0% found this document useful (0 votes)

490 views105 pages

Brkarc 2001

ASR1K

Uploaded by

alfagemeo

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

490 views105 pages

Brkarc 2001

ASR1K

Uploaded by

alfagemeo

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 105

ASR 1000 System & Solution

Architectures

Jason Yang - CCIE #10467, Technical Marketing Engineer

BRKARC-2001
Agenda

Introducing the ASR 1000

ASR 1000 System Architecture
ASR 1000 Building Blocks
ASR 1000 Software Architecture
ASR 1000 Packet Flows
Integrated Security on ASR 1000
Applications & Solutions
Introducing the ASR 1000
ASR 1000 Aggregation Service Router
Key Design Principles
Application
Performance
Optimization
(AVC, PfR)

Best in Class ASIC Best in Class

Technology Voice and Security Services Availability
Video (Firewall, VPN,
Services Encryption)
Quantum Flow Processor (CUBE) Enterprise IOS Features
(QFP) for high scale services with Modular OS and
and sophisticated QoS with Software Redundancy or
minimum performance impact Hardware Redundancy
and ISSU

Ethernet Multi-Service, Secure

WAN and Provider WAN Aggregation
Edge Services Services

2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco ASR 1000 Series Routers: Overview
2.5 Gbps to 200Gbps Designed today to scale up in the future
COMPACT, INSTANT ON
BUSINESS-CRITICAL RESILIENCY
POWERFUL ROUTER SERVICE DELIVERY
Line-rate performance 2.5G to 200G Fully separated control and forwarding Scalable on-chip service enablement
Investment protection with modular planes through software licensing
engines, IOS CLI and SPAs for I/O Hardware and software redundancy Industry leading VPN/Crypto solutions
Hardware assists for ACL, QoS, etc. In-service software upgrades Optimal user/app experience with AVC,
PfRv3, and AppNav
Hardware-based QoS engine with up to Inter and Intra-chassis redundancy
464k queues DCI to support clustering across Software consumption model with
New Ethernet CC and 100GE EPA: geographically dispersed DC CiscoONE
ASR1000-MIP100, EPA-1x100GE
Fixed Chassis IOS-XE Modular Chassis
ASR 1013
ASR 1009-X
ASR 1006 ASR 1006-X
ASR 1004
ASR 1001-X ASR 1002-X ASR 1001-HX ASR 1002-HX

2.5 to 20 5 to 36 44 to 100 44 to 100 10 to 40 20 to 100 40 to 100 40 to 200 40 to 200

Gbps Gbps Gbps Gbps Gbps Gbps Gbps Gbps Gbps

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
ASR 1000 Positioning

Enterprise Edge and Managed Services Routers

ASR 9000
Managed L2/L3 Application
Integrated Security
VPNs Recognition
Performance and Scalability

7600 Series
ASR1000

Up to 48 Tbps per
Up to 2 Tbps per system
ISR4000 Series 2.5-200Gbps per system
System Carrier Ethernet
Carrier Ethernet
Distributed PE, IP RAN
ISR Series Firewall, IPsec IP RAN
1-2 Gbps per System L2/L3 VPNs
Route Reflector Mobile Gateways
Separate Services
850 Mbps per System CUBE/VoIP SBC/VoIP Vidmon
Planes for Continuity
350 Mbps with Services Pay-As-You-Grow Broadband Video Monitoring BNG

Service Provider Edge Routers

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
ASR 1000 Enterprise Applications
Flexible WAN Services Edge & CPE

Mobile subscriber WAN aggregation

DCI

Corporate office
Internet gateway

High end branch Cloud

High Speed CPE WAN Aggregation Data Center Interconnect

High-end Branch IPSec VPN Internet gateway
Campus Edge L2 and L3 VPN Cloud Services Edge
IWAN

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
ASR 1000 Service Provider Applications
A Wide Variety of Use Cases

Mobile Access and Aggregation

Subscriber
Edge
ISP
L2/L3 VPNs CGN Peering
Wireless IPsec/NAT/FW
NBAR2
LNS

Business
Wire line
iWAG
ETTx
RR IP/MPLS Core
CPE
BNG
CPE xDSL
DSLAM

xPON PE
Residence OLT
PPP or IP Aggregation
ATM or Ethernet
Cable Intelligent Services Gateway
M-CMTS WiFi Access Gateway Content Farm
DOCSIS
VOD TV SIP

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
ASR 1000 System Architecture
ASR 1000 Building Blocks

RPstby
CPU CPU

RPact
FECP
FECP FECP
FECP

ESPstby
ESPact

interconn GE switch interconn. GE switch QFP

Crypto
Crypto
QFP Crypto
Crypto
Assist. Assist.
Assist. PPE BQS Assist. PPE BQS

interconnect
interconn. interconnect
interconn.

Midplane

interconnect interconnect interconnect

ELC

MIP
SIP

AGG AGG AGG

IOCP IOCP IOCP
ASIC ASIC ASIC

SPA SPA Built-in GE/10GEs EPA EPA

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
ASR 1000 Building Blocks

RPstby
CPU CPU

RPact
FECP
FECP FECP
FECP

ESPstby
ESPact

interconn GE switch interconn. GE switch QFP

Crypto
Crypto
QFP Crypto
Crypto
Assist. Assist.
Assist. PPE BQS Assist. PPE BQS

Route Processor
interconnect
interconn.
Handle control plane interconnect
interconn.

Manages system
Embedded Service Processor
Midplane
Handles forwarding plane traffic

interconnect interconnect interconnect

ELC

MIP
SIP

AGG AGG AGG

IOCP IOCP IOCP
ASIC ASIC ASIC

SPA SPA Built-in GE/10GEs EPA EPA

SPA Interface Processor Ethernet Linecard Modular Interface Processor

Houses Shared Port Adapter (SPA) Built-in GE/10GE ports Houses Ethernet Port Adapter (EPA)
Packets buffer Packets buffer Packets buffer
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
ASR 1000 Building Blocks
Centralized Forwarding Architecture

RPstby
CPU AllCPU

RPact
FECP
FECP FECP
FECP
traffic flows through the active ESP,

ESPstby
standby is synchronized with all the states
ESPact

interconn GE switch interconn. GE switch QFP

Crypto QFP Crypto
Crypto
Assist.
Distributed Control Architecture
Crypto
Assist.
Assist. PPE BQS Assist.havePPE
All major system components a BQS
Route Processor powerful control processor dedicated for
interconnect
interconn.
Handle control plane interconnect
control and management planes
interconn.

Manages system
Embedded Service Processor
Midplane
Handles forwarding plane traffic

interconnect interconnect interconnect

ELC

MIP
SIP

AGG AGG AGG

IOCP IOCP IOCP
ASIC ASIC ASIC

SPA SPA Built-in GE/10GEs EPA EPA

SPA Interface Processor Ethernet Linecard Modular Interface Processor

Houses Shared Port Adapter (SPA) Built-in GE/10GE ports Houses Ethernet Port Adapter (EPA)
Packets buffer Packets buffer Packets buffer
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
ASR 1000 Building Blocks:
Modular Chassis
ASR 1000 Modular Chassis Overview
ASR 1004 ASR 1006 ASR1006-X ASR 1009-X

ASR 1013
RP Slots 1 2 2 2 2

ESP Slots 1 2 2 2 (super) 2 (super)

SIP/MIP Slots 2 (SIP only) 3 (SIP only) 2 3 6

Built-In Ethernet N/A N/A N/A N/A N/A

Redundancy Software Hardware Hardware Hardware Hardware

Height 7 (4RU) 10.5 (6RU) 10.5 (6RU) 15.7 (9RU) 22.7 (13RU)

Bandwidth 10 40 Gbps 10 -100 Gbps 40 - 100 Gbps 40 - 200 Gbps 40 - 200 Gbps

1100 power modules 1100 power modules

Max Output Pwr 765W 1275W
N+1, Max 6 N+1, Max 6
3200W

Airflow Front to back Front to back Front to back Front to back Front to back

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
ASR 1009-X
Forwarding Plane (ESP)
System Management Up to 200Gbps per
system
RJ45 Console
Supports ESP40,
Auxiliary Port ESP100, ESP200 and
2x USB Ports future ESPs

Hardware Redundancy
I/O Connectivity
Dual ESP and RP slots
12x SPA slots (SIP-40) for data plane and control
3x ELC slots plane redundancy

6x EPA (MIP-100) ISSU

Modular Fan Tray

Field Replaceable Control Plane
30% improvement in Support RP2 and RP3
airflow per slots vs
8 - 64 GB Memory
integrated Fan module
FIPS-140-2 certification
BITS clocking Power Supply
Stratum 3 built-in Modular power supply with N+1 redundancy
High efficiency, Load sharing, Hot-swappable
AC (1100W) or DC (950W)
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
ASR 1000 Modular Chassis Compatibility Matrix
Chassis RP2 RP3 SIP40 ELC MIP100 ESP20 ESP40 ESP100 ESP200
ASR1004 Yes No Yes Yes No Yes Yes No No

ASR1006 Yes No Yes Yes No Yes Yes Yes No

ASR1013 Yes Yes Yes Yes Yes(2)(3) No Yes Yes Yes

ASR1006-X Yes(1) Yes Yes Yes Yes(3) No Yes Yes No

ASR1009-X Yes(1) Yes Yes Yes Yes(3) No Yes Yes Yes

(1)RP2 with new CPLD

(2)100G support in Slots 2&3; others at 40G

(3)ASR1000-MIP100 is not supported with ESP40

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
ASR1000-MIP100 (Modular Interface Processor)
1006-X/1009-X with
ESP100/ESP200

ESP100/200
10x10G
Line rate
No oversubscription

Mid plane
1x100G
Line rate
100G
No oversubscription

MIP100 1x100G
1x100G
2 to 1 oversubscription

100G

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
MIP100 Architecture
RPs
RPs Output ref Input ref
Active ESP Standby ESP clocks clocks

DDRAM Interconnect
Boot Flash

JTAG Ctrl Egress ESI, 110 Gbps

Ingress EPA Control
Buffer
Scheduler Hypertransport, 10Gbps
Status Other
IOCP GE, 1Gbps
I2C

Interface
Network
Aggregation ASIC clock
Reset / Pwr Ctrl distribution

Temp Sensor

Network
clocks
EEPROM
Ingress Ingress Egress
Chassis buffers SPA Agg.
Classifier buffers
management

RPs 2 EPAs 2 EPAs 2 EPAs

2 EPAs

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Ethernet Port Adapter (EPA)
EPA Modular Chassis with ASR1002-HX Optics Modules
MIP-100
EPA-1x100GE XE 3.16.1 XE 16.4.1
XE 16.2.1

CPAK-100G-SR10 CPAK-100G-LR4
10 Metres
EPA-CPAK-2x40GE XE 3.16.2 XE 16.4.1
XE 16.3.1

CPAK-100G-SR10 CAB-MPO24-2XMPO12 QSFP-40G-SR4

EPA-10x10GE XE 3.16.4 XE 16.3.1 SFP-10G-SR, SFP-10G-SR-X, SFP-10G-LR, SFP-

XE 16.2.1 XE 16.3.2 10G-LRM, SFP-10G-LR-X, SFP-10G-ER
XE 16.3.1 (MACSec) (MACSec)

EPA-18x1GE XE 16.2.1 XE 16.2.1 GLC-GE-100FX, GLC-SX-MMD, GLC-LH-SMD,

XE 16.3.2 (MACSec) XE 16.3.1 SFP-GE-T, GLC-BX-U, GLC-BX-D, GLC-TE, GLC-
(MACSec) SX-MM, GLC-LH-SM, GLC-EX-SMD, GLC-ZX-
SMD, CWDM-SFP, DWDM-SFP

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Modular Route Processors: RP2 & RP3
RP2 RP3

CPU 2.66GHz Intel Xeon Dual-core 2.2GHz Intel Broadwell Quad-core

Default memory 8GB (4x2GB) DDR2 8GB (2x4GB) DDR4
Memory upgrade options 16GB (4x4GB) 16GB (2x8GB), 32GB (4x8GB); 64GB (4x16GB)
Built-In eUSB Bootflash 2GB 8GB
80GB HDD 100GB SSD default, 200GB and 400GB upgrade options
Storage
external USB external USB
IOS XE OS 64 bits 64 bits
ASR 1004
ASR 1006 ASR 1006-X
Chassis Support ASR 1013 ASR 1009-X
ASR 1006-X ASR 1013
ASR 1009-X

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
ASR 1000 RP3 Architecture
Highly Scalable Control Plane Processor

Management BITS
Console Ethernet (input & output)
USB SSD
& Aux

ESI, 11.2 Gbps

Bootflash
GE, 1Gbps
I2C
NVRAM
CPU
CPU Memory
2.2 GHz quad-core
8/16/32/64 GB
I2C Chassis
Management Bus
Stratum-3 Network
clock circuit

Interconnect EOBC Switch Output Input

clocks clocks

SIPs/ ESPs RP ESPs SIPs/ ESPs RP SIPs/ SIPs/ RP RP

MIPs MIPs MIPs MIPs

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
ASR1000 Embedded Services Processor (ESP)
Centralized, programmable, multiprocessor forwarding engine providing full-packet processing
Packet Buffering and Queuing/Scheduling (BQS)
ESP40
For output traffic to carrier cards/SPAs/EPAs
For special features such as traffic shaping, reassembly,
replication, punt to RP, cryptography, etc.
5 levels of HQoS scheduling, up to 464K Queues,
Priority Propagation
Dedicated crypto co-processor
Interconnect providing data path links (ESI) to/from
other cards over midplane
Transports traffic into and out of the Cisco
Quantum Flow Processor (QFP)
Input scheduler for allocating QFP BW among ESIs
FECP CPU manages QFP, crypto device, midplane links, etc. ESP100

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
ESP Bandwidth
Overall throughput is determined by the type of ESP and SIPs used in modular platforms.
Modular platforms are rate limited by speed of bus from QFP complex to backplane ASIC
Bandwidth is expressed in terms of aggregated throughput, use ESP100 as example:

50 Gbps 50 Gbps 10G 80G

50 Gbps 50 Gbps 20G 20G

50G Unicast in each direction 10G Multicast with 8X replication in one direction
Total Output bandwidth 50+50=100 20G unicast in the other direction
Total Output bandwidth 80+20=100G
50 Gbps 50 Gbps 10G 100G
70 Gbps 70 Gbps 20G 20G

50Gbps Unicast in one direction and 70Gbps Unicast in 10Gbps Multicast with 10X replication in one direction
the other direction 10Gbps Unicast in the other direction
Total output bandwidth (50+70=120) exceeds 100Gbps; Total bandwidth (100+20=110) exceeds 100Gbps; only
only 100Gbps will be forwarded. 100 Gbps will be forwarded

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
ASR 1000 Forwarding Processor
Quantum Flow Processor (QFP) Drives Integrated Services & Performance
Resource Packet Buffer
TCAM DRAM
DRAM

QFP complex
Memory Packet Processor Engines BQS
FECP
PPE1 PPE2 PPE3 PPE4
GE, 1Gbps
Bootflash
I2C
ESI
PPE5 PPE6 PPE64 Hypertransport, 10Gbps
Other

Dispatcher Packet Buffer

Memory
Crypto
Chassis Interconnect
Mgmt Bus

RPs RPs ESP RPs SIPs

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
ASR 1000 ESPs in Modular Chassis
ESP20 ESP40 ESP100 ESP200

System bandwidth (IMIX) 18 Gbps 41 Gbps 130 Gbps 227 Gpbs

Performance (IMIX) 6 Mpps 14 Mpps 45 Mpps 78 Mpps

QFP cores 40 40 128 256
Clock Rate 1.2 GHz 1.2 GHz 1.5 GHz 1.5 GHz
Suite B support No No Yes Yes
Crypto BW (IMIX/1400B) 4/6 Gbps 7/10 Gbps 15/27 Gbps 45/70 Gbps
2 GB / QFP
QFP Resource Mem 1GB 1GB 4GB
8GB total
Packet Buffer 256MB 256MB 1GB 2GB
Single core Dual core Dual core Dual core
Control CPU
1.2 GHz 1.8 GHz 1.73 GHz 1.73 GHz
Control Memory 4 GB 8 GB 16 GB 32 GB
TCAM 40 Mb 40 Mb 80 Mb 2 x 80 Mb
ASR1004
ASR1006
ASR1006
ASR1004 ASR1013 ASR1013
Chassis Support ASR1013
ASR1006 ASR1006-X ASR1009-X
ASR1006-X
ASR1009-X
ASR1009-X

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Cisco Quantum Flow Processor (QFP)
ASR1000 series innovation
QFP Chip Set

Five year design and continued evolution now on 3rd generation

Architected to scale to > 100Gbps
Multiprocessor with 64 multi-threaded cores; 4 threads per core
256 processes per chip available to handle traffic
High-priority traffic is prioritized Cisco QFP
Packet Processor
Packet replication capabilities for Multicast
Many H/W assists for accelerated processing
3rd generation QFP is capable for 70Gbps, 32Mpps processing
Mesh-able: 1, 2 or 4 chips to build higher capacity ESPs
Latency: tens of microseconds with features enabled
Cisco QFP Traffic Manager
(Buffering, Queueing, Scheduling)

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Cisco Enterprise Routing NPU Leadership 4th Gen QFP
Continuing Investment in Network Processor Technology > 200G

3rd Gen QFP linerate security

200G and high perf
Over 100 Lower Cost fully intelligent WAN
Patents integrated NPU
Awarded! 2nd Gen QFP and IO device
Performance

40G

1st Gen QFP

20G

#cores: Number of Packet Processing Engines

NPU #threads: concurrent, parallel threads processed

High Speed Backplane Aggregation ASIC

IO Oversubscription & Aggregation ASIC

Increasing network intelligent and services requirements

2008 2012 2018

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
ASR 1000 Fixed Platforms
ASR 1000 Fixed Chassis Overview
ASR 1001-X ASR 1002-X ASR 1001-HX ASR 1002-HX

SPA Slots 1 3 N/A N/A

EPA Slots N/A N/A N/A 1
NIM Slots 1 N/A N/A 1
Built-In GE 6 6 8 8
Built-In TenGE 2 N/A 4 + 4 (configurable 10GE/GE) 8
CPU 2.0GHz quad-core 2.13GHz quad-core 2.5GHz quad-core 2.5GHz quad-core
8GB; upgradable to 4GB; upgradable to 16GB; upgradable to
Memory 8GB; upgradable to 16GB
16GB 8GB/16GB 32GB
eUSB(8GB) eUSB(8GB) eUSB(32GB)
Storage eUSB(32GB)
SSD (200GB, 400GB) Optional HDD (160GB) SSD (200GB, 400GB)
IOS Redundancy Software Software Software Software
Height 1.75 (1RU) 3.5 (2RU) 1.75 (1RU) 3.5 (2RU)
Throughput 2.5 to 20Gbps 5 to 36Gbps 60Gbps 100Gbps
Maximum Output Power 250W 470W 360W 500W
Airflow Front to back Front to back Front to back Front to back

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
ASR 1001-HX
Control plane Pay as you go
Multi-Core Network Processor
CPU: Quad Core @ 2.5 GHz License on built-in ports
60Gbps forwarding capacity
Memory: 8GB DDR3 default 4x TenGE+ 4xGE enabled by default
62 Cores
memory, upgradeable to 16GB The remaining ports can be enabled in pairs
4 HW Threads / Core
Secure Boot + Image Signing
248 simultaneous threads
Miscellaneous
RJ45 & mini-USB console
Secure Boot

Built in I/O Crypto module

8x Gigabit Ethernet interfaces Field upgradeable
8x TenGigabit Ethernet interfaces (4 configurable 10G/1G ports) 16 Gbps crypto throughput
Multipoint MACSEC for linerate encryption (1G & 10G) Suite B support

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
ASR 1001-HX Crypto Module

ASR 1001-HX can be ordered with or without the crypto

module

Crypto module can be installed in the field unit when it

need the function

Crypto bandwidth licensed from factory (default 8Gbps,

upgradeable to 16Gbps on demand)

16Gbps crypto license unlocks crypto performance cap

of 29Gbps (1400bytes)

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
ASR 1002-HX Multi-Core Network Processor
100 Gbps forwarding capacity
Pay as you grow 124 Cores
License on built-in ports 4 HW Threads / Core
4x TenGE+ 4xGE enabled by default 496 simultaneous threads
The remaining ports can be enabled in pairs Miscellaneous Network Interface Module
Control plane RJ45 & mini-USB console 1 double wide or 1 single wide
CPU: Quad Core @ 2.5 GHz eUSB: 32GB NIM
Memory: 16GB DDR3 Secure Boot
default memory,
upgradeable to 32GB
Secure Boot + Image Signing

Power Supply & Fans

Modular PS, FRUable
Fan Tray
Ethernet Port Adapter Crypto module
Built in I/O
1x EPA slot Field upgradeable
8x Gigabit Ethernet interfaces
25 Gbps crypto throughput
8x TenGigabit Ethernet interfaces
Suite B support
Multipoint MACSEC for linerate encryption
(1G & 10G)

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
ASR 1002-HX Crypto Module
ASR 1002-HX can be ordered with or without the crypto hardware

Crypto module can be installed in the field unit when it need the function

Crypto bandwidth licensed from factory (default 8Gbps, upgradeable to 16Gbps and
25Gbps on demand)

25Gbps crypto license unlocks crypto performance cap of 39Gbps (1400bytes)

ASR 1002-HX must be powered down to install/remove crypto module

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
ASR 1002-HX Architecture
Resource Pkts Buffer Resource Pkts Buffer
TCAM
DRAM DRAM DRAM DRAM
(80Mbit)
(2GB) (512MB) (2GB) (512MB)

PPEs QFP1 PPEs QFP2

PPE1 PPE2 PPE3 PPE1 PPE2 PPE3
Console Management
USB
& Aux Ethernet NVRAM
PPE4 PPE62 PPE4 PPE62
BQS BQS Boot Flash

CPU Memory
CPU
Dispatcher Dispatcher 2.5 GHz Quad-core I2C Chassis
Pkt Buffer Pkt Buffer Management Bus

75Gbps 75Gbps

Interconnect
75Gbps Crypto Memory
(4GB)
150Gbps
Interface Aggregation ASIC

11Gbps 80Gbps 8Gbps 120Gbps

8x10 I2C
NIM 8xGE EPA
GE Serdes Interface
Hypertransport

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
ASR 1000 QFP in the Fixed Chassis
ASR 1001-X ASR 1002-X ASR 1001-HX ASR 1002-HX
System throughput
2.5 - 20Gbps 5 - 36Gbps 60Gbps 100Gbps
(IMIX)
Performance
19Mpps 34Mpps 43Mpps 78Mpps
(64Bytes)
QFP cores 31 62 62 124
Clock Rate 1.5 GHz 1.2 GHz 1.5 GHz 1.5 GHz
QFP Resource
4GB (unified) 1GB 4GB 4GB
Mem
Packet Buffer 256MB 512MB 512MB 1GB
TCAM 10 Mb 40 Mb 40Mb 80 Mb

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Software Architecture
IOS XE Software architecture
IOS IOS
IOS XE = IOS + IOS XE Middleware + Platform active standby
Software
Platform Adaptation Layer

RP
Operational Consistencysame look and feel as IOS (PAL)
Forwarding
Chassis
Router manager manager

IOS runs as its own Linux process for control plane Linux Kernel
(Routing, SNMP, CLI etc.) 64-bit operation
Linux kernel with multiple processes running in protected Control
messaging
memory
Fault containment
QFP client SPASPA
driver
driver
SPA/EPA
Re-startability

SIP/MIP
driver
QFP driver

ESP
ISSU of individual SW packages Chassis
Chassis Forwarding manager
ASR 1000 HA Innovations manager manager

Zero packet loss with RP Failover Linux Kernel Linux Kernel

<50ms ESP Failover
Software redundancy

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Software Architecture Modular Platform
Runs Control Plane IOS
Generates configurations
Maintains routing tables (RIB, FIB) Platform Adaptation Layer

RP
(PAL) Provides abstraction layer between
Initialization of RP processes Chassis Forwarding hardware & IOS
Initialization of installed cards
manager manager Manages ESP redundancy
Detects and manages OIR of cards Maintains copy of FIB and interface list
Manages system status, Linux Kernel Communicates FIB status to active &
environments, power, EOBC standby ESP

Control
messaging
Driver Software for SPA/EPA
Programs QFP forwarding plane and interface
QFP DRAM QFP client / driver SPASPA
driver cards is loaded independently
driver
SPA/EPA
Failure or upgrade of driver
Statistics collection & RP driver

SIP/MIP
communication QFP code does not affect other
ESP

Chassis SPAs/EPAs in the chassis

manager
Communicates with forwarding Chassis Forwarding
manager manager
manager on RP
Maintains copy of FIBs Linux Kernel
Linux Kernel
Provides interface to QFP client &
driver

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Software Architecture Fixed Platform
Single Control CPU
Quad-core
64 bit OS Chassis Mgr.
IOSact
8GB, 16GB, 32GB memory support Forwarding Mgr.
IOSstby
RP Subsystem

Kernel (incl. utilities)

Standard IOS XE Processes
Running over a single Linux kernel
Chassis Mgr.
QFP Client
High Availability / Driver Forwarding Mgr.
IOS redundancy ESP Subsystem
Fault Containment
Process Restartability
Chassis Mgr.
Operational Consistency SPA driver
SPASPA/EPA
driver Interface Mgr.
driver
Same look and feel as standard IOS I/O Subsystem

RP
(PAL)
2. RPIOS: IOS executable Chassis Forwarding
manager manager
facilitates Software Redundancy feature
3. RPAccess (K9 & non-K9): Software required for Router access Linux Kernel 1
Two versions available (with and without open SSH & SSL)
facilitates software packaging for export-restricted countries Control
4. RPControl : control plane processes for IOS / hardware interface messaging
IOS XE Middleware
5. ESPBase: All ESP code QFP client SPASPA
driver 7
5 driver
SPA/EPA

SIP/MIP
Any software upgrade of the ESP requires reload of the ESP driver
QFP driver

ESP
Chassis
6. SIP/MIPBase: SIP/MIP OS & control processes manager
Chassis Forwarding 6
OS upgrade requires reload of the SIP/MIP manager manager

7. SIPSPA/MIPEPA: Intfs drivers and FPD Linux Kernel Linux Kernel

Facilitates SPA/EPA driver upgrade of specific SPA/EPA slots

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
IOS XE Release and support timelines

Standard releases twice a year (March, November) supported for 18 months

6 months of active bug-fix, 6 months of limited bug fix, and 6 months of PSIRT

Rebuild Intervals: 3 + 3 + 6 + 6 (PSIRT build as needed) PSIRT Phase

Optional
3 months 3 months 6 months 6 months PSIRT build
.1S .2S .3S .4S

FCS EoSales EoSM EoVS

Extended releases - Once a year (July) supported for 48 months

30 months of active bug-fix, 6 months of limited bug fix, and 12 months of PSIRT

Rebuild Intervals: 3 + 3 + 4 + 4 + 4 + 6 + 6 + 6 + 6 + 6 (PSIRT builds as needed) Optional

PSIRT builds
3m 3m 4m 4m 4m 6m 6m 6m 6m 6m
.1S .2S .3S .4S .5S .6S .7S .8S .9S .10S

FCS HPC EoSales EoSales EoSM EoVS

Notification

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
IOS XE 16
Upgrade Impact on ASR 1000
Same IOS XE software infrastructure, feature,
Open & Extensible Automate and Consistent Customer functionality, behavior and user experience
Platform Orchestrate Experience (i.e. CLI, MIBs)
Model Driven Patching
App Hosting
APIs
Few HWs are not supported
Device Management
Faster Innovation Troubleshooting
Reduce OPEX ISSU incompatible, require ROMmon upgrade
Lower Cost
and reload.
Feature Parity between XE3.17 and XE16.3.1

Physical and Virtual Infrastructure

Any Platform Any ASIC
Release Numbering
16.3.1 Denali
Major Release Number
Feature Release Number Feature Release Name

Build Number

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
What to expect HW (1)

Supported Unsupported

Platforms ASR1001-X, ASR1002-X ASR1001

ASR1001-HX, ASR1002-HX ASR1002
ASR1004, ASR1006
ASR1013
ASR1006-X, ASR1009-X
Route Processors (RP) ASR1000-RP2, ASR1000-RP3 ASR1000-RP1

Forwarding Processors (ESP) ASR1000-ESP20 ASR1000-ESP5

ASR1000-ESP40 ASR1000-ESP10
ASR1000-ESP100
ASR1000-ESP200
Line cards ASR1000-SIP40 ASR1000-SIP10
ASR1000-2T+20X1GE
ASR1000-6TGE
ASR1000-MIP100

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
What to expect HW (2)

Supported Unsupported
Ethernet Port EPA-1X100GE N/A
Adapters (EPA) EPA-2x40GE
EPA-10X10GE
EPA-18X1GE
Shared Port SPA-8XCHT1/E1-V2, SPA-4XCT3/DS0-V2, SPA-2XCT3/DS0-V2, SPA-2XT3/E3-V2, SPA-8XCHT1/E1,
Adapters (SPA) SPA-4XT3/E3-V2, SPA-8XT3/E3, SPA-1CHSTM1/OC3V2, SPA-1XCHOC12/DS0, SPA- SPA-4XCT3/DS0,
4XT-SERIAL SPA-2XCT3/DS0,
SPA-4X1FE-TX-V2, SPA-8X1FE-TX-V2, SPA-2X1GE-V2, SPA-5X1GE-V2, SPA-8X1GE- SPA-2XT3/E3, SPA-
V2, SPA-10X1GE-V2, SPA-1X10GE-L-V2, SPA-1X10GE-WL-V2 4XT3/E3, SPA-
SPA-2XOC3-POS-V2, SPA-4XOC3-POS-V2, SPA-8XOC3-POS, SPA-1XOC12-POS-V2, 1XCHSTM1/OC3
SPA-2XOC12-POS, SPA-4XOC12-POS, SPA-8XOC12-POS, SPA-1XOC48POS/RPR, SPA-2XOC3-POS,
SPA-2XOC48POS/RPR, SPA-4XOC48POS/RPR, SPA-OC192POS-XFP SPA-4XOC3-POS,
SPA-1XOC3-ATM-V2, SPA-3XOC3-ATM-V2, SPA-1XOC12-ATM-V2 SPA-1XOC12-POS
SPA-DSP SPA-2X1GE-SYNCE
SPA-1CHOC3-CE-ATM, SPA-2CHT3-CE-ATM, SPA-24CHT1-CE-ATM SPA-WMA-K9
Network NIM-1MFT-T1/E1, NIM-2MFT-T1/E1, NIM-4MFT-T1/E1, NIM-8MFT-T1/E1, NIM- N/A
Interface Module 1CE1T1-PRI, NIM-2CE1T1-PRI, NIM-8CE1T1-PRI, NIM-SSD, SSD-SATA-200G, SSD-
(NIM) SATA-400G

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
What to expect Mimimum ROMmon
For RP and ESP
IOS XE Denali RP2 RP3 ESP20 ESP40 ESP100 ESP200
Release

16.3.1 15.2(1r)S 16.3(2r) XNC 15.0(1r)S 15.3(1r)S 15.3(1r)S

For Fixed Chassis

IOS XE Denali ASR1001-X ASR1002-X ASR1001-HX ASR1002-HX
Release

16.3.1 15.4(2r)S 15.5(3r)S1 16.2(2r) 16.2(2r)

For SIP/MIP/ELC
IOS XE Denali SIP40 MIP100 2T+20x1GE 6TGE
Release

16.3.1 15.0(1r)S 15.5(3r)S1 15.5(3r)S1 15.4(2r)S

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
What to expect image type
XE 3.x XE 16.x
ASR1001-X Universal Image Universal Image
No
ASR1002-X - All the licenses will continue to work as is Change
- No config changes are needed besides the boot image
RP2 based platforms Reformation Image Universal Image + License boot level
IP BASE W/O CRYPTO asr1000rp2-ipbase.* asr1000rpx86-universalk9.* ipbase
IP Base asr1000rp2-ipbasek9.* asr1000rpx86-universalk9_npe.* ipbase
ADVANCED ENTERPRISE asr1000rp2-adventerprisek9_noli.* asr1000rpx86-universalk9_noli.* adventerprise
SERVICES W/O LI
ADVANCED ENTERPRISE W/O asr1000rp2-adventerprise.* asr1000rpx86-universalk9_npe.* adventerprise
CRYPTO
ADVANCED ENTERPRISE asr1000rp2-adventerprisek9.* asr1000rpx86-universalk9.* adventerprise
SERVICES
ADVANCED IP SERVICES W/O LI asr1000rp2-advipservicesk9_noli.* asr1000rpx86-universalk9_noli.* advipservices
ADVANCED IP SERVICES W/O asr1000rp2-advipservices.* asr1000rpx86-universalk9_npe.* advipservices
CRYPTO
ADVANCED IP SERVICES asr1000rp2-advipservicesk9.* asr1000rpx86-universalk9.* advipservices

There is no more non-k9 universal images starting 16.2

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
What to expect migrate procedure to 16.3.1
ASR 1001-X, ASR1002-X
If the system meet the minimum ROMmon requirements Install the
16.3.1 image / reload
If the system does not meet the minimum ROMmon requirements
upgrade ROMmon / reload / install the 16.3.1 image / reload
RP2
Install 16.3.1 universal image (add previous image as 2nd boot up
image / reload

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Device Programmability

NETCONF RESTconf gRPC

YANG Data Model

Open Native Open Native

Programmable
Configuration Operational
Interfaces
Device Features
SNMP
Physical and Virtual Network Infrastructure Interface BGP QoS ACL

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
Resources on GitHub & DevNet
https://github.com/YangModels/yang/tree/master/vendor/cisco/xe https://developer.cisco.com/site/odp/

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Demo
Programmability Demo
1. Provision DMVPN Tunnels LB: 2.2.2.2

HUB
2. Unprovision DMVPN Tunnels Tunnel200: 192.99.99.1

3. Introduce an error in the provisioning to

observe the transactional behavior and
rollback
Tunnel200: 192.99.99.3 Tunnel200: 192.99.99.2

Spoke1 Spoke2

LB: 1.1.1.1 LB: 3.3.3.3

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
CLI Config converted to Yang Data Model
IOS XE Config Yang data model

interface Tunnel200 <?xml version="1.0" encoding="utf-8"?> <cluster>

<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101"> <clus-num>
description ** DMVPN Tunnel over MPLS ** <edit-config> <clus-num>0</clus-num>
bandwidth 10000000 <target> <max-connections>1</max-connections>
ip address 192.99.99.1 255.255.255.0 <running/> </clus-num>
</target> </cluster>
no ip redirects <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> </nhs>
ip mtu 1400 <native xmlns="http://cisco.com/ns/yang/ned/ios"> </nhrp>
ip pim nbma-mode <interface> <pim>
<Tunnel> <sparse-mode>sparse-mode</sparse-mode>
ip pim sparse-mode <name>200</name> <dr-priority>0</dr-priority>
ip nhrp authentication NhrpAuth <description>** DMVPN Tunnel over MPLS **</description> </pim>
ip nhrp network-id 101 <bandwidth> <redirects>false</redirects>
<kilobits>10000</kilobits> <tcp>
ip nhrp redirect </bandwidth> <adjust-mss>1360</adjust-mss>
ip tcp adjust-mss 1360 <ip> </tcp>
tunnel source GigabitEthernet0/0/2 <address> <mtu>1400</mtu>
<primary> </ip>
tunnel mode gre multipoint <address>192.99.99.3</address> <tunnel>
tunnel key 101 <mask>255.255.255.0</mask> <source>GigabitEthernet0/0/1</source>
tunnel vrf IWAN-PRIMARY </primary> <key>101</key>
</address> <mode>
tunnel protection ipsec profile DMVPN- <nhrp> <gre>
PROFILE1 <authentication>NhrpAuth</authentication> <multipoint/>
<map> </gre>
<dest-ipv4> </mode>
<dest-ipv4>192.99.99.1</dest-ipv4> <protection>
<nbma-ipv4> <ipsec>
<nbma-ipv4>98.99.130.6</nbma-ipv4> <profile>DMVPN-PROFILE1</profile>
</nbma-ipv4> </ipsec>
</dest-ipv4> </protection>
<multicast> <vrf>IWAN-PRIMARY</vrf>
<ipv4>98.99.130.6</ipv4> </tunnel>
</multicast> </Tunnel>
</map> </interface>
<network-id>101</network-id> </native>
<nhs> </config>
<ipv4> </edit-config>
<ipv4>192.99.99.1</ipv4> </rpc>
</ipv4>

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Packet Flows Data Plane
SIP/MIP ingress data path
RPs Active ESP
1. SPA/EPA receives packet data from
its network interfaces and transfers
Interconnect the packet to the SIP/MIP

Egress 2. Intf Aggregation ASIC classifies the

Ingress
Buffer packet into H/L priority
Scheduler
Status
IOCP 3. SIP/MIP writes packet data to
external ingress buffers
Interface
Aggregation ASIC 4. Interface Agg ASIC selects among

ingress queues for next pkt to send
to ESP over ESI. It prepares the
packet for internal transmission
Ingress Ingress Egress 5. The interconnect transmits packet
buffers SPA Agg.
Classifier buffers data of selected packet over ESI to
active ESP.

MIPs
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
ESP data processing path 1. Packet arrives at ESP via interconnect

2. Packet assigned to an available PPE a

by dispatcher
Resource Packet
TCAM
DRAM Buffer DRAM
3. Input FIA invoked

QFP complex Netflow, MQC/NBAR Classify, FW, RPF,

2. Packet assigned to an available PPE a

by dispatcher
Resource Packet
TCAM
DRAM Buffer DRAM
3. Input FIA invoked

QFP complex Netflow, MQC/NBAR Classify, FW, RPF,

WCCP
Packet Processor Engines BQS
4. Potentially forward through BQS to
FECP PPE1 PPE2 PPE3 PPE4 PPE5 crypto
5. Forwarding decision is made
PPE6 PPE7 PPE8 PPE
Data
40

FIB lookup, MPLS, GRE, Multicast

Dispatcher Packet Buffer

Crypto
Interconnect

ESP RPs SIPs/

MIPs
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
ESP data processing path 1. Packet arrives at ESP via interconnect

2. Packet assigned to an available PPE a

by dispatcher
Resource Packet
TCAM
DRAM Buffer DRAM
3. Input FIA invoked

QFP complex Netflow, MQC/NBAR Classify, FW, RPF,

WCCP
Packet Processor Engines BQS
4. Potentially forward through BQS to
FECP PPE1 PPE2 PPE3 PPE4 PPE5 crypto
5. Forwarding decision is made
PPE6 PPE7 PPE8 PPE
Data
40

FIB lookup, MPLS, GRE, Multicast

Dispatcher Packet Buffer 6. Egress FIA invoked

Crypto Netflow, NAT, Police/Mark, Crypto

Interconnect

ESP RPs SIPs/

MIPs
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
ESP data processing path 1. Packet arrives at ESP via interconnect

2. Packet assigned to an available PPE a

by dispatcher
Resource Packet
TCAM
DRAM Buffer DRAM
3. IInput FIA invoked

QFP complex Netflow, MQC/NBAR Classify, FW, RPF,

WCCP
Packet Processor Engines BQS
4. Potentially forward through BQS to
FECP PPE1 PPE2 PPE3 PPE4 PPE5 Data crypto
5. Forwarding decision is made
PPE6 PPE7 PPE8 PPE40

FIB lookup, MPLS, GRE, Multicast

Dispatcher Packet Buffer 6. Egress FIA invoked

Crypto Netflow, NAT, Police/Mark, Crypto

Interconnect 7. Packet forwarded through BQS for

scheduling based on QoS and interface
bandwidth
ESP RPs SIPs/
MIPs
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
ESP data processing path 1. Packet arrives at ESP via interconnect

2. Packet assigned to an available PPE a

by dispatcher
Resource Packet
TCAM
DRAM Buffer DRAM
3. Input FIA invoked

QFP complex Netflow, MQC/NBAR Classify, FW, RPF,

WCCP
Packet Processor Engines BQS
4. Potentially forward through BQS to
FECP PPE1 PPE2 PPE3 PPE4 PPE5 crypto
5. Forwarding decision is made
PPE6 PPE7 PPE8 PPE40

FIB lookup, MPLS, GRE, Multicast

Dispatcher Packet Buffer 6. Egress FIA invoked

Crypto Netflow, NAT, Police/Mark, Crypto

Interconnect 7. Packet forwarded through BQS for

scheduling based on QoS and interface
Data bandwidth
ESP RPs SIPs/
MIPs 8. Packet leaves ESP via interconnect
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
SIP/MIP egress data path
RPs Active ESP
Data 1. Interconnect receives packet data
Interconnect over ESI from the active ESP

Egress
Ingress
Buffer
Scheduler
Status
IOCP

Interface
Aggregation ASIC

Ingress Ingress Egress

buffers SPA Agg.
Classifier buffers

SPAs/EPAs SPAs/EPAs

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
SIP/MIP egress data path
RPs Active ESP
1. Interconnect receives packet data
Interconnect over ESI from the active ESP

2. Intf Aggregation ASIC receives the

Egress packet and writes it to external
Ingress
Buffer
Scheduler
Status egress buffer memory
IOCP

Interface
Aggregation ASIC

Data
Ingress Ingress Egress
buffers SPA Agg.
Classifier buffers

SPAs/EPAs SPAs/EPAs

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
SIP/MIP egress data path
RPs Active ESP
1. Interconnect receives packet data
Interconnect over ESI from the active ESP

2. Intf Aggregation ASIC receives the

Ingress Ingress Egress

buffers SPA Agg.
Classifier buffers

Data
SPAs/EPAs SPAs/EPAs

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
SIP/MIP egress data path
RPs Active ESP
1. Interconnect receives packet data
Interconnect over ESI from the active ESP

2. Intf Aggregation ASIC receives the

Egress packet and writes it to external
Ingress
Buffer
Scheduler
Status egress buffer memory
IOCP
3. Intf Aggregation ASIC selects and
transfers packet data from eligible
Interface queues to SPA/EPA-SPI channel (Hi
Aggregation ASIC queue are selected before Low)

4. SPA/EPA transmits packet data on
network interface
Ingress Ingress Egress
buffers SPA Agg.
Classifier buffers

SPAs/EPAs SPAs/EPAs

Authentication HMAC-SHA-2

Suite B
Key Establishment ECDH

Digital Signatures ECDSA

Hashing SHA-2

Entropy SP800-90

TLSv1.2, IKEv2, IPsec,

Protocols
MACSec

ASR 1001-X ASR 1002-X ASR 1001-HX ASR 1002-HX ESP100 ESP200

Number of Crypto 1 1 1 1 1 2
Processor

Cores per processor 10 6 22 32 22 32

Clock Rate 800MHz 800MHz 1100MHz 1200MHz 1100MHz 1100MHz

DRAM 1GB 1GB 2GB 4x1GB 2GB 2x4GB

Crypto Throughput 6Gbps 4Gbps 15Gbps 24Gbps 15Gbps 45Gbps

(SVTI @ IMIX)

TCP SYN Attack Prevention Basic Threat Detection

Protects against TCP SYN Flood to the FW Session Enables detection of possible threats, anomalies and
Database attacks per Zone
Monitors rate of pre-defined events in the system;
SYN Cookie Protection
alerts sent to Sys/HSL logs
Per Zone Report drops due to: Basic FW check failures, L4
Per VRF inspection failures, and count of the # of dropped
Per BoX SYNs

Half Open Session Limit Application Layer Protocol Inspection

Protects Firewall Session Table from attacks that could be Conformance checking, state tracking, security checks with
based on UDP, TCP and ICMP granular policy control
Half Open Session Limits are configurable: Over 20 Inspection Engines:
Per Box and VRF Level UC: SIP, Skinny, H.323, RSTP
Per Class supported initially Enterprise Apps: Voice/Soft phones
FW resources are managed effectively with half open session Core Protocols: FTP, FTP66, SNMP, DNS, POP3,
limit configuration knobs
Database & O/S: LDAP, NetBIOS, Microsoft RPC,
Logs are generated when limits are crossed

FIPS Common Criteria NSA Suite B

140, Level 2 EAL4 Hardware Assist

Cisco ASR 1000 Series

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
ASR 1000 IPSec Performance & Scale
ASR ASR ASR ASR RP2|RP3 RP2|RP3 RP2|RP3 RP2|RP3
1001-X 1002-X 1001-HX 1002-HX ESP20 ESP40 ESP100 ESP200
Encryption 6Gbps 4Gbps 15Gbps 24Gbps 4Gbps 7Gbps 15Gbps 45Gbps
Throughput w/ sVTI
(IMIX)
VRFs 8k 8k 8k 8k 8k 8k 8k 8k

Total Tunnels 8k 8k 8k 8k 8k 8k 8k 8k
(Site to Site IPSec)
Tunnel Setup Rate 130 130 130 130 130 130 130 130
(per second)
DMVPN / BGP 4k 4k 4k 4k 6k 6k 6k 6k (RP2)
Adjacencies 10k (RP3)
DMVPN / EIGRP 4k 4k 4k 4k 4k 4k 4k 4k
Adjacencies
FlexVPN 10k 10k 10k 10k 10k 10k 10k 10k
(IKEv2/DVTI)

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
ASR 1000 Applications & Solutions
ASR 1000 APPLICATIONS:
Carrier Ethernet & MPLS VPN
MPLS L3VPN Applications
MPLS VPN o GRE
North
VRF-Lite/Multi-VRF CE WAN-PE

Sub-interface per VRF for CE/PE

Up to 8,000 VRFs
MPLS VPN (RFC 2547) SP IP Service

IPv4 & IPv6 West GRE

WAN-PE WAN-PE East
MPLS QoS
MPLS over (m)GRE overlay for large enterprise VPN
MPLS TE FRR Multicast VPN Multicast
Source

FRR Link, Path & Node protection

RSVP & BFD triggered FRR PE PE
Multicast VPN
Encapsulation: IP/GRE, LSM PE PMSI Instance
PE PMSI Instance
Core Tree Signalling: PIM, mLDP Provider Network
C-Multicast Signaling: PIM, BGP
Multicast
Service: IPv4, IPv6 Receiver

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
ASR 1000 Carrier Ethernet Capabilities
Support for Ethernet Virtual Circuit (EVC) infrastructure Ports
connect
VLAN tags (single, double, ambiguous, untagged) (hair-pin)

EFPs
xconnect
802.1ad S-VLANs Pseudowire

Custom EtherType (e.g. IPv4/v6, PPPoE Discovery, PPPoE session) connect

CoS Support Ports Pseudowire

BD L2 VFI

MPLS
Flexible EVC Forwarding Service

EFPs
Pseudowire
Bridge Domain, Xconnect, Bridge Domain Interface, Pseudowire
L3/VRF
Ethernet OAM BD BDI
Routed
Link OAM, CFM, 802.1ag + Y.1731 extension, 802.3ah, Loopback, ELMI
Ports
Support for E-Line, E-Lan, E-Tree
BD BD

EFPs
L2 MP Bridging
Port/VLAN modes with interworking and local switching
Strong UNI features
HQoS, Security ACL, MAC Security
EFPs
Flexible Tag Matching and Manipulation ATM/FR
Ethernet Flow point (EFP) service L2 Interworking
instance is a logical interface that (not yet supported)
connects a bridge domain to a physical
port.
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 97
VPLS Services
VPLS Full-mesh, Hub/Spoke & H-VPLS Provider Edge
1M MAC Addresses U-PE/H-VPLS PE

Broadcast, Unknown Unicast and Multicast (BUM) control

VPLS over GRE/IPSec N-PE

VPLS Auto-discovery
LDP Signal (RFC 6074) Attachment VCs
are port mode or Full mesh of
BGP Signal (RFC 4761) VLAN ID Targeted LDP
exchange VC lables
Inter-AS support
Tunnel LSP
Option A (BGP Signal) CE N-PE CE
N-PE
Option B, C (LDP Signal)
U-PE dual-homing CE: Customer Edge Device
N-PE: Network Facing Provider Edge
Multiple spanning tree with control pseudowire
U-PE: User Facing Provider Edge

Routed Pseudowire VSI/VFI: Virtual Switching/Forwarding Instance

VPLS circuit terminated on Bridge Domain Interface

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 99
Segment Routing
Simplifying the Transport
Source Routing: the source chooses a path and
encodes it in the packet header as an ordered list SR
IGP
of segment
VPN

Segment: an identifier for any type of instructions:

VPN
forwarding or service
IGP only: no LDP, no RSVT-TE Node segment to Z (16006)

ECMP 16006
vpn
vpn B C pkt
pkt
Interworking with LDP: ease of migration

segment
to N
Adj
Topology independent 50msec FRR H T

Support all existing VPN services N

SR WAN
O

Engineered for SDN

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
Segment Routing Traffic Engineering
IGP Topology + LSP DB
TE link attributes PCE
+ SR SID + SRGB TED
= TED
16001
24005 BGP Link State
16006 Export TED
TED vpn 16001 24005
pkt
16006
PCC RR RR

Headend Tail Headend Tail

Single IGP Domain IGP Domain 1 IGP Domain 2

1. BGP-LS specify sets of TLVs that define three objects:

1. Information Distribution: IGP (OSPF or IS-IS) SR Nodes, Links and IP Prefixes in new NLRI type, the BGP-
extensions used to flood bandwidth information between LS attribute encodes the properties of the objects, such as
routers & SR SIDs, SRGB Node-names, IGP metric, TE-metric

2. CSPF does Path Calculation on headend only uses IGP 2. Path Compute Element (PCE) compute the network path
advertisements to compute SRTE constrained paths or route based on a network graph and applying
computational constraints
3. Forwarding traffic: Static route, auto route announce,.etc.
3. Path Compute Client (PCC) initiates LSP and delegates
path computation to PCE
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
ASR 1000 APPLICATIONS:
Internet Edge
Enterprise Internet Edge Profile
Routing: up to 5 full ISP peerings
ISP2 Inet II
HQoS, ACL, FNF, CoPP IPv6
ISP1 ISP3
Services: switch2

NAT: NAT44/NAT64, VRF Aware, VASI

TenGig4
TenGig3

TenGig4
ZBFW
ALG
Port-channel RG
RG
AVC ACT
STD
ASR1013-2
Y

Stateful Inter-chassis redundancy

Topology: LAN-WAN, LAN-LAN

VSS

Platforms: ASR1001-X/ASR1002-X, RP2/ESP40 LAN

DMVPN GETVPN FlexVPN Easy VPN SSLVPN

Multipoint GRE
Crypto Map Dynamic VTI Dynamic VTI TLS
Tunnels

NHRP GDOI IKEv2 Crypto Map

IKEv1/ IKEv1/
IKEv1
IKEv2 IKEv2

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
VPN Selection Criteria for Key Solutions
Key Solutions DMVPN GETVPN FlexVPN SSLVPN Easy VPN (IPsec IPsec VPN (CM,
(dVTI, IKEv2) (TLS) tunnels, IKEv1) VTI, p-pGRE)

Remote Access N/A N/A SR SR NR NR

(SW Clients)

IoT SR N/A SR N/A NR NR

IWAN 2.x SR N/A N/A N/A N/A N/A

DC WAN Edge N/A SR N/A N/A N/A NR

MPLS VPN over N/A SR N/A N/A N/A NR

MGRE

The roadmap on VPN Services aligned with Cisco recommendation

SR = Supported and Recommended

NR = Supported but Not recommended

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
WAN MACSec Applications
MKA based keying (IEEE 802.1X-2010)
802.1AE strong encryption
DC1
128/256 bits AES-GCM, NIST Main Building 1
approved, line rate performance
Vlan tag in clear option
Point-to-point Metro Metro
E-LINE E-LAN
Port based E-LINE Service
Building 2 Building 4
VLAN based E-LINE Service

Point-to-Multipoint
Port based E-LAN Service
VLAN based E-LAN Service DC2 Building 3
32 peers on 10GE; 8 peers on GE
Connect large branch, regional
Transporting SGT tag with WAN MACSec Data Center Interconnect aggregate site to DC
BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 107
ASR 1000 APPLICATIONS:
Datacenter Interconnect (DCI)
DCI with OTV
Ethernet Frame IP packet Ethernet Frame Ethernet Frame
Encap Decap
MAC IF MAC IF
MAC1 Eth1 Edge Device A MAC1 IP A
Edge Device C
MAC2 IP B MAC2 Eth 1
OTV Join Intf OTV Join Intf
MAC3 IP B ASR1K MAC3 Eth 2
ASR1K
IP B
Edge Device B
ASR1K

Edge Device B IP Core

Use Cases Connectivity High Availability Security

Datacenter maintenance/DR IP Core (unicast & mcast) Built-in loop prevention IPsec/GETVPN/MACSec
workload mobility (i.e. Vmotion)
Optimal multicast replication Built-in multi-homing
Active/Active Datacenters (HA
+LISP for optimal routing Preserve failure boundary
Clustering, i.e. MSCS, Vmware
Cluster) 8 routers in most deployments All paths active
Legacy Application (non- Interop with N7k FHRP
IP/Routable apps, i.e. NetBios) Support Fragmentation

VxLAN (MAC in IP)

Internet
IP/MPLS core
uni or multicast

Hypervisor VXLAN L3 Gateway

VXLAN L2 Gateway VXLAN to Routed
VXLAN to 802.1q VXLAN to L3 VRF mapping

Use Cases Connectivity Standard Scale

VXLAN-VXLAN Interworking Provides L2 connectivity MAC-in-IP: RFC 7348 4,000 VXLAN Tunnel
VLAN-VXLAN Interoperability between virtual switches in Endpoints (VTEPs)
Unicast (Ingress replication)
hypervisors, hardware Up to 16k VXLAN Network
VXLAN-VPLS Interoperability or Multicast (BiDir) for
switches and hardware Identifiers (VNIs)
VXLAN-VRF Integration peering and MAC
routers Up to 16k Bridge Domain
reachability
VXLAN extends subnets to Interfaces (BDIs)
virtualized resources Up to 1M MAC addresses

WAN BRANCH

PE
PE
DC Edge
Spines Connecting to DC Edge from Spines (directly connected or IPN)
Single MP-BGP session to carry routes for multiple tenants (VRFs)
MP-BGP
VXLAN handoff to DC Edge
DC can be
Leafs
VRF Orange 1. Standalone N9k fabric ASR1k as a border leaf
VRF Green VRF Purple
2. ACI Mode ASR1k as a border leaf using OpFlex
DC Edge WAN facing side can be
1. Back to back VRF-Lite with L3 sub-interfaces/tunnels
= VXLAN Encap
2. MPLS VPN PE or ASBR (IAS option B)
WAN MPLS VPN(GETVPN), DMVPN, IWAN2.x

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
ACI WAN Integration using OpFlex
OpFlex is a communication protocol used
between fabric and DC Edge to enable fabric
WAN facing tenant automation.
OpFlex-PE
One Time Manual Pre-
OpFlex Configuration, required for:
Peering
OpFlex-PR
Establishing IP reachability for underlay
Instantiating on the WAN router an OpFlex framework to the ACI
fabric
Recurring Tenants
Configurations

VRF Purple
WAN side configuration on the WAN router is manual or
VRF Green VRF Orange
orchestrator driven
Fabric facing configuration created on APIC and dynamically
pushed via OpFlex

ISE pull EPG (ClassID, VNI)

for translation
Radius download the
translation table to ASR1k
Control Plane
BGP EVPN | OpFlex
Spines

MP-BGP SGT propagate over L3 Networks

Leafs Data Plane: VXLAN-GBP

SGT <-> EPG translation

DC Edge | WAN Trustsec Border Router

Intelligent WAN (IWAN) Architecture

DCI
IWAN POP1 WAN Core IWAN POP2
Transport DC1 DC2
Independence
10.1.0.0/16 10.2.0.0/16
Simplified Hybrid WAN

Management Automation
Intelligent
Path Control BR11 BR12 BR21 BR22

Application Aware Routing 10.1.0.0/16 10.2.0.0/16

10.0.0.0/8 10.0.0.0/8
Application
Optimization DMVPN DMVPN
MPLS INET
Enhanced Application
Visibility and Performance

Secure
Connectivity
BR31 BR41 BR51 BR52

Comprehensive
10.3.3.0/24 10.4.4.0/24 10.5.5.0/24
Threat Defense

ASR 1000 is the Swiss Army Knife to solve your tough

network problems
Reduce complexity in your network edge.
ASR 1000 is well positioned for both Enterprise and Service
Provider Architectures.
ASR 1000 is at the heart of Cisco IWAN solutions
Come see live at our WoS Booth!

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 120
Relevant Sessions at Cisco Live 2017
Breakout Sessions
BRKCRS-3147 Advanced troubleshooting of the ASR1K and ISR 4451-X made
easy

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 121
Complete Your Online Session Evaluation
Please complete your Online
Session Evaluations after each
session
Complete 4 Session Evaluations &
the Overall Conference Evaluation
(available from Thursday) to receive
your Cisco Live T-shirt
All surveys can be completed via
the Cisco Live Mobile App or the
Dont forget: Cisco Live sessions will be available
Communication Stations for viewing on-demand after the event at
CiscoLive.com/Online

BRKARC-2001 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 122
Continue Your Education
Demos in the Cisco campus
Walk-in Self-Paced Labs
Lunch & Learn
Meet the Engineer 1:1 meetings
Related sessions

FL Studio Mobile
75% (4)
FL Studio Mobile
16 pages
l2vpn and Ethernet Services Configuration Guide For Ios-Xr
No ratings yet
l2vpn and Ethernet Services Configuration Guide For Ios-Xr
836 pages
Solution Design Guide For Cisco Unified Contact Center Enterprise
No ratings yet
Solution Design Guide For Cisco Unified Contact Center Enterprise
526 pages
9.3.2.14 Lab - Research Building A Specialized Laptop
20% (5)
9.3.2.14 Lab - Research Building A Specialized Laptop
3 pages
Calix R3.1 User Guide
100% (1)
Calix R3.1 User Guide
396 pages
1.1 ASR 9000 Architecture (New)
100% (1)
1.1 ASR 9000 Architecture (New)
13 pages
Cisco Asr100x
No ratings yet
Cisco Asr100x
100 pages
ASR 1000 Architecture Overview and Use Cases
No ratings yet
ASR 1000 Architecture Overview and Use Cases
54 pages
Brkarc 2003
No ratings yet
Brkarc 2003
75 pages
2014 Usa PDF BRKARC-2001
No ratings yet
2014 Usa PDF BRKARC-2001
105 pages
Cisco SD-Access - A Look Under The Hood
No ratings yet
Cisco SD-Access - A Look Under The Hood
121 pages
Brkarc 2001
No ratings yet
Brkarc 2001
116 pages
CSC13 Asr-9000
No ratings yet
CSC13 Asr-9000
99 pages
Brkaci 2271 PDF
No ratings yet
Brkaci 2271 PDF
168 pages
Brkarc 2003
No ratings yet
Brkarc 2003
31 pages
Brkarc 2019
100% (1)
Brkarc 2019
73 pages
Web Development Using JSP
No ratings yet
Web Development Using JSP
800 pages
2015ebook Nuage PDF
No ratings yet
2015ebook Nuage PDF
90 pages
Brkopt 2116
No ratings yet
Brkopt 2116
111 pages
DCI Imp
No ratings yet
DCI Imp
80 pages
BRKCRS 2501
100% (1)
BRKCRS 2501
372 pages
Mitel MiCollab Client Admin Guide 7.2 PDF
No ratings yet
Mitel MiCollab Client Admin Guide 7.2 PDF
230 pages
2014 BRKSPG-2722 SDN Asr9k
No ratings yet
2014 BRKSPG-2722 SDN Asr9k
130 pages
2016 Brkspg-2061 Cableipv6
No ratings yet
2016 Brkspg-2061 Cableipv6
107 pages
2016 Brkspg-2061 Cableipv6
No ratings yet
2016 Brkspg-2061 Cableipv6
107 pages
B BGP CG 74x ncs540
No ratings yet
B BGP CG 74x ncs540
186 pages
ASR 1000 Overview
No ratings yet
ASR 1000 Overview
37 pages
BRKMPL 2333
No ratings yet
BRKMPL 2333
102 pages
Fabricpath Dci
No ratings yet
Fabricpath Dci
24 pages
Cisco Catalyst 9800-CL Wireless Controller For Cloud Deployment Guide
No ratings yet
Cisco Catalyst 9800-CL Wireless Controller For Cloud Deployment Guide
80 pages
Brkarc 3001
No ratings yet
Brkarc 3001
112 pages
Tanner Manual
100% (1)
Tanner Manual
60 pages
TalendOpenStudio BigData GettingStarted 5.4.1 en
No ratings yet
TalendOpenStudio BigData GettingStarted 5.4.1 en
60 pages
CorelDraw X5
No ratings yet
CorelDraw X5
2 pages
Emulation of Automotive Communication Protocol Single Edge Nibble Transmission (SENT) Using Aurix Family of Microcontrollers
No ratings yet
Emulation of Automotive Communication Protocol Single Edge Nibble Transmission (SENT) Using Aurix Family of Microcontrollers
4 pages
Brkarc 2001
100% (1)
Brkarc 2001
112 pages
CM SP Bpi+ - I12 050812
100% (1)
CM SP Bpi+ - I12 050812
184 pages
A10-Dg-Carrier Grade Nat CGN Large Scale Nat LSN
No ratings yet
A10-Dg-Carrier Grade Nat CGN Large Scale Nat LSN
62 pages
Brkarc 2003
No ratings yet
Brkarc 2003
114 pages
Brkcol 2125
No ratings yet
Brkcol 2125
113 pages
BRKRST 2046
No ratings yet
BRKRST 2046
276 pages
B Cisco Nexus 9000 Series NX Os Vxlan Configuration Guide 93x
No ratings yet
B Cisco Nexus 9000 Series NX Os Vxlan Configuration Guide 93x
468 pages
Skollar Cisco 7600 Series Product Essentials
No ratings yet
Skollar Cisco 7600 Series Product Essentials
27 pages
Catalyst 8000 DNA Subscriptions Licensing FAQ v2023-02-06
No ratings yet
Catalyst 8000 DNA Subscriptions Licensing FAQ v2023-02-06
21 pages
BRKARC-2001 Cisco ASR 1000
No ratings yet
BRKARC-2001 Cisco ASR 1000
48 pages
BRKCRS 1452
No ratings yet
BRKCRS 1452
90 pages
Newscutter Guide INEWS Tool
No ratings yet
Newscutter Guide INEWS Tool
43 pages
BRKSPG-2904-2904 - Cisco Live Session - v2-CL PDF
No ratings yet
BRKSPG-2904-2904 - Cisco Live Session - v2-CL PDF
182 pages
Brksec 2021
No ratings yet
Brksec 2021
140 pages
Brksec 2430 PDF
No ratings yet
Brksec 2430 PDF
120 pages
Anite Network Testing - Testing of Voice Quality Using PESQ and POLQA Algorithms - Whitepaper
No ratings yet
Anite Network Testing - Testing of Voice Quality Using PESQ and POLQA Algorithms - Whitepaper
17 pages
Archiving A Certificate With ArchiveLink
No ratings yet
Archiving A Certificate With ArchiveLink
3 pages
ASR 9K: RSP880-LT Overview: Service Provider Infrastructure Group
No ratings yet
ASR 9K: RSP880-LT Overview: Service Provider Infrastructure Group
4 pages
Cisco ASR 1000 Datasheet
No ratings yet
Cisco ASR 1000 Datasheet
12 pages
BRKSPG 2904 ASR 9000IOS XR Hardware Architecture QOS EVC IOS XR Configuration and Troubleshooting 2014 Milan 2 Hours
No ratings yet
BRKSPG 2904 ASR 9000IOS XR Hardware Architecture QOS EVC IOS XR Configuration and Troubleshooting 2014 Milan 2 Hours
165 pages
Brksec 3021
No ratings yet
Brksec 3021
131 pages
LIR Handbook
No ratings yet
LIR Handbook
174 pages
B Cisco Nexus 9000 Series NX-OS Label Switching Configuration Guide 7x PDF
No ratings yet
B Cisco Nexus 9000 Series NX-OS Label Switching Configuration Guide 7x PDF
154 pages
Cisco Unified Wireless Network Solution Overview
No ratings yet
Cisco Unified Wireless Network Solution Overview
20 pages
Logic Gate Investigatory PDF
No ratings yet
Logic Gate Investigatory PDF
12 pages
Cisco Identity Services Engine User Guide, Release 1.2
No ratings yet
Cisco Identity Services Engine User Guide, Release 1.2
786 pages
Section 2 Hardware Overview
No ratings yet
Section 2 Hardware Overview
69 pages
Variation Tolerant Clock Distribution Network For Nomicroprocessor
No ratings yet
Variation Tolerant Clock Distribution Network For Nomicroprocessor
8 pages
Brkccie 3203
No ratings yet
Brkccie 3203
93 pages
Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release PDF
No ratings yet
Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release PDF
776 pages
Chapter 3: z/OS Overview
No ratings yet
Chapter 3: z/OS Overview
45 pages
B Multicast CG Asr9k 71x
No ratings yet
B Multicast CG Asr9k 71x
342 pages
Kerio Administrator's Guide
No ratings yet
Kerio Administrator's Guide
360 pages
ASR9000xr Understanding SNMP and Troubleshooting
No ratings yet
ASR9000xr Understanding SNMP and Troubleshooting
56 pages
DCI2 External PDF
No ratings yet
DCI2 External PDF
146 pages
BRKDCN 3346
No ratings yet
BRKDCN 3346
161 pages
Getting Started Guide For Junos OS
No ratings yet
Getting Started Guide For Junos OS
72 pages
Nemo Analysis by Log File
No ratings yet
Nemo Analysis by Log File
192 pages
BRKCRS 3468
No ratings yet
BRKCRS 3468
164 pages
Brkaci-2000 (2018)
No ratings yet
Brkaci-2000 (2018)
59 pages
Instruction Set-1
No ratings yet
Instruction Set-1
36 pages
2014 Psorst-2002 Isr4k
No ratings yet
2014 Psorst-2002 Isr4k
54 pages
Innovations in Ethernet Encryption (802.1ae - Macsec) For Securing High Speed (1-100ge) Wan Deployments
No ratings yet
Innovations in Ethernet Encryption (802.1ae - Macsec) For Securing High Speed (1-100ge) Wan Deployments
22 pages
CCTV Storage and Bandwidth
No ratings yet
CCTV Storage and Bandwidth
2 pages
Brkaci 2102
No ratings yet
Brkaci 2102
121 pages
Horizontal Stacking
No ratings yet
Horizontal Stacking
8 pages
8 Infoblox Appliances
No ratings yet
8 Infoblox Appliances
5 pages
400G Transceivers and Cables Q&A
No ratings yet
400G Transceivers and Cables Q&A
14 pages
BRKSPG 2904 PDF
No ratings yet
BRKSPG 2904 PDF
168 pages
Getting Started With The AXA IN eRL BLE - v1.0 PDF
No ratings yet
Getting Started With The AXA IN eRL BLE - v1.0 PDF
15 pages
Brkarc 3437
No ratings yet
Brkarc 3437
110 pages
Brkipm-2011 - Multicast Mpls
No ratings yet
Brkipm-2011 - Multicast Mpls
106 pages
Cisco IOS XR Getting Started Guide For The Cisco CRS Router
No ratings yet
Cisco IOS XR Getting Started Guide For The Cisco CRS Router
220 pages
Reinventing Data Center Switching: © 2013 Arista Networks. All Rights Reserved. Arista Confidential
No ratings yet
Reinventing Data Center Switching: © 2013 Arista Networks. All Rights Reserved. Arista Confidential
20 pages
Configuring Cisco Callmanager Express (Cme) : Cisco Networking Academy Program
No ratings yet
Configuring Cisco Callmanager Express (Cme) : Cisco Networking Academy Program
146 pages
BRKCOM-1005 UCS Architecture
No ratings yet
BRKCOM-1005 UCS Architecture
73 pages
B Cisco NX-OS Licensing Guide
No ratings yet
B Cisco NX-OS Licensing Guide
58 pages
Medicai - Pitchdeck
No ratings yet
Medicai - Pitchdeck
17 pages
Lisp Mobile
No ratings yet
Lisp Mobile
86 pages
558 1 4 01 - r21 PDF
No ratings yet
558 1 4 01 - r21 PDF
37 pages
Abhishek Tayal Zomato Cover Letter
No ratings yet
Abhishek Tayal Zomato Cover Letter
1 page
PCUI 7.0overview
No ratings yet
PCUI 7.0overview
16 pages
DCUFI - Implementing Cisco Data Center Unified Fabric 4.0
No ratings yet
DCUFI - Implementing Cisco Data Center Unified Fabric 4.0
7 pages
Comprog Chapter 1 Reviewer
No ratings yet
Comprog Chapter 1 Reviewer
7 pages
Brkcam 2007
No ratings yet
Brkcam 2007
111 pages
2016 05 EX Newsletter
No ratings yet
2016 05 EX Newsletter
1 page
Fabric Path Config Guide
No ratings yet
Fabric Path Config Guide
94 pages
QLogic Cisco FCoE Design Guide
No ratings yet
QLogic Cisco FCoE Design Guide
55 pages
Devise Multiple Resources, Registrations, STI and Single Sign Sign On
No ratings yet
Devise Multiple Resources, Registrations, STI and Single Sign Sign On
3 pages
Mac HFS+ Disk Support Guide
No ratings yet
Mac HFS+ Disk Support Guide
18 pages
F5 Big Ip Ref PDF
100% (1)
F5 Big Ip Ref PDF
2 pages
CV For One Bank of MD Ekram Hossain
No ratings yet
CV For One Bank of MD Ekram Hossain
2 pages
High Speed Polyphase CIC Decimation Filters: June 1996
No ratings yet
High Speed Polyphase CIC Decimation Filters: June 1996
5 pages

Brkarc 2001

Uploaded by

Brkarc 2001

Uploaded by

ASR 1000 System & Solution

Jason Yang - CCIE #10467, Technical Marketing Engineer

Introducing the ASR 1000

Best in Class ASIC Best in Class

Ethernet Multi-Service, Secure

2.5 to 20 5 to 36 44 to 100 44 to 100 10 to 40 20 to 100 40 to 100 40 to 200 40 to 200

Enterprise Edge and Managed Services Routers

Service Provider Edge Routers

Mobile subscriber WAN aggregation

High end branch Cloud

High Speed CPE WAN Aggregation Data Center Interconnect

Mobile Access and Aggregation

interconn GE switch interconn. GE switch QFP

interconnect interconnect interconnect

AGG AGG AGG

SPA SPA Built-in GE/10GEs EPA EPA

interconn GE switch interconn. GE switch QFP

interconnect interconnect interconnect

AGG AGG AGG

SPA SPA Built-in GE/10GEs EPA EPA

SPA Interface Processor Ethernet Linecard Modular Interface Processor

interconn GE switch interconn. GE switch QFP

interconnect interconnect interconnect

AGG AGG AGG

SPA SPA Built-in GE/10GEs EPA EPA

SPA Interface Processor Ethernet Linecard Modular Interface Processor

ESP Slots 1 2 2 2 (super) 2 (super)

SIP/MIP Slots 2 (SIP only) 3 (SIP only) 2 3 6

Built-In Ethernet N/A N/A N/A N/A N/A

Redundancy Software Hardware Hardware Hardware Hardware

1100 power modules 1100 power modules

6x EPA (MIP-100) ISSU

Modular Fan Tray

ASR1006 Yes No Yes Yes No Yes Yes Yes No

ASR1013 Yes Yes Yes Yes Yes(2)(3) No Yes Yes Yes

ASR1006-X Yes(1) Yes Yes Yes Yes(3) No Yes Yes No

ASR1009-X Yes(1) Yes Yes Yes Yes(3) No Yes Yes Yes

(1)RP2 with new CPLD

(2)100G support in Slots 2&3; others at 40G

(3)ASR1000-MIP100 is not supported with ESP40

JTAG Ctrl Egress ESI, 110 Gbps

RPs 2 EPAs 2 EPAs 2 EPAs

CPAK-100G-SR10 CAB-MPO24-2XMPO12 QSFP-40G-SR4

EPA-10x10GE XE 3.16.4 XE 16.3.1 SFP-10G-SR, SFP-10G-SR-X, SFP-10G-LR, SFP-

EPA-18x1GE XE 16.2.1 XE 16.2.1 GLC-GE-100FX, GLC-SX-MMD, GLC-LH-SMD,

CPU 2.66GHz Intel Xeon Dual-core 2.2GHz Intel Broadwell Quad-core

ESI, 11.2 Gbps

Interconnect EOBC Switch Output Input

SIPs/ ESPs RP ESPs SIPs/ ESPs RP SIPs/ SIPs/ RP RP

50 Gbps 50 Gbps 10G 80G

Dispatcher Packet Buffer

RPs RPs ESP RPs SIPs

System bandwidth (IMIX) 18 Gbps 41 Gbps 130 Gbps 227 Gpbs

Performance (IMIX) 6 Mpps 14 Mpps 45 Mpps 78 Mpps

Five year design and continued evolution now on 3rd generation

3rd Gen QFP linerate security

1st Gen QFP

#cores: Number of Packet Processing Engines

High Speed Backplane Aggregation ASIC

IO Oversubscription & Aggregation ASIC

Increasing network intelligent and services requirements

SPA Slots 1 3 N/A N/A

Built in I/O Crypto module

ASR 1001-HX can be ordered with or without the crypto

Crypto module can be installed in the field unit when it

Crypto bandwidth licensed from factory (default 8Gbps,

16Gbps crypto license unlocks crypto performance cap

Power Supply & Fans

25Gbps crypto license unlocks crypto performance cap of 39Gbps (1400bytes)

ASR 1002-HX must be powered down to install/remove crypto module

PPEs QFP1 PPEs QFP2

11Gbps 80Gbps 8Gbps 120Gbps

Zero packet loss with RP Failover Linux Kernel Linux Kernel

Chassis SPAs/EPAs in the chassis

Kernel (incl. utilities)

Ethernet Out of Band Channel