EPSR
Transkrypt
EPSR
Allied Telesis Praktyczne rozwiązania w sieciach operatorskich Maciej Stelmach, Dyrektor Oddziału [email protected] Rafał Wójcik, Inż. rozwiązań sieciowych [email protected] Poznań, 13 kwietnia 2012 Agenda • Allied Telesis – informacje o firmie • System Operacyjny AlliedWare PLUS /AW+/ • EPSR • • Omówienie technologii EPSR demonstracja • EPSR a sprzęt • Referencje Our mission as a company To build a worldwide organization that is customer focused, that delivers high quality, cost-effective, advanced end-to-end IP-based networking solutions and services that meet current requirements, offer investment protection, but also scale to meet the business application demands of tomorrow.” Takayoshi Oshima Chairman and CEO – Allied Telesis Corporation Allied Telesis KK Group Company Background Year Established 1987 Allied Telesis HD KK Global HQ in Tokyo, Japan Allied Telesis Inc. Americas HQ in Silicon Valley, USA Allied Telesis Intl. EMEA HQ in Netherlands Employees 2,200+ worldwide Worldwide Locations Over 60 countries Global Revenues (2010) $500M+ EMEA Revenues (2010) $120M+ Annual Investment in R&D 17% of revenues Company Ownership Listed in Tokyo Stock Exchange Where are we in the World Allied Telesis HD K.K. Allied Telesis Inc. Regional Headquarters R&D Facilities Manufacturing Sites Allied Telesis International S.A. AT-9000/28 – winning awards for low power Allied Telesis was awarded 'Highly Commended' for its AT-9000/28 Layer 2 Gigabit switch at the BEE Awards 2009 Allied Telesis Converging Technologies Easy Setup Easy Maintenance High Flexibility Low cost Enterprise Carrier High Resiliency High Security Network Management Main Vertical Markets: Few Success Stories Military Healthcare Enterprise U.S. Air Force Italian Air Force Nato - Europe Spanish Army French Army Min. Defence (Tu) Miltary Hospital (Tk) Izumino Hospital (J) Yuzawa Hospital (J) CH Versailles (F) CH Roannes (F) Hospital Larabta (Tu) Tokyo BIG biggest Convention Center (J) Caisse d‘Epargne (F) Banque Populaire (F) Lichtgitter (D) Asahi Broadcasting (J) ONATEL (BF) AREVA (Tu) Transport Government Education Thales Inmint Massy (F) G.R.A. Rome (I) Flughafen Weeze (D) Air Baltic (Lt) Kobe Electric Railway (J) North Gateway Toll (NZ) Casablanca Container Terminal (Mo) Compudist (Mali) Gendarmerie Nationale (F) Min. of Agricolture (F) Municipality Kozani (Gr) Daegu City (Korea) Ministry of Finance (J) Ministry of Transport (Tu) Ministry of Justice (Tu) Université de Paris (F) Université de Grenoble (F) Nat. College Art Design (UK) St. Pauls Girls (UK) Sunian School (E) Politecnico Milano (I) Université de Marrakech (Mo) Allied Telesis customers Deutsche Telekom It. Navy Wybrani klienci - Polska Agenda • Allied Telesis – informacje o firmie • System Operacyjny AlliedWare PLUS /AW+/ • EPSR • • Omówienie technologii EPSR demonstracja • EPSR a sprzęt • Referencje What is AlliedWare Plus™? • AlliedWare Plus™ is constructed around a real-time operating system, with modular applications. • AlliedWare Plus™ Architecture: » » » » » Linux operating system kernel IP Infusion Layer 2/3 switching & routing feature set Open-source software modules Features ported from AlliedWare Features written specifically for AlliedWare Plus™ AlliedWare Plus™ Architecture Conceptual view of the operating system architecture AlliedWare Plus™ Architecture • Linux Kernel » Central component of AlliedWare Plus™ and implements: True multitasking Virtual memory Shared libraries Memory management Multi-stack networking environment including IPv4 and IPv6 » Provides two key components in the AlliedWare Plus system: The operating system – Schedules other processes – Interfaces to peripheral devices The routing stack – Linux TCP/IP stack for IPv4 and IPv6 – Interfaces with hardware and IP Infusion software AlliedWare Plus™ Architecture • IP Infusion » Commercial software providing Layer 2 & 3 switching and routing solutions for communication equipment vendors » Provides IP protocols and features for AlliedWare Plus™ » Offers switching and routing protocols in line with the latest industry standards and RFCs AlliedWare Plus™ Architecture • Open Source Software » Available to the public, enabling modification / redistribution without fees Evolves through community cooperation - from individuals to large companies » AlliedWare Plus™ uses a number of open source software ‘modules’ Providing bolt-on functionality Allowing Allied Telesis to be part of the development community » Some of the open source features include: openSSH openSSL DHCP server & relay agent and others AlliedWare Plus™ Architecture • Allied Telesis developed software » Significant and innovative features which add value and provide key functionality » For example: Virtual Chassis Stacking Quality of Service (QoS) Ethernet Protection Switched Rings (EPSR) Scripts & Triggers and many more AlliedWare Plus™ Structure • AlliedWare Plus™ incorporates an industry standard Command Line Interface (CLI) • Network professionals will find using the new CLI to be instinctive and comfortable AlliedWare Plus™ Configuration example awplus>enable awplus#configure terminal awplus(config)#vlan database awplus(config-vlan)#vlan 2 name vlan2 awplus(config-vlan)#exit awplus(config)#interface port1.1.1-port1.1.4 awplus(config-if)#switchport access vlan 2 awplus(config)#interface vlan2 awplus(config-if)#ip address 192.168.1.1/24 awplus(config-if)#exit AlliedWare Plus™ Feature Highlights Industry-standard command line (CLI) » Easy to learn and use » Incorporates best of AlliedWare features (e.g. Triggers) Virtual Chassis Stacking » High bandwidth, high availability » Single IP address for simpler management » XEM hot-swap for easier & faster maintenance High-Availability Software » Separate processes running in protected memory spaces » Independent process monitoring » Process health-checks AlliedWare Plus™ Feature Highlights Industry-standard command line (CLI) » Easy to learn and use » Incorporates best of AlliedWare features (e.g. Triggers) Virtual Chassis Stacking » High bandwidth, high availability » Single IP address for simpler management » XEM hot-swap for easier & faster maintenance High-Availability Software » Separate processes running in protected memory spaces » Independent process monitoring » Process health-checks AlliedWare Plus™ Operating System Version 5.4.1 What's new? Virtual Routing and Forwarding (VRF) Lite VRF-Lite provides Layer 3 network virtualization by dividing a single router into multiple independent virtual routing domains. With independent routing domains, IP addresses can overlap without causing conflict, allowing multiple customers to have their own secure virtual network within the same physical infrastructure. Open Shortest Path First (OSPFv3) OSPF is a scalable and adaptive routing protocol for IP networks. The addition of OSPFv3 adds support for IPv6 and further strengthens the Allied Telesis focus on next generation networking. Terminal Access Controller Access-Control System Plus (TACACS+) Authentication TACACS+ provides access control for network users from a centralised server. Authentication is carried out via communication between the local switch and a TACACS+ server to check the credentials of users seeking network access. AlliedWare Plus™ Operating System Version 5.4.1 Virtual Routing and Forwarding (VRF) Lite AlliedWare Plus™ - 5.4.2 VCStack Long Distance Stacking for x610 Series » Long distance stacking allows up to eight units to be stacked over SFP+ fibre connections in conjunction with the AT-x6EM/XS2 module. This is in contrast to the shorter AT-StackXG cables used in conjunction with the AT-StackXG module CX4 interfaces. Long distance stacking allows a geographically separated stack of x610 units to all be managed as one switch. Any organization with a large or geographically separated site will benefit, including universities and high-rise offices. PIM-SM PIM-SSM Protocol Independent Multicast » Source Specific Multicast (PIM-SSM) is derived from Protocol Independent Multicast—Sparse Mode (PIM-SM) and is a simplified version of PIM-SM. While PIM-SM supports both a “many-tomany” and a “one-to-many” model, PIM-SSM only supports the “one-to-many” model, also known as a “broadcast application”. PIM-SSM builds shortest path trees (SPT) that are directly rooted at the source. EPSR Interconnected Rings with Superloop Protection » Where EPSR loops share a common segment and common data VLANs, a break in the common segment can result in a path loop existing across the rings. Superloop protection prevents the existence of these loops by applying priorities to the master node ring ports. These priorities modify the blocking behavior of these ports in the event of break in the shared segment. Agenda • Allied Telesis – informacje o firmie i nowości • System Operacyjny AlliedWare PLUS /AW+/ • EPSR • • Omówienie technologii EPSR demonstracja • EPSR a sprzęt • Referencje EPSR – omówienie technologii RFC 3619 Demonstracja działania protokołu EPSR – warunki normalne HealthCheck (Periodic) Primary Secondary Data VLANs 1..N Control VLAN Domain #1 Blocks Data VLANs Domain consists of: » One Control VLAN » Data VLANs 1..N » Master Node » Transit Nodes Master Node: » Sends Periodic HealthCheck Master Domain #1 » Transit Transit » » Transit messages over Control VLAN Primary Port Sends and Receives ALL VLANs Secondary Port Receives Control VLAN Blocks Data VLANs Detects Failure Conditions: Transit reports failure No receipt of HealthCheck Transit Node: » Reports Failures » Flushes FDB EPSR – wystąpnie awarii unblocks Data VLANs Flushes FDB Secondary 3 HealthCheck (Periodic) Primary 4 RingDown 2 RingDown Link Down Master 4 Down 2 Link (Do Flush?) Node #1 Domain #1 Detect Link Failure Send Link Down to Master Master Receives Link Down » Unblock Secondary Port » Flush FDB Notify Transit Nodes by sending RingDown Transit Nodes Receive RingDown » Flush FDB » Relearn new location of MAC addresses 50ms path restored 5 5 Flush MAC table Start Relearning Transit Transit Node #4 Node #2 5 Link Down 2 1 4 Transit Node #3 Flush Konfiguracja VLAN’ów vlan database vlan 100 name data-vlan vlan 500 name control-vlan vlan 100,500 state enable ! interface port1.0.1-1.0.2 switchport switchport mode access switchport access vlan 100 ! interface port1.0.3-1.0.4 switchport switchport mode trunk switchport trunk allowed vlan add 100,500 switchport trunk native vlan none Konfiguracja EPSR ! epsr configuration epsr ring1 mode master controlvlan 500 primaryport port1.0.11 epsr ring1 datavlan 10 epsr ring1 state enabled ! EPSR + Enhanced Recovery Rozszerzenie funkcjonalnosci protokołu EPSR Zarządzanie ringiem w przypadku awarii w dwóch miejscach EPSR + Enhanced Recovery Zarządzanie ringiem w przypadku awarii w dwóch miejscach Wystapienie awarii EPSR + Enhanced Recovery Zarządzanie ringiem w przypadku awarii w dwóch miejscach Split-Ring Dwie domeny broadcastowe EPSR + Enhanced Recovery Zarządzanie ringiem w przypadku awarii w dwóch miejscach EPSR Enhanced Recovery - DISABLED EPSR + Enhanced Recovery Zarządzanie ringiem w przypadku awarii w dwóch miejscach EPSR Enhanced Recovery – ENABLED Zmiana portów w węzłach A i B w stan forwarding EPSR Przykłady EPSR Jeden Ring, dwie domeny EPSR EPSR EPSR + STP EPSR EPSR łaczenie domen EPSR ++ Superloop Protection Drugie rozszerzenie funkcjonalnosci protokołu EPSR Łączenie ringów ze współdzielonym łączem i VLAN’em EPSR ++ Superloop Protection Współdzielone łącze bez współdzielenia domeny broadcast EPSR ++ Superloop Protection Współdzielone łącze z współdzieleniem domeny broadcast EPSR ++ Superloop Protection Współdzielone łącze z współdzieleniem domeny broadcast Bez funkcjonalności Superloop Prevention EPSR ++ Superloop Protection Funkcjonalnosć Superloop Protection wprowadza priorytety : 0 = SL wyłaczone 1-127 = SL włączona 1- najniższy priorytet 127 - najwyższy EPSR ++ Superloop Protection MASTER: Priorytet 1-127 - włączony Superloop Protection - zgubienie Hello Message nie powoduje odblokowania Secondary Port. Jednakże komunikat Fush FDB jest wysyłany - Odblokowanie Secondary Port następuje tylko w przypadku otrymania komunikatu Links Down TRANSIT: Priorytet 1-127 - Nie ma wpływu na przełącznik który nie jest wpięty do segmentu współdzielonego - Transit wpięty w segment współdzielony wysyła Link Down tylko w ring o wyższym priorytecie SwitchBlade x908 - EPSR Resilience demo Projector X900-24XT 1 192.168.100.3 4 3 Laptop streaming Video 192.168.100.4 EPSR Ring Laptop receiving Video and syslog Blocked by EPSR 192.168.100.5 4 x908 192.168.100.1 1 4 3 3 X900-24XT master 192.168.100.2 SwitchBlade x908 - EPSR Resilience demo Projector X900-24XT 1 192.168.100.3 4 3 Laptop streaming Video 192.168.100.4 Laptop receiving Video and syslog Blocked by EPSR 192.168.100.5 4 x908 192.168.100.1 1 4 3 3 X900-24XT master 192.168.100.2 SwitchBlade x908 - EPSR Resilience demo Projector X900-24XT 1 192.168.100.3 4 3 Laptop streaming Video Link down 192.168.100.4 Laptop receiving Video and syslog Blocked by EPSR 3 4 x908 192.168.100.1 192.168.100.5 3 Link down 1 4 X900-24XT master 192.168.100.2 SwitchBlade x908 - EPSR Resilience demo Projector X900-24XT 1 192.168.100.3 4 3 Laptop streaming Video 192.168.100.4 Laptop receiving Video and syslog Blocked by EPSR 192.168.100.5 3 4 x908 192.168.100.1 1 4 Blocked by EPSR 3 X900-24XT master 192.168.100.2 SwitchBlade x908 - EPSR Resilience demo Projector X900-24XT 1 192.168.100.3 4 3 Laptop streaming Video 192.168.100.4 Laptop receiving Video and syslog Health check 192.168.100.5 3 4 x908 192.168.100.1 1 4 3 X900-24XT master 192.168.100.2 SwitchBlade x908 - EPSR Resilience demo Projector X900-24XT 1 192.168.100.3 4 3 Laptop streaming Video 192.168.100.4 Laptop receiving Video and syslog 192.168.100.5 3 4 3 x908 192.168.100.1 1 4 X900-24XT master Ring-Up-Flush-FDB 192.168.100.2 SwitchBlade x908 - EPSR Resilience demo Projector X900-24XT 1 192.168.100.3 4 Generator ruchu 3 Router 192.168.100.1 Wysyła co 20ms pakiet UDP na adres 192.168.100.5 EPSR Ring Laptop z Ethereal Blocked by EPSR 4 x908 192.168.100.1 1 4 3 3 192.168.100.5 X900-24XT master 192.168.100.2 Agenda • Allied Telesis – informacje o firmie i nowości • System Operacyjny AlliedWare PLUS /AW+/ • EPSR • • Omówienie technologii EPSR demonstracja • EPSR a sprzęt • Referencje New Product Launch AT – x610 series x610 Series Positioning Advanced Layer 3 Stacking Network Switches: High performance Edge switch, and Small / Medium Business Core Switch Nine new models x610 Series Positioning 24 & 48 Gigabit port models x610 Series Positioning without with without with With & without Dual 10Gbps SFP+ links x610 Series Positioning With & without PoE+ x610 Series Positioning And a 24 port SFP 10Gbps Ports Old XFP New SFP+ Benefits of SFP+ • • • • SFP+ takes up less space on front panel (fit on more interfaces) An SFP may be fitted in SFP+ slots allowing for flexible interim solutions Consumes less power (XFP <1.37 Watt vs SFP+ <1 Watt) XFP & SFP+ currently the same price, (but XFP £?↑, SFP+ £?↓) • SFP+’s can communicate with XFP’s (850nm > 850nm / 1310nm >1310nm) both LC • SFP+ allows low cost copper 10G connection Dual SFP+ Module – AT-x6EM-XS2 May be used to provide 2 additional 10G for standalone switches giving up to 4 x 10G (Also use for remote stacking) x610 - 2 or 4 x 10Gbps standalone L3 core switch x610-24SPs/X AT-6XEM-2XS provides 2 extra 10Gbps 2 x 10Gbps 10Gbps servers 10 Gb servers Legacy servers n x 1Gbps Edge switches Virtual Chasis Stacking Improved Virtual Chassis Stacking New - x610 stacks to 8 switches Max (384 x 1G ports + 16 10G ports) • x610 uses AT-STACKXG stacking modules (same as x600) 10G transmission with IP stripped = 12Gbps 12+12+12+12 = 48Gbps stacking Benefits of Virtual Chassis Stacking » Stack of switches “becomes one switch” – One console or GUI to manage the entire stack – One configuration for whole stack – One software update for whole stack – Less switches to manage » Across the stack Link Aggregation (LACP) between switches » Across the stack Link Aggregation (LACP) out to servers Ability to build networks with redundant core switches i.e. “No single point of failure” Resilience at Layer 2 - simple to configure – very effective Dual SFP+ Network Interface Card for Servers. Most servers today only offer two 1Gbps ports - Upgrade servers to resilient 20Gbps Part Number Description AT-VNC10S Dual 10G SFP+ Server NIC 2 x 10Gbps Two low cost AT-SP10TW Cables Dual Resilient Core – No single point of failure 10Gbps to server DualSingle 10Gbps = 20Gbps to server 48Gbps stacking • Link aggregation • 10 Gbps • 1 Gbps Virtualized Servers Multiple Resilient Core – No single point of failure 10Gbps 20Gbps 48Gbps stacking • Link aggregation • 10 Gbps • 1 Gbps Dual SFP+ Module for Long distance Stacking Benefits Can be used to provide 2 additional 10G for standalone switches Can be used with SFP+ optics to provide long distances stacking Manage local and remote switches from one GUI or console Protect against: Core Failure, Power failure, Theft, Fire & Flood with a “Remote Stacked Core” SFP+ Twinax Cable - useful with mixed Local & Remote Stacking AT-SP10LR with Single Mode Fibre Up to 10Km stacking cable AT-SPSR with Multi Mode OM3 Fibre Up to 300m stacking cable AT-x6EM-XS2 Rear mounted Remote stacking modules How to join a stack of x610s with stacked x908s LACP 20Gb resilient trunk Remote Stacking 48Gbps X908s Locally Stacked 160Gbps Different stacking protocols - Two GUIs to manage the whole network x610 - Power over Ethernet + Why PoE+ PoE illuminators Raytec less than 25W covers up to 60 metres Combined Fan & Heater – single Cat 6 cable to enclosure Axis P1344E - Class 3 (15.4 Watt x 24 = 370 Watt) Larger Pan Zoom & Tilt camera housings Axis Q6032-E Pan Tilt Zoom - High Power PoE+ (Up to 30 Watt ea) x900 Family Advanced L3+ Switches x900-24X The most flexible 1RU switches on the market! x900-24XT & -24XT-N: 24 x 10/100/1000T 2 x 60Gbps XEM bays x900-24XS: 24 x 100/1000 SFP 2 x 60Gbps XEM bays Flexibility: XEMs Bandwidth: Up to 2 x 10GbE Future-proof: XEMs, 10GbE & IPv6 HW Powerful: Best-in-class QoS, rich feature set Reliability: Dual PSUs, EPSR, stackable, etc. Ease of use: Industry-standard CLI NEBS compliant version (x900-24XT-N) x900 Series – Build Your Own Configuration To position the XEMs and rear components go to the View menu on the main menu bar, go down to “Grid and Guides” and turn off “snap objects to grid”. Drag the XEMs on to the products and use the arrow keys on your keyboard to position them correctly. x900-24XT x900-24XS XEM-2XP Rear view of x900 with moveable PSU and FAN modules XEM-1XP XEM-12T XEM-STK XEM-12S SwitchBlade® x908 Overview 3RU Chassis 8 x XEM bays Stacking Hot swappable PSUs 1 + 1 PSU redundancy 10 GbE aggregator High density GbE Uses the same XEM modules as x900 Fully non-blocking backplane SwitchBlade® x908 Overview Dual hot-swappable power supplies Chassis Fans (hot-swappable) Stacking connectors (for high-speed 160Gbps stacking of 2 units) SwitchBlade® x908 Overview Stackable » SwitchBlade x908 is the only product in its class to support stacking » Built in 2 x 80Gbps connectors on rear of product Stacking of up to 2 devices Total of 160Gbps Ideal for redundant core solution » XEM-STK support Stacking of up to 4 devices* Total of 60Gbps 336 GbE ports in one stack 28 x 10GbE ports in one stack integrated Multiservice Access Platform (iMAP) Product Overview iMAP 9000 Series Multiservice Access Platforms Common Architecture • Large Shelf - with Control/Fabric Protection 9700 – Large Capacity for Fiber and/or DSL based Access Lines 9700 – 10G High Capacity Access/Aggregation Rings • Medium Shelf System - without Control/Fabric Protection 9400 – Large Capacity for Fiber and/or DSL based Access Lines 9400 – 10G High Capacity Access/Aggregation Rings AT-TN9700 • Small - mini 9100 Complete Family is NEBS3 certified and Environmentally hardened AT-TN9400 Built on Ethernet technology AT-TN9100 Ethernet Services Functional Diagram integrated Multi-service Access Platform iMAP E1/T1 Ethernet VDSL G.SHDSL E1/T1 Leased Lines FTTx Ethernet Ethernet 24/56Gbps AGGREGATION Ethernet Voice Data Video Ethernet GEPON Ethernet Ethernet Ethernet Customer Ports Ethernet ADSL/ADSL2+ Protected Transport Any Service, Any Slot Ethernet Muliple Transmission media POTS nx 1/10GbE Access LayerEdge 3+ Switch Chassis SBx3112 Access Edge Chassis SBx3112 Chassis PoE Power Supply Slots 0 & 1 Slots 2 & 3 Slots 4 & 5 Slots 6 & 7 Slots 8 & 9 Slots 10 & 11 System Power Supply Fan Tray 24 Port GE PoE line card Fabric switch controller 24 Port GE SFP line card 4 Port 10GE XFP line card SB-x3112 Capacity 2 x 200 GBE switch fabric 400 GBE total 40 GBE wire speed per card slot 400 GBE total Passive Backplane True Non-blocking Architecture SBx3112 Line Cards AT-SBx31CFC » Fabric switch controller AT-SBx31XZ4 » 4-port 10GE XFP Ethernet line card AT-SBx31GP24 » 24 port 10/100/1000Base-T PoE Ethernet line card AT-SBx31GS24 » 24 port Gigabit Ethernet SFP line card MDU Application FTTx Support 10 GE Uplink with EPSR » Sub-50 ms failover switching » Redundant fiber protection » 802.3ah support 100 M P2P Active Ethernet » » » 10 GE Single mode Multimode Bi-directional single mode fiber 802.3 ah SFP based card 1 GE P2P Active Ethernet » » » Bi-directional single mode fiber 802.3 ah SFP based card 24 port 100/1000 fiber line cards » SFP provisioned 40 G per slot » 100 M 1 GE Single mode 100 M Single mode Non-blocking Supports outdoor and indoor iMG family of fiber gateways iMG 7x6 MOD (outdoor) iMG 616x (intdoor) Dziękujmy za uwagę Zapraszamy do odwiedzin on-line: www.alliedtelesis.pl