sign in sign up

<<

Give Us Your Feedback and Receive a Cisco Live 2015 T-Shirt! Complete Your Overall Event Survey and 5 Session Evaluations

Give Us Your Feedback and Receive a Cisco Live 2015 T-Shirt! Complete Your Overall Event Survey and 5 Session Evaluations

Advanced Topics and Directions in Routing Protocols

BRKRST-3007

Alvaro Retana ([email protected]) Distinguished Engineer, Cisco Services

#clmel BRKRST-3007 BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public

Agenda

• IETF Routing Review – IETF Background – The Routing Area and Routing-Related Work • Secure Inter-Domain Routing • Segment Routing • The Internet Of Things (IoT)

© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKRST-3007 IETF Routing Work BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public No one is in charge, anyone can contribute and everyone can benefit.

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public The mission of the IETF is to produce high quality, relevant technical and engineering documents that influence the way people design, use, and manage the Internet in such a way as to make the Internet work better. These documents include protocol standards, best current practices, and informational documents of various kinds. “ RFC 3935 A Mission Statement for the IETF IETF Meetings

Recent Meetings Upcoming Meetings • 89th IETF • 92nd IETF – March 2-7, 2014 – March 22-27, 2015 – London, England – Dallas, TX, USA • 90th IETF • 93rd IETF – July 20-25, 2014 – July 19-24, 2015 – Toronto, ON, Canada – Prague, Czech Republic • 91st IETF • 94th IETF – November 9-14, 2014 – November 1-6, 2015 – Honolulu, HI, USA – Yokohama, Japan

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Work Distribution

http://www.arkko.com/tools/stats/areadistr.html

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Routing Area (rtg) ...responsible for ensuring continuous operation of the Internet routing system by maintaining the scalability and stability characteristics of the existing routing protocols, as well as developing new protocols, extensions, and bug fixes in a timely manner.

• BGP Enabled Services (bess) • Open Shortest Path First IGP (ospf)

• Bidirectional Forwarding Detection (bfd) • Pseudowire And LDP-enabled Services (pals)

• Bit Indexed Explicit Replication (bier) • Path Computation Element (pce)

• Common Control and Measurement Plane (ccamp) • Protocol Independent Multicast (pim)

• Forwarding and Control Element Separation (forces) • Routing Over Low power and Lossy networks (roll)

• Interface to the Routing System (i2rs) • Routing Area Working Group (rtgwg)

• Inter-Domain Routing (idr) • Service Function Chaining (sfc)

• IS-IS for IP Internets (isis) • Secure Inter-Domain Routing (sidr)

• Mobile Ad-hoc Networks (manet) • Source Packet Routing in Networking (spring)

• Multiprotocol Label Switching (mpls) • Traffic Engineering Architecture and Signalling (teas)

• Network Virtualisation Overlays (nvo3)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Routing Area (rtg) IP Routing

• BGP Enabled Services (bess) • Open Shortest Path First IGP (ospf)

• Bidirectional Forwarding Detection (bfd) • Pseudowire And LDP-enabled Services (pals)

• Bit Indexed Explicit Replication (bier) • Path Computation Element (pce)

• Common Control and Measurement Plane (ccamp) • Protocol Independent Multicast (pim)

• Forwarding and Control Element Separation (forces) • Routing Over Low power and Lossy networks (roll)

• Interface to the Routing System (i2rs) • Routing Area Working Group (rtgwg)

• Inter-Domain Routing (idr) • Service Function Chaining (sfc)

• IS-IS for IP Internets (isis) • Secure Inter-Domain Routing (sidr)

• Mobile Ad-hoc Networks (manet) • Source Packet Routing in Networking (spring)

• Multiprotocol Label Switching (mpls) • Traffic Engineering Architecture and Signalling (teas)

• Network Virtualisation Overlays (nvo3)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Routing Area (rtg) MPLS

• BGP Enabled Services (bess) • Open Shortest Path First IGP (ospf)

• Bidirectional Forwarding Detection (bfd) • Pseudowire And LDP-enabled Services (pals)

• Bit Indexed Explicit Replication (bier) • Path Computation Element (pce)

• Common Control and Measurement Plane (ccamp) • Protocol Independent Multicast (pim)

• Forwarding and Control Element Separation (forces) • Routing Over Low power and Lossy networks (roll)

• Interface to the Routing System (i2rs) • Routing Area Working Group (rtgwg)

• Inter-Domain Routing (idr) • Service Function Chaining (sfc)

• IS-IS for IP Internets (isis) • Secure Inter-Domain Routing (sidr)

• Mobile Ad-hoc Networks (manet) • Source Packet Routing in Networking (spring)

• Multiprotocol Label Switching (mpls) • Traffic Engineering Architecture and Signalling (teas)

• Network Virtualisation Overlays (nvo3)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Routing Area (rtg) SDN / Overlays

• BGP Enabled Services (bess) • Open Shortest Path First IGP (ospf)

• Bidirectional Forwarding Detection (bfd) • Pseudowire And LDP-enabled Services (pals)

• Bit Indexed Explicit Replication (bier) • Path Computation Element (pce)

• Common Control and Measurement Plane (ccamp) • Protocol Independent Multicast (pim)

• Forwarding and Control Element Separation (forces) • Routing Over Low power and Lossy networks (roll)

• Interface to the Routing System (i2rs) • Routing Area Working Group (rtgwg)

• Inter-Domain Routing (idr) • Service Function Chaining (sfc)

• IS-IS for IP Internets (isis) • Secure Inter-Domain Routing (sidr)

• Mobile Ad-hoc Networks (manet) • Source Packet Routing in Networking (spring)

• Multiprotocol Label Switching (mpls) • Traffic Engineering Architecture and Signalling (teas)

• Network Virtualisation Overlays (nvo3)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Routing Area (rtg) Mobility / Sensors

• BGP Enabled Services (bess) • Open Shortest Path First IGP (ospf)

• Bidirectional Forwarding Detection (bfd) • Pseudowire And LDP-enabled Services (pals)

• Bit Indexed Explicit Replication (bier) • Path Computation Element (pce)

• Common Control and Measurement Plane (ccamp) • Protocol Independent Multicast (pim)

• Forwarding and Control Element Separation (forces) • Routing Over Low power and Lossy networks (roll)

• Interface to the Routing System (i2rs) • Routing Area Working Group (rtgwg)

• Inter-Domain Routing (idr) • Service Function Chaining (sfc)

• IS-IS for IP Internets (isis) • Secure Inter-Domain Routing (sidr)

• Mobile Ad-hoc Networks (manet) • Source Packet Routing in Networking (spring)

• Multiprotocol Label Switching (mpls) • Traffic Engineering Architecture and Signalling (teas)

• Network Virtualisation Overlays (nvo3) BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Routing Area (rtg) General

• BGP Enabled Services (bess) • Open Shortest Path First IGP (ospf)

• Bidirectional Forwarding Detection (bfd) • Pseudowire And LDP-enabled Services (pals)

• Bit Indexed Explicit Replication (bier) • Path Computation Element (pce)

• Common Control and Measurement Plane (ccamp) • Protocol Independent Multicast (pim)

• Forwarding and Control Element Separation (forces) • Routing Over Low power and Lossy networks (roll)

• Interface to the Routing System (i2rs) • Routing Area Working Group (rtgwg)

• Inter-Domain Routing (idr) • Service Function Chaining (sfc)

• IS-IS for IP Internets (isis) • Secure Inter-Domain Routing (sidr)

• Mobile Ad-hoc Networks (manet) • Source Packet Routing in Networking (spring)

• Multiprotocol Label Switching (mpls) • Traffic Engineering Architecture and Signalling (teas)

• Network Virtualisation Overlays (nvo3)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public RTG Ongoing Work 60

50

40

30 Related Official

20 Number ofDrafts

10

0

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 18 Routing Area (rtg) - Focus ...responsible for ensuring continuous operation of the Internet routing system by maintaining the scalability and stability characteristics of the existing routing protocols, as well as developing new protocols, extensions, and bug fixes in a timely manner.

• BGP Enabled Services (bess) • Open Shortest Path First IGP (ospf)

• Bidirectional Forwarding Detection (bfd) • Pseudowire And LDP-enabled Services (pals)

• Bit Indexed Explicit Replication (bier) • Path Computation Element (pce)

• Common Control and Measurement Plane (ccamp) • Protocol Independent Multicast (pim)

• Forwarding and Control Element Separation (forces) • Routing Over Low power and Lossy networks (roll)

• Interface to the Routing System (i2rs) • Routing Area Working Group (rtgwg)

• Inter-Domain Routing (idr) • Service Function Chaining (sfc)

• IS-IS for IP Internets (isis) • Secure Inter-Domain Routing (sidr)

• Mobile Ad-hoc Networks (manet) • Source Packet Routing in Networking (spring)

• Multiprotocol Label Switching (mpls) • Traffic Engineering Architecture and Signalling (teas)

• Network Virtualisation Overlays (nvo3)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Inter-Domain Routing idr (BGP)

• RFCs Published in the Last Year – Making Route Flap Damping Usable (rfc7196) – The Accumulated IGP Metric Attribute for BGP (rfc7311) – Enhanced Route Refresh Capability for BGP-4 (rfc7313) • Active Drafts / Work Items – Advertisement of Multiple Paths in BGP (draft-ietf-idr-add-paths) – Best Practices for Advertisement of Multiple Paths in IBGP (draft-ietf-idr-add-paths-guidelines) – Autonomous System (AS) Migration Features and Their Effects on the BGP AS_PATH Attribute (draft-ietf-idr-as- migration) – Extended Message support for BGP (draft-ietf-idr-bgp-extended-messages) – BGP Optimal Route Reflection (BGP-ORR) (draft-ietf-idr-bgp-optimal-route-reflection) – BGP Custom Decision Process (draft-ietf-idr-custom-decision) – Internet Exchange Route Server (draft-ietf-idr-ix-bgp-route-server) – Accelerated Routing Convergence for BGP Graceful Restart (draft-ietf-idr-enhanced-gr) – Revised Error Handling for BGP UPDATE Messages (draft-ietf-idr-error-handling) – North-Bound Distribution of Link-State and TE Information using BGP (draft-ietf-idr-ls-distribution)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 20 Global Routing Operations (OPS) grow • ...consider the operational problems associated with the IPv4 and IPv6 global routing systems... • Active Drafts / Work Items – Graceful BGP session shutdown (draft-ietf-grow-bgp-gshut) – BGP Monitoring Protocol (draft-ietf-grow-bmp) – Impact of BGP filtering on Inter-Domain Routing Policies (draft-ietf-grow-filtering-threats) – IRR & Routing Policy Configuration Considerations (draft-ietf-grow-irr-routing-policy- considerations) – Internet Exchange Route Server Operations (draft-ietf-grow-ix-bgp-route-server- operations) – Operational Requirements for Enhanced Error Handling Behaviour in BGP-4 (draft-ietf- grow-ops-reqs-for-bgp-error-handling)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 21 Secure Inter-Domain Routing sidr • The two vulnerabilities that will be addressed are: – Is an Autonomous System (AS) authorised to originate an IP prefix? – Is the AS-Path represented in the route the same as the path through which the NLRI traveled? • RFCs Published in the Last Year – Origin Validation Operation Based on the Resource Public Key Infrastructure (RPKI) (rfc7115) – Resource Public Key Infrastructure (RPKI) Router Implementation Report (rfc7128) – Threat Model for BGP Path Security (rfc7132) – Policy Qualifiers in Resource Public Key Infrastructure (RPKI) Certificates (rfc7318) – Security Requirements for BGP Path Validation (rfc7353)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 25 Secure Inter-Domain Routing (2) sidr

• Active Drafts / Work Items – BGPSec Considerations for AS Migration (draft-ietf-sidr-as-migration) – BGP Algorithms, Key Formats, & Signature Formats (draft-ietf-sidr-bgpsec-algs) – An Overview of BGPSEC (draft-ietf-sidr-bgpsec-overview) – A Profile for BGPSEC Router Certificates, Certificate Revocation Lists, and Certification Requests (draft-ietf-sidr- bgpsec-pki-profiles) – BGPSEC Protocol Specification (draft-ietf-sidr-bgpsec-protocol) – Template for a Certification Practice Statement (CPS) for the Resource PKI (RPKI) (draft-ietf-sidr-cps) – RPKI Repository Delta Protocol (draft-ietf-sidr-delta-protocol) – RPKI Local Trust Anchor Use Cases (draft-ietf-sidr-lta-use-cases) – Resource Certificate PKI (RPKI) Trust Anchor Locator (draft-ietf-sidr-rfc6490-bis) – The Resource Public Key Infrastructure (RPKI) to Router Protocol (draft-ietf-sidr-rpki-rtr-rfc6810-bis) – RPKI Validation Reconsidered (draft-ietf-sidr-rpki-validation-reconsidered) – Securing RPSL Objects with RPKI Signatures (draft-ietf-sidr-rpsl-sig) – Router Keying for BGPsec (draft-ietf-sidr-rtr-keying)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 26 Prefix Hijack

AS x

10.0.0.0/22 10.0.0.0/24

Origin AS Hijacker AS

Six worst Internet routing attacks : http://www.networkworld.com/news/2009/011509-bgp-attacks.html

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Solution Components

. Offline repository of verifiable secure objects based on public key cryptography RPKI Infrastructure . Follows resources (IPv4/v6 + ASN) allocation hierarchy to provide “right of use”

. You only validate the Origin AS of a BGP UPDATE . Solves most frequent incidents (*) BGP Secure Origin AS . No changes to BGP nor router’s hardware impact . Standardisation almost finished and running code

. BGPSEC proposal under development at IETF BGP PATH Validation . Requires forward signing ASPATH attribute . Changes in BGP and possible routers (*) Ref: How Secure are Secure BGP Protocols, Sharon Goldberg, Microsoft Research & Boston University, NANOG 49 BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 28 BGP Origin Validation

Certs

Valid Origin AS x

10.0.0.0/22 Origin AS Invalid Origin 10.0.0.0/24

Hijacker AS with unauthorised origin

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public What is the Way Forward?

• Islands of Trust – Incremental Deployment – Interconnections between Islands is a natural extension (archipelago).

• What is an Island of Trust? – Group of Autonomous Systems with common business/technical/service goals. – Technology deployment benefits all the members of the island.

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public RPKI Deployment State

http://rpki.surfnet.nl/perrir.html

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Deployment at the NAP.EC

• Why Ecuador? – Manageable community size (50+ Resource Holders) – ~100% announcements of the address space in Ecuador – Common business benefit: protect local traffic! • Lessons Learned and Best Practices: – Community training on the technology and its benefits and effects is vital. – Multi-day “signing party” is needed. – Technical and business owners must participate. – Impromptu collaboration between competitors to resolve conflicts. • Results – Increased the value of the network services offered by the IXP and the country’s operators. – Increased the confidence of local communications in critical services.

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Home Networking (INT) homenet • ...focuses on the evolving networking technology within and among relatively small "residential home" networks. • General Routing Requirements: – knowledge of the homenet topology ... and that it can pass around more than just routing information – inclusion of the PHY layer characteristics in path computation – Multi-homing: Multiple upstreams, load-balancing to multiple providers, and failover from a primary to a backup link when available .. support multiple ISP uplinks and delegated prefixes in concurrent use. – self-configuring ... determining the boundaries of the homenet. • Reading List – IPv6 Home Networking Architecture Principles (rfc7368) – Home Networking Control Protocol (draft-ietf-homenet-hncp)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 38 Open Shortest Path First ospf • RFCs Published in the Last Year – Use of the OSPF-MANET Interface in Single-Hop Broadcast Networks (rfc7137) – Supporting Authentication Trailer for OSPFv3 (rfc7166) • Active Drafts / Work Items – OSPF Extensions to Support Maximally Redundant Trees (draft-ietf-ospf-mrt) – Advertising per-node administrative tags in OSPF (draft-ietf-ospf-node-admin-tag) – OSPFv3 Auto-Configuration (draft-ietf-ospf-ospfv3-autoconfig) – OSPFv3 LSA Extendibility (draft-ietf-ospf-ospfv3-lsa-extend) – OSPFv3 Extensions for Segment Routing (draft-ietf-ospf-ospfv3-segment-routing-extensions) – Extensions to OSPF for Advertising Optional Router Capabilities (draft-ietf-ospf-rfc4970bis) – OSPF Traffic Engineering (TE) Metric Extensions (draft-ietf-ospf-te-metric-extensions) – OSPFv3 over IPv4 for IPv6 Transition (draft-ietf-ospf-transition-to-ospfv3) – OSPF Topology-Transparent Zone (draft-ietf-ospf-ttz) – OSPF Two-part Metric (draft-ietf-ospf-two-part-metric)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 39 OSPFv3 Auto-Configuration

• Configuration Defaults 1. Area 0 Only

2. OSPFv3 SHOULD be auto-configured on all IPv6-capable interfaces.

3. OSPFv3 interfaces will be auto-configured to an interface type corresponding to their layer-2 capability.

4. OSPFv3 interfaces MAY use an arbitrary HelloInterval and RouterDeadInterval

5. All OSPFv3 interfaces SHOULD be auto-configured to use an Interface Instance ID of 0 that corresponds to the base IPv6 unicast address family instance ID.

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 40 OSPFv3 LSA Extendibility draft-ietf-ospf-ospfv3-lsa-extend • Extends the LSA format by allowing the optional inclusion of TLVs. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LS Age |1|0|1| 0x21 | +-+-+-+--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Link State ID | +-+-+-+--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Advertising Router | +-+-+-+--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LS Sequence Number | +-+-+-+--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LS Checksum | Length | +-+-+-+--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 0 |Nt|x|V|E|B| Options | +-+-+-+--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . TLVs . . . +-+-+-+--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Extended Router-LSA BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 41 IS-IS for IP Internets isis • RFCs Published in the Last Year – Reclassification of RFC 1142 to Historic (rfc7142) – Transparent Interconnection of Lots of Links (TRILL) Use of IS-IS (rfc7176) – IS-IS Flooding Scope Link State PDUs (LSPs) (rfc7356) – Updates to IS-IS TLV Codepoints Registry (rfc7370) • Active Drafts / Work Items – IS-IS Extended Sequence number TLV (draft-ietf-isis-extended-sequence-no-tlv) – Intermediate System to Intermediate System (IS-IS) Extensions for Maximally Redundant Trees (MRT) (draft-ietf-isis-mrt) – Advertising Per-node Admin Tags in IS-IS (draft-ietf-isis-node-admin-tag) – IS-IS Route Preference for Extended IP and IPv6 Reachability (draft-ietf-isis-route-preference) – Advertising S-BFD Discriminators in IS-IS (draft-ietf-isis-sbfd-discriminator) – IS-IS Extensions for Segment Routing (draft-ietf-isis-segment-routing-extensions) – IS-IS Traffic Engineering (TE) Metric Extensions (draft-ietf-isis-te-metric-extensions) – YANG Data Model for ISIS protocol (draft-ietf-isis-yang-isis-cfg) BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 42 Routing Area WG rtgwg

• Updated Charter: – Venue to discuss, evaluate, support and develop proposals for new work in the Routing Area. – Enhancements to hop-by-hop distributed routing related to fast-reroute and loop-free convergence. – Routing-related YANG models. • RFCs Published in the Last Year – Requirements for Advanced Multipath in MPLS Networks (rfc7226) • Active Drafts / Work Items – Use of BGP for routing in large-scale data centres (draft-ietf-rtgwg-bgp-routing-large-dc) – IP MIB for IP Fast-Reroute (draft-ietf-rtgwg-ipfrr-ip-mib) – Operational management of Loop Free Alternates (draft-ietf-rtgwg-lfa-manageability) – Multicast only Fast Re-Route (draft-ietf-rtgwg-mofrr) – Algorithms for computing Maximally Redundant Trees for IP/LDP Fast- Reroute (draft-ietf-rtgwg-mrt-frr-algorithm) – An Architecture for IP/LDP Fast-Reroute Using Maximally Redundant Trees (draft-ietf-rtgwg-mrt-frr-architecture) – Remote LFA FRR (draft-ietf-rtgwg-remote-lfa) – Remote-LFA Node Protection and Manageability (draft-ietf-rtgwg-rlfa-node-protection)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 43 Remote LFA FRR draft-ietf-rtgwg-remote-lfa • Some topologies, notably ring A based topologies are not well protected by LFAs alone. • Remote LFAs benefits: C B – simplicity, – incremental deployment – good protection coverage.

D E

F

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 44 Source Packet Routing in Networking spring • ...procedures that will allow a node to steer a packet along an explicit route using information attached to the packet and without the need for per-path state information to be held at transit nodes. • Active Drafts / Work Items – IPv6 SPRING Use Cases (draft-ietf-spring-ipv6-use-cases) – SPRING Problem Statement and Requirements (draft-ietf-spring-problem-statement) – Use-cases for Resiliency in SPRING (draft-ietf-spring-resiliency-use-cases) – Segment Routing Architecture (draft-ietf-spring-segment-routing) • Reading Material – Segment Routing Centralised Egress Peer Engineering (draft-filsfils-spring-segment-routing-central-epe) – Segment Routing interoperability with LDP (draft-filsfils-spring-segment-routing-ldp-interop) – Segment Routing with MPLS data plane (draft-filsfils-spring-segment-routing-mpls) – Topology Independent Fast Reroute using Segment Routing (draft-francois-spring-segment-routing-ti-lfa) – IPv6 Segment Routing Header (SRH) (draft-previdi-6man-segment-routing-header)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 45 Segment Routing

• Source routing based on the notion of a segment • A 32-bit segment can represent any instruction – Service – Context – IGP-based forwarding construct – Locator • Ordered list of segments – An ordered chain of topological and service instructions • Per-flow state only at ingress SR edge node – Ingress edge node pushes the segment list on the packet

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Segment Routing

• Forwarding state (segment) is established by IGP – LDP and RSVP-TE are not required – Agnostic to forwarding dataplane: IPv6 or MPLS • MPLS Dataplane is leveraged without any modification – push, swap and pop: all that we need – segment = label • IPv6 Dataplane leverages simple extension header • Source Routing – source encodes path as a label or stack of segments – two segments: prefix (node) or adjacency

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Adjacency Segment

A packet injected at A B C D node C with label Pop Z 65 9003 9003 is forced M N O P through datalink CO

• C allocates a local label • C advertises the adjacency label in ISIS or OSPF – simple sub-TLV extension • C is the only node to install the adjacency segment in MPLS dataplane

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public A Path with Adjacency Segments

9105 9107 9107 9101 9103 9103 9105 9105 9105 9107 B C D 9103 9101 9105 9105 A 9107 Z

N O P 9105 9103 9105 9103 9105 • Source routing along any explicit path – stack of adjacency labels • SR provides for entire path control

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Prefix (Node) Segment

FEC Z swap 65 swap 65 push 65 to 65 to 65 pop 65 A B C D A packet injected Z 65 anywhere with top label 65 will reach Z via shortest-path

• Z advertises its node segment – simple ISIS sub-TLV extension • All remote nodes install the node segment to Z in the MPLS dataplane

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Combining Segments

72 72 9003 9003 9003 65 65 65 Packet to Z Packet to Z Packet to Z

72 72 A B C D

Pop Z 65 9003 M N O P

65 Packet to Z 65 65 Packet to Z • Source Routing Packet to Z • Any explicit path can be expressed: ABCOPZ

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public IGP Automatically Installs Segments

Nodal segment to C Nodal segment to C A B C D

Adj Segment Z

M N O P

Nodal segment to Z

• Simple extension • Excellent Scale: a node installs N+A FIB entries – N node segments and A adjacency segments

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Application Controls – Network Delivers

65 2G from A to Z please FULL

65 Link CD is full, I cannot use the shortest-path 65 straight to Z • The network is simple, highly programmable and responsive to rapid changes – The controller abstracts the network topology and traffic matrix – Perfect support for centralised optimisation efficiency, if required

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Application Controls – Network Delivers

Path AZ onto 66 {66, 68, 65} FULL 68 65

Path ABCOPZ is ok. I account the BW. Then I steer the traffic on this path

• The network is simple, highly programmable and responsive to rapid changes

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Segment Routing

• Simple to deploy and operate – Leverage MPLS services & hardware – straightforward ISIS/OSPF extension • Provide for optimum scalability, resiliency and virtualisation • Perfect integration with application • EFT and IETF available – test and contribute

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Bit Indexed Explicit Replication bier Challenge • Complex Control Plane – PIM has many modes and corner cases requiring specialised expertise to deploy, troubleshoot, and maintain • State Impacted Convergence – More trees results in slower network convergence times – PIM adds tree state for every application flow • Receiver Driven Paths – Multicast often takes an unexpected, different path than unicast

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 65 Bit Indexed Explicit Replication (2) bier Solution • No Multicast Flow State – Multi-point unicast reachability • No Multicast Tree-building Control Plane • Fast Convergence – Unicast convergence times • No unwanted traffic in MVPN – True explicit replication – No trade-off between unwanted traffic or excessive state • No Data-Driven Events

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 66 Routing Over Low Power and Lossy Networks roll • Focused on routing issues for low power and lossy networks. • Reading List – RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks (rfc6550) – Routing Metrics Used for Path Calculation in Low-Power and Lossy Networks (rfc6551) – Objective Function Zero for the Routing Protocol for Low-Power and Lossy Networks (RPL) (rfc6552) – Terminology in Low power And Lossy Networks (draft-ietf-roll-terminology) – Multicast Protocol for Low power and Lossy Networks (MPL) (draft-ietf-roll-trickle-mcast)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 69 What is a Low Power Lossy Network (LLN)?

• LLNs comprise a large number of highly constrained devices (smart objects) interconnected by predominantly wireless links of unpredictable quality • LLNs cover a wide scope of applications – Industrial Monitoring, Building Automation, Connected Home, Healthcare, Environmental Monitoring, Urban Sensor Networks, Energy Management, Asset Tracking, Refrigeration

World’s smallest web server

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Characteristics of Internet vs Smart Object Networks

Current Internet Smart Object Networks

Nodes are routers Nodes are sensor/actuators and routers

IGP with typically few hundreds of 100 nodes An order of magnitude larger in nodes

Links and Nodes are stable Links are highly unstable Nodes fail more frequently

Node and link bandwidth constraints are generally Nodes & links are high constrained non-issues

Application-aware routing, in-Band processing is a Routing is not application aware MUST

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public RPL Terminology RPL Instance Consists of one or more DODAGs sharing SAME service type (Objective Function) Identified by RPL INSTANCE ID

Direction Oriented DAG (DODAG) Comprises DAG with a single root

Node DODAG Rank = n (OF configured) Rank > n DODAG

Siblings

Rank 5 5

UP (DAOMessages) Rankdecreases Towards DODAG DODAG Towards Sub-DODAG 4 4 5

Root 4 4

DODAG parent Towards Towards to child “5”s 3 leafs DODAG 3 Sensor Node increases Rank

3 DOWN (DIO Messages) (DIO DOWN 2 3 2 2 Rank < n Rank = n 1 1 DODAG Root Non-LLN Network DODAG Root Identified by DODAG ID (IPv6 Backbone) Rank is always “1” (Node IPv6 address) (Typically an LBR - LLN Border Router)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public RPL Supported Traffic Flows • Point to Multipoint • Point to Point • Point to Point • Multipoint to Point DAO messages Storing Mode, DAO Non-Storing Mode, DAO

‒ DIO messages Subset of devices Fully Stateful Source routed to root

5 5 5 5 5 5 5 5

4 4 5 5 5 5 4 4 5 4 4 5

3 3 3 3 3 3 3 3

2 2 2 2 2 2 2 2

UPwards DODAG Root 1 DODAG Root 1 DODAG Root 1 DODAG Root 1

IPv6 IPv6 IPv6 IPv6

routes

routes DOWNwards

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public DODAG Neighbours and Parent Selection Preferred Set of Set of Geographic Layout Parent Candidate Neighbours Parents

IPv6 IPv6 IPv6 IPv6 Core Core Core Core

Candidate neighbour Set Parent Set Preferred Parent • Upward route Subset of nodes reachable via Consists of nodes with a higher Preferred next-hop to discovery link-local multicast rank (lower #) the DODAG Root Comprises three logical sets of link-local nodes Elements in the set MAY belong Elements in the set MUST Multiple preferred to different DODAG versions belong to SAME DODAG parents possible if Neighbours are learnt from version ranks are equal DIO advertisements

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public RPL Summary

• RPL is a foundation of the Internet of Things – Open standard to meeting challenging requirements • Promising technology to enable IP on many billions of smart objects • Very compact code – Supports wide range of media and devices • Cisco Implementation – Incorporated into Cisco Grid Blocks Architecture – Available on Cisco CGR1000 series routers (indoor and poletop outdoor)

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Summary

• More than 20 IETF WGs produced significant routing protocol work this last year. – The requirements on routing protocols are coming from a diverse set of sources: from the Internet of Everything, traditional SP and Enterprise networks, to SDN and beyond. • Routing Protocols are mature, but entering a new era of increased, dynamic coverage. – Convergence, Availability, Scalability and Security are still front and centre, but with new requirements in new environments.

What should the future bring?

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Q & A Complete Your Online Session Evaluation Give us your feedback and receive a Cisco Live 2015 T-Shirt! Complete your Overall Event Survey and 5 Session Evaluations.

• Directly from your mobile device on the Cisco Live Mobile App • By visiting the Cisco Live Mobile Site http://showcase.genie-connect.com/clmelbourne2015 • Visit any Cisco Live Internet Station located throughout the venue Learn online with Cisco Live! Visit us online after the conference for full T-Shirts can be collected in the World of Solutions access to session videos and on Friday 20 March 12:00pm - 2:00pm presentations. www.CiscoLiveAPAC.com

BRKRST-3007 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public