Offering secure virtualization, continuous system operation, and multiservice scale, the Cisco® XR 12000 Series routers accelerate the service provider evolution toward IP Next-Generation Networks, combining the unparalleled innovation of Cisco IOS® XR Software with the investment protection of the market-leading Cisco 12000 Series.
CISCO XR 12000 MANAGEABILITY
The Cisco XR 12000 Series composes a portfolio of intelligent routing solutions that scale from 2.5- to 10-Gbps capacity per slot, enabling next-generation IP/Multiprotocol Label Switching (MPLS) networks. The Cisco XR 12000 Series routers are powered by Cisco IOS XR Software, a unique self-healing and self-defending operating system designed for simplified management while scaling capacity and adding new services or features (Figure 1).
Figure 1. The Cisco XR 12000 Series
Recognizing that manageability needs to evolve to keep pace with the evolution of high-end routing technology, Cisco Systems
® designed Cisco XR 12000 manageability to support the distributed architecture of the Cisco XR 12000 Series, network consolidation, and multiservice applications.
In its microkernel architecture, each management process has full memory protection and fault isolation. By separating processes into planes, the management plane cannot affect or be affected by processes on the control and data planes. This modularity also offers enhanced security and the ability to upgrade management processes without affecting routing control functions or network traffic.
To maintain performance in an embedded management environment, the Cisco XR 12000 distributed route processor architecture allows balancing of processing demands across multiple route processors. Under heavy network management load such as data collection or alarm processing, tasks can be distributed to any available resource to prevent adverse impact on critical tasks. To support operation, administration, maintenance, and provisioning (OAM&P) functions, persistent storage is provided through flash memory, and hard-disk resources can be used for temporary storage of debugging and diagnostics data.
To support continuous system operation with flexible management services, the Cisco XR 12000 Series has three primary embedded manageability functions: instrumentation, interfaces, and application services.
The instrumentation and management interfaces of a router are the most important aspects of its manageability. If the router does not have the proper instrumentation to provide information and control, operators and operations-support-system (OSS) applications will not be able to manage it.
The Cisco XR 12000 Series offers embedded fault, configuration, accounting, performance, and security (FCAPS) management that goes beyond simple router instrumentation. By performing much of the management processing previously performed by external management applications, the Cisco XR 12000 Series can respond to events and requests more quickly and groom data to help OSS systems scale.
Embedded Fault Management
Highly scalable multiservice platforms present unique demands on existing event management systems because of the volume of traffic they process and the volume of alarms they can generate.
The embedded Cisco XR 12000 Event Manager supports event correlation and filtering to reduce the potential flood of events from thousands of interfaces. Event filtering and correlation policies defined by Cisco or an operator can control granularity of alarms generated, and event correlation automates actions on events such as launching system recovery tasks for example, protection switches, or user-provided Tool Command Language (TCL) scripts.
For example, a single event such as a line-card online insertion and removal (OIR) causes several application communication and interface failure alarms. A correlation policy can be defined that links all associated events to a given root event, provided they arrive within the specified time interval. As a result, only the root event is forwarded, reducing the alarm overload on the event management system. Users can still query the box for the list of correlated events.
The event manager also supports a user-configurable alarm buffer. An external management system or operator can structure and initiate a query to alarms in the buffer for status or trend analysis. Because of the high-availability architecture of Cisco XR 12000, alarms in the buffer are checkpointed to prevent loss in the case of route-processor failover or process restart.
In addition to support syslog and SNMP trap operations, the Cisco XR 12000 supports reliable alarm transport over SSH in XML format.
Embedded Configuration Management
Although downtime is often caused by sources outside the network, it is also caused by sources, such as operators, near the network. Because the configuration of a multiservice router is complex and failure or delay can have a detrimental impact on many customer services, an embedded and intelligent configuration process is needed to maintain continuous system operation and rapid provisioning.
The embedded Cisco XR 12000 Configuration Manager supports transaction-based configuration operation. The operator can configure multiple features at the same time, and those configurations do not become operational unless they are committed by the operator. The configuration manager maintains multiple configuration points that the system has gone through and supports rollback of configuration to a previously known configuration point.
The embedded Cisco XR 12000 Configuration Manager optimizes the router configuration process during startup, operation, and OIR events. By distributing and applying changes concurrently and in bulk on startup and OIR events, mean time to repair (MTTR) is minimized. By checkpointing incremental configuration updates, the configuration manager helps enable the Cisco XR 12000 Series to support configuration commit or rollback during normal operation.
Some of the biggest challenges of a multiservice router that can perform Internet peering are the large Border Gateway Protocol (BGP) route policy configurations. Cisco IOS XR Software offers a new route policy language (RPL), which reduces the number of policy configurations that an operator has to write.
Accounting is an indispensable part of network management for traffic engineering, billing, and security. The Cisco XR 12000 can support the sampled and aggregated NetFlow capabilities in the hardware with no performance impact. Cisco IOS XR Software supports flexible flow management capability using NetFlow Version 9.
Embedded Performance Monitoring
In large networks, performance monitoring and trending have been difficult to perform. The volume of available data from a large number of network elements is usually too high for the performance monitoring component of the OSS to collect, store, correlate, and process. The volume also has a potentially significant impact on the network traffic between elements and collectors. Typically, the volume of collected data is restricted by targeting specific objects within platforms, as opposed to the ideal of trending across the network.
Because of the scale of today's networks, traditional data polling from a centralized application is neither adequate nor efficient. As a result, the collection of performance statistics and counters on the Cisco XR 12000 Series is performed by the embedded performance monitor.
Cisco XR 12000 performance monitoring allows operators to define which statistics to collect, the frequency of collection, and the total number of samples to be held in memory. Collections can be configured to run on demand or periodically for trending. An on-demand collection is generally used for quick debugging and diagnostics, such as viewing percentage usage. Whether on-demand or periodic, data collections do not affect other collections in process, and the data can be polled by, or exported to, external collectors after a collection period expires.
The Cisco XR 12000 Performance Monitor locally monitors counters against user-configurable thresholds on all supported entities, such as error counters for interfaces and link use for MPLS. Threshold conditions are set as logical operations on the value of an attribute against a threshold value (defined by percentage or absolute value). The threshold rule is evaluated at each collection interval, and a threshold-crossing alert (TCA) is generated as soon as a threshold condition or criteria are met or exceeded. Range operators allow a user to track the value of a counter within a specific range (for example, CPU use between 20 and 60 percent), thus providing a powerful notification mechanism when the system is not operating within the expected range. Threshold rearming rules specify whether to generate threshold notifications, even if a threshold condition is met. This avoids a flood of threshold notifications when, for instance, a threshold condition is crossed repeatedly within a brief period or interval.
All collected data is checkpointed to prevent data loss in the case of route-processor failover or process restart. And as with other events, TCAs generated by the embedded performance monitor can use automatic actions on events as described in the "Embedded Fault Management" section.
Although instrumentation is required to protect service provider networks from losses caused by security problems, access to that instrumentation also must be protected.
Cisco XR 12000 secure management access is supported through Secure Sockets Layer (SSL), Secure Shell (SSH) Protocol, IP Security (IPSec), TACACS+, and RADIUS-based authentication, authorization, and accounting (AAA). In addition, new task ID-based security profiling provides more granular control of each task than typical role-based access controls. In task ID-based security, user types can be defined and then sorted into groups. Each group is associated with a particular task group---BGP and MPLS tasks, for example---with explicit privileges (read or write).
Task ID also provides flexibility in router management task authorization. To help ensure software image integrity, loadable software is digitally signed and authenticated by the installation manager during the installation process. If a package fails authentication, it is not executed.
To use the information and control enabled by embedded instrumentation, a routing platform must offer access through interfaces, typically through hardware and software, called application programming interfaces (APIs). These interfaces should be open and based on industry standards. If the interfaces are proprietary, service providers pay significantly higher costs for the integration of the router into their existing OSS infrastructures. And they will continue to pay higher costs to maintain that integration as the OSS evolves, raising the router overall cost of ownership.
The Cisco XR 12000 Series supports both physical interfaces and standard API access (Figure 2) to the instrumentation embedded within Cisco IOS XR Software, including an internal metadata model that maintains management consistency across access schemes, whether command-line interface (CLI), Simple Network Management Protocol (SNMP), or Extensible Markup Language (XML).
Because a network connection to a failing or initializing device is not always available, the Cisco XR 12000 Series supports serial console and auxiliary ports and 10/100/1000 Ethernet management interfaces on route processors. As the management entry points of the Cisco XR 12000, the Ethernet interfaces are routable ports, supporting access-control-list (ACL) control to filter management access traffic according to security policies.
Cisco IOS XR CLI
As with most networking devices, the CLI is a traditional management method that operators are comfortable with. Users familiar with the Cisco IOS CLI will quickly learn and adapt to the Cisco IOS XR CLI.
Although not always the most efficient, SNMP is one of the most pervasive protocols used by management systems. To support integration with most OSS applications---event management in particular---Cisco IOS XR Software supports an extensive list of MIBs and multiple versions of SNMP, including SNMP Versions 1, 2c, and 3.
Perhaps the most popular ARP for provisioning integration, XML provides an excellent mechanism for formatting, encoding, and transmitting complex data between routers and management applications.
The Cisco XR 12000 programmatic interface is provided by XML. Its rich schema helps enable rapid development of management scripts and customized applications for router configuration and monitoring. Using the XML interface, client applications can access Cisco XR 12000 management data by encoding the request within an XML stream and sending it to the router over a variety of transport methods such as Common Object Request Broker Architecture (CORBA) or SSH transport. The query result is returned to the client as an XML-encoded response stream. Defined and published in router XML schema documents, XML tags can be used by client applications to encode and decode XML streams. A tagged response can be used to customize the presentation and format the data display, thus eliminating the need to parse unformatted ASCII text, frequently required with text-based responses.
Embedded Application Services---Cisco Craft Works Interface
To provide a more efficient and user-friendly management tool, the Cisco Craft Works Interface (CWI) is an embedded Java application that uses the Cisco XR 12000 XML interface. It supports enhanced CLI features, a text editor, and a GUI (the Cisco CWI Desktop) that can be launched from a Web browser.
Cisco CWI Config Editor
Using the Cisco CWI Config Editor, users can modify and save configuration changes without committing modifications to the running configuration. Network operators benefit from standard full-screen editing features such as blocking copy and paste, typing command completion, the ability to run syntax checks, viewing changes made before final commit, and verifying the configurations before they are applied.
Cisco CWI CLI
The Cisco CWI CLI supports enhanced features such as historical command recall and batch execution to personalize the management of the Cisco XR 12000. Within SSH and Telnet windows, a local command buffer is provided to save common commands in each user's local storage. Upon login to each router, these common commands can be recalled to expedite and simplify use. In addition, a saved command file can be executed in a batch mode.
Cisco CWI Desktop
The Cisco CWI Desktop (Figure 3) provides a GUI that gives operators a visual overview of system components and their status.
Figure 3. Cisco CWI Desktop
The Cisco CWI Desktop provides access to some of the vital embedded FCAPS functions that the Cisco XR 12000 supports:
• Inventory tree---The inventory tree displayed in the left pane (Figure 4) presents the system in either a physical chassis or logical router view. The inventory pane can display rack, card, slot, and port information or can export it into a structured file format. The color-coding of each tree item represents component status and is based on the highest-level alarm generated. The Cisco CWI Alarm Viewer is context-sensitive; if launched against a particular component, only the alarms of that component are displayed.
Figure 4. Cisco CWI Inventory and Alarm Viewer
• Alarm Dashboard---The alarm dashboard (Figure 5) displays the current running alarm total for each alarm severity (critical, major, minor, warning, and indeterminate). The right-most counter represents the total number of alarms received during the current session.
Figure 5. Cisco CWI Alarm Dashboard
• Rack View---Network operators familiar with CiscoView quickly appreciate the intuitive user interface of the Cisco CWI Rack View tool (Figure 6). LEDs within the card display can be programmed to relay simple messages from the network-operations-center (NOC) operator viewing the graphic representation of the chassis to field technicians at the physical chassis location. For example, a NOC operator can create a text message on a physical card to indicate to field technicians that the card can be removed.
Figure 6. Cisco CWI Rack View
• Configuration desktop---The configuration desktop (Figure 7) provides a GUI to simplify the configuration of routing policy, ACLs, quality of service (QoS), and protocols such as BGP, Intermediate System-to-Intermediate System (IS-IS), Open Shortest Path First (OSPF), MPLS traffic engineering (MPLS-TE), and Resource Reservation Protocol (RSVP). For example, assume a new maximum transmission unit (MTU) must be configured on all interfaces. If the number of interfaces is low, using CLI is feasible. However, when the number of interfaces is in the hundreds, or even in thousands, the CLI becomes labor-intensive. In a few clicks, the Cisco CWI Configuration Desktop can apply this change across all interfaces consistently, translating to increased productivity and reduced operations costs.
Figure 7. Cisco CWI Configuration Desktop
Carrier Class EMS
In conjunction with the rich manageability instrument on the Cisco XR 12000 Series, IOS XR is also supported under the Cisco Transport Manager (CTM), a well established EMS solution for Cisco's optical and transmission product family. The initial release of CTM 5.0 provides fundamental device management functions in the area of fault management, inventory, router configuration repository, network topology and performance monitoring. Additional features will be rolled out as part of the future CTM product.
Figure 8. CTM 5.0
Profitable service provider networks depend on next-generation routing platforms that offer continuous system operation and exceptional service flexibility. The key to delivering high availability and service delivery for core routing platforms is a robust manageability solution. Through the support of embedded instrumentation, interfaces, and application services together with EMS solutions, the Cisco XR 12000 solution offers an evolution of both routing and manageability technology that integrates within existing OSS environments.
For more information about complementary element-management-system (EMS) and OSS solutions, contact your Cisco account representative.