service advertisement framework
TRANSCRIPT
1
SAF –Service Advertisement Framework
2
Module Agenda
Introduction to Service Advertisement Framework
Overview of the SAF Network
Overview of the SAF Client-Network Interface
SAF Service - Call Control Discovery (CCD)
Deployment and Configuration of SAF
Review of SAF Features and Benefits
Summary of SAF
3
Module Objectives
Upon completion of this module, you will be able to:
Describe what the SAF feature is and how it benefits the network
Identify the components that make up the SAF network
Explain what Call Control Discovery is used for and how it helps Cisco UC networks
Describe the benefits of Call Control Discovery
Configure SAF with the necessary commands to enable the feature
Explain the benefits of the Service Advertisement Framework feature
4
Introduction to SAF
5
New technologies and applications wereoften deployed as overlays
Many networks utilize static configurations – what happens when:
– The service location changes?
– The service connectivity is lost?
– Network connectivity is lost?
Problems with static configurations:
– Configuration complexity
– High operational cost
– Deployment speed
The network needs to leverage dynamic routing capabilities to help these services communicate and adapt to changes
The network needs to provide a foundation for service awareness and allowapplications to be discovered without user
Today’s IP Network & Static Configurations
6
Technology Description
Wide Area Bonjour
Relies on DNS, which (depending on the deployment model) may be a potential single point of failure. DNS may also not respond well to the dynamic nature of some applications.
UDDI/WS-Discovery
Central directory for service registration and discovery: potential single point of failure. Represents an overlay on the network (i.e. no real network integration).
PNRP + Other P2PDistributed database, but relies on intelligence and load on the clients.
Service Location Protocol (SLP) Uses multicast to announce services. Can be very chatty. Scalability issues.
Active Directory / LDAPStores service information in distributed directory. Client uses RPC-based lookup API. No network integration. Not widely deployed
DNS SRVUses the DNS SRV record type to store service information including priority and weight
Existing Service Discovery Solutions
7
Service Advertisement Framework - SAF
SAF is: Network-based, bandwidth efficient approach to service advertisement
Leverages Cisco routing technology - works w/ EIGRP, OSPF, RIP
3 main components:
1. The SAF Network –propagate service advertisements
2. The SAF Client-Network Interface –publish and subscribe to services
3. The SAF Services –e.g., Call Control Discovery
SAF Network
SAF Services
SAF Services
SAF Services
Client-Network
Client-Network
Client-Network
8
Traditional Service Discovery vs. SAF
Traditional Service Discovery SAF = Auto Service Discovery
Most network services and applications are
implemented as overlay systems on top of
the network which provides operational
complexity
True network integration, simplifying network
design and services availability
Requires separate configuration
management and coordination between the
network and service
Unified interface between network and
services resulting in simplifying configuration -
speeds new service deployments
Limited scalability and resiliency compared to
the IP Network
Uses EIGRP - leveraging Cisco routing
technology with proven scalability and fast
converging characteristics, similar to the IP
network - adaptive to service and network
changes
9
SAF Component Description
SAF Forwarder Router feature – provides relationship between
client and framework, stores service information
and propagates it to other Forwarders
SAF Client Any application wishing to advertise a service to
the network or request a service from the network
or both
SAF Service Any information that a SAF Client wishes to
advertise or consume
SAF Advertisement Carries service information, consists of SAF
Header and Service Data
Non-SAF Node Any router that does not run the SAF protocol
Service
SAFHeader
SAFService Data
SAF Network Elements
10
SAF Forwarder
SAF Forwarder receives services advertised by SAF Clients
SAF Forwarder:
–Ensures reliable delivery of service advertisements
–Maintains knowledge of path redundancy
–Is scalable
–Minimizes network bandwidth use with targeted mcast & unicast
Cisco SAF Forwarder propagates Service Ads to other Cisco SAF Forwarders
Forwarder provides relationship between SAF Clients & the SAF Network
Forwarder receives Service Advertisements and stores a copy before forwarding the advertisement to its neighbor SAF nodes
If a Client removes a service or disconnects from the Forwarder node, the node will inform the framework about the down services
Forwarder removes Client‟s advertisements from the framework
Transitive Forwarder is a Forwarder with no clients connected
11
SAF Client
SAF Client is a producer of services, a consumer of services, or both
SAF Client establishes a peering relationship with the Cisco SAF Forwarder
SAF Client publishes advertisements to the Cisco SAF Forwarder that contain information about the service it offers
The Cisco SAF Forwarder advertises all services published by the Cisco SAF Client
When asking for a service, SAF Client sends a services request notification using a subscribe request
In response to a services request, SAF Forwarder sends the current set of services to the SAF Client
12
SAF Services
Any information that a SAF Client wishes to advertise that can then be used by other SAF Client applications
Any information that a SAF Client wants to consume
SAF Services are announced using a SAF Service Advertisement consisting of service data
First client application to use SAF is Call Control Discovery (CCD) - UC
CCD uses SAF architecture to distribute and maintain information about Directory Numbers
SAF takes away static configurations for dial plan distribution
CCD with SAF enables dynamic dial plans for a Cisco Unified Communication system
13
New York
CMEAdvertise:
+1972555....
Nice
CME
London
CallManagerSan Jose
Call Manager
Advertise:
+3349988....
Advertise:
+1408555....
+1415234....
Advertise:
+4422334....
CCD & SAF Propagating Reachability for Call Agents
14
– Used by Forwarders to propagate Advertisements
– Identifies service type, unique instance, and advertiser
– Metrics used to avoid loops
– Service-specific information
– Meaningful only to clients of the given service
– Transparent to Transitive Forwarders, only interested in the Header
SAF Header SAF Service Data
Service ID
Metrics
101 2 1.2.3.4
...
...
IP Address Port
Client Data
Length
SAF Advertisement
SAF Advertisement intended to provide sufficient information about the Service
SAF Client will send a SAF Advertisement to announce its Service
SAF Forwarder sends SAF Advertisement to Client when Client needs Service
15
Non-SAF Node
To enable SAF within a network, only a subset of routers need to be configured as SAF Forwarders
Networks of Non-SAF capable routers and SAF capable routers can run any IP routing protocol
Non-SAF Node is any router that does not run the SAF protocol
„Dark Nets‟ are domains of one or more routers that do not have SAF; e.g. MPLS or Internet Service Provider
Cisco SAF messages are IP-based and therefore can traverse Non-SAF nodes and Dark Nets
16
SAF Features and Benefits
SAF provides a framework that allows networking applications to automatically discover networked services
Automated discovery of services replaces the manual entry of complex configurations
SAF allows applications to advertise their services
Cisco SAF allows user to create a configuration once, and then have it propagate to all devices that require the information
17
The SAF Network
18
SAF External
Client
SAFForwarder
Non-SAFCloud
SAF TransitiveForwarder
SAF TransitiveForwarder
SAF Internal
Client
SAF Advertisement
= SAF Client Protocol (SAF-CP)
= SAF Forwarder Protocol (SAF-FP)
= SAF Client Internal API
Legend:
SAFHeader
SAFService Data
AdjacentSAF Neighbors
Non-adjacent SAF Neighbors
Cisco IOS Router
Service SAF Service
The SAF Network
Service
SAFForwarder
& Internal Client running
SAF Service
SAF Service
19
SAF Forwarder Protocol is a „Service‟ routing protocol
SAF-FP routes information about services over IP networks
SAF-FP is based on EIGRP and applies EIGRP capabilities to
distributing SAF Service information
Like EIGRP, SAF:
–Uses DUAL and Split Horizon to prevent loops
–Only sends updates when changes occur
–Is scalable and provides fast convergence
–Supports peer authentication to prevent malicious services
SAF can run with ANY IP routing protocol – RIP, EIGRP, OSPF, or
IS-IS can be used in the network
Non-SAF Cloud
SAF Forwarder Protocol - SAF-FP
SAFForwarder
SAFForwarder
SAF TransitiveForwarder
SAF TransitiveForwarder
20
Dynamic Discovery – L2 Adjacent
Multicast
Occurs automatically on all enabled interfaces
Static Configuration – L2 Adjacent
Unicast
Prevents dynamic discovery on the same interface
Not configured
SAF Forwarder Neighbor Discovery
Dark Net
Static Configuration – Non-Adjacent
Unicast
Configured between each pair of forwarders
21
SAF Forwarders can leverage Message Digest 5 (MD5) for authentication
MD5 prevents bogus Forwarders and Services from engaging in the SAF Network
External SAF Client(s) & SAF Forwarder(s) authentication is based on a Shared Secret
The Shared Secret consists of a username, password and random key that is computed locally by each device
Authentication not necessary for internal IOS SAF Client
SAF
Forwarder
SAF
External
Client
SAF
Forwarder
MD5
Authentication
Shared
Secret
SAF & Security
22
The SAF Client-Network Interface
23
SAF Clients perform three functions:
1. Register to the network
2. Publish services
3. Subscribe to services
External Clients communicate to a SAF Forwarder via the SAF Client Protocol (SAF-CP)
Internal Cisco IOS Clients communicate to a co-located SAF Forwarder via Internal API
(Cisco Unified CM) (CUCME, SRST, CUBE...)
SAF-CP
SAF Network
InternalAPI
ExternalClients
InternalIOS Clients
SAF-FP
SAF-FP
SAF Client Types
24
Client must know IP address of the SAF Forwarder
Security - digest authentication based on Shared Secret
Once Client is authenticated it sends a register message to the Forwarder
Client uses unique „client label‟ to identify itself
Registered Client can publish or subscribe to SAF Network services
SAF Forwarder advertises all services published by the Cisco SAF Client
SAF Client sends Forwarder subscription requests for the services that it is interested in receiving
SAF Client uses the SAF-CP for Client registration, Client advertisements, and Client subscriptions
SAF Client Protocol – SAF-CP
25
SAF Services –Call Control Discovery (CCD)
26
IP Network
Call Agent
Call Agent
Call Agent GK
Existing call control approaches are limited
Configuration complexity - speed of deployment
High Operational Costs – TCO (Total Cost of Ownership)
Gatekeeper
Full Mesh of Dial Peers Centralized (Hub & Spoke) Dial Peers
Unified Communications Today
27
Call Agent
Call AgentCall Agent
Call Agent
Call Agent
Call Agent
Call Agent
Call Agent Call Agent
Call Agent
Call Agent
Call Agent
Call Agent
Call Agent
Advert
ise
Consum
e
Service Type:Unified Communications
Sub-Service:Call Control Discovery
UC CCD is the first Cisco service that
leverages SAF
Call agents discover each other
through the SAF network by:
1. Advertising their CCD service
2. Requesting CCD services
Call agents dynamically route calls to
remote destinations based on learned
CCD services
Using SAF and Call Control Discovery:
–DN ranges operationally simplified
–Call control changes automatically distributed
–Seamless Moves / Adds / Changes
–Virtual mesh, best redundancy
–Full mesh complexity reduced
SAF Network
UC With SAF – Call Control Discovery
28
Enables call agents to exchange dial plans, signaling protocols, and reachability information through SAF
CCD uses SAF to distribute information about the availability of internal DNs to other UC call agents
CCD leverages information learned from SAF to dynamically create dial plans for call control between call agents
SAF simplifies failover to the PSTN in case of an IP network outage
Call Manager, CME, CUBE and IOS Gateways can advertise CCD services, request CCD services, or both
UC CCD applications supported by SAF:
1. Advertising DN ranges 4. Automatic PSTN failover
2. Learning DN ranges 5. Automatic re-routing for SRST
3. Dynamic Call Routing 6. Legacy PBX integration
Call Control Discovery (CCD)
29
New York
DN Pattern “to DID” rule IP address Protocol
8408XXXX 4:+1408555 10.1.1.1 SIP
8415XXXX 4:+1415777 10.1.1.1 SIP
8949XXXX 4:+1949222 10.1.1.1 SIP
New York CME Routing Table
San Jose
San Francisco Irvine
SAF-enabledIP Network
PSTN
8408XXXX
8415XXXX 8949XXXX
8212XXXX
10.1.1.110.2.2.2
IP address: 10.1.1.1
Protocol: SIP
DN Patterns:
8408XXXX [4:+1408555],
8415XXXX [4:+1415777],
8949XXXX [4:+1949222]
Service Advertisement
CCD – (1) Advertising DN Ranges
30
New York
DN Pattern “to DID” rule IP address Protocol
8212XXXX 4:+1212444 10.2.2.2 SIP
San Jose CUCM Routing Table
San Jose
San Francisco Irvine
SAF-enabledIP Network
PSTN
8408XXXX
8415XXXX 8949XXXX
8212XXXX
10.2.2.210.1.1.1
IP address: 10.2.2.2
Protocol: SIP
DN Patterns:
8212XXXX [4:+1212444]
Service Advertisement
CCD – (2) Learning DN Ranges
31
London
8442XXXX
10.3.3.3
DN Pattern “to DID” rule IP address Protocol
8408XXXX +1408555 /4 10.1.1.1 SIP
8415XXXX +1415777 /4 10.1.1.1 SIP
8949XXXX +1949222 /4 10.1.1.1 SIP
DN Pattern “to DID” rule IP address Protocol
8212XXXX +1212444 /4 10.2.2.2 SIP
New York
San Jose CUCM Routing Table
New York CME Routing Table
San Jose
San Francisco Irvine
SAF-enabledIP Network
PSTN
8408XXXX
8415XXXX 8949XXXX
8212XXXX
10.2.2.210.1.1.1
Call 84421000
DN Pattern “to DID” rule IP address Protocol
8212XXXX 4:+1212444 10.2.2.2 SIP
8442XXXX 4:+442077111 10.3.3.3 H.323
DN Pattern “to DID” rule IP address Protocol
8408XXXX 4:+1408555 10.1.1.1 SIP
8415XXXX 4:+1415777 10.1.1.1 SIP
8949XXXX 4:+1949222 10.1.1.1 SIP
8442XXXX 4:+442077111 10.3.3.3 H.323
CCD – (3) Dynamic Call Routing
32
New York
DN Pattern “to DID” rule IP address Protocol
8212XXXX 4:+1212444 10.2.2.2 SIP
8442XXXX 4:+442077111 10.3.3.3 H.323
San Jose CUCM Routing TableDN Pattern “to DID” rule IP address Protocol
8408XXXX 4:+1408555 10.1.1.1 SIP
8415XXXX 4:+1415777 10.1.1.1 SIP
8949XXXX 4:+1949222 10.1.1.1 SIP
8442XXXX 4:+442077111 10.3.3.3 H.323
New York CME Routing Table
San Jose
San Francisco Irvine
SAF-enabledIP Network
London
PSTN
8408XXXX
8415XXXX 8949XXXX8442XXXX
8212XXXX
10.2.2.2
10.3.3.3
10.1.1.1
8442XXXX
8442XXXX
Call 84421000
Translate to+4420771111000
CCD – (4) Automatic PSTN Failover
33
New York
DN Pattern “to DID” rule IP address Protocol
8408XXXX 4:+1408555 10.1.1.1 SIP
8415XXXX 4:+1415777 10.1.1.1 SIP
8949XXXX 4:+1949222 10.1.1.1 SIP
New York SRST Routing Table
San Jose
San Francisco Irvine
SAF-enabledIP Network
PSTN
8408XXXX
8415XXXX 8949XXXX
8212XXXX
10.1.1.110.2.2.2
Call 89491000
New York SRST subscribes to CCD service but does not publish any patterns
During WAN failures, SRST uses learned patterns to transparently re-route calls over the PSTN
CCD – (5) Automatic Re-Routing for SRST
34
London
8442XXXX
10.3.3.3
Chicago
San Jose CUCM Routing Table
Chicago CUBE
Routing Table
San Jose
San Francisco Irvine
SAF-enabledIP Network
PSTN
8408XXXX
8415XXXX 8949XXXX
8312XXXX
10.4.4.410.1.1.1
DN Pattern “to DID” rule IP address Protocol
8408XXXX 4:+1408555 10.1.1.1 SIP
8415XXXX 4:+1415777 10.1.1.1 SIP
8949XXXX 4:+1949222 10.1.1.1 SIP
8442XXXX 4:+442077111 10.3.3.3 H.323DN Pattern “to DID” rule IP address Protocol
8442XXXX 4:+442077111 10.3.3.3 H.323
8312XXXX 4:+1312888 10.4.4.4 SIP
3rd Party
IP PBX
Call 84156789
10.4.4.8CUBE
IP address: 10.4.4.4
Protocol: SIP
DN Patterns:
8312XXXX [4:+1312888]
Static dial peerfor destination
8312XXXX
CCD – (6a) Legacy PBX – CUBE
35
London
8442XXXX
10.3.3.3
Boston
San Jose CUCM Routing Table Boston Gateway Routing Table
San Jose
San Francisco Irvine
SAF-enabledIP Network
PSTN
8408XXXX
8415XXXX 8949XXXX
8617XXX
10.5.5.510.1.1.1
DN Pattern “to DID” rule IP address Protocol
8408XXXX 4:+1408555 10.1.1.1 SIP
8415XXXX 4:+1415777 10.1.1.1 SIP
8949XXXX 4:+1949222 10.1.1.1 SIP
8442XXXX 4:+442077111 10.3.3.3 H.323
DN Pattern “to DID” rule IP address Protocol
8442XXXX 4:+442077111 10.3.3.3 H.323
8617XXXX 4:+1617999 10.5.5.5 SIP
3rd Party
TDM PBX
TDM
Call 84156789
Cisco IOSGateway
Static dial peerfor destination
8617XXXX
CCD – (6b) Legacy PBX – IOS Gateway
36
Call Control Discovery Benefits
Reduce deployment time, realize quicker ROI
– Dial plan configuration complexity all but eliminated
– Allows optimal dial plan to be implemented quickly (on-net numbering plan with automatic PSTN failover)
Reduce ongoing operational costs
– Complexity of adding/removing/changing a site drastically reduced
– CCD automatically advertises changes in the UC network
Improve business continuity
– Increased availability even during partial network failure thanks to dynamic update awareness via SAF Advertisements
– Fast call rerouting during failures
37
SAF Deployment and Configuration
38
CiscoUnified CM
CiscoUnified CM
CUBE
Cisco
IOS GW
CUCMESRST
CCD CCD
SAFForwarder
SAFClient
SAF-unawareRouter
SAF-CP SAF-CP
CCD CCD CCD
Internal API Internal API
SAF Network, Client-Network Interface, SAF Service
SAF TransitiveForwarder
SAFForwarder
SAF TransitiveForwarder
39
1. Enable SAF on Transitive Forwarder for Layer 2 adjacencies
2. Enable SAF on Transitive Forwarder with static neighbor relationships – Non-Adjacent
3. Configuring Route Authentication between SAF Forwarders
4. Configuring Forwarder to support external SAF Clients
5. Enable SAF on Clients (not covered)
SAF Configuration Steps
40
Forwarder_1#config t
Forwarder_1(config)#router eigrp saf
Forwarder_1(config-router)#service-
family ipv4 autonomous-system 1
Forwarder_1(config-router-sf)#sf-
interface default
Forwarder_1(config-router-sf)#sf-
interface Ethernet0/0 (optional)
Step #1 – execute the ‘router eigrp’ command, then use ‘service-family’
Forwarder_2#config t
Forwarder_2(config)#router eigrp saf
Forwarder_2(config-router)#service-
family ipv4 autonomous-system 1
Forwarder_2(config-router-sf)#sf-
interface default
Forwarder_1(config-router-sf)#sf-
interface Ethernet0/0 (optional)
SAF Forwarder 1 SAF Forwarder 2
Enable SAF on Forwarder – Layer 2 Adjacent
Eth0/0 Eth0/1
Forwarder 1 Forwarder 2
L2 Adjacent
41
Forwarder_3#config t
Forwarder_3(config)#interface
Loopback0
Forwarder_3(config-if)#ip address
10.10.0.1 255.255.255.0
Forwarder_3(config)#router eigrp saf
Forwarder_3(config-router)#service-
family ipv4 autonomous-system 1
Forwarder_3(config-router-sf)#
neighbor 10.20.0.1 loopback0 remote 3
Step #2 – execute the ‘router eigrp’ command, ‘service-family’, & ‘neighbor’
Forwarder_4#config t
Forwarder_4(config)#interface
Loopback0
Forwarder_4(config-if)#ip address
10.20.0.1 255.255.255.0
Forwarder_4(config)#router eigrp saf
Forwarder_4(config-router)#service-
family ipv4 autonomous-system 1
Forwarder_4(config-router-sf)#
neighbor 10.10.0.1 loopback0 remote 3
SAF Forwarder 3 SAF Forwarder 4
Enable SAF on Forwarder – Static Neighbor, Non-Adjacent
Loop0
10.10.0.1
Loop0
10.20.0.1
Dark NetForwarder 3 Forwarder 4
Non-Adjacent
42
Forwarder_1#config t
Forwarder_1(config)#router eigrp saf
Forwarder_1(config-router)#service-family ipv4 autonomous-system 1
Forwarder_1(config-router-sf)#sf-interface loopback 0
Forwarder_1(config-router-sf-interface)#authentication key-chain EXAMPLE
Forwarder_1(config-router-sf-interface)#authentication mode md5
Forwarder_1(config-router-sf-interface)#exit-sf-interface
Forwarder_1(config-router-sf)#exit-service-family
Forwarder_1(config-router)#
Forwarder_1(config-router)#exit
Forwarder_1(config)#key chain EXAMPLE
Forwarder_1(config-keychain)#key 0
Forwarder_1(config-keychain-key)#key-string EXAMPLE
Forwarder_1(config-keychain-key)#accept-lifetime 12:00:00 1 JAN 2010 infinite
Forwarder_1(config-keychain-key)#send-lifetime 12:00:00 1 JAN 2010 infinite
Step #3 – execute the ‘authentication key-chain command’
Configuring Route Authentication for SAF
SAF Forwarder 1 MD5 Auth
43
Forwarder_1#config t
Forwarder_1(config)#router eigrp saf
Forwarder_1(config-router)#service-family ipv4 autonomous-system 1
Forwarder_1(config-router-sf)#topology base
Forwarder_1(config-router-topology)#external-client SAF-CLIENT
Forwarder_1(config-router-sf-topology)#exit-sf-topology
Forwarder_1(config-router-sf)#exit-service-family
Forwarder_1(config-router)#exit
Forwarder_1(config)#service-family external-client listen ipv4 5050
Forwarder_1(config-external-client)#external-client SAF-CLIENT basename
Forwarder_1(config-external-client-mode)#username SAF-CLIENT
Forwarder_1(config-external-client-mode)#password SAF-CLIENT_PASSWORD
Step #4 – execute the ‘external client’ & ‘service-family external client’ command
Forwarder Config to Support External SAF Clients
SAF Forwarder 1
Shared
Secret
44
SAF Features and Benefits
45
FEATURES BENEFITS
Provides a framework that allows networking applications to automatically discover networked services within networks
Reduce deployment time, realize
quicker ROI
Allows user to create a configuration
once, and then have it propagate to
all devices that require the
information
Reduce ongoing operational costs
Automated discovery and
advertising of services replaces the
manual entry of complex
configurations
Improve business continuity
Supports Non-SAF nodes SAF Forwarders can communicate over any IP network, SAF does not need to be enabled on every device
SAF Features and Benefits
46
SAF Summary
47
SAF is a generic framework for service discovery
Three main components:
– The Network – propagate service advertisements
– The Client-Network Interface – publish and subscribe to services
– SAF Services – e.g., Call Control Discovery
SAF roles include: SAF Forwarder, SAF Client, SAF Service, SAF Advertisement, and Non-SAF Node
SAF-FP is between Forwarders, SAF-CP is between Forwarder and an external Client
Call Control Discovery enables call agents to exchange dial plans, signaling protocols, and reachability information through SAF
UC CCD Applications Supported by SAF: Advertising DN Ranges, Learning DN Ranges, Dynamic Call Routing, Automatic PSTN Failover, Automatic Rerouting for SRST, Legacy PBX Integration –CUBE and Gateway
Benefits of SAF include: reduced deployment times, reduced ongoing operational costs, and improved business continuity
SAF Summary
48
49
SAF Q and A http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/ps10822/qa_c67-573463.html
SAF Introduction and Resources http://www.cisco.com/en/US/products/ps10822/products_ios_protocol_option_home.html
SAF Whitepaper http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/ps10822/whitepaper_c11-573461.html
SAF Configuration Guide http://www.cisco.com/en/US/docs/ios/saf/configuration/guide/saf_cg_ps10592_TSD_Products_Configuration_Guide_Chapter.html
SAF Resources