White Paper: IP VPN and Ethernet WAN Services


Published on

An overview of Ethernet WAN deployment and of the benefits to the Service Provider of Ethernet Demarcation Devices, for both 'wires only' Ethernet Access to IP VPNs and for native Ethernet WAN Services.

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

White Paper: IP VPN and Ethernet WAN Services

  1. 1. Carrier Ethernet ServicesIntroductionFor some years now, the principal Next Generation Network offerings of Telecoms Service Providers, formid to large sized Enterprises, have been based on IP Virtual Private Network (IP VPN) technologies.The term Next Generation Network is one of those wonderfully flexible marketing phrases which hasbeen used (and possibly abused!) for many years. In reality, the term has never referred to a single, welldefined architecture. Essentially the phrase originated in relation to Wide Area Network architectures, aspacket-based networks emerged after the long-time dominance of TDM based PDH/SDH networkinfrastructures. Generally, of late, it has become synonymous with the deployment of IP Routed networks,underpinned by Multi-protocol Label Switching (MPLS). Out of this core technology has emerged an arrayof commercial IP VPN services, which are attractive primarily through support of both Quality of Servicefeatures and flexibility of Access technology.More recently Ethernet, the ubiquitous technology of the Corporate Local Area Network (LAN), hasevolved to the extent of becoming a viable choice for Wide Area Network (WAN) deployment. For sometime, Ethernet has been one of the Access options for IP VPN networks, but increasingly Ethernet Layer-2 WAN Services are now being adopted, as a either a competitive or complementary approach to IPVPNs.This paper provides a brief overview of both IP VPN and Ethernet WAN services, looking at the pros andcons of both, from the perspective of both Service Provider and customer, and then considers some ofthe challenges facing the Service Provider community, both in meeting increasing customer demands forWires Only Ethernet Access to IP VPNs and in making the transition to the provision of Layer-2 EthernetWAN services. Not least of these challenges is the ability of the Service Provider to offer strong customerservice value to their clients in relation to provisioning and troubleshooting, when local connectivity isalmost invariably provided via wholesale tail circuits offering little or no management visibility to theService Provider at the point of hand off from WAN to LAN at the customers premises.Backgrounder - Next Generation Networks and MPLSThinking back in history a little, (to around the mid 80s), Wide Area Networks used to link Ethernet LANdomains, were initially Bridged, i.e. decisions as to whether to forward particular Ethernet packets acrossthe WAN link were based upon algorithms requiring the learning of Ethernet Media Access Control(MAC) addresses of end-station devices. The rapid uptake thereafter of protocol-specific Routers, and theincreasing ubiquity of IP as the protocol of choice, gave greater scalability, resilience and security to WANarchitectures.IP Routers offer the potential for building resilient mesh networks, but in a traditional routed IP network,each Router makes an independent forwarding decision for every packet based on the packet’s IPaddress header. A simple Routed mesh network is shown in Fig. 1. B A C Fig. 1: Each Router in a traditional IP Router network must make next hop forwarding decisions for each packet in turn D E Ethernet WAN Services Page 1 of 12
  2. 2. Carrier Ethernet ServicesWhen a packet arrives at a Router port, that Router has to determine where best to forward the packet forthe next hop, in order to reach the required destination. Ultimately, in a large and high throughputnetwork, this becomes performance limiting. In the mid 90s, the mechanism of Label Switching wasdeveloped, largely to ease the congestion caused by Route calculations in IP Core networks, leading tothe development of the standard for Multi-protocol Label Switching, MPLS. In fact, MPLS wasarchitected to support various Network transports, including ATM and Frame Relay, but we will considerhere the way in which MPLS brings a connection oriented approach to the essentially connectionlessprotocols of IP and Ethernet.In an MPLS environment, packets entering the network are handled in a particular way based on adefinition known as Forward Equivalence Class (FEC). FEC typically relates not only to the IP Subnetassociated with a packet, but also to service Class, and packets exhibiting similar FEC characteristics aretreated essentially as members of a group and are assigned a similar label, i.e. a short packet header,which will determine the path to be taken for such packets across the MPLS network. Packets withdifferent FEC characteristics will be assigned a different label and may take a different path through thenetwork. Each Router in the network maintains a table indicating how to handle packets determined bythe label, so once the packet has entered the network, Routers no longer need to perform IP addressanalysis and can make rapid and consistent forwarding decisions depending upon the label.One of the key benefits of MPLS is that it separates forwarding mechanisms from the underlying data-linkservice. MPLS can be used to create forwarding tables for data streams independently of the networkaccess mechanism and traffic type, so Service Providers can use MPLS to deliver a wide variety ofservices and to support a wide array of access technologies. The two most popular traffic types supportedover MPLS are Layer-3 (IP) BGP/MPLS VPNs (based on RFC 2547) and Layer-2 (or pseudowire) VPNs.RFC 2547 VPNs have been very widely implemented. The implementation defines a peering architecturein which customer edge (CE) Routers exchange routes with Service Provider edge Routers, denotedProvider Edge (PE). These then deliver VPN tunnelling across the Service Providers MPLS LabelSwitching Router (LSR) network, using paths defined by the label switching mechanism. For IP VPNservices, the MPLS VPN backbone uses Border Gateway Protocol (BGP) for routing, and once the CE-PE peering is implemented using BGP, thereafter the Service Providers MPLS network takes fullresponsibility for secure, reliable end-to-end packet delivery.For many Service Providers, the above scenario encapsulates the essence of the term Next GenerationNetwork, and services based on the IP VPN approach are offered for a variety of different access media,as illustrated in Fig. 2 below. Remote Sites Home Workers ADSL SDSL ADSL Internet IP VPN over MPLS Core Network 2Mbps E1 Leased Line Secure Access Storage and Application Servers For Home & Mobile Workers Ethernet 1Gbps Regional Office Corporate HQFig. 2: Multi-access IP VPN Network Ethernet WAN Services Page 2 of 12
  3. 3. Carrier Ethernet ServicesNote that in the case of IP VPNs, the Service Provider is very much involved in the overall IP Routingtopology of the customer, which inevitably means a high level of complexity (and, by association, cost) forthe Service Provider at the time of network commissioning and a subsequent degree of sharedresponsibility between customer and Service Provider for any adds, moves and changes which arerequired thereafter.Ethernet into the WANWe have already seen, in Fig. 2, that Ethernet is commonly used as one of the access vehicles forCorporate IP VPN networks. The scalability of bandwidth and familiarity of Ethernet lends itself to thisrole. In reality, Ethernet might be delivered across into the WAN cloud via a number of different Accessmedia, including multiple bonded copper pairs for lower-speed connections (the so-called Ethernet in theFirst Mile or EFM offerings based on SHDSL technology) and fibre for higher speeds.In some instances, particularly those in which the customer requires high connection speeds, protocoltransparency and may wish not to have a Service Provider involved in their overall Routing topology, thenas an alternative to the Virtual Routing nature of an IP VPN, the customer may prefer the greatertransparency, flexibility and connection speed scalability of a Switched Ethernet service for their WANbackbone. Depending on the complexity of the WAN architecture (i.e., single site, multi-site...), this mightmean that either one or more point-to-point Switched Ethernet links are appropriate, or alternatively that aMulti-point Virtual Ethernet network architecture is preferred.Since we have already established that Service Providers New Generation (lets call them that, ratherthan next generation !) Core Networks have become almost exclusively built around MPLS, what optionsexist for supporting raw Layer-2 Ethernet connectivity in an MPLS environment (i.e. rather than Ethernetsimply being the Access vehicle for a Layer-3 IP network)? Essentially, two main models have emerged,corresponding to the two scenarios outlined above. They are generally termed (i) Virtual Private WireService, for Point-to-Point links, and (ii) Virtual Private LAN Service (VPLS), for Point to Multipointnetworks.Virtual Private Wire Service implementations use effectively Label Switched pseudowire tunnels, whichare created between the Service Providers PE Routers across the MPLS network, delivering Ethernetpackets between two points across the MPLS cloud.Virtual Private LAN Service (VPLS) implementations use potentially a number of slightly differentmechanisms, by which the MPLS Core network can emulate one or more flat Ethernet network domains. Layer-2 Ethernet VC Connections CE CECustomer Customer Site PE PE Site MPLS CORE NETWORK Meshed Pseudowire Links PE Fig. 3: A full mesh of pseudowires is used to connect all CE (typically a switch) provider edge (PE) devices supporting a given VPLS VPN Customer Site Ethernet WAN Services Page 3 of 12
  4. 4. Carrier Ethernet ServicesDifferent equipment vendors have proposed a number of variations in the areas of discovery of membersto include within a given Layer-2 Virtual Network, and of signalling used to establish and tear-downindividual Layer-2 pseudowire connections, but the net result is the same.Using MPLS like this for Ethernet has some knock-on benefits in terms of overcoming the distancelimitations within traditional switched Ethernet Networks and extending Ethernet broadcast domainspotentially across a whole WAN infrastructure. Effectively, a single PE can transmit Ethernet packets tomultiple remote PEs, connecting a customer site to any or all other customer sites as required. Aschematic VPLS network is shown in Fig. 3After all this talk of the inner workings of Service Provider networks, it may just be worth mentioning thatvarious evolutions to MPLS, notably MPLS-TP (Transport Profile), have emerged, as a vehicle foroptimisation of MPLS when carrying purely packet-based traffic, i.e. IP &/or Ethernet. An alternativetransport mechanism, optimised for Ethernet delivery across Core Carrier networks, known as ProviderBackbone Bridging, with Traffic Engineering (PBB-TE) has also been mooted, although at the time ofwriting this White Paper, it would seem that the ubiquity of MPLS is speaking volumes in relation to thelikely outcome of this particular battle!Of more significance in relation to the focus for this Paper, is a consideration of the positioning, for bothService Providers and customers, of IP VPN vs. Ethernet WAN services.IP VPN CharacteristicsIP VPN WAN services have been available for several years and are offered by both 1st tierNational/International Carriers and 2nd tier Service Providers worldwide. A large number of enterpriseshave adopted IP VPN services, allowing them to interconnect hundreds or thousands of disparateregional, national, and global locations very effectively.As always, there are both benefits and disadvantages associated with any service. However, the mostimportant characteristics of IP VPN services are:● Flexibility of Access IP VPN architectures support a wide range of Access technologies and media. These can include traditional SDH/PDH Leased Lines, DSL services, Frame relay, ATM and Ethernet. This is a great strength of IP VPN services in that connections from individual users or small office locations, right up to regional or HQ locations, may be made to the corporate VPN service, through a variety of available Access networks, at an appropriate bandwidth.● Scalability IP VPNs are essentially IP routed networks. As such, they offer a highly scalable platform for supporting very large enterprise networks with hundreds or even thousands of enterprise locations. Routed connections between Service Providers, and the large number of Service Providers offering IP VPN services, can enable connections for an enterprise customer to extend geographically on a regional, national or global basis, with the possibility for rapid expansion.● Routing control Outsourced By deploying IP VPNs, enterprise IT managers effectively adopt a single architecture for WAN connectivity, eliminating the challenges of operational and resource planning and of maintaining the traditional plethora of separate networks. The status of the Service Provider becomes that of a trusted partner, responsible for managing all aspects of WAN connectivity. Critically, the enterprise effectively outsources control over network Routing, which some IT managers may feel compromises their ability to manage security throughout the enterprise, i.e. within both LAN and WAN environments. The Service Provider also typically takes responsibility for traffic policies within the WAN, such as the prioritisation of critical applications and the effective handling of Ethernet WAN Services Page 4 of 12
  5. 5. Carrier Ethernet Services latency-sensitive real-time applications including VoIP and Video, using the Class of Service (CoS) tools inherent within IP VPN architectures. The enterprise undoubtedly becomes reliant upon the expertise and processes of the Service Provider. This is true not only at commissioning time and during day-to-day operations, but also whenever the enterprise makes any changes to their applications or environment. The Service Provider remains integrally linked with the enterprise and routing re-configurations associated with adds, moves and changes are managed by the Service Provider.Ethernet WAN CharacteristicsEthernet WAN services have evolved rapidly over the past few years. Initially, they were restricted largelyto Metro area networks, but are now available Nationally and Internationally from leading ServiceProviders.The key drivers for Enterprise adoption of Ethernet WAN services have been low cost, ease ofimplementation and a familiarity with Ethernet. Since its launch in the early 80s, with the final demise ofIBMs Token Ring by the end of the 90s and despite brief incursions by the likes of FDDI and then ATMas LAN transports during that decade, Ethernet has achieved the status of becoming the singularuniversal technology of fixed infrastructure LANs over the past twelve or so years.Ethernet WANs use the same familiar industry-standard technologies which have evolved from earlyEthernet LAN Bridging and Switching, including:● Ethernet MAC addresses are used for forwarding traffic, with conventional MAC address learning used by WAN Access points. Edge switches learn which addresses exist on particular paths through the WAN and maintain a table of addresses such that only packets destined for a given address are forwarded across the appropriate WAN link, improving overall network performance.● Virtual LAN (VLAN) constructs are accommodated. VLANs definitions may be applied, using a number of different criteria, to groups of devices on one or more LAN segments which can then be treated as members of the same physical network whilst remaining logically separate for security or performance purposes. Single or multiple VLAN Tags (i.e. packets embedded within in the Ethernet frame header) are applied to denote such logical groupings and may be either embedded within the data stream in a customer network prior to presentation to the WAN service, or added by the Service Provider at the point of access to the WAN, as a mechanism for determining destination paths across the WAN. Since multiple VLAN tags may exist within the Ethernet frame header structure, then they become an important aspect of packet handling in both LAN and WAN.● Support for CoS, alternatively known as Quality of Service (QoS). LAN users are familiar with the application of prioritisation (typically defined by the application of the 802.1p prioritisation field to the VLAN header of an Ethernet frame) to signify the relative importance of handling particular frames, corresponding to certain traffic types, in a timely manner. At the WAN edge, Packets of different prioritisation are generally applied to different queues which may be then serviced at different rates for preferential transmission into the WAN. This is particularly significant for real-time applications such as VoIP, which is generally prioritised over less critical Internet data.As noted previously, Ethernet WAN services can be either point-to-point or multipoint in nature.Ethernet WAN services offer a number of potential benefits to both customer and Service Provider,including scalability, reliability, reduced complexity, management and flexibility. Ethernet WAN serviceshave the following key characteristics:● Routing control is retained by the customer Unlike the case of IP VPNs, Routing control in the WAN is maintained by the enterprise customer. Certain enterprises prefer not to share their routing topology and schema and do not wish to outsource this potentially sensitive aspect of their operational control. With an Ethernet WAN service, Ethernet WAN Services Page 5 of 12
  6. 6. Carrier Ethernet Services the customer implements and maintains fully its own end-to-end network routing decisions. The customer can change its routing environment according to the evolving requirements of the enterprise, without having to involve the Service Provider, thus retaining a greater degree of control over security.● Protocol transparency Ethernet WANs have the inherent ability to transport all legacy application protocols. Ethernet is a Layer-2 protocol and can support any higher-order network protocol, making it an ideal method of supporting legacy applications that are still in use by some enterprises. It is nevertheless true to say that by far the majority of traffic in todays networks comprises IP packets.● Ethernet Operations and Maintenance (OAM) Ethernet WANs offer a more comprehensive OAM toolkit than historic Layer-2 WAN architectures. The Metro Ethernet Forum (MEF), the International Telecommunications Union (ITU), and the Institute of Electrical and Electronics Engineers (IEEE) have developed a number of OAM standard protocols which provide mechanisms to manage and monitor the performance of communications on the Ethernet WAN, including, most recently, the ability to monitor the key parameters of Throughput, Frame Loss, Latency (i.e. traffic delay across the network) and Jitter (i.e. variations in traffic delay).Comparison summary of Ethernet WAN Services vs. IP VPNA summary of the essential differences which have been outlined (plus some which are a consequence ofthe relative complexities of the two environments) between IP VPN services and Native Layer-2 EthernetWAN services, are shown in Table 1 below.Attributes IP VPN Ethernet Virtual Private Wire Ethernet Virtual Private LANAccess technology Any Ethernet EthernetEnterprise protocol IP only Multi-protocol Multi-protocolConnection topology Multi-point Layer-3 (IP) Routed Point-to-Point Layer-2 Switched Multipoint Layer-2 SwitchedC0S / Q0S Support Yes Yes YesSLA Support Yes Yes YesRouting responsibility Shared between Service Provider Service Provider for L-2 Switching, Service Provider for L-2 Switching, and customer customer for L-3 Routing customer for L-3 RoutingTroubleshooting Higher Low LowcomplexityTypical connection 64kbps - 1Gbps 1Mbps - 10Gbps 1Mbps - 10GbpsspeedsLatency Generally higher than Layer-2 Low Low servicesProvisioning complexity High, close collaboration between Low Low Service Provider and customerComplexity of adds, Relatively high, Routing tables to be Point-to-point service only Lower than IP VPNmoves and changes updated, close collaboration requiredBandwidth upgrades Complex, Service Provider must re- Rapid Rapid provision through Routed networkCost per unit bandwidth Generally higher than for pure Layer- Generally lower than IP VPN due to Generally lower than IP VPN due toto the customer 2 services, due to higher complexity lower complexity lower complexity Table 1. Comparisons between Ethernet and IP VPN WAN ServicesIn real-word deployments, there is rarely a one size fits all solution, and not surprisingly there are agrowing number of hybrid networks offered by Service Providers, promoting a combination of EthernetWAN services and IP VPNs. One such example is that Ethernet WANs can be an excellent choice forhigh bandwidth connections between Corporate HQs and Data centres, with IP VPN domains being Ethernet WAN Services Page 6 of 12
  7. 7. Carrier Ethernet Servicesused to extend corporate backbone connectivity out to smaller branch office locations serviced by avariety of Access technologies.Network Management challenges for the Service ProviderIt is not surprising, given the comparison table above, that the key aspects which have been identified bymany market analysis companies over the few years, regarding the likely evolution of Ethernet WANservices, are the simplicity, familiarity, throughput scalability, latency and, above all low cost (measuredboth in terms of initial commissioning and through life TCO) of Ethernet services. Current indicators arethat whilst both IP VPN and Ethernet WAN service volumes are growing (to a combined total of over$80bn during 2016, according to Infonetics), the key factors above are set to drive the growth of EthernetWAN services well above that of IP VPN throughout the decade to 2020.One challenge facing Service Providers in the delivery of both Ethernet Private Wire (or E-Line astermed by the Metro Ethernet Forum) and VPLS (or E-LAN) services is already well known by thoseproviders choosing to offer Wires-Only Ethernet connections today for IP VPN services. Consider themodel in Fig. 4 below; Value-Added NOC Services INTERNET PSTN (via SIP G/W) Service Provider Core Network Service Provider provisions and manages Routers and IP/ MPLS IP addressing schema Customer Customer Service Providers Site A Site B Managed CPE Routers Customer Customer Ethernet demarcation demarcation Ethernet connection connection Fig. 4: IP VPN with Managed CPE RoutersIn this classic Service Provider topology, the provider has full manageability not only of the core MPLSnetwork, but also right up to the point of the Customers LAN connections, i.e. via Managed CustomerPremise Equipment (CPE) Routers.As weve said earlier, not every customer will wish to pay the premium for an edge Router device to beinstalled, configured and managed by the Service Provider within their own premises. Moreover, manyService Providers look to third party Integrators and Resale partners to promote their core services, butsuch partners often wish to bring their own added value to their customers, including providingmanagement of their WAN environment, for which they may wish to install their own managed Routers atcustomer premises, in place of those of the Service Provider shown in Fig. 4.Either way, the Service Provider is faced with offering a so called wires only service, for which they haveno physical equipment at the actual point of connection to the ultimate customers LAN.So, whats the problem with this? Well, the picture of Fig. 4 is somewhat simplified. In reality, most oftenthe Service Provider is not actually the same company which provides the physical copper or fibre overwhich the core WAN connects into the customer site. Even those large National Carriers such as BT, Ethernet WAN Services Page 7 of 12
  8. 8. Carrier Ethernet Serviceswhich owns the majority of last mile infrastructure in the UK, may be forced by the terms of Telecomsmarket deregulation, to separate control of that infrastructure via a largely independent company, in BTscase OpenReach. Consider now the more complete case shown in Fig. 5. Value-Added NOC Services INTERNET PSTN (via SIP G/W) Service Provider Core Network Service Provider must still take an active role in IP addressing schema IP/ MPLS Infrastructure Carrier Infrastructure Carrier Ethernet Circuit Ethernet Circuit (Typ. via wholesale) (Typ. via wholesale) Problem! Lack of Management Customer Customer Visibility here for the SP Site B Site A Customer demarcation (Ethernet connection) Customers Routers Fig. 5: Wires only IP VPN showing 3rd party Tail circuits to customer premisesIn this case, we see that the customer site Router equipment is now owned by the customer themselves(or alternatively by an Integration partner of the Service Provider, but either way not by the MPLS WANnetwork provider). Moreover, the connection from the core MPLS network to the customer site is nowshown provided by 3rd party tail circuits, typically supplied via wholesale arrangements. In fact, these tailsmay not simply comprise a straightforward last mile connection, but may be quite complex, involvingpotentially more than one infrastructure provider, and extending from wherever the customer requiresconnection back to the location of the Service Providers nearest point of MPLS network presence.In this increasingly common scenario, we see that the Service Provider not only has no visibility at thepoint of connection to the customers LAN, but that in the worst case there may potentially be a long andcomplex multi-hop, multi-organisation link from the customers site back to the nearest point ofmanagement access for the Service Provider. Its quite easy to understand how this can lead to a greatdeal of planning complexity for the Service Provider at the time of initial commissioning, and a realchallenge for any subsequent troubleshooting. It is very often the case that the Service Provider has no rdvisibility inside the 3 party infrastructure and must either be reliant on a strong SLA for each such link, orbe prepared, at considerable cost, potentially to dispatch skilled staff with relatively complex testequipment in order to be able to check different elements of the network well outside of the MPLS core.So, if this can be the case for Service Providers using Ethernet as an access vehicle for IP VPN networksover MPLS, what happens in the case of pure Layer-2 Ethernet WAN deployments?Essentially, the picture is little different, except that in this case the Service Provider will definitely not beinstalling an Edge Router as a customer CPE, since Layer-3 Routing architecture is always theresponsibility of the customer in the case of Ethernet WANs. Just as in Fig. 5, the Service Provider lacksvisibility at the point of customer connection, which may typically be either to a Router or in fact directly toan Ethernet LAN switch. Ethernet WAN Services Page 8 of 12
  9. 9. Carrier Ethernet ServicesIn both the case of wires only IP VPN and full Ethernet WAN deployments, one answer to the problemshighlighted above is for the Service Provider to deploy, for all such connections, a manageable EthernetDemarcation Device (EDD), sometimes alternatively known variously as a Network Interface Device(NID) or Network Termination Unit (NTU). Fig. 6, below, shows the example of an Ethernet WAN serviceterminated with basic EDDs at the customer premises. Value-Added NOC Services Ethernet Service Management Provider Core Network Management Access (MPLS with L-2 VPN or Access VPLS)Customer Infrastructure Carrier Infrastructure Carrier Customer Site A Ethernet Circuit 1 Ethernet Circuit 2 Site B (Typ. via wholesale) (Typ. via wholesale) Service Provider Service Provider demarcation Basic Ethernet Demarcation Devices provide End- demarcation Point Manageability, typically via dedicated Management Carrier VLAN (Q-in-Q S-Tag), or via protected Customer VLAN (Reserved C-Tag) Fig. 6: Ethernet WAN service including Ethernet Demarcation DevicesThe role of Ethernet Demarcation Devices is, at minimum, to provide management visibility andinformation regarding the customer connection point. At the least, they should be able to indicateconnection status and traffic levels looking both towards the core network and towards the customers firstconnected device.For Ethernet WAN networks, such as that of Fig. 6, it is possible that seamless end-to-end Ethernetconnectivity exists between customer end-point sites (shown as Site A and Site B above), whichenables the possibility for more advanced diagnostic and monitoring services to be available from theEDD units in relation to the full end-to-end link. In the case of Ethernet used as an Access technology foran IP VPN network, its likely instead that management visibility from the Service Providers NetworkOperations Centre (NOC) might be limited to individual core to customer-site links. Nevertheless, ineither case, such visibility and diagnostic tools offer considerable benefits in terms of networkcommissioning and troubleshooting, more than offsetting the comparatively low cost of EDDs.As shown in Fig. 6, in a Switched Ethernet WAN normally specific VLAN Tagging is used to differentiateUser traffic from the Service Providers Management traffic, and the EDD should be sufficiently flexible tooffer a number of different Tagging modes by which to identify and isolate both Management traffic andindeed potentially different classes of User traffic.Let us finally consider a more comprehensive picture of a typical Point-to-Point example of an EthernetWAN service, as shown in Fig. 7. In this case, we have highlighted the fact that it may very well be thecase (as for BT OpenReach EAD Services in the UK, for example) that the tail circuit provider is able tooffer the main Service Provider information about the status of such individual links, including bothconnection status and even potentially validation to specific Service Level Agreements (SLAs) relating to Ethernet WAN Services Page 9 of 12
  10. 10. Carrier Ethernet Servicescharacteristics of the tail circuit. Nevertheless, since any given tail may comprise one or more links andthe tail servicing Customer Site A may not be sourced from the same Infrastructure provider as thatservicing Customer Site B, this may be of little overall benefit to the end-to-end Service Provider,particularly because it is unlikely that the tail circuit provider will make available direct Managementaccess to their own demarcation devices, if indeed such devices are deployed. Value-Added NOC Services Management Ethernet Management Access Service Provider Access Core Network Customer Infrastructure Carrier Infrastructure Carrier Customer Site A Ethernet Circuit 1 Ethernet Circuit 2 Site B (Typ. via wholesale) (Typ. via wholesale) Carrier 1 Carrier 2 Circuit 1 SLA SLA Circuit 2 demarcation demarcation Service Provider Service Provider Service Providers demarcation demarcation End-to-End SLA Infrastructure Carriers may offer a clear SLA for their short or long-haul circuits, but this does not provide full end-to-end SLA assurance. Advanced EDD equipment offers this functionality Fig. 7: End-to-end SLA verification and monitoring facilitated by Advanced EDDsBy deploying their own advanced EDDs at each end of the link above, the Service Provider can,irrespective of the number and variety of 3rd party tail circuits, potentially verify both the connection statusand Service characteristics of the complete end-to-end link.Management visibility vs Performance assuranceOver the past few years, each of three Industry standards bodies, namely the Institute of Electrical andElectronic Engineers (IEEE), the International Telecommunications Union (ITU) and the Metro EthernetForum (MEF) have been active in developing and promoting both capabilities and standards in relation toCarrier (i.e. WAN) Ethernet Services. Most significantly, with respect to the challenges which we havediscussed here, a number of Operations, Administration and Management (OAM) protocols have beendeveloped relating to Ethernet WAN deployments.Relatively simple visibility and connectivity checking of single segment Ethernet connections is supportedby the Link OAM, or Ethernet First Mile (EFM) protocol, formalised initially as IEEE 802.3ah, by which itis still generally best known, albeit that this functionality has now been fully incorporated into the core ofthe 802.3 standard itself.An additional level of connectivity assurance is offered by those Demarcation Devices including theConnectivity Fault Management (CFM) protocol, formalised under the standard IEEE 802.1ag. CFMoffers the ability for a number of end-point devices to establish and monitor a community of reachable Ethernet WAN Services Page 10 of 12
  11. 11. Carrier Ethernet Servicesend-points and mid-points corresponding to a customers network, which can offer some degree of pro-activity to the Service Provider with regard to connectivity fault detection.Above and beyond connectivity management though, customers are increasingly asking of their ServiceProviders that they provision multiple traffic streams across their Ethernet pipe connections, to whichpotentially different criteria may apply for key network performance parameters, including acceptableframe loss ratio, latency (i.e. traffic delay)and jitter (delay variation), together with comprehensive trafficthroughput policing.In more advanced deployments, a Service Provider may need to provision multiple services per physicalEthernet connection. They may then be faced with the challenge to demonstrate to their customer, at thetime of provisioning, that specific performance parameters are complied with for each individual Servicedata stream within a given end-to-end Ethernet connection. Such parameters may be detailed within atightly defined Service Level Agreement (SLA), to which compliance should be verified.Furthermore, Service Providers may not only need to demonstrate SLA compliance at the time ofcommissioning, but they may be required to subsequently monitor in service traffic and take pro-activesteps with regard to any potential breach of SLA.Ethernet Demarcation Devices equipped with more advanced packet processing capabilities can offer avery effective tool to Service Providers in this regard. For example if a Service Provider, from a NetworkOperations Centre, can interact with an EDD in such a manner as to configure this device to issue one ormore test traffic streams across the network to a corresponding remote end-point, at which traffic may belooped and returned, this can be highly beneficial. Such test stream(s) can enable accurate reporting ofthroughput, packet loss, latency and jitter, for the end-to-end network link. Demarcation Devices with suchcapabilities are now available. Necessarily, such devices contain more than simple switch andmanagement processing functionality. Dedicated packet processing hardware is required in order toensure accurate time-stamping, test collation and reporting in real-time for line rates up to 1Gbps andbeyond.Another of the OAM protocols, this time the ITU-Ts Y.1731 suite, relates to the ability to provide in-service testing and reporting of SLA compliance, which is very much to the fore in the MEFs definitionsfor Carrier Ethernet service and to which is often referred as Performance Assured Ethernet (PAE).All of these capabilities, incorporated within the most recent generation of Advanced EthernetDemarcation Devices, combine to make these an extremely useful addition to the Service Providersportfolio of devices to ensure that their customers experience strength and depth in support.Metrodata Ltd Ethernet Demarcation DevicesMetrodata Ltd. is a long-standing UK developer and manufacturer of Interface Conversion and NetworkAccess solutions. The company has been a supplier to Governments, Corporations and TelecomsService Providers worldwide since 1989.Within the companys MetroCONNECT range of Ethernet Service Delivery solutions, Metrodata offersboth Basic and Advanced Demarcation Devices for use with both wires-only IP VPN and Layer-2 EthernetWAN solutions.The FCM9002 product supports Copper (RJ45) or Fibre (SFP) Network Connection up to 1Gbps withRJ45 connectivity to Customer equipment. Management visibility is offered to Customer site connectionsand the product supports the OAM protocols of IEEE 802.3ah (EFM) and IEEE 802.1ag (CFM). One ofthe most common frustrations experienced by Service Providers is that of network faults being reportedfrom customers which eventually are found to be due to simple power-downs of interface equipment. TheFCM9002 provides indication of local power-down to the Service Provider via both SNMP Trap and OAMprotocol alerting when power is withdrawn from the device (or alternatively should the PSU of the EDDitself fail). Ethernet WAN Services Page 11 of 12
  12. 12. Carrier Ethernet ServicesThe advanced FCM9004 Demarcation Device additionally supports a range of functions above andbeyond simple end-point visibility, at a very cost-effective price point, making this a natural choice forService Providers for CPE installation for services in the range of 100Mbps to 1Gbps. Fig. 8: MetroCONNECT FCM9004 Ethernet Demarcation Device (AC and -48V DC PSU variants)In addition to the features of the FCM9002, the FCM9004 offers: Service Multiplexing with advanced C-Tag, Q-in-Q S-Tag and Multi-Tag VLAN handling Per-flow Traffic Policing and Colour Marking for multiple services up to 1Gbps ITU-T Y.1731 for in-service performance monitoring and alerting Dedicated hardware Service Assurance Module, MetroSAM, providing Performance Assurance capabilities for Core-Edge and End-End network applications, including:  Embedded wirespeed test traffic generator with packet time-stamping  Layer 2/3 SA/DA Loopback for assurance measurement over extended networks  Throughput, Frame Loss Ratio, Frame Latency and Jitter analysis Off-line configuration toolset to enable remote profiling of customer connection requirements prior to installation Zero Touch Commissioning (ZTC) toolset, enabling simple installation with automatic detection and download of pre-prepared configurationFull information regarding the MetroCONNECT family of Ethernet Demarcation Devices, may be foundhere:http://www.metrodata.co.uk/solutions/ethernet-extension/carrier-ethernet-demarcation-devices.htm Metrodata Ltd. Fortune House, Eversley Way EGHAM, Surrey TW20 8RY U.K. +44 (0)1784 744700 sales@metrodata.co.uk www.metrodata.co.uk Ethernet WAN Services Page 12 of 12