Subscriber Traffic & Policy Management (BNG) on the ASR9000 & ASR1000


Published on

This presentation discusses the next wave of broadband, ISG overview, ASR 1k as BNG/ISG and ASR 9k as BNG.

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Subscriber Traffic & Policy Management (BNG) on the ASR9000 & ASR1000

  1. 1. Subscriber Traffic andPolicy Management(BNG) on the ASR9000and ASR1000
  2. 2. Agenda The next wave of Broadband ISG Overview ASR1k as BNG/ISG ASR 9k as BNG #CiscoPlusCA
  3. 3. The Next Wave of Broadband #CiscoPlusCA
  4. 4. Evolution in SP Network Architectures Diverged “per Service” Networks • Increased revenue by decreasing Converged “All cost of managing and in One” maintaining multiple networks Networks • Increased overall revenue by increasing Converged revenue per user “User Centric” • Customized services Networks • Rapid deployment of new services based on market trends • Subscriber Self Subscription and Self Care
  5. 5. The New User Experience – Cisco ISGEnabling the Next Wave of Broadband Add Subscribers Register Log in Add Services Pay As You Pay What Broadband Broadband Broadband Go! You Use! Light Basic Premium Buy credit Buy Buy: $19.99 Buy: $29.99 Buy: $39.99 Add Value Branded Branded Branded VoD TV Phone ($4.99/movie) ($29.99) ($15.99 + LD)
  6. 6. The elements of customization Subscriber identified using multiple dimensions. Identity gathered: Identity Subscriber  From multiple sources and events Sessions  Over session lifecycle Subscriber Different Services and Rules Services applied based on: Intelligent Differentiated  Who subscriber is Services Services  Where he is Session creation/ Gateway  What he requires authentication Services and Rules updated based on :Dynamic Service Subscriber  How subscriber behaves Services Management Dynamic Policy  What he requires NOW Push and Pull
  7. 7. Building the Identity and Assigning Services ExampleSubscriber DHCP Exchange Starts DHCP Exchange Completes(*) Subscriber Authentication(*) Dynamic Service Update T0 T1 T2 TN BHAVANI BHAVANI ISG Subscriber Session Subscriber Session Subscriber Session Subscriber Session MAC Addr: 00:DE:34:F1:C0:28 MAC Addr: 00:DE:34:F1:C0:28 MAC Addr: 00:DE:34:F1:C0:28 MAC Addr: 00:DE:34:F1:C0:28Identities IP Addr: ? IP Addr: IP Addr: IP Addr: Username: ? Username: ? Username: Bhavani Username: BhavaniServices Service: DEFAULT_SRV Service: PPU_SRV Service: PREMIUM_FR_SRV Service: DEFAULT_SRV DEFAULT_SRV PPU_SRV PREMIUM_FR_SRV Only permits Pay Per Use Service: Flat Rate Premium Data Service: management traffic - Permits all traffic - Permits all traffic through the session - 512K/1Mbps US./DS - 1M/8Mbps US/DS - Accounting enabled on session (*) Order of operations not representative of a real call flow
  8. 8. Access Technology Abstraction DSL DSLAM ATM/Ethernet Switch CMTS Cable Walled Garden Open Garden BRAS/BNG Subscriber-centric services regardless of: Access Ethernet Distribution Access Technology Access Protocol Access Technology: Legacy DSL/ATM 802.11 or Metro Ethernet, Wireless LAN, Cable 802.16 Access Protocol: IP PPP
  9. 9. PPP to IP Migration Key Requirements Goal There are 3 subscribers connected through Create a per subscriber Subscriber G0/1.10 construct over a sharedAccess interface (“subscriberDetection G0/1.10 session”) John Subscribers are John, Mike Mike and Ted. Uniquely establish Ted Subscriber John and Mike are HSI subscriber identity and John users, Ted is VoIP userauthentication determine services andand authorization Mike G0/1.10 service levels per Ted subscriber John Mike Subscribers addresses Ted should be: Subscriber John Assign a unique IP address John to each subscriber basedaddress Mikemanagement Mike Ted on provider domain Ted G0/1.10
  10. 10. What is ISG? Subscriber Policy Layer AAA Policy Web DHCP …Server Server Portal Server Cisco Intelligent Services Gateway (ISG) is Open a licensed feature set on Cisco IOS that Northbound provides Session Management and Policy Interfaces Management services to a variety of access Policy networks Subscriber Management Identity Management ISG and Addresses PPPoE to IPoE migration while Enforcement maintaining all subscriber management functions ISG So focal, that the entire device is often referred as an: Intelligent Services Gateway router or simply “The ISG”
  11. 11. ISG Overview #CiscoPlusCA
  12. 12. ISG’s place in the network AAA Policy Portal DHCP Aggregation Internet/Core Subscriber Identification: based on: - who he is, - where he is,• Deployed at access or - how he behaves service edge - what he requires Subscriber Authentication:• Communicates with other - PPP CHAP/PAP devices to control all - Transparent Auto Logon (TAL) - Web Logon aspects of subscriber - RADIUS access in network Subscriber Services Determination and Enforcement• Single point of contact Dynamic Service update Session Lifecycle Management: establishment, configuration and tear dow
  13. 13. ISG’s Subscriber Policy Layer Subscriber Policy Layer AAA Policy Web DHCP Server Server Portal Server Subscriber Authentication Subscriber Authorization: User and ServiceInternet/Core Profile RepositoryAAA Server Per access and Per Service Accounting Front-end toward billing system Guest VideoPolicy Server Dynamic Policy Push (Application Level Trigger) Portal Audio Open Garden Servers Walled Garden Front end toward the subscriber for: Self SubscriptionWeb Portal Web Logon Service Selection (Application Level Trigger) Hand over of addresses to subscribersDHCP Server Class-based address handover for ISG driven address pool selection Note: AAA Server, Policy Server, Web Portal can co-reside in the sample appliance
  14. 14. ISG’s Dynamic Policy Activation Dynamic Policy Pull Dynamic Policy Push (e.g. Automatic Service-Profile (e.g. “Turbo Button”) Download on Session Establishment) Application/ Service Layer event Subscriber Policy Layer Subscriber Policy Layer DHCP Web Policy AAA DHCP Web Policy AAA Server Portal Server Server Server Portal Server Server Network Layer Event Guest Guest Portal Portal Open Garden Walled Garden Open Garden Walled Garden
  15. 15. ISG’s Northbound Interfaces Subscriber Policy Layer AAA Policy Web DHCP Server Server Portal Server Internet/Core Guest Video Portal Audio Open Garden Servers Walled Garden RADIUS Interface, for subscriber AAA functionalities and Policy service download PULL RADIUS Extensions (RFC 3576) and XML based (SGI(*)) Policy Open Interfaces, for dynamic, administrator or subscriber driven, session and service management functions PUSH (*) SGI: Services Gateway Interface
  16. 16. The Subscriber Session in ISG ISG Session Subscriber Policy Layer AAA Policy Web DHCP Server Server Portal ServerSubscriber 1 Subscriber 1 session Subscriber 2Subscriber 2 Internet/Core session Subscriber 3 Guest Video sessionSubscriber 3 Portal Audio Open Garden Servers Walled Garden • Construct within Cisco IOS that represents a subscriber – subscriber: billable entity and/or an entity that should be authenticated/authorize • Common context on which services are activated • Created at first sign of peer activity (FSOL = First Sign Of Life)
  17. 17. Dynamic Session Initiation ISG Session • ISG sessions are initiated at the First Sign of Life (FSOL) • FSOL depends on the Session Type PPP Sessions - FSOL IP Sessions - FSOL .... there are options ..... Unclassified MAC or IP  IP packet with unknown MAC Data Traffic or IP source address Use MAC for L2-connected IP sessions PPP Call Request (LCP) Use IP for routed IP sessions DHCP  DHCP Discover message DHCP discover  ISG must be DHCP Relay or Server RADIUS RADIUS Access Request OR  RADIUS Access/Accnt Start Accounting Start  ISG must be a Radius Proxy Wireless AP  Typically used in PWLAN and Client WiMAX environments
  18. 18. Session Authentication Resources Only to Authentication: Allow Access to Network ISG Session Recognized Users Authentication models supported: • Access Protocol Native Authentication: – PPP: CHAP/PAP – IP: EAP for wireless client – DHCP Authentication • Transparent Auto Logon (TAL): – Authenticates using subscriber related network identifiers – e.g. MAC/IP address, DHCP Option 82, PPPoE Tags... • Web Logon Authentication Is Not Mandatory on a Session, but Used in Most Situations
  19. 19. ISG’s Subscriber Authentication - IP sessions IP – common scenarios+ Web Logon Web AAA • User traffic redirected to Web Portal to enter credentials Portal Server • User Credentials propagated to ISG • ISG uses credentials to authenticate user with AAA server RADIUS Data Traffic Username: WebLogon • Applicable to all session types Username redirection TAL: Option82 Auth AAA • Access Switch inserts Option82 Circuit and Remote ID in DHCP Server Requests DHCP exchange RADIUS • ISG performs authentication using a combination of Circuit and Username: RemoteID Access SW inserts Option 82 MAC/RemoteID:CircuitID CircuitID/RemoteID • ISG session must be DHCP initiated • User starts EAP authentication with Access Point (AP) EAP Auth AAA • ISG impersonates RADIUS server toward AP, and RADIUS client RADIUS Server toward real server EAP (EAP based auth) RADIUS • ISG learns session authentication status by proxying RADIUS Wireless Username: messages betw/ real RADIUS client and Server Client AP EAP username • ISG session must be RADIUS initiated TAL:IP/MAC AAA • ISG performs authentication using identifiers from subscriber traffic Data Traffic Server (source IP/MAC) RADIUS • Typically used in topologies w/ L2 connected subscribers to support- Username: MAC or IP clients w/ static IP address or in IP-routed topologies
  20. 20. Session TerminationPPP Sessions IP and ISG Session Idle and Absolute Timeouts/Timer Expiry Web Logoff Web Portal RADIUS CoA Account-Logoff PPP Sessions Exclusively IP Sessions Exclusively ICMP/ARP keepalive failure Keepalive failure PPP and PPPoX protocol events ICMP Keepalives used for routed sessions ppp disconnect; ppp keepalives or L2TP ARP keepalives used for l2-connected sessions hellos failure DHCP OR DHCP DHCP lease expiry initiated DHCP Release RADIUS PoD (Packet Of Disconnect) Policy sessions Manager only RADIUS PoD RADIUS RADIUS RADIUS EAP Accounting Stop initiated Wireless sessions Client AP only
  21. 21. ISG Services ISG services • Service: A collection of features that are applicable on a subscriber session Service = {feat.1, feat.2,...,feat.n} Portbundle (PBHK) Session Keepalives: ICMP and ARP based Features Administration Timeouts: Idle, Absolute QoS: Policing, MQC Traffic Conditioning Security: Per User ACLs Subscriber Address Assignment Control Traffic Forwarding Redirection: Initial, Permanent, Periodic Control VRF assignment: Initial, Transfer Associated to L2TP assignment Primary Services PostPaid Prepaid: Time/Volume based Traffic Accounting Tariff Switching Interim Broadcast  Primary Service: Contains one “traffic forwarding” feature and optionally other features; only one primary service can be active on a session
  22. 22. ISG Feature Granularity Subscriber Session Classification ACL TC1 Session Flow Features ACLSubscriberX TC2 grouped in Features Data Session ACL TC3 Services • ISG Classification resembles • Each Traffic Class can have a different set of features applied Modular QoS CLI (MQC) • A Traffic Class and associated • IP ACL (standard or extended) features also referred as are used to create differential TC service flows (Traffic Classes) • A Default TC can be used to drop traffic that could not be classified
  23. 23. Defining Services 1  Premium HSI service AAA Server should be activated 2 RADIUS Access-request  Services defined in Service Profiles on the session Username: Premium_HSI  Standard and Vendor Specific  No definition yet Password: <service pwd> available RADIUS attributes used  Service Activated on session 3 RADIUS Access-accept  On demand download on a  Service Stored in local cache Features associated w/ service need basis while in use by at least 1 sessions 4 • Definition of all existing Services Policy Manager typically pre-downloaded on Box (supporting the SGI Interface) 1 SGI Request  Services defined in XML Premium, Standard, Basic 3 HSI service definitions  Pre-download of all existing services  Services permanently stored in local database 2 SGI Response ISG  Services pre-configured using CLI  Services permanently stored  Services defined on Service Policies: in local database policy-map type service <name>
  24. 24. How Services Are Activated on a Session? During Subscriber Via an External Policy Via the On-Box Policy Authentication/ Manager/Web Portal Manager Authorization from Administrator external PM Subscriber Policy Layer Subscriber Policy Layer events Policy plane plane plane DHCP Web Portal / AAA DHCP Web Portal / AAA actions Server Policy Server Server Server Policy Server Server Data Control from RADIUS RADIUS data Acc-req RADIUS CoA or SGI plane Acc-accept RequestSubscriber Subscriber  Policy Plane determines what actions  Subscriber is successfully  Service Activation request sent to take on session based on events authenticated by External Policy Managers via actions *include* applying a service a RADIUS CoA or a SGI  RADIUS Response includes Request message  Control Plane ensures actions are Services and Features to activate taken –i.e. provisions the data plane on Session (from UserProfile)  Data Plane enforces traffic conditioning policies to the session
  25. 25. ASR1000 as BNG/ISG #CiscoPlusCA
  26. 26. Broadband Aggregation Architecture BNG Content Farm Mobile CoreSubscriber WiFi Mesh ESE+BNG GGSN PDN GW HA VOD TV SIP LNS Mobile Access Aggregation Edge IP / MPLS Core Residential Core Aggregation Network Business MPLS/IP Network Corporate MPLS /IP Access Node ISG (SP-WiFi) MSE+BNG
  27. 27. ASR1000 BNG/ISGDeployment models – Subscriber ServicesLAC/LNS/ISGMigration from Legacy Broadband Subscriber auto provisioningnetworks – ATM & Ethernet Dynamic service creationWholesale and Retail options IPv4 & IPv6-based servicesWireline and Wireless (WiFi)aggregationRange of scale for small to HA & ISSULarge networksSub-4K to 64K sessions scale Stateful Intra-chassis5G to 40G (160G future) redundancy128K queues In Service Software1RU to 13RU form-factor Upgrade
  28. 28. Why ASR1000 for BNG/ISG? •Prepaid services, Per subscriber Firewall, Portal integration for self- Feature richness & services support provisioning, Policy server solutions, Services accounting within a session, Integrated DPI (by mid-CY11) etc •Dual-stack subscribers - PPPoE now and IPoE by mid-CY11) IPv6 Subscriber Support: •IPv6 native sessions with ISG •IPv6 subscribers tunneled in L2TP •NAT44 - maximum of 2M NAT sessions IPv4 Address Exhaust solutions •NAT64 - stateless model now and stateful NAT64 by mid-CY11 •6RD - IPv6 Rapid Deployment tunneling model •LNS - aggregating the hotspots •ISG - Managing individual subscriber authentication, services, billing SP WiFi Aggregation etc •NAT - Providing translation for private IPv4 address to public •PPPoEoA Legacy Broadband Migration options •PPPoA •RBE •LNS Wholesale Broadband Deployment •PW based backhaul •RA-MPLS •HA for PPP, L2TP, AAA High Availability and ISSU •HA for IPoE and TCs
  29. 29. HLR OCS PCRF CGF ASR1k in SP Wi-Fi - Today DHCP AAA Portal Gy Gx Ga Mobile Home Network Policy AP Features & Scale – (IOS XE 3.6S) AP  IPoE Sessions:  Radius CoA Interface WLC DHCP initiated,  Per-User ACLs unclassified IP or  IP Session Keep-alives, MAC-address timeouts Access Network Policy initiator, Radius- • VRF Transfer L2 Connected Proxy initiator • Port Bundle Host Key AP  L4 Redirect (PBHK)  Traffic Classes  Stateful inter-chassis  Postpaid & Prepaid redundancy with HSRP L2 Switch AZR Accounting  Max scale: 32k Sessions L3  Dynamic Rate with ESP40/RP2 ASR1K ISG LimitingL3 Connected  LI VLAN AP AP/CPE Tunnel (L2TP) LAC LNS Internet Residential WiFi
  30. 30. SP Wi-Fi Target Architecture HLR OCS PCRF CGF DHCP AAA Portal AP Gy Gx Ga AP Mobile Home Network Policy WLC Access Network Policy L2 Connected 4G Core PGW/LMA AP L2 Switch AZR GTP L3 ASR1K Gn’ GGSN 3G Core IWAGL3 Connected LMA/sGRE agg AP AP/CPE Internet MAG/sGRE Initiator Target Scale: 128k sessions Residential WiFi
  31. 31. ASR1000 iWAG – Phase 1: IOS XE 3.8S HLR OCS PCRF CGF DHCP AAA Portal AP Gy Gx Ga AP Mobile Home Network Policy WLC Access Network PolicyL2 Connected 4G Core PGW/LMA GTP Features: ASR1K Gn’ GGSN 3G Core IWAG • L2 Access & AAA Policy 1. EAP - FSOL: Radius Proxy/DHCP 2. TAL - FSOL: Unclassified MAC 3. Web Logon - FSOL: DHCP • GGSN/LMA selection via AAA attribute Internet • Overlapping MNO address support with multiple SSID Scale: • 32k authenticated
  32. 32. ASR 9000 BNG #CiscoPlusCA
  33. 33. ASR 9000 System PortfolioOne Edge System to meet all of your needs • 240G Line Cards • From 512K to 2M MACs learned in Hardware • From 1.3M to 4M IPv4 prefixes • From 512k to 2M IPv6 prefixes • Hyper-Intelligent • Video buffering for lossless multicast • In-line video monitoring • Integrated G.709 • SyncE / IEEE 1588-2008 PTP timing • Tunneling services optimized ASR 9001 ASR 9006 ASR 9010 ASR 9922 2 RU 6 slots (¼ rack) 10 slots (½ rack) 22 slots (fullrack)LC / Chassis 2 IO Slots 4 LC + 2 RSP 8 LC + 2 RSP 20 LCMax Bandwidth / Slot 440G 440G 1.2TBBW / Chassis 240 Gb 3.2 Tb 6.4 Tb 48 Tb Double your system capacity by upgrading any ASR 9000 product to an ASR 9000 nV System
  34. 34. Route Switch Processor 440 • More than 2x boosted System Capacity • 220Gbps FDX per Slot (220G in + 220G out) • Fully compatible and supported on all existing chassis types (9006 & 9010) • Ultra High Speed Control Plane Multi-Stage Switch-fabric • MultiCore Intel CPU (Nehalem Class) System Design • Huge Scale through High Memory option • 12GB Memory at FCS for -SE version • Time and Synchronization • IEEE 1588 v2 PTP support • GPS ToD • BITS • Dedicated Virtualization Cluster EoBC 10GE ports on-board Linecard w/ Redundant Linecard w/ Ultra High Capacity NextGen Ultra High Capacity Fabric Access Switch Fabric Fabric Access © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
  35. 35. ASR 9000 BNG: IPoE Sessions RADIUS IPoE sessions • 1G and 10G ports • Support for LAG IPoE CPE • Logical (dot1q or QinQ) interfaces with ambiguous vlan Routed definition Residential • Configurable on 1:1 and N:1 relationships betw/VLAN and IPoE Session A • DHCP based Discovery and packet based triggers • Session lifecycle based on DHCP Lease Tracking and STB Split Lease Residential GPON • authentication methods MSAN VDSL • Transparent : NAS port IPoE – DHCP Option 82 sessions STB – DHCP Option 60 IPoE CPE – vlan encap Bridged • Web Based with HTTP redirection • Forwarding model can be Native IP, MPLS ans L3VPN © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
  36. 36. ASR 9000 BNG: PPP and IP/DHCP Enabling Smooth Coexistence Coexistence of PPPoEoE and IP/DHCP RADIUS DHCP Portal based subscribers on same Ethernet interface  Enables step-wise migration  Unified Session management provide seamless management RADIUS / AAA push/pull RADIUS based methods to authenticate Per Sub/Service Accounting and account IP/DHCP based subscribers Self-pro-  NAS port visioning / Selfcare  DHCP Option 82 PPPoEoE HTTP-R  DHCP Option 60 IPoE DHCP Proxy IP/DHCP Session Flexibility Internet  IP based and VLAN based DHCP Subscriber Sessions sessions enable support for 1:1 and N:1 VLAN models IP address Mgt. DHCP Proxy © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
  37. 37. BNG and CGN NAT44 on ISM ingress LC ISM egress LC CGN supported at full session scale Inside Outside VRF VRF Private IPv4 Interface Public IPv4 Subscribers AppSVI ISM AppSVI VLAN Subscriber session ISM performs Translated traffic sent to ISM translation and subscriber’s traffic through VRF mapping forward packet forwarded on or ABF into outside VRF interface in outside VRF Compliant with standard NAT behaviors (RFC4787, RFC5382, RFC5508)
  38. 38. ASR 9000 nV (Network Virtualization) TechnologySimplify operations & scale ASR 9000 “nV System” ASR 9000 Simplify Operations Cloud Reduce overall TCO nV Integrated A to Z Management Network Multi-dimensional nV Scale Client System and services scale ASR ASR 9000v 9000v Increased Service Velocity Quickly deploy new services
  39. 39. BNG Satellite + Cluster • Geo-redundant Dual Homing • High Availability MSAN nxGE ASR 9000 ASR 9000 • Huge 1GE Fan-out toward DSLAM VDSL BNG nV Distribution • Single-Chassis-like look & feel and Home Satellite Management of Cluster Members and Satellite Core • Increase capacity • Satellites appear like ASR 9000 Linecards • Simplified topology, No Spanning tree/MC-LAG or other L2 redundancy protocols needed© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
  40. 40. Creating an ASR 9000 Virtual System with nV Technology Enables a self protected, self managed ASR 9000 virtualized system Third-Party Services/ Content Control plane Virtualized Control & Data Plane Remote Data plane Inter-chassis Connections ASR 9K Control Series Core plane 0 1 Activ Standb Activ Standb Remote Data e y e y plane RSP RSP RSP RSP Edg L L L L L L L L e C C C C C C C CRemote nodes are viewed as linecards andremote platforms are discovered automatically. Aggregat ionRemote nodes are provisioned by the host. Virtualized control plane achieved via EOBC between RSP’s provides hitless outage upon node failure.Software images for remote nodes can be Acceupgraded automatically and features are in sync. ss Virtualized data plane achieved through linecard inter- chassis connections.A self-managed access is created allowing scaleto be decoupled from a single platform. A self-protected virtual chassis is created doubling the system capacity.
  41. 41. BNG nV Edge – Distributed ArchitecturesBNG on Aggregation – Access Node Dual Homing LAG Agg. Dist. LAG Act. H1-A H1-B A1 D1 Core H2-A Stb. H2-B A2 D2• single access bundle (LAG) for Access • single access subnet to subscriber Node dual homing – Single subscriber subnet advertised toward core (minimizes subnet fragmentation – Active/Standby member link, OR issues) – Source based (US), Destination based – No split subnets (DS) loadbalancing – No host route advertisement – No MC-LAG, PADO delay (PPPoE), • stateful failover Access redundancy protocol – no session re-establishment on node failure © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
  42. 42. BNG nV Edge – Centralized Architectures Announce all Subscriber IP Address Pools ASR 9000 LAG Agg. Dist. LAG or other Virtual Cluster Act./Stb. method Act. Act. Act. H1-A Stb. Stb. A D R H1-B 1 1 0 MC-LAG MC-LAG Core Act. H2-A Stb. Stb. A D R H2-B 2 2 1 Announce all Subscriber IP Address Pools • Upstream Core routers perform Flow all traffic to a given subscriber will end Based ECMP on a single chassis • Since only one link per LAG is active, • Subscriber SLA integrity is kept© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
  43. 43. BNG nV Edge – CentralizedArchitectures Failover and Packet Flow Announce all Subscriber IP Address Pools ASR 9000 LAG Agg. Dist. LAG or other Virtual Cluster MC-LAG MC-LAG Act./Stb. method Act. Stb. H1-A Stb. Act. A D R H1-B 1 1 0 Core Stb. H2-A Act. Act. A D R H2-B 2 2 1 Announce all Subscriber IP Address Pools • Upstream Core routers perform Flow traffic to a given subscriber will end up Based ECMP on a single chassis • Since only one link per LAG is active, all • Subscriber SLA integrity is kept © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
  44. 44. BNG Satellite – Low Total Cost of Ownership • Huge 1GE Fan-out toward DSLAM MSAN ASR 9000 nxGE ASR 9000 VDSL BNG nV Distribution • Auto detect and provisioning Home Satellite between nV Host and Satellites • Satellites appear like ASR 9000 Core Linecards, same features and consistency • Single image upgrade • Simplified architecture ASR 9000v ASR 903 ASR 901© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
  45. 45. Q&A #CiscoPlusCA
  46. 46. We value your feedback.Please be sure to complete the Evaluation Form for this session. Access today’s presentations at Follow @CiscoCanada and join the #CiscoPlusCA conversation
  47. 47. ISG’s Subscriber Identification AAA Policy Portal DHCP A construct in Cisco IOS that Aggregation Internet/Core represents subscriber ISG subscriber session: created at First Sign Of Life (FSOL) N:1 relationship between session and interface FSOL PPP Sessions PPP call request Received Packet w/ unknown IP or MAC source address IP or MAC initiated IP session IP Session DHCP Discover DHCP initiated IP session RADIUS Request RADIUS initiated IP session