studentguide implementing broadband aggregation on cisco10k vol1
DESCRIPTION
Cisco 10000 seriesTRANSCRIPT
-
BBAGG
Volume 1
Implementing Broadband Aggregation on Cisco 10000 Series
Version 1.0
Student Guide
-
The products and specifications, configurations, and other technical information regarding the products in this manual are subject to change without notice. All statements, technical information, and recommendations in this manual are believed to be accurate but are presented without warranty of any kind, express or implied. You must take full responsibility for their application of any products specified in this manual. LICENSE PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THE MANUAL, DOCUMENTATION, AND/OR SOFTWARE (MATERIALS). BY USING THE MATERIALS YOU AGREE TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT AGREE WITH THE TERMS OF THIS LICENSE, PROMPTLY RETURN THE UNUSED MATERIALS (WITH PROOF OF PAYMENT) TO THE PLACE OF PURCHASE FOR A FULL REFUND. Cisco Systems, Inc. (Cisco) and its suppliers grant to you (You) a nonexclusive and nontransferable license to use the Cisco Materials solely for Your own personal use. If the Materials include Cisco software (Software), Cisco grants to You a nonexclusive and nontransferable license to use the Software in object code form solely on a single central processing unit owned or leased by You or otherwise embedded in equipment provided by Cisco. You may make one (1) archival copy of the Software provided You affix to such copy all copyright, confidentiality, and proprietary notices that appear on the original. EXCEPT AS EXPRESSLY AUTHORIZED ABOVE, YOU SHALL NOT: COPY, IN WHOLE OR IN PART, MATERIALS; MODIFY THE SOFTWARE; REVERSE COMPILE OR REVERSE ASSEMBLE ALL OR ANY PORTION OF THE SOFTWARE; OR RENT, LEASE, DISTRIBUTE, SELL, OR CREATE DERIVATIVE WORKS OF THE MATERIALS. You agree that aspects of the licensed Materials, including the specific design and structure of individual programs, constitute trade secrets and/or copyrighted material of Cisco. You agree not to disclose, provide, or otherwise make available such trade secrets or copyrighted material in any form to any third party without the prior written consent of Cisco. You agree to implement reasonable security measures to protect such trade secrets and copyrighted Material. Title to the Materials shall remain solely with Cisco. This License is effective until terminated. You may terminate this License at any time by destroying all copies of the Materials. This License will terminate immediately without notice from Cisco if You fail to comply with any provision of this License. Upon termination, You must destroy all copies of the Materials. Software, including technical data, is subject to U.S. export control laws, including the U.S. Export Administration Act and its associated regulations, and may be subject to export or import regulations in other countries. You agree to comply strictly with all such regulations and acknowledge that it has the responsibility to obtain licenses to export, re-export, or import Software. This License shall be governed by and construed in accordance with the laws of the State of California, United States of America, as if performed wholly within the state and without giving effect to the principles of conflict of law. If any portion hereof is found to be void or unenforceable, the remaining provisions of this License shall remain in full force and effect. This License constitutes the entire License between the parties with respect to the use of the Materials Restricted Rights - Ciscos software is provided to non-DOD agencies with RESTRICTED RIGHTS and its supporting documentation is provided with LIMITED RIGHTS. Use, duplication, or disclosure by the U.S. Government is subject to the restrictions as set forth in subparagraph C of the Commercial Computer Software - Restricted Rights clause at FAR 52.227-19. In the event the sale is to a DOD agency, the U.S. Governments rights in software, supporting documentation, and technical data are governed by the restrictions in the Technical Data Commercial Items clause at DFARS 252.227-7015 and DFARS 227.7202. DISCLAIMER OF WARRANTY. ALL MATERIALS ARE PROVIDED AS IS WITH ALL FAULTS. CISCO AND ITS SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. In no event shall Ciscos or its suppliers liability to You, whether in contract, tort (including negligence), or otherwise, exceed the price paid by You. The foregoing limitations shall apply even if the above-stated warranty fails of its essential purpose. The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio-frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case users will be required to correct the interference at their own expense. The following information is for FCC compliance of Class B devices: The equipment described in this manual generates and may radiate radio-frequency energy. If it is not installed in accordance with Ciscos installation instructions, it may cause interference with radio and television reception. This equipment has been tested and found to comply with the limits for a Class B digital device in accordance with the specifications in part 15 of the FCC rules. These specifications are designed to provide reasonable protection against such interference in a residential installation. However, there is no guarantee that interference will not occur in a particular installation.
-
You can determine whether your equipment is causing interference by turning it off. If the interference stops, it was probably caused by the Cisco equipment or one of its peripheral devices. If the equipment causes interference to radio or television reception, try to correct the interference by using one or more of the following measures: Turn the television or radio antenna until the interference stops. Move the equipment to one side or the other of the television or radio. Move the equipment farther away from the television or radio. Plug the equipment into an outlet that is on a different circuit from the television or radio. (That is, make certain the equipment and the television or radio are on circuits controlled by different circuit breakers or fuses.) Modifications to this product not authorized by Cisco Systems, Inc. could void the FCC approval and negate your authority to operate the product. The following third-party software may be included with your product and will be subject to the software license agreement: CiscoWorks software and documentation are based in part on HP OpenView under license from the Hewlett-Packard Company. HP OpenView is a trademark of the Hewlett-Packard Company. Copyright 1992, 1993 Hewlett-Packard Company. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs public domain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California. Network Time Protocol (NTP). Copyright 1992, David L. Mills. The University of Delaware makes no representations about the suitability of this software for any purpose.
Point-to-Point Protocol. Copyright 1989, Carnegie-Mellon University. All rights reserved. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission.
The Cisco implementation of TN3270 is an adaptation of the TN3270, curses, and termcap programs developed by the University of California, Berkeley (UCB) as part of UCBs public domain version of the UNIX operating system. All rights reserved. Copyright 1981-1988, Regents of the University of California.
Cisco incorporates Fastmac and TrueView software and the RingRunner chip in some Token Ring products. Fastmac software is licensed to Cisco by Madge Networks Limited, and the RingRunner chip is licensed to Cisco by Madge NV. Fastmac, RingRunner, and TrueView are trademarks and in some jurisdictions registered trademarks of Madge Networks Limited. Copyright 1995, Madge Networks Limited. All rights reserved.
XRemote is a trademark of Network Computing Devices, Inc. Copyright 1989, Network Computing Devices, Inc., Mountain View, California. NCD makes no representations about the suitability of this software for any purpose.
The X Window System is a trademark of the X Consortium, Cambridge, Massachusetts. All rights reserved.
Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on the Cisco Web site at www.cisco.com/go/offices.
Argentina Australia Austria Belgium Brazil Bulgaria Canada Chile China PRC Colombia Costa Rica Croatia Czech Republic Denmark Dubai, UAE Finland France Germany Greece Hong Kong SAR Hungary India Indonesia Ireland Israel Italy Japan Korea Luxembourg Malaysia Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela Vietnam Zimbabwe
Copyright 2003, Cisco Systems, Inc. All rights reserved. AccessPath, AtmDirector, Browse with Me, CCDA, CCDE, CCDP, CCIE, CCNA, CCNP, CCSI, CD-PAC, CiscoLink, the Cisco NetWorks logo, the Cisco Powered Network logo, Cisco Systems Networking Academy, Fast Step, Follow Me Browsing, FormShare, FrameShare, GigaStack, IGX, Internet Quotient, IP/VC, iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ logo, iQ Net Readiness Scorecard, MGX, the Networkers logo, Packet, RateMUX, ScriptBuilder, ScriptShare, SlideCast, SMARTnet, TransPath, Unity, Voice LAN, Wavelength Router, and WebViewer are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All Thats Possible, and Empowering the Internet Generation, are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, Cisco, the Cisco Certified Internetwork Expert Logo, Cisco IOS, the Cisco IOS logo, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Enterprise/Solver, EtherChannel, EtherSwitch, FastHub, FastSwitch, IOS, IP/TV, LightStream, MICA, Network Registrar, PIX, Post -Routing, Pre-Routing, Registrar, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
All other brands, names, or trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0104R)
Book Title, Revision xx.x: Student Guide Copyright 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.
-
2003 Cisco Systems, Inc. Version 1.0 v
Course Overview
Intended Audience
This course is for technical professionals who need to know how to implement broadband aggregation on the Cisco 10000 Series router. The following are considered the primary audience for this course:
Customer technicians
Cisco System Engineers (SEs)
System Integrators (SIs)
Course Level
This course is basic and intermediate training for the topics that it covers.
Prerequisites
Students attending this course should have successfully completed the following training:
Interconnecting Cisco Network Devices (ICND) or equivalent experience
Campus ATM (CATM) or equivalent experience
Basic DSL End To End Architecture either video on demand or leader-led or equivalent experience
-
vi Version 1.0 Implementing Broadband Aggregation
Additional Information Cisco Systems Technical Publications
You can print technical manuals and release notes directly from the Internet. Go to http://www.cisco.com/univercd/home/home.htm. Find the Cisco Systems product for which you need documentation. Then locate the specific category and model or version for your hardware or software product. Using Adobe Acrobat Reader, you can open the manuals and release notes, search for the sections you need, and print them on most standard printers. You can download Acrobat Reader free from the Adobe Systems website, www.adobe.com.
Documentation sets and CDs are available through your local Cisco Systems sales office or account representative.
Cisco Systems Service
Comprehensive network support is available from Cisco Systems Service & Support solutions. Go to http://www.cisco.com/public/support_solutions.shtml for a listing of services.
-
2003 Cisco Systems, Inc. Version 1.0 vii
Course Agenda
Day 1
Broadband Aggregation Architectures
RBE and RFC 1483 Routing
PPPoA
Day 2
PPPoE
Cisco Aggregation Optimization Features
AAA Service
Day 3
L2TP
Cisco 10000 Series Router Hardware Overview
Cisco 10000 Series Router Software Overview
-
viii Version 1.0 Implementing Broadband Aggregation
-
2003 Cisco Systems, Inc. Version 1.0 ix
Course Introduction and Objectives
Overview
Description
This course is intended for customer technicians and system integrators who need to implement various broadband aggregation technologies on Cisco routers. This course also enables Cisco System Engineers (SEs) to present and demonstrate various broadband aggregation technologies on Cisco routers for customers. Students learn about RBE, PPPoA, PPPoE, and L2TP, and learn how to configure and verify operation of these technologies on Cisco routers. This course also explains the Cisco 10000 Series router hardware architecture and software features.
The course is instructor-led and includes hands-on lab exercises. Lecture topics are reinforced with supporting student exercises.
This course focuses on implementing broadband aggregation technologies on the Cisco 10000 Series router, however, most learning experiences from this course may be applied to other Cisco routers that support these technologies.
Objectives
After completing this course, you will be able to do the following:
Compare and contrast the various broadband aggregation architectures available with Cisco routers
Explain how RBE and RFC 1483 routing work, describe their typical architectures and benefits, and configure them on Cisco routers
Explain how PPPoA and PPPoE work, along with descriptions of their typical architecture and benefits, and configure them on Cisco routers
-
x Version 1.0 Implementing Broadband Aggregation
Explain and configure various methods for optimizing subscriber connections including PVC range, auto detect PPPoX encapsulation, VC class, ATM PVC autoprovisioning, and BBA groups
Explain AAA services available on Cisco routers and RADIUS servers and configure AAA services on Cisco routers
Explain how L2TP works, describe its typical architecture and benefits, and configure it on Cisco routers
Describe the Cisco 10000 Series router and explain the features and functions of system-wide hardware and software components
Identify and describe system modules and services on the Cisco 10000 Series router that are utilized in broadband aggregation deployment scenarios
-
2003 Cisco Systems, Inc. Version 1.0 xi
Contents Course Overview ...........................................................................................................v Course Agenda ............................................................................................................vii
Course Introduction and Objectives........................................................................ ix Overview...................................................................................................................... ix
Module 1 Broadband Aggregation Architectures ..........................................11 Overview................................................................................................................... 11 Broadband Aggregation Introduction ......................................................................... 12 Retail and Wholesale Services ................................................................................. 112 VC Service............................................................................................................... 116 ATM Bridging and Routing Methods ....................................................................... 118 PPP Review ............................................................................................................. 120 PPP Broadband Access Methods .............................................................................. 124 PTA......................................................................................................................... 126 L2TP ....................................................................................................................... 128 AAA ........................................................................................................................ 130 Managed LNS ......................................................................................................... 132 Remote Access into MPLS ....................................................................................... 134 SSG and SESM ....................................................................................................... 136 Summary ................................................................................................................ 140 Review Questions .................................................................................................... 141
Module 2 RBE and RFC 1483 Routing...............................................................21 Overview................................................................................................................... 21 Typical RBE Architecture.......................................................................................... 22 RFC 1483 Bridging Protocol Stack............................................................................. 24 How Does RBE Work? ............................................................................................... 28 RBE Configuration .................................................................................................. 212 RBE Advantages and Disadvantages ....................................................................... 218 Typical RFC 1483 Routing Architecture .................................................................. 222 RFC 1483 Routing Protocol Stack ............................................................................ 224
-
xii Version 1.0 Implementing Broadband Aggregation
How Does RFC 1483 Routing Work? ........................................................................ 226 RFC 1483 Routing Configuration ............................................................................. 228 RFC 1483 Routing Advantages and Disadvantages ................................................. 232 Summary ................................................................................................................ 234 Review Questions .................................................................................................... 235
Module 3 PPPoA .....................................................................................................31 Overview................................................................................................................... 31 Typical PPPoA Architecture ...................................................................................... 32 PPPoA with PTA Protocol Stack ................................................................................ 36 PPPoA with Tunneling Protocol Stack ..................................................................... 310 How Does PPPoA Work with PTA? .......................................................................... 312 How Does PPPoA Work with Tunneling? ................................................................. 314 PPPoA IP Address Management.............................................................................. 316 PPPoA Configuration .............................................................................................. 318 PPPoA Advantages and Disadvantages ................................................................... 328 Summary ................................................................................................................ 332 Review Questions .................................................................................................... 333
Module 4 PPPoE......................................................................................................41 Overview................................................................................................................... 41 Typical PPPoE Architecture ...................................................................................... 42 PPPoE Protocol Stack................................................................................................ 46 How Does PPPoE Discovery Work?............................................................................ 48 PPPoEoA with PTA Protocol Stack .......................................................................... 410 PPPoEoA with Tunneling Protocol Stack ................................................................. 414 How Does PPPoE Work with PTA? .......................................................................... 416 How Does PPPoE Work with Tunneling? ................................................................. 418 PPPoE IP Address Management.............................................................................. 420 PPPoEoA Configuration .......................................................................................... 422 PPPoE Advantages and Disadvantages ................................................................... 434 PPPoEoE and PPPoEo892.1q................................................................................... 438 PPPoEoE and PPPoEo892.1q Configuration ............................................................ 440 Summary ................................................................................................................ 442 Review Questions .................................................................................................... 443
Module 5 Cisco Aggregation Optimization Features ....................................51 Overview................................................................................................................... 51
-
2003 Cisco Systems, Inc. Version 1.0 xiii
Optimization Features Introduction .......................................................................... 52 Minimizing ATM PVC Provisioning ........................................................................... 54 PVC Range................................................................................................................ 56 VC Class ................................................................................................................. 514 ATM PVC Autoprovisioning .................................................................................... 518 Autosense PPPoX Encapsulation ............................................................................. 522 PPPoE Profiles ........................................................................................................ 528 Summary ................................................................................................................ 532 Review Questions .................................................................................................... 533
Module 6 AAA Services.........................................................................................61 Overview................................................................................................................... 61 Introduction to AAA .................................................................................................. 62 Authentication .......................................................................................................... 68 Authorization .......................................................................................................... 610 Accounting .............................................................................................................. 612 AAA-Supported Protocols ........................................................................................ 614 RADIUS Attributes ................................................................................................. 616 Radius Files ............................................................................................................ 620 AAA Implementations ............................................................................................. 628 RADIUS Protocol..................................................................................................... 632 Cisco Implementation of AAA.................................................................................. 644 Troubleshooting Aids............................................................................................... 656 Cisco IOS Commands .............................................................................................. 658 UNIX Commands .................................................................................................... 670 Review Questions .................................................................................................... 677
Module 7 L2TP .........................................................................................................71 Overview................................................................................................................... 71 L2TP Overview.......................................................................................................... 72 L2TP Components..................................................................................................... 74 L2TP Tunnel and Session Identifiers......................................................................... 76 Encapsulations Supported......................................................................................... 78 L2TP Message Format............................................................................................. 710 Incoming Call Sequence........................................................................................... 712 Forwarding PPP Frames ......................................................................................... 716 Call Disconnect Sequence ........................................................................................ 718 Typical L2TP Scenarios........................................................................................... 720
-
xiv Version 1.0 Implementing Broadband Aggregation
L2TP Configuration Overview ................................................................................. 724 L2TP Tunnel Attributes .......................................................................................... 726 L2TP Configuration Without RADIUS..................................................................... 728 L2TP Configuration with RADIUS .......................................................................... 736 Tunnel Verification ................................................................................................. 750 Summary ................................................................................................................ 758 Review Questions .................................................................................................... 759
Module 8 Cisco 10000 Series Router Hardware Overview ..........................81 Overview................................................................................................................... 81 Cisco 10000 Series Router Introduction ..................................................................... 82 Broadband Aggregation Deployment Scenarios ......................................................... 84 Cisco 10000 Series Router Components Overview...................................................... 86 Chassis Description ................................................................................................... 88 Modules Used with Broadband Aggregation ............................................................ 814 Cisco 10000 Series Router Architecture Overview ................................................... 818 Functional Block Diagram ....................................................................................... 820 Router Buffer Management ..................................................................................... 824 Router Backplane.................................................................................................... 826 Performance Routing Engine-2 ................................................................................ 830 PRE-2 Front Panel .................................................................................................. 832 PRE-2 Architecture ................................................................................................. 834 PRE-2 Packet Flow.................................................................................................. 842 PXF Technology and Operation ............................................................................... 850 PRE Comparison ..................................................................................................... 860 High Availability ..................................................................................................... 862 PRE Redundancy..................................................................................................... 864 Cisco 10000 Series Router Broadband Aggregation Line Cards................................ 874 ATM Line Cards ...................................................................................................... 876 ATM Line Card Common Features .......................................................................... 882 Assigning VPI/VCIs for ATM VC Scaling ................................................................. 888 LAN Line Cards ...................................................................................................... 892 Packet over SONET Line Cards..............................................................................8106 Common POS/SDH Line Card Features .................................................................8112 Summary ...............................................................................................................8114 Review Questions ...................................................................................................8115
-
2003 Cisco Systems, Inc. Version 1.0 xv
Module 9 Cisco 10000 Series Router Software Overview............................91 Overview................................................................................................................... 91 Software Architecture................................................................................................ 92 Software components................................................................................................. 94 Cisco 10000 Router Software ..................................................................................... 96 Supported Encapsulations ....................................................................................... 914 Frame Relay Support .............................................................................................. 918 Broadband Features and Scaling ............................................................................. 920 Leased-Line Features and Scaling ........................................................................... 928 High Availability and Management Functionality ................................................... 934 QoS Features and Functions.................................................................................... 936 Class-Map Match Options ....................................................................................... 938 Policy-Map Keywords .............................................................................................. 940 Policy-Map Actions .................................................................................................. 942 QoS Facts ................................................................................................................ 946 Policing Considerations ........................................................................................... 952 VC Scaling with QoS ............................................................................................... 954 System Status and Alarms ...................................................................................... 958 Checking the Data Path .......................................................................................... 966 System-Wide Statistics and Performance................................................................. 980 Summary ................................................................................................................ 996
Glossary .......................................................................................................................... 1 Technology Acronyms ....................................................................................................2 Cisco 10000 Series Router Acronyms .............................................................................5
Appendix A Review Question Answers........................................................... A1 Appendix Contents ....................................................................................................A1 Module 1 Broadband Aggregation Architectures .....................................................A2 Module 2 RBE and RFC 1483 .................................................................................A4 Module 3 PPPoA.....................................................................................................A7 Module 4 PPPoE...................................................................................................A10 Module 5 Cisco Aggregation Optimization Features..............................................A13 Module 7 AAA Services.........................................................................................A14 Module 7 L2TP .....................................................................................................A16 Module 8 Cisco 10000 Series Router Hardware Overview .....................................A18
-
xvi Version 1.0 Implementing Broadband Aggregation
Appendix B Router Starting Configurations ..................................................B1 Appendix Contents ....................................................................................................B1 P1R1 Configurations .................................................................................................B2 P1R2 Configurations ...............................................................................................B16 P1R3 Configuration .................................................................................................B30 Core Routers Configurations ...................................................................................B32 PC CPE Configurations ...........................................................................................B36
-
2003 Cisco Systems, Inc. Version 1.0 11
Module 1 Broadband Aggregation Architectures
Overview
Description
In this module, you will learn about the various broadband aggregation architectures available with Cisco routers.
Objectives
After completing this module, you will be able to do the following:
List various broadband aggregation architectures
Identify the technologies used by each architecture and describe how each architecture functions
Identify the benefits of each architecture
-
Broadband Aggregation Architectures Module 1
12 Version 1.0 Implementing Broadband Aggregation
Broadband Aggregation Introduction
This section describes the various segments that constitue a broadband subscriber network environment.
Network Segments
You can view the access and core network that serve broadband subscribers as being divided into three segments.
Customer Premises Equipment (CPE)
Network Access Provider (NAP)
Network Service Provider (NSP)
The NAP and NSP may be owned by different businesses or by one company. This is described in more detail in the Retail and Wholesale Services section. Although the drawing illustrates digital subscriber line (DSL) access, the same functional segments apply to other broadband access methods, such as cable and wireless.
-
Module 1 Broadband Aggregation Introduction
2003 Cisco Systems, Inc. Version 1.0 13
Broadband Aggregation Introduction
CPECustomer Premises EquipmentNAPNetwork Access ProviderNSPNetwork Service Provider
CPE NAP NSP
Video
Voice
Content
ATU-RDSLAM
AggregationService Selection
Core
TerminationService
Selection
Enterprise
Internet
ISP
Internet
-
Broadband Aggregation Architectures Module 1
14 Version 1.0 Implementing Broadband Aggregation
Broadband Aggregation Introduction (continued)
CPE
The term CPE refers to the equipment required on the customer premises, typically a modem and personal computer. The modem type varies with the access method, such as DSL and cable.
The modem generally provides Layer 1 and Layer 2 functions and in some applications Layer 3 functions.
Physical layer transport of data according to the subscriber connection type; for example, asymmetric digital subscriber line (ADSL)
Data Link layer encapsulation of data for transport across the physical link; for example, ATM, bridging, and Point-to-Point Protocol (PPP)
Network layer provides routing, Network Address Translation (NAT), and DHCP functions typically using IP
-
Module 1 Broadband Aggregation Introduction
2003 Cisco Systems, Inc. Version 1.0 15
Broadband Aggregation Introduction (continued)
CPECustomer Premises EquipmentNAPNetwork Access ProviderNSPNetwork Service Provider
CPE NAP NSP
Video
Voice
Content
ATU-RDSLAM
AggregationService Selection
Core
TerminationService
Selection
Enterprise
Internet
ISP
Internet
-
Broadband Aggregation Architectures Module 1
16 Version 1.0 Implementing Broadband Aggregation
Broadband Aggregation Introduction (continued)
NAP
The NAP portion of the network provides at least the following components:
Subscriber termination devices such as a digital subscriber line access multiplexers (DSLAMs) or cable headend systems
Aggregation systems
Core network for transporting data to the NSP
Subscriber Termination
Subscriber termination devices terminate the physical layer connection and transport of data from the subscriber. The data is then transported to aggregation devices typically by using an ATM or Ethernet/IP infrastructure.
Aggregation
Aggregation systems may be ATM switches or routers or a combination of both depending on several factors, such as whether the NAP is providing retail or wholesale services. The types of functions that aggregators may provide include
ATM switching
Bridging
PPP termination
Routing
Core Network
Typical core networks are either ATM based or IP based. If a legacy ATM network is in place, then the NAP may continue to use it to transport data to the NSP. NAPs are migrating to using IP cores rather than ATM switching or building new IP cores using Gigabit Ethernet. Additionally, IP cores are evolving to Multiprotocol Label Switching (MPLS).
-
Module 1 Broadband Aggregation Introduction
2003 Cisco Systems, Inc. Version 1.0 17
Broadband Aggregation Introduction (continued)
CPECustomer Premises EquipmentNAPNetwork Access ProviderNSPNetwork Service Provider
CPE NAP NSP
Video
Voice
Content
ATU-RDSLAM
AggregationService Selection
Core
TerminationService
Selection
Enterprise
Internet
ISP
Internet
-
Broadband Aggregation Architectures Module 1
18 Version 1.0 Implementing Broadband Aggregation
Broadband Aggregation Introduction (continued)
NSP
The NSP is responsible for offering services to subscribers, which may be residential or business users. Services the NSP provides include
E-mail
Internet access
Video and voice services
Access to corporations
Termination of service selection
NSP use aggregation devices, typically routers, to terminate virtual circuit (VC) or PPP connections from the subscribers. The Layer 3 data is then extracted and forwarded to the destination. Like aggregators in the NAP, the aggregation devices may perform bridging, routing, and PPP termination for various types of encapsulation methods.
-
Module 1 Broadband Aggregation Introduction
2003 Cisco Systems, Inc. Version 1.0 19
Broadband Aggregation Introduction (continued)
CPECustomer Premises EquipmentNAPNetwork Access ProviderNSPNetwork Service Provider
CPE NAP NSP
Video
Voice
Content
ATU-RDSLAM
AggregationService Selection
Core
TerminationService
Selection
Enterprise
Internet
ISP
Internet
-
Broadband Aggregation Architectures Module 1
110 Version 1.0 Implementing Broadband Aggregation
Broadband Aggregation Introduction (continued)
In this course we will focus on the aggregation aspects of broadband subscribers. You will learn about Ciscos implementation of aggregation services on routers that have been optimized to perform aggregation functions.
-
Module 1 Broadband Aggregation Introduction
2003 Cisco Systems, Inc. Version 1.0 111
Broadband Aggregation Introduction (continued)
CPE NAP NSP
Video
Voice
Content
ATU-RDSLAM
AggregationService Selection
Core
TerminationService
Selection
Enterprise
Internet
ISP
Internet
Training Focus
-
Broadband Aggregation Architectures Module 1
112 Version 1.0 Implementing Broadband Aggregation
Retail and Wholesale Services
Service providers may be categorized in terms of their operating models: retail services and wholesale services.
Characteristics of a Retail Service
A service provider that operates a retail service performs the roles of both the NAP and the NSP. A retailer provides broadband access, termination, and value-added services to the subscriber, that is, both NAP and NSP functions. A retail provider can offer data, voice, and video to residential customers and can also offer Virtual Private Network (VPN) capability to business customers.
The following are key aspects of a retail provider:
Owns the subscriber
Dictates the class of service
Provides access to the Internet
-
Module 1 Retail and Wholesale Services
2003 Cisco Systems, Inc. Version 1.0 113
Retail and Wholesale Services
Characteristics of a Retail Service Owns the subscriber service (gets the monthly
subscription)
Dictates the class of service (the line rate)
Provides access to the Internet and other value-added services such as email
Subscriber Service Provider
-
Broadband Aggregation Architectures Module 1
114 Version 1.0 Implementing Broadband Aggregation
Retail and Wholesale Services (continued)
Characteristics of a Wholesale Service
A service provider that operates a wholesale service provides the NAP functions. It provides the access connection to the subscriber and connects the subscriber to the NSP. The wholesaler has ISPs and corporations as its primary customers.
The following are key aspects of a wholesale provider:
Connects the subscriber to the NSP
Sells various infrastructure capabilities to the ISPs and corporations
ISPs and corporations still own subscribers
______________________________Note __________________________
Because of governmental regulation, wholesalers are not permitted to provide services that are limited to retailers. Through an unregulated portion of their business, some service providers provide a retail service in addition to wholesale service. _____________________________________________________________
-
Module 1 Retail and Wholesale Services
2003 Cisco Systems, Inc. Version 1.0 115
Retail and Wholesale Services (continued)
Characteristics of a Wholesale Service Carrier connects subscriber to service provider Offers a range of network architectures to achieve this Retailer still owns the customer but pays percentage of
monthly subscription to wholesaler for connectivity services
Wholesaler often has retail business
Subscriber Service Provider
Carrier
ILEC
-
Broadband Aggregation Architectures Module 1
116 Version 1.0 Implementing Broadband Aggregation
VC Service
Description
A virtual circuit (VC) service is one in which the subscriber permanent virtual circuit (PVC) is switched all the way to the ISP, NSP, or corporation. The ISP, NSP, or corporation is responsible for terminating the PVC, retrieving the IP data, and providing IP addressing to the subscriber. A VC service is commonplace with NAPs who are simply providing a wholesale service.
Advantages and Disadvantages of VC Service
The following are some of advantages and disadvantages of a VC service model:
NAPs do not manage IP addresses
The various encapsulation methods are transparent to VC service
End-to-end PVC provisioning takes time
Does not scale well
In some situations, lack of control over bandwidth offered to subscribers and ISP
-
Module 1 VC Service
2003 Cisco Systems, Inc. Version 1.0 117
VC Service
DSLAMs
(Local Exchanges)
BRAS
ISP1.com
Local Loops
Local Loops
Local Loops
Local Loops ISP2.com
ATM Core Network
ATM Access Network
ISP2.com
ISP1.com
Each subscriber is presented as a unique VC to the ISP
-
Broadband Aggregation Architectures Module 1
118 Version 1.0 Implementing Broadband Aggregation
ATM Bridging and Routing Methods
RFC 1483 describes two methods for transporting data over ATM networks: bridging and routing.
RFC 1483 Bridging
With RFC 1483 bridging, the CPE simply acts as a bridge between the subscriber PC and the aggregation device. The PC encapsulates Layer 3 data into 802.3 (Ethernet), which is then encapsulated into ATM cells. On the aggregation device, the Ethernet frames are terminated into a bridge group and forwarded using bridging or routing to the final destination.
Even though it is simple and easy to deploy, this method has security limitations, is no longer widely used with Cisco routers and will not be discussed in this course.
RFC 1483 with RBE
RFC 1483 with RBE is often referred to as Route Bridge Encapsulation (RBE) by Cisco. RBE builds upon some of the features and advantages of RFC 1483 bridging and overcomes the security limitations of bridging. From the PC and CPE perspective, there is no change in their configuration and operation. The key difference is that the subscriber traffic is terminated at the aggregator by using routing rather than by using bridging.
RFC 1483 Routing
RFC 1483 routing incorporates some of the same principles as RFC 1483 bridging with the key difference that the CPE is in a routing mode rather than bridging mode. As a router, it can support multiple networks on the subscriber side of the CPE and can exchange routing updates, making it ideal for business applications. RFC 1483 routing can also implement NAT or PAT and conserve IP addresses.
-
Module 1 ATM Bridging and Routing Methods
2003 Cisco Systems, Inc. Version 1.0 119
ATM Bridging and Routing Methods
RFC 1483 Bridging RFC 1483 Bridging with RBE RFC 1483 Routing
DSLAM
AggregationDevice
Core
Routed CPE
Bridged CPE
Bridged CPE
BridgeGroup
Routing
Bridging
RBE
Routing
ISP1.com
ISP2.com
-
Broadband Aggregation Architectures Module 1
120 Version 1.0 Implementing Broadband Aggregation
PPP Review
Description of PPP
Point-to-Point Protocol (PPP), defined in RFC 1661, is a standard method of encapsulating upper layer protocols, such as IP and IPX, across point-to-point links. It was originally intended for dial-up application, but it is also suitable for applications requiring authentication of subscribers in a broadband environment. In a dial-up environment, PPP offers several functions, but with broadband implementations, its principle function is to provide user authentication using Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP) and additionally support for multiple protocols.
PPP Fundamentals
The following are fundamental concepts of PPP that you should know. Beside the RFC, there are numerous publications that explain PPP in detail.
PPP is comprised of three main components and phases:
High-Level Datalink Control (HDLC) encapsulates multiprotocol datagrams.
Link Control Protocol (LCP) establishes, configures, and tests the data-link connection.
- If authentication using PAP or CHAP is implemented, it occurs before the NCP phase.
Network Control Protocols (NCPs) establish and configure different network-layer protocols.
- An example of NCP is IP Control Protocol (IPCP) which is used for transporting IP datagrams.
-
Module 1 PPP Review
2003 Cisco Systems, Inc. Version 1.0 121
PPP Review
PPP uses HDLC framingPPP packet types LCP Link Control Protocol
- Link establishment, termination, & maintenance- Authentication PAP or CHAP
NCP Network Control Protocol- Encapsulation of Layer 3 protocol- for example IPCP
point-to-point link
Layer 3
NCPLCP
HDLCPHY
Layer 3
NCPLCP
HDLCPHY
Layer 3
ATM,FR,etc.PHY
Layer 3
ATM,FR,Etc.PHY
ATM, FR, etc.
-
Broadband Aggregation Architectures Module 1
122 Version 1.0 Implementing Broadband Aggregation
PPP Review (continued)
PPP Link Operation
A PPP link is initialized using both LCP and NCP. The PPP link goes through five distinct phases.
Link Dead Phase
This phase determines the physical readiness of the link. Once the physical layer is initialized, the link goes into the Link Establishment phase.
Link Establishment Phase
During this phase, each end uses Configure Request packets to initialize LCP and negotiate datalink layer parameters. When a Configure Ack is received at both ends of the link, the link enters the open state and goes into the Authentication phase. The following options may be exchanged during this phase:
- Maximum Receive Unit
- Authentication Protocol
- Quality Protocol
- Magic Number
- Protocol Field Compression
- Address and Control Field Compression
Authentication Phase (optional)
During this phase, each end of the link authenticates each other using an agreed upon protocol such as PAP or CHAP. The link does not proceed to the Network Layer Protocol phase until authentication is successful. If authentication fails, then the link goes to the Link Termination phase.
Network Layer Protocol Phase
During this phase, each end exchanges Configure Request and Configure Ack packets to active any supported network layer protocols using the appropriate NCP. Once an NCP is opened, the PPP link transports data across the link.
Link Termination Phase
This phase terminate the PPP link, which may be caused by physical link failure, link quality failure, configuration rejection, or authentication failure. The network administrator can also disable the link for diagnostic purposes. LCP uses Terminate Request packets to terminate the link and notifies the appropriate NCPs that the link is terminating.
-
Module 1 PPP Review
2003 Cisco Systems, Inc. Version 1.0 123
PPP Link Operation
PPP Link Operation
Link Dead PhaseLink Establishment Phase
Authentication Phase
Network-Layer Protocol Phase
Data Exchange
Link Termination Phase
Configure Request
Configure Ack
IPCP Configure Request
IPCP Configure Ack
Data
Terminate Request
Terminate Ack
Configure AckConfigure Request
IPCP Configure AckIPCP Configure Request
Data
Terminate AckTerminate Request
Authentication Packets Authentication Packets
-
Broadband Aggregation Architectures Module 1
124 Version 1.0 Implementing Broadband Aggregation
PPP Broadband Access Methods
PPP Methods
In broadband applications, there are two general ways in which PPP is implemented.
PPP over ATM (PPPoA)
PPP over Ethernet (PPPoE)
You will o ften see the abbreviation to PPPoX, which collectively refers to all methods of PPP over ATM, Ethernet, and so on.
PPPoA
PPPoA works in an ATM environment. It relies on the presence of a VC between the CPE and the aggregation device. The PPP session is between CPE and the aggregator. The CPE is responsible for authenticating with the aggregator.
With PPPoA, the CPE can run NAT for multiple users behind the CPE and conserve IP addresses. However, since there is a single PPP session per VC, the users are limited to selecting a single service, that is, a single ISP.
PPPoE
PPPoE is similar PPPoA in that it establishes a PPP session with the aggregation device. PPPoE has the following key differences from PPPoA:
Each host behind the CPE establishes it own PPP session.
The CPE acts as a bridge.
PPPoE is not restricted for use over ATM
PPPoE is suitable for residential customers with multiple PCs behind the CPE that need the flexibility to access multiple services simultaneously. An important consideration, though, is that the PPPoE client software needs to be installed on the PC. There are multiple variations of PPPoE that we will learn about later:
PPPoEoA
PPPoEoE
PPPoEo802.1q
-
Module 1 PPP Broadband Access Methods
2003 Cisco Systems, Inc. Version 1.0 125
PPP Broadband Access Methods
PPPoA PPP session initiated by CPE PPPoE PPP sessions initiated by the client
DSLAM
AggregationDevice
Core
Bridged CPE
CPE
PPPoA
PPPoE
PPP Session
PPP Sessions
ISP1.com
ISP2.com
-
Broadband Aggregation Architectures Module 1
126 Version 1.0 Implementing Broadband Aggregation
PTA
PPP termination and aggregation (PTA) is the point at which PPPoX session are terminated, that is, the aggregation device. From this point, user data is extracted from the PPP frames and forwarded to its destination, such as an ISP or corporation.
With PTA, the service is selected based on structured domain name ([email protected]), and it supports one service at a time. The IP traffic is forwarded to a single routing domain.
PTA is generally used by providers for their own customer if regulations allow it.
-
Module 1 PTA
2003 Cisco Systems, Inc. Version 1.0 127
PTA
PPP termination and aggregation Terminate PPP sessions at the aggregation device Route IP data to the ISP or corporate site
DSLAM
AggregationDevice Internet
Bridged CPE
CPE
PPPoA
PPPoE
PPP Session
PPP Sessions
PTA IP Route
-
Broadband Aggregation Architectures Module 1
128 Version 1.0 Implementing Broadband Aggregation
L2TP
Description
Layer 2 Tunneling Protocol (LT2P) is an extension to PPP. It was introduced to allow use of PPP between different networks and multiple communication links.
L2TP extends the PPP session beyond the PTA that you saw in the previous illustration to a destination closer to the service that the user wants to access. L2TP accomplishes this by setting up a tunnel over multiple links and networks between an access concentrator and a network server. The PPP session that would have been terminated at the concentrator is then continued through the tunnel to the server.
L2TP is an important component of VPNs. Between the access concentrator and network server, the service provider does not look at the subscriber traffic beyond the Layer 2 information after the session is established.
Benefits of L2TP
The following are benefits of L2TP:
Supports multiple protocols
Allows use of unnumbered IP addresses
Centralization of login and authentication operations
Shares access to core network components
Overlapping CPE IP addresses
Components of L2TP
The following are some o f the major components of L2TP:
L2TP access concentrator (LAC) initiates the tunnel to the LNS. It forwards PPP traffic between the subscriber and the LNS.
L2TP network server (LNS) terminates the tunnel from the LAC. It terminates the PPP session and extracts user data for further forwarding.
L2TP Tunnel exits between the LAC and LNS. It encapsulates the PPP traffic with header information necessary to support the tunnel.
-
Module 1 L2TP
2003 Cisco Systems, Inc. Version 1.0 129
L2TP
Layer 2 Tunneling Protocol
Terminate PPP sessions at the ISP or corporate site
DSLAM
AggregationDevice
IPCore
Bridged CPE
CPE
PPPoA
PPPoE
PPP Session
PPP Session
ISP1.com
ISP2.com
LAC
Tunnel
LNS
LNS
-
Broadband Aggregation Architectures Module 1
130 Version 1.0 Implementing Broadband Aggregation
AAA
Authentication, authorization, and accounting (AAA) provides three functions, provided by an AAA server that maintains a database of users.
AAA Functions
Authentication identifies the users. The user login name and password are checked against the AAA database to determine whether a user is allowed to access the network.
Authorization determines what the users can do. The AAA database stores attributes that determine the users capabilities and restrictions.
Accounting tracks what the users have done. Accounting collects information in the database about user access, traffic statistics, and resource usage. This information can then be used for billing and network management.
AAA Methods
Three methods are generally used to provide AAA services. One or more of these may be used concurrently.
Local the router or access server consults its local database. Username/password pairs are configured in Cisco IOS software.
Remote Authorization Dial-In User Service (RADIUS) a client (router) and server (UNIX or NT) model. Each username and associated attributes are stored within the RADIUS database.
Terminal Access Control Access Control Server + (TACACS+) a server that separates authentication, authorization, and accounting functions. The router accesses the TACACS+ servers database where user information and capabilities are maintained.
AAA Usage
AAA plays an important role with PPP and L2TP in controlling user sessions and tunnels. AAA services are used at the PTA, LAC, and/or LNS and are commonly provided by means of RADIUS servers. These are some of the important functions that AAA provides:
Authenticates subscriber PPP sessions
Provides L2TP tunnel attributes to the LAC
Provide subscriber IP addresses
-
Module 1 AAA
2003 Cisco Systems, Inc. Version 1.0 131
AAA
Authentication, authorization, and accounting (AAA)- Who can access the network- What can they access- Usage tracking
Authentication methods- Local- RADIUS- TACACS+
AAAUser
RADIUS
TACACS+
LocalAAA
PPP L2TP
-
Broadband Aggregation Architectures Module 1
132 Version 1.0 Implementing Broadband Aggregation
Managed LNS
Description
Managed LNS is a term used to identify an implementation of session termination. It makes use of virtual routing and forwarding (VRF) at the LNS or PTA. The LNS/PTA aggregator terminates the L2TP tunnel or PPP sessions and places the sessions in the appropriate VRF. The sessions are then forwarded through a separate logical and physical interface to their respective upstream customer sites.
______________________________Note __________________________
An earlier Cisco implementation of this function was PTA Multi-Domain (PTA-MD). _____________________________________________________________
Benefits
Some of the benefits of using a managed LNS architecture include the following:
Subscribers communicate directly with customer AAA without needing a proxy AAA server.
Multiple VRFs separate customer traffic without the overhead of L2TP tunneling.
IP addresses are conserved by allowing use of overlapping IP address space.
-
Module 1 Managed LNS
2003 Cisco Systems, Inc. Version 1.0 133
Managed LNS
Deploy virtual router (LNS/PTA) for each upstream customer to improve service scale
Communicate directly with customer AAA without needing proxy Multiple VRFs separate customer traffic without overhead of L2TP tunneling
Customer B
Customer A
SPNetwork
AAA
AAA
LNS/PTA
VRFClients
DHCP
DHCP
AAA
VRFL2TP or PPP
-
Broadband Aggregation Architectures Module 1
134 Version 1.0 Implementing Broadband Aggregation
Remote Access into MPLS
Description
Remote Access into MPLS (RA-MPLS) is very similar to the previous architecture managed LNS. Like managed LNS, subscriber logical connections are placed into a VRF instance at the broadband remote access server (BRAS).
The distinction with RA-MPLS is that the VRFs are MPLS tag interfaces. Additionally, the BRAS router that terminates the VPN tunnels functions as a provider edge (PE) router.
RA-MPLS may start as the managed LNS model using multiple VRFs as a migration towards MPLS.
MPLS core networks are typically more flexible and scalable than pure IP networks, but they are more complex to initially deploy.
Benefits
RA-MPLS offer these same benefits as managed LNS:
Subscribers communicate directly with customer AAA without needing a proxy AAA server.
Multiple VRFs separate customer traffic without the overhead of L2TP tunneling.
IP addresses are conserved by allowing use of overlapping IP address space
Additional benefits of RA-MPLS include the following:
Supports RBE and RFC 1483 Routing besides PPPoX
Can be an alternative to L2TP
-
Module 1 Remote Access into MPLS
2003 Cisco Systems, Inc. Version 1.0 135
Remote Access into MPLS
PPPoX to MPLS VPN RBE to MPLS VPN L2TP to MPLS VPN 1483 Routed to MPLS VPN
NSP
CorporationPEPE
AAA
AAA
BRASBRASPEPE
PEPE
MPLS Network
Clients
AAADHCP
-
Broadband Aggregation Architectures Module 1
136 Version 1.0 Implementing Broadband Aggregation
SSG and SESM
SAM Overview
Subscriber Access and Management (SAM) allows subscribers to manage the services they wish to use. SAM consists of the following components:
Service Selection Gateway (SSG)
Subscriber Edge Service Manager (SESM)
AAA server
Lightweight Directory Access Protocol (LDAP) directory
SAM is independent of the type of subscriber access technology; that is, it works with DSL, dial, leased line, and wireless technologies. Additionally, users can use this service with their PC, WAP or PDA access device.
SSG
SSG is an Cisco IOS feature that is available on selected Cisco aggregation routers. The following are some of the key features and functions of SSG:
Imposes sophisticated access control on a per-subscriber basis to network resources
Enables subscribers to selectively access different services based on their Layer 2 or Layer 3 connectivity to the service providers
SESM
SESM is a Cisco software application that runs on Windows 2000/NT or Solaris and Linux platforms. SESM enables users to manage their service selection experience by allowing them to perform the following functions:
Personalized service lists
Service connect/d isconnect
Personal firewall provisioning
Service subscription
Self-care account management
Subaccount creation
SESM also has a service developer kit that enables third-party and application developers to build their own applications or to integrate directly to their existing operations infrastructure.
-
Module 1 SSG and SESM
2003 Cisco Systems, Inc. Version 1.0 137
SSG and SESM
AAA Directory
Dial
ADSL
GGSN/PDSN
Notebook
PDA
WAP
Leased Line
SESM
PC
Internet
CorporateVPN
Open Garden802.11b
ContentServicesGateway(CSG)
-
Broadband Aggregation Architectures Module 1
138 Version 1.0 Implementing Broadband Aggregation
SSG and SESM (continued)
Service Provider Benefits
In addition to the user benefits that SAM provides, service providers may wish to provide the service for the following reasons:
Access alone will not make money
Advertise and sell value-added services to their subscribers
Retain their subscribers with services that lock them in
-
Module 1 SSG and SESM
2003 Cisco Systems, Inc. Version 1.0 139
SSG and SESM (continued)
AAA Directory
Dial
ADSL
GGSN/PDSN
Notebook
PDA
WAP
Leased Line
SESM
PC
Internet
CorporateVPN
Open Garden802.11b
ContentServicesGateway(CSG)
-
Broadband Aggregation Architectures Module 1
140 Version 1.0 Implementing Broadband Aggregation
Summary
Broadband Aggregation Architectures
In this module, you learned the following:
Various broadband aggregation architectures
The technologies used by each architecture and how each architecture functions
Benefits of each architecture
-
Module 1 Review Questions
2003 Cisco Systems, Inc. Version 1.0 141
Review Questions
Broadband Aggregation Architectures
1. List the segments that make up a broadband subscriber network environment.
_________________________________________________________
2. A service provider that provides the access connection to the subscriber and connects the subscriber to the NSP is characteristic of a _________________________ service.
3. Which of the following is not characteristic of a VC service?
a. NAPs do not need to deal with IP address management.
b. The NAP determines the users encapsulation method.
c. End-to-end provisioning takes time.
d. It is a wholesale service that a NAP would provide.
e. It does not scale well.
4. Which of the following is a reason that RBE is preferred over strict RFC 1483 bridging?
a. With RBE, the CPE is in routing mode rather than in bridging mode.
b. The PC encapsulates Layer 3 data into Ethernet.
c. RBE is more secure and scalable than RFC1483 bridging.
d. RBE is more suitable for business applications.
5. Which of the following statements are true when comparing PPPoA to PPPoE? Choose three.
a. The CPE functions as a router with PPPoA and as a bridge with PPPoE.
b. The PPP session is initiated by the CPE with PPPoA and by the PC with PPPoE.
c. The CPE is able to run NAT for both methods and conserve IP addresses.
d. PPPoA functions only with ATM access methods and PPPoE functions only with Ethernet access methods.
e. When there are multiple users behind the CPE, PPPoE is more flexible than PPPoA for selection of multiple services.
-
Broadband Aggregation Architectures Module 1
142 Version 1.0 Implementing Broadband Aggregation
6. What is the preferred method for authenticating PPP sessions? ______________________________
7. When comparing L2TP to PTA, which of the following identify distinct advantages of L2TP over PTA? Choose two.
a. PPP sessions may be terminated at the NSP rather than the NAP.
b. L2TP supports multiple protocols.
c. L2TP shares access to core components.
d. The access provider only looks at the Layer 2 information.
8. What functionality on a Cisco router do managed LNS and RA-MPLS make use of? __________________________________________________
9. Which of the following distinguishes RA-MPLS from managed LNS?
a. RA-MPLS supports RBE.
b. RA-MPLS allows use of overlapping IP addresses.
c. RA-MPLS does not require L2TP.
d. RA-MPLS supports PPPoX.
10. What does SSG enable subscribers to do? ________________________________________________________________
-
2003 Cisco Systems, Inc. Version 1.0 21
Module 2 RBE and RFC 1483 Routing
Overview
Description
In this module, you will learn how Routed Bridge Encapsulation (RBE) and RFC 1483 routing work, along with their typical architectures and benefits. You will then perform hands-on exercises to configure, test, and verify RBE and RFC 1483 routing.
Objectives
After completing this module, you will be able to do the following:
Describe the typical architecture of RBE
Identify the protocol stack elements associated with RBE and describe how RBE works
Configure RBE on Cisco routers
Identify the advantages and disadvantages of RBE
Describe the typical architecture of RFC 1483 routing
Identify the protocol stack elements associated with RFC 1483 routing and describe how RFC 1483 routing works
Configure RFC 1483 routing on Cisco routers
Identify the advantages and disadvantages of RFC 1483 routing
-
RBE and RFC 1483 Routing Module 2
22 Version 1.0 Implementing Broadband Aggregation
Typical RBE Architecture
Foundation
Routed Bridge Encapsulation (RBE) is based on RFC 1483 bridging architecture. RBE is designed to overcome some of the limitations of RFC 1483 bridging, including broadcast storms, scalability, and security. It makes use of the routed bridge function in the aggregation router.
Key Functional Components
The following are key functional components of RBE.
Bridged CPE
With RBE, the CPE functions as a bridge using RFC 1483 bridging. From the perspective of a PC and customer premises equipment (CPE), there is no functional difference between pure RFC 1483 bridging and RBE. The 802.3 encapsulated protocol data units (PDU) are sent to the CPE, which then encapsulates them into ATM cells and forwards them over a virtual connection (VC) to the aggregation device.
Aggregator
At the aggregation device we see the key difference between pure RFC 1483 bridging and RBE. With RFC 1483 bridging, the aggregator receives the Ethernet PDU into a bridge group and determines whether to bridge or route based upon the contents of the Layer 2 and Layer 3 headers. With RBE, the aggregator receives the Ethernet PDU into an ATM routed bridge and makes a forwarding decision based upon the Layer 3 information.
______________________________Note __________________________
When you configure the aggregator for RBE, part of the Cisco IOS configuration process is to include the ATM routed bridge for IP traffic on the ATM subinterfaces. _____________________________________________________________
-
Module 2 Typical RBE Architecture
2003 Cisco Systems, Inc. Version 1.0 23
Typical RBE Architecture
DSLAMAggregation
Device
Core
Bridged CPE
Bridged CPE
RFC 1483 bridged PDUs802.3 Routed
Bridge
-
RBE and RFC 1483 Routing Module 2
24 Version 1.0 Implementing Broadband Aggregation
RFC 1483 Bridging Protocol Stack
The illustration shows the protocol layers used to transport upper layer data through the network. Although RFC 1483 is not restricted to 802.3 and IP for transporting Layer 2 and Layer 3 protocol data units (PDUs), they are used to explain its operation.
802.3
The IP datagram is encapsulated in the 802.3 frame, also know as the bridge protocol data unit (BPDU), by the PC and the aggregation router.
CPE Encapsulation
The illustration shows the combination protocol stack used by the PC and the xDSL Termination Unitremote (xTU-R). The PC takes the upper layer protocol data, encapsulates it in the 802.3 header, and forwards it to the xTU-R. The xTU-R provides the ATM related services and layers to exchange ATM cells with the aggregation device, including RFC 1483, ATM adaptation layer 5 (AAL5), ATM, and physical layer functions.
-
Module 2 RFC 1483 Bridging Protocol Stack
2003 Cisco Systems, Inc. Version 1.0 25
RFC 1483 Bridging Protocol Stack
AggregatorCustomerPremises
AggregatorDSLAM
PC/xTU-R
DSLAM NSP/CorporateNetwork
RouterL3core
IP
802.31483AAL5ATMPHY
IP
ATM,FR,Etc.PHY
IP
ATM,FR,Etc.PHY
IP
802.31483AAL5ATMPHY
ATMPHY
ATMPHY
RFC 1483 over ATM
PVC
IP
-
RBE and RFC 1483 Routing Module 2
26 Version 1.0 Implementing Broadband Aggregation
RFC 1483 Bridging Protocol Stack (continued)
RFC 1483
The RFC 1483 standard describes two encapsulation methods for multiplexing and transporting datalink and network layer protocols over AAL5 over ATM:
Multiple protocols multiplexed over a single ATM virtual connection
Each protocol is carried over a separate ATM virtual connection
For the first method, additional headers are included to identify the PDU. A common implementation is to include the 3-byte logical link control (LLC) and 5-byte Subnetwork Access Protocol (SNAP) header to identify the bridged or routed PDU that follows.
With virtual connection (VC) multiplexing, each unique bridged or routed protocol is carried over a unique VC.
______________________________Note __________________________
It is important that you understand the two multiplexing methods. You must choose one of the two when you configure the VC. The method you choose must match at both ends of the VC. The VC is in this illustration is the PVC. _____________________________________________________________
AAL5
ATM Adaptation Layer 5 (AAL5) is a common means of encapsulating connectionless PDUs. An 8-byte trailer is added to the PDU.
ATM and PHY
The AAL5-encapsulated PDU is segmented into 48-byte payloads that make up the 53-byte ATM cells. The physical layer then transports the cells.
-
Module 2 RFC 1483 Bridging Protocol Stack
2003 Cisco Systems, Inc. Version 1.0 27
RFC 1483 Bridging Protocol Stack (continued)
AggregatorCustomerPremises
AggregatorDSLAM
PC/xTU-R
DSLAM NSP/CorporateNetwork
RouterL3core
IP
802.31483AAL5ATMPHY
IP
ATM,FR,Etc.PHY
IP
ATM,FR,Etc.PHY
IP
802.31483AAL5ATMPHY
ATMPHY
ATMPHY
RFC 1483 over ATM
PVC
IP
-
RBE and RFC 1483 Routing Module 2
28 Version 1.0 Implementing Broadband Aggregation
How Does RBE Work?
The following steps describe how RBE operates using IP as the Layer 3 protocol.
CPE and Aggregator
Between the CPE and the aggregation router, the following operations occur:
The CPE encapsulates the BPDUs using RFC 1483, AAL5, and ATM protocols.
The ATM cells are switched through the ATM network to the aggregation router.
At the aggregation router, the cells are reassembled.
The reassembled BPDUs are received at the ATM interface, which operates as a routed bridge interface when RBE is enabled.
Incoming Frames
For frames originating from the subscriber end, the following events happen at the aggregation device.
The aggregation router ignores the bridge header and examines the IP datagram header to make a forwarding decision.
The packet is forwarded based upon the destination IP address.
-
Module 2 How Does RBE Work?
2003 Cisco Systems, Inc. Version 1.0 29
How Does RBE Work?
CPE is standard bridge Subscriber traffic is carried in BPDU The routed bridge interface is treated as routed
interface
For packets originating from the subscriber end- Ethernet header is skipped- Packet forwarded based on Layer 3 information
DSLAM AggregationDevice
CoreBridged CPE
-
RBE and RFC 1483 Routing Module 2
210 Version 1.0 Implementing Broadband Aggregation
How Does RBE Work? (continued)
Outgoing Frames
For frames destined for the subscriber end, the following happens at the aggregation device.
The router checks the destination IP address in the packet
The outbound interface is determined from the IP routing table
The Address Resolution Protocol (ARP) table is checked for the destination MAC address. If none is found, then an ARP request is sent out only on the destination interface, not all interfaces as with bridging.
If the datagram is multicast traffic, then it is forwarded only on the interfaces where Internet Group Management Protocol (IGMP) joins were received.
-
Module 2 How Does RBE Work?
2003 Cisco Systems, Inc. Version 1.0 211
How Does RBE Work? (continued)
For packets destined to the subscriber end- Destination IP address is checked on the packet- Outbound interface is determined from routing table- ARP table is checked for the destination MAC address, if
none found then ARP request sent out only on destination interface
- Multicast traffic is forwarded only on interfaces where IGMP joins were received
DSLAM AggregationDevice
CoreBridged CPE
-
RBE and RFC 1483 Routing Module 2
212 Version 1.0 Implementing Broadband Aggregation
RBE Configuration
Configuration Methods
The configuration of the Cisco aggregation router is based on the drawing that follows. There are four general ways that RBE can be configured on the aggregation router.
Numbered subinterfaces Unique addresses are assigned to each ATM subinterface, and static addresses are assigned on subscriber hosts.
Numbered subinterfaces with DHCP Unique addresses are assigned to each ATM subinterface, and DHCP-assigned addresses for subscriber hosts.
Unnumbered subinterfaces An unnumbered loopback address is assigned to each ATM subinterface with static routes to each subscriber, and static addresses are assigned on subscriber hosts.
Unnumbered subinterface with DHCP An unnumbered loopback address is assigned to each ATM subinterface with DHCP-assigned addresses for subscriber hosts.
Of these methods, the first two are the least preferred because they require individual subnets on each ATM subinterface and waste IP address space. The example configurations that follow show the last two methods.
-
Module 2 RBE Configuration
2003 Cisco Systems, Inc. Version 1.0 213
RBE Configuration
IP=192.168.1.2GW= 192.168.1.1
IP=192.168.1.1
IP=192.168.1.4GW= 192.168.1.1
DSLAM AggregationDevice
Core
Bridged CPE
Bridged CPE
IP=192.168.1.3GW= 192.168.1.1
Four methods:Numbered subinterfacesNumbered subinterfaces with DHCPUnnumbered subinterfacesUnnumbered subinterfaces with DHCP
-
RBE and RFC 1483 Routing Module 2
214 Version 1.0 Implementing Broadband Aggregation
RBE Configuration (continued)
RBE Configuration Unnumbered Interfaces with Static Addressing
Complete the following steps on the Cisco aggregat ion router to support RBE using unnumbered interfaces. DHCP is not used with this method; instead host addresses must be assigned to each subscriber host.
1. Create a loopback interface with an IP address from the range of addresses assigned to the subscribers.
2. For each subscriber, create a point-to-point ATM subinterface.
3. On the subinterface, assign an IP unnumbered association to the loopback interface.
4. On the subinterface, add an ATM route-bridged for IP.
5. On the subinterface, add a PVC.
6. On the PVC, indicate the AAL5 encapsulation type: SNAP or VC mux.
7. Create static routes to the subscriber IP addresses.
-
Module 2 RBE Configuration
2003 Cisco Systems, Inc. Version 1.0 215
RBE Configuration Unnumbered Interfaces with Static Addressing
interface Loopback0ip address 192.168.1.1 255.255.255.0no ip directed-broadcast
!interface ATM0/0/0.132 point-to-pointip unnumbered Loopback0no ip directed-broadcastatm route-bridged ippvc 1/32 encapsulation aal5snap
!interface ATM0/0/0.133 point-to-pointip unnumbered Loopback0no ip directed-broadcastatm route-bridged ippvc 1/33encapsulation aal5snap
!interface ATM0/0/0.134 point-to-pointip unnumbered Loopback0no ip directed-broadcastatm route-bridged ippvc 1/34encapsulation aal5snap
ip route 172.168.1.2 255.255.255.255 ATM0/0/0.132ip route 172.168.1.3 255.255.255.255 ATM0/0/0.133ip route 172.168.1.4 255.255.255.255 ATM0/0/0.134
1
23
456
7
-
RBE and RFC 1483 Routing Module 2
216 Version 1.0 Implementing Broadband Aggregation
RBE Configuration (continued)
RBE Configuration Unnumbered Interfaces with DHCP
Complete the following general steps on the Cisco aggregation router to support RBE using unnumbered interfaces with DCHP support. Subscriber hosts are assigned addresses from the DHCP pool in Cisco IOS or from an external DHCP server. Configuration steps for using either Cisco IOS DHCP or an external DHCP server are shown in the example.
______________________________Note __________________________
This method avoids the need to create static routes for subscriber hosts. _____________________________________________________________
1. Create a loopback interface with an IP address in the range of addresses assigned to the subscribers.
______________________________Note __________________________
Perform steps 2 and 3 when Cisco IOS DHCP server is used. _____________________________________________________________
2. Identify the IP address of the loopback interface within the DHCP pool that should be excluded from assignment to clients.
3. Create a DHCP pool including the network range of addresses and default router IP address.
4. Create a point-to-point ATM subinterface.
5. On the subinterface, assign an IP unnumbered association to the loopback interface.
6. On the subinterface, add an ATM route-bridged for IP.
7. On the subinterface, add a PVC.
8. On the PVC, indicate the AAL5 encapsulation type; SNAP or VC mux.
______________________________Note __________________________
Perform step 9 when an external DHCP server is used. _____________________________________________________________
9. On the subinterface, use the ip helper-address command to point to an external DHCP server.
It is possible to use multiple loopback interfaces. The IP address associated with the loopback interface identifies the subnet addresses used for DHCP address assignment.
-
Module 2 RBE Configuration
2003 Cisco Systems, Inc. Version 1.0 217
RBE Configuration Unnumbered Interfaces with DHCP
ip dhcp excluded-address 192.168.1.1!ip dhcp pool RBE
network 192.168.1.0 255.255.255.0default-router 192.168.1.1
!interface Loopback1ip address 192.168.1.1 255.255.255.0
!interface ATM2/0/0.132 point-to-pointip unnumbered Loopback1atm route-bridged ippvc 1/32encapsulation aal5snap
ip helper-address 52.20.10.100!interface ATM2/0/0.133 point-to-pointip unnumbered Loopback1atm route-bridged ippvc 1/33encapsulation aal5snap
ip helper-address 52.20.10.100!interface ATM2/0/0.134 point-to-pointip unnumbered Loopback1atm route-bridged ippvc 1/34encapsulation aal5snap
ip helper-address 52.20.10.100
2
3
45678
1
9
Mutually exclusive
-
RBE and RFC 1483 Routing Module 2
218 Version 1.0 Implementing Broadband Aggregation
RBE Advantages and Disadvantages
Advantages
RBE was developed to address some of the issues faced by the RFC 1483 bridging architecture. RBE retains the major advantages of RFC 1483 bridging architecture, while eliminating most of its drawbacks.
Is requires minimal configuration at the CPE, which is important for service providers.
It is easy to migrate from pure bridging architecture to RBE, as there is no change at the subscriber end.
RBE overcomes security problems with pure bridging by avoiding IP hijacking and ARP spoofing.
RBE prevents broadcast storms by using point-to-point connections.
Compared to pure bridging, RBE provides superior performance because of routing implementation at the aggregation device. RBE is more scalable because it does not have bridge group limitations.
-
Module 2 RBE Advantages and Disadvantages
2003 Cisco Systems, Inc. Version 1.0 219
RBE Advantages and Disadvantages
Advantages
Minimal configuration of CPE
Compared to RFC 1483 with IRB, RBE separates shared bridging domain into individual routed interfaces which give
- Control of broadcast domains No broadcast attacks- Increased security No spoofing of IP addresses via ARP
RBE is CEF switched and provides bet