Introduction to Software-Defined Networking (SDN) and Network Programmability

BRKSDN-1014

Jason Davis, Distinguished Engineer (Services) Abstract

SDN is an exciting new approach to network IT Service Management. You may have questions about SDN, Controllers, APIs, Overlays, OpenFlow and ACI. You may also be wondering what products and services are SDN-enabled and how you can solve your unique business challenges and enhance your differentiated services by leveraging network programmability.

In this introductory session we will cover the genesis of SDN, what it is, what it is not, and Cisco's involvement in this space. Cisco's SDN- enabled Products and Services will be explained enabling you to consider your own implementations. Since SDN extends network flexibility and functionality which impacts Network Engineering and Operations teams, we'll also cover the IT Service Management impact.

Network engineers, network operation staff, IT Service Managers, IT personnel managers, and application/compute SMEs will benefit from this session.

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Agenda

• What is SDN & Network Programmability

• What are the Use Cases and Problems Solved with SDN?

• An Overview of OpenFlow

• What Are Cisco's solutions?

• An Overview of Network Overlays

• An Overview of Network Controllers

• An Overview of ACI

• The Impact to IT Service Management

• How to Get Ready

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 What is Software-Defined Networking (SDN)?

• An approach and architecture in networking where control and data planes are decoupled and intelligence and state are logically centralized • Enablement where underlying network infrastructure is abstracted from the applications [network virtualization] • A concept that leverages programmatic interfaces to enable external systems to influence network provisioning, control and operations

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 SDN is…

…a new approach at network transformation* …empowering external influencers to network design and operations …impacting the networking industry - challenging the way we think about engineering, implementing and managing networks …providing new methods to interact with equipment/services via controllers, APIs …normalizing the interface with equipment/services …enabling high-scale, rapid network and service provisioning/management …generating a LOT of ‘buzz’ and attention …providing a catalyst for traditional Route/Switch engineers to branch-out

* […not the first attempt!] BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 SDN is not…

…an easy button… [but is intending to make things easier for all!] …a panacea or end-state …narrowly defined …meaning the death of network engineers …a mandate for all network engineers to become C and Java programmers …a new ISDN service from Apple called iSDN 

…a new attempt at network evolution… I Wants SDN

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Have We Seen This Before? Overlays / Encapsulations

MPLS VPLS VPN GRE Tunnels LISP Control Plane / Data Plane Separation – Centralized Control

SS7 Management and ATM LANE Programmatic Interfaces Wireless LAN Controller GMPLS SNMP NETCONF EEM

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 8 Where Did SDN Come From? 2008 Have you tried rebooting the Internet yet?

http://cleanslate.stanford.edu/

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 9 The Traditional Network…

Control Plane (CP) Control and Data Plane resides CP DP CP DP within Physical Device Data Plane (DP)

CP DP CP DP

CP DP CP DP CP DP CP DP

Control plane learns/computes forwarding decisions Data plane acts on the forwarding decisions

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 10 The Network As It Could Be…to an SDN ‘Purist’

CP DP CP DP

CP

CP DP CP DP

CP DP CP DP CP DP CP DP

Control plane becomes centralized Physical device retains Data plane functions only

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 11 The Network As It Could Be…In a ‘Hybrid SDN’

CP DP CP DP

CP CP DP CP DP Controller

CP DP CP DP CP DP CP DP

A Controller is centralized and separated from the Physical Device, but devices still retain a localized Control plane intelligence

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 12 What are the Use Cases and Problems Solved with SDN? Why Change?

• Familiar Manual, CLI-driven, device-by-device approach is inefficient • Increased need for programmatic interfaces which allow faster and automated execution of processes and workflows with reduced errors • Need for a ‘central source of truth’ and touch-point

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 14 Your Challenges

• Pace of Change – Technology & Competition • Globalization of the Marketplace • Proliferation of Social Networking • IT Budgets, Staffing and Resources • Accelerated Pace of Consumerization, Virtualization and XaaS Options • Consumption Economics

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 15 Customer Needs: Network Programmability

Research/ Massively Scalable Service Cloud Enterprise Academia Providers

. Experimental . Customize with . Automated . Policy-based . Virtual workloads, OpenFlow/SDN Programmatic APIs provisioning and control and VDI, Orchestration components for to provide deep programmable analytics to of security profiles production insight into network overlay, optimize and networks traffic OpenStack monetize service delivery

Network Network Flow Scalable Private Cloud “Slicing” Management Multi-Tenancy Agile Service Delivery Automation Diverse Programmability Requirements Across Segments (Automation & Programmability)

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 16 SDN Addresses Needs for…

• Centralized configuration, management/control, monitoring of network devices (physical or virtual) • Ability to override traditional forwarding algorithms to suite unique business or technical needs • Allowing external applications or systems to influence network provisioning and operation • Rapid and scalable deployment of network services with life-cycle management

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 17 !

Weather-Based Routing

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 18 Get IMs From Routers/Switches

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 19 Business Metrics Influencing Routing

Controller

Class API GUI Schedule

Staff Directory WAN1 (MPLS) WAN2 (EPL) WAN3 (Internet)

U N I V E R S I T Y

Main Campus Remote Classroom

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 20 An Overview of OpenFlow What is OpenFlow?

API Application

OF OF Controller AGENT

…a Layer 2 communications protocol that gives access to the forwarding plane of a network device, …a specification for building switches conforming to the protocol

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 22 Deutsche Telekom : Facebook : Goldman Sachs : Yahoo Google : Microsoft : NTT Communications : Verizon OPEN NETWORK FOUNDATION Stanford : UC Berkeley ONF Board

ONF Members

3TEN8 Cisco Systems Hitachi Metaswitch Networks Samsung 6WIND Citrix Systems HP Midokura Sanctum Networks Ltd A10 Networks Colt Technology Services Huawei MRV Communications SDN Essentials Active Broadband Networks Coriant IBM NAIM Networks SDN Solutions ADVA Optical Networking Corsa Technology Infinera NCL Communication SK Telecom Alcatel-Lucent Criterion Networks (I) Pvt Ltd Infoblox NEC Spirent Alibaba Group Holding Ltd Cyan Institute for Information Industry (III) Netgear Swisscom Applied Micro Circuits / Networks Netronome Tail-f Systems Aricent Group Digital China Networks Ltd (DCN) Intelliment Security NetScout Tallac Networks ECI Telecom Intune Networks NoviFlow Inc. Tata Communications Aruba Networks Equinix IP Infusion NSN Tekelec (Acquired by Oracle) ATTO Research Korea Ericsson Itential NTT Data Telecom Italia Auvik Networks EstiNet Technologies Inc. ITRI (Industrial Technology Research OKI Electric Industry Telefonica Baidu Online Network Technology Co ETRI (Electronics and Institute) Optelian Telekom Malaysia - TM Research & Ltd. Telecommunications Research Ixia Oracle Development Barefoot Networks Institute) Juniper Networks Orange Telesoft Beijing Internet Institute (BII) Extreme Networks KDDI Overture Networks Tellabs Big Switch Networks F5 Kemp Technologies PCCW Global Ltd. Tencent, Inc. BISDN Fiberhome Technologies Konodrac Pertino Texas Instruments Blue Ocean Networks Pty LTD FishNet Security KT Corp. (Korea Telecom) Pica8 Thales Broadcom Freescale Semiconductor Inc L3 Communications Systems - East Plexxi Inc Tilera Brocade Communication Systems Friesty Lancope, Inc. PMC-Sierra Inc. Transmode BTI Systems Fujitsu Level 3 Procera Networks TW Telecom Centec Networks Gencore Systems LSI Corporation Qosmos UBIqube Solutions Ceragon Networks Gigamon Luxoft Rackspace Vello Systems China Mobile Research Center GlimmerGlass Marvell Radware Verizon China Telecom GuardiCore Ltd. MediaTek Riverbed Technologies Ciena H3C Technologies Mellanox Technologies Saisei Networks http://opennetworking.org BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 23 OF v1.0 What Makes OpenFlow Different? Example Flow Table

Ingres Source Dest Ether VLAN VLAN IP IP IP IP TCP/U TCP/U Action Priority Counter s Port MAC MAC Type ID Priorit SRC DEST Protoco TOS DP DP l y SRC DEST

* * * Switching* * * * * * * * Fwd Port 100 3c:07:54:* 10 * * *Routing* * * * * * * * Fwd Port 100 192.168.1.* 12 Port 1 Replication/SPAN Fwd Port 100 * * * * * * * * * * * 14…24 * *Firewall/Security* * * * * * * * * 25 Drop 100

* * * * Inspection* * * * 0x0800 * * * Controller 100

Vlan10 Combinations 80 Fwd Port 8 200 * 00:01:E7:* * * * * * * * * * * * * * * * * * * 80 Rewrite 200 Multi-action ; NAT 192.168.1.* 10.1.2.3; Fwd port 9 *Local handling* * * * * * 10.* * * * * Local 200

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 24 OF v1.0 What Makes OpenFlow Different? Example Actions

OPENFLOW CONTROLLER Required Actions Forward out all ports 1 except input port

Redirect to OpenFlow 2 2 Controller FLOW Forward to local CPU 3 TABLE Forwarding Stack (CPU)

Perform action in flow 4 4 3 table 7 5 Forward to input port SWITCH FORWARDING Forward to destination 5 ENGINE 6 port

7 Drop Packet

1 6

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 25 OF v1.0 What Makes OpenFlow Different? Example Counters

FLOW TABLE

HEADER FIELDS COUNTERS ACTIONS

… … … FLOW ENTRY

… … …

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 26 OpenFlow Introduced Notable Features Flow-spec Version Tuple 1.0 2009-12 Initial Specification [Still very prevalent in the market] 12

1.1 2011-02 Support for multiple flow tables 15 Added support for MPLS Defined two operating modes – Hybrid | Pure OpenFlow 1.2 2011-12 Support for IPv6 34 Multiple Controller support 1.3 2012-06 Support for Rate Limiting 38 IPv6 Extensions, GRE Version increasingly targeted by customers/manufacturers 1.3.1 2012-09 Support for Negotiation TLVs 38

1.3.2 2013-04 Support for controller-initiated connections 38

1.4 2013-10 Support for Rule change ‘transactions’ 40

1.3.3 2013-12 Update with IANA registered TCP port : 6653 40 Clarify multipart segmentation rules, clarify use of empty multipart messages Specify the normal fragment handling is mandatory, drop/reasm optional 1.3.4 2014-03 Clarify table feature wildcard list should not include fields that are mandatory in some context 40 Only Add section about control channel maintenance Push MPLS should add a MPLS header before the IP header and before MPLS tags, not before VLAN which is not valid

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 OF v1.3 Example Input Switch Intra- Etherne Ethernet Ethernet Input Input IP IP ECN IP IPv4 IPv4 Switch Physical Table t Dest Source Frame VLAN VLAN DSCP Protocol Source Dest Port Input Metadata Addr Addr Type id Priority Addr Addr Port . . .

TCP TCP UDP UDP SCTP SCTP ICMP ICMP ARP ARP ARP IPv6 IPv6 Source Dest Source Dest Source Dest Type Code Opcode Source Target Source Dest Port Port Port Port Port Port IPv4 IPv4 Addr Addr Addr Addr . . .

. . . IPv6 ICMPv ICMPv Target Source Target MPLS MPLS MPLS PBB- Logical IPv6 Port Extension Flow 6 type 6 code Addr link- link- label TC BoS bit ISID Header Metadata Label for ND layer layer pseudo- for ND for ND field

. . .

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 28 OpenFlow is one Fish in the Sea of SDN

PCEP

APIs

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 29 SDN Protocols in Internet

Application Frameworks, Management Systems, Controllers, ...

“Protocols” onePK OpenFlow I2RS PCEP BGP-LS/FS Neutron OMI Puppet NETCONF …

Management OMI Puppet NETCONF … Agent Agent Agent Orchestration OpenStack Agent Network Services PCEP BGP-LS/FS BGP Agent Agent Control Diameter I2RS Radius Agent Forwarding SNMP OpenFlow … Agent Cisco API & Agent Infrastructure (OnePK, YANG) Device Operating Systems – Cisco IOS / NX-OS / IOS-XR

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Industry Communities, Projects and Standards Bodies Cisco Innovations: FEX Architecture Technical Advisory 802.1 Overlay Board seat Networking Project Open Network Research Center at Stanford University

Puppet Agent Modules Puppet Labs Initiatives: investor Contributor - Neutron API Technical Advisory Group Technical Committee Donabe Chair, Management Area Cisco Innovations: Working Groups: Projects OpenStack API for Nexus Config, Hybrid, Extensibility, OpenStack Extensions Futures/FPMOD/OF2.0

Founding Platinum member Catalyzed initial Open Source offering

Overlay Working Groups: NVO3, L2VPN, TRILL, L3VPN, LISP, PWE3 Working Groups: NETCONF, ALTO, CDNI, XMPP, SDNP, Open Source Cloud I2AEX Computing project PCE, FORCES I2RS – Interface to Routing System BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 31 What Are Cisco's SDN solutions? CP  DP Nexus 1000V NetVirt API Highlights Network • Physical Networking Consistency – NX-OS Admin • Multi Hypervisor Consistency • Innovative Security and Monitoring Solutions

Virtual Supervisor VSMVSM Module VEM: Virtual Ethernet Module

SCVMM, VEM-1 VEM-2 VEM-N OpenStack, Server 1 Server 2 Sever 3 vCD Cloud/Server Admin BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 33 OnePK = One Platform Kit

• Allows an external application to access, extend or customize the software capabilities of Cisco’s routers and switches via API’s • Provides deep packet and routing path manipulation capabilities • Normalizes application-to-device interface regardless of the native, underlying operating system

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 34 OnePK sits on top of the device OS

Applications Applications Applications

Cisco onePK API’s C Java Python REST Physical Device

IOS | IOS-XE | NX-OS | IOS-XR

Hardware Silicon

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 35 DATA PATH Packet delivery services to application – e.g. copy, punt, inject

Filtering (NBAR), classification (class-map, policy-map), POLICY actions (marking, policing, queuing), applying policy to interfaces

ROUTING Read RIB Routes, add/remove routes, receive RIB notifications

CPU/Memory statistics, interface statistics, element and interface ELEMENT events

DISCOVERY Layer 3 topology and local service discovery

UTILITY SYSLOG event and path tracing capability OnePK Sets ServiceOnePK DEVELOPER Debug capability and CLI extension (invoke CLI from application)

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 36 Deployment Models

End-Point Hosted Blade Hosted Container Hosted AKA ‘Process Hosted’

Application Application

Server Service Blade

Application OnePK /Switch

OnePK OnePK Router/Switch

Runs on a remote server Runs on a service blade Runs locally on the device -Available- -Available- -Cisco sourced Apps only- -Nexus3000-

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 37 An Overview of Network Overlays Overlays

Overlay / Virtual Network • Mobile • Scalable • Supports Segmentation / multi-tenancy • Programmable & Manageable

Underlay / Fabric • High Capacity • Resilient • Intelligent Traffic Handling • Programmable & Manageable

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 39 Layer-2 Overlays

+ Emulate L2 LAN Segment + Transport Ethernet Frames (IP and non-IP) + Can emulate physical topologies - Single Subnet Mobility (L2 domain) - Exposure to L2 Flooding

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 40 Layer-3 Overlays

+ Abstract IP-based connectivity + Transport IP Packets + Can emulate physical topologies + Full Mobility regardless of subnet + Contain Network Failures/Flooding + Useful in abstracting connectivity and policy

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 41 Tunnel End-Point The Edges of Overlays Network Overlays Host Overlays Integrated Overlays

VM VM VM VM VM VM Physical Physical Physical Virtual Virtual Virtual

Router/Switch end-points Virtual end-points only Physical and virtual end-points Protocols for Resiliency & Loops Single administrative domain Resiliency & Scale Traditional VPNs Cross-org & Federation OTV, VXLAN, VPLS, LISP VXLAN, NVGRE, STT Open Standards

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 42 Cisco’s Solutions in Overlays

• VXLAN • LISP • MPLS • Nexus 1000V • OTV • ACI • VPLS BRKDCT-1301 VXLAN Deployment – Use Cases and Best Practices

BRKDCT-2328 Evolution of Network Overlays in Data Center Clouds

BRKDCT-2049 Overlay Transport Virtualization

BRKDCT-3103 Advanced OTV - Configure, Verify and Troubleshoot OTV in Your Network BRKDCT-2131 Mobility and Virtualization in the Data Center with LISP and OTV

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 43 An Overview of Network Controllers What Is OpenDaylight?

• …an open source project formed by industry leaders and others under the Foundation with the mutual goal of furthering the adoption and innovation of Software Defined Networking (SDN) through the creation of a common vendor supported framework. • Focus: Customers with some programming resources that desire a free, community-supported SDN controller, especially if focus is on OpenFlow

Platinum Gold Silver

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public OpenDaylight (ODL)

Network Applications Cisco Sourced Customers 3rd Parties

OpenDaylight Controller Web UI

OSGI Northbound APIs RESTful Java Bundle H/A

Basic Operation Infrastructure Stats Manager Host Tracker ARP Handler Dijkstra SPF Physical and Logical Device Manager Forwarding Rules Manager Topology Manager Service Abstraction Layer (SAL)

NETCONF OVSDB Southbound APIs OpenFlow (1.0 or 1.3)

NETWORK DEVICES Cisco or Other OpenFlow-enabled Devices

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public OpenFlow-enabled devices that are configured to this controller automatically show up in the topology

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 47 Hosts can be added or learned Flow-specifications can be defined or reviewed

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 48 What Is APIC-EM?

• A purpose-built, easy to use SDN controller • Does NOT require programming experience [but does have REST NBI] • Does NOT require HW/SW upgrades to take advantage of controller model • Has specific applications built-in to address common network needs: Policy Management, QoS Management, Zero-Touch Deployment and iWAN • Available to SmartNet customers without charge

• Focus: Enterprise Customers with Few to No Programming Resources that desires a Commercially-supported solution that preserves existing investment and doesn’t require HW/SW upgrades

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Application Policy Infrastructure Controller – Enterprise Module (APIC-EM)

Network Applications Cisco Sourced Customers 3rd Parties

Cisco APIC-EM Controller Web UI Northbound APIs RESTful

Controller Applications & Features

H/A Policy Manager Host Tracker Clustering QoS Manager Network Discovery iWAN Topology Manager Zero-Touch Device Manager Deployment (ZTD)

Investment protection w/o VTY Southbound APIs onePK / OpenFlow / OpFlex (Future) HW/SW upgrades

NETWORK DEVICES Cisco Devices

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public SDN Innovation: Network Information Base Provides “One Source of Truth”

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Topology View

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC-EM @ Cisco Live (San Francisco 2014)

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 53 Application: QoS Classification Management

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Application: Policy Analysis (ACL Trace Example)

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public What Is APIC?

• The Data Center SDN Controller for the next-generation Fabric-enabled Nexus 9k family • Offers services for managing System, Tenant(s), Fabric, VM(s), L4-7 Services

• Focus: Data Center Customers that desire a Commercially-supported solution that leverages a centralized controller for the Nexus 9k product family • NBI: REST, Python • SBI: OpFlex ACI, REST, L4-7 Scripting API/VTY

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Application Policy Infrastructure Controller (APIC)

Network Applications Cisco Sourced Customers 3rd Parties

Advanced GUI with Extended Features

Cisco APIC-DC Controller Web UI Python Northbound APIs RESTful

Controller Applications/Feature

System Tenant Fabric L4-7 Services VM Manager Manager Manager Manager Manager OpFlex Cisco’s proposal to IETF to standardize a SBI OpFlex/ACI Agent Southbound APIs REST L4-7 Scripting API / VTY for policy management

NETWORK DEVICES

Cisco Nexus 9k Family

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Application Policy Infrastructure Controller Centralized Automation and Fabric Management

• Unified point of data center network automation System Storage Orchestration and management: Layer 4 - 7 Management Management Management Puppet Labs CloudStack − Application-centric network policies Citrix NetApp VMware Python KVM − Data model-based declarative provisioning F5 OpsCode OpenStack Cisco EMC CFEngine Corporation Microsoft − Application, topology monitoring, and troubleshooting XenServer − Third-party integration (Layer 4 - 7 services, storage, compute, WAN, etc.) Open RESTful API − Image management (spine and leaf) Storage SME Server SME Network SME − Fabric inventory • Single Cisco® APIC cluster supports one million+ endpoints, 200,000+ ports, and Policy-Based Security SME App. SME OS SME 64,000+ tenants Provisioning • Centralized access to all fabric information - GUI, CLI, and RESTful APIs • Extensible to computing and storage management

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC

Unified API

Unified Information Model

RESTFul over HTTP(s) Object Oriented • JSON + XML • Unified: automatically delegates request to corresponding • Comprehensive access to underlying information model components • Consistent object naming directly mapped to URL • Transactional • Supports object, sub-tree and class-level queries • Single Management Entity yet fully independent components

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC Architecture overview

Multithreaded, Distributed & Clustered Fabric Controllers

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Animation Complete Management Access

GUI CLI Any APIC Web R Object E Browser S Python T SDK

API Tools

https://apic.local/api/mo/uni/tn-common.xml

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 62 APIC GUI – System Topology

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC-DC

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 64 API Inspector in GUI

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Prime Interlock with SDN/NP

Operational Intelligence Management CIAC PRIME INFRASTRUCTURE 3rd Party and UCSD & NAM Apps Automated Service Provisioning Orchestration Dynamic Service Assurance Layer Catalog/ Fault/ User / Data Performance Reporting / Visualization and Analytics Provisioning Events Management Monitoring Analytics

REST API (ONE DevKit)

Control APIC Controller Network Intelligence Layer Device Layer Abstraction Data Center Module Enterprise Module Network Control Policy Enforcement and Network Change CLI, OpenFlow, OnePK API Device Cisco Devices Layer Data Center, Enterprise Networks

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public How to Get Ready Controller Deployment

Start by asking/acknowledging the Branch Campus business problem/opportunity you’re trying to address with SDN/NP

Carefully track the device support you have or need for onePK / OpenFlow / ACI (OpFlex) support as it will dictate what you can/can’t do

Gauge the programming/development effort needed to achieve your goals Data Center Teleworker

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 68 SDN/Network Programmability Impact to ITSM

• External Programs (and App Developers) have access to traditional network devices – You Good with that!? • Change Control – Now more Real-Time – Programs/Apps need to participate • You MUST have Focused, Intentional monitoring of the controllers – they are the brains! • You MUST have a Robust backup/redundancy plan for controllers • You MUST implement Good RBAC, security and accounting – lock-down the controllers and APIs! • The Uncle Ben Principle - “With Great Power Comes Great Responsibility”

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 69 Remember This Inflection Point?

Telephony in 1998

• IP Telephony struggled until we got ‘hybrid engineers’ to translate between the Circuit Switch ‘Tip & Ring’ and Packet Switch ‘Bits & Bytes’ camps • Likewise, now, we need the next generation of ‘hybrid engineers’ to translate between traditional network domain engineers and software/application developers

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 70 So What Skills Should I Increase On?

• Python • REST / Web Services • Regular Expression • Basic Programming constructs (conditionals, loops, functions/procedures)

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 71 Cisco Services

SMART SERVICE CAPABILITIES

Services from Cisco Together with Cisco Certified Partners

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Driving Catalyst 6500 Migration To Nexus 9000

Catalyst Environments Migration Nexus 9000 Deployment Tools

• Automate Nexus VSS 9000 deployment and configuration • Migrate any Cat6500 topology to any Nexus 9000 topology • Advanced Services best practices • Catalyst IOS to NX-OS config conversion

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Quick Start Service For Nexus 9000

Overview Deliverables Outcomes

• N/A • Share best practices and • Technical advice and knowledge guidance for smooth integration of Nexus • Increase competency and speed to optimize ACI in 9000 your environment • Technical consultant 3- • Gain valuable expertise by day on-site having direct access to • High-level use Cisco consultants case/design discussion

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Accelerated Deployment Services For Nexus 9000

Overview Deliverables Outcomes

• Define business and • Design document • Blueprint for ACI technical objectives, use • Configuration migration • Accelerate time-to-value case alignment, current and attainment and production future state • Operations guideline • Assess data center • Custom script development ecosystem (server, network, • Knowledge transfer storage, and virtualization) • Functional specs, design, test plan, acceptance criteria • Support customer team during validation • Knowledge transfer

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Technical Assistance From Cisco TAC Resolve Issues Quickly

Direct Access to Cisco Technical Experts

• Highly trained network and application software engineers worldwide

• Expertise and best practices across data center technologies

24x7 • Computer science/electrical engineering degrees

• Engineering staff averages 5 years' industry experience

• CCIE professionals

• 24x7 global access by phone, web, or email

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public DevNet

https://developer.cisco.comhttp://

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 77 Call to Action

• Visit the World of Solutions for – Cisco Campus – DevNet Pavilion – Walk in Labs – Network Programmability – Technical Solution Clinics • Meet the Engineer • Lunch time Table Topics • DevNet zone related labs and sessions • Recommended Reading: for reading material and further resources for this session, please visit www.pearson-books.com/CLMilan2015

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 78 Complete Your Online Session Evaluation

• Please complete your online session evaluations after each session. Complete 4 session evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt.

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 79 Cisco ACI and SDN @ CiscoLive Milan

• Recommended Learning Path on SDN 60+ Breakouts, Tech Seminars, Labs, Panel Discussion, …

Content Catalog: http://cs.co/CLEU15-ACI

• DevNet @ CiscoLive Learning Labs, Demo Pods, Arena Sessions, Hackathon

• World of Solutions • Table Topics

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 80 Cisco ACI and SDN Sessions @ CiscoLive Milan

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Tech Seminars Monday TECACI-2009 Application Centric Infrastructure (ACI) - The Policy Driven Data Center Monday TECSDN-3600 APIC Enterprise Module – SDN in the Enterprise Monday TEC-NMS-3601 Advanced Network Programming - Lab Technical Seminar Monday TECSPG-2300 Network Function Virtualization Seminar Monday TECRST-2611 Network Simulation: The VIRL Compendium Monday TECMPL-3200 SDN WAN Orchestration in MPLS and Segment Routing Networks Monday TECCRS-2003 Advanced WAN Design Topics

Panel Discussions Using Software-Defined Concepts and OpenDaylight-inspired Controllers to Tuesday PNLSDN-1000 Increase Business Agility and Competitive Differentiation Tuesday PNLDCT-2001 Overlays in the Data Center - A Customer Perspective

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 81 Cisco ACI and SDN Sessions @ CiscoLive Milan

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Labs Tuesday LABACI-2223 APIC integration with OpenStack Tuesday LABSDN-2331 Cisco ACI hands on Lab Tuesday LABSPG-2443 Cisco EPN Labs Tuesday LABVIR-2446 Network Function Virtualization Tuesday LTRDCT-1224 Implementing VXLAN in Datacenter Wednesday LTRDCT-1224 Implementing VXLAN in Datacenter Wednesday LABSPG-2442 NCS: Network Control System Hands-on Lab (Tail-f) Thursday LABNMS-2001 Advanced Network Automation and Solutions using Cisco IOS EEM Friday LABNMS-2001 Advanced Network Automation and Solutions using Cisco IOS EEM Friday LABSDN-1335 Getting Started with OpenDaylight

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 82 Cisco ACI and SDN Sessions @ CiscoLive Milan

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Breakout Sessions – 1/4 Tuesday BRKSDN-2120 Demystifying Security in the Software Defined Era Tuesday BRKSDN-1014 Introduction to Software-Defined Networking (SDN) and Network Programmability Tuesday BRKRST-2015 SDN - From Concepts To Reality Tuesday BRKRST-2121 Self Learning Networks Tuesday BRKDCT-2131 Mobility and Virtualization in the Data Center with LISP and OTV Tuesday BRKACI-2244 Application Virtual Switch for Application Centric Infrastructure Overview Wednesday BRKCRS-3447 Network Function Virtualization for Enterprise Networks Wednesday BRKNMS-3043 Performance Measurement for IP and SDN Traffic with Cisco IOS IP SLA Wednesday BRKACI-1025 Migration from Classic Design to ACI Wednesday BRKDCT-2367 OpenStack Deployment in the Enterprise Wednesday BRKSPG-2515 SDN-enabled Carrier Ethernet Architectures Wednesday BRKSDN-1200 Cisco Applications on OpenDaylight - An Introduction

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 83 Cisco ACI and SDN Sessions @ CiscoLive Milan

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Breakout Sessions – 2/4 Wednesday BRKACI-2678 Building Application Centric Network Containers and Service Graphs with ACI and UCSD Wednesday BRKSPG-2516 SDN Protocols in Internet Wednesday BRKSDN-2118 Simulating networks using Cisco Modeling Labs Wednesday BRKGEN-2999 Introductory - Autonomic Networking Wednesday BRKSDN-1119 Device APIs — A Guide For the Perplexed Wednesday BRKACI-2345 ACI: What We Have Learnt from Early Deployments Wednesday BRKIOT-2442 Enabling the Internet of Everything: Cisco’s IoT Architecture Wednesday BRKOPT-2102 Software Innovations and Control Plane Evolution in the new SDN Transport Architectures Wednesday BRKSDN-3014 Packet Inspection and Manipulation for Fun and Profit Wednesday BRKSPM-2001 GiLAN and Service Chaining Wednesday BRKACI-2333 Application Centric Networking Troubleshooting 101 - Install & Implementation of ACI Wednesday BRKACI-1789 How to Perform Common Tasks in ACI

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 84 Cisco ACI and SDN Sessions @ CiscoLive Milan

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Breakout Sessions – 3/4 Thursday BRKNMS-3114 13 Smart Ways to Program Your Cisco IOS Network Thursday BRKCRS-3011 APIC-EM (Application Policy Infrastructure Controller - Enterprise Module) SDN in Enterprise Thursday BRKACI-3456 Mastering OpenStack and ACI Thursday BRKDCT-1349 Application Traffic Visibility and Analysis with Cisco Nexus Data Broker Thursday BRKSPG-2722 SDN deployment in ASR9000 Thursday BRKACI-2249 Future Direction of SDN and NFV Thursday BRKDCT-2255 Infrastructure Designs for Intercloud Data Centers Thursday BRKACI-2001 Integration and Interoperation of existing Nexus networks into an ACI architecture Thursday BRKACI-2006 Integration of Hypervisors and L4-7 Services into an ACI Fabric Thursday BRKSPG-2456 The True Realisation of SDN and NFV in an SP environment Thursday BRKNMS-1036 IT Operations Management in the SDN Era – with Prime Infrastructure and APIC Controllers Thursday BRKSPG-2520 Evolved Programmable Network for Seamless Service Transport

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 85 Cisco ACI and SDN Sessions @ CiscoLive Milan

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Breakout Sessions – 4/4 Thursday BRKSDN-2777 Network Programming and DevOps Software Development Lifecycle Friday BRKSPG-2016 Architectures for new services over Cable Friday BRKSPG-2517 Hosted Security as a Service Solution Architecture Design Friday BRKACI-3344 Application Centric Networking Troubleshooting 201 – Day 2 Operations Friday BRKARC-3467 Cisco Enterprise Silicon - Delivering Innovation for Advanced Routing and Switching Friday BRKNMS-2445 Improve Application Delivery with Cisco AVC in the Data Center and Cloud Friday BRKSDN-2116 Run your apps and tools natively on Cisco boxes

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 86

Acronym Decoder Ring [Aka Glossary]

• SDN -- Software Defined Networking

• BGP-LS – Border Gateway Protocol – Link State

• onePK – one Platform Kit

• NFV – Network Functions Virtualization

• SS7 – Signaling System No. 7

• ATM LANE – Asynchronous Transfer Mode LAN Emulation

• GMPLS – Generalized Multi-Protocol Label Switching

• VPLS – Virtual Private LAN Service

• VPN – Virtual Private Network

• GRE – Generic Routing Encapsulation

• LISP – Locator/ID Separation Protocol

• SNMP – Simple Network Management Protocol

• NETCONF – Network Configuration Protocol [IETF Standard]

• EEM – Embedded Event Manager

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Acronym Decoder Ring [Aka Glossary]

• CP – Control Plane

• DP – Data Plane

• CLI – Command-Line Interface

• API – Application Programmatic Interface

• GUI – Graphical User Interface

• OF – OpenFlow

• NAT – Network Address Translation

• TLV – Type-Length-Value

• PCEP – Path Computation Element (PCE) Communication Protocol

• I2RS – Interface To Routing System

• OTV – Overlay Transport Virtualization

• VXLAN – Virtual Extensible LAN

• REST – Representational State Transfer

• IDE – Integrated Development Environment

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Acronym Decoder Ring [Aka Glossary]

• CA – Controlled Availability

• GA – General Availability

• EFT – Early Field Trial

• NVGRE – Network Virtualization using Generic Routing Encapsulation

• STT – Stateless Transport Tunneling

• ODL – OpenDaylight

• OSGi – Open Service Gateway Initiative

• NBI – North-Bound Interface

• SBI – South-Bound Interface

• iWAN – Intelligent Wide Area Network

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Basic Definitions

What Is Software Defined Network (SDN)? What Is OpenFlow?

“…In the SDN architecture, the control and data “…open standard that enables researchers planes are decoupled, network intelligence and to run experimental protocols in campus networks. state are logically centralized, and the underlying Provides standard hook for researchers to run network infrastructure is abstracted from the experiments, without exposing internal working of applications…” vendor devices…”

Note: SDN is not mandatory for network programmability or automation Note: OpenFlow is not mandatory for SDN Source: www.opennetworking.org Source: www.opennetworking.org

What is OpenStack? What is Overlay Network?

Open source software for building public Overlay network is created on existing network and private Clouds; includes Compute (Nova), infrastructure (physical and/or virtual) using a network Networking (Quantum) and Storage (Swift) protocol. Examples of overlay network protocol are: services. MPLS, LISP, OTV and VXLAN Note: Applicable to SDN and non-SDN Source: www..org Note: Applicable to SDN and non-SDN

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public onePK Platform Support

Platform Available Now IOS 15.4(2)T ISR-G2 (39xx, 29xx, 19xx, 8xx) IOS-XE 3.12S ASR1000 ISR4400 CSR1000V

IOS-XR 5.1.2 ASR9K

NX-OS

SDK C (GA) Java (GA) Python (GA) vIOS (GA)

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public OpenFlow Platform Support

Platform Available Now IOS Catalyst 6K (CA)

IOS-XE Catalyst 3850 Catalyst 4K (CA)

IOS-XR ASR9K (CA)

NX-OS Nexus 3000, 3100 Nexus 5K Nexus 6K Nexys 7K (CA)

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Example Please… Java ‘HelloWorld’ from a Router via Syslog

/** * Copyright (c) 2010-2012, Cisco Systems, Inc. * * THIS SAMPLE CODE IS PROVIDED "AS IS" WITHOUT ANY EXPRESS OR IMPLIED WARRANTY BY CISCO SOLELY FOR THE PURPOSE of * PROVIDING PROGRAMMING EXAMPLES. CISCO SHALL NOT BE HELD LIABLE FOR ANY USE OF THE SAMPLE CODE IN ANY APPLICATION. * * Redistribution and use of the sample code, with or without modification, are permitted provided that the following * conditions are met: Redistributions of source code must retain the above disclaimer. * */ import java.net.InetAddress; import java.net.UnknownHostException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.cisco.onep.core.exception.OnepConnectionException; import com.cisco.onep.core.exception.OnepDuplicateElementException; import com.cisco.onep.core.exception.OnepIllegalArgumentException; import com.cisco.onep.core.exception.OnepInvalidSettingsException; ...

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 95 . . .

try { /** ** Connect to the network element. **/ connect(); logger.info("Connect to element = " + elementAddress);

networkElement.createSyslogMessage(NetworkElement.OnepSyslogSeverity.ONEP_SYSLOG_NOTICE, "Hello World");

logger.info("Sending 'Hello World' message via Syslog event message\n");

} catch (Exception e) { logger.error(e.getLocalizedMessage(), e); }

networkElement.disconnect("Exit"); logger.info("\n**************** End ****************\n"); } }

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 96 Result

NE100#sh logg Syslog logging: enabled (0 messages dropped, 12 messages rate-limited, 0 flushes, 0 overruns, xml disabled, Console logging: level debugging, 48 messages logged, xml disabled, filtering disabled Monitor logging: level debugging, 0 messages logged, xml disabled, filtering disabled Buffer logging: level debugging, 57 messages logged, xml disabled, filtering disabled Count and timestamp logging messages: disabled

Trap logging: level informational, 56 message lines logged Logging Source-Interface: VRF Name:

Log Buffer (4096 bytes): *Aug 23 12:43:58.821: %SYS-5-CONFIG_I: Configured from console by console *Aug 23 12:51:53.535: %ONEP-5-HELLOWORLD: Hello World NE100#

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 97 Infrastructure SDN Reference Architecture for NFV Apps MATE Bandwidth TE Tunnel DC-WAN Design/Live Services Manager Orch

Java/REST/Thrift APIs

Visualization & Bandwidth Analytics WAVE Orchestration

Collector & Programming Modeling

Collector API Deployer API

Collector/ DEPL ODL API Collector Server CDL/ODL NETCONF/ BGP-LS PCEP CLI

agents agents YANG Quantum WAVE Orchestration PlatformOrchestration QuantumWAVE Network (Network Elements) BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 98 What Is XNC?

• Cisco’s commercial SDN Controller offering • Note the plans on this controller are evolving • Cisco leadership has acknowledged we have too many controllers – stay tuned and expect to hear about a transformation of this controller with a Cisco distribution of OpenDaylight

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco eXtensible Network Controller (XNC)

Network Applications Cisco Sourced Customers 3rd Parties

Advanced GUI with Extended Features

Cisco XNC Web UI

Comprehensive OSGI Northbound APIs RESTful Production

Network Support Advanced Components Controller Applications Java Bundle H/A Authentication Monitor Manager Flow Manager Slice Manager Troubleshooting Topology Independent Forwarding (TIF)

Expansion of Basic Operation Infrastructure Services from L3 Interface Host Tracker ARP Handler OD Code Base Dijkstra SPF Physical and Logical Device Manager Forwarding Rules Manager Topology Manager Service Abstraction Layer (SAL) Advanced Analytics and OnePK OpenFlow Services via Southbound APIs Dynamic Protocol Cisco Intelligence Plugins

NETWORK DEVICES Cisco onePK or OpenFlow-enabled Devices or Other OpenFlow-enabled Devices

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 101 Network Functions Virtualization

Network infrastructure Services to run on Virtualized compute platforms

Key Enabler: using cloud technology to support network functions Hypervisor and cloud computing technology x86 compute hardware Network automation / orchestration Apps & Open Benefits: SDN Innovation Reduction in CAPEX and OPEX Faster service provisioning Service agility

SDN is complementary, but not mandatory – APIs, NFV Controllers

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 102 Network Function Virtualization (NFV)

Service provisioning dDOS SBC Firewall NAT from days to minutes VM VM VM VM

From Cabling to Service CGN DPI IPS Virus Scan VM VM VM VM Chaining DHCP DNS PCRF Portal Simple Logistics & VM VM VM VM Common Sparing WLC RaaS SDN Ctrl. BRAS VM VM VM VM

Dynamic & Elastic NMS Caching CDN WAAS Scale VM VM VM VM Seamless Integration with IP NGN

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Virtualizing Network Functions x86 vs. Custom NPU

Better fit for NPU • e.g. IPv6/v4, MPLS, VPNs, Optical • High throughput / BW Network • Stateless functions Forwarding • Mostly predictable traffic Compute • Many flows needing isolation, significant traffic (L0-3) management needed Bandwidth • Interface-specific functions (2-stage forwarding)

• e.g. DPI, FW, CGN, BNG, Mobility S/PGW, AAA, Better fit for x86 DNS, DDOS (Virtualization) Network • Low to Med Throughput Services • Stateful functions • Unpredictable traffic Compute (L4+) • # of flows (traffic management) – varies • No interface-specific functions Bandwidth

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 104 Better fit for x86 NFV – #1 Use-case Compute Virtual Route Reflector

Primary Secondary RR RR IPv4 Primary Secondary IPv6 Server Server IPv IPv VPNv4 4 IPv6 4 IPv6 VPNv4 VPNv4 VPLS IPv6 VPLS

Wide Area Network Wide Area Network

2 Server Chassis 8 RR chassis 1 RR per VM

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 105 Overview of Cisco SP Virtualization offerings

Routing Security Mobility Video Others

Cloud Virtual Route Virtual Virtual EPC Virtual EPC Services Reflector Firewall (QvPC Virtual (QvPC SSI) Cloud DVR Router (CSR) (XRv) (ASAv) SCALE) WLC FCS Q2 CY14 Shipping Shipping FCS Q2 CY14 FCS Q4 CY14

Web/Email Virtual PE Virtual BNG Security Router Virtual GiLAN (X-Star) Appliance vCDN Virtual SCE (Sunstone) (Project Tenmile) Pre-CC (WSA/ESA) Pre-CC FCS 2H CY14

Orchestration HERO Mozart Quantum WAVE Cloud Services Orchestration WAN Orchestration FCS Q2 CY14 FCS Q2 CY14

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public