Cisco Converged 5G xHaul Transport

5G network requirements

The 3GPP standards organization and 5G industry developers are specifying the main features of 5G. Figure 1 outlines the functionality already specified and to be available in upcoming 3GPP releases.

Figure 1. 5G technology evolutions

Emerging RAN architectures

In order to support the changing nature of the 5G network, it is clear that one of the most important factors to address is the current and future architecture of the RAN, the link that the radio sites use to connect to the transport network. Not only is this where operators spend most of their money today, but being geographically dispersed, it is also difficult to manage. Therefore, any development or evolution of the RAN to improve the efficiency or reduce the operational costs requires serious consideration.

Traditionally, we implemented the RAN as a distributed RAN (D-RAN) architecture, where all the radio functionality (the NodeB or eNodeB) resided in the cell site, which then exchanged IP packets with the mobile core via the backhaul network. The IP protocol was used to carry the traffic streams, and the data rates needed were roughly equivalent to the combined user data rates of user equipment that was utilizing the radios hosted in that cell site. With 4G, and more so with 5G, an alternative to the D-RAN is the disaggregated or centralized RAN (C-RAN), whereby the upper layers of the radio functions are separated from the lower layers and moved to a shared, centralized location.

Figure 2 shows the different 5G architectures emerging with RAN.

Figure 2. 5G RAN architectures

xHaul transport network for 5G

Cisco believes that a converged, end-to-end packet infrastructure, beginning in the access layer and stretching via the network data center all the way to the core, based upon segment routing and packet-based QoS, provides the underlying xHaul transport network (see Figure 3). This provides the most flexibility of application placement, the best scalability, the most robust reliability, and the leanest operational costs. On top of this, we layer VPN services, either based on BGP-based VPNs or business software-defined WAN (SD-WAN) technologies, to provide the means to support a multi-service environment capable of supporting strict SLAs.

Figure 3. Overall end-to-end architecture

Segment Routing data plane

Segment Routing is a technology invented by Cisco. Subsequently, a number of key operators drove the definition and adoption further, which has then attracted considerable interest from the wider operator and vendor community. For the last several years, the Internet Engineering Task Force (IETF) has continued to push the technology down a standardization track.

Segment Routing is based on a source routing paradigm, where the source node defines the path that a packet is going to take through the network. The source node inserts an ordered list of segments into the packet, which in the case of MPLS, is a set of labels; or in the case of IPv6, a set of segment IDs (SIDs) carried in a segment routing header (SRH). Because the segments are calculated and inserted on the source node, intermediate nodes simply read the appropriate segment labels/IDs within the packet header to execute the associated instructions. Very importantly, this means that the intermediate nodes do not need to hold any flow state, which greatly simplifies the network control plane. Figure 4 outlines the Segment Routing architecture.

Figure 4. Segment Routing architecture

There are multiple types of segments defined in Segment Routing and it is quite a broad topic. For a more detailed explanation of the technology, refer to: http://www.segment-routing.net/

Segment Routing control plane

The Segment Routing control plane can run purely as a distributed control plane, or where more complex forwarding paradigms (such as inter-domain routing) are required, it can use a hybrid approach. The hybrid approach splits the responsibilities: the routers distributed through the network host some functions while external SDN controllers calculate others, for example the definition of Segment Routing policies and inter-domain paths. In both approaches, the distributed routers run those functions needed to rapidly distribute the link state database, as well as calculate the shortest path routing tables, monitor the links to the attached nodes, and rapidly recover in the event of a failure.

SDN controller

Software-defined networks (SDN) and SDN controller are loaded terms and their definition depends on who you ask. In some cases, these networks are all-encompassing and involve all the topics of orchestration, automation, service assurance, and management of flows within the network. In others definitions, it refers purely to management of flows in the network. For the following discussion, we examine only the flow management component of SDN and cover other vital functions such as orchestration, automation, and service assurance elsewhere.

As noted above, Segment Routing does not require an external controller function, but as the segment-routing-policy use cases become more complex, or the network increases in scale and extends beyond a single domain, then the use of an SDN controller becomes more important.

Cisco’s SDN controller, called Cisco Segment Routing – Path Computation Element (SR-PCE), is based on the Cisco IOS® XR network operating system and can be hosted on either a physical or virtual device. SR-PCE has a northbound interface to the application layer via APIs. Southbound into the transport network, it collects the topology using standards-based protocols such as BGP-LS and subsequently is able to compute and deploy Segment Routing policies across the network. The Segment Routing policy algorithms used by SR-PCE have been purpose-built and specifically designed around segment routing.

Delivering SLAs with segment routing

Segment Routing policies and Segment Routing paths (the terms are interchangeable) are the methods used to implement an SLA in the network infrastructure. The Segment Routing control and data plane concurrently supports different SLA types while running on the same underlying networking infrastructure. Examples include:

1. Shortest path routing combined with equal-cost multipath (ECMP). This is the default policy supported by Segment Routing and is calculated on the network equipment by the IGP. It matches exactly the way an IP network forwards traffic, and is implemented by using a Segment Routing prefix segment.

2. Flexible Algorithm (commonly referred to as Flex-Algo). Traditional routing protocols, such as Open Shortest Path First (OSPF) and Intermediate System-to-Intermediate System (IS-IS), use the IGP metric on links and the “Shortest Path First” algorithm to calculate the “best” path between an ingress and egress point in the network. For many services this approach is sufficient, however this approach cannot, for example, take into account real-time link latency, utilization, and loss, whether an ECMP shares links that use the same underlying fiber. Flex-Algo is a new capability in segment routing that enables an operator to define their own custom flexible algorithm, based on a wide range of variables, including link latency, loss, bandwidth, and shared risk link groups (SRLG), to achieve a specific aim. For example, an operator may have an IP network using highly reliable fiber paths which they own and less reliable fiber paths which they lease and they want to support a highly reliable, low latency IP service. Flex-Algo can achieve this by building a routing table that optimizes based on real-time link latency, only on links owned by the operator. Other commonly discussed Flex-Algo use cases include bandwidth-guaranteed paths and routing between ingress and egress points using disjoint paths.

3. Segment Routing Traffic Engineering (SR-TE) paths. In this case, the path is explicitly specified and coded into the packet header at the source but can consist of a mix of prefix and adjacency segments. This allows a path to be a mix of segments whereby one segment might be shortest path first (SPF) routed with ECMP and others explicitly routed. In this case, the segment information is distributed by the IGP but the path calculation is done either in a distributed fashion or via the centralized SDN controller. This form of traffic engineering can support low-latency paths, bandwidth-guaranteed paths, and disjoint paths.

A special case of an SR TE path is an exact emulation of a RSVP-TE tunnel in classic IP/MPLS. In this case, the SR TE path consists of a set of adjacency segments that guide the traffic on the network on a link-by-link basis. The external behavior is that of RSVP-TE tunnels in classic IP/MPLS, but the difference is that the intermediate nodes carry no forwarding state and do not need to run RSVP-TE. Either the distributed nodes or a centralized SDN controller, such as Cisco SR-PCE, performs the path calculation and the IGP distributes the adjacency segment information.

Linking services to an underlay network

Using Segment Routing policies provides a rich set of capabilities to deliver SLAs across the xHaul transport network. However, to make use of them, it is necessary to map the customer and operator services to the appropriate Segment Routing policies, so that the service traffic gets the desired behavior from the transport network. Segment Routing provides this capability via a function known as traffic steering. This feature allows service traffic, for example, a layer 2 or layer 3 service, to be steered at ingress into a Segment Routing policy that provides a path to the service endpoint with the requested SLA. This is implemented either manually via configuration on the ingress router, or automatically using a function called Segment Routing automated steering (see Figure 5). In the automatic case, the ingress service traffic is steered into the appropriate Segment Routing policy, based on policy information conveyed at the service or VPN layer, which informs the underlay transport network how to treat the traffic.

Figure 5. Automated steering

Scaling the transport network with Segment Routing

Some xHaul transport networks will be extremely large and built using multiple domains. In these environments, it is important to isolate the domains as much as possible. At the same time, the operator needs to be able to provision end-to-end services that span domains.

Figure 6 shows the solution using a combination of On-Demand Next-hop (ODN), Cisco SR-PCE, and automated steering. This allows an operator to build large complex environments using minimal information exchange between domains, and thus reducing overhead on the network equipment

When a service needs to span multiple domains, BGP exchanges service routes that have the appropriate SLA identifiers attached. As discussed in the previous section, automated steering then selects the appropriate SR policies while a combination of ODN and SR-PCE builds the multi-domain on-demand Segment Routing policy (path) to the egress device in order to satisfy the service’s SLA requirements.

Figure 6. Automated steering and multi-domain On-Demand Next Hop

Network data center and multi-access edge compute (MEC)

Although not technically part of WAN, 5G proposes that network data centers will be hosting components of the network control and data planes. Therefore, it is vitally important that the network data center environment be tightly coupled with the transport environment. This will allow VPNs, associated with network slices, to be easily orchestrated and seamlessly extended from the WAN infrastructure into the network data center and vice versa. This problem is solved by linking VPNs created in the data center with service networks created in the xHaul transport networks.

Services and VPNs

The Segment Routing infrastructure is ideally capable of supporting:

• Traditional layer 2 / layer 3 network-based VPN utilizing Segment Routing policies: EVPN for layer 2 and BGP-based layer 3 VPNs provide the basic connection functionality. Segment Routing features, such as automated steering, On-Demand Next Hop, and SR-PCE can build these services in a highly automated and scalable fashion, and combined with coloring of service routes, can support a wide variety of SLA scenarios.
• CPE-based SD-WAN VPNs. Currently, most SD-WAN solutions run independently from the underlay transport but, even then, it is possible to guide flows into specific policies by using Segment Routing features. Cisco is working on solutions that allow closer linkage between the CPE-based overlay solutions and the underlying Segment Routing infrastructure.

This combination enables operators the flexibility to support both infrastructure services and the emerging SD-WAN market space, which is essential in building a converged transport infrastructure.

Segment routing with MPLS and IPv6

Segment routing with MPLS is an ideal technology for a converged transport architecture, since it is capable of addressing the requirements of 5G, while simultaneously supporting fixed, enterprise, and consumer services. It provides:

• An evolutionary approach when moving from classic MPLS to SR/MPLS
• Protocol simplification, removing the need for RSVP-TE and LDP
• Reduction of the amount of state held on the network routing equipment
• Concurrent support for services with different SLA requirements
• Minimal configuration due to functions such as path computation element (PCE), automatic steering, and ODN
• High scalability, allowing support for very large multi-domain networks
• Operator choice on the level of centralized controller (SDN) involved in provisioning and operating the network
• A strong linkage between the service layer and the underlying Segment Routing transport network through coloring of service routes. In this instance, coloring is not a literal term and refers to the ability to automatically specify the SLA requirements of the service. In the case of BGP VPNs, this is achieved through the color extended community attribute as specified in RFC5512.

Segment routing with IPv6 (SRv6) is progressing well from a standardization perspective in the IETF and proofs of concept are running. The expectation is that over time SRv6 will gradually replace segment routing with MPLS as the underlay packet technology. This will take time as the standards need to be completed, MPLS to SRv6 migration techniques need to be developed, and more importantly, a range of chipsets need to come to market that can support SRv6 on an end-to-end basis. Currently, high-end programmable chipsets are available that support SRv6, however to get the full benefits of the technology, SRv6 functionality needs to be incorporated into low-end chipsets suitable for edge networking equipment and even for server network interface cards (NICs).

SRv6 is coming to exhibit the same capabilities and benefits as MPLS, but the technology goes further in scaling, simplifying, and reducing the overheads associated with running a large-scale infrastructure that incorporates packet transport combined with edge computing. It also offers true programmability of the packets through the network, from both a path and services perspective.

Quality of service

5G, as a technology, uses packet transport end to end, including possibly in the fronthaul. We have already seen that the new fronthaul is a time-sensitive application and 5G will launch additional low-latency applications beyond today’s broadband services traditionally focused on voice, video, and data. This means that the converged network infrastructure needs to support a wide range of packet-based SLAs concurrently. Depending on the RAN design chosen, and whether the operator deploys low-latency services, some parts of the network may need to support features from the IEEE Time Sensitive Networking (TSN) task group.

As described above, segment routing functions such as SR-PCE, Flex-Algo, and automated steering provide mechanisms to engineer different services and traffic types onto appropriate paths within the network. In addition, packet-based DiffServ QoS, combined with appropriate class-aware capacity-planning tools, such as Cisco WAN Automation Engine (WAE), are needed to ensure packets associated with different services are treated appropriately.

Performance management

Segment Routing supports a rich set of tools to monitor the performance of the underlay Segment Routing packet infrastructure. These range from traditional tools, such as ping and traceroute that have been adapted for Segment Routing environments, and which are capable of testing SPF paths, Segment Routing policy paths, or specific paths programmed with Flex-Algo. Typically, these types of tools are used reactively, but when using features like Cisco’s Segment Routing-Data Plane Management (SR-DPM) they can be run proactively to detect black holes. Networks can run features like Segment Routing link loss and delay measurements either on an ad-hoc basis or continuously to provide dynamic measurement of link delays. This information can then be distributed in IGP, BGP Link-State (BGP-LS) and via telemetry, to be used in SR TE path computation.

In addition to tools for monitoring the Segment Routing layer, a comprehensive set of tools exists to monitor the performance of different services. These tools are dependent on the type of services running, but for example, in layer 3 includes facilities to monitor connectivity, delay, and loss on a per QoS class performance basis.

Segment routing as a transport slice technology

A packet-based environment combining VPN and Segment Routing technology provides very flexible mechanisms to support both hard and soft slicing concurrently over a common transport network infrastructure (see Figure 7).

Figure 7. Segment routing as a 5G slicing technology

Within the core transport network, Segment Routing provides the means to share resources using shortest path routing and statistical multiplexing combined with DiffServ QoS to create a soft slice. Equally, to create a hard slice, traffic-engineered Segment Routing policies built using distributed techniques such as Flex-Algo, or centrally using Cisco’s SR-PCE, allow resources to be entirely dedicated to a specific transport slice.

VPN solutions combined with service-orientated OAM and per-VPN Segment Routing traffic steering provide routing isolation, end-user visibility of the slice, and the means to steer traffic associated with a slice into the appropriate Segment Routing policy to meet any required SLA.

This approach enables the operator to support hard and soft slicing approaches concurrently on the same transport network, and is extremely scalable and flexible. It allows network slices to be built for each different 5G use case or for specific customers, such as mobile virtual network operators (MVNO) and enterprise customers, or a combination of both where, for example, an enterprise customer has their own slice created within a higher-level enhanced mobile broadband (eMMB) slice.

Transport physical architecture

Today, many operators’ IP/MPLS networks feature links between routers with bandwidth in the range of multiple hundreds of Gigabits per second (Gbps). To address this situation, operators have simplified the number of network layers down to a Dense-Wave Division Multiplexing (DWDM) / fiber foundation overlaid by a packet routing / switching infrastructure. This means that routers and switches connect directly to one or more dark fibers or DWDM Lambdas, where each Lambda currently supports bandwidths up to 250 Gbps (in the near future it will be 400 Gbps). This alleviates the complexity and cost associated with additional intermediate switching layers such, as an OTN TDM hierarchy, which adds little value for carrying IP services.

Bandwidth requirements will continue to rise, and in many networks point-to-point IP capacity requirements will match or exceed the capacity of a single DWDM Lambda, driven by increasing fixed and mobile access speeds and new services. In these high-capacity, high-growth environments, continuation of the current packet-network design philosophy, whereby packets flow directly on top of a photonic base layer, is simple and scalable. This approach, when augmented with segment routing, IP QoS, and statistical multiplexing will meet the needs of 5G, emerging fixed access solutions and the end-user services.

Security

Security challenges in 5G networks are a superset of those found in existing networks. Familiar challenges include physical security, management plane security, control plane security, and potentially exploitable bugs on routing devices. Given that most aggregation devices will be placed in untrusted or partially trusted environments, strong emphasis on tamper-proofing is essential. Beyond these questions, 5G enlarges the problem with network data center compute elements, software running on those elements, and new orchestration capabilities which must be also be secured.

The foundation of a trusted network are trusted devices and all trust must begin in hardware. Each Cisco network device includes trust Anchor technology that establishes a hardware root of trust for software integrity and strong encryption. This hardware security component provides a unique cryptographic identify of each platform component and is used as the basis for our advanced secure boot infrastructure. With hardware-rooted secure boot infrastructure, Cisco platforms provide significantly stronger protections against compromises of the firmware and operating system than typical firmware-based secure-boot infrastructures (such as those used in mainstream x86 platforms). This, coupled with advanced runtime OS protections and control-plane protections, allows Cisco platforms unique capabilities to establish and maintain trust in exposed environments.

The trusted platform also establishes a secure foundation for additional security services such as strong cryptographic protection for secret data and key material within the router. As operators are now increasingly deploying access devices in insecure remote locations, this built-in hardware-keyed protection for secret data at rest is required to maintain trust and control of critical network services.

For further information on Cisco’s approach to 5G mobile security, download our white paper, “5G security innovation with Cisco” at: https://www.cisco.com/c/dam/en/us/solutions/collateral/service-provider/service-provider-security-solutions/5g-security-innovation-with-cisco-wp.pdf

Timing

Timing and synchronization are critical components of an efficient LTE-A and 5G mobile architecture. If it is not properly designed, implemented, and managed, it can have a dramatically negative effect on the efficiency, reliability, and capacity of the mobile network. Subscribers will likely suffer dropped calls, interrupted data sessions, and a generally poor user experience, while operators will suffer network instability, loss of efficient usage of the radio spectrum, and unhappy subscribers.

Additionally, because of the move from distributed RAN (D-RAN) toward centralized RAN (C-RAN) and cloud RAN, 5G will demand transport of synchronization and allocation of a time-error budget, not only in backhaul networks, but also in the fronthaul and midhaul networks. And these requirements are going to be much tighter than existing 3GPP end-to-end time error budgets in the backhaul.

Successful mobile operators will use a combination of techniques to source and carry time, and so the secret to success is the selection of equipment with the flexibility to support various timing scenarios since one solution will hardly apply everywhere. This network will require a number of strategically located time sources, most likely Global Navigation Satellite System (GNSS) receivers, such as GPS, and a well-designed network to carry frequency and time via a combination of Synchronous Ethernet (SyncE) and Precision Time Protocol (PTPv2 or IEEE 1588).

GNSS receivers, particularly GPS from the United States, has historically been a very popular method for delivery of timing to the remote cell site, especially for: 1) large macro cells in open spaces, and 2) those radio systems where phase synchronization has long been a requirement (CDMA or TDD radio). Deploying an additional antenna at the top of the radio tower to receive the GPS signals was straightforward, the accuracy was first-class, and reliability very good. Frequently, this was an excellent solution.

There are situations, however, where GNSS systems do not work that well: deployments in dense urban canyons cause coverage and multipath issues; they are costly to deploy in buildings (requiring ducting access to the roof) and it is very vulnerable to interference, jamming, and increasingly, spoofing. With 5G increasing the radio density and expanding the in-building coverage, it is becoming increasingly difficult and expensive to deploy GNSS receivers for more challenging locations. Therefore, for future deployments, the ability to deliver time via the transport network will be an essential component of advanced xHaul transport networks. Even if not the primary source of synchronization at the radio, using the transport network to deliver a secondary source of time from a remote GNSS receiver is a robust backup mechanism for when local GNSS signal outages occur.

For transport-based solutions, there are a limited number of viable options. In general, transporting synchronization means using Precision Time Protocol (PTP)-based solutions for phase synchronization, assisted by Synchronous Ethernet (SyncE) for physical distribution of frequency over the existing xHaul transport networks (much like the old SONET/SDH based networks). In some cases where SyncE is not available, then PTP can be used to carry both phase and frequency, but it is not the optimal solution.

PTP profiles

Originally, the IEEE developed the 1588 PTP in response to broad industry and government need to enable accurate distribution of time and frequency over packet-based networks, in particular local area networks, such as across a factory floor. Version 2 of the standard, 1588-2008 or PTPv2, extended the use of PTP from the LAN to the WAN and introduced the concept of profiles. Profiles allow any organization to specify a specific combination of PTP options and attribute values to support a given application.

The International Telecommunication Union Telecommunication Standardization Sector (ITU-T; formally CCITT) was a keen adopter of this feature when it began to publish its telecom profiles to solve a number of problems in the telecommunications industry. Most recently, the ITU-T developed two PTP profiles, shown in Figure 8, specifically designed to support the transport of frequency and phase synchronization for mobile backhaul networks.

Figure 8. PTP profile support

These two profiles address two different network topologies and even specify different transport mechanisms, either layer 2 Multicast or layer 3 IP Unicast. The suitable profile depends on the support for PTP in the intervening nodes in the network between the PTP Telecom - Grand Master (T-GM) and the PTP Telecom – Time Slave Clock (T-TSC). They are:

• PTP with full on-path timing support from the network (each node is PTP-aware)
• PTP with partial timing network support (intervening nodes not necessarily PTP-aware) Additionally, each of these profiles require frequency distribution using SyncE in addition to phase distribution using PTP-based packet mechanisms. The use of SyncE allows for more accurate distribution of frequency (since it uses the signal on the fiber), faster lock time for the PTP slave clocks, and increased holdover times when the GNSS or PTP source of phase and time is lost.

Synchronization features

The main factors for a well-implemented timing and synchronization network include:

• Network elements that are frequency synchronized (syntonized) to the nominal frequency (small tolerance allowed)
• Phase error across the network below the budget required for the TDD radios and user applications
• How quickly it locks on and converges both frequency and phase to the sources of time
• Hold-over time - How long can the radio units maintain the correct frequency and phase if they lose their connection to the master clocks or sources of time?
• Resilience - How the network is able to adapt to failures, e.g. a local GNSS/GPS outage
• Cost - How cost-effective is the design to build, monitor, and operate
• Adaptability and flexibility - How easy it is to implement across different topologies and transmission technologies?

Cisco develops our product range with all these goals in mind, and helps operators to build 5G-capable xHaul transport networks by incorporating the following timing and synchronization features into our transport products:

• Class B and Class C T-BC Boundary Clock Noise Generation performance according to G.8273.2
• G.8275.1 (Full On-Path PTP support profile) with layer 2 Multicast encapsulation
• G.8275.2 (Partial On-Path PTP support profile) with layer 3 Unicast encapsulation (IPv4 and IPv6)
• External timing ports to allow the connection of separate GNSS receivers as primary reference time clocks (PRTC)
• Internal GNSS receiver support in equipment located where this function is appropriate
• Synchronous Ethernet (G.8262) and Ethernet Synchronization Message Channel (ESMC) support (G.8264) with a pathway to the new (currently draft) enhanced Synchronous Ethernet, or eSyncE (G.8262.1)

Model-driven configuration and telemetry

The “yet another next-generation” (YANG) data modelling language combined with NETCONF, RESTCONF and gPRC has been widely adopted by the networking industry to model and control configurations, as well as store and retrieve operational data on networking devices. It is also gaining traction beyond pure networking, with the x-RAN organization using this mechanism to configure and store operational data associated with radio antennas. In the networking space, there are a number of groups, such as the OpenConfig and the IETF, specifying standards-based models for networking functions, which can be deployed along with vendor-specific models.

In order to improve network agility, Cisco has moved to a model-driven paradigm for configuration, while in order to enhance network visibility, Cisco is streaming operational data using telemetry. Telemetry is a mechanism to efficiently push data off the routers rather than pull (or poll for) it. This operational data is structured using YANG models and can be encoded using JSON, XML or Google protocol buffers. This enables the monitoring and analytics platforms to easily interpret and process the data, as illustrated in Figure 9.

Figure 9. Model-driven configuration and telemetry

Orchestration and automation

5G will massively increase the size of networks, requiring support of multiple domains and bring levels of change not seen in previous generations of fixed or mobile networking. There is also an expectation from operators and their customers that complex changes—for example, setting up, changing, or removing a 5G network slice—can be done in minutes or even seconds in an error-free fashion. Traditional configuration and operational data collection techniques, such as manual command-line interface (CLI) configuration of vendor-specific CLI combined with Simple Network Management Protocol (SNMP) polling, will not be able to deal with this level of change, nor maintain an accurate operational view of the network.

In addition to device-level functionality, it is important to have a central capability to orchestrate, manage, and automate the network.

Cisco provides this functionality through a suite of products associated with orchestration, automation, and analytics based on Cisco Network Services Orchestrator (NSO) and the Cisco Crosswork™ solution.

Orchestration and lifecycle management is done through NSO, which is an industry-leading, cross-domain orchestration platform for hybrid networks. It provides comprehensive lifecycle service automation to enable you to design and deliver high-quality services faster and more easily across different domains, such as transport, network data center, and mobile core, all of which could be components of a 5G network slice.

The orchestrator provides a single network-wide interface for all network devices and services, as well as a common modelling language and data store for both services and devices. CLI, auto-generated APIs, and an auto-generated web interface are used to access NSO, which can run either as a standalone application or integrated, via APIs, into a larger OSS/BSS infrastructure.

The service, for example a 5G slice, is specified as a semantic service model. This model combined with an NSO component, called the Service Manager, provides support for any service change, including arbitrary modifications in real time. NSO then renders the minimum configuration change for the devices to achieve the desired service state and applies these changes in a transaction-safe approach to the network functions. This is done either natively using NETCONF/YANG or via network element drivers (NEDs) when the device entity does not support NETCONF/YANG. It is important to note that service orchestration is not solely about provisioning services; it also plays an important role in promoting adherence to SLAs. As a vital part of the service orchestration, NSO provisions assurance systems, deploys virtual probes, etc. to ensure that service monitoring is in place.

Cisco Crosswork and its associated applications bring closed-loop automation across the overall operation lifecycle. This solution is based on three main pillars:

• Mass awareness - Mass awareness offers the ability to embrace and collect massive amounts of data from different data sources and protocols, including leveraging on streaming telemetry for real-time visibility of the network infrastructure.
• Augmented intelligence - Derive knowledge from this data by leveraging advanced machine learning and artificial intelligence techniques (Cisco Crosswork Health Insights and Cisco Crosswork Situation Manager)
• Proactive control - Take action—either a configuration or remediation action—based on the knowledge derived (Cisco Crosswork Change Automation)

Reflected within the Cisco management and automation offerings are capabilities built from Cisco’s breadth of experience with CUPS, segment routing, and the predecessor technologies used in our customer’s access, aggregation, and mobile packet core networks. Visibility is a key requirement for the management of segment routing. Within the solution, we provide the ability to discover the network status for each service, and render it logically as well as geographically for the operations team. It provides views for Segment Routing overlay, Segment Routing policies, underlay network, as well as delivering aids and reports for the operator, which are key to avoiding issues or for expedited remediation when needed.

5G network slice orchestration and management

Definition of a 5G network slice includes all resources, including radio, mobile core, network data center/virtualization platform, and the xHaul transport network. To orchestrate a slice successfully requires tight coordination between these different domains, although these domains are very different in their functions, as are the tools needed to control and manage them. Consequently, Cisco is building a slice orchestration/controller design where there are specific domain controllers and orchestrators associated with the major domains that are coordinated by a cross-domain slice orchestration function that is responsible for the overall slice orchestration and management (see figure 10).

Figure 10. Cross-domain orchestration