software and Cisco Path Computation Element Communication Protocol (PCEP) Interoperability

Three implementations of PCEP tested successfully Path Computation Element

(PCE) initiated RSVP-TE Paths Path Computation Client (PCC)

initiated RSVP-TE Paths PCE Initiated Segment Routing

Paths

Used OpenDaylight as PCE Configured multiple Label

Switched Paths (LSP)

Validating Cisco’s WAN Automation Engine

Bandwidth on Demand

Observed high LSP utilization (>75% line rate)

Provisioned 400 Mbit/s more bandwidth via GUI

WAE alerted to oversubscription

WAE recommended additional tunnel

Second tunnels created successfully

Observed no traffic loss

Bandwidth on Demand Utilization Report

Bandwidth on Demand Recommended Path

Validating Cisco’s WAN Automation Engine

Tunnel Split/Merge

Examines user-specified bandwidth thresholds When thresholds are reached

WAE split or merges LSPs

Located candidate nodes close to thresholds

Used GUI to “Optimize” the network

Verified that WAE split one tunnel and merged two tunnels Snapshot of WAE’s

tunnel split-merge interface

WAE Tunnel Split/Merge Application Interface

Tunnel Split/Merge Results

Multi-vendor Ethernet VPN Interoperability Test

Tested single and multi-homing customer equipment

Verified EVPN control plane Inclusive Multicast (BGP RT3) MAC Advertisement (BGP RT2) Ethernet Segment (BGP RT4)

Tested symmetric Integrated Routing and Bridging Routing between subnets (Intra-

subnet)

EVPN: Single-Homing

Multi-vendor Segment Routing Interoperability Test

Tested IPv4 and IPv6 IS-IS in the control plane

Created VPNv4 and VPNv6 services

Verified SR’s inter-workability with LDP Created Ethernet VPWS

service across domains

Multi-vendor Segment Routing Fast Reroute Test

Tested two Fast Reroute approaches Loop Free Alternate (LFA);

directly connected recovery node

Topology Independent LFA; enforced by link metrics

Verified path calculation algorithm Shortest Path First

Measured sub 50ms convergence time for LFA and TI-LFA

Segment Routing Loop Free Alternate

Topology Independent Loop Free Alternate

Use Case Example Cisco’s Cloud Managed VPN and Virtual Managed Services

Ordered services for two locations Service Plan: Firewall, URL filter, Remote

Access, and Cloud VPN with Internet Access

Entered customer details; information, Company size, Number of sites…etc

Selected URL Filtering option Chose bandwidth plan Ordered two service gateways

Within 20 minutes Service VNFs were spun off Management and traffic IPSec tunnels

were created

Deleted service configuration CloudVPN Web Interface

Thank you for your interest!

Light Reading Report here Interoperability Report here