The document discusses subscriber traffic and policy management on Cisco's ASR9000 and ASR1000 systems, emphasizing the evolution of broadband architectures and user-centric services. It outlines key features such as dynamic service updates, subscriber identification, and management functionalities enabled by Cisco's Intelligent Services Gateway (ISG). The document also highlights deployment models, scalability options, and specific technical capabilities for optimizing broadband delivery and subscriber experiences.

1. Subscriber Traffic and
Policy Management
(BNG) on the ASR9000
and ASR1000

2. Agenda
 The next wave of Broadband
 ISG Overview
 ASR1k as BNG/ISG
 ASR 9k as BNG
#CiscoPlusCA

3. The Next Wave of Broadband
#CiscoPlusCA

4. Evolution in SP Network Architectures
Diverged “per
Service”
Networks
• Increased revenue by decreasing
Converged “All cost of managing and
in One” maintaining multiple networks
Networks
• Increased overall revenue by increasing
Converged revenue per user
“User Centric” • Customized services
Networks • Rapid deployment of new services based on
market trends
• Subscriber Self Subscription and Self Care

5. The New User Experience – Cisco ISG
Enabling the Next Wave of Broadband
Add Subscribers
Register Log in
Add Services
Pay As You Pay What Broadband Broadband Broadband
Go! You Use! Light Basic Premium
Buy credit Buy Buy: $19.99 Buy: $29.99 Buy: $39.99
Add Value
Branded Branded Branded
VoD TV Phone
($4.99/movie) ($29.99) ($15.99 + LD)

6. The elements of customization
Subscriber identified using multiple
dimensions. Identity gathered:
Identity Subscriber
 From multiple sources and events Sessions
 Over session lifecycle
Subscriber
Different Services and Rules Services
applied based on: Intelligent
Differentiated  Who subscriber is
Services Services
 Where he is Session creation/
Gateway
 What he requires authentication
Services and Rules updated based on :
Dynamic Service Subscriber
 How subscriber behaves Services
Management Dynamic Policy
 What he requires NOW Push and Pull

7. Building the Identity and Assigning Services
Example
Subscriber
DHCP Exchange Starts DHCP Exchange Completes(*) Subscriber Authentication(*) Dynamic Service Update
T0 T1 T2 TN
BHAVANI BHAVANI
ISG Subscriber Session Subscriber Session Subscriber Session
Subscriber Session
MAC Addr: 00:DE:34:F1:C0:28 MAC Addr: 00:DE:34:F1:C0:28 MAC Addr: 00:DE:34:F1:C0:28 MAC Addr: 00:DE:34:F1:C0:28
Identities IP Addr: ? IP Addr: 10.1.1.211 IP Addr: 10.1.1.211
IP Addr: 10.1.1.211
Username: ? Username: ? Username: Bhavani Username: Bhavani
Services Service: DEFAULT_SRV Service: PPU_SRV Service: PREMIUM_FR_SRV
Service: DEFAULT_SRV
DEFAULT_SRV PPU_SRV PREMIUM_FR_SRV
Only permits Pay Per Use Service: Flat Rate Premium Data Service:
management traffic - Permits all traffic - Permits all traffic
through the session - 512K/1Mbps US./DS - 1M/8Mbps US/DS
- Accounting enabled on
session
(*) Order of operations not representative of a real call flow

8. Access Technology Abstraction
DSL DSLAM ATM/Ethernet
Switch
CMTS
Cable
Walled Garden Open Garden BRAS/BNG
 Subscriber-centric services regardless of: Access
Ethernet Distribution
Access Technology
Access Protocol
 Access Technology:
Legacy DSL/ATM 802.11 or
Metro Ethernet, Wireless LAN, Cable 802.16
 Access Protocol:
IP
PPP

9. PPP to IP Migration
Key Requirements Goal
There are 3 subscribers
connected through Create a per subscriber
Subscriber G0/1.10 construct over a shared
Access interface (“subscriber
Detection G0/1.10 session”)
John Subscribers are John,
Mike Mike and Ted. Uniquely establish
Ted
Subscriber John and Mike are HSI subscriber identity and
John users, Ted is VoIP user
authentication determine services and
and authorization Mike
G0/1.10 service levels per
Ted
subscriber
10.1.1.10 John
10.1.1.20 Mike Subscribers addresses
10.1.1.30 Ted should be:
Subscriber 10.1.1.10 John
Assign a unique IP address
John to each subscriber based
address 10.1.1.20 Mike
management Mike 10.1.1.30 Ted on provider domain
Ted G0/1.10

10. What is ISG? Subscriber Policy Layer
AAA Policy Web DHCP
…
Server Server Portal Server
Cisco Intelligent Services Gateway (ISG) is
Open a licensed feature set on Cisco IOS that
Northbound provides Session Management and Policy
Interfaces Management services to a variety of access
Policy networks
Subscriber
Management
Identity
Management ISG and Addresses PPPoE to IPoE migration while
Enforcement maintaining all subscriber management
functions
ISG
So focal, that the entire device is often referred as an:
Intelligent Services Gateway router or simply “The ISG”

11. ISG Overview
#CiscoPlusCA

12. ISG’s place in the network
AAA Policy Portal DHCP
Aggregation Internet/Core
Subscriber Identification:
based on:
- who he is,
- where he is,
• Deployed at access or - how he behaves
service edge - what he requires
Subscriber Authentication:
• Communicates with other - PPP CHAP/PAP
devices to control all - Transparent Auto Logon (TAL)
- Web Logon
aspects of subscriber - RADIUS
access in network
Subscriber Services Determination and Enforcement
• Single point of contact Dynamic Service update
Session Lifecycle Management: establishment, configuration and tear dow

13. ISG’s Subscriber Policy Layer
Subscriber Policy Layer
AAA Policy Web DHCP
Server Server Portal Server
Subscriber Authentication
Subscriber Authorization: User and ServiceInternet/Core
Profile Repository
AAA Server Per access and Per Service Accounting
Front-end toward billing system
Guest Video
Policy Server Dynamic Policy Push (Application Level Trigger)
Portal Audio
Open Garden Servers
Walled Garden
Front end toward the subscriber for:
Self Subscription
Web Portal Web Logon
Service Selection (Application Level Trigger)
Hand over of addresses to subscribers
DHCP Server Class-based address handover for ISG driven address pool selection
Note: AAA Server, Policy Server, Web Portal can co-reside in the sample appliance

14. ISG’s Dynamic Policy Activation
Dynamic Policy Pull Dynamic Policy Push
(e.g. Automatic Service-Profile (e.g. “Turbo Button”)
Download on Session Establishment) Application/
Service Layer event
Subscriber Policy Layer Subscriber Policy Layer
DHCP Web Policy AAA DHCP Web Policy AAA
Server Portal Server Server Server Portal Server Server
Network
Layer
Event
Guest Guest
Portal Portal
Open Garden Walled Garden Open Garden Walled Garden

15. ISG’s Northbound Interfaces
Subscriber Policy Layer
AAA Policy Web DHCP
Server Server Portal Server
Internet/Core
Guest Video
Portal Audio
Open Garden Servers
Walled Garden
RADIUS Interface, for subscriber AAA functionalities and Policy
service download PULL
RADIUS Extensions (RFC 3576) and XML based (SGI(*)) Policy
Open Interfaces, for dynamic, administrator or subscriber
driven, session and service management functions PUSH
(*) SGI: Services Gateway Interface

16. The Subscriber Session in ISG ISG Session
Subscriber Policy Layer
AAA Policy Web DHCP
Server Server Portal Server
Subscriber 1 Subscriber 1
session
Subscriber 2
Subscriber 2 Internet/Core session
Subscriber 3
Guest Video session
Subscriber 3 Portal Audio
Open Garden Servers
Walled Garden
• Construct within Cisco IOS that represents a subscriber
– subscriber: billable entity and/or an entity that should be authenticated/authorize
• Common context on which services are activated
• Created at first sign of peer activity (FSOL = First Sign Of Life)

17. Dynamic Session Initiation ISG Session
• ISG sessions are initiated at the First Sign of Life (FSOL)
• FSOL depends on the Session Type
PPP Sessions - FSOL IP Sessions - FSOL
.... there are options .....
Unclassified MAC or IP  IP packet with unknown MAC
Data Traffic or IP source address
Use MAC for L2-connected IP
sessions
PPP Call Request (LCP) Use IP for routed IP sessions
DHCP
 DHCP Discover message
DHCP discover
 ISG must be DHCP Relay or
Server
RADIUS RADIUS
Access Request OR
 RADIUS Access/Accnt Start
Accounting Start  ISG must be a Radius Proxy
Wireless
AP
 Typically used in PWLAN and
Client
WiMAX environments

18. Session Authentication Resources Only to
Authentication: Allow Access to Network
ISG Session
Recognized Users
Authentication models supported:
• Access Protocol Native Authentication:
– PPP: CHAP/PAP
– IP: EAP for wireless client
– DHCP Authentication
• Transparent Auto Logon (TAL):
– Authenticates using subscriber related
network identifiers
– e.g. MAC/IP address, DHCP Option 82,
PPPoE Tags...
• Web Logon
Authentication Is Not Mandatory on a Session,
but Used in Most Situations

19. ISG’s Subscriber Authentication
- IP sessions
IP – common scenarios
+ Web Logon Web AAA • User traffic redirected to Web Portal to enter credentials
Portal Server • User Credentials propagated to ISG
• ISG uses credentials to authenticate user with AAA server
RADIUS
Data Traffic Username: WebLogon • Applicable to all session types
Username
redirection
TAL: Option82 Auth AAA • Access Switch inserts Option82 Circuit and Remote ID in DHCP
Server Requests
DHCP exchange RADIUS • ISG performs authentication using a combination of Circuit and
Username: RemoteID
Access SW inserts Option 82 MAC/RemoteID:CircuitID
CircuitID/RemoteID
• ISG session must be DHCP initiated
• User starts EAP authentication with Access Point (AP)
EAP Auth
AAA • ISG impersonates RADIUS server toward AP, and RADIUS client
RADIUS Server toward real server
EAP (EAP based auth)
RADIUS • ISG learns session authentication status by proxying RADIUS
Wireless Username: messages betw/ real RADIUS client and Server
Client AP EAP username
• ISG session must be RADIUS initiated
TAL:IP/MAC AAA • ISG performs authentication using identifiers from subscriber traffic
Data Traffic Server (source IP/MAC)
RADIUS • Typically used in topologies w/ L2 connected subscribers to support
- Username:
MAC or IP
clients w/ static IP address or in IP-routed topologies

20. Session TerminationPPP Sessions
IP and
ISG Session
Idle and Absolute Timeouts/Timer Expiry Web Logoff Web
Portal
RADIUS CoA
Account-Logoff
PPP Sessions Exclusively IP Sessions Exclusively
ICMP/ARP keepalive failure
Keepalive failure
PPP and PPPoX protocol events
ICMP Keepalives used for routed sessions
ppp disconnect; ppp keepalives or L2TP ARP keepalives used for l2-connected sessions
hellos failure DHCP OR DHCP DHCP
lease expiry initiated
DHCP Release
RADIUS PoD (Packet Of Disconnect) Policy sessions
Manager only
RADIUS PoD
RADIUS
RADIUS RADIUS
EAP Accounting Stop initiated
Wireless sessions
Client AP only

21. ISG Services ISG services
• Service: A collection of features that are applicable on a subscriber session Service =
{feat.1, feat.2,...,feat.n}
Portbundle (PBHK)
Session
Keepalives: ICMP and ARP based
Features Administration Timeouts: Idle, Absolute
QoS: Policing, MQC
Traffic Conditioning
Security: Per User ACLs
Subscriber Address Assignment Control
Traffic Forwarding Redirection: Initial, Permanent, Periodic
Control VRF assignment: Initial, Transfer Associated to
L2TP assignment
Primary Services
PostPaid
Prepaid: Time/Volume based
Traffic Accounting Tariff Switching
Interim
Broadcast
 Primary Service: Contains one “traffic forwarding” feature and optionally
other features; only one primary service can be active on a session

22. ISG Feature Granularity
Subscriber Session
Classification
ACL
TC1 Session
Flow Features
ACL
SubscriberX TC2 grouped in
Features
Data Session
ACL
TC3 Services
• ISG Classification resembles • Each Traffic Class can have a
different set of features applied
Modular QoS CLI (MQC)
• A Traffic Class and associated
• IP ACL (standard or extended) features also referred as
are used to create differential TC service
flows (Traffic Classes) • A Default TC can be used to drop
traffic that could not be classified

23. Defining Services
1
 Premium HSI service
AAA Server should be activated 2 RADIUS Access-request
 Services defined in Service Profiles on the session Username: Premium_HSI
 Standard and Vendor Specific  No definition yet Password: <service pwd>
available
RADIUS attributes used
 Service Activated on session 3 RADIUS Access-accept
 On demand download on a  Service Stored in local cache Features associated w/ service
need basis while in use by at least 1 sessions
4
• Definition of all existing Services
Policy Manager typically pre-downloaded on Box
(supporting the SGI Interface) 1 SGI Request
 Services defined in XML Premium, Standard, Basic
3 HSI service definitions
 Pre-download of all existing services  Services permanently stored
in local database 2 SGI Response
ISG
 Services pre-configured using CLI
 Services permanently stored
 Services defined on Service Policies: in local database
policy-map type service <name>

24. How Services Are Activated on a Session?
During Subscriber Via an External Policy Via the On-Box Policy
Authentication/ Manager/Web Portal Manager
Authorization
from
Administrator external PM
Subscriber Policy Layer Subscriber Policy Layer
events
Policy
plane plane plane
DHCP Web Portal / AAA DHCP Web Portal / AAA actions
Server Policy Server Server Server Policy Server Server
Data Control
from
RADIUS RADIUS data
Acc-req RADIUS CoA or SGI plane
Acc-accept Request
Subscriber Subscriber
 Policy Plane determines what actions
 Subscriber is successfully  Service Activation request sent to take on session based on events
authenticated by External Policy Managers via actions *include* applying a service
a RADIUS CoA or a SGI
 RADIUS Response includes Request message  Control Plane ensures actions are
Services and Features to activate taken –i.e. provisions the data plane
on Session (from UserProfile)
 Data Plane enforces traffic conditioning
policies to the session

25. ASR1000 as BNG/ISG
#CiscoPlusCA

26. Broadband Aggregation Architecture
BNG
Content Farm Mobile Core
Subscriber
WiFi Mesh ESE+BNG
GGSN PDN GW HA
VOD TV SIP LNS
Mobile
Access Aggregation Edge IP / MPLS Core
Residential
Core
Aggregation Network
Business MPLS/IP Network
Corporate MPLS /IP
Access Node
ISG
(SP-WiFi)
MSE+BNG

27. ASR1000 BNG/ISG
Deployment models – Subscriber Services
LAC/LNS/ISG
Migration from Legacy Broadband Subscriber auto provisioning
networks – ATM & Ethernet Dynamic service creation
Wholesale and Retail options IPv4 & IPv6-based services
Wireline and Wireless (WiFi)
aggregation
Range of scale for small to HA & ISSU
Large networks
Sub-4K to 64K sessions scale Stateful Intra-chassis
5G to 40G (160G future) redundancy
128K queues In Service Software
1RU to 13RU form-factor Upgrade

28. Why ASR1000 for BNG/ISG?
•Prepaid services, Per subscriber Firewall, Portal integration for self-
Feature richness & services support provisioning, Policy server solutions, Services accounting within a
session, Integrated DPI (by mid-CY11) etc
•Dual-stack subscribers - PPPoE now and IPoE by mid-CY11)
IPv6 Subscriber Support: •IPv6 native sessions with ISG
•IPv6 subscribers tunneled in L2TP
•NAT44 - maximum of 2M NAT sessions
IPv4 Address Exhaust solutions •NAT64 - stateless model now and stateful NAT64 by mid-CY11
•6RD - IPv6 Rapid Deployment tunneling model
•LNS - aggregating the hotspots
•ISG - Managing individual subscriber authentication, services, billing
SP WiFi Aggregation
etc
•NAT - Providing translation for private IPv4 address to public
•PPPoEoA
Legacy Broadband Migration options •PPPoA
•RBE
•LNS
Wholesale Broadband Deployment •PW based backhaul
•RA-MPLS
•HA for PPP, L2TP, AAA
High Availability and ISSU
•HA for IPoE and TCs

29. HLR OCS PCRF CGF
ASR1k in SP Wi-Fi - Today DHCP AAA Portal
Gy Gx Ga
Mobile Home Network Policy
AP Features & Scale – (IOS XE 3.6S)
AP  IPoE Sessions:  Radius CoA Interface
WLC DHCP initiated,  Per-User ACLs
unclassified IP or  IP Session Keep-alives,
MAC-address timeouts
Access Network Policy initiator, Radius- • VRF Transfer
L2 Connected
Proxy initiator • Port Bundle Host Key
AP  L4 Redirect (PBHK)
 Traffic Classes  Stateful inter-chassis
 Postpaid & Prepaid redundancy with HSRP
L2 Switch
AZR Accounting  Max scale: 32k Sessions
L3  Dynamic Rate with ESP40/RP2
ASR1K
ISG Limiting
L3 Connected
 LI
VLAN
AP
AP/CPE Tunnel (L2TP)
LAC
LNS Internet
Residential WiFi

30. SP Wi-Fi Target Architecture HLR OCS PCRF CGF
DHCP AAA Portal
AP
Gy Gx Ga
AP Mobile Home Network Policy
WLC
Access Network Policy
L2 Connected 4G Core
PGW/LMA
AP
L2 Switch
AZR GTP
L3 ASR1K Gn’ GGSN
3G Core
IWAG
L3 Connected
LMA/sGRE agg
AP
AP/CPE
Internet
MAG/sGRE Initiator Target Scale: 128k sessions
Residential WiFi

31. ASR1000 iWAG – Phase 1: IOS XE 3.8S HLR OCS PCRF CGF
DHCP AAA Portal
AP Gy Gx Ga
AP Mobile Home Network Policy
WLC
Access Network Policy
L2 Connected 4G Core
PGW/LMA
GTP
Features: ASR1K Gn’ GGSN
3G Core
IWAG
• L2 Access & AAA Policy
1. EAP - FSOL: Radius Proxy/DHCP
2. TAL - FSOL: Unclassified MAC
3. Web Logon - FSOL: DHCP
• GGSN/LMA selection via AAA attribute Internet
• Overlapping MNO address support with multiple SSID
Scale:
• 32k authenticated

32. ASR 9000 BNG
#CiscoPlusCA

33. ASR 9000 System Portfolio
One Edge System to meet all of your needs
• 240G Line Cards
• From 512K to 2M MACs learned in
Hardware
• From 1.3M to 4M IPv4 prefixes
• From 512k to 2M IPv6 prefixes
• Hyper-Intelligent
• Video buffering for lossless multicast
• In-line video monitoring
• Integrated G.709
• SyncE / IEEE 1588-2008 PTP timing
• Tunneling services optimized
ASR 9001 ASR 9006 ASR 9010 ASR 9922
2 RU 6 slots (¼ rack) 10 slots (½ rack) 22 slots (fullrack)
LC / Chassis 2 IO Slots 4 LC + 2 RSP 8 LC + 2 RSP 20 LC
Max Bandwidth / Slot 440G 440G 1.2TB
BW / Chassis 240 Gb 3.2 Tb 6.4 Tb 48 Tb
Double your system capacity by upgrading any ASR 9000 product to an ASR 9000 nV System

34. Route Switch Processor 440
• More than 2x boosted System Capacity
• 220Gbps FDX per Slot (220G in + 220G out)
• Fully compatible and supported on all existing chassis types
(9006 & 9010)
• Ultra High Speed Control Plane Multi-Stage Switch-fabric
• MultiCore Intel CPU (Nehalem Class) System Design
• Huge Scale through High Memory option
• 12GB Memory at FCS for -SE version
• Time and Synchronization
• IEEE 1588 v2 PTP support
• GPS ToD
• BITS
• Dedicated Virtualization Cluster EoBC 10GE ports on-board
Linecard w/ Redundant Linecard w/
Ultra High Capacity NextGen Ultra High Capacity
Fabric Access Switch Fabric Fabric Access
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35

35. ASR 9000 BNG: IPoE Sessions
RADIUS IPoE sessions
• 1G and 10G ports
• Support for LAG
IPoE CPE • Logical (dot1q or QinQ) interfaces with ambiguous vlan
Routed definition
Residential • Configurable on 1:1 and N:1 relationships betw/VLAN
and IPoE Session
A • DHCP based Discovery and packet based triggers
• Session lifecycle based on DHCP Lease Tracking and
STB Split Lease
Residential GPON • authentication methods
MSAN
VDSL • Transparent : NAS port
IPoE
– DHCP Option 82
sessions
STB
– DHCP Option 60
IPoE CPE – vlan encap
Bridged • Web Based with HTTP redirection
• Forwarding model can be Native IP, MPLS ans L3VPN
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36

36. ASR 9000 BNG: PPP and IP/DHCP
Enabling Smooth Coexistence
 Coexistence of PPPoEoE and IP/DHCP RADIUS DHCP Portal
based subscribers on same Ethernet
interface
 Enables step-wise migration
 Unified Session management
provide seamless management RADIUS / AAA
push/pull
 RADIUS based methods to authenticate Per Sub/Service
Accounting
and account IP/DHCP based subscribers
Self-pro-
 NAS port visioning
/ Selfcare
 DHCP Option 82
PPPoEoE HTTP-R
 DHCP Option 60
IPoE
 DHCP Proxy IP/DHCP Session Flexibility Internet
 IP based and VLAN based DHCP Subscriber
Sessions
sessions enable support for 1:1 and
N:1 VLAN models
IP address Mgt.
DHCP Proxy
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37

37. BNG and CGN NAT44 on ISM
ingress LC ISM egress LC CGN supported
at full session
scale
Inside Outside
VRF VRF
Private IPv4 Interface
Public IPv4
Subscribers AppSVI ISM AppSVI VLAN
Subscriber session ISM performs Translated
traffic sent to ISM translation and subscriber’s traffic
through VRF mapping forward packet forwarded on
or ABF into outside VRF interface in outside
VRF
Compliant with standard NAT behaviors (RFC4787, RFC5382, RFC5508)

38. ASR 9000 nV (Network Virtualization) Technology
Simplify operations & scale
ASR 9000 “nV System”
ASR 9000 Simplify Operations
Cloud Reduce overall TCO
nV Integrated A to Z
Management
Network
Multi-dimensional
nV Scale
Client
System and services scale
ASR ASR
9000v 9000v Increased Service
Velocity
Quickly deploy new services

39. BNG Satellite + Cluster
• Geo-redundant Dual Homing
• High Availability
MSAN nxGE ASR 9000 ASR 9000 • Huge 1GE Fan-out toward DSLAM
VDSL
BNG nV Distribution
• Single-Chassis-like look & feel and
Home Satellite
Management of Cluster Members
and Satellite
Core
• Increase capacity
• Satellites appear like ASR 9000
Linecards
• Simplified topology, No Spanning
tree/MC-LAG or other L2
redundancy protocols needed
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42

40. Creating an ASR 9000 Virtual System with nV Technology
Enables a self protected, self managed ASR 9000 virtualized system
Third-Party
Services/ Content
Control
plane
Virtualized Control & Data Plane
Remote Data
plane Inter-chassis Connections
ASR 9K
Control
Series Core
plane 0 1
Activ Standb Activ Standb
Remote Data e y e y
plane RSP RSP RSP RSP
Edg
L L L L L L L L
e C C C C C C C C
Remote nodes are viewed as linecards and
remote platforms are discovered automatically. Aggregat
ion
Remote nodes are provisioned by the host. Virtualized control plane achieved via EOBC between
RSP’s provides hitless outage upon node failure.
Software images for remote nodes can be Acce
upgraded automatically and features are in sync. ss Virtualized data plane achieved through linecard inter-
chassis connections.
A self-managed access is created allowing scale
to be decoupled from a single platform. A self-protected virtual chassis is created doubling the
system capacity.

41. BNG nV Edge – Distributed Architectures
BNG on Aggregation – Access Node Dual Homing
LAG
Agg. Dist.
LAG Act. H1-A
H1-B
A1 D1
Core
H2-A
Stb.
H2-B
A2 D2
• single access bundle (LAG) for Access • single access subnet to subscriber
Node dual homing – Single subscriber subnet advertised toward
core (minimizes subnet fragmentation
– Active/Standby member link, OR issues)
– Source based (US), Destination based – No split subnets
(DS) loadbalancing – No host route advertisement
– No MC-LAG, PADO delay (PPPoE), • stateful failover
Access redundancy protocol – no session re-establishment on node failure
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44

42. BNG nV Edge – Centralized Architectures
Announce all
Subscriber IP
Address Pools
ASR 9000
LAG Agg. Dist. LAG
or other Virtual Cluster
Act./Stb.
method
Act. Act. Act. H1-A
Stb. Stb.
A D R H1-B
1 1 0
MC-LAG MC-LAG
Core
Act. H2-A
Stb. Stb.
A D R H2-B
2 2 1
Announce all
Subscriber IP
Address Pools
• Upstream Core routers perform Flow all traffic to a given subscriber will end
Based ECMP on a single chassis
• Since only one link per LAG is active, • Subscriber SLA integrity is kept
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45

43. BNG nV Edge – Centralized
Architectures Failover and Packet Flow Announce all
Subscriber IP
Address Pools
ASR 9000
LAG Agg. Dist. LAG
or other Virtual Cluster
MC-LAG MC-LAG
Act./Stb.
method
Act. Stb. H1-A
Stb. Act.
A D R H1-B
1 1 0
Core
Stb. H2-A
Act. Act.
A D R H2-B
2 2 1
Announce all
Subscriber IP
Address Pools
• Upstream Core routers perform Flow traffic to a given subscriber will end up
Based ECMP on a single chassis
• Since only one link per LAG is active, all • Subscriber SLA integrity is kept
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46

44. BNG Satellite – Low Total Cost of Ownership
• Huge 1GE Fan-out toward
DSLAM
MSAN ASR 9000
nxGE ASR 9000
VDSL
BNG nV Distribution • Auto detect and provisioning
Home Satellite between nV Host and Satellites
• Satellites appear like ASR 9000
Core Linecards, same features and
consistency
• Single image upgrade
• Simplified architecture
ASR 9000v ASR 903 ASR 901
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47

45. Q&A
#CiscoPlusCA

46. We value your feedback.
Please be sure to complete the Evaluation Form for this session.
Access today’s presentations at cisco.com/ca/plus
Follow @CiscoCanada and join the #CiscoPlusCA conversation

47. ISG’s Subscriber Identification
AAA Policy Portal DHCP
A construct in
Cisco IOS that
Aggregation Internet/Core represents
subscriber
ISG subscriber session: created at First Sign Of Life (FSOL)
N:1 relationship between session and interface
FSOL
PPP Sessions PPP call request
Received Packet w/ unknown IP or MAC source
address IP or MAC initiated IP session
IP Session DHCP Discover DHCP initiated IP session
RADIUS Request RADIUS initiated IP session