alcatel-mpls multi service

Considerations in an MPLS multi-service network

Chris [email protected]

All rights reserved © 2006, Alcatel

Agenda

Core network issues>Traffic engineering>Resilience and availability

Service interoperability>Multi-domain services

>Legacy to multi-service network inter-working

Service migration>PPPoE to IPoE

>802.1d to VLL/VPLS

OSS/BSS Issues

Examples

All rights reserved © 2006, AlcatelPage

Why traffic engineer(or, we’re not a circuit network, are we?)

Traffic engineering in the telecoms environment, has been a long-term practice, especially in circuit-oriented networks to increase the utilization of network resources.

Originally packet switching did not have any mechanisms to support traffic engineering as each forwarding node in the network made it’s own, independent, forwarding decision for each packet in the network. Most IP networks still operate in this way.

However, as IP networks became larger and more complex in architecture, some limitations in the classic packet forwarding mechanisms became apparent.

3


Which mechanism?

This is a layer nine discussion. However, both have the advantages and disadvantages

Layer three approach>The layer three approach more closely looks like “classical” IP forwarding, and

is, therefore considered by some to be more pure. It uses standard IP technologies that are available in any router

>Due to IGP flooding, there is no way to isolate adjustments to just one flow or link. The adjustment, is, by nature, network wide in it’s affect.

Layer two approach>The layer two approach is “foreign” to the IP technology and requires additional

protocol or OSS/BSS support (such as MPLS).

>However, the layer two approach can be much more selective in its application.

4


Which method?

The online approach is more of a tactical approach, and the network re-configures itself dynamically, based on stimulus within, or from outside the network.

The offline or near-line approach is more strategic in approach, and is usually done under administrative control, and done in the day to month horizon.

5


L2 traffic engineering model

6


Control plane resiliency

As more (and higher-value) services are deployed on the IP/MPLS core, resilience at all layers of the network becomes increasingly important.

Classical IP restoration (of control and data plane) takes seconds to minutes (re-convergence of IGP).

MPLS and IP fast-reroute brings SONET/SDH restoration times to MPLS/IP networks in the data plane.

Graceful restart improves data plane restoration again, with non-stop forwarding, but that forwarding is:>Headless - leading to potential loops and black-holes

>Places a CPU burden on peers, and requires all peers to support GR. Everyone will know the failure, and will be impacted by it.

7


Non-stop routing and non-stop services

NSR and NSS provides a mechanism to recover from a fault in the control plane in real time at the element level.

No other routers are involved in the restoration.>No other router needs to support an additional protocol.

>No other router will bear a CPU burden of the restoration.>Your customers/peers will not see or be impacted by the event.

Restoration is in the order of 10’s of ms.

State is shared between primary and backup control plane processors.>State should not processed on a per-packet, lock-step manner, as the faults

would then potentially cascade from the primary to the secondary.

>State should be kept current, including not only RIB and FIB, but also ACL and dynamic ACL/DHCP status, configuration, policies, etc.

8


The progression of resilience in IP/MPLS control planes

9

> 2. Non-stop Forwarding • Router continues forwarding traffic during recovery.

> 3. Graceful Restart • Uses neighbors to help recovery. Uses non-stop forwarding

during recovery.

> 4. Non-Stop Routing• Router self-recovers. Transparent to neighbors.

> 5. Non-Stop Services• Extends non-stop routing to Layer 2/

Layer 3 VPN services.

minutes

00:00:00:0Xmilliseconds

00:0X:XX:XX

MEA

N T

IME

TO R

EPAI

R

>1. Protocol Reconvergence

> Standard operation of routing networks. Route around the failed node.


Agenda





>802.1d to VLL/VPLS

Examples


Multi-domain services

MPLS was originally intended for intra-domain (AS) use.>MPLS does not have a mechanism to pass routing beyond the IGP boundary.>MPLS has no way of setting policies on control plane traffic (controlling signaling

flows between potentially untrusting peers).

>RFC2547 VPN’s have some work-arounds to these problems, but they are point solutions.

Solutions could include:>Multi-segment pseudo-wires>IP based transport over AS boundaries

11


Legacy to new-model interworking

A greenfield deployment of a layer 2 service will have no inter-working issues as all signaling will be via MPLS/IP.

However, if there is an existing network (such as an ATM network), then there are models where the signaling on the existing network needs to interoperate with the new network.

This is an area that is undergoing current development in the standards bodies (IETF and ITU).

12


No problem(but not too useful in the long-term)

13

IP/MPLS Network

ATM

Switch

IP/MPLS

Router

IP/MPLS

Router

ATM

Switch


No problem here

14

ATM/PNNILegacyNetwork

IP/MPLS MSE

Network

MSEATM-MSE

PE

ATMSwitch


No un-recoverable problem here

15


IP/MPLS MSE

Network

MSEATM-MSE

PE

ATMSwitch


Nor here

16


IP/MPLS MSE

Network

MSEATM-MSE

PE

ATMSwitch


Here be dragons...

17


IP/MPLS MSE

Network

MSEATM-MSE

PE

ATMSwitch


Agenda





>802.1d to VLL/VPLS

OSS/BSS Issues

Examples


Every service has it’s migration challenges

PPPoE, for example, provides configuration control for residential and SOHO broadband customers, as well as authentication, authorization, and security mechanisms.

However, PPPoE has limitations:>Multicast

>Highly centralized state>Encapsulation is compute intensive

The IPoE mechanism which is replacing PPPoE needs to provide those same capabilities.>IPoE can use DHCP for configuration of the client.

>IPoE can use 802.1X or DHCP option 82 for authentication and authorization.

>An IP/MPLS infrastructure that is going to support IPoE needs to provide anti-snoop and anti-spoof capabilities at least as rigorous as PPPoE.

19


PPPoE: Inefficient Multicasting

CH 2

... Video 1 copy of each channel

Must replicate copies to each home at BRAS

No multicast because of PPP encapsulations

on bearer traffic

BRAS

Aggregation

AccessNodes multicas

t

multicast

No multicast because of PPP encapsulations

on bearer traffic

PPP model breaks multicasting throughout the network> Last network multicast point at

BRAS– Inefficient use of b/w and fiber

> “Second mile” GE is the limit for all VOD and BTV

– Imagine 50K viewers all tune to watch World Cup Soccer!

> BTV drives greater distribution of BRAS

– $$$

> Slow Channel Flipping

multicast

20


New Solution: IPoE for Multicasting

... Video1 copy of each

channel

1 copy per channel per ESS

IP Edge7750 SR

Aggregation7450 ESS

Access7330 DSLAM

multicast

DHCP Server

multicast

1 copy per channel per VDSL

Remote

multicast

1 copy per channel per subscriber

IGMP Snoop/Proxy

DHCP Relay: Add Option 82

IGMP Snoop/Proxy

DHCP Snooping

IGMP, PIM SM/SSMDHCP Relay to DHCP

ServerDHCP Snooping

21


IPoE security model

22

First Spoken SrcMAC

RG

Pass PPPoE or DHCP Bcast

DHCP ACK (UserIP/MAC)

Antispoof

No ARPs (DHCP-configured ARP table)

Block user-user bridged traffic

Valid SrcMAC/SrcIP Data

Invalid SrcMAC/SrcIP

VPLS

DHCP/AAA Servers

HomeGateway

BTV

...

AccessNode

IP

77507450

CO VHO

802.1X port authentication

Learm IP-MAC association


Spanning tree a spanner for the network?

802.1d was designed for campus networks and can not deal well with large, and/or complex network topologies:>Instability>Long reconvergence times

>Difficult to manage

With an MPLS/IP network there are other options, including VLL (Martini draft) and VPLS.>Stable, made for large, complex carrier networks - it’s MPLS/IP>Fast reconvergence (MPLS/IP fast re-route, NSR/NSS)

>Lots of management tools

An example - when migrating services, don’t necessarily take the easy approach - avail yourself of the new capabilities that the IP/MPLS network provide.

23


Agenda





>802.1d to VLL/VPLS

OSS/BSS Issues

Examples


OSS/BSS

Don’t discount this, most new network roll-outs pay attention to these systems as an afterthought - usually with crippling results.

The IP/MPLS network is now much more critical to the carrier business, the existing IP/MPLS management systems may or may not be capable of providing the necessary level of provide/assure/bill.

The OSS/BSS system for IP/MPLS now also needs to manage services, not just point-to-cloud, but point-to-point, mp-to-mp, etc.>Not only may the OSS/BSS need adaptation, but the business model may need

adjustment as well.

>For business model, consider starting with the business model that the existing service utilizes, and modify from there. Remember, the customer doesn’t care that it is a new IP/MPLS converged core, they are buying a SERVICE.

25


Agenda





>802.1d to VLL/VPLS

OSS/BSS Issues

Examples


Triple Play Win: AT&T LightSpeed Project

Make video available to 18 million homes in ~3 years by leveraging FTTN strategy

Considerable network implications> High bandwidth (~20 Mb/s per home)

> Large number of streams (~250 channels)

> Tremendous scaling of routing and queuing with service differentiation to guarantee service delivery

Alcatel is sole supplier of network infrastructure> IP routing, Ethernet switching, deep access (FTTN)

> Alcatel 7750 SR, 7450 ESS and 7330 FTTN

> Access and aggregation management systems

Alcatel is network system and video service integrator> Design and integration of end-to-end solution

27


NxGE to BRAS. Only PPPoE traffic is forwarded to BRAS.

PPPoE traffic is separated. No PPPoE traffic is forwarded to 7750 for IP routing.

Integrated switching and routing in the 7750 enables use of 10 GE and common interface for all services even if destined to separate edges

Per-subscriber, per-service accounting queuing and policing/

shaping.

IP: 10.20.192/20MAC:A

IP: 192.168.0/20MAC:B

IP: 138.120.0/20MAC:C

IP: 138.120.64/20MAC:D

DHCP Server

Local VPLS instance to switch PPPoE traffic to BRAS. Performs Layer 2 bridging for

forwarding traffic to BRAS. Other traffic is routed to appropriate service edges.

VPLSPPPoE

7750 PPPoEBRAS7450BTV

Connectivity Model

FTTXAccessNode

28


QoS Model to the Subscriber at 7450

PIR = 20 MbpsCIR = 4 Mbps

Subscriber VLANCIR = 5.5 MbpsPIR = 20 Mbps

VoIP (priority 1)

PIR = 20 MbpsCIR = 200Kbps

PIR = 20 MbpsCIR = 90 Kbps

VOD/BTV (priority 2)

HSI (priority 4)

GE

Differentiate service levels in the aggregation network

Enforce subscriber’s access rate in the aggregation network• Reserve CIRs for critical applications• Define PIR for shaping• H-QoS enables the service b/w to be shared within the subscriber’s access rate

Enable low priority and best-effort traffic to burst up to full access rate if bandwidth is available (high priority traffic using less than committed rate)

Offload per-Sub. QoS to 7450 instead of Router performing QoS for 60K Sub!

“FG” (priority 3) PIR = 20 MbpsCIR = 1 Mbps

29


Consumer QoS Model at 7450: Downstream

GEVLANPerSub

VoIP

Video

HSI

DSLAM

GEVoIP VLAN

Video VLAN

HSIVLANBRONZE

GOLD

ON-NET7450

7750

QoS Per Subscriber.VoIP prioritized over Video. 802.1p marking for prioritization in the access and home

Preferred content marked (DSCP) at

trusted ingress points of IP network .

QoS per Forwarding Class

Per-sub rate-limited HSIPer-sub QoS policy

Per-service priority/delay/loss

Per-service priority/delay/lossContent Differentiation in HSI

30


IP

Consumer QoS Model at 7450: Upstream

GE RealtimeVLANPerSub

DSLAM77507450

GEVoIP VLAN

Video VLAN

HSIVLANBRONZE

GOLD

ON-NET

VoIP/Video: shared queueing for prioritization of real-time traffic

over HSI. Upstream Video traffic is negligible

Per-subscriber QoS/Content classification

HSI

Video/VoIP: QoS policy defines priority and aggregate CIR/PIR.

HSI: QoS policy defines priority and aggregate CIR/PIR. Content differentiation based on ingress classification. DSCP marked.

Per-sub rate-limited HSIPer-sub QoS policy

Per-service priority/delay/loss

Per-service priority/delay/lossContent Differentiation in HSI

31

Questions?

THANK YOU!

alcatel-mpls multi service

Documents

network re

circuit network

network wide

classical ip forwarding

data plane restoration

ip technology

ip fast

tactical approach