Operating an ASR 1000 - Amazon Web Services · PDF fileOperating an ASR 1000 Jason Yang...

Operating an ASR 1000 Jason Yang CCIE #10467, Technical Marketing Engineer
BRKARC-2019

2015 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKARC-2019
Platform Introduction What and How to Monitor System in Daily Operation
DoS Attack Detection and Mitigation Best Practices
Troubleshooting Common Problems
Service Container and REST API (Demo)
Summary and Take Away
Agenda
3

Platform Introduction
4

Midplane
ASR1000 Building Blocks
ES
P
FECP
QFP Crypto Assist.
interconnect
PPE BQS
ES
P FECP
QFP Crypto Assist.
interconn.
PPE BQS
FECP
Crypto Assist.
interconnect
RP CPU
interconn. GE switch S
IP
SPA SPA
IOCP SPA Aggreg.
interconnect
RP CPU
interconn. GE switch
SIP
SPA SPA
IOCP SPA Aggreg.
interconnect
SIP
SPA SPA
IOCP SPA Aggreg.
interconnect
Route Processor Handles control plane Manages system Embedded Service Processor
Handles forwarding plane traffic
SPA Interface Processor Houses SPAs Buffer packets in & out
Route Processor (RP) Handles control plane traffic Manages system
Embedded Service Processor (ESP) Handles forwarding plane traffic
SPA Interface Processor (SIP) Shared Port Adapters provide interface
connectivity
Centralized Forwarding Architecture All traffic flows through the active ESP,
standby is synchronized with all flow state with a dedicated 10-Gbps link
Distributed Control Architecture All major system components have a
powerful control processor dedicated for control and management planes
5

ASR 1000 Software (IOS XE) Architecture
ES
P
RP
IOS active
Platform Adaptation Layer (PAL)
Forwarding manager S
IP
IOS standby
Chassis manager
Linux Kernel
Forwarding manager
Chassis manager
Linux Kernel
QFP client / driver
QFP code
Linux Kernel
Chassis manager
SPA driver SPA driver SPA driver
Runs Control Plane Generates configurations Maintains routing tables (RIB, FIB)
Initialization of RP processes Initialization of installed cards Detects and manages OIR of cards Manages system status,
environmentals, power, EOBC
Provides abstraction layer between hardware & IOS
Manages ESP redundancy Maintains copy of FIB and interface list Communicates FIB status to active &
standby ESP
Programs QFP forwarding plane and QFP DRAM
Statistics collection & RP communication
Communicates with forwarding manager on RP
Maintains copy of FIBs Provides interface to QFP
client & driver
Driver Software for SPA interface cards is loaded independently
Failure or upgrade of driver does not affect other SPAs in the chassis
Control messaging
6

ASR 1000 Series Chassis ASR 1001-X ASR 1002-X
ASR 1004 ASR 1006 ASR 1013
SPA Slots 1-slot 3-slot 8-slot 12-slot 24-slot
RP Slots Integrated Integrated 1 2 2
ESP Slots Integrated Integrated 1 2 2
SIP Slots Integrated Integrated 2 3 6
IOS Redundancy Software Software Software Hardware Hardware
Built-In GE 6 (and 2x10GE) 6 N/A N/A N/A
Height 1.75 (1RU) 3.5 (2RU) 7 (4RU) 10.5 (6RU) 22.7 (13RU)
Bandwidth 2.5 to 20 Gbps 5 to 36 Gbps 10 to 40 Gbps 10 to 100 Gbps 40 to 200 Gbps
Maximum Output Power 250W 470W 765W 1275W 3200W
Airflow Front to back Front to back Front to back Front to back Front to back
NIM Slots 1 N/A N/A N/A N/A
7

What and How to Monitor - System Bootup
8

ASR 1000 image can be booted from 1. Bootflash (best practice supported in all chassis/RP) 2. Harddisk
storage purpose
3. External USB The only official support USB: MEMUSB-1024FT, non-Cisco USB can result in Kernel crash Once image booted from USB, can not remove it, otherwise can result in Kernel crash The best practice is to use USB to copy image to bootflash and boot from bootflash
4. TFTP
Where an image can be booted from
ASR1001-X ASR1002-X RP1 RP2
Built-in eUSB Bootflash
8GB 8GB 1GB 2GB
Harddisk NIM SSD (100GB, 200GB, 400GB) 160GB (optional) 40GB 80GB
External USB MEMUSB-1024FT MEMUSB-1024FT MEMUSB-1024FT MEMUSB-1024FT
9

Mastership determines which RP becomes RPact (and which RP becomes RPsby)
R0/R1, F0/F1 whichever boot up first become the Master, if boot up simultaneously R0/F0 is preferred over R1/F1 as Master.
Status of ASR 1000 hardware component is kept in the RPs chassis management process CMRP
ASR 1000 Initialization Sequence
POST HW Initialization Initialize EOBC Boot Kernel Start IOS CMRP detects cards via CPLD CMRP determines Master RP and ESP CMRP informs SIPs & ESP about Master via I2C CMRP downloads SIP & ESP software packages to SIP / ESP CMRP sends ESI config to CMSIP and CMESP
POST HW Initialization Initialize EOBC Wait for RP Master Detect RPact via ROMMON Upload inventory via CPLD ROMMON download software package Boot Kernel CMESP registers with CMRP CMESP starts QFP CMESP signals ready to RP CMESP sends ESI link status
POST HW Initialization Initialize EOBC Wait for RP Master Detect RPact via ROMMON Upload inventory via CPLD ROMMON download software package Boot Kernel CMSIP registers with CMRP CMSIP starts IOS-XE for SPAs CMSIP sends ESI link status
RP ESP SIP
REFERENCE
10

To check the status of each Module, use the show platform.
This command is aware of the status of each Module
Syslog is also generated for module status change
Display module status
ASR1000# show platform Chassis type: ASR1006 Slot Type State Insert time (ago) --------- ------------------- --------------------- ----------------- 1 ASR1000-SIP10 ok 6d17h 1/0 SPA-1X10GE-L-V2 ok 6d17h 1/1 SPA-8X1GE-V2 ok 6d17h 2 ASR1000-SIP10 ok 6d17h 2/0 SPA-1X10GE-L-V2 ok 6d17h 2/1 SPA-8X1GE-V2 ok 6d17h R0 ASR1000-RP1 ok, active 6d17h R1 ASR1000-RP1 ok, standby 6d17h F0 ASR1000-ESP10 ok, active 6d17h F1 ASR1000-ESP10 ok, standby 6d17h P0 ASR1006-PWR-DC ok 6d17h P1 ASR1006-PWR-DC ps, fail 6d17h
Jun 26 07:35:09.169 UTC: %IOSXE_PEM-1-PEMFAIL: The PEM in slot 1 is switched off or encountering a failure condition
11

IOS XE 'show version' Display Improvement
Before XE3.10 After XE3.10
ASR1000# show version Cisco IOS Software, IOS-XE Software (X86_64_LINUX_IOSD-ADVENTERPRISE-M), Version 15.1(1)S, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2010 by Cisco Systems, Inc. Compiled Mon 22-Nov-10 12:19 by mcpre
ASR1000# show version Cisco IOS XE Software, Version 03.10.00.S - Extended Support Release Cisco IOS Software, ASR1000 Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.3(3)S, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2013 by Cisco Systems, Inc. Compiled Thu 25-Jul-13 18:03 by mcpre
12

ROMmon Upgrade ASR1k image has grown to more than 500MB in XE3.8, customer must
upgrade to 15.2(1r)S ROMMON release in order to boot this image. It is critical to meet ROMMON release requirement to be able to boot up
system and FRUs successfully - Read ROMmon Release Requirements - Follow ROMmon upgrade procedure
ASR1000# copy ftp://asr:[email protected]/asr1000-rommon.152-1r.S.pkg bootflash: Accessing ftp://*****:*****@223.255.254.234/asr1000-rommon.152-1r.S.pkg... Loading asr1000-rommon.152-1r.S.pkg !!!!! [OK - 1253680/4096 bytes] 1253680 bytes copied in 0.716 secs (1750950 bytes/sec) ASR1000# upgrade rom-monitor filename bootflash:asr1000-rommon.152-1r.S.pkg all Chassis model ASR1001 has a single rom-monitor. Upgrade rom-monitor Target copying rom-monitor image file File /tmp/rommon_upgrade/latest.bin is a FIPS ROMMON image 65536+0 records in 65536+0 records out 65536+0 records in 65536+0 records out Checking upgrade image... 1114112+0 records in 2176+0 records out Upgrade image MD5 signature is fe18056

Operating an ASR 1000 - Amazon Web Services · PDF fileOperating an ASR 1000 Jason Yang...

Documents

Transcript of Operating an ASR 1000 - Amazon Web Services · PDF fileOperating an ASR 1000 Jason Yang...