MPLS Networks - Citycom Networks Brochure_01.pdf · MPLS Networks A private IP wide area networking service. Vodafone Product Description MPLS IPVPN Vodafone ... The IP-VPN technology

Connecting London. Globally.

MPLS NetworksA private IP wide area networking service

Vodafone Product Description MPLS IPVPN

Vodafone MPLS IPVPN

Page Content 2 1. Introduction

2 2. At a glance

3 3. The service in detail

16 4. Technical Information

18 5. Service Support

in partnership with


1. Introduction This document is intended to describe the Vodafone MPLS IPVPN Service, its standard and optional features, optional network based services, technical information, service and support, together with commercial terms. The service description is intended for technical and non-technical representatives within the customer’s organisation.

2. At a glance The Vodafone MPLS IPVPN service has been specifically developed to meet the requirements of multi-site, small to medium sized enterprises with sites focused within the UK. International sites can be connected, on a case by case basis, using our international coverage.

Vodafone MPLS IPVPN is provided over our Multi-Service Platform (MSP) which is already used by a number of major FTSE100 companies, public sector and secure government organisations. Leveraging the latest DSL and Ethernet access technologies, IPVPN offers UK SMEs a higher speed, private WAN service, scalable to 1Gbps as standard, for a more affordable price.

Our MSP has been built to 99.999% availability within the core and will re-converge in less than 50 milliseconds in event of routing failure. It is fully scalable and accredited to carry secure government traffic as well as being ISO27001 compliant. Provided as a wires only service, or with managed customer site routers, our IPVPN service offers a secure ‘any to any’ or ‘point to multi-point’ converged communications service with quality and reliability service level guarantees.

No matter whether users connect to the IPVPN from fixed locations, or remotely, they will benefit from a seamless, secure and consistently high quality, service experience. It is possible to prioritise traffic across up to 3 different network classes of service. This ensures that real time, or delay/jitter sensitive applications, such as VOIP, Video Conferencing, Citrix and EPOS, are prioritized accordingly to ensure an optimised communications experience even when the network becomes congested.

The service also benefits from extensive Deep Ethernet Access via BT exchanges and Local Loop Unbundled access networks, which allow Vodafone to offer a more affordable, higher speed WAN solution, with assured quality, so giving customers a great opportunity to converge and centralize services and applications, over a single WAN in order to significantly reduce costs. Vodafone also offers a range of integrated service options over IPVPN, benefiting our customer’s businesses and saving money by helping them ‘do more for less’ over a single IPVPN WAN. Integrated service options currently include Network Based Internet Access (with optional Firewall), a Secure Remote User Access service and SIP Trunking to allow customers to create a fully converge network for all their communications needs.


3. The Service in Detail 3.1. Logical Overview

Vodafone MPLS IPVPN is a private IP wide area networking service which is provided over our new Multi-Service Platform (MSP). An IP Virtual Private Network (VPN) is built and configured between customer sites connected to the MSP for each customer. MPLS IPVPN can be ordered as a ‘Managed’ or ‘Wires Only’ service. The Managed service option includes Vodafone managed and maintained customer site routers known as Managed Customer Premises Equipment (MCPE). The Wires Only service does not include MCPE. The IPVPN is typically configured as a ‘multi-point to multi-point’ service. It uses multi-protocol label switching (MPLS), together with DSCP based marking and per-packet scheduling, to manage quality of service (QoS) and protect sensitive data end-to-end. The IP-VPN technology used is broadly described in the architecture framework covered in IETF RFC 4364 (2547bis).

The main service components are: � Network Access - this connects the Customer site to a site on the MSP. Resilience and

Backup (service failover) options are supported. � Service Bandwidth - This is the bandwidth that gives the site access to the MPLS network.

Customers can buy the service bandwidth that they need now and upgrade later. � Class of Service - allowing customers to prioritise delay sensitive voice, data and multi-

media traffic at a site to ensuring an optimum user experience. � Customer Site Routers – sometimes called Managed CPE. Where ordered these will be

installed, configured, managed (remotely for changes where possible) and maintained by Vodafone. When a customer takes our managed routers, Vodafone offer site to site quality of service level guarantees and performance reporting where ordered.

� Optional service features - which can be ordered on a per Customer site basis. � Service options which can be ordered on a per customer network basis. � Monitoring and management of the Service up to the Service Demarcation Point for service

affecting faults as defined in the service schedule. � Fault management support 24/7 every day of the year.

3.2. The Multi Service Platform (MSP) MPLS IPVPN is provided over our latest next generation multi-service network platform (MSP). The MSP forms the strategic data platform for current and future products. Fully scalable to 1Gbps on a per site basis, the MSP is built to scale up to 20Gbps in the core and can be upgraded to 40Gbps+ for low incremental cost in the future. Built to 99.999% availability, the MSP offers guaranteed quality of service for mission critical communications and is ideally suited for customers looking to improve efficiencies by converging communications onto a single WAN. The MSP leverages next generation business and support systems ensuring efficient and accurate order, provide, monitor, assure and billing processes and procedures. The MSP is CTAS 224 accredited and has ISO27001 certification for Information Security Management. Its extensive network coverage gives Vodafone the ability to target new and existing customers with a commercially compelling WAN service. Vodafone can serve over 98% of businesses with best value symmetric and asymmetric bandwidths using our LLU and Ethernet access platforms. Furthermore, we provide secure access for remote users and have connected over 16,000 buildings on our own fibre.


3.3. Network Access Customer Premises can be connected using a variety of Network Access technologies. Dependant on the type of Network Access, a range of throttled port bandwidth options can be supported as detailed below:

3.1.1 Leased Line Access Network Access

Bandwidth

Available Service Bandwidths

Classes of

Service

Interface(s) for Wires Only

Services

2Mbps 512Kbps,1Mbps, 2Mbps 3 X21 / G703

2x2Mbps 4Mbps 3 X21 / G703

*34Mbps 10, 15, 20, 30, 34Mbps 3 G703

*45Mbps 10, 15, 20, 30, 40,45Mbps 3 G703

*155Mbps 100, 155Mbps 3 G957 (STM1o)

* bespoke request only

3.1.2 Ethernet Access over Copper ( EFM)

Network Access Bandwidth

Available Service

Bandwidths

Classes of

Service

Interface(s) for Wires Only Services

2,4,6,8,10,15 or 20 Mbps 2,4,6,8,10,15,20Mbps 3 RJ45

3.1.3Ethernet Access over Fibre

Network Access Bandwidth

Available Service Bandwidths

Classes of

Service

Interface(s) for Wires Only Services

10Mbps 2,4,6,8,10Mbps 3 RJ45

100Mbps 10,15,20,30,40,50,60,70,80,90 100Mbps 3 RJ45

1000Mbps

100,150,200,300,400,500,600,

700,800,900,1000Mbps

3

1000BaseSx (Dual SC)

1000BaseLx (Dual SC)

Notes:

Ethernet Access may be provided with additional Vodafone supplied Ethernet NTE allowing Vodafone to use next generation Ethernet management standards to monitor the connections & better isolate and diagnose faults. This will reduce the available bandwidth on the Network Access by 200Kbps.

In some circumstances, 100Mbps and 1000Mbps Ethernet Access rates may be limited to a maximum of 97Mbps and 997Mbps respectively due to the underlying technology used to deliver the service.

Service Bandwidths are inclusive of all protocol and access network transmission overheads.

The maximum cable distance supported between the LAN interface of the Ethernet NTE & CPE router is 100metres except where 1000BaseLx Interfaces are ordered.


3.1.4 DSL Access

The Network Access can also be provided using either symmetric or asymmetric private DSL technology. Symmetric DSL (SDSL) connections support the same upstream bandwidth into the MSP and downstream bandwidth into the customer site. SDSL is ideal where your customers wish to send large amount of traffic or require assurance of upstream bandwidth - for example for peer to peer services such as VOIP or Video. Asymmetrical DSL (ADSL) supports a greater downstream bandwidth into the customer site.

Symmetric (SDSL) options – these have the same bandwidth both upstream and downstream. They are delivered via our extensive LLU footprint and are un-contended. SDSL connections are provided over a new, dedicated line (Metallic Path Facility) within tariff and the line cannot be shared with an analogue voice service.

Connection Method

Upstream Bandwidth

DownStream Bandwidth

Classes of Service Contention Interface

SDSL 512Kbps 512Kbps 512Kbps 3 1:1 NTE5

SDSL 1Mbps 1Mbps 1Mbps 3 1:1 NTE5

SDSL 2Mbps 2Mbps 2Mbps 3 1:1 NTE5

Asymmetric (ADSL) options – these have high downstream and low upstream bandwidths. ADSL circuits are delivered over a PSTN into the customer site. Customers have the option of nominating an existing PSTN line or ordering a new PSTN service from Vodafone.

Connection Method Upstream Bandwidt

h

Downstream Bandwidth

Classes of Service

Interface

ADSL16 Up to 1Mbps Up to 16Mbps 3 RJ11

ADSL8 Standard Up to 448Kbps Up to 8Mbps 1 RJ11

ADSL8 Premium Up to 884Kbps Up to 8Mbps 1 RJ11


Rate Adaptive ADSL Connections ADSL16 and ADSL8 connections use rate adaptive technologies based on ADSL2+ and ADSL2 standards respectively. Although for example it is possible to achieve up to 16Mbps of downstream bandwidth, and 1Mbps of upstream bandwidth with ADSL16, the actual bandwidth achieved will depend on the length of the copper line and its quality. On request, Vodafone will provide an indication of the expected upstream and downstream bandwidths available at a particular site; however the actual bandwidth supported will be determined upon service provision. Following service provision ADSL16 and ADSL8 connections require a period of up to 10 days to stabilize to their optimum speed.

ADSL 16 Business Elevated All ADSL16 connections are “business elevated” to provide a higher amount of “assured bandwidth” than similar products sold as consumer products. We are able to offer all three classes of service over ADSL16 so allowing these low cost connections to be used to assure the performance of real time or delay sensitive applications such as VOIP, Client/Server-Citrix, IPCCTV or Video Conferencing.

3.4. Access Resilience Dependant on the applications and services at a site, and their importance to your business, customers may request options to improve site availability service levels. Both ‘DSL Backup’ and ‘Dual Access/Dual Parent’ resilience options are available. These come with a higher annual availability SLA as detailed in the Service Schedule. As standard, all access resilience options are deployed in an active/standby configuration. However, the

secondary or backup access connection can be configured in an ‘active’ configuration, so it is available for use during normal conditions, subject to design and where requested prior to order.

3.1.5 DSL Backup

DSL backup uses a lower cost DSL service to maintain connectivity in the event of the Primary access circuit becoming available. Vodafone offers a higher 99.95% availability target with this resilience option. The DSL Backup circuit will usually connect to a different Provider Edge (PE) Router on the MSP platform to the Primary Network Access. Where Vodafone provides MCPE on behalf of the Customer this will be configured to fail-over to the DSL backup upon failure of the primary connection. Where the Customer provides the CPE router, configuration guidelines will be provided upon request.

Primary Circuit

MSP Node DSL Circuit

Customer Premises

With DSL backup, the standard configuration is to have both the Primary and the Backup circuit connected to the same customer router but separate routers can be requested. Where a Managed Customer wishes the DSL backup circuit to have its own router, the second router should be ordered and a connection between the two routers for failover requested with the order. Wires Only Customers should state at the time of order that separate routers will be provided by the Customer.

The DSL Backup options supported are detailed in the table below:


Primary Network Access DSL Backup Options

2Mbps to 100Mbps including SDSL* ADSL8, ADSL16

ADSL16 ADSL8

* Any combination of access technologies where the primary access circuit passes through the same unbundled BT exchange equipment as the backup will not be allowed.

3.1.6 Dual Access, Dual POP

Vodafone offers a 99.99% availability target with this resilience option. A site is connected with both a Primary and a Secondary Network Access with each circuit going to separate MSP PE routers which are normally in different MSP Nodes. Where Vodafone provides the MCPE (routers) as part of a Managed Service, these will be connected together at the customer site using a local ‘heartbeat’ connection. Our standard option is for traffic to be configured to fail over to the Secondary Network Access circuit should the Primary Network Access circuit become unavailable. However, it is also possible to use both Network Access circuits at the same time, in a load balanced configuration. Vodafone will use reasonable endeavours to provide assured diversity (at a cable and also duct level where possible) between the Primary and Secondary access. At the customer site, a common building entrance point will be used as standard. Vodafone will consider requests for enhanced resilience on a bespoke basis.

Primary Circuit

MSP Nodes

Secondary Circuit

Customer Premises

With Dual Access, Dual PoP, the Primary and the Secondary circuits are normally connected to different MSP Nodes and to different routers at the customer site.

Primary and Secondary Network Access may use different access technologies. The Secondary Access bandwidth must not exceed that of the Primary. Options supported are detailed in the table below:


Primary Network Access Secondary Network Access Options

2Mbps to 1000Mbps*

2Mbps to 1000Mbps*

* PRIMARY AND SECONDARY ACCESS CIRCUITS MUST BE ROUTED THROUGH DIFFERENT BT EXCHANGES.

3.5 Network Class of Service

Our MPLS IPVPN service uses IP Quality of Service (QoS) to prioritise different types of traffic, ensuring that business critical and/or real time applications perform effectively should a customer’s IPVPN network become congested. Customers are able to assign IP packets, as a percentage of their port bandwidth at a site, across three Classes of Service (CoS) in accordance with defined profiles as detailed later in this section. With the Managed service, where Vodafone provides the MCPE, each CoS has its own contractual SLA which applies between sites, as detailed in the Service Schedule, for latency, jitter and packet loss guaranteed by a service credit scheme. With the Wires Only service, the Service Schedule outlines service

Class of Service Description Typical Applications Application Characteristics

Premium

The highest level CoS,

prioritized over all other traffic

Voice, video conferencing

Real time, business critical,

designed for voice.

Enhanced

The mid-level

CoS. More important than

Standard

Enterprise apps (Citrix, Oracle,

SAP) Financial

transactions Streamed video

Important, interactive, less sensitive to jitter but still delay sensitive

Standard

The lowest level

CoS

E-mail, web browsing, FTP & HTTP downloads

Not real time or interactive Not sensitive to delay/jitter

level targets for latency, jitter and packet loss which apply between MSP Provider Edge (PE) routers.

The table below illustrates the different Classes of Service (CoS) and example usage:


The number of Classes of Service available at each customer site depends on the site location and network access technology. The table below provides further information:

Network Access Number of Classes Supported

Leased Line

3

Ethernet

3

SDSL (LLU)

3

ADSL16 (LLU)

3

ADSL8 (Standard or Premium)

1

Customers are able to order a range of pre-configured CoS profiles as detailed below:

Class of Service profiles available with Ethernet, Leased Lines & SDSL Access (%)

Profile No 1 2 3 4 5 6 7 8 9 10 11 12

Premium 0 0 0 0 0 20 20 20 50 40 50 70

Enhanced 0 30 50 60 80 0 30 60 0 60 50 20

Standard 100 70 50 40 20 80 50 20 50 0 0 10

The amounts shown represent a percentage of the IPVPN service bandwidth purchased for the site.


Class of Service Profiles with ADSL 8 Access

Only COS Profile 1 (all Standard CoS) is available with ADSL8 based connections

Class of Service Profiles with ADSL 16 Access

COS Profile Downstream class bandwidth (kbps) Upstream class bandwidth (kbps)

Premium Enhanced Premium Enhanced

COS Profile 10 140 0 140 0

COS Profile 20 0 210 0 250

COS Profile 30 220 0 220 0

COS Profile 40 140 210 140 250

COS Profile 50 220 210 220 60

COS Profile 60 440 0 440 0

COS Profile 70 140 440 140 250

COS Profile 80 220 440 220 250

Note that ADSL16 can also be ordered with 100% Standard Class of Service

General Notes:

� Typically 1% (or 16Kbps whichever is larger) of bandwidth at a site is reserved for Vodafone management. However, whilst idle this bandwidth will be dynamically reallocated for the customer to use.

� Where only 1 class of service is supported on the access circuit this will be provided as Standard as default.

� With the exception of ADSL16, If traffic at a site exceeds the contracted bandwidth allocated to a Class of Service, then Standard and Enhanced traffic are able to burst up into bandwidth allocated to other Classes of Service where it is available, otherwise traffic will be dropped. Premium traffic will be dropped where the sufficient Premium CoS bandwidth is not available. This is described in the table below:

The consequences if traffic exceeds its bandwidth allocation

Premium CoS

Packets will be dropped. They will not be queued because premium traffic, by its nature, needs to be transmitted in real time. It is therefore important to have your real-time traffic needs accurately assessed and adequate bandwidth assigned — it must not exceed its allocation.

Enhanced CoS

Traffic will burst into Standard and Premium bandwidth if it is available. If there is no available bandwidth, packets will be dropped using granular congestion avoidance.

Standard CoS Traffic will burst into Enhanced and Premium bandwidth if it is available. If there is no

available bandwidth, packets will be dropped using congestion avoidance.


Traffic in each CoS is within contract as long as it does not exceed the specified bandwidth for that class. As long as traffic is within contract, the service levels for that CoS apply. If traffic exceeds the bandwidth allocated to it, these service levels cannot be guaranteed.

ADSL16 specific notes:

Where Customer Sites are connected with asymmetric bandwidths using ADSL 16 and the traffic exceeds the bandwidth limit set out in the CoS Allocation the following provisions shall apply:

� for Premium and Enhanced CoS, packets in excess of the relevant bandwidth limit will be dropped; and � for Standard CoS, traffic will use any available bandwidth in other CoS levels. Packets will be dropped

if the total available bandwidth is exceeded or in the event of a fault on the Backbone causing congestion. .

Where Premium CoS is ordered on ADSL16, our testing implies that the following concurrent VOIP calls should be supportable:

TESTED VOIP CALLS

G729 (20m s)

G711 (20m s)

260K 8 3

450K 16 5

3.6. Managed Customer Premises Equipment (MCPE)

Where IPVPN is ordered as a Managed Service, Vodafone responsibilities extend to a Managed Customer Site router. We will install and configure the router in accordance with your order. We will manage and maintain the router in life as follows:

� Undertake service change requests, including soft and minor changes which will be remotely configured, for example changes to routing, IP addressing, class of service or throttled port bandwidths.

� Proactive monitoring for critical hard down, unavailability, alarms.

� Provide 24/7 fault management, including remote fault diagnosis and fault resolution where possible, and on-site repair or replacement of the Managed Router hardware or software, if necessary, to resolve faults.

Where the Managed IPVPN service is ordered we offer site to site quality of service level guarantees between pairs of managed customer site routers. When ordered, our Performance Reporting provides visibility of router availability, utilization and performance. Where ordered Reporting can also be configured to include quality of service performance reports between each customer site router and nominated parent (or peer) routers.


3.7. Optional Service Features 3.7.1 Network Performance Reporting

Network Performance Reporting can currently be only ordered with Managed IPVPN services where Vodafone provides the Managed CPE (MCPE). A version of Reporting for non-managed customers is being prepared and is expected to be available by summer 2013. The reports are accessed via a portal and can be used to monitor historical performance, consider trends and events, or to review performance at a point in time. The main benefits are summarized below:

Network performance monitoring — provides reports which show the performance of the customer’s IPVPN

network, enabling performance to be monitored in order to optimise routing and CoS allocation, and to check the effect of changing traffic patterns on the customer’s network.

Capacity planning — historical trend information helps customers to plan network upgrades.


Available Reports

The different types of report, which are available as standard, are summarized below:

Report

Summary

ADSL 16

ADSL 8

1M to 1G Symmetri

c Bandwidt

h

Service Inventory Sites, access circuits and managed routers Y Y Y

Core Network Reports

Round trip delay, packet loss & jitter performance between

select MSP Routers

This report is not site/service specific

Traffic & Connectivity

Utilisation & availability

Y

Y

Y

Class of Service* Per CoS utilization and discards N^ N Y

CE to CE Reporting

Round trip delay, jitter & packet loss between

nominated sites

N

N

Y

Exceptions

Critical fault alarms

Y

Y

Y

*Where multiple classes of service are purchased ^ in development. For full details please ask for a copy of the network Performance reporting user guide.

Single Customer Login

Customers with one or multiple products, whose reports are accessed through our MyStats (Infovista 4) portal, can view the reports for these products under a single login (Single User Login) to our reporting portal URL: MYSTATS4.CW.COM.

We will provide up to 3 logins per IPVPN network.

At the top right of the front page, your customers can select the Product against which they want to view reports. The products are grouped by category; IPVPN is shown under the WAN category.

Multi Customer Login

Partners can gain access their customer’s performance reports via our Partner Portal. It is possible for you to request access to all your end customer’s MyStats reports using the same login (Multi-User Login).


3.7.2 Multi-VPN

The Multiple VPN (Multi-VPN) feature allows customers to run separate IPVPN networks over a common Network Access into a Customer Site. Multi-VPN is often used for security reasons in order to restrict access to the main corporate VPN. Typical uses are summarized below:

� Used in connection with the Optional Network Based Internet Access service, providing sites with access to the internet over a separate VPN to the corporate network.

� Used to create a separate VPN connecting some or all of a customer’s sites to a third party application or facility. For example, Vodafone Wholesale Customers may make available a range of network hosted services to their IPVPN customers.

� In order to separate branch networks from the network running between the main corporate head offices and/or data centres.

Multi-VPN is supported where the Network Access is an Ethernet or single Leased Line connection but is not supported when the Network Access is provided using DSL or multiple 2Mbps Leased Lines. It is however possible to connect a site connected via DSL or nx2Mb to any of the individual VPNs.

3.7.3 Network Based Internet Access (NBIA) Network Based Internet Access (NBIA) provides an internet gateway facility on the MSP network which can be used to provide the users at any site on the customer’s IPVPN network with access to the public Internet. This removes the need for customer’s to purchase Dedicated Internet Access Services into one or several sites on their network. The MSP network is diversely connected to our Global IP Backbone, so it provides a fast, business quality, resilient and reliable Internet service. NBIA is available at the following bandwidths:2,4,6,8,10,15,20,25,30,35,40,45,50,55,60,64Mbps. Higher bandwidths may be possible on a per customer basis.

NBIA can be considered at “pool” that can be used by all of the sites on a customer’s VPN, so if a customer takes 10Mb of NBIA the combined demand from all that customer’s sites for Internet Access should not exceed this figure. Customer’s taking Network Based Internet Access should ensure that each VPN site has sufficient service bandwidth to handle their normal data traffic and the Internet traffic at each site. For Internet Access, service bandwidth with Standard Class of Service is recommended.

Customers buying NBIA are also able to use the Mail Relay service, which allows the outbound relay of emails to the Internet, and our Caching DNS service, which will enable them to make DNS queries.

A range of additional features can be ordered with NBIA to offer improved resilience, security and service:

� VRF-Lite (performs a similar function to Multi-VPN) – when ordered with NBIA this allows you to separate Internet access from the corporate VPN.

� Resilient Gateways - NBIA will be configured from two gateways for all applicable sites across your IPVPN QoS network. The internet bandwidth must be the same at each gateway.

� Network Based Firewall - NBIA must be ordered with a Network Based Firewalls (NBF) facility unless your customer has her own firewall. Where ordered, you should complete the NBIA questionnaire provided, and submit this with your order. NBF implements stateful packet filtering technology, ensuring that all packets routed through the firewall belong to traffic flows that have been allowed by the firewall’s security


policy. Stateful packet filtering facilitates IP layer security whilst not impacting throughput. Additionally, the firewall can be configured to allow access to only limited TCP ports on the server – such as port 25 for SMTP email, ensuring that the server can only be connected to the absolute minimum required ports providing the specified service. For outbound access, NBF can be configured to restrict use of applications – both in terms of the type of application and also in terms of the address ranges allowed to use the application; this enables you to restrict the use of Internet applications to align with company IT or security policy. Where Multi-VPN is used, NBF can complement the configuration, providing basic border security services. Firewall rules may be configured based on any combination of the following: Source IP address (or address range) Destination IP address (or address range), Transport protocol (UDP/TCP etc), Application type (by destination port and transport protocol). All traffic matching a rule may be permitted or dropped, as specified by the rule.

� Separately, you may provide your own dedicated firewall. Where dedicated firewalls are deployed, then the VRF-Lite feature may be used to route all Internet traffic through the site hosting the firewall.

� Domain Name Services: our Domain Name Service (DNS) provides a registration, transfer and hosting service for one or more business, or government, domains. Our DNS Hosting is a high availability domain name hosting service, ensuring that your domain names are visible at all times. DNS provides a “directory enquiries” type function for the Internet, mapping the names of Internet computers (such as www.Vodafone.co.uk) to individual IP addresses. Each name hosted may have an unlimited number of associated computers (and sub-domains) listed as Address (A) records. We also will also facilitate multiple Mail eXchanger (MX) records for the delivery of email. Using mail exchange (MX) records in conjunction with corresponding mail systems, our DNS can also be used to send and receive e-mail. Your customers are able to specify preference levels, and we will list the primary and secondary Domain Name Server (DNS) as appropriate. Mail relay is available providing a default point for outbound mails for your e-mail servers.

� IP Addresses: we are able to assign public IP addresses provided that the required IP addresses are acceptable to RIPE or the applicable governing body. Unless Provider Independent IP addresses &/or Autonomous System Numbers are ordered and assigned, any IP address assigned by Vodafone as part of the Service will be non-portable and non-transferable. The assignment terminates immediately upon us ceasing to provide the Service associated with that address.

3.7.4 Secure Remote User Access Secure Remote User Access (SRUA) allows remote users connected to the Internet to connect securely to their company’s IPVPN network using IPSec encryption. The service is based on Cisco VPN soft client and comes with Managed Authentication. We will provide the Cisco VPN client for download and only versions of the Cisco VPN client provided by us must be used. Whilst SRUA does not offer “end-to-end encryption” – IPSec is terminated on a network based PE, Multi-VPN can be used to ensure end-to-end security of the service to a specific customer site.

The following options are available: � Regular authentication – username/password authentication is used with customers and

tokens/PINs are required for administrators. � Strong authentication – each user requires a secure token and PIN authentication.

SRUA is used in conjunction with the customer’s wireless, broadband (fixed/wireless or mobile access), 3G (mobile 3G) or dialup access to the Internet. If we are not the provider of these services, then it is the responsibility of the customer to work with their access provider to resolve any faults or service issues with the customer's access to the Internet.


4. Technical Information

MPLS IPVPN is based on an MPLS core, transporting IP traffic. The transmission technology in this network core is synchronous digital hierarchy (SDH) or wave division multiplexing (WDM).It uses multi-protocol label switching (MPLS) together with DSCP based marking and per-packet scheduling to manage quality of service (QoS) and protect sensitive data end-to-end. The IP-VPN technology used is broadly described in the architecture framework covered in IETF RFC 4364 (2547bis).

4.1. IP Routing

BGP and static IP routing options are supported between the MSP PE Router and the customer site router where the network access is an Ethernet circuit or a Leased Line. The maximum number of BGP routes per site is 500 as standard but additional routes may be supported upon application. Where DSL Network Access is used, only static IP routing is supported as standard but it may be possible to support BGP routing in some cases – this on application.

4.2. MTU

As standard, the maximum IP packet size is 1500 bytes. 4.3. Class of Service Mapping

Different EF and AF DSCP code points are used in order to support the three Classes of Service as detailed in the table below:


Standard Class (Assured Forwarding)

Enhanced Class (Assured Forwarding) Drop Precedence

Low AF11 AF31 001010 (10) 011010 (26)

Medium AF12 AF32 001100 (12) 011100 (28)

High AF13 AF33 001110 (14) 011110 (30)

Premium Class (Expedited

Forwarding) EF

101110 (46)

Notes:

� Each AF class has three drop precedence’s (low, medium, and high). At the onset of congestion, it is the drop precedence that determines the importance of the packet within the class (drop high before medium before low).

� The Enhanced class classifies customer traffic marked with DSCP AF31,32,33 by default however if there is a technical requirement to classify either the AF21, 22, 23 or AF41, 42, 43 Assured Forwarding markings please detail this within the Order form. This information can be detailed in the area where the order details how the traffic can be identified that needs to be marked as Enhanced. This will also need to be detailed if the customer site router equipment is to be supplied by other than Vodafone.

� With symmetric bandwidth access circuits, if traffic at a site exceeds the contracted bandwidth allocation to a

CoS, then standard and enhanced traffic are able to burst up into bandwidth allocated to other CoS where it is available, otherwise traffic will be dropped. Premium traffic will be dropped where the contracted premium CoS bandwidth is not available.

� With ADSL16 access circuits, out of contract enhanced and premium traffic will be dropped

� If Vodafone does not provide and manage the customer site router equipment then the customer is responsible

for configuring the equipment in accordance with the relevant codes, failure to do so will prevent the CoS profile from working and we shall have no liability in respect of such a failure.

Where Vodafone does not provide and manage the customer site routers, the customer is responsible for CoS implementation as follows:

� We will configure the MSP to accept the CoS as ordered by the customer, but will not guarantee CoS availability or functionality.

� The customer will configure and deploy CoS on the appropriate CPE, to match the CoS allocation or profile ordered.

� We will not be obliged to provide CPE support for implementation or utilization of CoS in response to a customer request; Vodafone may make a reasonable charge for any such support provided.

� The customer will not change its CoS allocation or profile without our written agreement.

4.4 Ethernet first mile (EDM) access technology


Access circuits of 2-20Mbps may be provided over bonded copper pairs using EFM technology. EFM is inherently resilience, in that all the copper pairs are required to fail, in order for service to be lost and back up or resilient access circuits to be used. EFM supports all IPVPN service features. Where sites are provided with Dual Access, or Single Access and ADSL backup (only ADSL16 or ADSL8 is supported), then if the primary access circuit is provided using copper EFM technology, the secondary access circuit or ADSL backup will only become operational should the full access bandwidth capacity become unavailable. The customer is required to use BGP routing to ensure that traffic fails over onto the DSL backup or secondary circuit. As EFM uses copper technology we will not be liable for any degradation of performance, or fault to, the access circuit that occurs as a result of, or in connection with, technical limitations beyond our control.

4.5 Wires only IPCPN router configuration Where you order a ‘wires only’ IPVPN service, please request a copy of our guide to customer site router configuration. This guide also provides access to a recommended firmware upgrade which is to be used with ADSL access circuits which are to be connected to Cisco CPE that is using the ST Micro (STM1) chip set.

5. Service Support All MPLS IPVPN customers benefit from 24/7, year round, fault management support.

The MSP, its access network platforms and Network Access components are monitored for critical events, using industry leading systems which often mean we have identified and reacted to a service affecting fault ahead of the customer calling our Customer Management Centre. If a customer orders our managed service, they also benefit from end to end, router to router, management which can save them operating costs from not having to maintain a dedicated resource to manage their own routers.

For further details please see the associated Service Schedule document for the MPLS IPVPN product.

© (Month Year). Vodafone Limited. Vodafone and the Vodafone logo are trademarks of the Vodafone Group. Other product and company names mentioned herein may be the trademarks of their respective owners. The information contained in this publication is correct at the time of going to print. Such information may be subject to change and services may be modified, supplemented or withdrawn by Vodafone without prior notice. All services are subject to terms and conditions, copies of which may be obtained upon request.

Vodafone Limited. Vodafone House, The Connection, Newbury, Berkshire RG14 2FN

Registered in England No. 1471587

Connecting London. Globally.

Citycom Technologies Ltd

70 St. Mary AxeLondon EC3A 8BETel: 020 7870 4841Email: [email protected]

Documents

MPLS Networks - Citycom Networks Brochure_01.pdf · MPLS Networks A private IP wide area networking service. Vodafone Product Description MPLS IPVPN Vodafone ... The IP-VPN technology