Netmanias.2009.01.09-Backhaul Network Design (en)

About NMC Consulting Group NMC Consulting Group is an advanced and professional network consulting company, specializing in IP network areas (e.g., FTTH, Metro Ethernet and IP/MPLS), service areas (e.g., IPTV, IMS and CDN), and wireless network areas (e.g., Mobile WiMAX, LTE and Wi-Fi) since 2002. Copyright © 2002-2013 NMC Consulting Group. All rights reserved.

www.nmcgroups.com

Netmanias Technical Document: Backhaul Network Design for TPS & VPN Service

Backhaul Network Design for TPS & VPN Service

January 9, 2009

NMC Consulting Group ([email protected])

www.netmanias.com

www.nmcgroups.com

mailto:[email protected]

http://www.netmanias.com/

http://www.nmcgroups.com/

Copyright © 2002-2013 NMC Consulting Group. All rights reserved. 2


Table of Contents

1. Network Requirements

2. Network Architecture: Topology Design

2.1 Aggregation Network for Towers

2.2 Aggregation Network for Villas

3. Logical Architecture for Residential Services and Business Services

3.1 Backhaul Connectivity Design for Residential TPS Services 3.2 Backhaul Connectivity Design for Business VPN Services

4. Network Availability

5. Scalability

6. QoS Design

6.1 QoS for Residential TPS Service

6.2 QoS for Business VPN Service

7. Multicast

8. Security

8.1 Security: Data Plane 8.2 Security: Control Plane & Management Plane

9. Easy Touch Provisioning

10. Element & Network Management System



1. Network Requirements

# of Subscribers

Access Technology: FTTH (AON)

Residential TPS service Internet: up to 1Gbps for each tenant

IP-TV/VoD: HDTV

VoIP

Business VPN Services MPLS L3 VPN, MPLS L2 VPN (P2P: VPWS),

VPLS

Scalability

QoS

Multicast for IP-TV

Integration with Existing Broadband

Network (MPLS)

Easy Touch Provisioning Residential and Business

Backbone Backbone

NOC-1 NOC-2

#2

#1

#39 #15

#1

#2 #33 (=17+16)

#16

BRAS/PE BRAS/PE



MDF

…

AS

10GE

10GE

DS(L2)

NOC-1

NOC-2

AN

RG 1

20

1

20

…

…

…

…

Tower

2x10GE

RG (Residential Gateway) AN (Access Node) AS (Access Switch)

BRAS/PE

DS(L2)

Existing

MPLS Core

1GE

Tenant

BRAS/PE

8XGE

10GE

8XGE 10GE

10GE

P Router

P Router

Role of BRAS BRAS, MPLS PE, SSG

Protocol Interworking with Backbone Network IGP: OSPF or IS-IS

IGP TE: OSPF TE or IS-IS TE

MPLS: LDP, RSVP-TE, MP-iBGP, VPWS, VPLS

Role of AS and DS L2 Ethernet Aggregation

QinQ (for Residential TPS) Termination BRAS

QinQ (for Enterprise VPN) Termination BRAS (PE)

Subscriber MAC frame broadcasting Not to existing IP/MPLS Backbone

Traffic Path All the traffics (Internet, VoIP, VoD, Multicast/Enterprise VPN)

pass through BRAS/PE

DS (Distribution Switch) BRAS

2. Network Architecture



MDF

…

AS

10GE

10GE

DS

NOC-1

NOC-2 AN

RG 1

20

1

20

4xGE

(1000baseTX) …

…

…

…

Tower (Highrise Buildings )

2x10GE

One AS is connected to

two NOCs (Dual Homing)

for protection

RG

AN (Access Node)

AS (Access Switch)

DS (Distribution Switch)

BRAS/PE

10GE

1 GE (1000Base-TX)

1 GE (1000Base-FX)

BRAS/PE

DS

Existing

MPLS Core

1GE

RG in home and business AN and AS are distributed at

each apartment MDF

DS and BRAS in NOC-1

and NOC-2

Direct fiber access to

individual subscribers

(Dedicated 1 Gbps

bandwidth per user)

Tenant

Co-existence of residential

and business subscribers

BRAS/PE

8XGE

10GE

8XGE

10GE

10GE

P Router

P Router

Network Architecture: Aggregation Network for Towers



Aggregation Network for Villas

NOC-1

NOC-2

10GE

…

4xGE (T)

…

10GE

DS

DS

AN

AS

RG

1GE

2X10GE

Villas

One AS is

connected to two

NOCs (Dual

Homing) for

protection

RG in home AN and AS are

centralized at NOC-1

Direct fiber access to

individual subscribers

(Dedicated bandwidth

per user)

BRAS/PE

Existing

MPLS Core

BRAS/PE

8XGE

10GE

8XGE

10GE

10GE

P Router

P Router

RG

AN (Access Node)

AS (Access Switch)

DS (Distribution Switch)

BRAS/PE

10GE

1 GE (1000Base-TX)

1 GE (1000Base-FX)



SAR: Service Access Router (PE router located at Head End)

AN

MPLS L3 Internet VPN (LSP to BR)

PE/BR BRAS/PE

VRF

PE2

MPLS L3 Internet VPN (LSP to PE:P2P)

MPLS L3 VPN (LSP to PE 2)

VRF

VRF

MPLS L3 Voice VPN (LSP to SAR)

MPLS L3 Voice VPN (LSP to PE: Data)

VRF

MPLS L3 Video VPN (LSP to SAR)

VRF

MPLS L2 VPN (VPWS)

VSI



C-VID=Internet(5)

C-VID=Voice(3)

C-VID=Video(4)

C-VID=Ent. A

C-VID=Ent. B

C-VID=Ent. C

C-VID=Ent. D VSI


PE/SAR

PE3

EAPS

VRF

VRF

VRF

Residential

Internet Access

Residential

Voice

Residential

Video

Enterprise

Internet Access

Enterprise

L3 VPN

Enterprise

L2 VPN (PtP: EoMPLS)

Enterprise

L2 VPN (PtMP: VPLS)

VRF VRF VRF VRF VRF

VSI VSI VSI VSI VSI VSI

VSI VSI VSI VSI VSI VSI VSI

VRF

VRF

VSI

VSI

VSI

Residential Internet VLAN

(C-VID=Internet, S-VID=AN)

Residential Voice VLAN

(C-VID=Voice, S-VID=AN)

Residential Video VLAN

(C-VID=Video, S-VID=AN)

DHCP

DHCP

DHCP

Static/Public Subnet

Private Addressing and Routing



Per-Service VRF (Internet) VRF

VRF

VRF

Per-Service VRF (Voice)

Per-Service VRF (Video)

AS DS

Per-Enterprise VLAN

(C-VID=Ent. A, S-VID=Ent. A)

Per-Enterprise VLAN

(C-VID=Ent. B, S-VID=Ent. B)

Per-Enterprise VLAN

(C-VID=Private Use, S-VID=Ent. C)

Per-Enterprise VLAN

(C-VID=Private Use, S-VID=Ent. D)

CPE

3. Logical Architecture for Residential Services and Business Services



Supported Standard (MPLS PE)

RFC 4448 (Martini), Encapsulation Methods for Transport of Ethernet over MPLS Networks, April 2006

RFC 4447 (Martini), Pseudowire Setup and Maintenance Using LDP, April 2006

RFC 4762: Virtual Private LAN Service (VPLS) Using LDP Signaling, Jan. 2007

RFC 4761: RFC 4761 on Virtual Private LAN Service (VPLS) Using BGP for Auto-Discovery and Signaling, Jan.

2007

RFC 4664: Framework for Layer 2 Virtual Private Networks (L2VPNs), Sep. 2006



3.1 Residential TPS Service

802.1Q: Per Service VLAN

<Tower A>

RG BRAS/PE

<Tower B>

802.1ad (QinQ):

S-VID=Per AN VLAN, C-VID=Per Service VLAN

Voice Video Data

Voice Video Data

AN ID

S-VID

C-VID

Per Service VLAN

Encapsulation Per AN QinQ

Encapsulation MPLS L3VPN per Service

VRF

VRF

VRF

<NOC>

Bridging Bridging

Voice VPN

Per-Service MPLS L3 VPN

Video VPN

Data VPN

Outer VLAN

Inner VLAN

Residential

A

Residential

B

Residential

C

Residential

D

Residential

E

Residential

F

802.1Q 802.1ad

N:1 VLAN

N:1 VLAN

N:1 VLAN

Layer 2 (Ethernet)

Layer 3 (IP/MPLS)

IP/MPLS

Backbone AN AS DS

Private VLAN (N:1 VLAN)

DHCP Option82

Voice Video Data



Residential TPS Service

Service Separation: in the backhaul, by Per-Service VLAN (N:1 VLAN). Inside BRAS, by VRF (Each VRF has its

own interface and route information)

User Isolation: Split Horizon Forwarding (Private VLAN) on AN to prohibit Hair-pin

L2 Scalability Issues

Broadcast Domain is reduced by Per AN QinQ

MAC Learning at DS: 224K MAC addresses supported by DS >> 15K subscriber x 4 services = 60K

Configuration of each RG is same. QinQ value of AN will be different

IP Address Management: Public IP address for Internet access, Private IP address for walled-garden service

(VoD, IP-TV, VoIP)

DHCP Option82 at AN (Per-service VLAN ID, Port ID, AN ID): Subscriber Identification, Location of

subscriber, Per-service IP address allocation



3.2 Business VPN Service

Outer VLAN

RG/CE AN

802.1Q:Per Enterprise VLAN or Private Use by Enterprise

802.1ad (QinQ): S-VID=Per Enterprise VLAN, C-VID=Per Enterprise VLAN

(extension) or Private Use by Enterprise

Per Enterprise QinQ

Encapsulation

MPLS L2/L3 VPN per

Enterprise Bridging

Per Enterprise MPLS L2/L3 VPN

VRF

VRF

VSI

VSI

VSI

VSI

Enterprise

A

Enterprise

B

Enterprise

C

Enterprise

D

Enterprise

E

Enterprise

F

Ent-A L3 VPN

Ent-B L3 VPN

Ent-C L2 VPN (VPWS)

Ent-D L2 VPN (VPWS)

Ent-E L2 VPN (VPLS)

Ent-E L2 VPN (VPLS)

Enterprise ID

S-VID

C-VID

<Tower A>

<Tower B> <NOC>

Per Enterprise VLAN

Encapsulation

Layer 2 (Ethernet)

Layer 2/3

Customer Separation by Per-Enterprise VLAN (1:1 VLAN) Need to Provisioning tool for creating Per-Enterprise VLAN IP address management: Private IP for VPN service

1:1 VLAN

1:1 VLAN

1:1 VLAN

BRAS/PE DS AS

IP/MPLS

Backbone

Bridging

Inner VLAN



MPLS L3 VPN

Metro Ethernet

Backhaul

PE

PE

Metro Ethernet

Backhaul

Site-2, VPN-B

Site-2, VPN-A

Site-1, VPN-B

Site-1, VPN-A

CE2

CE1

CE1

Per-enterprise VLAN (1:1 VLAN)

Tunnel Signaling (LDP or RSVP-TE)

VPN Route and Label Distribution (MP-iBGP)

IGP (IS-IS or OSPF)

Point-to-Point or Point-to-MultiPoint L3 VPN

L3 VPN (vc-lsp)

Per-enterprise VLAN

CE2

LSP Tunnel

802.1Q 802.1ad

IP/MPLS Backbone

VPN Routing (BGP, OSPF, IS-IS,

RIP, Static)

RFC 2547bis BGP/MPLS VPN



MPLS L2 VPN: VLL/VPWS/EoMPLS Service

Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

Site-2, VPN-B

Site-2, VPN-A

Site-1, VPN-B

Site-1, VPN-A

CE2

CE1

CE1



PW Signaling

(Martini Signaling/RFC4447)

IGP (IS-IS or OSPF)

Point-to-Point Transparent LAN Service

PW (vc-lsp)

Per-enterprise VLAN

CE2

LSP Tunnel

802.1Q 802.1ad

IP/MPLS Backbone

RFC 4448 (Martini), Encapsulation Methods for Transport of Ethernet over MPLS Networks, April 2006

RFC 4447 (Martini), Pseudowire Setup and Maintenance Using LDP, April 2006

PE

PE



MPLS L2 VPN: VPLS Service

Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

Site-2, VPN-B

Site-2, VPN-A

Site-1, VPN-B

Site-1, VPN-A

CE2

CE1

CE1



PW Signaling

(Martini Signaling/RFC4762 or BGP/RFC 4761)

IGP (IS-IS or OSPF)

Point-to-Multi Point Transparent LAN Service

VPLS (Full-meshed PWs)

Per-enterprise VLAN

CE2

LSP Tunnel

802.1Q 802.1ad

IP/MPLS Backbone

RFC 4762: Virtual Private LAN Service (VPLS) Using LDP Signaling, Jan. 2007

RFC 4761: RFC 4761 on Virtual Private LAN Service (VPLS) Using BGP for Auto-Discovery and Signaling, Jan. 2007

RFC 4664: Framework for Layer 2 Virtual Private Networks (L2VPNs), Sep. 2006

PE

PE



4. Network Availability (EAPS): < 50msec

IP/MPLS

Backbone

AS AN RG

DS

DS

NOC-1

NOC-2

Tower A

Link failure between AS and DS is major threatening and we can provide fast convergence of link fail (under 50ms) by EAPS (Ethernet Automatic Protection Switching)

Ring based network resiliency protocol between AS and DS/PE, operate at layer 2

Provides SONET/SDH like fast convergence from network failures

Proven sub-50ms failover times for voice-class connections

Designed for carriers/ISP—essential for convergence in the enterprise

IETF RFC 3619

B

Secondary port logically blocked for

protected VLAN data traffic

Normal Data

Traffic

EAPS Ring “Health Check”

Messages sent out periodically

a

b b

Data Traffic with

Link Fail BRAS/PE

BRAS/PE

RFC3619: Extreme Network’s Ethernet Automatic Protection Switching (EAPS) Version 1.0



IP/MPLS

Backbone

DS PE RG AN AS

VRRP

B

EAPS

Blocked Port

IP/MPLS

Backbone

DS PE RG AN AS

B

< Normal >

VRRP Master

IP/MPLS

Backbone

DS PE RG AN AS

VRRP Master

Become Active

< Link Fail >

Recovery by EAPS (50ms)

IP/MPLS

Backbone

DS PE RG AN AS

VRRP Master

Become Active

< DS Fail >

Recovery by EAPS, VRRP & IGP

IP/MPLS

Backbone

DS PE RG AN AS

VRRP Master

< Link Fail >

Recovery by VRRP & IGP

IP/MPLS

Backbone

DS PE RG AN AS

VRRP Master

< PE Fail >


B

B

Unicast Upstream

Unicast Downstream

VRRP Master

Resiliency Mechanism for Unicast



IP/MPLS

Backbone

DS PE RG AN AS

VRRP Master

< Link Fail >


B

IP/MPLS

Backbone

DS PE RG AN AS

VRRP Master

< Link Fail >

Recovery by IGP

B

Enable

VRRP I/F tracking

Disable

VRRP I/F tracking

Resiliency Mechanism for Unicast



IP/MPLS

Backbone

DS PE RG AN AS

PIM Hello

B

EAPS

Blocked Port

IP/MPLS

Backbone

DS PE RG AN AS

B

< Normal >

DR

IP/MPLS

Backbone

DS PE RG AN AS

DR

Become Active

< Link Fail >

Recovery by EAPS (50ms)

IP/MPLS

Backbone

DS PE RG AN AS

Become Active

< DS Fail >

Recovery by EAPS & IGP

IP/MPLS

Backbone

DS PE RG AN AS

< Link Fail >

Recovery by IGP

IP/MPLS

Backbone

DS PE RG AN AS

< PE Fail >

Recovery by IGP

B

B

DR

DR

DR

Multicast

DR

Resiliency Mechanism for Multicast



IP/MPLS

Backbone

DS PE RG AN AS

< Link Fail >

Recovery by IGP

B

DR

Resiliency Mechanism for Multicast



5. Scalability

Scalability Factor for Enterprise AS (BD 8806) DS (BD 10808) BRAS/PE (E320)

Maximum number of MAC addresses 16K 224K 96K

Maximum number of IP routes 1M

Maximum number of 802.1Q (VLAN) Circuits per Port 4K 4K 4K (16K per chassis)

Maximum number of 802.1ad (QinQ) Circuits per Port 16K (96K per chassis)

Maximum number of Logical Interfaces 96K

Maximum number of MPLS LSPs (LDP/RSVP-TE) 10K

Scalability Factor of MPLS L3VPN for Enterprise BRAS/PE (E320)

Maximum number of VRF instances 1K

Maximum number of IP routes per VRF 500K

Scalability Factor of MPLS L2VPN for Enterprise BRAS/PE (E320)

Maximum number of VPWS instances 8K

Maximum number of VPLS instances 1K

Maximum number of MAC addresses per VSI Totally 64K

Maximum number of MPLS L3 VPN = 1K (per PE router)

Maximum number of Point-to-Point MPLS L2 VPN (VPWS) = 8K (per PE router)

Maximum number of Point-to-Multipoint MPLS L2 VPN (VPLS) = 1K (per PE router)



L2 Scalability

Residential TPS Service

Broadcast Domain is reduced by Per-AN VLAN (QinQ)

MAC Learning at DS: 224K MAC addresses supported by DS (Extreme BD10K) >> 15K subscriber x 4 services = 60K

Enterprise VPN service

Per-Enterprise VLAN must be provisioned through Ethernet backhaul network (Potential scaling issue)

802.1Q provides 4K distinct VLANs and 802.1ad provides 16M distinct VLANs



RG ~ AN AN ~ AS AS ~ DS DS ~ BRAS/PE BRAS/PE ~ P

802.1p 802.1p 802.1p 802.1p MPLS QoS (E-LSP) / IP DiffServ

Voice COS 5 COS 5 COS 5 COS 5 EXP 5

IPTV COS 3 COS 3 COS 3 COS 3 DSCP AF3

VoD COS 2 COS 2 COS 2 COS 2 EXP 2

Internet COS 0 COS 0 COS 0 COS 0 EXP 0

RG AN

AS BRAS/PE

DS

802.1p

802.1p 802.1p 802.1p MPLS QoS/IP DiffServ

Per-Residential Downstream Shaping

Per-Residential Upstream Shaping

4 service classes

Internet bandwidth control for both upstream and downstream direction per residential subscriber by RG & BRAS

Voice, IPTV and VoD traffic are always higher priority than Internet

IP/MPLS

Backbone

Internet to User-B

Internet to User-A

Internet to User-C

Per-Residential

shaping

BRAS

A

B

C

Voice to All users

IPTV (multicast)

VoD to All users

SPQ

HIGH

LOW

6.1 QoS for Residential TPS Service



6.2 QoS for Business VPN Service

RG ~ AN AN ~ AS AS ~ DS PE ~ P

802.1p 802.1p 802.1p MPLS QoS (E-LSP)

Voice COS 5 COS 5 COS 5 EXP 5

VoD COS 2 COS 2 COS 2 EXP 2

Mission Critical COS 1 COS 1 COS 1 EXP 1

Internet COS 0 COS 0 COS 0 EXP 0

RG AN

AS

Per-Enterprise Downstream Shaping

Per-Enterprise Upstream Shaping

4 service classes

Bandwidth control for both upstream and downstream direction per enterprise subscriber by PE

PE supports hierarchical shaper

IP/MPLS

Backbone

PE

Per-Enterprise

Hierarchical shaping

(PIR/CIR)

S-VLAN

1001

S-VLAN

1400

I

T V

RT Video

RT Voice

Best Effort

Mission Critical

M

S-VLAN

1500

1

2 3

BRAS/PE

DS

802.1p 802.1p 802.1p MPLS QoS 802.1p



7. Multicast

All IPTV channels (multicast streams) are always reach to the core-facing port of DS for fast channel zapping by IGMP Static Join function of BRAS/PE

IP/MPLS

Backbone

AS AN

RG

BRAS/PE DS

DS

NOC-1

NOC-2

Tower A

AS AN

RG Tower B

AS AN

RG Tower C

DR

All IPTV channels

IGMP Report (CH1)

BRAS/PE

IGMP Static Join

IGMP Snooping

IGMP Snooping

IGMP Proxy IGMP

Snooping

IPTV CH1



8.1 Security: Attack and Defensive Features/Actions

Attack Defensive Features/Actions NE

MAC attacks Limit number of MAC address per port, Allow only static MAC address AN, AS

VLAN hopping Disable auto trunking on user-facing port, Do not use VLAN1 for anything AN, AS, DS

Private DHCP server Filter DHCP message using wire-speed ACLs, Private VLAN AN, AS, DS

Source MAC address spoofing

Limit number of MAC address per port, Allow only static MAC address AN, AS

Abnormal Source MAC attacks (all 0’s all F’s, …)

Filter abnormal source MAC address using wire-speed ACLs AN, AS, DS

ARP attacks AN, AS, DS: Storm control, Rate-limit of ARP protocol type

BRAS/PE: CPU rate-limit, IP Source Guard AN, AS, DS, BRAS/PE

Storm attacks Storm control for broadcast & unknown-unicast packet AN, AS, DS

System attacks CPU rate-limit & filtering, Prioritize control traffic (telnet, SNMP is high) AN, AS, DS, BRAS/PE

DHCP attacks Limit number of MAC address per port, Check Integrity of DHCP message AN, BRAS/PE

Poison ARP tables Dynamic ARP inspection using DHCP snoop binding table BRAS/PE

DDoS of TCP SYN flooding AN, AS, DS: Rate-limit of TCP SYN

BRAS/PE: IP Source Guard AN, AS, DS, BRAS/PE

Smurf attacks Disable direct broadcast BRAS/PE

IGMP attacks Enable IGMP Join Filter, Limit number of IGMP Join message AN, AS

Multicast stream attacks Filter multicast address (except IGMP message) on user-facing port AN, AS

PIM attacks Filter PIM neighbor (Allow only registered PIM neighbor) BRAS/PE



8.1 Attack and Defensive Features/Actions

Attack Defensive Features/Actions NE

Attack with the spoofed source IP address

IP Source Guard, RPF (Reverse Path Filtering) BRAS/PE

Route information spoofing

Misdirecting traffic

MD5 authentication for IP routing/MPLS signaling protocol

GTSM (Generalized TTL Security Mechanism)

Route filtering: Martian filter, Bogon list, RFC 1918/3330 address

BRAS/PE



RG AN

AS BRAS/PE DS

IP Source Guard/DHCP Security

Resource (# of Routes/MACs) Limitation/

Rate-Limit of Protocol Update per VRF

Filter Martian-addresses, RFC 1918 addresses, Bogon prefixes

Filter Directed Broadcast

Rate Limit ICMP echo & TCP SYN (to CPU & Transit)

Reject other ICMP packets (ex. ICMP Redirect),

IP with Option, Malicious Fragment packets

Protect IGMP Attack

Unicast RPF Loose mode

Filter well-known attack traffic (worms/viruses)

Protect MAC Attack

User Isolation (Prohibit direction connection between users)

/Service Isolation

Protect ARP Attack

Protect MAC Spoofing

Control CPU Traffic

Storm Control

Filter Multicast stream from Abnormal source

Protect DHCP Attack

IP/MPLS

Backbone

8.2 Security: Data Plane



RG AN

AS BRAS/PE DS

MD5 Authentication for IP Routing/MPLS Signaling

Generalized TTL Security Mechanism (GTSM)

SNMPv3

SSH (Secure Shell)/SCP (Secure Copy Protocol)

TACACS+

Control # of concurrent SSH connection

Control rate of SSH connection

IP/MPLS

Backbone

8.3 Security: Control Plane & Management Plane



OSS/BSS

Web Portal Policy Server

LDAP

AAA

DHCP

RG

AN

AS

BRAS/SSG DS

AN

RG

RG

AS

AN

IP/MPLS

Backbone RG

1

DHCP DISCOVER

2 DHCP OFFER

3 DHCP REQUEST

4 DHCP ACK

5 “Client Table” is created

“SI” is created

7 COPS: Interface Event

8 COPS: Address Event

9 COPS: Default Policy

10 LDAP Search: MAC ID/PW

11 LDAP Result: NULL return

12 HTTP/HTTPS: ID/PW by subscriber

13 CORBA: ID/PW information

14 RADIUS: Request Authentication

(ID/PW)

15 RADIUS: Authentication Result

16 RADIUS: Type of Service for Subscriber

17 CORBA: Authentication Result

18 COPS: Service Policy

19 HTTP/HTTPS: Authentication Result &

Show “Subscriber Homepage”

LDAP: Service adds

TRANSPORT PLANE

SERVICE INTELLIGENCE CONTROL PLANE

BACK OFFICE

6

9. Easy Touch Provisioning Tool: SSG (Service Selection Gateway) for TPS Users



Connection Manager helps reduce overall administration and management costs by providing automated resource management and rapid profile-based provisioning capabilities that speed deployment and time to market of Metro Ethernet technologies

It provides 802.1Q VLAN, 802.1ad QinQ provisioning methods for AN, AS and DS

AS AN

RG/CE

IP/MPLS

Backbone BRAS/PE DS P P PE

CE

Site-1, VPN-A Site-2, VPN-A

Connection Manager for Enterprise

RG/CE

Site-1, VPN-B

Site-2, VPN-B

CE

B B A

Per Enterprise VLAN

Per Enterprise MPLS VPN (L2/L3)

A QinQ assignment of user-facing port for Enterprise user

B VLAN ID assignment of access-facing port for Enterprise user

Easy Touch Provisioning Tool: VLAN Connection Management for Enterprise



AS AN

RG/CPE BRAS

DS RG/CPE

IP/MPLS Core

Internet

BRAS EMS AS/DS EMS AN EMS RG EMS

DHCP

TFTP/FTP

NMS

Fault Configuration Accounting Performance Security

Network elements

Element & Network

management

FCAPS

Southbound

(SNMP)

Northbound

(SNMP, XML)

Network management systems make use of a wide range of tools, applications, interfaces and devices to assist the network operators work in monitoring and maintaining the network. A standard model is defined by the ITU-T for all management systems, called FCAPS Fault management

Configuration management

Accounting management

Performance management

Security management

10. Element & Network Management System



General managements Fault Configuration Performance/Statistics Reports Security

Topology map Fault detection Resource initialization Data collection User access right checking

Command history Alarm generation Provisioning Data reporting Access logging

- Alarm handling Backup and restore Data analysis Security alarm reporting

- Error logging Remote configuration Alarm history Data backup

- - Automated software installation - -

Alarm statistics summary

- Alarm count per fault category

- Alarm Color per fault category

3

1

Elements lists

- Elements lists view

- Elements searching

- Diagnostics for elements

2

Topology map

- Network topology map

- Elements status view

- Link/Port status view

4 Detail view for selected

elements/networks

5 Alarm status / history

EMS/NMS Features



Features Sub features Descriptions

System General Information

Monitoring condition Monitoring time, retry count, retry timeout

Monitoring condition and threshold control based on system performance

Topology MAP Map service based on topology

Utility Ping, Trace, Telnet

Alarm history Alarm history by regional, elements and ports

Tool-tip display detail information when you move the mouse across a element or port

Element information CPU, MEMORY, DISK, temperature, element boot time, OS version, number of interface

Interface information Interface ID, Interface Operation/Admin status

Performance

Performance reports Top N performance by daily, weekly and monthly

System resource CPU utilization, MEMORY usage, DISK usage, Response time

Traffic performance

Interface input/output throughput (BPS, PPS)

Interface input/output utilization rate

Interface input/output error rate

Interface input/output discard rate

Configuration

Elements status Status of the registered elements

Elements configuration Node and port configuration such as VLAN, QoS, ACL, Multicast, etc

Port (physical/logical) Up/Down status

Port status

Port (physical/logical) Up/Down control

Port remote control by EMS/NMS system

Element/Link management Element or Link management (add/modify/delete)

EMS/NMS Functionality Summary



Features Sub features Descriptions

Fault

SNMP Trap SNMP TRAP, syslog, CLI

Alarm notify web event , e-mail, sms

Alarm history Alarm history search

Alarm severity management Critical, Major, Minor, Warning, Normal

Syslog management syslog collect, syslog history search

Alarm analysis report for each elements

Analysis of the alarm count, alarm duration and alarm type for each elements

Alarm analysis report for the each interfaces

Analysis of the alarm count, alarm duration and alarm type for each interfaces

Alarm threshold Alarm threshold setting

Statistics Report

Report file format Statistics report of Microsoft’s excel or word format

Elements or Port inventory report inventory including alarm or log history of Elements or Port

Elements performance report Performance reports for traffic utilization, Resource usage, alarm, response time, etc (daily, weekly, monthly)

Traffic statistics Traffic analysis report per period, application

Security Account management Account management, User id support access right control

Backup and Restore of Data

Backup and restore Configuration backup / recovery of all the element

Automatic and scheduled backup

EMS/NMS Functionality Summary



End of Document


Carrier WiFi

Data Center Migration

WirelineNetwork

LTE

Mobile Network

Mobile WiMAX

Carrier Ethernet

FTTH

Data Center

Policy Control/PCRF

IPTV/TPS

Metro Ethernet

MPLS

IP Routing

99 00 01 02 03 04 05 06 07 08 09 10 11 12 13

eMBMS/Mobile IPTV

Services

CDN/Mobile CDN

Transparent Caching

BSS/OSS

Cable TPS

Voice/Video Quality

IMS

LTE Backaul

Netmanias Research and Consulting Scope

Visit http://www.netmanias.com to view and download more technical documents.

Documents

Netmanias.2009.01.09-Backhaul Network Design (en)