muse winter school 2006 muse winter school bb europe, geneva december 11 th, 2006

MUSE Winter School 2006

MUSE Winter School

BB Europe, GenevaDecember 11th, 2006

Tutorial Access Architecture — 2 MUSE Winter School 2006

Agenda

14:00 Access network architecture (P. Vetter, Alcatel-Lucent)

15:30 Coffee Break

15:45 Optimal resource utilisation by Traffic Engineering (I. Moldován, BUTE)

16:35 Residential Gateway and CPE Configuration and Management (G. Doumenis, ICCS) (*)

17:20 Closing Q&A

17:30 End

(*) separate handout

MUSE Winter School 2006

MUSE Access Network ArchitectureTutorial

[email protected]@alcatel.be

MUSE Winter SchoolBB Europe GenevaDecember 11th, 2006


Outline

Access Architecture

Autoconfiguration

Connectivity

QoS

(List of abbreviations)

(References)


Outline

Access Architecture• Definitions• Business Models• Intermezzo: Ethernet• Issues with Ethernet in Access

Autoconfiguration

Connectivity

QoS


(References)


Network architectureDefinitions (1): Networks

RGW

AccessEN

Ethernet aggregation network

AN

BRAS

RGW Service

EN

Terminals

Regional Network

ServiceNetwork

First MileCustomer

Premise Networks

Aggregation Networks

Access Network


Network architectureDefinitions (2): Nodes

RGW

AccessEN


AN

BRAS

RGW Service

EN

Terminals

Regional Network

ServiceNetwork

First MileCustomer

Premise Networks


Access Network


Network architectureDefinitions (3): Business roles

Regional Network

ServiceNetwork

Acce

ss N

ode

Acce

ss E

dge N

ode

First Mile

Customer Premise Networks


NAP RNP

Connectivity Provider

Packager

ASP

NSP

ISP

Subscriber

Network Access Provider

Regional Network Provider

Service Providers


Relations between business roles

ApplicationServiceProvider


AccessNetworkProvider



CustomerconsumerCustomerconsumer

ConnectivityProviderConnectivityProvider

RegionalNetworkProvider

ContentProvider

RegionalNetworkProvider

ContentProvider


Application Service / Content Provider

Customer

Packager

Network Provider

Application Service / Content Provider

Customer

Packager

Network Provider

Packager


Applications delivered with an assured QoS

NetworkServiceProvider


Wholesale - Retail

“Wholesale” means that a provider offers his services to an other provider

“Retail” means that a a provider offers his services directly to the subscriber

Unless otherwise specified in this course, these terms mostly apply to a NAP

Examples• “IP wholesale”: the NAP does not provide IP connectivity to the

subscriber, only L2 connectivity. One or more NSP are responsible to offer IP connectivity.

• “IP retail”: NAP is also NSP and offers IP connectivity to subscribers.

• “Application retail”: NAP also acts as ASP and offers applications to subscribers.


Intermezzo: Ethernet Standards

IEEE802.3: Physical layer and MAC for LAN• (IEEE802.3ah: Ethernet in the first mile)

IEEE802.1:• 802.1D: Bridging • 802.1Q: Virtual Bridged LAN: 12 VLAN ID => 4094 possible (+2 reserved)• 802.1P: Use of priority 3 bits in VLAN Tag to differentiate class of service• 802.1ad: Provider bridge (Stacked VLANs)• 802.1X: Port Authentication

PRE SFD DA SALength/

TypeData FCS

7 1 6 6 2 46-1500 4 Bytes

PRE SFD DA SA

7 1 6 6 S-VLAN tag: 4 C-VLAN tag: 4 2 46-1500 4 Bytes

TPIDPriority

bitsVLAN IDCFI TPID

Prioritybits

VLAN IDCFILength/

TypeData FCS

PRE SFD DA SALength/

TypeData FCS

7 1 6 6 VLAN tag: 4 Bytes 2 46-1500 4 Bytes

TPIDPriority

bitsVLAN IDCFI

16 3 1 12 bits


Intermezzo: Ethernet Bridge/Switch

Ethernet (CSMA)

Bridge

Ethernet Bridge (802.1D)

(Ethernet Switch)

VLAN aware Switch (802.1Q)

Hub


Issues when using Ethernet in Access

Ethernet LAN (trusted environment)

Ethernet in Access (public network)

Bridge learning - Broadcast of some initialisation messages (ARP, DHCP, PPPoE)

• DOS attacks• Confidential info to other users

or competing providers

Secure and scalableconnectivity models

• Model 1 (L2 forwarding)• Model 2 (L3 forwarding)

No authentication AAA

Configurable MAC@• Conflicts, spoofing

Anti-spoofing mechanism

No QoS QoS framework


Outline

Access Architecture

Autoconfiguration• AAA• PPP Model• Non-PPP autoconfiguration DCHP – 802.1X

Connectivity

QoS


(References)


Definitions Auto configuration and AAA

Autoconfiguration: process of establishing a connection

AAAAuthentication

– process of determining whether someone or something is, in fact, who or what it is declared to be.

– based on identifiers and security attributes. – part of an actual access to a network/service in the context of a SLA or

contract, and often is linked with a fee (Accounting)

Authorization – process of giving individuals access to system objects based on their identity.

Accounting – recording, classifying, summarizing, and interpreting of events of a financial

character in a significant manner


Autoconfiguration: PPP model

Characteristics :• PPP = Point-to-Point Protocol• PPP session performs (between CP modem - PPP peer)

– Link establishment (LCP packets)– Authentication (optional, PAP or CHAP)– Network-layer protocol (NCP packets :

eg IPCP: CP gets its IP@)• PPP encapsulation stays during session

Origin of PPP for Internet Access via voice band modems (fig.)• Continued to be used in DSL

PSTN InternetRASModemModem

bank


Autoconfiguration : PPP model

PPP in access network• PPP can start at :

– CPE Modem(router)

– Host (PC)

• PPP can end at :

– (IP) DSLAM

– BRAS (NAP)

– BRAS (NSP) via L2TP tunnel

Switch

NAP NSP

L2TP


PPPoE

PPPoE needed when PPP transported over Ethernet: allows– transport over shared medium– PPP session multiplexing

Autoconfig Procedure :- Detection of server(s):

PPPoE Active Discovery Initiation (PADI)- Server(s) reply :

PPPoE Active Discovery Offer (PADO)- Choice of server :

PPPoE Active Discovery Request (PADR)- Server confirmation :

PPPoE Active Discovery Session-confirmation (PADS)

PPP

IP

PPPoE

802.3 MAC

PPP

IP

PPPoE

802.3 MAC

RFC 2684

AAL5

ATM

PPPoE PPPoEoA


PPPoE initialisation

PPPoEClient

<PADI>

Ethernet:- DA: Broadcast- SA: User MAC@

PPPoE:-ISP-Name

ModemTerminator

Access Node EthernetSwitch

PPPoEServer inEdge Node <PADI>

Ethernet:

-DA: Broadcast-SA: User MAC@PPPoE:

<PADI>

Ethernet:-S-VLAN ID-(C-VLAN ID)-DA: Unicast/Multicast- SA: User MAC@

PPPoE:

<PADI>

Ethernet:-S-VLAN ID-(C-VLAN ID)-DA: Unicast/Multicast- SA: User MAC@

PPPoE:

<PADO>

Ethernet:-S-VLAN ID-(C-VLAN ID)- DA: User MAC@- SA: Server MAC@

PPPoE:

<PADO>

Ethernet:-S-VLAN ID-(C-VLAN ID)- DA: User MAC@- SA: Server MAC@

PPPoE:

<PADO>

Ethernet:-DA: User MAC@-SA: Server MAC@PPPoE:

<PADO>

Ethernet:- DA: User MAC@- SA: Server MAC@

PPPoE:

<PADR>

Ethernet:- DA: Server MAC@- SA: User MAC@

<PADR>

Ethernet:-DA: Server MAC@-SA: User MAC@

<PADR>

Ethernet:-S-VLAN ID-(C-VLAN ID)- DA: Server MAC@- SA: User MAC@

<PADR>

Ethernet:-S-VLAN ID-(C-VLAN ID)- DA: Server MAC@- SA: User MAC@

<PADS><PADS><PADS><PADS>

-ISP-Name

-ISP-Name

-ISP-Name

-ISP-Name-ISP-Name

-ISP-Name-ISP-Name


Non-PPP autoconfiguration

PPP is tunnel for each connection

Disadvantages of PPP:• Separate tunnel per QoS class• No support multicast streams• Dataplane process• Not supported by all types of terminals

Non-PPP: => DHCP• LCP ? • Authentication ?• NCP ?

DHCP

IP

802.3 MAC

Config Data

IP

802.3 MAC


Authentication in Non-PPP model

Portal based authentication

EAP

IEEE 802.1X

PANA (Protocol for carrying Authentication for Network Access)

DHCP option 90


Autoconfiguration : DHCP model

Characteristics :• DHCP = Dynamic Host Configuration Protocol• DHCP works in client/server mode• DHCP is carried over IP, only during config phase• DHCP session (host - server) :

– delivers host-specific config parameters– allocates NW addresses to host

– automatic : permanent IP@– dynamic : leased IP@ (limited time)– manual

Autoconfig procedure :• Discovery of DHCP server (DHCPDISCOVER)• Replies of server(s) (DHCPOFFER)• Host selects server (DHCPREQUEST)• Server acks and sets config (DHCPACK)

DHCP

IP

802.3 MAC

Config Data

IP

802.3 MAC


IEEE 802.1X

802.1X compliant portof a NAP

LAN

UncontrolledPort

Port AuthenticationEntity(PAE)

ControlledPort

OtherPort

Services

802.1xSuplicant

RADIUS,DIAMETER

AuthenticationServer

PortAuthorize


Authentication Architecture

CPN

aggregation network

802.1X Authenticator on the port

+ Radius client 802.1X supplicant

Bridged or routed modem

Authentication server

AAA server

Access Node

Terminal

Edge Node


Autoconfiguration message sequenceAutoconfiguration messages


Exercise (cf. Ethereal read-out)

1. What is the protocol used for autoconfiguration ?

2. Identify the main message groups as explained in the course ?

3. What is the IP-address assigned after autoconfiguration ?

4. What is the IP address of the DNS server ?

5. What is the hexadecimal code for a Broadcast MAC@ ?


Outline

Access Architecture

Autoconfiguration

Connectivity• Model 1: L2 Forwarding• Model 2: L3 Forwarding

QoS


(References)


Model 1: Ethernet network model

CPN

CPN

NSP/ISP

NSP/ISP

NSP/ISP

ASPNAP

EN

Ethernetaggregation network

AN

CPE

EN

CPE

Ethernet switch(802.1ad)

bridged

Ethernet switch(S-VLAN aware or 802.1Q)

BRAS or Edge Routerrouted

(IPv4/IPv6)

IP termination


Model 1: Cross-connect mode

CPN

NSP/ISP

NSP/ISP

NSP/ISP

ASPNAP

CPN

EN


Routed => L2 termination

CPE EN

MAC @ FWDwithin S-VLAN

US : L2 terminationDS : S-VLAN + C-VLAN tagging

S-VLAN 1

S-VLAN 4

S-VLAN 2

S-VLAN 3

C-VLAN 1C-VLAN 2

C-VLAN 1C-VLAN 2

C-VLAN 1C-VLAN 2

C-VLAN-based Cross-connecting : 1(+) C-VLAN(s) <=> 1 lineUS : S-VLAN taggingDS : S-VLAN stripping

IP@ in SubNet service 1 IP@ in SubNet service 2

Bridged => MAC@ FWD


Model 1: Intelligent bridging mode

NSP/ISP

NSP/ISP

NSP/ISP

ASPNAP

CPN

ENEthernet

aggregation networkAN

MAC @ forwardingUS : S-VLAN taggingDS : S-VLAN stripping

Routed => L2 termination

CPE EN

MAC @ forwardingwithin S-VLAN

US : L2 terminationDS : S-VLAN tagging

S-VLAN1

S-VLAN4

S-VLAN2

S-VLAN3

CPN

Bridged => MAC@ FWD


Model 1: Characteristics

Intrinsically• Based on Ethernet-compliant switches (802.1ad)

– MAC learning, VLAN configuration, RSTP, L2 QoS based on p-bits

• Interpretation of IGMP for multicast tree building• Scalability factor; MAC@ (bridging) / stacked VLANs (X-connect)• Priority has been put on intelligent bridging

– lower complexity, compatible with existing ENs

With respect to ATM networks• Possibility for cost-effective bandwidth upgrades with Ethernet technology• Packet-based nature of Ethernet =>

– more efficient delivery of multicast or broadcast streams (through the use of multicast trees),

– the ability to differentiate QoS on a packet basis for differentiated services, – a simpler provisioning of the network.


Model 2: IP network model

NSP/ISP

NSP/ISP

NSP/ISP

ASPNAP

EN

AN

CPE

EN

CPNCPE

CPNCPE

Ethernet / IP / (MPLS)aggregation network

(optional)Ethernet for

IPoPPPoE

Ethernet switch(S-VLAN aware or 802.1Q)

BRAS or Edge Router

bridged

routed(IPv4/IPv6)

IP termination(IPv4/IPv6)

Router (IPv4/IPv6)

IP for IPoE (IPv4/IPv6)


Model 2: IP forwarding mode (IPoE traffic)

CPN

CPN

NSP/ISP

NSP/ISP

NSP/ISP

ASPNAP

EN(router)Ethernet

aggreg. NWAN

CPE EN

(BRAS)

ARP proxyDHCP relay

IP forwarding

CPN

IP@ in SubNet service 1 (e.g. wholesale)IP@ in SubNet service 2 (e.g. retail)

Service connectionsS-VLANs (1 per EN,

+ optionally per service)


Model 2: IP routing mode for retail (IPoE traffic)

CPN

CPN

NSP/ISP

NSP/ISP

NSP/ISP

ASPNAP

EN(router)Ethernet

aggreg. NWAN

CPE EN

(BRAS)

CPN

DHCP relayIP routing

S-VLANs (1 per EN, + optionally per service)

IP@ in SubNet retail applicationsIP@ in private subnet (not globally accessible)


Model 2: IP routing mode for wholesale (IPoE traffic)

CPN

CPN

NSP/ISP

NSP/ISP

NSP/ISP

ASPNAP

EN(router)Ethernet

aggreg. NWAN

CPE EN

(BRAS)

CPN

DHCP relayIP routing

S-VLANs (1 per EN, + optionally per service)

IP@ in SubNet service 1 (e.g. wholesale)IP@ in SubNet service 2 (e.g. retail)IP@ in private subnet (not globally accessible)


Model 2: Characteristics

Intrinsically• Higher level of IP-awareness• Forwarding decisions based on IP addresses (not necessarily full router)• Interpretation of IGMP or PIM for multicast tree building• Scalability factor;

– ARP tables (IP forwarding) / routing messages (routing case, depending on subnetting)

• Priority has been put on IP forwarding for IPoE and L2 switching for IPoPPPoE– No need for routing protocols between AN and EN while allowing best subnetting– Easiest migration from existing networks

With respect to Ethernet NW model• IP as basis for packet handling =>

– IP QoS– Natural way for peer-peer– Security; separation of user at L2, more control on IP@ by operator than on MAC@– Scalability; solved for L2, at L3 depends on subnetting scheme– Flexibility for S-VLANs; can be shared over multiple ANs– Future-ready (for service enablers operating at IP level)


Outline

Access Architecture

Autoconfiguration

Connectivity

QoS


(References)


QoS introduction

QoS is key in multi-service access

End-to-End QoS solutions (e.g. IntServ) • commercially failed because of complexity

Priority based QoS (e.g. Diffserv) • works in Core Networks with sufficient capacity, • not suited for Access & Aggregation

=> Simplified QoS control in Access & Aggregation needed

EdgeNodeAccess

Node


Principle of CAC (Call Admission Control)

EdgeNodeAccess

Node

Pre-provisioned pipes

RAC

Resource Admission Control Function• View of flows and BW already allocated

• Configures policers at borders

• Admission control after request


CP

QoS Control Functions and Steps

RNP

Customer

ISP

ASP1

ASP2NAP

AccessEN

RGW Terminals

AN

EthernetAggregation network

RACF

AF

AF

S-VLANS-VLAN

RACF for RN

S-PDF

Policy Enforcement function


Considerations for CAC

CP

RNP

Customer

ISP

ASP1

ASP2NAP

AccessEN

RGW Terminals

AN

EthernetAggregation network

RACF

AF

AF

S-VLANS-VLAN

RACF for RN

S-PDF

LocalRACF

Selective CAC:• Only for services that need it• Only for network sections that

need it

Centralised or distributed CAC

S-VLAN 2S-VLAN 2

Policy enforcement• US: at AN• DS: at EN and at ANPer flow or per aggregate


Standardisation and industry forumsrelevant for BB Access Architecture

DSL Forum• Architecture & Transport (e.g. TR-101 Migration to Ethernet in

Access)• DSL Home (e.g. TR-069 remote management protocol)• Operations & Network Service Management• Test & Interoperability

ETSI-TISPAN• NGN Architecture (QoS framework)

HGI• Requirements for Residential Gateways

Other: IEEE802, IETF, MEF, ITU-T


Agenda

14:00 Access network architecture (P. Vetter, Alcatel-Lucent)

15:30 Coffee Break

15:45 Optimal resource utilisation by Traffic Engineering (I. Moldován, BUTE)

16:35 Residential Gateway and CPE Configuration and Management (G. Doumenis, ICCS)

17:20 Closing Q&A

17:30 End


Abbreviations (1)


Abbreviations (2)


Abbreviations (3)


Abbreviations (4)


References

muse winter school 2006 muse winter school bb europe, geneva december 11 th, 2006

Documents

tutorial access architecture

individuals access

actual access

ethernet issues

ip connectivity

qos qos framework slide

q hub slide

significant manner slide