Hello my friend,
Some time ago I’ve already described the structure and components of service provider routers. Today I’m gonna show you how it’s applicable to virtual ones.
1 2 3 4 5 | No part of this blogpost could be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical or photocopying, recording, or otherwise, for commercial purposes without the prior permission of the author. |
Brief overview
As you remember (or if you have read provided links just now), the service provider routers are modular, regardless of Nokia (Alcatel-Lucent), Cisco, Juniper or whatever else origin. Certainly there are some small devices, which have fixed configuration and are used, when limited amount of interfaces and media types is sufficient.
So far we were using in our lab only one 5-port line card in Nokia (Alcatel-Lucent) VSR (SR 7750) router and only one (very rarely two) ports at Cisco IOS XRv router. When we are speaking about pure routing technologies, it’s sufficient. But what if we need some additional functions, like NAT or IPSec? Here things become more complicated and currently the limitation exists.
What are we going to test?
We’ll review the structure of virtual router definition file for Nokia (Alcatel-Lucent) VSR (SR 7750). Since there are some major since in the newest release (R15.0), which was released the last month, I’ll cover both definition of previous version (R14.0) and the newest one (R15.0). At the end we’ll create virtual router definition (xml file), which will include more than one module for Nokia (Alcatel-Lucent)
For Cisco IOS XRv, I’ll provide you some insights and guidelines, how you can achieve the same functionaliy.
Topology
There is no particular topology for the current lab. Neither physical nor logical. Basically we just need possibility to launch virtual router and have access to definition files (xml).
Nokia (Alcatel-Lucnet) VSR R14.0 and older
The main document that provides information about staffing of Nokia (Alcate-Lucent) VSR is release notes. You can download them from the official website, but you need to have account. There are no any specific rights, so you can just create general access account you will have access to this documentation.
For your convenience I put release notes for Nokia VSR R14.0 directly here as well vsr-installation-and-setup-guide.
Important remark here is that we use integrated model, what means that all cards, modules and whatever else reside in single VM. It’s possible also to have a distributed model, where each VM plays role of separate card (2x VMs for CPM/SF, Nx VMs for IOM/IMM). The distributed model is used in real production deployments. Actually the main difference between Nokia (Alcatel-Lucent) VSR and Cisco IOS XRv is that Nokia is fully commercial product that can be used for production deployment for data plane. It’s performance linearly scale with adding VMs to distributed VSR.
In the sake of completeness, Cisco is going in the direction of distributes solution as well, but current IOS XRv 9000 deployment supports only single, so performance is limited to this single VM and assigned CPU Core/Memory/network interfaces.
Let’s back to our lab. Our task is to configure Nokia (Alcatel-Lucent) VSR with two MDA modules: one is 5-port MDA with 1GE interfaces and another one is MS-ISA that is used for all kind of services, like IPSec, NAT (Network Address Translation), LNS (L2TP Network Server) and so on.
To accomplish this task we need to put information in the xml file that defines KVM VM in Linux. Initial XML file for Nokia (Alcatel-Lucent) VSR R14.0 is here: vsr14-r1 (change the file type to xml).
In the beginning of the article series about Nokia (Alcatel-Lucent) and Cisco I explained how to map interfaces to virtual bridges in Linux in order to provide connectivity inside host OS and outside VMWare VM. Now we’ll make configuration in another part of the configuration which starts with TiMOS. But before we start any configuration, let’s start VSR and check which IOM/IMM and MDAs we can have in overall:
A:SR1>config>card# card-type |
This are the MDAs that we can install in the modules above. There are also numerous CPM modules. And here we come to the most crucial point: not all combinations of chassis, CPM, IOM/IMM and MDA works together. In the release notes for Nokia (Alcatel-Lucent) VSR R13 I’ve found the following table:
If something is wrong, you can see the following message upon device boot:
sysVmBootStringGenerate: ERROR: failed parsing ‘mda/1=m5-1gb-sfp-b’ |
Then Nokia VSR will boot with default predefined template that is: chassis = SR-12, CPM = sfm4-12, IOM = iom3-xp-b and single MDA = m5-1gb-sfp-b.
Correct chain chassis-cfm-iom-mda is provided in release notes that you have already seen previously, but not everything is that easy. Even if you checked your module pattern with that documentation, it doesn’t mean that it will work for sure. Here are some outputs of my findings in Nokia (Alcatel-Lucent) VSR R14.04.
7750 SR-c4:
[root@localhost images]# cat vsr14-r1.xml | grep TIMOS |
Such configuration boots without problems and you can see that chassis type is appropriate:
A:SR1# show chassis | match Type |
Unfortunately, besides proper chassis type there are no good news. You can’t influence IOM choice, so the predefined one is used that seems not to support requested MDAs (though release notes says, it must). There is one build-in MDA in slot 5, which has 2x 10GE ports. It is sufficient for all my labs, as I usually split the network port into sub interfaces, whereas another port is used as access one. The only limitation is that SR-c4 chassis doesn’t support d model.
As you may recall, chassis-type c or d is necessary for IPv6.
7750 SR-c12:
[root@localhost images]# cat vsr14-r1.xml | grep TIMOS |
What do you think we get into our Nokia (Alcatel-lucent) VSR? The answer is a little bit unexpected:
A:SR1# show chassis | match Type |
We become nothing besides chassis. There is no single MDA active, meaning that we don’t have possibility to connect our virtual router to the network. Probably the reason is that requested MDAs aren’t supported with IOM “iom-xp-b” (or “iom-xp”, which I’ve also tested but don’t provide here for brivety).
7750 SR-7
The last attempt is to configure chassis type that relates to distributed model with the desire to get it working with proper MDA:
[root@localhost images]# cat vsr14-r1.xml | grep TIMOS |
But as I’ve said before, if the configuration isn’t supported and you receive the error upon router boot, you are booted with default router modules:
sysVmBootStringGenerate: ERROR: failed parsing ‘mda/1=isa-tunnel’ |
Such router staffing I’ve used for all my labs actually, and it supports chassis-type d for IPv6 and so on.
Nokia (Alcatel-Lucnet) VSR R15.0
The newest (11.04.2017) version of VSR changes the rules of writing TIMOS. Now there is no mapping to physical devices and Nokia (Alcatel-Lucent) VSR is fully independent product. It has its own chassis type, IOMs and MDAs. Here is the example:
[root@localhost images]# cat vsr15-r1.xml | grep TIMOS |
And the most pleasant thing for me is that it works as proper now:
A:VSR# show chassis | match Type |
Though interfaces are 40GE, they are fully compatible with built in Linux switch (brctl), so I can attach Cisco IOS XR at another side of the switch and make my labs further.
Frankly speaking, I haven’t seen the release notes for Nokia (Alcatel-Lucent) VSR R15.0 yet, so I’ve developed that stuffing myself. The CLI built-in help was the key:
A:VSR>config>card# card-type ? |
I’m not going to compare two releases, as for sure new release has more functions as the network technologies continues to develop. The only disadvantage that I see for me is that VSR R15.0 utilizes more computing resources and with one VSR running I have 6,5 Gbps CPU utilization, what means that I can run maximum one more Cisco IOS XR, so the scale of my lab is decreasing.
So I’ll continue writing articles in VSR R14.0 using R15.0 for new features. Working xml for R15: vsr15-r1 (don’t forget to change type to xml).
Cisco virtual routers
Cisco XRv 9000 is predefined product and the only thing that you can tune is the number of interfaces that it has. You can do it either through modification of vmx file or just by adding them in your VM player:
Cisco XRv 9000 has only RSP besides interfaces, it means that it can perform all the function that doesn’t need specifics ASICs (like data plane for L2VPNs) or modules (ISM is needed for NAT/CGN, IPSec and etc). So, if you can’t add specific modules to Cisco XRv 9000, does it mean that you can’t have this functionality in virtual world? Then answer is “you can”.
When Nokia (Alcatel-Lucent) has the only product in virtual world (that is VSR), Cisco has a numerous products running different operation systems. There are the following products:
- Cisco XRv 9000 running Cisco IOS XR is service provider router that we have used for all our labs
- Cisco CSR 1000v running Cisco IOS XE is fully functional virtual version of Cisco ASR 1000 and is positioned as universal access gateway including all BNG/BRAS and IPSec functionality in addition to IP/MPLS stack
- Cisco ASAv running Cisco ASA OS is firewall/DPI/VPN concentrator.
- Cisco Nexus 1000v running NX-OS is limited version of Cisco Nexus Data Center switch
Such variety of products reflect also the landscape of Cisco hardware-based products, with all its pros and cons.
Lessons learned
Unfortunately, release notes aren’t 100 correct. I’ve tried to copy example from it and there was no success. So it’s was actually the root cause, why I’ve written this article. I had to spend a lot of hours finding working configuration with MS-ISA as I need to test some IPSec functionality in Nokia (Alcatel-Lucent) SR OS and the quickest and the cleanest option for me is to make it locally in my lab, though I have access to hardware Nokia boxes.
Conclusion
Each vendor has its own vision and strategy of development and implementation of virtual solutions (NFV). Nokia has a single product and provides possibility to add corresponding modules just as in physical device. In the latest version R15 Nokia (Alcatel-Lucent) VSR is even simpler than it was previously. Cisco has different products with each covering specific domain, what also is a reasonable approach. At the end of the day it’s just important that you can have necessary functionality at NFV and this functionality is interoperable between vendors. Take care and good bye!
Support us
BR,
Anton Karneliuk
Hi Anton,
First of all, thank for your excellent work in the intervendor (Cisco,Juniper, Nokia) knwoledge.
I’m trying to build a virtual network with Cisco Routers and Nokia SR (former ALU 7750). I would like to know the exact, or more similar, command in Nokia for the following Cisco command:
show ip route
show ip route vrf
I need to obtain the next-hop and, to know if the next-hop is directly connected.
Could you help me?
Thank you!
*
show ip route IP-address
show ip route vrf vrf-name IP-address
Hi John,
Thanks for warm feedback. Here you are:
Cisco: Nokia:
show ip route show router route-table
show ip cef show router fib 1
show ip route vrf A show router A route-table
show ip route 1.1.1.1/32 show route route-table 1.1.1.1/32
Hope this helps.
BR
Anton
Hi, For the Nokia VSR / SR 7750, do they support encapsulating MPLS in a tunnel (like GRE) so you can connect PE routers over an IP network?
Hi Lars,
Let me check it for you. I think they can, but I don’t have ready config yet.
BR
Anton
Hello Anton.
Thanks for your work. I would like to say, R15 can be “pure VSR” ready for real traffic as you wrote, so VSR-i or VSR-d, with IOM-v and so one. But at the same time, it can be also VSR-SIM, so emulating real hardware like R14 and all previous releases.
As before, you can have only have chassis type SR-c4 and SR-c12 and aslo SR-1 as integrated, so to use one virtual machine for both, control plane and data plane. In case of all other chassis type, you need to have extra virtual machine per card.
Bellow is proper XML config for integrated virtual box release R15 chassis SR-c12 – with 10 port MDA (5 port MDA is not supported any more). Just because you specify this chassis type, router will boot up like VSR-SIM, and not VSR.
TIMOS:address=192.168.2.201/24@active
primary-config=cf1:\config.cfg
slot=A chassis=SR-c12
card=cfm-xp
mda/1=m10-1gb-xp-sfp
Another trick I’m using is to have config file on different CF than CF1. Upgrade of the box is than just mother of change SR-OS image and reboot.
For your reference, in case you would like to try distributed VSIM, there are proper parts for our newest box, SR-14s with SR=OS 16.
TIMOS:
slot=A
chassis=SR-14s
sfm=sfm-s
card=cpm-s
address=192.168.2.209/24@active
address=192.168.2.219/24@standby
primary-config=cf1:\config.cfg
TIMOS:
slot=B
chassis=SR-14s
sfm=sfm-s
card=cpm-s
address=192.168.2.209/24@active
address=192.168.2.219/24@standby
primary-config=cf1:\config.cfg
TIMOS:
slot=1
chassis=SR-14s
sfm=sfm-s
card=xcm-14s
mda/1=s36-400gb-qsfpdd
mda/2=s36-400gb-qsfpdd
TIMOS:
slot=2
chassis=SR-14s
sfm=sfm-s
card=xcm-14s
mda/1=s36-400gb-qsfpdd
mda/2=s36-400gb-qsfpdd
Hope it helps. Note, that in case of distributed model, you need to have MTU on connecting virbr 9000 that can be sometimes tricky to achieve. And than R16 Timos need 4G of ram for CPM, but 6G of ram for xcm-7s and 8G of ram for xcm-14s.
All details can be seen in install guide. But hope those info can help to create lab faster and with less reading effort.
Another stuff you neet to know. In c4/c12 chassit type, you have to provision adapter mcm-xp to be able to insert MDA from SR7/12 boxes.
/configure card 1
card-type iom-xp
mcm 1
mcm-type mcm-xp
no shutdown
exit
mcm 3
mcm-type mcm-xp
no shutdown
exit
mda 1
mda-type m10-1gb-xp-sfp
no shutdown
exit
mda 3
mda-type isa-tunnel
no shutdown
exit
no shutdown
Then, it works as expected:
show card state
===============================================================================
Card State
===============================================================================
Slot/ Provisioned Type Admin Operational Num Num Comments
Id Equipped Type (if different) State State Ports MDA
——————————————————————————-
1 iom-xp up up 12
1/1 mcm-xp up up
1/3 mcm-xp up up
1/1 m10-1gb-xp-sfp up up 10
1/3 isa-tunnel up up 2
isa-ms
A cfm-xp up up Active
B cfm-xp up down Standby
(not equipped)
===============================================================================
Hey Martin,
great, thanks a lot for your details! I have missed VSR 15.0* release notes, so was not aware of supported HW types. Appreciate a lot your share!
BR,
Anton
Hello, very interesting your page.
One Question, how I can to licencing nokia R15.0
Hello Alonso,
You need to get to the Nokia representatives. Some of them are quite active online, so, perhaps, they could assist you with obtaining the license.
Cheers,
Anton