BRKRST-2557

Leveraging NSO for SD-

WAN, SDA, and ENFV

Bill Reilly – Specialist Cisco Multicloud

Jean-Marc Barozet - Principal Engineer – SDWAN/NFV
Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session

How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space

cs.co/ciscolivebot#BRKRST-2557

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda

• Introduction and High Level Overview

• Network Service Orchestrator (NSO) Overview
• vBranch Core Function Pack
• SDWAN Core Function Pack
• On Boarding SDWAN Site with Physical or Virtual Platforms
• Conclusion
Introduction
Common Themes
The need for network services orchestration
Complexity

Time
Increasing • Service complexity increasing
Complexity • Network operations complexity increasing
Deployment
Service C

Increasing
• New service TTM too long and increasing
Service B

Deployment Service A

• Multi-vendor/multi-box environment Time

Time
• Network and services fragility increasing
Increasing OpEx
• Break/fix time increasing
OpEx
• Direct human interactions error-prone
Time

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Complexity Drivers
The need for network services orchestration

Homegrown scripting tools Increasingly Complex services

• Devices-by-device configuration • Span multiple devices and vendors
• Typically “create” only…

Multi-Vendor Environment OSS/BSS support

Increasing • Manual, disconnected, external
• Multiple management systems
(one per vendor) Complexity operational business support
• Scripts per-vendor systems

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Most Organizations Are Still Attempting
to Optimize Their Cloud Strategies

Almost 68% of organizations use some form of cloud today (61% increase)

30% 28%
25% 22%
20%
19%
17%
15%
11%
10%
5% 3%
0%
No Strategy Ad Hoc Opportunistic Repeatable Managed Optimized

69% of organizations do not have mature cloud strategies in place

Figures may not add to 100% due to rounding N=11,350
Source: IDC InfoBrief, sponsored by Cisco, Cloud Going Mainstream. All Are Trying, Some Are Benefiting; Few Are Maximizing Value. September 2016

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
An Optimized Cloud Strategy Can Deliver Tangible Business
Impact

IT Cost Ability to Meet Time to Provision Strategic Allocation of Revenue

Reduction SLAs IT Services IT Budget Growth

77% 72% 87% 200% 11%

Hybrid Cloud Essential to an Optimized Strategy

95% 92%
Use Private Cloud Use Public Cloud

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Vision
The need for network services orchestration

Operational Time to Customer

Expenditure Revenue Experience

Less Manual Work Shorter Lead Service Quality

Fewer Errors Times Scheduled
Services

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Best Practices Coming Together

Service Provider
SNMP Experience CLI Best Practices
Requirements

NETCONF
Yang

Informational RFC 3535

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
NSO – Model Based Architecture
Applications Engineers
• Network devices are currently
managed using configurations
REST, NETCONF, Java, Python, Erlang, CLI, Web UI that are defined using CLI
commands
• Transition from managing
NETCONF Orchestration devices using CLI to
NED NED NED
NETCONF or REST
• When using a Device YANG
NETCONF, REST, SNMP, CLI, etc
Model defined by the device
CLI, the transition from CLI-
based to model-based
management can be
automated
YANG Model CLI YANG Model

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Extending Orchestration to the Datacenter and
Cloud for NFV
Intent/Policy Systems

Network Services Orchestrator (NSO) NFVO

VNF Manager
(ESC)

Physical Networks Virtual Networks

Virtualized
Infrastructure
Compute Platforms Manager

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
SD-WAN Service – Enabling Dynamic Services
BSS LivingObjects CFS Cisco VMS

OSS Data Collector

REST, NETCONF, Java, Python, Erlang, CLI, Web UI

RFS
Network Service Orchestrator (NSO)
Core Function Pack (IWAN, ENFV)
SP
Services

Cloud Service
Facebook
Yahoo
Node SDN-Enabled Customer VPN
YouTube,…Internet

SaaS
• VNFM
• Controller Apps
• EMS and NMS

Physical Networks Virtual Networks Network Apps

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
SP’s Must Automate their Networks to Remain Competitive
50-70% of Network & Service Operations can be Automated

70% 30% 40%

Operational Revenue Uplift & Improve
Efficiency Faster GTM Customer Sat

Maintenance window New Customer On-boarding Incident Resolution

Time 11.2 Today 16.4 10.7
spent 5.3 With Automation 8.0 5.1

* Mean time to repair

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Evolving to Service Provider Integration Friendly Solutions
Service Provider Example BSS/OSS Systems Service Provider Example BSS/OSS Systems

Billing Trouble Order SLA Network Billing Trouble Order SLA Network
Inventory Inventory
Systems Ticketing Entry Measurement Monitoring Systems Ticketing Entry Measurement Monitoring
Open APIs

Sparsely Automated, Labor Intensive, Business Logic Fueled Service Orchestration

Customized, Siloed Vendor Integration With a Single Point of Integration

Open APIs
CP CP
Metro and Access WAN Data Center Metro and Access WAN Data Center
E E

Traditional Networks Automated, Orchestrated Networks

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Network Automation
decouple Lifecycle of Product-Services and Network Resources Services
• Decouples the Network from
OSS/ITIL
OSS / ITIL • Unlocks agility and flexibility at the
Product/ Resource Facing Services layer
Service (RFS)
Systems
Lifecycle • Enables DevOps at the
network/RFS layer
Well-defined API
• Network changes and new
Resource Facing Services (RFS) features can be rolled out
continuously during
Physical Networks Virtual Networks run-time, i.e. DevOps Network
Service Orchestration System
Network
Service
Lifecycle

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
NSO Orchestration
Orchestration

Turn-Key Customizable

Turnkey solution stack for end- Service-orchestration focused

to-end enterprise orchestration
Modular solution architecture
On-prem or cloud-based
Build/design/run & Analytics Flexible demarcation between
SP and Enterprise
Virtual and Physical
Multi-vendor / Multi-tenancy
Support for SDA and IWAN
Open API for Extensibility Customized SP service catalogues

Multi-vendor & Multi-Tenant

Network Services Orchestrator

DNA Center
(NSO)
BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
NSO – Model Based Architecture
Applications Engineers • Logically centralized network services
• Model based architecture
REST, NETCONF, Java, Python, Erlang, CLI, Web UI
• Data models written in YANG (RFC
Service
6020)
Service Manager Model • Structured representations of:
• Service instances
• Network configuration and state
Device Manager Device
Model
• No hard-coded assumptions about:
• Network services
Network Element Drivers (NEDs) • Network architecture
• Network devices
• Mapping service operations to network
NETCONF, REST, SNMP, CLI, etc configuration changes
• Transactional integrity
• VNFM
• Multiprotocol and multivendor support
• Controller Apps
• EMS and NMS

Physical Networks Virtual Networks Network Apps

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Mapping Features
Create Service
Update Service
Delete Service
• FastMap Redeploy Service

– Only the CREATE operation needs

to be specified Service
Model
Service Manager
– UPDATE, DELETE and
REDEPLOY operations are
automatically generated and Device Manager Device
Model
compute minimal change set
needed
Network Element Drivers (NEDs)
• Benefits
– Reduces service implementation NETCONF, REST, SNMP, CLI, etc
code by two orders of magnitude
– Supports modifications of services • VNFM
at runtime • Controller Apps
• EMS and NMS

Physical Networks Virtual Networks Network Apps

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Reactive FastMap
Create Service REDEPLOY SERVICE
Update Service
Delete Service
Redeploy Service

Service
Model
Service Manager

Device Manager Device Changed network state

Model
triggers service redeploy

Network Element Drivers (NEDs)

NETCONF, REST, SNMP, CLI, etc

• VNFM
• Controller Apps
• EMS and NMS

Physical Networks Virtual Networks Network Apps

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
 Storing Service Configs as Models in NSO (CDB)
Yang Model Representation Internal NSO Representation
container service { service
key "name";

container interface { interface

type string;

container type {
type
type int64;
Router Interface number
Configuration container number { Store
leaf ip {
type inet:ip-address;

leaf speed {
type int64; ip speed
}
}
}
{10.1.1.21} {100}
}

Service Models written independent of devices!

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Instantiating a Service; Fastmap Feature

API calls to NSO to Map Service to Device

Models
API with Input
Parameters

{configure interface}
{interface}
{GigabitEthernet}
{1} Call Map Commit Write
{172.16.11.1}
{100}0

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
 Improved Code
Reusability

Core Function Pack Design

• Stacked Services Approach

Service Abstraction APIs • Service Models composed

of multiple internal models.
Single NB API exposed.
Customer Package
• Models are “layed” on top
of each other to build
specific services.
SDWAN Package
• This creates reusability in
the models for new
services to be deployed.
Infrastructure Package
• The internal models are
currently not yet supported
NED NED NED as individual packages..

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Function Pack DEMO
vBranch Function Pack
Instantiate/Activate VNFs on NFVIS
Virtualizing the Branch

Network VNFs running on

ENCS with NFVIS

vWAAS

ISRv ASAv / FTDv

vEdge

NFVIS

ENCS

NFVIS on ENCS

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
ENCS 5000 Series Portfolio

ENCS5412
12-Core
ENCS5408
NEW 8-Core
Q3/CY17
ENCS5406
6-Core • ISRv + 9 core VNF
ENCS5104 PoE
4-Core
• ISRv + 5 core VNF
• PoE

ISRv + 3 core VNF

LAN Ports
ISRv + 2 core VNF
NIM LTE, DSL, T1
LTE on Radar
HDD, SSD
RAID, HW Crypto

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
NFVIS Software Stack
PnP Console/ Local Device
NSO DNA-C
Server SSH Web Portal

NFVIS
CLI NETCONF REST

PnP Health Orchestration Host

RBAC HTTPS
Client Monitoring (VM Lifecycle) Management

Virtualization Layer – Hypervisor and vSwitch

Interface Platform
Drivers Linux Drivers

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
Cisco and 3rd Party VNF Support
New New New New

vEdge ISRv NGFWv Third-Party VNFs

• High performance • High performance • Harden virtual services • VNF program

• SDWAN Edge • Rich features • Enable secure access • Tested and certified

• NETCONF support • End-to-end support • On-premise or • Streamlined support

from Cisco and third party
cloud management

vWAAS vWLC ASAv Applications

• ISR WAAS: Leader • Survivability and scale • Comprehensive protection • Microsoft Windows
in Gartner MQ
• Built for small and • Full DC class • Custom applications
• Superior caching with medium-sized branches Featured functionality
Akamai Connect
• Designed for NFV

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Network and Bridges

vNIC VM vNIC vNIC VM vNIC

network network network

bridge bridge bridge

port port port port port

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
VNF Service Chaining – Using NFVIS networks
ENCS
wan-mpls

Profile1 WAN
wan-inet
lan-net

• VNF deployment on NFVIS

LAN
• lan-net and wan-net pre-
defined
ENCS
wan-mpls
WAN • No limitation in terms of
Profile2
lan-net
service-net wan-inet supported topologies
• Support for 3rd party VNFs
LAN

ENCS
service2-net wan-mpls

WAAS
WAN
Profile3 service1-net wan-inet
lan-net

LAN
BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Stacked Services Approach
vBranch use of Core FP packages
vBranch Service Request APIs

• Supports a Strongly Typed Core service model

• Allows customizations using Key-Value pairs
Branch • Supports custom templates
Services Service • Notifications
• Optionally used for pushing Day 1 Configurations through
branch-infra

• Supports Physical / Virtual Infrastructure onboarding

• Maintains a catalog of VNFDs, VDUs, Deployments, Day-0
configurations.
Branch-Infra • Network creation
• Instantiate VNF and Service Chain
• Instantiates VNFs using ETSI-MANO compliant VNF descriptors
Infrastructure • Supports multi-VM VNFs
• Can be extended to work with multiple VNFMs

ENCS devices

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
vBranch FP – High Level View of Service Model
1 2

Catalog Definition VNFs and Service Chaining

Branch-infra

nfvo catalog Branch-cpe

VNFD VDU deployment VNF network CPE config

vEdge VNF Descriptor and Flavor defined. VNFD

Deployment parameters defined
VDU

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Initial Configuration
VNFDs Catalog provider-infra Branch CPE
(Gold, Bronze…) (SP Name)

Platforms
Tenant Platform (ENCS-54xx)
VNFD: ISRv
ENCS-54xx

VNFD: ASAv ENCS-5104

Catalog: Gold VNF1 (vEdge)

VNFD: vEdgeCloud
Supported Deployment

ISR Catalog: Bronze VNF2 (ASAv)

vEdge
Network

ASA

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
Service Configuration

Portal

NETCONF

NSO
Core FP

NETCONF

• Use NETCONF and push a XML payload (instantiation

VNFM ISRv
of the service model)
NFVIS
• Transaction based

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Service Configuration

Portal

NETCONF

NSO Another option is to use NSO CLI to

Core FP configure and troubleshoot

NETCONF

VNFM ISRv

NFVIS

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
 NSO with the vBranch
Function Pack

On Boarding ENCS/NFVIS
Network Service Orchestrator (NSO) Network Service Orchestrator (NSO)

PnP 3 Core FP (vBranch)

• 1) ENCS boots and creates basic n/w

infrastructure

2 4 • 2) NFVIS registration to NSO using PnP

– IP + serial + model + capabilities

• 3) NFVIS registered to NSO

• 4) NSO connects to branch NFVIS
PnP VNFM ISRv (NETCONF)
1
NFVIS 5
• 5) ENCS/NFVIS on-boarded in NSO

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
 NSO with the vBranch
Function Pack

Loading ISR VNF

SERVICE INSTANCE
Network Service Orchestrator (NSO)
VNF Definitions
NETWORK Definitions
Core FP (vBranch)

1) NSO registers ISRv to NFVIS

2) NFVIS pulls ISRv images / local preparation

5) NFVIS notifies NSO ISRv is active
3) NSO instructs NFVIS to deploy NWs/ISRv

4) NFVIS deploys ISRv, load day 0 config and sets

up local ISRv monitoring

PnP VNFM ISRv

ISRv loaded
NFVIS VNFs are loaded in parallel

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
State Machine with Reactive FASTMAP and Plan
Service
• Using YANG grouping ncs:plan-
data to support Reactive
CPE FASTMAP service progress
reporting.
Network • Allowing staged creation and
deletion
VDU • Leveraging additional RFM-
based packages as needed
VNF • Plan: ncs:plan-data element

Day1 config

Init State Ready State

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
 Example: plan
admin@ncs> show branch-infra:branch-infra-status branch-cpe UCPE1 plan component state | tab • ENCS created
NAME STATE STATUS WHEN ref MESSAGE
-------------------------------------------------------------------------------------------------------------------------
self init reached 2017-12-18T17:24:07 -
ready not-reached - - • Network created
UCPE1 init reached 2017-12-18T17:24:07 -
ready reached 2017-12-18T17:24:07 - Ready
service-net init reached 2017-12-18T17:24:08 -
ready reached 2017-12-18T17:24:08 - Ready • VNFD created
ISR_vBranch-ISR-1.0 init reached 2017-12-18T17:25:42 -
ready reached 2017-12-18T17:26:23 - Ready
Cisco-ISR_UCPE1 init reached 2017-12-18T17:26:23 - Deployed VNF, waiting for NFVIS notifications.
vm-deployed not-reached - -
vm-alive not-reached - -
ready not-reached - -

[ok][2017-12-18 17:26:32]

[edit]
admin@ncs% • VNF Started
• Waiting for NFVIS confirmation that ISRv is up

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
SDWAN-SITE Function Pack
Instantiate/Activate vEdge Cloud on NFVIS
Cisco SD-WAN Architecture
The Power of Abstraction
Orchestration Plane

vManage

APIs Management Plane

3rd Party
vAnalytics
Automation

vBond
Control Plane
vSmart Controllers

MPLS 4G

INET
vEdge Routers

Data Plane
Cloud Data Center Campus Branch SOHO

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Cisco SD-WAN Platform Options
Branch Services (Future) vEdge Appliances
vEdge 100 vEdge 1000 vEdge 2000
ISR 1000 ISR 4000 ASR 1000

• 100 Mbps • Up to 1 Gbps • 10 Gbps

• 4G LTE & Wireless • Fixed • Modular
• 200 Mbps • Up to 2 Gbps • 2.5-200Gbps
• Next-gen • Modular • High-performance vEdge 5000
connectivity service w/hardware
• Integrated service
• Performance containers assist
flexibility
• Hardware & software
NEW
• Compute with UCS E
redundancy • ~30 Gbps
• Modular

Branch ENCS - vEdge Cloud VNF Public Cloud - vEdge Cloud VNF
ENCS 5100 ENCS 5400

• Up to 250Mbps • 250Mbps – 2GB

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
 SDWAN-SITE Core
Function Pack
March CY18

Running vEdge Cloud on ENCS

Virtualizing the branch

• vEdge Cloud + other VNFs
VNFM

NFVIS • NFVIS 3.7.1

• ENCS5104
• ENCS5406
• ENCS5408
ENCS • ENCS5412

• ENCS On Boarding

• Automation of Managed Virtual Branch (vEdgeCloud,

Firewall, WAN Opt, etc …)

• vEdge Cloud day0 configuration

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Plug-n-Play vEdge Secure Bring-up
Administrator
ZTP Identity Trust
Server

vEdge List vEdge Configuration

(White-List) Template

vManage

vSmart vBond

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
SDWAN-SITE Function Pack
NSO/vManage Split
Cisco and 3rd party VNFs

OSS/BSS - VMS Service Abstraction APIs

REST/NETCONF REST Potential SP Model

NSO vManage
REST
SDWAN –SITE vManage
CFP NED
SDWAN-SITE Function Pack
vBranch
CFP

NETCONF NETCONF

Cisco ENCS vEdge

vBranch Function Pack
Router NFVIS Appliance

• NSO (vBranch, vManage NED) to instantiate VNFs NED NED NED

(including 3rd party VNFs) and activate vEdge. Apply
device template
• vManage to configure vEdge SDWAN FP scope with expand over time

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
 vManage NED

vManage Programmatic Access

• API Documentation built-in – https://vmanage-url/apidocs

• Test calls can be executed directly from doc page

• API programming documented at:

https://docs.viptela.com/Product_Documentation/Command_Reference/vManage_REST_APIs/vManage_REST_APIs_Ov
erview/Using_the_vManage_REST_APIs

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
vEdge Cloud Provisioning / Activation
vManage Control and Policy
Network Service Orchestrator (NSO) 2 Elements

Core FP Core FP Get the unclaimed vEdge Cloud

(vBranch) (SDWAN-SITE)
router list from vManage. Generates
Bootstrap Configuration file (cloud-init
Define SDWAN Service on config file) which contains cloud-
1 ENCS (VNF and Chaining) config (bootstraps) and cloud-
boothook (day0) sections
5

7
3 Full Registration and
Configuration
6

4
VNFs instantiated and loaded with vEdge
Bootstrap Configuration cloud-init file.
Chaining of VNFs occurred if requested. Virtual Networks
(ENCS)

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
SDWAN-SITE Packaging
Option1 - SDWAN-SITE Service to • 1) SDWAN-SITE Service could be used as a top service to
deploy vEdge Cloud along with deploy vEdge Cloud and other VNFs with service chaining.
other VNFs
• 2) vBranch onboards ENCS and then creates all of the VNFs
and perform service chaining
SDWAN-SITE
• 3) SDWAN-SITE monitors vManage/vEdge Cloud sync status

1 3 • Notes:
• In this deployment, SDWAN-SITE Service could be a top service itself
(ready-out-of-the-box for SDWAN onboarding use case) and provides a
vBranch single set of API to NB to bring up vEdge Cloud and other VNFs in a
service chain. It focuses on the simplicity (for SDWAN use case), hides
away the complexity of vBranch and offers one integrated view of all VNFs
2 deployment.
• On the other hand, SDWAN-SITE does not expose all of the gut (and bell
& whistle) of vBranch in which an expert user of vBranch is able to do.
VNFM

NFVIS

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
SDWAN-SITE Packaging
• 1) A SP service already utilizes vBranch to instantiate/chain VNFs on
Option2 - Adding SDWAN-SITE a ENCS platform
into an Existing Service
• 2) vBranch onboards ENCS and then creates VNFs along with
service chain
SP Service
• 3) To add a vEdge Cloud, that SP service will use SDWAN-SITE to
onboard vEdge Cloud. SDWAN-SITE will see ENCS as a brown-
1 3
field device which is already in the NSO device tree

vBranch SDWAN-SITE • 4) SDWAN-SITE creates vEdge Cloud on the same ENCS and also
adds vEdge Cloud to the service chain using vBranch

• 5) SDWAN-SITE monitors vManage/vEdge Cloud sync status

2 4 5 • Notes:
• This deployment is used when customer already created a SP service which
utilized vBranch to spin up VNFs but vEdge Cloud. The SDWAN-SITE is used
solely to onboard a vEdge Cloud in the same ENCS service chain owned by the
VNFM SP service. SDWAN-SITE simplifies the logics for the SP service to bring up
vEdge Cloud

NFVIS
• The SP service needs to deal with 2 different interfaces (vBranch & SDWAN-
SITE)

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
SDWAN-SITE Service Configuration

Portal

NETCONF

NSO
SDWAN FP

NETCONF

VNFM vEdge • Use NETCONF and push a XML payload (instantiation

of the service model)
NFVIS
• Transaction based

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
DEMO
Demo Portal NSO XCA vManage vSmart vBond
10.49.234.158 10.49.234.151 10.49.234.156 10.49.234.153 10.49.234.166 10.49.234.159

vEdge vEdge 10.49.234.254

10.49.234.4 10.49.234.6
GE 0/0 GE 0/1 GE 0/0 GE 0/1

NFVIS NFVIS
MGMT MGMT
10.49.234.2 10.49.234.5
LAN LAN

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
SDWAN-SITE Function Pack DEMO
Summary Steps
• Define if you want to use SDWAN-SITE with option1 or option2
• If option 2 (Adding SDWAN-SITE into an Existing Service), add ENCS to the device tree
• Define your provider infrastructure (Provider name, tenant, catalog and
vManage)
• Pick your preferred vEdge Network Deployment Unit (NDU)
• Define your own if you want to
• Define your SDWAN-SITE service

• That’s all

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
 For
Reference

VNFD and VDU

VNFDs

VNFD: ISRv

VNFD: ASAv

VNFD: vEdgeCloud

VNFD and VDU definitions

Pre defined on installation
BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
 For
Reference

Catalog
Catalog
(Gold, Bronze…)

Platforms

ENCS-54xx

ENCS-5104
Pre defined on installation

Supported Deployment

ISR

vEdge

ASA

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
 For
Reference

Provider Infrastructure
admin@ncs% load merge provider-infra.cli
provider-infra
(SP Name) Provider-infra.cli

provider-infrastructure ProviderA provider-infrastructure ProviderA {

tenant-infrastructure TenantA {
catalog Silver;
tenant-infrastructure TenantB }
tenant-infrastructure TenantB;
catalog Gold;
Catalog Gold vmanage vmanage-1;
ca-cert "ADD ROOT CERT";
}
provider-infrastructure ProviderB {
vmanage vmanage1 tenant-infrastructure TenantC;
catalog Bronze;
}

tenant-infrastructure TenantA

Check vManage is mapped to a Provider

Catalog Silver
Add Root Chain certificate if not using the default

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
 For
Reference

Provider Infrastructure – XML payload

<config xmlns="http://tail-f.com/ns/config/1.0">
<provider-infrastructure xmlns="http://com/cisco/corefpcommon">
<provider>ProviderA</provider>
<tenant-infrastructure>
<tenant>TenantA</tenant>
<catalog xmlns="http://cisco.com/ns/branch-infra-common">Silver</catalog>
</tenant-infrastructure>
<tenant-infrastructure>
<tenant>TenantB</tenant>
</tenant-infrastructure>
<catalog xmlns="http://cisco.com/ns/branch-infra-common">Gold</catalog>
<vmanage xmlns="http://com/cisco/nso/corefp/sdwan/vedge">vmanage-1</vmanage>
<ca-cert xmlns="http://com/cisco/nso/corefp/sdwan/vedge">ROOT CERT</ca-cert>
</provider-infrastructure>
<provider-infrastructure xmlns="http://com/cisco/corefpcommon">
<provider>ProviderB</provider>
<tenant-infrastructure>
<tenant>TenantC</tenant>
</tenant-infrastructure>
<catalog xmlns="http://cisco.com/ns/branch-infra-common">Bronze</catalog>
</provider-infrastructure>
</config>

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
 For
Reference

Network Deployment Unit (NDU)

Network Deployment Units

ndu

ASA

vEdge

vEdge + ASA

This defines the Service Chain that you want to use for vEdge Cloud.
SDWAN-SITE FP comes with pre-defined chains – add yours if needed
BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
Network Deployment Unit (NDU)
vEdge Only – Single WAN vEdge Only – Dual WAN

wan-net wan-net wan-net2

lan-net lan-net

vEdge + ASAv – Dual WAN

wan-net wan-net2
...
lan-net

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
 For
Reference

SDWAN-SITE Service <config xmlns="http://tail-f.com/ns/config/1.0">

<sdwan-site xmlns="http://com/cisco/nso/corefp/sdwan">
<site-name>Berlin</site-name>
<provider>ProviderA</provider>
<location>
SDWAN-SITE Service <name>Berlin</name>
</location>
<infrastructure>
<type>nfvis</type>
sdwan-site Berlin <nfvis>
<nfvis-serial>FGL214280GK</nfvis-serial>
<shared-branch-office/>
<branch-office>UCPE1</branch-office>
<device-on-boarding>pnp-unmanaged</device-on-boarding>
provider <nfvis-device-name>UCPE1</nfvis-device-name>
</nfvis>
</infrastructure>
<member-vnfs>
infrastructure <vnf>vEdgeCloudBerlin</vnf>
<type>vEdge-cloud</type>
<username>admin</username>
<password>admin</password>
type nfvis <ip>10.49.234.4</ip>
<mask>255.255.255.0</mask>
<gtw>10.49.234.254</gtw>
<day-0>
<cfg-file>vedge_day0_template.cfg</cfg-file>
member-vnfs </day-0>
<vedge-cloud>
<system-ip>10.8.0.81</system-ip>
<site-id>8</site-id>
vnf vEdgeCloud </vedge-cloud>
<ndu>
day0 <ndu-id>sdwan_NFVIS_vEdge_ndu</ndu-id>
</ndu>
</member-vnfs>
</sdwan-site>
</config>

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
 For
Reference

NSO CLI sdwan-site Berlin {

provider ProviderA;
location {
name Berlin;
}
infrastructure {
type nfvis;
nfvis {
nfvis-serial FGL214280GK;
shared-branch-office;
branch-office UCPE1;
device-on-boarding pnp-unmanaged;
nfvis-device-name UCPE1;
}
}
member-vnfs vEdgeCloudBerlin {
type vEdge-cloud;
username admin;
password $8$WklAT9bhBkPWhUlj3Ja4E7DEPl7MYjuoYOsYlCtHW48=;
ip 10.49.234.4;
mask 255.255.255.0;
gtw 10.49.234.254;
day-0 {
cfg-file vedge_day0_template.cfg;
}
vedge-cloud {
system-ip 10.8.0.81;
site-id 8;
}
ndu {
ndu-id sdwan_NFVIS_vEdge_ndu;
}
}
}

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
 NSO with the SDWAN-SITE
Function Pack

vEdge-Cloud Onboarding process

NSO Network Service Orchestrator (NSO) • 1) Upload vEdge Certified Serial Numbers onto vManage
• 2) Get the unclaimed vEdge Cloud router list from vManage
PnP Core FP (vBranch) Core FP (SDWAN-SITE)
• 3) Instruct vManage to:
– Create day0 template
– Attach day0 template (with variables) to an unclaimed vEdge Cloud
1 router
2
– Generate a Bootstrap Configuration file for the vEdge Cloud router
3 (UUID, Token, …).

5 6 4 • 4) Get Bootstrap Configuration file for the vEdge Cloud router

(cloud-init config file) which contains cloud-config
9
(bootstraps) and cloud-boothook (day0) sections
• 5) VNFs instantiated and loaded with Bootstrap Configuration
cloud-init file. Chaining of VNFs occurred if requested.
vManage
• 6) NFVIS notifies NSO vEdge is alive
7 • 7) vEdge to Viptela Control Plane Initial control
VNFM vEdge communication
• 8) vManage installs certificate into vEdge Cloud router and
sync up. vEdge Cloud router is ready for configuration from
NFVIS 8 Value added services vManage
provided by sdwan-site
• 9) Poll vManage to verify vEdge Cloud router is in-sync
BranchInfra
functionality
Viptela callback activity
BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
Configuring vEdge Cloud router

Viptela
Control and Policy
Elements

6) Initial control communication

7) Initial device configuration from vManage

8) Full registration and configuration

VNFM vEdge

NFVIS

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
Cisco SD-WAN Automation Stack
3
VMS Portal/GUI

Viptela vManage
Network Service Orchestrator (NSO) 2 Target customer customer has
1
vEdge appliances without a need for
Core FP (SDWAN-SITE) virtual CPE, service orchestration
and OSS/BSS from Cisco
FP Core FP (vBranch) vManage NED

1 Extended SD WAN Orchestration

Target customer has virtual CPE’s or
when orchestration of other than
2
NETCONF vManage vEdge appliances are needed
without a need for OSS/BSS from
Cisco
NETCONF

Full Stack SD WAN

Target customer has a need for
ENCS vEdge cEdge 3 Cisco OSS/BSS capabilities together
Cisco Router
NFVIS Appliance Appliance
with SD WAN

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
SDWAN MSP Management Options
NSO/vManage Split NSO Single Entry Point

OSS/BSS - VMS OSS/BSS

REST/NETCONF
REST/NETCONF REST

NSO SDWAN CFP

NSO vManage
REST Other CFP vBranch CFP vManage NED
SDWAN –SITE vManage
CFP NED

vBranch
CFP NETCONF vManage

NETCONF NETCONF
NETCONF

vEdge cEdge vEdge cEdge

Cisco ENCS Cisco ENCS
Applianc Applianc Applianc Applianc
Router NFVIS Router NFVIS
e e e e

• vManage and NSO Entry Point (REST APIs) • NSO Single Entry Point
• vManage improved with NSO (and vBranch, SDWAN, • SDWAN network wide Service Model that includes:
potentially SAE CFP) - VNFs instantiation (including 3rd party VNFs) and vEdge activation
• vManage and/or NSO as potential entry point - Controller instantiation
- Device template definition
• Reporting and Alerts
- SDWAN policies definition
- Topology definition
BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
Short Term - NSO/vManage Split Gives Flexibility
OSS / BSS or VMS
• NSO and vManage run side by
side in separate processes
REST/NETCONF

Network Service Orchestrator (NSO) • NSO and vManage are integrated

using APIs (a NSO NED using the
Core FP (vBranch) Core FP (SDWAN-SITE) REST vManage REST interface)

REST
• NSO will communicate with all
devices involved in the CFP for
day0 and dayN configuration.
NETCONF vManage vManage will provide dayN
configuration for vEdge

NETCONF • The vManage UI will have to be

extended with the appropriate
CFP workflows and send API calls
Cisco Router
ENCS
vEdge Appliance cEdge Appliance
to NSO.
NFVIS

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
Conclusion
 Enterprise NFV at Cisco Live
Monday Tuesday Wednesday Thursday Friday
BRKRST-2557
SD-WAN and NFV
Orchestration for
Managed Service
Providers
Branch
Cisco ENFV Advanced
Hands-on virtualization
Solution 360° Virtualization
overview
SP
Orchestration
Enterprise
TECCRS-3006 BRKARC-2014 BRKARC-2112 BRKCRS-3447
Cisco Branch Virtualization Deploy Network Network Function
Enterprise NFV Deep The Evolving NFV Services in Minutes Virtualization for
Dive and Hands-On Landscape on any Platform with BRK-1997 Enterprise
Lab Cisco Enterprise Routing Underlay Networks
Network Functions and NFV Automation
Virtualization (NFV) with DNA Center
Want to learn and collaborate around NSO?
The NSO Digital Ecosystem is a platform for collaboration for the entire NSO product suite and consist of two
virtual places; the external* NSO DevNet and the internal** NSO Field Portal. The main purpose is to further
improve NSO value by helping new and seasoned practitioners to drive NSO experiences and inviting customers
to the Opportunities of NSO

External Internal
(Open for all) (Open for all Cisco)
www.cisco.com/go/nsodevnet go2.cisco.com/nso-fp

DevNet

Public material targeting partners and customers

NSO Developer Hub (Jive)

NSO Field Portal
Learning open for all registered Cisco
(Internal Jive)
Labs open employees, Cisco partners
DevNet open GitHub open
for all & Cisco customers
for all for all
registered www.cisco.com/go/nsohub
users
Community and main
Selected
Selected Training
Training Shared
Shared Cisco Internal content and Q&A
repository of content and
Content
Content material
material code
code
Q&A

*Customer, Partner and Cisco **Cisco internal only

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
NSO at Cisco Live Design Clinics

 Opportunity for customers to ask

questions without an appointment
 Located in The hub (Hall 6)

 Opening hours of The Hub:

Monday: 8:00 – 19:30
Tuesday: 8:00 – 19:30
Wednesday: 8:00 – 19:00
Thursday: 8:00 – 18:30
Friday: 8:00 – 13:30
https://www.ciscolive.com/emea/activities/the-hub/

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
More Information
• Network Service Orchestrator
• http://www.cisco.com/go/nso

• dCloud
• dCloud Home:
http://dcloud.cisco.com
• SDWAN 4D Demo
Search for: Cisco 4D SD-WAN (Viptela)

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 82
Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session

How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space

cs.co/ciscolivebot#BRKRST-2557

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Please complete your Online Complete Your Online
Session Evaluations after each
session
Session Evaluation
• Complete 4 Session Evaluations
& the Overall Conference
Evaluation (available from
Thursday) to receive your Cisco
Live T-shirt
• All surveys can be completed via
the Cisco Live Mobile App or the
Communication Stations
Don’t forget: Cisco Live sessions will be available
for viewing on-demand after the event at
www.ciscolive.com/global/on-demand-library/.

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Tech Circle
• Meet the Engineer 1:1 meetings
• Related sessions

BRKRST-2557 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
Thank you