Friday, 1 December 2017

The Cisco ASR 9000 – Timeless Versatility for Future Growth

Cisco’s Aggregation Service Router 9000 (ASR 9k) has evolved into the cloud-scale, multi-service platform offering unprecedented flexibility, scale, programmability and security for Service Providers today.

When the ASR 9k was first announced in November 2008, it was a 6-slot and a 10-slot chassis—each of them capable of handling 3.2Tbps and 6.4Tbps of traffic, respectively.

Over the past nine years, we transitioned from 10GE to 40GE and most recently to 100GE connectivity as speed and scale required to handle bandwidth growth continues to be challenged. Current shipping line cards support up to 12 100GE-ports, bringing the total capacity of the higher range chassis up to 48Tbps.

“With the same original chassis, we increased capacity by a factor of eight, helping our customers protect their investments.”

The product line has expanded significantly and offers hardware flexibility with fixed and modular chassis configurations ranging from the Cisco ASR 9001 (two rack units [2RU]) to the Cisco ASR 9922 (44RU), with each system designed to provide true carrier-class reliability using the Cisco IOS® XR operating system.

Cisco Tutorials and Materials, Cisco Guides, Cisco Certifications

The ASR 9K has always been a feature-rich platform, and the trend continues. I want to specifically call out the support of two very important technologies that are front and center to any network-transformation initiatives—segment routing and ethernet VPN (EVPN), each ruthlessly simplifying Service Providers’ networks by providing a unified forwarding plane and a unified control plane.

In November 2016, we added Cloud-scale networking software innovations to the ASR 9K, bringing significant operational improvements. With model-driven programmability, we helped Service Providers advance their automation journey. We offered the most comprehensive set of data models, native YANG models, as well as industry-driven OpenConfig models and standards-driven IETF models, in addition to model-driven APIs and tools to accelerate the adoption of software automation.

In September 2017, we added a new API – the Service Level API that enables dynamic, programmatic control of a router. It is a scalable and convenient integration point to build/extend a device’s control plane functionality enabling the delivery of advanced use cases.

With model-driven telemetry, critical state and statistics can be exported from the network many times faster than traditional monitoring technologies in a more automation-friendly format and with less load on the network. It provides critical insight into what’s happening in the network in real-time in order to mitigate issues as they happen… and in the very near future, proactively.

Combining programmability and telemetry definitely moves the network into a self-driving mode.

I’m really amazed by how far we’ve come with the ASR 9K. This platform offers unprecedented flexibility, scale, and programmability to support features that were not even considered when the platform was first designed.  Additionally, highly granular classification capabilities and hardware resource allocation truly make it the multi-service platform Here are some successful use cases in both the Service Provider and Enterprise markets.

Cisco Tutorials and Materials, Cisco Guides, Cisco Certifications

Business VPN


Service delivery infrastructure complexity is slowing down the ability to deploy and manage new business services. Different technologies have been implemented to offer L2 VPNs and L3 VPNs, respectively, but they all come with their own limitations and complexity. Moreover, largely manual device configurations make it much harder to scale the network to support increases in traffic, devices, and apps that are coming with digital business initiatives.

Ethernet VPN and network programmability promise new and better ways of providing business services. With a unique control plane control, EVPN, any VPN service can be offered.  And when combined with segment routing, VPN services can be differentiated further with advanced service level agreements (SLAs). But, it does not stop here – this new service delivery infrastructure can also be fully automated.

Mobile Backhaul


Mobile backhaul capacity and efficiency must increase so that mobile broadband, data access, and video services can effectively support consumer usage trends and keep mobile infrastructure costs in check. The complexity of the pre-aggregation and aggregation networks, and their lack of automation and programmability, are impediments to efficiency, scale, and cost-effectiveness.

Using segment routing as the transport protocol for mobile backhaul further simplifies and optimizes traffic engineering. The use of streaming telemetry combined with data analytics solutions provides even more information about traffic, usage, devices, and subscribers. This information is useful in optimizing traffic in real-time, troubleshooting and providing granular information about subscribers that can be useful for the development of new services and pricing.

With the recently-added support of Segment Routing IPv6 (SRv6), the ASR 9k is ready for 5G network infrastructure evolutions.

Data Center Interconnect


Scale is an issue with data center interconnect (DCI) services. The need for signaling for separate point-to-point pseudo-wire virtual circuit (VC) labels in each remote provider edge device limits scale. Slow failover is also a problem with most DCI solutions. If a virtual machine (VM) goes down in one data center, it often doesn’t failover to another VM instantaneously, so service is temporarily lost.

EVPN plays a major role here. It enables the ASR 9K running multi-protocol border gateway protocol (BGP) to advertise and learn media access control (MAC) addresses for access topology and VPN endpoint discovery. This eliminates the need for signaling separate point-to-point pseudo-wire VC labels for each remote PE, enabling tremendous scale. EVPN also brings seamless host mobility for near-instantaneous fail-over. If a VM in one data center goes down, another VM in a different data center is automatically created, so service isn’t lost.

With the on-going digital transformation, security is no longer an option. Security needs to be enforced at multiple levels, and that starts with the network.

MACSec chip in shipping line cards allows encryption and authentication in hardware, saving CPU resources and providing higher throughput. This is a critical feature for DCI as links from different data centers going to public areas need to be encrypted faster to handle massive scale without overwhelming CPUs.

Distributed denial of service (DDoS) attacks continue to increase in size and frequency, and these attacks are no longer simple, single-vector assaults. They are now typically sophisticated, multiple-vector assaults, or they are part of much larger threat campaigns. The Cisco ASR 9k DDoS is completely virtualized, and mitigation is embedded into ASR 9k series routers. As a result, networks are empowered to detect and block DDoS attack traffic automatically without interfering with normal traffic flow.

 “By integrating Arbor’s proven DDoS mitigation technology into the ASR 9000 router, Cisco is moving aggressively to enable their customers to address the growing size and scale of DDoS attacks. This is a best-of-breed combination.”

I’m proud of the work we have accomplished to evolve and transform our ASR 9k into the cloud-scale, multi-service platform.  We plan to continue this evolution and lead the industry with unprecedented flexibility, scale, programmability and security for Service Providers today and in the future.

Related Posts

0 comments:

Post a Comment