



ılıılı cısco

© 2010 Cisco and/or its affiliates. All rights reserved.

## ASR 1000 in SP and Enterprise networks

 ASR 1000 is a feature-rich service edge router that can be deployed in both Service Provider and Enterprise networks in the following applications

### Enterprise

Secure WAN Aggregation including IPSec VPN – DMVPN, GETVPN

- Private WAN
- Internet Gateway FW/NAT
- Data Center Interconnect (DCI)
- Voice services (CUBE(ENT))
- Over the Top Virtualization (OTV)

### Service Provider

Managed CPE Broadband Aggregation LAC/PTA/LNS Voice services (CUBE (SP)) Hosted Security Services (FW/NAT, IPSec) Provider Edge (L3VPN, L2VPN) Virtual Private LAN Services (VPLS)



## Where the ASR 1000 Fits



### SERVICE PROVIDER EDGE Routers

## **ASR 1000: Enterprise Applications**



# Hardware Components

## Chassis Options: ASR1006



### Rack Mounts and Cable Management not shown

## ASR 1000 Series Chassis

| g                              | ASR 1001      | ASR 1002      | ASR 1002-X<br>Target IOS XE<br>3.7.1S (Sept 2012) | ASR 1004      | ASR 1006       | ASR 1013      |
|--------------------------------|---------------|---------------|---------------------------------------------------|---------------|----------------|---------------|
| SPA Slots                      | 1-slot        | 3-slot        | 3-slot                                            | 8-slot        | 12-slot        | 24-slot       |
| RP Slots                       | Integrated    | Integrated    | Integrated                                        | 1             | 2              | 2             |
| ESP Slots                      | Integrated    | 1             | Integrated                                        | 1             | 2              | 2             |
| SIP Slots                      | Integrated    | Integrated    | Integrated                                        | 2             | 3              | 6             |
| IOS<br>Redundancy              | Software      | Software      | Software                                          | Software      | Hardware       | Hardware      |
| Built-In GE                    | 4             | 4             | 6                                                 | N/A           | N/A            | N/A           |
| Height                         | 1.75" (1RU)   | 3.5" (2RU)    | 3.5" (2RU)                                        | 7" (4RU)      | 10.5" (6RU)    | 22.7" (13RU)  |
| Bandwidth                      | 2.5 to 5 Gbps | 5 to 10 Gbps  | 5 to 36 Gbps                                      | 10 to 40 Gbps | 10 to 100 Gbps | 40-100+ Gbps  |
| Maximum<br>Output Power        | 400W          | 470W          | 470W                                              | 765W          | 1275W          | 3200W         |
| Airflow                        | Front to back | Front to back | Front to back                                     | Front to back | Front to back  | Front to back |
| Integrated I/O<br>Daughtercard | 1             |               |                                                   |               |                |               |

## Route Processors (RP)

|                                     | ASR1001                                                      | ASR1002-X                              | RP1                                                                             | RP2                                            |
|-------------------------------------|--------------------------------------------------------------|----------------------------------------|---------------------------------------------------------------------------------|------------------------------------------------|
|                                     | <b>v () () () () () () () () () () () () () </b>             |                                        |                                                                                 |                                                |
| CPU                                 | Dual-Core 2.2GHz<br>Processor                                | Quad-Core 2.13GHz<br>Processor         | General Purpose CPU<br>Based on<br>1.5GHz Processor                             | Dual-Core Processor,<br>2.66GHz                |
| Memory                              | 4GB default (4x1GB)<br>8GB(4x2GB)<br>16GB maximum<br>(4x4GB) | 4GB default<br>8GB<br>16GB             | 2GB default (2x1GB)<br>4GB maximum (2x2GB)<br>RP1 with 4GB built in<br>ASR 1002 | 8GB default (4x2GB)<br>16GB maximum<br>(4x4GB) |
| Built-In eUSB<br>Bootflash          | 8GB                                                          | 8GB                                    | 1GB (8GB on ASR<br>1002)                                                        | 2GB                                            |
| Storage                             | External USB                                                 | 160GB HDD (optional)<br>& External USB | 40GB HDD and External<br>USB                                                    | 80GB HDD and External<br>USB                   |
| Cisco IOS XE<br>Operating<br>System | 64 bit                                                       | 64 bit                                 | 32 bit                                                                          | 64 bit                                         |
| Chassis<br>Support                  | Integrated in ASR1001 chassis                                | Integrated in ASR1002-X chassis        | ASR1002 (integrated),<br>ASR1004, and<br>ASR1006                                | ASR1004, ASR1006,<br>and ASR1013               |

## **ESP100**

### Roadmap for Increased Performance and Scale



### **ESP-100G**

| Total Bandwidth                                                          | • 100 Gbps                                                                                                 |
|--------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------|
| Performance                                                              | Up to 32 Mpps                                                                                              |
| QuantumFlow Processors<br>- Resource Memory<br>- TCAM<br>- Packet Buffer | <ul> <li>2</li> <li>4 GB</li> <li>1 x 80 Mb</li> <li>1 GB</li> </ul>                                       |
| Control CPU<br>- Frequency<br>- Memory                                   | <ul> <li>Dual-core CPU</li> <li>1.73 GHz</li> <li>16 GB</li> </ul>                                         |
| Broadband<br>QoS<br>IPSec Bandwidth (1400 B)<br>FW/NAT                   | <ul> <li>Up to 64 K sessions</li> <li>Up to 232 K queues</li> <li>30 Gbps</li> <li>6 M sessions</li> </ul> |
| Chassis<br>Route Processor                                               | <ul><li>ASR 1006, ASR 1013</li><li>RP2 + Future</li></ul>                                                  |

## Embedded Services Processors (ESP)

Based on Quantum Flow Processor (QFP)



|                                     | ESP-2.5G                | ESP-5G                               | ESP-10G                | ESP-20G       | ESP-40G               | ESP-100G              |
|-------------------------------------|-------------------------|--------------------------------------|------------------------|---------------|-----------------------|-----------------------|
| System<br>Bandwidth                 | 2.5Gbps                 | 5Gbps                                | 10Gbps                 | 20Gbps        | 40Gbps                | 100Gbps               |
| Performance                         | 3Mpps                   | 8Mpps                                | 17Mpps                 | 24Mpps        | 24Mpps                | 32Mpps                |
| # of<br>Processors                  | 10                      | 20                                   | 40                     | 40            | 40                    | 128                   |
| Clock Rate                          | 900 MHz                 | 900 MHz                              | 900 MHz                | 1.2 GHz       | 1.2 GHz               | 1.5 GHz               |
| Crypto<br>Engine BW<br>(1400 bytes) | 1Gbps                   | 1.8Gbps                              | 4.4Gbps                | 8.5Gbps       | 11Gbps                | 25Gbps                |
| QFP<br>Resource<br>Memory           | 256MB                   | 256MB                                | 512MB                  | 1GB           | 1GB                   | 4GB                   |
| Packet Buffer                       | 64MB                    | 64MB                                 | 128MB                  | 256MB         | 256MB                 | 1GB                   |
| Control CPU                         | 800 MHz                 | 800 MHz                              | 800 MHz                | 1.2 GHz       | 1.8 GHz               | Dual core 1.73<br>GHz |
| Control<br>Memory                   | 1GB                     | 1GB                                  | 2GB                    | 4GB           | 8GB                   | 16GB                  |
| ТСАМ                                | 5Mb                     | 5Mb                                  | 10Mb                   | 40Mb          | 40Mb                  | 80Mb                  |
| Chassis<br>Support                  | ASR1001<br>(Integrated) | ASR1001<br>(integrated),<br>ASR 1002 | ASR1002,<br>1004, 1006 | ASR1004, 1006 | ASR1004,1006,<br>1013 | ASR1006, 1013         |

## ASR 1000—SIP (SPA Interface Processors)



|                        | ASR-1000-SIP10 | ASR-1000-SIP40      |
|------------------------|----------------|---------------------|
| Bandwidth              | 10G            | 40G                 |
| Ingress Buffering      | 128MB          | 128MB               |
| Egress Buffering       | 8MB            | 8MB                 |
| ESI Frequency          | 3.125GHz       | 6.25GHz or 3.125GHz |
| Bandwidth per ESI Link | 11Gbps         | 23Gbps              |
| ESI Links Used         | 1              | 1 or 2              |
| Total Bandwidth        | 11Gbps         | 23Gbps/46Gbps       |

## ASR 1000 SPA Support

SPAs Currently Supported on Other Cisco Platforms Will Also be Supported on the ASR 1000

| <b>Ethernet</b><br>FE<br>GE<br>10GE | A A A A A A A A A A A A A A A A A A A | ATM<br>0C3<br>0C12                              |
|-------------------------------------|---------------------------------------|-------------------------------------------------|
| Serial<br>12 in 1                   |                                       | <b>Clear</b><br>Channel<br>T3/E3                |
| <b>POS</b><br>OC3<br>OC12<br>OC48   |                                       | <b>Channelized</b><br>T1/E1<br>T3<br>STM1, STM4 |

### ASR 1000 Series Innovations Cisco QuantumFlow Processor

- Five year design
- Massively parallel, 64 multi-threaded cores
- QFP Architecture designed to scale to >100Gbit/sec
- 256 processes available to handle traffic
- High-priority traffic is prioritised
- Packet replication capabilities for Lawful Intercept
- Full visibility of entire L2 frame
- · Latency: tens of microseconds with features enabled
- Interfaces on-chip for external cryptographic engine
- First generation QFP is capable of 40 Gbps
- Second generation QFP is capable of 60 Gbps

|                                          | Cisco QFP   | Sun<br>Ultrasparc T2 | Intel Core 2<br>Mobile U7600 |
|------------------------------------------|-------------|----------------------|------------------------------|
| Total number processes (cores x threads) | 256         | 64                   | 2                            |
| Power per process                        | 0.26W       | 1.01W                | 5W                           |
| Scalable traffic management              | 116k Queues | None                 | None                         |



**Cisco QFP** 



Cisco QFP Traffic Manager

## System Architecture—Dataplane



- All data forwarding is through ESP
- Exception: Punt path for Legacy protocols—handled by the RP
- Interconnect ASIC in each of the functional elements provides the backplane connection through ESI links
- ESI (Enhanced Serdes Interconnect) links are used for Data forwarding
- SPA-SPI links connect to the backplane through the SPA-Agg ASIC

## System Architecture—Control Plane



### Ethernet Out-of-Band Channel (EOBC)

- Run between all components
- Indication if cards are installed and ready
- · Watchdog timers
- State information exchange for L2 or L3 Protocols

#### I<sup>2</sup>C

- Monitor health of hardware components
- Control resets
- Communicate active/standby, real time presence and ready indicators
- Control the other RP (reset, power-down, interrupt, report power supply status, signal ESP active/standby)
- EEPROM access
- SPA control links
- Run between IOCP and SPAs
- Detect SPA OIR
- Reset SPAs (via I2C)
- Power-control SPAs (via I2C)
- Read EEPROMs

## **ASR 1000 System Oversubscription**

Total bandwidth of the system is determined by the following factors

The type of forwarding engine—ESP-10G or ESP-20G

The type of SPA Interface Processor

 SPA Interface Processors in the system share the ESP bandwidth, regardless of the type of the SIP—2XSIP in 4RU chassis and 3XSIP in 6RU chassis

ESP-10G—10G bandwidth shared among all SPA Interface Processors

ESP-20G—20G bandwidth shared among all SPA Interface Processors

 The SIP bandwidth is the bandwidth of the link between one SPA Interface Processor and the ESP SIP-10G—10G link between SIP and ESP

| Chassis<br>Version   | ESP Version | SIP Version | SIP Slots | Max.<br>Bandwidth per<br>IP Slot (Gbps) | SPA to SIP<br>Oversubscription | Bandwidth<br>on ESP<br>(Gbps) | ESP (System<br>Bandwidth)<br>Oversubscription | System<br>(Chassis)<br>Oversubscription |
|----------------------|-------------|-------------|-----------|-----------------------------------------|--------------------------------|-------------------------------|-----------------------------------------------|-----------------------------------------|
| ASR 1001             | ESP2.5      | n.a.        | n.a.      | n.a.                                    | 2:1                            | 2.5                           | 5.6:1                                         | 5.6:1                                   |
| ASR 1001/<br>ASR1002 | ESP5        | n.a.        | n.a.      | n.a.                                    | 4:1                            | 5                             | 6.8:1                                         | 6.8:1                                   |
|                      | ESP10       | n.a.        | n.a.      | n.a.                                    | 4:1                            | 10                            | 3.4:1                                         | 3.4:1                                   |
| ASR 1002-X           | ESP40       | SIP40       | n.a.      | n.a.                                    | 9:10                           | 36                            | 1:1                                           | 9:10                                    |
| ASR 1004             | ESP10       | SIP10       | 2         | 10                                      | 4:1                            | 10                            | 2:1                                           | 8:1                                     |
|                      | ESP20       | SIP10       | 2         | 10                                      | 4:1                            | 20                            | 1:1                                           | 4:1                                     |
|                      | ESP40       | SIP10       | 2         | 10                                      | 4:1                            | 40                            | 1:2                                           | 4:1                                     |

(Table continued on next slide)

## ASR 1000 HA Highlights

- ASR 1000 leverages Cisco IOS HA infrastructure—NSF/SSO, ISSU
- 1+1 redundancy option for RP and ESP Active and standby No load balancing
- RPs are separate from ESPs

Switchover of ESP does not result in switchover of RP Switchover of RP/IOS does not result in switchover of ESP

- Single RP may be configured with dual IOS for SW redundancy (single RP only)
- No redundancy for SIP or other I/O cards SPA plugs into a single SIP
- Protection against SPA or SIP failure is via APS or Y-cable redundancy feature (Future: requires SPA support)

## System Architecture: Distributed Control Plane



Separate and Independent Internal Communication Link for Control Plane (GE)

### System Architecture: Centralized Data Plane



All Packets Processed by QFP for Forwarding Separate and Independent links for Data Plane communication (ESI 11.5G)

# Software Architecture and Packages

## Software Architecture: IOS XE

- IOS XE = IOS + IOS XE Middleware + Platform Software
- Operational Consistency—same look
   and feel as IOS Router
- IOS runs as its own Linux process for control plane (Routing, SNMP, CLI, etc.); 32bit and 64bit options
- Linux kernel with multiple processes running in protected memory for:

Fault containment

Restartability

ISSU of individual SW packages

### ASR 1000 HA innovations

Zero-packet-loss RP Failover (ASR1006) <50ms ESP Failover "Software Redundancy" (ASR1001/2/4)



SPA Interface Processor Enhanced Services Processor

## Software Sub-Packages

- 1. RPBase: RP OS Why?: Upgrading of the OS will require reload to the RP and expect minimal changes
- 2. RPIOS: IOS Why?: Facilitates Software Redundancy feature
- 3. RPAccess (K9 and non-K9): Software required for router access; two versions will be available. One that contains open SSH and SSL and one without Why?: To facilitate software packaging for export-restricted countries
- RPControl : Control Plane processes that interface between IOS and the rest of the platform Why?: IOS XE Middleware
- 5. ESPBase: ESP OS + Control processes + QFP client/ driver/ucode: Why?: Any software upgrade of the ESP requires

reload of the ESP

- 6. SIPBase: SIP OS + Control processes Why?: OS upgrade requires reload of the SIP
- 7. SIPSPA: SPA drivers and FPD (SPA FPGA image) Why?: Facilitates SPA driver upgrade of specific SPA slots



## Roadmap

## ASR1002-X Overview





| Chassis & HW   | <ul> <li>2RU form factor</li> <li>Integrated RP, ESP &amp; SIP</li> <li>Redundant AC/DC PSU, same as<br/>ASR1002</li> </ul>                                                                                               |
|----------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| System BW      | <ul> <li>5G, 10G, 20G, 36G, via software upgrade</li> </ul>                                                                                                                                                               |
| Performance    | Up to 30 Mpps                                                                                                                                                                                                             |
| Crypto BW      | • 4G                                                                                                                                                                                                                      |
| Control Plane  | Quad-core @ 2.13GHz processor                                                                                                                                                                                             |
| Data Plane     | <ul> <li>Integrated ESP with SW selectable<br/>BW from 5G to 36G</li> </ul>                                                                                                                                               |
| I/O            | <ul> <li>3 SPA bays + 6 built-inGE ports<br/>(Copper/Fiber SFP, SyncE capable)</li> <li>Console / MGMT Ethernet / Aux</li> <li>Management Ethernet</li> <li>External USB storage</li> <li>Optional HDD (160GB)</li> </ul> |
| FW/NAT         | • 36G FW/NAT, 2 M sessions                                                                                                                                                                                                |
| Network Timing | <ul> <li>Stratum 3/G.813 Clocking, BITS<br/>timing, GPS, SyncE, 1588</li> </ul>                                                                                                                                           |
| Image Security | <ul><li>Secure boot</li><li>Code Signing (FIPS-140-3)</li></ul>                                                                                                                                                           |

### **Customer Benefits**

- Compact (2RU) WAN aggregation routing solution with embedded instant-on services
- Versatile Routing Solution ...
  - WAN Aggregation including secure WAN
  - Internet Gateway with Performance Routing and Firewall
  - Managed Services Solution with highly integrated services
  - High-end branch office solution
  - Highly scalable Route Reflector
  - MSE, BRAS with up to 64K sessions
- **Performance** Almost 4 times the performance of ASR1002
- Pay-As-You-Grow: Easy performance upgrade via software activated license (to10/20/36G)
- Investment protection Same SPAs used across other ASR 1000 chassis and Cisco platforms
- Feature Licenses Monitoring for RTU licenses
  - For technology licenses (IPB,AIS,AES)
  - For honor-based feature licenses
- Same operational IOS "look & feel" as rest of ASR 1000 family

## ESP100

### Roadmap for Increased Performance and Scale





| Total Bandwidth                                                          | • 100 Gbps                                                                                                 |
|--------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------|
| Performance                                                              | Up to 32 Mpps                                                                                              |
| QuantumFlow Processors<br>- Resource Memory<br>- TCAM<br>- Packet Buffer | <ul> <li>2</li> <li>4 GB</li> <li>1 x 80 Mb</li> <li>1 GB</li> </ul>                                       |
| Control CPU<br>- Frequency<br>- Memory                                   | <ul> <li>Dual-core CPU</li> <li>1.73 GHz</li> <li>16 GB</li> </ul>                                         |
| Broadband<br>QoS<br>IPSec Bandwidth (1400 B)<br>FW/NAT                   | <ul> <li>Up to 64 K sessions</li> <li>Up to 232 K queues</li> <li>30 Gbps</li> <li>6 M sessions</li> </ul> |
| Chassis<br>Route Processor                                               | <ul><li>ASR 1006, ASR 1013</li><li>RP2 + Future</li></ul>                                                  |

### Target FCS: July 2012

### IOS XE 3.7S – Hardware & Routing

### Routing

- uRPF with ACL feature
- BGP C-Route overlay signaling
- MLFR for IPv6
- RR for BGP auto-discovery of mVPN4 and mVPN6
- IPv6 GRE tunnel protection
- IPv6 export for Netflow
- IPSLA QFP timestamp

### QOS • GRE/VTI QoS: add new classes to 2nd level policy

### Chassis • ASR1002-X (Kingpin)\* \*Available only in 3.7.1S – Sep'2012 ESP • ESP100\* \* Available only in 3.7.1S – Sep'2012

### Target FCS: July 2012

## IOS XE 3.7S - Services

### Security

- Dual stack DMVPN over v4 transport
- NSA Suite B Control Plane (ECDH-ECDSA)
- Dual Stack FlexVPN over v4, v6 transport
- AAA Accounting for IKEv2
- ASR1k IPSec Debuggability Enhancement
- VRF aware CRL checking with LDAP
- VASI interface support in v6 ZBFW
- GGSN Pooling
- Resource Management support in v6 ZBFW
- SYN Cookie for v6 ZBFW
- DDoS support in v6 ZBFW
- FTP66 ALG support (FTP66/64)
- H.323 vTCP with HA Support

### **CUBE-SP**

- H.248 Border Access Controller support
- IMS: Support for Rf interface
- H323v TCP with HA support

### AVC

- NBAR2 ESP100 support
- FNF- IPFIX support
- PfR integration with NBAR2
- NBAR2 extracted fields (URL, User-Agent, Referrer)
- Multi-stage classification
- Protocol pack support

### CUBE-ENT

- REFER pass-through and consumption
- Supplementary services for SRTP-RTP interworking
- Bandwidth based CAC
- Inclusion of authorization header in initial REGISTER request
- Populating route header based on proxy server, IP address and port
- Midcall codec renegotiate with RE-INVITe
- Multiple destination pattern support on voice dial-peer
- SIP registration pass through

## Thank you.

#