ios advantage - creating zero-touch carrier ethernet services
TRANSCRIPT
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
1/65
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
2/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
SpeakersAmrit Hanspal
Product Manager
Jose Liste
Technical Marketing Engineer
PanelistsSamer Salam
Principal Engineer
S. Akshaya Kumar
Technical Marketing Engineer
mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected] -
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
3/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Submit questions in Q&A panel and send to AllPanelistsAvoid CHAT window for better access to panelists
ForWebex audio, select COMMUNICATE > JoinAudio Broadcast
ForWebex call back, click ALLOW Phone button at
the bottom of Participants side panel
Where can I get the presentation?
https://communities.cisco.com/docs/DOC-26449
Or send email to: [email protected]
Please fill in Survey at end of event
Join us on November 2 for our next IOS AdvantageWebinar: The Evolution of IP Mobility Solutions
https://communities.cisco.com/docs/DOC-26449mailto:[email protected]:[email protected]://communities.cisco.com/docs/DOC-26449https://communities.cisco.com/docs/DOC-26449https://communities.cisco.com/docs/DOC-26449 -
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
4/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
At the end of the session, you will be able to: Understand the evolution of DESA and where it would be
positioned in a SP network
Understand the motivation to evolve from Carrier Ethernetto zero-touch Dynamic Ethernet
Understand key use cases & call flows
Understand key configurations for enabling zero-touch
Carrier Ethernet Services
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
5/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
What is DESA? Where does it fit?
Converging paths
Evolution of Session based offerings
Evolution of Carrier Ethernet Services
Technical Building Blocks
Call Flows
Sample Configurations
Summary
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
6/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
What is DESA?
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
7/65 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Ethernet infrastructure with programmatic interface
Intelligent Service Management engine
Power of dynamic subscriber management from ISG to automate provisioning ofEthernet Services
Automated, customized Ethernet service provisioning infrastructure that savesOPEX
Competitive advantage Industry first, Cisco only capability
Available on Cisco 7600 today
Ethernet Virtual
Circuit (EVC)
Framework
Intelligent Services
Gateway (ISG)DESA
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
8/65 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Carrier Ethernet (Access) Ethernet Services with Pseudowire (or VPLS) and DESA accounting/provisioning
SP Edge Services Layer 2/3 based offering providingrouting overlay or shared services. Targets Corporate
Broadband Session (PPP/IP) based subscriberoffering, driven by AAA/ISG policy. Targets Residential
Corporate
Residential
Cable/DSL/PON
Aggregation Network
IP/MPLSIP/MPLS
Core NetworkCMTS,DSLAM
Last Mile Ethernet
BNG/MSE
Bo ttom Line: There is a stron g co rrelat ion between
Carrier Ethernet, SP Edge & Broadband
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
9/65 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Network Access
Session
Identity/ Policy
Serial, ATM
PPPoA (andother PPPoXoA)
AAA
BRAS
Ethernet
PPPoE
AAA/ISG
BNG forResidential
Wireline
Ethernet
IP
AAA/ISG
IP BNG forPublic Wifi
DESA can be viewed as a Broadb and and /or Carr ier Ethernet Techno log y
Ethernet/EoMPLS
EVC
AAA/ISG
Ethernet Sessionfor CorporateSubscribers
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
10/65 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
IP, PPP(PPPoE, PPPoA),Tunnel Termination,
Interfaces, Ports, MobileWireless, Ethernet, WLAN
Identification,Authentication,
Authorization, SingleSign On
Per-Session Features,Forwarding/Routing,
Accounting, Firewalls,QoS
Access
Services Identity
ISG
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
11/65 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
PSTN
Dial
ATM SwitchDSLAM
DSL
Wireless
AccessDistributionEthernet
Fiber NodeCable
MobileRAN
Common Generic Session Type
Created at first sign of subscriber activity
Common context on which session-services/policies areactivated
InherentPart of the Network Operating System
FSOL/Initiator - Layer 2 or Layer 3; Unclassified, DHCP, Radius
Dial DSL Cable Ethernet 802.11 Future
Access
IdentityServices
Different Access Media and
Protocols
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
12/65 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
ISG builds a composite Multi-dimensional Identifierfor every Session
IdentityAccess
IdentityServices
User 1
User 2
MPLS / IP
Aggregation
Internet
MPLS / IP
Core
Data Plane
Control Plane
Policy Plane
Session
Multidimensional Identity
Portal, AAA, Billing
Corporate
VPN
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
13/65 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
A Service is a group of 1 or more features A Feature is just any feature supported by IOS
Commonly used features with ISG include:
Services
Access
IdentityServices
Accounting
Session, Service,Flow
Billing Postpaid,Prepaid, Tariff
Switching, Timebased, Volume
based
Timeouts Idle,Session Keepalives
Routing/Forwarding VRF Transfer Traffic ClassSecurity - Per-
Session Filter, Per-user ACL
Control Policy Service Profile QoSPacket FlowOptimization
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
14/65
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
15/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
ServiceAbstraction
FlexibleMapping
Mu lt ip le xin g S tan dar ds
Key Benefits: Provides Local VLAN
significance to scale Ethernet
remove limitation of 4094
VLANs per device
Provides Service Providersthe ability to model Ethernet
Services including EVC/UNI
attributesVLAN
Service
Instances
Bridge
Domains
UNI
Attributes to
map multiple
C-VLAN to
Service
Instance
VLAN
VLAN Bridge
EVC Bridge
Physical
Ethernet
Interfaces Traffic Flows
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
16/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
ServiceAbstraction
FlexibleMapping
Mu lt ip le xin g St an dar ds
Key Benefits:
Provides a mechanism to
offer Ethernet services (retail
and wholesale) as well as
Ethernet transport for L3
services
Provides a create richer
services with advanced
VLAN tag manipulation
(Push, Pull, Translate,
Rewrite)
Service Instances
Q-in-Q, Double tags
.1Q, Single Tag
Untagged Ethernet
VLAN
Operations
Push, Pull,
Translate,
Rewrite
Physical Ethernet
interface (GE/10GE)
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
17/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
ServiceAbstraction
FlexibleMapping
Multiplexing Standards
Key Benefits: Provides the ability to
build richer service
offering with concurrent
support of Layer 2
services e.g. Point-to-
Point, Multi-point
Provides the flexibility to
offer a combination of
Layer 2 and Layer 3
services on same
physical port e.g.
Service Instance to IP
VPN,Layer 2 Multipointbridged
Layer 2 Point-to-Point
Local Hair-pin
Split Horizon
Service
Instances
Routed
Interfaces
Physical
Interfaces
SVI
PW
PW
Layer 3 Service IP
VPN
Legend
BD = Bridge Domain
VFI = Virtual Fwd Instance
PW = Pseudowire
SVI = Switch Virtual Instance
BD
Mapping Service
Instance to PW e.g.EoMPLS
VFI
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
18/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
ServiceAbstraction
FlexibleMapping
Multiplexing Standards
Standards Organization Standard Description
Institute of Electrical &
Electronics Engineers (IEEE)
IEEE 802.1q Virtual LANs
IEEE 802.1adQ-in-Q/Provider Bridging - Outer S-VLAN (service),
Inner C-VLAN (customer)
IEEE 802.1ahProvider Backbone Bridges (PBB) with Service
Instances
Metro Ethernet Forum (MEF)
MEF 4 Metro Ethernet Network Architecture Framework
MEF 6 Metro Ethernet Services Definitions
MEF 10 Ethernet Services Attributes
MEF 11 User Network Interface (UNI)
Internet Engineering Task
Force (IETF)
rfc4447 Virtual Private Wire Services (VPWS)
rfc4762/4761 Virtual Private Line Services (VPLS)
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
19/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Residential
Corporate
Wireless
Cell Phones
Cable/CMTS
DSL/DSLAM
Fiber / OLT
Ethernet
Agg Switch
Mobility
Agg Switch
Agg Switch Agg Switch
MPLS/IP
network
Subscriber Access Aggregation Network Edge
OAM Subsystem
MPLS/IPnetwork
MPLS/IP
Edge
Services
Broadband
Network
Gateway
Core Network
DESAApplicability
AAA, DHCP, DNS Policy, Inventory, Billing EMS, NMS Service/Performance Mgmt
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
20/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Dynamic L3Services over
Ethernet
Dynamic L2
ServicesEnable EVC FlexibleEthernetencapsulations tosupport existing ISGIP sessions
Service is Layer 3,Ethernet is the
Transport
Enable ISG policyplane to control EVC
Ethernet Flow Pointaccess and transportpolicies
Ethernet is the Service
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
21/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
1. Customer orders L2service at portal
CPE is shipped to customer
Customer plugs in CPE
2. First L2-traffic triggersRADIUS request toactivate services
3. L2 Service profile applied(ACLs, QOS,Pseudowire, etc.)
4. Activates billing and
inventory functions5. Customer changes
profile dynamically on-demand
Self-care
Dynamic
Service
Profile
L2-Session
L2-Session
DESA
DynamicPseudowire
RADIUS
Accounting
CPE
12 5
5
4
2
3 5
3
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
22/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Webinar participant company type (Check one):
Enterprise
Wireline Service Provider
Mobile Operator
Ethernet Service Provider
Other (e.g., system integrator)
What are the key business applications/drivers for using Ethernet services? (Check all that apply)
Data Center Interconnect
Branch WAN connectivity
Mobile Backhaul
Internet access /L3VPN traffic backhaul (CE-PE)
Other
Which existing services do you already offer today? (Check all that apply)
Layer 3 MPLS/IP VPNs
Layer 2 offerings
Residential Broadband wireline
Public Wireless LAN offerings
Other (Please specify)
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
23/65
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
24/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
ISG Infrastructure
Automates service provisioning
EVC Infrastructure
Provides flexible, next-generation Ethernet infrastructure
L2VPN Infrastructure
Provides transport over MPLS network
Ethernet OAM Infrastructure
Provides service monitoring capabilities
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
25/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Technical BuildingBlocks
Intelligent Services Gateway(ISG)
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
26/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
PolicyServer
Cisco Intelligent Services Gateway
(ISG) is a licensed feature set onCisco IOS that provides SessionManagement and PolicyManagement services to a variety ofaccess networks
SubscriberIdentity
Management
PolicyManagement
andEnforcement
DHCPServer
AAAServer
ISG
WebPortal
OpenNorthbound
Interfaces
Subscriber Policy Layer
So focal, that the entire device is often referred as an:Intelligent Services Gateway routeror simply The ISG
ISG
Subscriber Identification
Subscriber Authentication
Subscriber ServicesDetermination and Enforcement
Dynamic Service update
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
27/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Based on Subscriber Access Protocol Sessions Supported:
Dynamically Created Sessions:
PPP sessionsIP sessions
IP Subnet sessions
Ethernet sessions
Statically Created Sessions:
Interface sessions (IP-based)
Ethernet sessions
Session
Initiation
Authentication Termination
ServiceActivation
NEW with
DESA
ISG Session
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
28/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Dynamic Ethernet Sessions
Triggered by arrival ofFirst Sign OfLife (FSOL) traffic on an interface
Associated with dynamic Service
Instances (not saved in nvram)
All features downloaded fromRADIUS profiles at session-start
Selected features1 downloaded anytime through RADIUS CoA
Support MEF Type III UNI
Static Ethernet Sessions
Administratively configuredSessions
Associated with manual/regular
Service Instances (CLI-created)
Selected features1 downloadedfrom RADIUS profiles at session-start
Selected features1 downloaded anytime through RADIUS CoA
Support MEF Type I & II UNI
ISG Session
(1) Quality of Service, Access Control List, Accounting, Iddle-Timeout
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
29/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Walled GardenOpen Garden
GuestPortal
DHCPServer
Subscriber Policy Layer
Walled GardenOpen Garden
GuestPortal
DHCPServer
AAAServer
Subscriber Policy Layer
Dynamic Policy PUSH
(e.g. Turbo Button)
PolicyServer
Application/Service Layer event
WebPortal
Dynamic Policy PULL
(e.g. Automatic Service-ProfileDownload on Session
Establishment)
WebPortal
PolicyServer
Network
LayerEvent
AAAServer
Subscriber Subscriber
Administrator
RADIUSAcc-req
RADIUSAcc-accept RADIUS
CoA or SGIRequest
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
30/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Walled GardenOpen Garden
Internet/Core
GuestPortal
AAAServer
PolicyServer
WebPortal
DHCPServer
Subscriber Policy Layer
VideoAudioServers
RADIUS Interface, for subscriber AAA functionalities andservice download
RADIUS Extensions (RFC 3576) and XML based (SGI*)Open Interfaces, for dynamic, administrator or subscriberdriven, session and service management functions
PolicyPULL
PolicyPUSH
(*) SGI: Services Gateway Interface
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
31/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
Technical BuildingBlocks
EVC Framework
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
32/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
Cisco Ethernet Virtual Circuit (EVC) is the next-generation cross-platform Carrier Ethernet SoftwareInfrastructure
Addresses Flexible Ethernet Edge requirements
Flexible Service Mapping
Advanced Frame Manipulation
Multiplexed Forwarding Services
Supports service convergence over Ethernet Complies with MEF, IEEE, IETF standards
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
33/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
Provide classification of L2flows on Ethernet interfaces
Are also referred to as EVCservice-instances
Support dot1q and Q-in-Q
Support VLAN lists
Support VLAN ranges
Support VLAN Lists andRanges combined
Coexist with routedsubinterfaces
Ethernet Flow PointsEFPs on Interface
100
101
102
MatchVLAN range:
100-102
200
203
210
Match
VLAN list:200, 203, 210
300,100Match
VLAN: 300,100
400,1
400,2
400,3
Match
outer VLAN 400,
inner VLANrange: 1-3
400,11
400,17
400,34
Match
outer 400,
inner VLAN list:
11,17,34
14Match
VLAN: 14
Physical Ethernetinterface (GE/10GE)
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
34/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
3125SADA2010SADA
31SADA2010SADA
3125SADA10SADA
2025SADA20SADA
3125SADASADA
25SADA10SADA
SADA2010SADA
20SADA2010SADA
PUSH operations
POP operations
TRANSLATION operations
VLAN Tag Manipulation
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
35/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
Multiplexed ServiceInterface
Mix of L2 and L3services on same port
Different types ofL2 services
Point-to-Point
Multipoint
Service
Instances
BD
BD VFI
BD
PW
PW
PW
SVI/BDI
BD = Bridge Domain VFI = Virtual Fwd Instance
PW = Pseudowire SVI = Switch Virtual Instance
BDI = Bridge Domain Interface
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
36/65
Cisco Confidential 2010 Cisco and/or its affiliates. All rights reserved. 36
Cisco EVC introduces the following new concepts:
Ethernet Virtual Circuit (EVC)
Device local object (container) for network-wide service parameters
Ethernet Service Instance
Transport-agnostic abstraction of an Ethernet service on an interface
Also referred as Ethernet Flow Point (EFP)
Bridge Domain (BD)
Ethernet Broadcast Domain local to a device
Bridge Domain Interface (BDI)
Logical Layer 3 interface associated with a BD to perform integrated routing andbridging
NEW with DESA
Dynamic EFPs Dynamic Ethernet sessions
Static EFP Static Ethernet sessions
NEW with DESA
Dynamic BDs
NEW with DESA
Dynamic EVCs
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
37/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
VPLS
EoMPLS PW
EoMPLS PW
EoMPLS PW
L3
X
P2P VPWS
P2Plocal
connect
Multipoint bridging
Bridging
Bridging
Routing
DESA enables ISG policy plane to control EVCEthernet Flow Point access and transport policies
FSOLUnclassified
vlan traffic;
e.g.:
PPPoE
discovery
DHCP opt
82/60
ARP broadcast
FSOL = First Sign Of Life
FSOLLDP VC Label adv.
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
38/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Call Flows
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
39/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Mult iserv ice
Core Network
Aggregation Node
MPLS
Access Node Distribution Node
Large Scale
Aggregation NetworkIntel l igent
Services EdgeEff ic ient
Access Network
Ethernet NNIEthernet UNI MPLS / IP
DESA
MPLS / IPDSL, PON, Ethernet
BNG / MSE
ISG
FSOL: unclassified VLAN
Dynamic bridge-domain(s) w/
split-horizon
Data (HSI): Static SVI with
xconnect to Distribution node
Multicast Video: Static SVI with
IP Address & IGMP snooping
Dynamic service instance with
rewrite, QoS, ACL on UNI-AGG
FSOL: PPPoE,
DHCP, Unclassified
MAC
Static sub-interface
(dot1q or Q-in-Q) with
ISG session or PPPoE
Potential Accounting Points
Session level accounting (per subscriber)
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
40/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Mult iserv ice
Core Network
Aggregation Node
MPLS
Access Node Distribution Node
Large Scale
Aggregation NetworkIntel l igent
Services EdgeEff ic ient
Access Network
Ethernet NNI
BNG / MSE
Ethernet UNI MPLS / IP
DESA DESA
DESA
MPLS / IPDSL, PON, Ethernet
FSOL: Unclassified VLAN
Dynamic EoMPLS PW (xconnect
under Dynamic service
instance) w/ Distribution node
IP addr & VC-ID determined via
RADIUS
Dynamic service instance withrewrite, QoS, CFM, ACL on UNI-
AGG
FSOL: LDP VC Label
Advertisement
Dynamic service instance
with rewrite, QoS, CFM, ACL
on NNI-DIST
Dynamic EoMPLS PW
(xconnect under Dynamic
service instance) w/
Aggregation node IP addr
& VC-ID determined via
RADIUS
FSOL: Unclassified
VLAN
Potential points for Accounting
Session-based accounting (per service)
Retailer X
Retailer Y
Dynamic service
instance with rewrite,
CFM, QoS, ACL on NNI-
BNG/MSE
E-LINE
Dynamic EoMPLS PW (xconnect
under Dynamic service instance)
w/ peer IP addr & VC-ID determinedvia RADIUS
Dynamic bridge domain (under
dynamic service instance) w/ static
SVI configured with xconnect to a
static l2vfi (with or w/o BGP auto-discovery)
E-LAN
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
41/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
Mult iserv ice
Core Network
Aggregation Node
MPLS
Access Node Distribution Node
Large Scale
Aggregation NetworkIntel l igent
Services EdgeEff ic ient
Access Network
Ethernet NNIEthernet UNI MPLS / IP
DESA DESA
MPLS / IPDSL, PON, Ethernet
BNG / MSE
ISG / DESA
Retailer X
Retailer Y
FSOL: unclassified VLAN
Dynamic EoMPLS PW (xconnect
under Dynamic service
instance) w/ Distribution node
IP addr & VC-ID determined via
RADIUS
Dynamic service instance with
rewrite, QoS, CFM, ACL on UNI-
AGG
FSOL: LDP VC Label
Advertisement
Dynamic service instance
with rewrite, QoS, CFM, ACL
on NNI-DIST
Dynamic EoMPLS PW
(xconnect under Dynamicservice instance) w/
Aggregation node IP addr
& VC-ID determined via
RADIUS
Potential Accounting Points
Session level accounting (per subscriber)
Potential points for Accounting
Session-based accounting (per service)
FSOL: PPPoE,
DHCP, Unclassified
MAC
Static sub-interface
(dot1q or Q-in-Q) with ISG
IP or PPPoE session
FSOL: Unclassified
VLAN
Dynamic service instance
with dynamic BD & static
SVI configured with IP
VRF
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
42/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
RADIUS Profilesand Detailed Call Flows
Dynamic BD / Dynamic L2VPNVPWS
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
43/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
Bridged ServicesUser (EFP) Profile
EFP attributes (e.g. description,
encapsulation, rewrite, evc name, QoS
policy, L2/L3/L4 ACLs, MAC security, CFM
MEP/MIP)
Bridge Domain profile name
EVC profile name (opt.)
CFM Maintenance Association profile
name (opt.)
Bridge Domain Profile
BD attributes (e.g. BD ID, MAC limit, BD
type (c-mac))
802.1ah I-Tag profile name (opt.)
EVC Profile
EVC attributes (e.g. UNI count, OAM
Interworking parameters)
CFM MA Profile
CFM Maintenance Association attributes
(e.g. ShortMA name, direction, CCMparameters)
802.1ah I-Tag Profile
I-Tag attributes (e.g. ISID value)
802.1ahMAC-Tunnel profile name
MAC-Tunnel Profile
MAC-Tunnel attributes (e.g. ID, description,
B-tag VID, B-mac)
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
44/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
MPLS L2VPN Services
User (EFP) Profile
EFP attributes (e.g. description,
encapsulation, rewrite, evc name, QoS
policy, L2/L3/L4 ACLs, MAC security, CFM
MEP/MIP)
L2VPN VPWS profile name
EVC profile name (opt.)
CFM Maintenance Association profilename (opt.)
L2VPN VPWS Profile
L2 VPN VPWS atttributes (e.g. PW
redundancy parameters)
VPWSPeer IP profilename
VPWS Peer IP profile name (BackupPW) (opt.)
EVC Profile
EVC attributes (e.g. UNI count, OAM
Interworking parameters)
CFM MA Profile
CFM Maintenance Association attributes
(e.g. ShortMA name, direction, CCM
parameters)
L2VPN Peer-IP Profile
PW attributes (e.g. Remote Peer IP
address, VC ID, primary / backup (priority),
encapsulation, PW class)
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
45/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
RADIUS Profilesand Detailed Call Flows
Ethernet Accounting
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
46/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Accounting supported for the following:
Dynamic and Static Ethernet sessions at session-start time
Dynamic and Static Ethernet sessions via RADIUS CoA
Per-session accounting support at FCS
Accounting attribute can be added to User profile
Cisco-AVPair = subscriber:accounting-list=
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
47/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
Ethernet Accounting Dynamic Service Instance
Simplified call flow
DESA
Access-Request:username (authorization keys)
Access-Accept:User Profile definitionIncluding Accounting VSA
FSOL:unclassified VLAN
Session-start
event posted
Service-startevent posted
Accounting-Request:Acct-Status-Type = start
Accounting-Response
Accounting-Request:Acct-Status-Type = interim-update
Accounting-Response
Interim-update
Interim-update
Interim-update
Accounting-Request:Acct-Status-Type = stop
Accounting-Response
Session-Idletimeout event
posted
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
48/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
Ethernet Accounting via CoAon Static Service Instance
Simplified call flow
DESA
Static EFPManual ethernet session
configured
Session-start
event posted
2
Service-startevent posted
CoA Request Service Activateservice:
Access-Request:service:
Access-Accept: definitionIncluding Accounting VSA
Accounting-Request:Acct-Status-Type = start
Accounting-Response
CoAACK
Service Activate
Accounting-Request:Acct-Status-Type = interim-update
Accounting-Response
Portal Request
for Accounting
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
49/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
Does your company have plans to implement any of the following? (Check all
that apply):
Low-touch / Dynamic Layer 2 (Ethernet) services to Enterprise, Mobile Backhaul orRetail SP customers
Dynamic Layer 2 (Ethernet) transport for Layer 3 services
Elastic Ethernet services with on-demand customer changes through Portal
Self-managed Ethernet services with accounting / performance data through Portal
No plans for Dynamic Ethernet
What do you expect your companys timeframe for deploying Dynamic Ethernetare? (Check one):
Next 6 months
Next 12-24 months
More than 24 months
No plans
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
50/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
What do you think would be the most relevant First Sign of Life (FSOL) types
for Ethernet Sessions in your network? (Check all that apply)
Unclassified VLAN
Unclassified MAC
IEEE 802.1X
DHCP Discovery
PPPoE PADI/R
Other
Would you expect to perform Customer Equipment (CE) Authentication forDynamic Ethernet sessions? (Check One):
Yes, using IEEE 802.1X
Yes, using PPP Challenge
Yes, using DHCP-based
No, I do not expect to use authentication
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
51/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
End to End Scenarios
Sample Configurations
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
52/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
Single-Sided Dynamic L2VPN VPWS
Simplified call flow
DESA DESA
Access-Request:username (authorization keys)
Access-Accept:User Profile definition (basic EFP config)Service Profile(s) (e.g. BD, 802.1ah, L2VPN VPWS, CFM)
Service-startevent posted
FSOL:unclassified VLAN
Session-start
event postedARP for 10.1.1.2 on Vlan X
Access-Request(s):service:
Access-Accept(s): definition(s)
FSOL: LDP VC labeladvertisement
Session-start
event posted
Access-Request(s):service:
Access-Accept(s): definition(s)
Access-Request:Peer IP Service Profile
Access-Accept:
Peer IP Profile definitionService Profile(s)
Service-startevent posted
PW establishment phase
ARP Reply
ARP Request
Pseudowire
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
53/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
Single-Sided Dynamic L2VPN VPWS (cont.)
PE1 L2VPN VPWSl2 subscriber authorization group atom_test1
service-policy type control atom_rule1
peer network 101.101.101.101 255.255.0.0 1 4294967295
L2 ContextRouterB#show running-config interface gig2/4
interface GigabitEthernet2/4
service instance dynamic 90 ethernet
description L2 context for single-tag FSOL
encapsulation dot1q 1000-2000
ethernet subscriber
initiator unclassified vlan
service-policy type control DYNAMIC_EVC *
Dynamic Service InstanceRouterB#show derived-config interface gig2/4
interface GigabitEthernet2/4
(snip)
service instance 102 ethernet
description Dynamic customer 1
encapsulation dot1q 1000
rewrite ingress tag pop 1 symmetric
xconnect 101.101.101.101 111111 encapsulation mpls
PE2 L2VPN VPWSl2 subscriber authorization group atom_test1
service-policy type control atom_rule1
peer network 102.102.102.102 255.255.0.0 1 4294967295
L2 ContextRouterA#show running-config interface gig2/3
interface GigabitEthernet2/3
service instance dynamic 90 ethernet
description L2 context for single-tag FSOL
encapsulation dot1q 1000-2000
ethernet subscriber
initiator unclassified vlan
service-policy type control DYNAMIC_EVC *
Dynamic Service InstanceRouterA#show derived-config interface gig2/3
interface GigabitEthernet2/3
(snip)
service instance 101 ethernet
description Dynamic customer 1
encapsulation dot1q 1000
rewrite ingress tag pop 1 symmetric
xconnect 102.102.102.102 111111 encapsulation mpls
DESA DESAGig2/3 Gig2/4
Loopback0 101.101.101.101 Loopback0 102.102.102.102
(*) See next slide for its definition
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
54/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
RouterA#sh run | beg DYNAMIC_EVC
policy-map type control DYNAMIC_EVC
class type control always event session-start
10 authorize identifier hostname plus nas-portplus stag-vlan-id
!
!
RouterB#sh run | beg DYNAMIC_EVC
policy-map type control DYNAMIC_EVC
class type control always event session-start
10 authorize identifier hostname plus nas-port plus
stag-vlan-id
!
!
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
55/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
Single-Sided Dynamic L2VPN VPWS (cont.)
PE1 PE2
User Profile (Username: RouterA:nas-port:2/0/3/0:1000)
Cisco-AVPair = subscriber:sss-service=vpws
Cisco-AVPair = l2vpn:redundancy-group=1
Cisco-AVPair = l2vpn:service-id=pe1_vpws_pw_customer1
Cisco-AVPair = ethernet-service-instance:service-instance-description=Dynamic
customer 1
Cisco-AVPair = ethernet-service-instance:stag-vlan-id=1000
Cisco-AVPair = ethernet-service-instance:rewrite-ingress=1Cisco-AVPair = ethernet-service-instance:rewrite-ingress-tag-operation=Pop1
Cisco-AVPair = ethernet-service-instance:rewrite-ingress-symmetric=TRUE
User Profile (Username: RouterB:nas-port:2/0/4/0:1000)
Cisco-AVPair = subscriber:sss-service=vpws
Cisco-AVPair = l2vpn:redundancy-group=1
Cisco-AVPair = l2vpn:service-id=pe2_vpws_pw_customer1
Cisco-AVPair = ethernet-service-instance:service-instance-description=Dynamic
customer 1
Cisco-AVPair = ethernet-service-instance:stag-vlan-id=1000
Cisco-AVPair = ethernet-service-instance:rewrite-ingress=1
Cisco-AVPair = ethernet-service-instance:rewrite-ingress-tag-operation=Pop1
Cisco-AVPair = ethernet-service-instance:rewrite-ingress-symmetric=TRUE
RADIUS Profile
Peer IP Profile (Username: peer-ip:102.102.102.102:vc-id:111111)
Cisco-AVPair = l2vpn:vcid=111111
Cisco-AVPair= l2vpn:service-id=pe1_vpws_pw_customer1
Cisco-AVPair = subscriber:sss-service=vpws
Cisco-AVPair = l2vpn:redundancy-group=2
Cisco-AVPair = l2vpn:pw-encapsulation=mpls
Cisco-AVPair = l2vpn:peer-ip-address=102.102.102.102
RADIUS Profile
Peer IP Profile (Username: peer-ip:101.101.101.101:vc-id:111111)
Cisco-AVPair = l2vpn:vcid=111111
Cisco-AVPair= l2vpn:service-id=pe2_vpws_pw_customer1
Cisco-AVPair = subscriber:sss-service=vpws
Cisco-AVPair = l2vpn:redundancy-group=2
Cisco-AVPair = l2vpn:pw-encapsulation=mpls
Cisco-AVPair = l2vpn:peer-ip-address=101.101.101.101
L2VPN Profile (Username: pe1_vpws_pw_customer1)
Cisco-AVPair = l2vpn:member=ethernet-service-instance:Gi2/3 -stag-type:0x8100 -
stag-vlan-id:1000
Cisco-AVPair = l2vpn:member=pseudowire:peer-ip:102.102.102.102:vc-id:111111
L2VPN Profile (Username: pe2_vpws_pw_customer1)
Cisco-AVPair = l2vpn:member=ethernet-service-instance:Gi2/4 -stag-type:0x8100 -
stag-vlan-id:1000
Cisco-AVPair = l2vpn:member=pseudowire:peer-ip:101.101.101.101:vc-id:111111
DESA DESAGig2/3 Gig2/4
Loopback0 101.101.101.101 Loopback0 102.102.102.102
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
56/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
Dynamic Bridge-Domain / Static VPLS
DESA
FSOL:unclassified VLAN
Session-start
event posted
ARP for 10.1.1.2 on VID 1006 Access-Request:username (authorization keys)
Access-Accept:
User Profile definition (basic EFP config)Bridge-Domain (BD) Service ProfileAccess-Request(s):
service:
Access-Accept(s): definition(s)
Service-startevent posted
VFI
Static VFIStatic SVI
2
Static VFIStatic SVI
2
ARP ReplyARP Request
Non-DESA
device
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
57/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
Static SVI / VPLSl2 vfi vfi-2001 manual
vpn id 2001
neighbor 102.102.102.102 encapsulation mpls no-split-horizon
interface Vlan2001
xconnect vfi vfi-2001
L2 ContextRouterA#show interface gig2/3interface GigabitEthernet2/3
service instance dynamic 90 ethernetdescription L2 context for single-tag FSOL
encapsulation dot1q 1000-2000
ethernet subscriber
initiator unclassified vlan
service-policy type control DYNAMIC_EVC *
Dynamic Service InstanceRouterA#show derived-config interface gig2/3interface GigabitEthernet2/3
service instance 104 ethernet
description Dynamic customer 3
encapsulation dot1q 1006
rewrite ingress tag pop 1 symmetric
bridge-domain 2001
RADIUS Profile
User Profile (Username: RouterA:nas-port:2/0/3/0:1006)Cisco-AVPair = subscriber:sss-service=bridge
Cisco-AVPair = bridge-domain:bridge-domain-id=2001Cisco-AVPair = ethernet-service-instance:service-instance-description=Dynamic customer 3Cisco-AVPair = ethernet-service-instance:stag-vlan-id=1006Cisco-AVPair = ethernet-service-instance:rewrite-ingress=1Cisco-AVPair = ethernet-service-instance:rewrite-ingress-tag-operation=Pop1Cisco-AVPair = ethernet-service-instance:rewrie-ingress-symmetric=TRUE
Dynamic Bridge-Domain / Static VPLS
(*) See slide 65 for its definition
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
58/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58
Ethernet Accounting Static Service Instance
Simplified call flow
DESA
Access-Request(s):service:
Access-Accept(s): definition(s)Including Accounting VSA
Accounting-Request:Acct-Status-Type = start
Accounting-Response
Service-startevent posted
Accounting-Request:Acct-Status-Type = interim-update
Accounting-Response
Interim-update
Interim-update
Interim-update
Accounting-Request:Acct-Status-Type = stop
Accounting-Response
Manual EFPStatic ethernet session
configured
Session-start
event posted
2
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
59/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59
CE1PE 1
7600
AAAserver
E-LINE service
interface gig2/3service instance 3 ethernetencapsulation dot1q 40ethernet subscriber staticservice-policy type control DEMO1bridge-domain 40!
CE2PE 2
7600
DESA DESAEVC
Static
Ethernet session
Configuration Example
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
60/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
policy-map type control DEMO1class type control always event session-start1 service-policy type service name ACCT-SERVICE!!policy-map type service ACCT-SERVICEclass type traffic DUMMYTCaccounting aaa list default!!class-map type traffic match-any DUMMYTC!
Configuration Example (Cont.)
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
61/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61
DESA Summary
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
62/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62
Self-Service
Creates new service opportunities
Improves customer satisfaction
Lowers Opex
Dynamic PW creation
Simplifies configuration
Creates new service opportunities
Improves operations
Zero-Touch Provisioning
Improves scale
Reduces IT investment
Improves SLA response times
Granular Ethernet accounting
Improves customer satisfaction
Creates new service opportunities
Lowers OPEX -- improves operations
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
63/65
-
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
64/65
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64
DESA Configuration Guide
http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/15-1s/Dynamic_Ethernet_Service_Activation.html
Command References
http://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-
book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg-cr-book.html
Contacts
Amrit Hanspal (PM) / Jose Liste (TME)
http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/15-1s/Dynamic_Ethernet_Service_Activation.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/15-1s/Dynamic_Ethernet_Service_Activation.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg-cr-book.htmlmailto:[email protected]:[email protected]://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/isg/command/isg-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/15-1s/Dynamic_Ethernet_Service_Activation.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/15-1s/Dynamic_Ethernet_Service_Activation.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/15-1s/Dynamic_Ethernet_Service_Activation.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/15-1s/Dynamic_Ethernet_Service_Activation.htmlhttp://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/15-1s/Dynamic_Ethernet_Service_Activation.html -
7/27/2019 IOS Advantage - Creating Zero-Touch Carrier Ethernet Services
65/65