Broadband Connectivity Services (BBCS) An Engineering Perspective

Slides:

Advertisements

Similar presentations

Identifying MPLS Applications

Advertisements

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Introducing the MPLS VPN Routing Model.

Core Wholesale EVC Option I Service Edge router connects via E-Tree service with e.g. 20 ATM DSLAMs located in offices  Rooted-mp EVC starts in router.

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)

Layer 2 Tunneling Protocol (L2TP)

IPv6 over xDSL: The DIODOS Proposal Athanassios Liakopoulos Greek Research & Technology Network International IPv6 Workshop, Kopaonik,

Multimedia over DSL By Phil Moy. May 14, Agenda n DSL Forum Working Text 80 - Multiservice Architecture & Framework Requirements n DSL Forum Working.

DSL Access Architectures and Protocols. xDSL Architecture.

WAN Technologies Dial-up modem connections Cheap Slow

IST 201 Chapter 5. LAN Technologies Ethernet – most widely used technology in LANS In 1970, developed and implemented by: Digital Intel Xerox IEEE

Virtual Private Networks (VPN)

WASHINGTON SCHOOL PROJECT WAN DESIGN PROPOSAL This is a sample project completed by previous students. You may look at this, but in NO way copy or use.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 2: Teleworker Connectivity.

Computers © 2005 Prentice-Hall, Inc.Slide 1. Computers Chapter 6 Networks and Networking © 2005 Prentice-Hall, Inc.Slide 2.

1 © 2004, Cisco Systems, Inc. All rights reserved. WAN Technologies Based on CCNA 4 v3.1 Slides Compiled & modified by C. Pham.

MJ02/07041 Session 02 Network Components Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used for Network Management.

VPN – Virtual Private Networking. VPN A Virtual Private Network (VPN) connects the components of one network over another network. VPNs accomplish this.

TDC 461: Wide Area Network Services DePaul University 22 May, 2001.

MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—7-1 Integrating Internet Access with MPLS VPNs Implementing Internet Access as a Separate VPN.

© 2009 Cisco Systems, Inc. All rights reserved.ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Planning the Enterprise-to-ISP Connection.

Company Confidential Breakthrough Solutions for Friction-Free Networking Introducing.

1 L2TP OVERVIEW 18-May Agenda VPN Tunneling PPTP L2F LT2P.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—2-1 Implementing an EIGRP-Based Solution Configuring and Verifying EIGRP for the Enterprise.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

InterVLAN Routing Design and Implementation. What Routers Do Intelligent, dynamic routing protocols for packet transport Packet filtering capabilities.

Technological and financial aspects of URAN project Dr. Vladimir Galagan Head deputy of URAN Technical Commitee.

WAN Technologies Dial-up modem connections

It’s About Time. Providing Integrated Services Over Copper & Cable February, 2001.

Modems Mostly used to connect PCs to the Internet Modulates and demodulates the signal Converts analog data into digital and vice versa V.90/V.92 56K standards.

Intro. to Networks This lecture will consist Internet and Ethernet short history Layer model (ISO and IP) Routing and routers Linux routing table PPP short.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

BROADBAND TECHNOLOGIES & SERVICES Broadband Technologies -Core Network

Internetworking and ATM Lecture 8, April 30, 2003 Data Communications and Networks Mr. Greg Vogl Uganda Martyrs University.

Technical Refresher Session 3. Overview Difference between communication between devices on a single logical network and communication between different.

BT IPStream Products James Appleton 01/09/ BT IPStream Portfolio IP switch Content Provider Corporate High speed IP infrastructure with DSL access.

VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.

Communication Networks Fourth Meeting. Types of Networks  What is a circuit network?  Two people are connected and allocated them their own physical.

Chapter 8: Virtual LAN (VLAN)

Cisco 3 - LAN Perrine. J Page 110/20/2015 Chapter 8 VLAN VLAN: is a logical grouping grouped by: function department application VLAN configuration is.

Bezeq Service Implementations with RAD Products

Introduction to Information Systems Lecture 06 Telecommunications and Networks Business Value of Networks Jaeki Song.

1 Chapter 3: Multiprotocol Network Design Designs That Include Multiple Protocols IPX Design Concepts AppleTalk Design Concepts SNA Design Concepts.

Virtual Private Network Benefits Classification Tunneling technique, PPTP, L2TP, IPSec Encryption Technology Key Management Technology Authentication Settings.

Networks and Protocols CE Week 7b. Routing an Overview.

1 Directions in IPv6 Implementations Patrick Grossetete Cisco IOS IPv6 Product Manager Patrick Grossetete Cisco IOS IPv6 Product Manager.

L2TP Chapter 7. Motivation Sometimes we want to tunnel one protocol over another protocol –Maybe the network does not understand how to forward that protocol.

5: DataLink Layer5-1 Link Layer r 5.1 Introduction and services r 5.2 Error detection and correction r 5.3Multiple access protocols r 5.4 Link-Layer Addressing.

PE3PE2 CE2-VPNACE1-VPNA MPLS/VPN Backbone MPLS VPN Lab Setup.

Networking Devices.

NT1210 Introduction to Networking

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—6-1 Scaling Service Provider Networks Scaling IGP and BGP in Service Provider Networks.

Building Corporate Data Networks – A Case Study

Remote Access and Long-Distance Communications. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Typical Telephone.

NT1210 Introduction to Networking Unit 7: Chapter 7, Wide Area Networks.

NT1210 Introduction to Networking

Jonathan Brewer Technical Director Araneo Wireless Solutions Layer 3 Tunnels for Broadband Delivery.

MPLS Virtual Private Networks (VPNs)

Using MPLS/VPN for Policy Routing

Examining Network Protocols

IS3120 Network Communications Infrastructure

Broadband Components Customer Premises Equipment(CPE)

X.25 and Frame Relay Like ATM: wide area network technologies

PPPoE Internet Point to Point Protocol over Ethernet

MPLS - How does it work ?.

Cisco networking CNET-448

Experiences with Implementing MPLS/VPN Services

Topic 12: Virtual Private Networks

Presentation transcript:

Broadband Connectivity Services (BBCS) An Engineering Perspective Rasti Slosiar, Swisscom-Fixnet AG Head of IP Service Integration

Agenda BBCS - Service Overview Solution Architecture Protocol Stack IPSS - Swisscom’s MPLS/VPN Network VPN Architecture for BBCS Samples

Agenda BBCS - Service Overview Solution Architecture Protocol Stack IPSS - Swisscom’s MPLS/VPN Network VPN Architecture for BBCS Samples

BBCS - Service Overview

BBCS - Service Overview Speeds & Customer relationships Today: 64 kbps up 256 kbps down 128 kbps up, 512 kbps down Tomorrow (01.11.2001 pilot phase 1.5 months) 256 kbps up, 1.024 Mbps down 352 kbps up, 2.048 Mbps down ISP owns end-customer: ISP sales channel ISP to provide starter kit ISP to provide customer care Swisscom owns ISP customer (wholesale model)

BBCS - Service Overview User Perspective based on PPP Service Selection ISP X AAA (optional) Corporation Layer 2 Service Selection involves using a PPP client. This client can be integrated into the Microsoft dial-up networking client so that it appears as a familiar application to dial-up networking users. The user types in a username@servicename and a password and hits OK. This initiates the PPP session from the client which is examined at Network Access Server. The servicename is used to index into a profile which contains the information about what to do with the PPP session. Options may include forwarding the PPP session via a L2F or L2TP tunnel, or terminating the PPP session and using proxy Radius authentication for the user. If the user is successfully authenticated, the destination network assigns an IP address for that user. When the user wants to select another service, the PPP session must be torn down and re-initiated to the new destination. In some service provider architectures it is not desirable to tear down the session before selecting another. Tunnel PPP Client ISP Y SSG Extranet Cisco 6400 PPP

BBCS - Service Overview ISP Perspective - L2TP Tunnel Selection L2TP tunnel is built based on structured username, PPP session “user@isp-a.ch” is multiplexed into L2TP tunnel towards LNS ISP-A.ch ISP-B.ch IPSS LNS ISP-A.ch LNS LAC L2TP tunnel PPP session

BBCS - Service Overview ISP Perspective - Session Balancing (Rel BBCS - Service Overview ISP Perspective - Session Balancing (Rel. 3 Basic) Max 1 domain Max 8 LNSes 1 set of rules nationwide (I)SP A Area LU ZH LNS 1 LAC - LU Prio 1 „oneDomain.ch“ Area ZH LNS 2 STE1 Prio 1 „oneDomain.ch“ Area TI session balancing POP - ZH IP - Network POP - BE (I)SP A BE LNS 3 Prio 1 „oneDomain.ch“ Area GE LNS 4 Area BE STE2 Prio 1 „oneDomain.ch“ End-Customer to backbone route LNS 5 Backbone to ISP session balancing Prio 1 „oneDomain.ch“

BBCS - Service Overview ISP Perspective - Session Balancing (Rel BBCS - Service Overview ISP Perspective - Session Balancing (Rel. 3 Premium) Max 3 domains Max 2 priorities/domain Max 8 LNS/domain 1 set of rules nationwide (I)SP A Area LU ZH LNS 1 LAC - LU Prio 1 „cheap.ch“ Area ZH 20 MBit LNS 2 STE1 Prio 1 „cheap.ch“ Prio 2 „expensive.ch“ Area TI session balancing POP - ZH IP - Network POP - BE 100 MBit (I)SP A BE LNS 3 Primary route Prio 1 „expensive.ch“ Area GE Secondary route LNS 4 Area BE STE2 Prio 1 „expensive.ch“ End-Customer to backbone route LNS 5 Backbone to ISP session balancing Prio 1 „expensive.ch“

Agenda BBCS - Service Overview Solution Architecture Protocol Stack IPSS - Swisscom’s MPLS/VPN Network VPN Architecture for BBCS Samples

Solution Architecture Topology Overview Layer 3 solution! (no E2E ATM PVCs)

Solution Architecture Cisco 6400 Node switch processor (NSP) 5 Gbps ATM switch and system processor 32K VCCs Node route processor (NRP) 7200 NPE-200 class router 155 Mbps backplane connector NRP2 Dual 7200 NPE-300 class router 622 Mbps backplane connector Node line card (NLC) STM-1, DS-3, and STM-4 ATM NSP A PEM A PEM B Air Exhaust (Rear) Air Intake (Front) NSP B NLC NRP

Agenda BBCS - Service Overview Solution Architecture Protocol Stack IPSS - Swisscom’s MPLS/VPN Network VPN Architecture for BBCS Samples

Protocol Stack Layered End-to-End Connectivity

Protocol Stack Traffic Carried Swisscom-Fixnet carries: PPPoX traffic in the access L2TP Traffic in the edge and core Swisscom-Fixnet IP Connectivity for BBCS: No IP connectivity in Access (PPPoX frames bridged in modem), only “PPPoE” connectivity to select domain IP Connectivity between LAC NRP Loopbacks and LNS Loopbacks from each ISP (L2TP tunnel endpoints) Used to establish L2TP tunnel, no other visibility PC to ISP connectivity via IP within PPP

Protocol Stack PPP Negotiation and Tunnel Establishment LAC LNS

Agenda BBCS - Service Overview Solution Architecture Protocol Stack IPSS - Swisscom’s MPLS/VPN Network VPN Architecture for BBCS Samples

IPSS - Swisscom’s MPLS/VPN Network Network Areas Core Edge Access Core Node Edge Node Access Node CPE After having explained the VPN principle, we are going to look a bit more into the network implementation. IPSS distinguishes 3 areas. The core area, the edge area and the access area. Each area has its own node types. Out of the access area is the customer premises with the CPE, the customer premises equipment. Now we are going to characterise the three areas.

IPSS - Swisscom’s MPLS/VPN Network Facts Cisco based edge and core Edge implements Multiprotocol BGP (VPN “Intelligence”) Alcatel based DSLAM Some numbers: 35 edge and core locations Currently STM-16 2.4 Gbit/s core trunks 900 DSLAMs Services supported by IPSS BBCS LAN Interconnect Corporate Network etc.

Agenda BBCS - Service Overview Solution Architecture Protocol Stack IPSS - Swisscom’s MPLS/VPN Network VPN Architecture for BBCS Samples

VPN Design Route colouring for Hub-and-Spoke VPN Connectivity

Agenda BBCS - Service Overview Solution Architecture Protocol Stack IPSS - Swisscom’s MPLS/VPN Network VPN Architecture for BBCS Samples

Samples Routing Table at Hub CE (NRP) ipc-zhb790-r-lc-01>show ip route ... Gateway of last resort is not set 138.187.0.0/16 is variably subnetted, x subnets, 2 masks B 138.187.22.33/32 [20/0] via 172.16.1.2, 14:32:34 B 138.187.22.42/32 [20/0] via 172.16.1.2, 14:32:34 B 138.187.22.41/32 [20/0] via 172.16.1.2, 14:32:34 B 138.187.22.49/32 [20/0] via 172.16.1.2, 14:32:34 B 138.187.22.57/32 [20/0] via 172.16.1.2, 14:32:34 B 138.187.22.3/32 [20/0] via 172.16.1.2, 14:33:02 B 138.187.22.2/32 [20/0] via 172.16.1.2, 14:33:02 … 216.125.11.0/32 is subnetted, 2 subnets B 216.125.11.244 [20/0] via 172.16.1.2, 14:35:44 B 216.125.11.245 [20/0] via 172.16.1.2, 14:35:44 202.243.130.0/32 is subnetted, 1 subnets B 202.243.130.120 [20/0] via 172.16.1.2, 14:35:44 205.104.103.0/32 is subnetted, 1 subnets B 205.104.103.2 [20/0] via 172.16.1.2, 14:35:44 202.190.192.0/32 is subnetted, 1 subnets B 202.190.192.131 [20/0] via 172.16.1.2, 14:35:44 207.21.32.0/32 is subnetted, 1 subnets B 207.21.32.113 [20/0] via 172.16.1.2, 14:35:44 NRPs (Hubs) LNS Loopbacks (Spokes)

Samples Routing Table at Spoke CE (connects to ISP LNS) ip-efg-ch-abc-r-01>show ip route ... Gateway of last resort is not set 205.104.100.0/30 is subnetted, 1 subnets C 205.104.100.60 is directly connected, FastEthernet1/0 138.187.0.0/16 is variably subnetted, x subnets, 2 masks B 138.187.22.33/32 [20/0] via 172.16.19.2, 14:47:49 B 138.187.22.42/32 [20/0] via 172.16.19.2, 14:53:38 B 138.187.22.41/32 [20/0] via 172.16.19.2, 14:53:39 B 138.187.22.49/32 [20/0] via 172.16.19.2, 15:12:11 B 138.187.22.57/32 [20/0] via 172.16.19.2, 15:03:07 B 138.187.22.3/32 [20/0] via 172.16.19.2, 14:41:52 B 138.187.22.2/32 [20/0] via 172.16.19.2, 14:41:52 … 205.104.103.0/32 is subnetted, 1 subnets S 205.104.103.2 [1/0] via 205.104.100.61 Interface to LNS NRPs (Hubs) ONLY ROUTES! Static Route to LNS