studentguide implementing broadband aggregation on cisco10k vol1

BBAGG

Volume 1

Implementing Broadband Aggregation on Cisco 10000 Series

Version 1.0

Student Guide

The products and specifications, configurations, and other technical information regarding the products in this manual are subject to change without notice. All statements, technical information, and recommendations in this manual are believed to be accurate but are presented without warranty of any kind, express or implied. You must take full responsibility for their application of any products specified in this manual. LICENSE PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THE MANUAL, DOCUMENTATION, AND/OR SOFTWARE (MATERIALS). BY USING THE MATERIALS YOU AGREE TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT AGREE WITH THE TERMS OF THIS LICENSE, PROMPTLY RETURN THE UNUSED MATERIALS (WITH PROOF OF PAYMENT) TO THE PLACE OF PURCHASE FOR A FULL REFUND. Cisco Systems, Inc. (Cisco) and its suppliers grant to you (You) a nonexclusive and nontransferable license to use the Cisco Materials solely for Your own personal use. If the Materials include Cisco software (Software), Cisco grants to You a nonexclusive and nontransferable license to use the Software in object code form solely on a single central processing unit owned or leased by You or otherwise embedded in equipment provided by Cisco. You may make one (1) archival copy of the Software provided You affix to such copy all copyright, confidentiality, and proprietary notices that appear on the original. EXCEPT AS EXPRESSLY AUTHORIZED ABOVE, YOU SHALL NOT: COPY, IN WHOLE OR IN PART, MATERIALS; MODIFY THE SOFTWARE; REVERSE COMPILE OR REVERSE ASSEMBLE ALL OR ANY PORTION OF THE SOFTWARE; OR RENT, LEASE, DISTRIBUTE, SELL, OR CREATE DERIVATIVE WORKS OF THE MATERIALS. You agree that aspects of the licensed Materials, including the specific design and structure of individual programs, constitute trade secrets and/or copyrighted material of Cisco. You agree not to disclose, provide, or otherwise make available such trade secrets or copyrighted material in any form to any third party without the prior written consent of Cisco. You agree to implement reasonable security measures to protect such trade secrets and copyrighted Material. Title to the Materials shall remain solely with Cisco. This License is effective until terminated. You may terminate this License at any time by destroying all copies of the Materials. This License will terminate immediately without notice from Cisco if You fail to comply with any provision of this License. Upon termination, You must destroy all copies of the Materials. Software, including technical data, is subject to U.S. export control laws, including the U.S. Export Administration Act and its associated regulations, and may be subject to export or import regulations in other countries. You agree to comply strictly with all such regulations and acknowledge that it has the responsibility to obtain licenses to export, re-export, or import Software. This License shall be governed by and construed in accordance with the laws of the State of California, United States of America, as if performed wholly within the state and without giving effect to the principles of conflict of law. If any portion hereof is found to be void or unenforceable, the remaining provisions of this License shall remain in full force and effect. This License constitutes the entire License between the parties with respect to the use of the Materials Restricted Rights - Ciscos software is provided to non-DOD agencies with RESTRICTED RIGHTS and its supporting documentation is provided with LIMITED RIGHTS. Use, duplication, or disclosure by the U.S. Government is subject to the restrictions as set forth in subparagraph C of the Commercial Computer Software - Restricted Rights clause at FAR 52.227-19. In the event the sale is to a DOD agency, the U.S. Governments rights in software, supporting documentation, and technical data are governed by the restrictions in the Technical Data Commercial Items clause at DFARS 252.227-7015 and DFARS 227.7202. DISCLAIMER OF WARRANTY. ALL MATERIALS ARE PROVIDED AS IS WITH ALL FAULTS. CISCO AND ITS SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. In no event shall Ciscos or its suppliers liability to You, whether in contract, tort (including negligence), or otherwise, exceed the price paid by You. The foregoing limitations shall apply even if the above-stated warranty fails of its essential purpose. The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio-frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case users will be required to correct the interference at their own expense. The following information is for FCC compliance of Class B devices: The equipment described in this manual generates and may radiate radio-frequency energy. If it is not installed in accordance with Ciscos installation instructions, it may cause interference with radio and television reception. This equipment has been tested and found to comply with the limits for a Class B digital device in accordance with the specifications in part 15 of the FCC rules. These specifications are designed to provide reasonable protection against such interference in a residential installation. However, there is no guarantee that interference will not occur in a particular installation.

You can determine whether your equipment is causing interference by turning it off. If the interference stops, it was probably caused by the Cisco equipment or one of its peripheral devices. If the equipment causes interference to radio or television reception, try to correct the interference by using one or more of the following measures: Turn the television or radio antenna until the interference stops. Move the equipment to one side or the other of the television or radio. Move the equipment farther away from the television or radio. Plug the equipment into an outlet that is on a different circuit from the television or radio. (That is, make certain the equipment and the television or radio are on circuits controlled by different circuit breakers or fuses.) Modifications to this product not authorized by Cisco Systems, Inc. could void the FCC approval and negate your authority to operate the product. The following third-party software may be included with your product and will be subject to the software license agreement: CiscoWorks software and documentation are based in part on HP OpenView under license from the Hewlett-Packard Company. HP OpenView is a trademark of the Hewlett-Packard Company. Copyright 1992, 1993 Hewlett-Packard Company. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs public domain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California. Network Time Protocol (NTP). Copyright 1992, David L. Mills. The University of Delaware makes no representations about the suitability of this software for any purpose.

Point-to-Point Protocol. Copyright 1989, Carnegie-Mellon University. All rights reserved. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission.

The Cisco implementation of TN3270 is an adaptation of the TN3270, curses, and termcap programs developed by the University of California, Berkeley (UCB) as part of UCBs public domain version of the UNIX operating system. All rights reserved. Copyright 1981-1988, Regents of the University of California.

Cisco incorporates Fastmac and TrueView software and the RingRunner chip in some Token Ring products. Fastmac software is licensed to Cisco by Madge Networks Limited, and the RingRunner chip is licensed to Cisco by Madge NV. Fastmac, RingRunner, and TrueView are trademarks and in some jurisdictions registered trademarks of Madge Networks Limited. Copyright 1995, Madge Networks Limited. All rights reserved.

XRemote is a trademark of Network Computing Devices, Inc. Copyright 1989, Network Computing Devices, Inc., Mountain View, California. NCD makes no representations about the suitability of this software for any purpose.

The X Window System is a trademark of the X Consortium, Cambridge, Massachusetts. All rights reserved.

Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on the Cisco Web site at www.cisco.com/go/offices.

Argentina Australia Austria Belgium Brazil Bulgaria Canada Chile China PRC Colombia Costa Rica Croatia Czech Republic Denmark Dubai, UAE Finland France Germany Greece Hong Kong SAR Hungary India Indonesia Ireland Israel Italy Japan Korea Luxembourg Malaysia Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela Vietnam Zimbabwe

Copyright 2003, Cisco Systems, Inc. All rights reserved. AccessPath, AtmDirector, Browse with Me, CCDA, CCDE, CCDP, CCIE, CCNA, CCNP, CCSI, CD-PAC, CiscoLink, the Cisco NetWorks logo, the Cisco Powered Network logo, Cisco Systems Networking Academy, Fast Step, Follow Me Browsing, FormShare, FrameShare, GigaStack, IGX, Internet Quotient, IP/VC, iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ logo, iQ Net Readiness Scorecard, MGX, the Networkers logo, Packet, RateMUX, ScriptBuilder, ScriptShare, SlideCast, SMARTnet, TransPath, Unity, Voice LAN, Wavelength Router, and WebViewer are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All Thats Possible, and Empowering the Internet Generation, are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, Cisco, the Cisco Certified Internetwork Expert Logo, Cisco IOS, the Cisco IOS logo, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Enterprise/Solver, EtherChannel, EtherSwitch, FastHub, FastSwitch, IOS, IP/TV, LightStream, MICA, Network Registrar, PIX, Post -Routing, Pre-Routing, Registrar, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.

All other brands, names, or trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0104R)

Book Title, Revision xx.x: Student Guide Copyright 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.

2003 Cisco Systems, Inc. Version 1.0 v

Course Overview

Intended Audience

This course is for technical professionals who need to know how to implement broadband aggregation on the Cisco 10000 Series router. The following are considered the primary audience for this course:

Customer technicians

Cisco System Engineers (SEs)

System Integrators (SIs)

Course Level

This course is basic and intermediate training for the topics that it covers.

Prerequisites

Students attending this course should have successfully completed the following training:

Interconnecting Cisco Network Devices (ICND) or equivalent experience

Campus ATM (CATM) or equivalent experience

Basic DSL End To End Architecture either video on demand or leader-led or equivalent experience

vi Version 1.0 Implementing Broadband Aggregation

Additional Information Cisco Systems Technical Publications

You can print technical manuals and release notes directly from the Internet. Go to http://www.cisco.com/univercd/home/home.htm. Find the Cisco Systems product for which you need documentation. Then locate the specific category and model or version for your hardware or software product. Using Adobe Acrobat Reader, you can open the manuals and release notes, search for the sections you need, and print them on most standard printers. You can download Acrobat Reader free from the Adobe Systems website, www.adobe.com.

Documentation sets and CDs are available through your local Cisco Systems sales office or account representative.

Cisco Systems Service

Comprehensive network support is available from Cisco Systems Service & Support solutions. Go to http://www.cisco.com/public/support_solutions.shtml for a listing of services.

2003 Cisco Systems, Inc. Version 1.0 vii

Course Agenda

Day 1

Broadband Aggregation Architectures

RBE and RFC 1483 Routing

PPPoA

Day 2

PPPoE

Cisco Aggregation Optimization Features

AAA Service

Day 3

L2TP

Cisco 10000 Series Router Hardware Overview

Cisco 10000 Series Router Software Overview

viii Version 1.0 Implementing Broadband Aggregation

2003 Cisco Systems, Inc. Version 1.0 ix

Course Introduction and Objectives

Overview

Description

This course is intended for customer technicians and system integrators who need to implement various broadband aggregation technologies on Cisco routers. This course also enables Cisco System Engineers (SEs) to present and demonstrate various broadband aggregation technologies on Cisco routers for customers. Students learn about RBE, PPPoA, PPPoE, and L2TP, and learn how to configure and verify operation of these technologies on Cisco routers. This course also explains the Cisco 10000 Series router hardware architecture and software features.

The course is instructor-led and includes hands-on lab exercises. Lecture topics are reinforced with supporting student exercises.

This course focuses on implementing broadband aggregation technologies on the Cisco 10000 Series router, however, most learning experiences from this course may be applied to other Cisco routers that support these technologies.

Objectives

After completing this course, you will be able to do the following:

Compare and contrast the various broadband aggregation architectures available with Cisco routers

Explain how RBE and RFC 1483 routing work, describe their typical architectures and benefits, and configure them on Cisco routers

Explain how PPPoA and PPPoE work, along with descriptions of their typical architecture and benefits, and configure them on Cisco routers

x Version 1.0 Implementing Broadband Aggregation

Explain and configure various methods for optimizing subscriber connections including PVC range, auto detect PPPoX encapsulation, VC class, ATM PVC autoprovisioning, and BBA groups

Explain AAA services available on Cisco routers and RADIUS servers and configure AAA services on Cisco routers

Explain how L2TP works, describe its typical architecture and benefits, and configure it on Cisco routers

Describe the Cisco 10000 Series router and explain the features and functions of system-wide hardware and software components

Identify and describe system modules and services on the Cisco 10000 Series router that are utilized in broadband aggregation deployment scenarios

2003 Cisco Systems, Inc. Version 1.0 xi

Contents Course Overview ...........................................................................................................v Course Agenda ............................................................................................................vii

Course Introduction and Objectives........................................................................ ix Overview...................................................................................................................... ix

Module 1 Broadband Aggregation Architectures ..........................................11 Overview................................................................................................................... 11 Broadband Aggregation Introduction ......................................................................... 12 Retail and Wholesale Services ................................................................................. 112 VC Service............................................................................................................... 116 ATM Bridging and Routing Methods ....................................................................... 118 PPP Review ............................................................................................................. 120 PPP Broadband Access Methods .............................................................................. 124 PTA......................................................................................................................... 126 L2TP ....................................................................................................................... 128 AAA ........................................................................................................................ 130 Managed LNS ......................................................................................................... 132 Remote Access into MPLS ....................................................................................... 134 SSG and SESM ....................................................................................................... 136 Summary ................................................................................................................ 140 Review Questions .................................................................................................... 141

Module 2 RBE and RFC 1483 Routing...............................................................21 Overview................................................................................................................... 21 Typical RBE Architecture.......................................................................................... 22 RFC 1483 Bridging Protocol Stack............................................................................. 24 How Does RBE Work? ............................................................................................... 28 RBE Configuration .................................................................................................. 212 RBE Advantages and Disadvantages ....................................................................... 218 Typical RFC 1483 Routing Architecture .................................................................. 222 RFC 1483 Routing Protocol Stack ............................................................................ 224

xii Version 1.0 Implementing Broadband Aggregation

How Does RFC 1483 Routing Work? ........................................................................ 226 RFC 1483 Routing Configuration ............................................................................. 228 RFC 1483 Routing Advantages and Disadvantages ................................................. 232 Summary ................................................................................................................ 234 Review Questions .................................................................................................... 235

Module 3 PPPoA .....................................................................................................31 Overview................................................................................................................... 31 Typical PPPoA Architecture ...................................................................................... 32 PPPoA with PTA Protocol Stack ................................................................................ 36 PPPoA with Tunneling Protocol Stack ..................................................................... 310 How Does PPPoA Work with PTA? .......................................................................... 312 How Does PPPoA Work with Tunneling? ................................................................. 314 PPPoA IP Address Management.............................................................................. 316 PPPoA Configuration .............................................................................................. 318 PPPoA Advantages and Disadvantages ................................................................... 328 Summary ................................................................................................................ 332 Review Questions .................................................................................................... 333

Module 4 PPPoE......................................................................................................41 Overview................................................................................................................... 41 Typical PPPoE Architecture ...................................................................................... 42 PPPoE Protocol Stack................................................................................................ 46 How Does PPPoE Discovery Work?............................................................................ 48 PPPoEoA with PTA Protocol Stack .......................................................................... 410 PPPoEoA with Tunneling Protocol Stack ................................................................. 414 How Does PPPoE Work with PTA? .......................................................................... 416 How Does PPPoE Work with Tunneling? ................................................................. 418 PPPoE IP Address Management.............................................................................. 420 PPPoEoA Configuration .......................................................................................... 422 PPPoE Advantages and Disadvantages ................................................................... 434 PPPoEoE and PPPoEo892.1q................................................................................... 438 PPPoEoE and PPPoEo892.1q Configuration ............................................................ 440 Summary ................................................................................................................ 442 Review Questions .................................................................................................... 443

Module 5 Cisco Aggregation Optimization Features ....................................51 Overview................................................................................................................... 51

2003 Cisco Systems, Inc. Version 1.0 xiii

Optimization Features Introduction .......................................................................... 52 Minimizing ATM PVC Provisioning ........................................................................... 54 PVC Range................................................................................................................ 56 VC Class ................................................................................................................. 514 ATM PVC Autoprovisioning .................................................................................... 518 Autosense PPPoX Encapsulation ............................................................................. 522 PPPoE Profiles ........................................................................................................ 528 Summary ................................................................................................................ 532 Review Questions .................................................................................................... 533

Module 6 AAA Services.........................................................................................61 Overview................................................................................................................... 61 Introduction to AAA .................................................................................................. 62 Authentication .......................................................................................................... 68 Authorization .......................................................................................................... 610 Accounting .............................................................................................................. 612 AAA-Supported Protocols ........................................................................................ 614 RADIUS Attributes ................................................................................................. 616 Radius Files ............................................................................................................ 620 AAA Implementations ............................................................................................. 628 RADIUS Protocol..................................................................................................... 632 Cisco Implementation of AAA.................................................................................. 644 Troubleshooting Aids............................................................................................... 656 Cisco IOS Commands .............................................................................................. 658 UNIX Commands .................................................................................................... 670 Review Questions .................................................................................................... 677

Module 7 L2TP .........................................................................................................71 Overview................................................................................................................... 71 L2TP Overview.......................................................................................................... 72 L2TP Components..................................................................................................... 74 L2TP Tunnel and Session Identifiers......................................................................... 76 Encapsulations Supported......................................................................................... 78 L2TP Message Format............................................................................................. 710 Incoming Call Sequence........................................................................................... 712 Forwarding PPP Frames ......................................................................................... 716 Call Disconnect Sequence ........................................................................................ 718 Typical L2TP Scenarios........................................................................................... 720

xiv Version 1.0 Implementing Broadband Aggregation

L2TP Configuration Overview ................................................................................. 724 L2TP Tunnel Attributes .......................................................................................... 726 L2TP Configuration Without RADIUS..................................................................... 728 L2TP Configuration with RADIUS .......................................................................... 736 Tunnel Verification ................................................................................................. 750 Summary ................................................................................................................ 758 Review Questions .................................................................................................... 759

Module 8 Cisco 10000 Series Router Hardware Overview ..........................81 Overview................................................................................................................... 81 Cisco 10000 Series Router Introduction ..................................................................... 82 Broadband Aggregation Deployment Scenarios ......................................................... 84 Cisco 10000 Series Router Components Overview...................................................... 86 Chassis Description ................................................................................................... 88 Modules Used with Broadband Aggregation ............................................................ 814 Cisco 10000 Series Router Architecture Overview ................................................... 818 Functional Block Diagram ....................................................................................... 820 Router Buffer Management ..................................................................................... 824 Router Backplane.................................................................................................... 826 Performance Routing Engine-2 ................................................................................ 830 PRE-2 Front Panel .................................................................................................. 832 PRE-2 Architecture ................................................................................................. 834 PRE-2 Packet Flow.................................................................................................. 842 PXF Technology and Operation ............................................................................... 850 PRE Comparison ..................................................................................................... 860 High Availability ..................................................................................................... 862 PRE Redundancy..................................................................................................... 864 Cisco 10000 Series Router Broadband Aggregation Line Cards................................ 874 ATM Line Cards ...................................................................................................... 876 ATM Line Card Common Features .......................................................................... 882 Assigning VPI/VCIs for ATM VC Scaling ................................................................. 888 LAN Line Cards ...................................................................................................... 892 Packet over SONET Line Cards..............................................................................8106 Common POS/SDH Line Card Features .................................................................8112 Summary ...............................................................................................................8114 Review Questions ...................................................................................................8115

2003 Cisco Systems, Inc. Version 1.0 xv

Module 9 Cisco 10000 Series Router Software Overview............................91 Overview................................................................................................................... 91 Software Architecture................................................................................................ 92 Software components................................................................................................. 94 Cisco 10000 Router Software ..................................................................................... 96 Supported Encapsulations ....................................................................................... 914 Frame Relay Support .............................................................................................. 918 Broadband Features and Scaling ............................................................................. 920 Leased-Line Features and Scaling ........................................................................... 928 High Availability and Management Functionality ................................................... 934 QoS Features and Functions.................................................................................... 936 Class-Map Match Options ....................................................................................... 938 Policy-Map Keywords .............................................................................................. 940 Policy-Map Actions .................................................................................................. 942 QoS Facts ................................................................................................................ 946 Policing Considerations ........................................................................................... 952 VC Scaling with QoS ............................................................................................... 954 System Status and Alarms ...................................................................................... 958 Checking the Data Path .......................................................................................... 966 System-Wide Statistics and Performance................................................................. 980 Summary ................................................................................................................ 996

Glossary .......................................................................................................................... 1 Technology Acronyms ....................................................................................................2 Cisco 10000 Series Router Acronyms .............................................................................5

Appendix A Review Question Answers........................................................... A1 Appendix Contents ....................................................................................................A1 Module 1 Broadband Aggregation Architectures .....................................................A2 Module 2 RBE and RFC 1483 .................................................................................A4 Module 3 PPPoA.....................................................................................................A7 Module 4 PPPoE...................................................................................................A10 Module 5 Cisco Aggregation Optimization Features..............................................A13 Module 7 AAA Services.........................................................................................A14 Module 7 L2TP .....................................................................................................A16 Module 8 Cisco 10000 Series Router Hardware Overview .....................................A18

xvi Version 1.0 Implementing Broadband Aggregation

Appendix B Router Starting Configurations ..................................................B1 Appendix Contents ....................................................................................................B1 P1R1 Configurations .................................................................................................B2 P1R2 Configurations ...............................................................................................B16 P1R3 Configuration .................................................................................................B30 Core Routers Configurations ...................................................................................B32 PC CPE Configurations ...........................................................................................B36

2003 Cisco Systems, Inc. Version 1.0 11

Module 1 Broadband Aggregation Architectures

Overview

Description

In this module, you will learn about the various broadband aggregation architectures available with Cisco routers.

Objectives

After completing this module, you will be able to do the following:

List various broadband aggregation architectures

Identify the technologies used by each architecture and describe how each architecture functions

Identify the benefits of each architecture

Broadband Aggregation Architectures Module 1

12 Version 1.0 Implementing Broadband Aggregation

Broadband Aggregation Introduction

This section describes the various segments that constitue a broadband subscriber network environment.

Network Segments

You can view the access and core network that serve broadband subscribers as being divided into three segments.

Customer Premises Equipment (CPE)

Network Access Provider (NAP)

Network Service Provider (NSP)

The NAP and NSP may be owned by different businesses or by one company. This is described in more detail in the Retail and Wholesale Services section. Although the drawing illustrates digital subscriber line (DSL) access, the same functional segments apply to other broadband access methods, such as cable and wireless.

Module 1 Broadband Aggregation Introduction


Broadband Aggregation Introduction

CPECustomer Premises EquipmentNAPNetwork Access ProviderNSPNetwork Service Provider

CPE NAP NSP

Video

Voice

Content

ATU-RDSLAM

AggregationService Selection

Core

TerminationService

Selection

Enterprise

Internet

ISP

Internet



Broadband Aggregation Introduction (continued)

CPE

The term CPE refers to the equipment required on the customer premises, typically a modem and personal computer. The modem type varies with the access method, such as DSL and cable.

The modem generally provides Layer 1 and Layer 2 functions and in some applications Layer 3 functions.

Physical layer transport of data according to the subscriber connection type; for example, asymmetric digital subscriber line (ADSL)

Data Link layer encapsulation of data for transport across the physical link; for example, ATM, bridging, and Point-to-Point Protocol (PPP)

Network layer provides routing, Network Address Translation (NAT), and DHCP functions typically using IP





CPE NAP NSP

Video

Voice

Content

ATU-RDSLAM


Core

TerminationService

Selection

Enterprise

Internet

ISP

Internet




NAP

The NAP portion of the network provides at least the following components:

Subscriber termination devices such as a digital subscriber line access multiplexers (DSLAMs) or cable headend systems

Aggregation systems

Core network for transporting data to the NSP

Subscriber Termination

Subscriber termination devices terminate the physical layer connection and transport of data from the subscriber. The data is then transported to aggregation devices typically by using an ATM or Ethernet/IP infrastructure.

Aggregation

Aggregation systems may be ATM switches or routers or a combination of both depending on several factors, such as whether the NAP is providing retail or wholesale services. The types of functions that aggregators may provide include

ATM switching

Bridging

PPP termination

Routing

Core Network

Typical core networks are either ATM based or IP based. If a legacy ATM network is in place, then the NAP may continue to use it to transport data to the NSP. NAPs are migrating to using IP cores rather than ATM switching or building new IP cores using Gigabit Ethernet. Additionally, IP cores are evolving to Multiprotocol Label Switching (MPLS).





CPE NAP NSP

Video

Voice

Content

ATU-RDSLAM


Core

TerminationService

Selection

Enterprise

Internet

ISP

Internet




NSP

The NSP is responsible for offering services to subscribers, which may be residential or business users. Services the NSP provides include

E-mail

Internet access

Video and voice services

Access to corporations

Termination of service selection

NSP use aggregation devices, typically routers, to terminate virtual circuit (VC) or PPP connections from the subscribers. The Layer 3 data is then extracted and forwarded to the destination. Like aggregators in the NAP, the aggregation devices may perform bridging, routing, and PPP termination for various types of encapsulation methods.





CPE NAP NSP

Video

Voice

Content

ATU-RDSLAM


Core

TerminationService

Selection

Enterprise

Internet

ISP

Internet




In this course we will focus on the aggregation aspects of broadband subscribers. You will learn about Ciscos implementation of aggregation services on routers that have been optimized to perform aggregation functions.




CPE NAP NSP

Video

Voice

Content

ATU-RDSLAM


Core

TerminationService

Selection

Enterprise

Internet

ISP

Internet

Training Focus



Retail and Wholesale Services

Service providers may be categorized in terms of their operating models: retail services and wholesale services.

Characteristics of a Retail Service

A service provider that operates a retail service performs the roles of both the NAP and the NSP. A retailer provides broadband access, termination, and value-added services to the subscriber, that is, both NAP and NSP functions. A retail provider can offer data, voice, and video to residential customers and can also offer Virtual Private Network (VPN) capability to business customers.

The following are key aspects of a retail provider:

Owns the subscriber

Dictates the class of service

Provides access to the Internet

Module 1 Retail and Wholesale Services


Retail and Wholesale Services

Characteristics of a Retail Service Owns the subscriber service (gets the monthly

subscription)

Dictates the class of service (the line rate)

Provides access to the Internet and other value-added services such as email

Subscriber Service Provider



Retail and Wholesale Services (continued)

Characteristics of a Wholesale Service

A service provider that operates a wholesale service provides the NAP functions. It provides the access connection to the subscriber and connects the subscriber to the NSP. The wholesaler has ISPs and corporations as its primary customers.

The following are key aspects of a wholesale provider:

Connects the subscriber to the NSP

Sells various infrastructure capabilities to the ISPs and corporations

ISPs and corporations still own subscribers

______________________________Note __________________________

Because of governmental regulation, wholesalers are not permitted to provide services that are limited to retailers. Through an unregulated portion of their business, some service providers provide a retail service in addition to wholesale service. _____________________________________________________________

Module 1 Retail and Wholesale Services


Retail and Wholesale Services (continued)

Characteristics of a Wholesale Service Carrier connects subscriber to service provider Offers a range of network architectures to achieve this Retailer still owns the customer but pays percentage of

monthly subscription to wholesaler for connectivity services

Wholesaler often has retail business

Subscriber Service Provider

Carrier

ILEC



VC Service

Description

A virtual circuit (VC) service is one in which the subscriber permanent virtual circuit (PVC) is switched all the way to the ISP, NSP, or corporation. The ISP, NSP, or corporation is responsible for terminating the PVC, retrieving the IP data, and providing IP addressing to the subscriber. A VC service is commonplace with NAPs who are simply providing a wholesale service.

Advantages and Disadvantages of VC Service

The following are some of advantages and disadvantages of a VC service model:

NAPs do not manage IP addresses

The various encapsulation methods are transparent to VC service

End-to-end PVC provisioning takes time

Does not scale well

In some situations, lack of control over bandwidth offered to subscribers and ISP

Module 1 VC Service


VC Service

DSLAMs

(Local Exchanges)

BRAS

ISP1.com

Local Loops

Local Loops

Local Loops

Local Loops ISP2.com

ATM Core Network

ATM Access Network

ISP2.com

ISP1.com

Each subscriber is presented as a unique VC to the ISP



ATM Bridging and Routing Methods

RFC 1483 describes two methods for transporting data over ATM networks: bridging and routing.

RFC 1483 Bridging

With RFC 1483 bridging, the CPE simply acts as a bridge between the subscriber PC and the aggregation device. The PC encapsulates Layer 3 data into 802.3 (Ethernet), which is then encapsulated into ATM cells. On the aggregation device, the Ethernet frames are terminated into a bridge group and forwarded using bridging or routing to the final destination.

Even though it is simple and easy to deploy, this method has security limitations, is no longer widely used with Cisco routers and will not be discussed in this course.

RFC 1483 with RBE

RFC 1483 with RBE is often referred to as Route Bridge Encapsulation (RBE) by Cisco. RBE builds upon some of the features and advantages of RFC 1483 bridging and overcomes the security limitations of bridging. From the PC and CPE perspective, there is no change in their configuration and operation. The key difference is that the subscriber traffic is terminated at the aggregator by using routing rather than by using bridging.

RFC 1483 Routing

RFC 1483 routing incorporates some of the same principles as RFC 1483 bridging with the key difference that the CPE is in a routing mode rather than bridging mode. As a router, it can support multiple networks on the subscriber side of the CPE and can exchange routing updates, making it ideal for business applications. RFC 1483 routing can also implement NAT or PAT and conserve IP addresses.

Module 1 ATM Bridging and Routing Methods


ATM Bridging and Routing Methods

RFC 1483 Bridging RFC 1483 Bridging with RBE RFC 1483 Routing

DSLAM

AggregationDevice

Core

Routed CPE

Bridged CPE

Bridged CPE

BridgeGroup

Routing

Bridging

RBE

Routing

ISP1.com

ISP2.com



PPP Review

Description of PPP

Point-to-Point Protocol (PPP), defined in RFC 1661, is a standard method of encapsulating upper layer protocols, such as IP and IPX, across point-to-point links. It was originally intended for dial-up application, but it is also suitable for applications requiring authentication of subscribers in a broadband environment. In a dial-up environment, PPP offers several functions, but with broadband implementations, its principle function is to provide user authentication using Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP) and additionally support for multiple protocols.

PPP Fundamentals

The following are fundamental concepts of PPP that you should know. Beside the RFC, there are numerous publications that explain PPP in detail.

PPP is comprised of three main components and phases:

High-Level Datalink Control (HDLC) encapsulates multiprotocol datagrams.

Link Control Protocol (LCP) establishes, configures, and tests the data-link connection.

- If authentication using PAP or CHAP is implemented, it occurs before the NCP phase.

Network Control Protocols (NCPs) establish and configure different network-layer protocols.

- An example of NCP is IP Control Protocol (IPCP) which is used for transporting IP datagrams.

Module 1 PPP Review


PPP Review

PPP uses HDLC framingPPP packet types LCP Link Control Protocol

- Link establishment, termination, & maintenance- Authentication PAP or CHAP

NCP Network Control Protocol- Encapsulation of Layer 3 protocol- for example IPCP

point-to-point link

Layer 3

NCPLCP

HDLCPHY

Layer 3

NCPLCP

HDLCPHY

Layer 3

ATM,FR,etc.PHY

Layer 3

ATM,FR,Etc.PHY

ATM, FR, etc.



PPP Review (continued)

PPP Link Operation

A PPP link is initialized using both LCP and NCP. The PPP link goes through five distinct phases.

Link Dead Phase

This phase determines the physical readiness of the link. Once the physical layer is initialized, the link goes into the Link Establishment phase.

Link Establishment Phase

During this phase, each end uses Configure Request packets to initialize LCP and negotiate datalink layer parameters. When a Configure Ack is received at both ends of the link, the link enters the open state and goes into the Authentication phase. The following options may be exchanged during this phase:

- Maximum Receive Unit

- Authentication Protocol

- Quality Protocol

- Magic Number

- Protocol Field Compression

- Address and Control Field Compression

Authentication Phase (optional)

During this phase, each end of the link authenticates each other using an agreed upon protocol such as PAP or CHAP. The link does not proceed to the Network Layer Protocol phase until authentication is successful. If authentication fails, then the link goes to the Link Termination phase.

Network Layer Protocol Phase

During this phase, each end exchanges Configure Request and Configure Ack packets to active any supported network layer protocols using the appropriate NCP. Once an NCP is opened, the PPP link transports data across the link.

Link Termination Phase

This phase terminate the PPP link, which may be caused by physical link failure, link quality failure, configuration rejection, or authentication failure. The network administrator can also disable the link for diagnostic purposes. LCP uses Terminate Request packets to terminate the link and notifies the appropriate NCPs that the link is terminating.

Module 1 PPP Review


PPP Link Operation

PPP Link Operation

Link Dead PhaseLink Establishment Phase

Authentication Phase

Network-Layer Protocol Phase

Data Exchange

Link Termination Phase

Configure Request

Configure Ack

IPCP Configure Request

IPCP Configure Ack

Data

Terminate Request

Terminate Ack

Configure AckConfigure Request

IPCP Configure AckIPCP Configure Request

Data

Terminate AckTerminate Request

Authentication Packets Authentication Packets



PPP Broadband Access Methods

PPP Methods

In broadband applications, there are two general ways in which PPP is implemented.

PPP over ATM (PPPoA)

PPP over Ethernet (PPPoE)

You will o ften see the abbreviation to PPPoX, which collectively refers to all methods of PPP over ATM, Ethernet, and so on.

PPPoA

PPPoA works in an ATM environment. It relies on the presence of a VC between the CPE and the aggregation device. The PPP session is between CPE and the aggregator. The CPE is responsible for authenticating with the aggregator.

With PPPoA, the CPE can run NAT for multiple users behind the CPE and conserve IP addresses. However, since there is a single PPP session per VC, the users are limited to selecting a single service, that is, a single ISP.

PPPoE

PPPoE is similar PPPoA in that it establishes a PPP session with the aggregation device. PPPoE has the following key differences from PPPoA:

Each host behind the CPE establishes it own PPP session.

The CPE acts as a bridge.

PPPoE is not restricted for use over ATM

PPPoE is suitable for residential customers with multiple PCs behind the CPE that need the flexibility to access multiple services simultaneously. An important consideration, though, is that the PPPoE client software needs to be installed on the PC. There are multiple variations of PPPoE that we will learn about later:

PPPoEoA

PPPoEoE

PPPoEo802.1q

Module 1 PPP Broadband Access Methods


PPP Broadband Access Methods

PPPoA PPP session initiated by CPE PPPoE PPP sessions initiated by the client

DSLAM

AggregationDevice

Core

Bridged CPE

CPE

PPPoA

PPPoE

PPP Session

PPP Sessions

ISP1.com

ISP2.com



PTA

PPP termination and aggregation (PTA) is the point at which PPPoX session are terminated, that is, the aggregation device. From this point, user data is extracted from the PPP frames and forwarded to its destination, such as an ISP or corporation.

With PTA, the service is selected based on structured domain name ([email protected]), and it supports one service at a time. The IP traffic is forwarded to a single routing domain.

PTA is generally used by providers for their own customer if regulations allow it.

Module 1 PTA


PTA

PPP termination and aggregation Terminate PPP sessions at the aggregation device Route IP data to the ISP or corporate site

DSLAM

AggregationDevice Internet

Bridged CPE

CPE

PPPoA

PPPoE

PPP Session

PPP Sessions

PTA IP Route



L2TP

Description

Layer 2 Tunneling Protocol (LT2P) is an extension to PPP. It was introduced to allow use of PPP between different networks and multiple communication links.

L2TP extends the PPP session beyond the PTA that you saw in the previous illustration to a destination closer to the service that the user wants to access. L2TP accomplishes this by setting up a tunnel over multiple links and networks between an access concentrator and a network server. The PPP session that would have been terminated at the concentrator is then continued through the tunnel to the server.

L2TP is an important component of VPNs. Between the access concentrator and network server, the service provider does not look at the subscriber traffic beyond the Layer 2 information after the session is established.

Benefits of L2TP

The following are benefits of L2TP:

Supports multiple protocols

Allows use of unnumbered IP addresses

Centralization of login and authentication operations

Shares access to core network components

Overlapping CPE IP addresses

Components of L2TP

The following are some o f the major components of L2TP:

L2TP access concentrator (LAC) initiates the tunnel to the LNS. It forwards PPP traffic between the subscriber and the LNS.

L2TP network server (LNS) terminates the tunnel from the LAC. It terminates the PPP session and extracts user data for further forwarding.

L2TP Tunnel exits between the LAC and LNS. It encapsulates the PPP traffic with header information necessary to support the tunnel.

Module 1 L2TP


L2TP

Layer 2 Tunneling Protocol

Terminate PPP sessions at the ISP or corporate site

DSLAM

AggregationDevice

IPCore

Bridged CPE

CPE

PPPoA

PPPoE

PPP Session

PPP Session

ISP1.com

ISP2.com

LAC

Tunnel

LNS

LNS



AAA

Authentication, authorization, and accounting (AAA) provides three functions, provided by an AAA server that maintains a database of users.

AAA Functions

Authentication identifies the users. The user login name and password are checked against the AAA database to determine whether a user is allowed to access the network.

Authorization determines what the users can do. The AAA database stores attributes that determine the users capabilities and restrictions.

Accounting tracks what the users have done. Accounting collects information in the database about user access, traffic statistics, and resource usage. This information can then be used for billing and network management.

AAA Methods

Three methods are generally used to provide AAA services. One or more of these may be used concurrently.

Local the router or access server consults its local database. Username/password pairs are configured in Cisco IOS software.

Remote Authorization Dial-In User Service (RADIUS) a client (router) and server (UNIX or NT) model. Each username and associated attributes are stored within the RADIUS database.

Terminal Access Control Access Control Server + (TACACS+) a server that separates authentication, authorization, and accounting functions. The router accesses the TACACS+ servers database where user information and capabilities are maintained.

AAA Usage

AAA plays an important role with PPP and L2TP in controlling user sessions and tunnels. AAA services are used at the PTA, LAC, and/or LNS and are commonly provided by means of RADIUS servers. These are some of the important functions that AAA provides:

Authenticates subscriber PPP sessions

Provides L2TP tunnel attributes to the LAC

Provide subscriber IP addresses

Module 1 AAA


AAA

Authentication, authorization, and accounting (AAA)- Who can access the network- What can they access- Usage tracking

Authentication methods- Local- RADIUS- TACACS+

AAAUser

RADIUS

TACACS+

LocalAAA

PPP L2TP



Managed LNS

Description

Managed LNS is a term used to identify an implementation of session termination. It makes use of virtual routing and forwarding (VRF) at the LNS or PTA. The LNS/PTA aggregator terminates the L2TP tunnel or PPP sessions and places the sessions in the appropriate VRF. The sessions are then forwarded through a separate logical and physical interface to their respective upstream customer sites.

______________________________Note __________________________

An earlier Cisco implementation of this function was PTA Multi-Domain (PTA-MD). _____________________________________________________________

Benefits

Some of the benefits of using a managed LNS architecture include the following:

Subscribers communicate directly with customer AAA without needing a proxy AAA server.

Multiple VRFs separate customer traffic without the overhead of L2TP tunneling.

IP addresses are conserved by allowing use of overlapping IP address space.

Module 1 Managed LNS


Managed LNS

Deploy virtual router (LNS/PTA) for each upstream customer to improve service scale

Communicate directly with customer AAA without needing proxy Multiple VRFs separate customer traffic without overhead of L2TP tunneling

Customer B

Customer A

SPNetwork

AAA

AAA

LNS/PTA

VRFClients

DHCP

DHCP

AAA

VRFL2TP or PPP



Remote Access into MPLS

Description

Remote Access into MPLS (RA-MPLS) is very similar to the previous architecture managed LNS. Like managed LNS, subscriber logical connections are placed into a VRF instance at the broadband remote access server (BRAS).

The distinction with RA-MPLS is that the VRFs are MPLS tag interfaces. Additionally, the BRAS router that terminates the VPN tunnels functions as a provider edge (PE) router.

RA-MPLS may start as the managed LNS model using multiple VRFs as a migration towards MPLS.

MPLS core networks are typically more flexible and scalable than pure IP networks, but they are more complex to initially deploy.

Benefits

RA-MPLS offer these same benefits as managed LNS:

Subscribers communicate directly with customer AAA without needing a proxy AAA server.

Multiple VRFs separate customer traffic without the overhead of L2TP tunneling.

IP addresses are conserved by allowing use of overlapping IP address space

Additional benefits of RA-MPLS include the following:

Supports RBE and RFC 1483 Routing besides PPPoX

Can be an alternative to L2TP

Module 1 Remote Access into MPLS


Remote Access into MPLS

PPPoX to MPLS VPN RBE to MPLS VPN L2TP to MPLS VPN 1483 Routed to MPLS VPN

NSP

CorporationPEPE

AAA

AAA

BRASBRASPEPE

PEPE

MPLS Network

Clients

AAADHCP



SSG and SESM

SAM Overview

Subscriber Access and Management (SAM) allows subscribers to manage the services they wish to use. SAM consists of the following components:

Service Selection Gateway (SSG)

Subscriber Edge Service Manager (SESM)

AAA server

Lightweight Directory Access Protocol (LDAP) directory

SAM is independent of the type of subscriber access technology; that is, it works with DSL, dial, leased line, and wireless technologies. Additionally, users can use this service with their PC, WAP or PDA access device.

SSG

SSG is an Cisco IOS feature that is available on selected Cisco aggregation routers. The following are some of the key features and functions of SSG:

Imposes sophisticated access control on a per-subscriber basis to network resources

Enables subscribers to selectively access different services based on their Layer 2 or Layer 3 connectivity to the service providers

SESM

SESM is a Cisco software application that runs on Windows 2000/NT or Solaris and Linux platforms. SESM enables users to manage their service selection experience by allowing them to perform the following functions:

Personalized service lists

Service connect/d isconnect

Personal firewall provisioning

Service subscription

Self-care account management

Subaccount creation

SESM also has a service developer kit that enables third-party and application developers to build their own applications or to integrate directly to their existing operations infrastructure.

Module 1 SSG and SESM


SSG and SESM

AAA Directory

Dial

ADSL

GGSN/PDSN

Notebook

PDA

WAP

Leased Line

SESM

PC

Internet

CorporateVPN

Open Garden802.11b

ContentServicesGateway(CSG)



SSG and SESM (continued)

Service Provider Benefits

In addition to the user benefits that SAM provides, service providers may wish to provide the service for the following reasons:

Access alone will not make money

Advertise and sell value-added services to their subscribers

Retain their subscribers with services that lock them in

Module 1 SSG and SESM


SSG and SESM (continued)

AAA Directory

Dial

ADSL

GGSN/PDSN

Notebook

PDA

WAP

Leased Line

SESM

PC

Internet

CorporateVPN

Open Garden802.11b

ContentServicesGateway(CSG)



Summary


In this module, you learned the following:

Various broadband aggregation architectures

The technologies used by each architecture and how each architecture functions

Benefits of each architecture

Module 1 Review Questions


Review Questions


1. List the segments that make up a broadband subscriber network environment.

_________________________________________________________

2. A service provider that provides the access connection to the subscriber and connects the subscriber to the NSP is characteristic of a _________________________ service.

3. Which of the following is not characteristic of a VC service?

a. NAPs do not need to deal with IP address management.

b. The NAP determines the users encapsulation method.

c. End-to-end provisioning takes time.

d. It is a wholesale service that a NAP would provide.

e. It does not scale well.

4. Which of the following is a reason that RBE is preferred over strict RFC 1483 bridging?

a. With RBE, the CPE is in routing mode rather than in bridging mode.

b. The PC encapsulates Layer 3 data into Ethernet.

c. RBE is more secure and scalable than RFC1483 bridging.

d. RBE is more suitable for business applications.

5. Which of the following statements are true when comparing PPPoA to PPPoE? Choose three.

a. The CPE functions as a router with PPPoA and as a bridge with PPPoE.

b. The PPP session is initiated by the CPE with PPPoA and by the PC with PPPoE.

c. The CPE is able to run NAT for both methods and conserve IP addresses.

d. PPPoA functions only with ATM access methods and PPPoE functions only with Ethernet access methods.

e. When there are multiple users behind the CPE, PPPoE is more flexible than PPPoA for selection of multiple services.



6. What is the preferred method for authenticating PPP sessions? ______________________________

7. When comparing L2TP to PTA, which of the following identify distinct advantages of L2TP over PTA? Choose two.

a. PPP sessions may be terminated at the NSP rather than the NAP.

b. L2TP supports multiple protocols.

c. L2TP shares access to core components.

d. The access provider only looks at the Layer 2 information.

8. What functionality on a Cisco router do managed LNS and RA-MPLS make use of? __________________________________________________

9. Which of the following distinguishes RA-MPLS from managed LNS?

a. RA-MPLS supports RBE.

b. RA-MPLS allows use of overlapping IP addresses.

c. RA-MPLS does not require L2TP.

d. RA-MPLS supports PPPoX.

10. What does SSG enable subscribers to do? ________________________________________________________________


Module 2 RBE and RFC 1483 Routing

Overview

Description

In this module, you will learn how Routed Bridge Encapsulation (RBE) and RFC 1483 routing work, along with their typical architectures and benefits. You will then perform hands-on exercises to configure, test, and verify RBE and RFC 1483 routing.

Objectives

After completing this module, you will be able to do the following:

Describe the typical architecture of RBE

Identify the protocol stack elements associated with RBE and describe how RBE works

Configure RBE on Cisco routers

Identify the advantages and disadvantages of RBE

Describe the typical architecture of RFC 1483 routing

Identify the protocol stack elements associated with RFC 1483 routing and describe how RFC 1483 routing works

Configure RFC 1483 routing on Cisco routers

Identify the advantages and disadvantages of RFC 1483 routing

RBE and RFC 1483 Routing Module 2


Typical RBE Architecture

Foundation

Routed Bridge Encapsulation (RBE) is based on RFC 1483 bridging architecture. RBE is designed to overcome some of the limitations of RFC 1483 bridging, including broadcast storms, scalability, and security. It makes use of the routed bridge function in the aggregation router.

Key Functional Components

The following are key functional components of RBE.

Bridged CPE

With RBE, the CPE functions as a bridge using RFC 1483 bridging. From the perspective of a PC and customer premises equipment (CPE), there is no functional difference between pure RFC 1483 bridging and RBE. The 802.3 encapsulated protocol data units (PDU) are sent to the CPE, which then encapsulates them into ATM cells and forwards them over a virtual connection (VC) to the aggregation device.

Aggregator

At the aggregation device we see the key difference between pure RFC 1483 bridging and RBE. With RFC 1483 bridging, the aggregator receives the Ethernet PDU into a bridge group and determines whether to bridge or route based upon the contents of the Layer 2 and Layer 3 headers. With RBE, the aggregator receives the Ethernet PDU into an ATM routed bridge and makes a forwarding decision based upon the Layer 3 information.

______________________________Note __________________________

When you configure the aggregator for RBE, part of the Cisco IOS configuration process is to include the ATM routed bridge for IP traffic on the ATM subinterfaces. _____________________________________________________________

Module 2 Typical RBE Architecture


Typical RBE Architecture

DSLAMAggregation

Device

Core

Bridged CPE

Bridged CPE

RFC 1483 bridged PDUs802.3 Routed

Bridge



RFC 1483 Bridging Protocol Stack

The illustration shows the protocol layers used to transport upper layer data through the network. Although RFC 1483 is not restricted to 802.3 and IP for transporting Layer 2 and Layer 3 protocol data units (PDUs), they are used to explain its operation.

802.3

The IP datagram is encapsulated in the 802.3 frame, also know as the bridge protocol data unit (BPDU), by the PC and the aggregation router.

CPE Encapsulation

The illustration shows the combination protocol stack used by the PC and the xDSL Termination Unitremote (xTU-R). The PC takes the upper layer protocol data, encapsulates it in the 802.3 header, and forwards it to the xTU-R. The xTU-R provides the ATM related services and layers to exchange ATM cells with the aggregation device, including RFC 1483, ATM adaptation layer 5 (AAL5), ATM, and physical layer functions.

Module 2 RFC 1483 Bridging Protocol Stack


RFC 1483 Bridging Protocol Stack

AggregatorCustomerPremises

AggregatorDSLAM

PC/xTU-R

DSLAM NSP/CorporateNetwork

RouterL3core

IP

802.31483AAL5ATMPHY

IP

ATM,FR,Etc.PHY

IP

ATM,FR,Etc.PHY

IP

802.31483AAL5ATMPHY

ATMPHY

ATMPHY

RFC 1483 over ATM

PVC

IP



RFC 1483 Bridging Protocol Stack (continued)

RFC 1483

The RFC 1483 standard describes two encapsulation methods for multiplexing and transporting datalink and network layer protocols over AAL5 over ATM:

Multiple protocols multiplexed over a single ATM virtual connection

Each protocol is carried over a separate ATM virtual connection

For the first method, additional headers are included to identify the PDU. A common implementation is to include the 3-byte logical link control (LLC) and 5-byte Subnetwork Access Protocol (SNAP) header to identify the bridged or routed PDU that follows.

With virtual connection (VC) multiplexing, each unique bridged or routed protocol is carried over a unique VC.

______________________________Note __________________________

It is important that you understand the two multiplexing methods. You must choose one of the two when you configure the VC. The method you choose must match at both ends of the VC. The VC is in this illustration is the PVC. _____________________________________________________________

AAL5

ATM Adaptation Layer 5 (AAL5) is a common means of encapsulating connectionless PDUs. An 8-byte trailer is added to the PDU.

ATM and PHY

The AAL5-encapsulated PDU is segmented into 48-byte payloads that make up the 53-byte ATM cells. The physical layer then transports the cells.

Module 2 RFC 1483 Bridging Protocol Stack


RFC 1483 Bridging Protocol Stack (continued)

AggregatorCustomerPremises

AggregatorDSLAM

PC/xTU-R

DSLAM NSP/CorporateNetwork

RouterL3core

IP

802.31483AAL5ATMPHY

IP

ATM,FR,Etc.PHY

IP

ATM,FR,Etc.PHY

IP

802.31483AAL5ATMPHY

ATMPHY

ATMPHY

RFC 1483 over ATM

PVC

IP



How Does RBE Work?

The following steps describe how RBE operates using IP as the Layer 3 protocol.

CPE and Aggregator

Between the CPE and the aggregation router, the following operations occur:

The CPE encapsulates the BPDUs using RFC 1483, AAL5, and ATM protocols.

The ATM cells are switched through the ATM network to the aggregation router.

At the aggregation router, the cells are reassembled.

The reassembled BPDUs are received at the ATM interface, which operates as a routed bridge interface when RBE is enabled.

Incoming Frames

For frames originating from the subscriber end, the following events happen at the aggregation device.

The aggregation router ignores the bridge header and examines the IP datagram header to make a forwarding decision.

The packet is forwarded based upon the destination IP address.

Module 2 How Does RBE Work?


How Does RBE Work?

CPE is standard bridge Subscriber traffic is carried in BPDU The routed bridge interface is treated as routed

interface

For packets originating from the subscriber end- Ethernet header is skipped- Packet forwarded based on Layer 3 information

DSLAM AggregationDevice

CoreBridged CPE



How Does RBE Work? (continued)

Outgoing Frames

For frames destined for the subscriber end, the following happens at the aggregation device.

The router checks the destination IP address in the packet

The outbound interface is determined from the IP routing table

The Address Resolution Protocol (ARP) table is checked for the destination MAC address. If none is found, then an ARP request is sent out only on the destination interface, not all interfaces as with bridging.

If the datagram is multicast traffic, then it is forwarded only on the interfaces where Internet Group Management Protocol (IGMP) joins were received.

Module 2 How Does RBE Work?


How Does RBE Work? (continued)

For packets destined to the subscriber end- Destination IP address is checked on the packet- Outbound interface is determined from routing table- ARP table is checked for the destination MAC address, if

none found then ARP request sent out only on destination interface

- Multicast traffic is forwarded only on interfaces where IGMP joins were received


CoreBridged CPE



RBE Configuration

Configuration Methods

The configuration of the Cisco aggregation router is based on the drawing that follows. There are four general ways that RBE can be configured on the aggregation router.

Numbered subinterfaces Unique addresses are assigned to each ATM subinterface, and static addresses are assigned on subscriber hosts.

Numbered subinterfaces with DHCP Unique addresses are assigned to each ATM subinterface, and DHCP-assigned addresses for subscriber hosts.

Unnumbered subinterfaces An unnumbered loopback address is assigned to each ATM subinterface with static routes to each subscriber, and static addresses are assigned on subscriber hosts.

Unnumbered subinterface with DHCP An unnumbered loopback address is assigned to each ATM subinterface with DHCP-assigned addresses for subscriber hosts.

Of these methods, the first two are the least preferred because they require individual subnets on each ATM subinterface and waste IP address space. The example configurations that follow show the last two methods.

Module 2 RBE Configuration


RBE Configuration

IP=192.168.1.2GW= 192.168.1.1

IP=192.168.1.1

IP=192.168.1.4GW= 192.168.1.1


Core

Bridged CPE

Bridged CPE

IP=192.168.1.3GW= 192.168.1.1

Four methods:Numbered subinterfacesNumbered subinterfaces with DHCPUnnumbered subinterfacesUnnumbered subinterfaces with DHCP



RBE Configuration (continued)

RBE Configuration Unnumbered Interfaces with Static Addressing

Complete the following steps on the Cisco aggregat ion router to support RBE using unnumbered interfaces. DHCP is not used with this method; instead host addresses must be assigned to each subscriber host.

1. Create a loopback interface with an IP address from the range of addresses assigned to the subscribers.

2. For each subscriber, create a point-to-point ATM subinterface.

3. On the subinterface, assign an IP unnumbered association to the loopback interface.

4. On the subinterface, add an ATM route-bridged for IP.

5. On the subinterface, add a PVC.

6. On the PVC, indicate the AAL5 encapsulation type: SNAP or VC mux.

7. Create static routes to the subscriber IP addresses.



RBE Configuration Unnumbered Interfaces with Static Addressing

interface Loopback0ip address 192.168.1.1 255.255.255.0no ip directed-broadcast

!interface ATM0/0/0.132 point-to-pointip unnumbered Loopback0no ip directed-broadcastatm route-bridged ippvc 1/32 encapsulation aal5snap

!interface ATM0/0/0.133 point-to-pointip unnumbered Loopback0no ip directed-broadcastatm route-bridged ippvc 1/33encapsulation aal5snap

!interface ATM0/0/0.134 point-to-pointip unnumbered Loopback0no ip directed-broadcastatm route-bridged ippvc 1/34encapsulation aal5snap

ip route 172.168.1.2 255.255.255.255 ATM0/0/0.132ip route 172.168.1.3 255.255.255.255 ATM0/0/0.133ip route 172.168.1.4 255.255.255.255 ATM0/0/0.134

1

23

456

7



RBE Configuration (continued)

RBE Configuration Unnumbered Interfaces with DHCP

Complete the following general steps on the Cisco aggregation router to support RBE using unnumbered interfaces with DCHP support. Subscriber hosts are assigned addresses from the DHCP pool in Cisco IOS or from an external DHCP server. Configuration steps for using either Cisco IOS DHCP or an external DHCP server are shown in the example.

______________________________Note __________________________

This method avoids the need to create static routes for subscriber hosts. _____________________________________________________________

1. Create a loopback interface with an IP address in the range of addresses assigned to the subscribers.

______________________________Note __________________________

Perform steps 2 and 3 when Cisco IOS DHCP server is used. _____________________________________________________________

2. Identify the IP address of the loopback interface within the DHCP pool that should be excluded from assignment to clients.

3. Create a DHCP pool including the network range of addresses and default router IP address.

4. Create a point-to-point ATM subinterface.

5. On the subinterface, assign an IP unnumbered association to the loopback interface.

6. On the subinterface, add an ATM route-bridged for IP.

7. On the subinterface, add a PVC.

8. On the PVC, indicate the AAL5 encapsulation type; SNAP or VC mux.

______________________________Note __________________________

Perform step 9 when an external DHCP server is used. _____________________________________________________________

9. On the subinterface, use the ip helper-address command to point to an external DHCP server.

It is possible to use multiple loopback interfaces. The IP address associated with the loopback interface identifies the subnet addresses used for DHCP address assignment.



RBE Configuration Unnumbered Interfaces with DHCP

ip dhcp excluded-address 192.168.1.1!ip dhcp pool RBE

network 192.168.1.0 255.255.255.0default-router 192.168.1.1

!interface Loopback1ip address 192.168.1.1 255.255.255.0

!interface ATM2/0/0.132 point-to-pointip unnumbered Loopback1atm route-bridged ippvc 1/32encapsulation aal5snap

ip helper-address 52.20.10.100!interface ATM2/0/0.133 point-to-pointip unnumbered Loopback1atm route-bridged ippvc 1/33encapsulation aal5snap

ip helper-address 52.20.10.100!interface ATM2/0/0.134 point-to-pointip unnumbered Loopback1atm route-bridged ippvc 1/34encapsulation aal5snap

ip helper-address 52.20.10.100

2

3

45678

1

9

Mutually exclusive



RBE Advantages and Disadvantages

Advantages

RBE was developed to address some of the issues faced by the RFC 1483 bridging architecture. RBE retains the major advantages of RFC 1483 bridging architecture, while eliminating most of its drawbacks.

Is requires minimal configuration at the CPE, which is important for service providers.

It is easy to migrate from pure bridging architecture to RBE, as there is no change at the subscriber end.

RBE overcomes security problems with pure bridging by avoiding IP hijacking and ARP spoofing.

RBE prevents broadcast storms by using point-to-point connections.

Compared to pure bridging, RBE provides superior performance because of routing implementation at the aggregation device. RBE is more scalable because it does not have bridge group limitations.

Module 2 RBE Advantages and Disadvantages


RBE Advantages and Disadvantages

Advantages

Minimal configuration of CPE

Compared to RFC 1483 with IRB, RBE separates shared bridging domain into individual routed interfaces which give

- Control of broadcast domains No broadcast attacks- Increased security No spoofing of IP addresses via ARP

RBE is CEF switched and provides bet

studentguide implementing broadband aggregation on cisco10k vol1

Documents