SRv6 and Cloud-Native

A Platform for Network Service Innovation

Bruce McDougall, Principal Architect

Rob Murphy, Principal Architect

LTRSPG-2212
 • Introduction
• XRd
• SR and SRv6
• SRv6 L3VPN and SRv6 TE
• Project Jalapeño and BMP
Agenda • A Tour of Jalapeño
• Host-Based SRv6 and BYO SDN
• Wrap Up

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Introduction
Lab Objectives for Students

1. Get to know Cisco’s containerized XR platform: XRd

2. Overview of how SRv6 works and how it is differs from SR-MPLS

3. Ability to configure baseline SRv6 features

4. Configure SRv6 L3VPN and Traffic Steering for L3VPN

5. Explore the open-source Jalapeño platform

6. Explore host based, application-driven SRv6

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Lab Documentation
This is an open source designed lab which is hosted in Cisco’s
dCloud environment. Though the lab infrastructure in dCloud is only
available during this Cisco Live session you can replicate the lab in
your virtualization environment of choice.

The documentation, scripts, and configs are

hosted in a public Git repository:

https://github.com/jalapeno/SRv6_dCloud_Lab

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
dCloud – Remote Access
Two Options for VPN Access
1. [Preferred] AnyConnect Client on lab laptop.
Click VM on topology
2. dCloud browser and VM Console Access

Under My Hub -> Sessions, select View

Use Remote Access, select VM Console

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Lab Topology Overview

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Lab Schedule Overview
Agenda Item Description Time allotment

Introduction Short PPT 7

XRd Overview Short PPT 8
Lab 1 Build and verify the XRd network 30
SR/SRv6 Tutorial Short PPT 15
Lab 2 Configure baseline SRv6 25
SRv6 L3VPN/TE Tutorial Short PPT 10
BREAK TIME Get some coffee and caffeinate 20
Lab 3 Configure SRv6 L3VPN and TE for L3VPN 30
Jalapeño Overview Short PPT 15
Lab 4 Install Jalapeño and Configure BMP 20
Lab 5 Explore Kafka CLI and ArangoDB 30
Lab 6 Host-based SR/SRv6 25

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Cisco XRd
Virtualized Routing Platform
Cisco Cloud Native vRouter a.k.a XRd
Containerized IOS-XR Router Overview
• 2 Versions: Control Plane / Data Plane
• Light footprint on x86 compute
• Docker and Kubernetes compliant
• DPDK and VPP based forwarding

Use Cases
• Suitable for Cloud native environments
• Virtual PE
• Route Reflector
• Routing function at low-bandwidth cell site

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
XRd Logical Diagram

• dCloud hosted Ubuntu VM

• Docker-compose creates L2 bridges
• L2 bridges link router interfaces
• Control and data plane simulation
• Some interfaces are bridged to external
VM networks (AMS/Rome/Jalapeño)

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Lab Exercise 1:
Deploy and Verify XRd Topology
“Oh, A lab you say?

What could go
wrong?​”

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Lab Guide on Github! https://github.com/jalapeno/SRv6_dCloud_Lab

On all 4 dCloud VMs:

Start with README.md

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Lab Exercise #1 Time: 30m

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
SR and SRv6
 Rich SRv6 uSID Ecosystem
Open-Source Networking Stacks

Network Equipment Manufacturers

FRRouting

Merchant Silicon Smart NIC

Open-Source Applications
Partners

BGP
Pyroute2 SERA

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
RFC 8754: SRv6 Segment Routing Header (SRH)

IPv6 header Locator:

Source Address Get packet to the node
bearing this locator
Active segment: Locator
Destination
1 Address
Function 1
Destination Address Function:
of the outer header Segment Routing header The action the node will
take once packet arrives
Segments Left: Segments Left
bit field that is a
Locator 3 Function 3
pointer to the next
Destination Address Locator 2 Function 2

Locator 1 Function 1

IPv4 or v6 payload:
TCP, UDP, QUIC, etc.

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 1
SRv6 Network Programming (RFC 8986)

Network DA = SID1 SRH = SID1,SID2, SID3

Program

1st instruction 2nd instruction 3rd instruction

• A network program is a list of instructions (128-bit SRv6 SID)

• An instruction can be bound to any behavior

• TE/FRR: END, END.X
• VPN: END.DX, END.DT

https://datatracker.ietf.org/doc/rfc8986/
LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 20
SRv6 functions: Steering and Services
(Refer to : draft-ietf-spring-srv6-network-programming)
Reference

Codename Behavior
End uN Endpoint [Node SID]
End.X uA Endpoint with Layer-3 cross-connect [Adj SID]
End.B6.Insert uB6.Insert Endpoint bound to an SRv6 policy [BSID]
End.B6.Encaps uB6.Encaps Endpoint bound to an SRv6 encapsulation policy [BSID]

End.DX6 uDX6 Endpoint with decapsulation and IPv6 cross-connect [L3VPN Per-CE]
End.DX4 uDX4 Endpoint with decapsulation and IPv4 cross-connect [L3VPN Per-CE]
End.DT6 uDT6 Endpoint with decapsulation and specific IPv6 table lookup [L3VPN Per-VRF]
End.DT4 uDT4 Endpoint with decapsulation and specific IPv4 table lookup [L3VPN Per-VRF]
End.DX2 uDX2 Endpoint with decapsulation and L2 cross-connect [E-LINE]
End.DT2U/M uDT2U/M Endpoint with decapsulation and L2 unicast lookup / flooding [E-LAN]
End.BM uBM Endpoint bound to an SR-MPLS policy [Interworking]
H.Insert / H.Encaps Headend with Insertion / Encapsulation of / into an SRv6 policy [TiLFA]
H. Encaps.L2 H.Encaps Applied to Received L2 Frames [L2 Port Mode]

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
SRv6 Data Path Flow
2 3 4
1 7
Source Host 5 6 Dest. Host
AMS Rome

outer IPv6 outer IPv6

customer customer customer customer

packet IPv4 packet packet packet IPv4

• Ingress PE encapsulates packet with outer IPv6 + SRH (as needed)

• Packet is transported across the SRv6 network, thus executing the network program
• Egress PE removes the outer IPv6 header as the packet leaves the SR domain

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
 SRv6 Micro-SID
40B IPv6 header

8B TLV 16B IPv6 Src Addr 16B IPv6 Dst Addr Inner IP and Payload

FC00:0000:2222:3333:4444:7777:E006:0000

uSID Block Steering uSID’s Function Filler

Features and functionality expressed in 16-bit blocks

(up to 6 Micro-SIDs per 128-bit Dest Addr)

IPv6 destination address may be broken up into uSID blocks for steering or other functionality

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
 SRv6 Micro-SID
Destination Address “Shift-and-Forward”

Source Host AMS 2 3 4 Dest. Host Rome

1 7
5 6

FC00:0000 :2222 :3333 :4444 :7777 :E006 :0000

Dest Addr in outer IPv6

1. PE node 1 receives packet which matches policy:
Node: 2 -> 3 -> 4 -> 7
outer IPv6 2. Node 1 applies outer IPv6 header with destination
customer customer address containing uSID bits
packet packet
3. Node 1 forwards traffic to NH on path to Node 2

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
SRv6 Micro-SID
LPM Table Lookup and Forward

8B TLV 16B IPv6 Src Addr 16B IPv6 Dst Addr Inner IP and Payload

FC00:0000:2222:3333:4444:7777:E006:0000

LPM on /48
SRv6 SID
Table IPv6 Forwarding
Table
POP IPv6 new DA

2222 FC00:0000:3333:4444:7777:E006:0000:0000

MATCH
FC00:0000:2222 LPM on /48

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
 SRv6 Micro-SID
Destination Address “Shift-and-Forward”

Source Host AMS 2 3 4 Dest. Host Rome

1 7
5 6

FC00:0000 :3333 :4444 :7777 :E006 :0000:0000

Dest Addr in outer IPv6

4. Node 2 sees its uSID locator in the
Shift-and-forward backfill bits
outer dest address and performs
shift-and-forward. outer IPv6

5. Node 2 forwards traffic toward Node customer

3 packet

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
 SRv6 Micro-SID
Destination Address “Shift-and-Forward”

Source Host AMS 2 3 4 Dest. Host Rome

1 7
5 6

FC00:0000 :4444 :7777 :E006 :0000:0000:0000

Dest Addr in outer IPv6

6. Node 3 sees its uSID locator in the Shift-and-forward backfill bits
outer dest address and performs
shift-and-forward. outer IPv6

7. Node 3 forwards traffic toward Node customer

4 packet

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
 SRv6 Micro-SID
Destination Address “Shift-and-Forward”

Source Host AMS 2 3 4 Dest. Host Rome

1 7
5 6

FC00:0000 :7777 :E006 :0000:0000:0000:0000

Dest Addr in outer IPv6

8. Node 4 sees its uSID locator and Shift-and-forward
performs shift-and-forward on outer backfill bits
IPv6 destination address outer IPv6

9. Node 4 forwards traffic toward Node 7 customer

packet

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
 SRv6 Micro-SID
Destination Address “Shift-and-Forward”

Source Host AMS 2 3 4 Dest. Host Rome

1 7
5 6

FC00:0000 :7777 :E006 :0000:0000:0000:0000:

Dest Addr in outer IPv6

10. Node 7 sees its locator and local End.DT
function bits in the outer IPv6 dest address
11. Node 7 decapsulates packet, performs a outer IPv6
lookup on inner IP, and forwards packet to customer customer
destination packet packet

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
SRv6 Micro-SID
VRF LPM Table Lookup and Forward

8B TLV 16B IPv6 Src Addr 16B IPv6 Dst Addr Inner IP and Payload

FC00:0000:7777:E009:0000:0000:0000:0000

LPM on /64

SRv6 SID VRF

Table Inner IP Payload Forwarding Table
DECAP LOOKUP
Outer Header VRF Carrots
IPv4 customer
SRv6 VRF VRF DA Header payload

MATCH Action
FC00:0000:7777:E009 UDT4

© 2018 Cisco and/or its affiliates. All rights reserved.

SRv6 Micro-SID
Global LPM Table Lookup and Forward

8B TLV 16B IPv6 Src Addr 16B IPv6 Dst Addr Inner IP and Payload

FC00:0000:7777:E006:0000:0000:0000:0000

LPM on /64

SRv6 SID Global IP

Table Inner IP Payload Forwarding Table
DECAP LOOKUP
Outer Header Global Table
IPv4 customer
SRv6 GLOBAL DA Header payload

MATCH Action
FC00:0000:7777:E006 UDT4

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
SRv6 Use Cases
• TE for Network Optimization

• TE for Application SLA and/or Deterministic Routing

• TE for Security, Service Chaining, or Data Sovereignty, or…

• Network Segmentation: L3VPN, L2VPN, Overlay

• Simplify OPEX with a common End-to-End data-plane

• Compute Node as SRv6 end-point

Note: These use cases can operate over an existing IPv6 domain!

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Lab Exercise 2:
Configure SRv6
Lab Exercise #2
Time: 25m

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Lab Exercise 3:
BGP-LU over SR-MPLS

OPTIONAL – RETURN AFTER LAB 7

Lab Exercise #3
Time: 5m

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
SRv6 L3VPN
SRv6-TE
SRv6 L3VPN VRF Blue
VRF Green

SRv6 L3VPN
• MP-BGP Control Plane operates just like
MPLS VPN
• Exchange VPN prefixes over IPv6 peering

VRF Green VRF Blue

Steering SRv6 L3VPN traffic
• Uses common SRTE framework*
• On Demand Next Hop (ODN)

* https://www.segment-routing.net/tutorials/2017-03-06-segment-routing-traffic-engineering-srte/

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
SRv6 L3VPN
Default forwarding: traffic takes the IGP best path

Source Host AMS 2 3 4 Dest. Host Rome

1 7
Interface in VRF
“radish”
5 6
VPNv4
PE Locator “Label”

FC00:0000 :7777 :E006 :0000:0000:0000:0000

Dest Addr in outer IPv6

outer IPv6
customer customer customer
packet packet packet

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
SRv6 L3VPN + TE Steering
Steering policy defines the path traffic will take

Source Host AMS 2 3 4 Dest. Host Rome

1 7
5 6
VPNv4
Micro-SIDs “Label”

FC00:0000 :5555 :4444 :7777 :E006 :0000:0000

Dest Addr in outer IPv6

outer IPv6
customer customer customer
packet packet packet

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
“Coffee You Need,
Or Lab You will Fail.”
Lab Exercise 4:
SRv6 L3VPN and SRv6-TE
for L3VPN
Lab Exercise #4
Time: 30m

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Project Jalapeño
Jalapeño: Re-Thinking SDN

• Application Drives its own Network Service App

• Use Case Agnostic

• Topology and Performance Data

• Cloud Native Architecture

• Open-Source Data Collection Platform

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Jalapeño Software Stack

• Combination of existing
Open-source projects and
Cisco code contributions

• Extensible to multiple data

sources

• Ability to model any kind of

topology (physical, virtual,
etc.)

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Jalapeño – Topology Modeling
SDN All about telemetry, databases, and APIs
Amsterdam Rome ArangoDB
GoBMP Kafka Topology
API
Processor

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Lab Exercise 5:
Install Jalapeño and Config BMP
Lab Exercise #5
Time: 20m

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Lab Exercise 6:
Jalapeño: Explore Kafka and ArangoDB
Lab Exercise #6
Time: 30m

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
Host-Based SR/SRv6
Routers vs. Compute
What do Routers do well? What does Compute do well?
• Efficiently forward a great deal of traffic • Lots of infrastructure and tooling to express and
• Execute limited policy sets at high speed understand application requirements
• Flexible policy execution and scale

What do Routers not do so well? What does Compute not do so well?

• Understand application requirements • Efficiently forward a great deal of traffic
• Rigid policy execution environment (compared to routers)
• Policy scale bottleneck

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
Host-Based SR or SRv6 Implementations Reference

Linux Kernel, VPP, Cilium eBFP

Lab 7

SRv6 and SRv6 policies and SRv6 policy and vrf

MPLS routes MPLS routes https://docs.cilium.io/en/latest
https://segment- https://s3- /cmdref/cilium_bpf_srv6/
routing.org/ docs.fd.io/vpp/23.02/develope
r/corefeatures/sr/sr_doc.html

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Lab Exercise 7:
Host-Based SR/SRv6
Lab Exercise #7
Time: 25m

AMS/Rome VM
Conclusion
The Big Picture

• SRv6 is a natural evolution of SR-MPLS

• SRv6 helps simplify your network

• SRv6 brings scale and performance to your network

• SRv6 can be a universal end-to-end data-plane.

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Resources Reference

• Segment Routing and SRv6: https://www.segment-routing.net/

• Jalapeño: https://github.com/cisco-open/jalapeno

• XRd tutorials: https://xrdocs.io/virtual-routing/tutorials/2022-08-22-xrd-

images-where-can-one-get-them/

• XRd and Docker-compose: https://github.com/brmcdoug/XRd

• XRd using KNE: https://github.com/brmcdoug/kne

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Related Cisco Live Sessions Reference

IOS XR SRv6 uSID—Transport and Services Deployment - LTRSP-2060

• Tuesday, Feb 6, 2:00 PM – 6:00PM CET
Segment Routing: How to Integrate and Migrate to SRv6 - LTRIPV-2130
• Tuesday, Feb 6, 2:00 PM – 6:00PM CET
Segment Routing Innovations in IOS XE - BRKENT-1520
• Tuesday, Feb 6, 1:45 PM – 2:45PM CET
Migrate Your MPLS Network and Services to SRv6 with Simplicity - BRKSP-2468
• Thursday, Feb 88:30 AM - 10:00 AM CET
Troubleshooting Segment Routing - BRKSPG-3624
• Thursday, Feb 812:00 PM - 1:30 PM CET

LTRSPG-2212 © 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
Thank you