1 © 2006 cisco systems, inc. all rights reserved. njedge.net drg/vrg video qos next generation...

1© 2006 Cisco Systems, Inc. All rights reserved.

NJEDge.NetDRG/VRG Video QoS

NEXT GENERATION NETWORK

Walter King [email protected] Account System Engineer

mailto:[email protected]


Agenda

• QoS Technologies Review

• NJEDGE Model


QoS Technologies Review

• QoS overview

• Classification Tools

• Scheduling Tools

• Policing and Shaping Tools

• CAC - Call Admission control


Different Types of Traffic Have Different Needs

Application Examples

Sensitivity

Delay JitterPacket Loss

Interactive Voice and

VideoY Y Y

Streaming Video

N Y Y

Transactional/ Interactive

Y N N

Bulk Data Email File Transfer

N N N

• Real-time applications especially sensitive

Interactive voice

Videoconferencing

• Causes of degraded performance

Congestion

Convergence

Peak traffic load

Link speed & capacity differences

Set application service level objectives


Video QoS RequirementsProvisioning for Interactive Video

• Latency ≤ 150 ms

• Jitter ≤ 30 ms

• Loss ≤ 1%

• Minimum priority bandwidth guarantee required is

Video-stream + 10–20%

e.g., a 384 kbps stream could require up to 460 kbps of priority bandwidth

• CAC must be enabled

VideoOne-Way

Requirements

• Bursty

• Drop sensitive

• Delay sensitive

• UDP priority


“P” and “B” Frames128–256 Bytes

“I” Frame1024–1518

Bytes

“I” Frame1024–1518

Bytes

15pps

30pps

450Kbps

32Kbps

Video QoS RequirementsVideo Conferencing Traffic Example (384 kbps)

• “I” frame is a full sample of the video

• “P” and “B” frames use quantization via motion vectors and prediction algorithms


Video QoS RequirementsVideo Conferencing Traffic Packet Size Breakdown

65–128 Bytes 1%

129–256 Bytes 34%513–1024 Bytes

20%

1025–1500 Bytes 37%

257–512 Bytes 8%


Remote Sites1000M

CentralSite

METRO-E Frame Relay, ATM

10M

20M

30M

50M

100M

Result:Buffering = Delay or Dropped Packets

Problems in non-CoS Network Scenario

Central to Remote Site Speed Mismatch

Remote to Central Site Over-subscription

Predictable (contractual) sharing of bandwidth


Quality of Service OperationsHow Do QoS Tools Work?

Classification and Marking

Queuing and (Selective) Dropping

Post-Queuing Operations



• QoS overview






Classification ToolsEthernet 802.1Q Class of Service

• 802.1p user priority field also called Class of Service (CoS)

• Different types of traffic are assigned different CoS values

• CoS 6 and 7 are reserved for network use

TAG4 Bytes

Three Bits Used for CoS(802.1p User Priority)

Data FCSPTSADASFDPream. Type

802.1Q/pHeader

PRI VLAN IDCFI

Ethernet Frame

1

2

3

4

5

6

7

0 Best Effort Data

Bulk Data

Critical Data

Call Signaling

Video

Voice

Routing

Reserved

CoS Application


Classification ToolsIP Precedence and DiffServ Code Points

• IPv4: three most significant bits of ToS byte are called IP Precedence (IPP)—other bits unused

• DiffServ: six most significant bits of ToS byte are called DiffServ Code Point (DSCP)—remaining two bits used for flow control

• DSCP is backward-compatible with IP precedence

7 6 5 4 3 2 1 0

ID Offset TTL Proto FCS IP SA IP DA DataLenVersion Length

ToSByte

DiffServ Code Point (DSCP) IP ECN

IPv4 Packet

IP Precedence UnusedStandard IPv4

DiffServ Extensions


Payload

Label Header

Label Header

Label Stack Layer-2 Header

Classification ToolsMPLS EXP Bits

• Packet class and drop precedence inferred from EXP (three-bit) field

• RFC3270 does not recommend specific EXP values for DiffServ PHB (EF/AF/DF)

• Used for frame-based MPLS

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Label EXP S TTL

MPLS Shim Header

EXP

Frame Encapsulation

3 2 1 0

MPLS EXP S


Classification ToolsDSCP Per-Hop Behaviors

• IETF RFCs have defined special keywords, called Per-Hop Behaviors, for specific DSCP markings

• EF: Expedited Forwarding (RFC3246)(DSCP 46)

• CSx: Class Selector (RFC2474)Where x corresponds to the IP Precedence value (1–7)

(DSCP 8, 16, 24, 32, 40, 48, 56)

• AFxy: Assured Forwarding (RFC2597)Where x corresponds to the IP Precedence value (only 1–4 are used for AF Classes)

And y corresponds to the Drop Preference value (either 1 or 2 or 3)

With the higher values denoting higher likelihood of dropping

(DSCP 10/12/14, 18/20/22, 26/28/30, 34/36/38)

• BE: Best Effort or Default Marking Value (RFC2474)(DSCP 0)


Classification ToolsNetwork-Based Application Recognition

• Identifies over 90 applications and protocols TCP and UDP port numbers

Statically assigned

Dynamically assigned during connection establishment

• Non-TCP and non-UDP IP protocols

• Data packet inspection for matching values

ToS SourceIP Addr

DestIP Addr

SrcPort Sub-Port/Deep Inspection

DstPort

Protocol

TCP/UDP Packet Data AreaIP Packet

Stateful and Dynamic Inspection


• 4-GB Ethernet interfaces• System bypass mechanism• Deep Packet Inspection for up to 2 million

concurrent unidirectional application flows• Up to 4Gbps throughput• Up to 80,000 concurrent subscribers• Support for redundant topologies• FRU AC or DC power supplies/fans• Redundant management interfaces

SCE 2000 Series

• 2-GB Ethernet interfaces• System bypass mechanism• Deep Packet Inspection for up to 2 million

concurrent unidirectional application flows• Up to 2Gbps throughput• Up to 40,000 concurrent subscribers• FRU AC or DC power supplies/fans• Redundant management interfaces

SCE 1000 Series

Cisco Service Control EngineTraffic Shaper (All QoS Tools)

State of the Art Performance and Carrier-grade Reliabilty


Traffic Reports

Bi-Directional Bandwidth per Video Service

Global Concurrent Session per VoIP/Video Service

Global HourlyCall Minutes per VoIP/Video Service

Hourly SIP/H323Top Talkers

Top SIPDomains by Volume

UnderstandUsage Trends of VoIP

Service and Other Offerings

Voice Experience Reports(Part of 3.0.X)


Top SIPDomains by Volume

Voice Experience Reports(Part of 3.0.X)

Voice Reports—Example

Bi-Directional Bandwidth per VoIP Service

Global Concurrent Session per VoIP Service

Global HourlyCall Minutes per VoIP Service

Hourly SIPTop Talkers

Example—Call Minutes Usage

My Broadband Customers Are Using Skype for 500min of Call Time per Hour…



• QoS overview






Scheduling ToolsQueuing Algorithms

• Congestion can occur at any point in the network where there are speed mismatches

• Routers use Cisco IOS-based software queuing

Low-Latency Queuing (LLQ) used for highest-priority traffic (voice/video)

Class-Based Weighted-Fair Queuing (CBWFQ) used for guaranteeing bandwidth to data applications

• Cisco Catalyst switches use hardware queuing

Voice

Video

Data 33

2 2

1 1


Time

Bandwidth Utilization100%

Tail Drop

Three Traffic Flows Start at Different Times

Another Traffic FlowStarts at This Point

TCP Global Synchronization: The Need for Congestion Avoidance

• All TCP flows synchronize in waves

• Synchronization wastes available bandwidth


312302021201

TAIL DROP

3

3

3

WRED

01

0

1

0

3

Queue

Scheduling ToolsCongestion Avoidance Algorithms

• Queueing algorithms manage the front of the queue Which packets get transmitted first

• Congestion avoidance algorithms manage the tail ofthe queue

Which packets get dropped first when queuing buffers fill

• Weighted Random Early Detection (WRED)WRED can operate in a DiffServ-compliant mode

Drops packets according to their DSCP markings

WRED works best with TCP-based applications, like data


Scheduling ToolsDSCP-Based WRED Operation

AverageQueueSize

100%

0

DropProbability

BeginDropping

AF13

Drop AllAF11

Max QueueLength

(Tail Drop)

Drop AllAF12

Drop AllAF13

BeginDropping

AF12

BeginDropping

AF11

50%

AF = (RFC 2597) Assured Forwarding


Congestion Avoidance

• IP header Type of Service (ToS) byte

• Explicit Congestion Notification (ECN) bits

ECT Bit:ECN-Capable Transport

CE Bit:Congestion Experienced

7 6 5 4 3 2 1 0

ID Offset TTL Proto FCS IP SA IP DA DataLenVersionLength

ToSByte

DiffServ Code Point (DSCP) CE

IPv4 Packet

ECT

RFC3168: IP Explicit Congestion Notification



• QoS overview






Policing ToolsRFC 2697 Single Rate Three Color Policer

Action Action

Overflow

B<Tc B<Te

Conform Exceed Violate

CBS EBS

CIR

Yes Yes

No No

Action

Packet ofSize B


Policing ToolsRFC 2698 Two Rate Three Color Policer

ActionAction

B>Tp B>Tc

ExceedViolate

PBS CBS

PIR

Yes Yes

No No

Conform

Action

Packet ofSize B

CIR


Traffic Shaping

• Policers typically drop traffic

• Shapers typically delay excess traffic, smoothing bursts and preventing unnecessary drops

• Very common on Non-Broadcast Multiple-Access (NBMA) network topologies such as Frame Relay and ATM

With Traffic Shaping

Without Traffic ShapingLineRate

ShapedRate

Traffic Shaping Limits the Transmit Rate to a Value Lower Than Line Rate



• QoS overview




• CAC - Call Admission Control


Introduction Why Is Call Admission Control (CAC) Needed?

PSTN

Circuit-Switched Networks

Packet-Switched Networks

PBX

PhysicalTrunks

STOP

IP WANLink

IP WAN Link’s LLQ Is Provisioned for Two Calls (Equivalent to Two “Virtual” Trunks)

Third CallRejected

No Physical Limitation on IP Links; Third Call Can Go Through, but Voice Quality of All Calls Degrades Call Admission Control Blocks Third Call

IP WAN

Router/Gateway

CallManager


Gatekeeper Zones Basics

• Cisco IOS feature, based on H.323 RAS protocol

• Can be used between Cisco CallManager clusters, H.323 gateways and H.323 endpoints

• Provides CAC using concept of zones and associated bandwidth counters

• Static configuration approach limits supported topologies (mainly hub-and-spoke)

gatekeeper zone local A abc.com 10.10.10.10 zone local B abc.com zone remote C abc.com 10.10.20.20 zone remote D abc.com bandwidth interzone zone A 384 bandwidth interzone zone B 256 bandwidth remote 512

GK


GK 1’s Local Zones

GK 1


GK 2

Zone BZone A Zone DZone C

.

Gatekeeper ZonesZone Concept

Zones

A Logical Representation of a Physical Location

GatekeeperA Physical Device

GatekeeperA Physical Device

GKGK


Zone BZone A

Zone DZone C

Gatekeeper ZonesBandwidth Configuration


GK 1


GK 2GK GK

Bandwidth Remote“bandwidth bandwidth remoteremote max-bwmax-bw”The Total Bandwidth Allowed in/out of the Physical GK

“bandwidth bandwidth interzoneinterzone zone zone xyz xyz max-bw max-bw” This Is the Total Bandwidth Allowed in/out of the Zone

“bandwidthbandwidth totaltotal zonezone xyz max-bwxyz max-bw”The Total Bandwidth Allowed Within a Zone as Well as in/out of the Zone

“bandwidth bandwidth sessionsession zone zone xyz max-bwxyz max-bw “This Is the Maximum Bandwidth Allowed per Session


GK2Remote = 48K In Use = 0

Zone CInterZone = 32K In Use = 0Total = 32K In Use = 0

Zone DInterZone = 32K In Use = 0Total = 32K In Use = 0

Session = 16K

GK1Remote = 32K In Use = 0

Zone AInterZone = 32K In Use = 0Total = 48K In Use = 0

Zone BInterZone = 48K In Use = 0Total = 48K In Use = 0

Session = 16K

161632

1616

Gatekeeper ZonesBandwidth Calculations

Zone BZone A

Zone DZone C

GK 1’s Local Zones GK 2’s Local Zones

Blue Text Represents Configured Bandwidth

Assume Requested Bandwidth for Each Call Equals 16K

GK 1 GK 2GK GK

16

3248

16

00

1616

32

3248

3232

32

1616X


Gatekeeper ZonesBandwidth Provisioning

Gatekeeper L3 Bandwidth L2 Bandwidth(Frame Relay)

G.711 Audio

128 Kbps(64K x 2)

80 Kbps(64K + Header)

81.6 Kbps(80K + L2 Hdr)

G.729 Audio

16 Kbps(8K x 2)

24 Kbps(8K + Header)

25.6 Kbps(24K + L2 Hdr)

384K Video

768 Kbps(384K x 2)

420 Kbps(384K + est. L2/L3 Headers)

Provision LLQ PQwith These Values

For More Details, Refer to the QoS SRND and IP Telephony SRND at: www.cisco.com/go/srnd

http://www.cisco.com/go/srnd


Agenda

• QoS Technologies Review

• NJEDGE Model

FANSTATUS

1

2

3

4

5

6

7

8

9

Power Supply 1 Power Supply 2

Catalyst 6500 SERIES

FLEXWAN MODULE

WS-X6182-2PA

STATUSSPA-2XOC3-ATM SPA-2XOC3-ATM

WS-X6704-10GE

4 PORT 10 GIGABIT ETHERNET

PORT1

TX RX

PORT2

TX RX

PORT3

TX RX

PORT4

TX RX

FIREWALL SERVICES MODULE

DO NOT REMOVE CARD WHILESTATUS LED IS GREEN OR

DISK CORRUPTION MAY OCCUR

WS-SVC-FWM-1

SHUTDOWN

-48 V TO -60 V80 A

Cisco Systems, Inc.Switch must be in off "O" position to Install/Remove power supply.Fastener must be fully enaged prior to operating power supply.

INPUTOK

FANOK

OUTPUTFAIL

WS-SUP720-3BXL

SUPERVISOR 720 WITH INTEGRATED SWITCH FABRIC/PFC3BXL

EJECT

DISK 0

EJECT

DISK 1

CONSOLE PORT 2

PORT 1

WS-X6724-SFP24 PORT GIGABIT ETHERNET SFP

STATUS

1 2 3 4 21 22 23 2417 18 19 2013 14 15 169 10 11 125 6 7 8

FLEXWAN MODULE

WS-X6182-2PA

STATUS

SPA-2XOC3-ATM

-48 V TO -60 V80 A


INPUTOK

FANOK

OUTPUTFAIL

SPA-2XOC3-ATM




WS-SVC-FWM-1

SHUTDOWN

WS-SUP720-3BXL


EJECT

DISK 0

EJECT

DISK 1

CONSOLE PORT 2

PORT 1

FANSTATUS

1

2

3

4

5

6

7

8

9

Power Supply 1 Power Supply 2

Catalyst 6500 SERIES

FLEXWAN MODULE

WS-X6182-2PA

STATUSSPA-2XOC3-ATM SPA-2XOC3-ATM

WS-X6704-10GE

4 PORT 10 GIGABIT ETHERNET

PORT1

TX RX

PORT2

TX RX

PORT3

TX RX

PORT4

TX RX




WS-SVC-FWM-1

SHUTDOWN

-48 V TO -60 V80 A


INPUTOK

FANOK

OUTPUTFAIL

WS-SUP720-3BXL


EJECT

DISK 0

EJECT

DISK 1

CONSOLE PORT 2

PORT 1


STATUS

1 2 3 4 21 22 23 2417 18 19 2013 14 15 169 10 11 125 6 7 8

WS-SUP720-3BXL


EJECT

DISK 0

EJECT

DISK 1

CONSOLE PORT 2

PORT 1


STATUS

1 2 3 4 21 22 23 2417 18 19 2013 14 15 169 10 11 125 6 7 8

FLEXWAN MODULE

WS-X6182-2PA

STATUS

SPA-2XOC3-ATM

-48 V TO -60 V80 A


INPUTOK

FANOK

OUTPUTFAIL

SPA-2XOC3-ATM




WS-SVC-FWM-1

SHUTDOWN

I2 10,000 Routes NJEDGEI1 Routes NJEDGE-DC Routes

Block Internet Block DC to I1

Halsey 6500- Router Halsey 6500-2 RouterInternet2 (I2) MBGP

Magpi Router

Internet (I1) Verizon Router

SES link #1

EBGP/MBGPEBGP/MBGP

EBGP/MBGP

Institution Template1

IBG

P

Layer2 VLAN

NJEDGE AS21976

NJ EDGE QoS INTERCONNECTFull MPLS GRT DESIGN 2 Dual Rate Policer and

Traffic Shaping from Core to SES

MAGPI AS10466

MCI AS107

NJIT AS4246

NJEDGE AS21976

10G EtherchannelMPLS LDP Path

I2 10,000 Routes I1 240,000 NJEDGEI1 I1 Default NJEDGEI1 ** NJEDGE-CORE ** NJEDGE-DC NJEDGE-SEG Block I2 <-> I1

Policer CIR Policer PIR

Policer CIR

EVC Shaper CIR

EVC Shaper CIR

Egress MAP DSCP to COSEgress CBWFQ/Queueing and WRR

Ingress CLASSIFY and MARKIngress Map IPPrec to DSCP

SIP MODULE Gig Port….Egress MAP DSCP to COSEgress Queueing and WRRIngress Remap CHK DSCP

Ingress Classify IP DSTIngress MAP to DSCP Ingress No TrustIngress Dual Rate P Per InstitutionIngress Dual Rate Mark PIR Discard Elig.Egress Single Rate P Per InstitutionEgress Police per IP SRC

NO QOS ToolsExcept Trust

1G EtherchannelMPLS LDP Path

Policer CIR

Policer CIR

Ingress Classify IP L4Ingress MAP IP DST to DSCP Ingress No TrustIngress Single Rate P Agg SEGPEgress Single Rate P Agg SEGP

NO QOS ToolsExcept Trust

SES link #2

QoS Same as Link #1Institution Template2

QoS Same as Link #1

INST.. AS65XXX 1G Ethernet Trunk


SES EVC VLAN

Internet

Purchased Rate Policed Rate

Inherited SubRates Based on Usage

Traffic Classes

Internet2

NJEDge Video

Extranet Other

SES EVC VLAN

InternetPurchased Class

Best EffortPoliced Rate

Purchased Rate Policed Rate

Inherited SubRates Based on Usage

Traffic Classes

Internet2

NJEDge Video

Purchased Class Priority DataPoliced Rate

Extranet Other

Class Marking 2

Class Marking 0

EVC FullPoliced Rate

EVC FullPoliced Rate

Purchased Class Best Effort

Policed Rate

Purchased Class Priority DataPoliced Rate

Class Marking 0

Class Marking 2

SES EVC RATES and CLASSES TODAY

RATE GROUPI NG:

1 Mbit2 Mbit3 Mbit

.

.10 Mbit20 Mbit30 Mbit

.

.

.100 Mbit200 Mbit300 Mbit

.1000 Mbit

CLASSES:· Real Time · Priority Data· Best Eff ort


Classifying Traffic from Internal Network

ip access-list extended njedge-allother-traffic permit ip any anyip access-list extended mc-control-acl permit ip any 224.0.0.0 15.255.255.255ip access-list extended njedge-VoIP permit udp any any range 16384 32768ip access-list extended njedge-h323-VC permit tcp any any eq 1720 permit udp any any eq 1719 permit tcp any any eq 1719 permit udp any any eq 1718 permit ip host 155.246.1.10 any permit tcp any any eq 1718

class-map match-any in-EF match ip dscp ef match ip precedence 5 match access-group name njedge-VoIPclass-map match-all in-CS4 match access-group name mc-control-aclclass-map match-any in-af41 match ip precedence 4 match access-group name njedge-h323-VCclass-map match-all in-best-effort match access-group name njedge-allother-traffic

Applying Classification from Internal Network

policy-map in-SETDSCP class in-EF set ip dscp ef class in-af41 set ip dscp af41 class in-CS4 set ip dscp cs4 class in-best-effort set ip dscp default

!interface GigabitEthernet0/3 ip address 155.246.1.1 255.255.255.0 ip pim sparse-mode load-interval 30 duplex auto speed auto media-type rj45 no negotiation autoservice-policy input in-SETDSCP

IOS RouterEdge

•Interface GigabitEthernet0/3 •Interface GigabitEthernet0/0

1

2

Video1ToS = 4 802.1p=0


HTTPToS = 0 802.1p=0

HTTPToS = 0 802.1p=0



•Packets


Classifying Traffic out to SES

class-map match-all out-ROUTING match ip dscp cs6 class-map match-all out-VOICE match ip dscp ef class-map match-any out-INTERACTIVE-VIDEO match ip dscp af41 af42 af43 match precedence 4 class-map match-all out-STREAMING-VIDEO match ip dscp cs4 class-map match-any out-DEFAULT-BEST-EFFORT match ip dscp default

policy-map SCHOOL-EDGE-TWO-CLASS-SES class out-ROUTING bandwidth percent 1 set cos 2 class out-VOICE priority percent 4 set cos 2 class out-INTERACTIVE-VIDEO priority percent 12 set ip dscp cs4 set cos 2class out-STREAMING-VIDEO set cos 0 class out-DEFAULT-BEST-EFFORT bandwidth percent 83 random-detect set cos 0

Applying Classification on to SES Interface

policy-map SHAPE-PARENT class class-default shape average percent 4 service-policy SCHOOL-EDGE-TWO-CLASS-SES

Interface GigabitEthernet0/2 no ip address load-interval 30 duplex auto speed auto media-type rj45 no negotiation auto!interface GigabitEthernet0/2.93 description to CORE (I1) NJEDGEI1 VRF encapsulation dot1Q 93 ip address 130.156.250.94 255.255.255.252 ip pim sparse-mode no snmp trap link-status service-policy output SHAPE-PARENT

IOS RouterEdge

•Interface GigabitEthernet0/3 •Interface GigabitEthernet0/2.93

34

Video1DSCP=af41

802.1p=2

Video1DSCP=af41

802.1p=2

HTTPDSCP = 0 802.1p=0

HTTPDSCP = 0 802.1p=0

Video2DSCP = af41

802.1p=2

Video2DSCP = af41

802.1p=2•Packets

DESIGNPhase I

NJEDge INSTITUTION EDGE

NJEDge II Applications and Network Services

Internet2

Internet

Video Conferencing

National Lambda Rail

National Research Foundation Apps

Weather Modelling

GRID Clustering

GRID HPC

Disaster Recovery

Storage

Video on Demand/Streaming Video

DVI HDTV /Very High Bandwidth Video

Multicast/Streaming Video

Community Medical Computing

VoIP

IP Telephony

VoIP Peering

1Mbps - 10Gbps and 40Gbps Access/Transport Ability

Evolutional Growth

Tiered Classified Site Models/Modularity

Full Manageability/A-Z Provisioning

Ability to bring on any service

Rapid Enablement

Shared Secure Access

Any-to-Any Access

Separation Segmentation Virtualization

MPLS

Security

Scaling

IPv6

QoS

Redundancy/Resiliency/Multi-paths

Non-Stop Forwarding

Applications Network Services


NJEDge II Applications and Network Services Next Gen Impact

Segmentation Differentiation

How

•PVC

•VLAN

•MPLS

•QoS

ATM vs SES vs Fiber: 1.544Mbps -1GE - 10GE:

QoS:Implementation

How

•Classification

•Shaping

•Policing

•Sharing BGP or Not

Default Routing – General Routing

Full Routes - Specific routing

BGP:

T1 1.5Mbps

10Mbps,20Mbps,50Mbps

OC-3,100Mbps,200Mbps

1GE

10 GE

Dark Fiber, GE, WDM


NJEDge II Applications and Network Services Next Gen Impact

Institutional Routing

Separation of I1 vs I2 vs DR vs Intra-campus bond traffic

MPLS at the Edge:

I2 Multicast Streams

VPN

IPv4 vs IPv6:

PIX 6.3 vs 7.0

FWSM 2.3 vs 3.1

Traffic Control with RPs and QoS

RPs Inside and Out

Multicast:

Regulatory :

CLEA

SOX

HIPPA

High Speed Synchronous Replication

Moderate Asynchronous Replication

Jumbo Frames

Encryption

Storage over IP :


Receiver for10.3.245.238

NJEDge ConnectivitySchool Site CE Change

CE

Intranet/Internet 2 ATM PVC

Internet ATM PVC

SchoolX

Internet ATM PVC Intranet /Internet2 ATM

PVC

PEPE

PEPE

Verizon MPLS CORE

Commodity Internet

PEPE

Internet 2


CE

Intranet/Internet 2 VRF under single PVC

Internet VRF under singlePVC

Internet VRF Intranet /Internet2

VRF

SchoolX

ATM Managed Service today

ATM Managed Service Tomorrow

Verizon ATM CORE

165 Halsey St. Carrier Hotel

Commodity Internet

10G 32Lambda

MAGPI Internet 2

GK GK

OR


NJEDge II ConnectivitySchool Site CE Change


Intranet/Internet 2 VRF under single PVC

Internet VRF under singlePVC

Internet VLAN VRF Intranet /Internet2

VLAN VRF

SchoolX

GE Managed Service or Dark Fiber Tomorrow

165 Halsey St. Carrier Hotel

Commodity Internet

10G 32Lambda

MAGPI Internet 2

GK GK

OR

CE

100Mbps/1000Mbps Rate 3845NS, 7200 NPE-G1/2 or

7301/4 Router

100Mbps/1000/10000Mbps Rate 3400 3750M 3750

6500/Sup32

1GE/10GE Access Method

CEDirect Fiber

CE CWDM and/or DWDM

100Mbps and Multiple 100Mbps Rates

CESES or

Direct Fiber-Ethernet


NJEDge II Connectivity Example Internet and DMZ Design – De-aggregation

School DMZ Design

IPSGUARD XT DDOS

SSL /IPSEC VPN

Public Servers

Application Servers

Database Servers

Institution/Internet Edge Router

Firewall

IPS

GlobalLoadbalancer

ServerLoadBalancer

SSL Offload

Content EngineWAAF

Shown are de-aggregated functions of combination

appliance as well appliance functions– various switch and firewall functions are virtual

GK

CS-MARS

SCE Service Control Engine

NJEDgeNetCore

1 © 2006 cisco systems, inc. all rights reserved. njedge.net drg/vrg video qos next generation...

Documents

cisco systems

video p

qos tools work

interactive video latency

tools cac

njedgenet drgvrg video

admission control slide

classification tools