Extreme Networks Confidential and Proprietary
Extreme Networks Metro Solutions
Olaf HagemannSenior Network [email protected]
© 2005 Extreme Networks, Inc. All Rights Reserved
Triple Play Solutions GmbH Lab Oct. 2005 in Munich-Dornach
http://www.tp-alliance.net http://www.triple-play-solutions.com
Triple Play ISP / Metro Solution:
Voice,Video, Data• Core Router Solution
• Backbone Switching Solution
• Aggregation Switching Solution
• CPE´s Solution
• Hotspot Solution
• Headend Solution
• Security Solution
• Content Solution
• Migrations Solutions
• Special Customer Solutions
• Pipe / Cabel / Shelter Solution
• 48 V / USV / Clima Solution
• etc.
TP-Allianceone World goes Online
TP-Alliance a network for us and our child's future
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Standards LeadershipIndustry Affiliations
802.1ad/ah Provider Bridging• Steve Haddock 802.1 – 802.3 Liaison
802.3 Ethernet • 802.3z Gigabit Ethernet
Editor, Steve Haddock• 802.3ad link aggregation
Chair, Steve Haddock• 802.3ae 10 Gigabit Ethernet
Co-Chair, Steve Haddock• 802.3ah Ethernet in the First Mile
Standards Bodies
Craig Easley, Director
Craig Easley, President
Tony Lee, former Chairman
RFC 3619 Ethernet AutomaticProtection Switching EAPS
© 2005 Extreme Networks, Inc. All Rights Reserved
Produktportfolio for ConvergenceBlackDiamondBlackDiamond
FamiliyFamiliy
Alpine Alpine FamiliyFamiliy
Summit Summit FamiliyFamiliy
Alpine 3808
Alpine 3804
Alpine 3802
POE
POE
POE
Summit7i
Summit1i
Summit5i
Summit 200-24
Summit 200-48
Summit48si
High Density Gig to Edge10/100/1000
10 Gig E Uplinks
Fixed Port100/1000 BASE-TX
1000 BASE-SX/LX/ZX
Value Solutions10/100 BASE-T
1000 BASE-SX/LX/ZX
BD 6804
BD 6808
BD 6816
BD 10K
New !BlackDiamond 8810
(former Aspen)
POE
SecuritySecurity
Sentriant 1
Summit X450t und X450x
New !
New !
POE
Summit 400-24t und 24pNew !
XOS
XOS
XOS
WIRELESSSummit 300 (24/48)
Summit 400-48t
Intrusion Prevention / Virtual Security Resource
WIRELESSSummit WM-Series
New !
© 2005 Extreme Networks, Inc. All Rights Reserved
ExtremeWare Device Management
Community string
RS-232, Telnet,SSH2 HTTP SNMP v1/v2c/v3
Command Line Interface
ExtremeWare Vista
EPICenterManager
Access Lists; encrypted pword/comm string; conf logging
Radius (incl. Per command)Username/password database
© 2005 Extreme Networks, Inc. All Rights Reserved
What’s Carrier Ethernet ?
Quelle:
Scalability• Services and
Bandwidth• 100,000’s of EVC’s• From Mbps to
x10Gbps
Protection• 50ms Protection• End to End Path Protection• Aggregated Line & Node Protection
Hard QoS• Guaranteed end to end SLA• End to End CIR and EIR• Business, Mobile, Residential
TDM Support• Seamless integration of TDM• Circuit Emulation Services• Support existing voice applications
ServiceManagement• Fast service creation• Carrier class OAM capabilities• Customer Network Management (CNM)
CarrierEthernetCarrier
Ethernet
© 2005 Extreme Networks, Inc. All Rights Reserved
Policy-Based QoSTraffic Grouping Classification + QoS Profile => Policy• Classifications: L1-L4 information, WINS username (using EEM and DLCS), Observe and/or
overwrite 802.1p and IPDiffServ packet markings. • QoS Profile: Determines Bandwidth Management (e.g. Min. Bandwidth %; Max Bandwidth
%; priority). Option for Random Early Detection.• Layer Independent QoS: Use of Layer 3 & 4, IP DiffServ info without routing;
PacketsPacketsININ
Classification QoS Profile (configured queue)
•• Ordered HierarchyOrdered Hierarchy•• Layer 1,2,3,4, .1p, IP Layer 1,2,3,4, .1p, IP
DiffServ packet infoDiffServ packet info0% Min/100% Max0% Min/100% Max
Qp1 Qp1 -- Best Effort TrafficBest Effort Traffic
Layer 4Layer 4 Layer 3Layer 3 Layer 2Layer 2 Layer 1Layer 1
PacketsPacketsOutOut
5% Min/100% Max5% Min/100% Max
QpXQpX -- Essential TrafficEssential TrafficLayer 4Layer 4 Layer 3Layer 3 Layer 2Layer 2 Layer 1Layer 1
=Policy
Low PriorityLow Priority
Higher PriorityHigher Priority
PacketPacket
PacketPacket
© 2005 Extreme Networks, Inc. All Rights Reserved
Scalable and Available Unix based Operating System
Modularity Availability and scale• Memory protection
• Process Monitoring and Restart
• Dynamic module loads (e.g. SSH2, SCP2)
Expensibility and open-ness New features faster
• POSIX APIs gives a great starting point for new code
• TCL and scriptable CLI enable easier management
• Configurable CLI
• XML Internal configuration representation
Security • ClearFlow
• Denial of Service Detection and Prevention
• Hooks for Interactive Threat Containment
Hardware Abstraction Layer
Hitless Failove
r
Hitless Failove
r
Device Drivers & Network Interfaces
MgmtMgmt
TCP/IP v4 & v6
TCP/IP v4 & v6
Virtual RoutingVirtual Routing System
LibrariesSystem
Libraries
Device ManagementDevice Management Routing Routing SecuritySecurity
XML
Monitoring
Communications
Security
© 2005 Extreme Networks, Inc. All Rights Reserved
ExtremeWare XOS,Tested by Tolly Group
Key Findings of Tolly Group:Modularity has benefits:• Extensible OS• Higher network availability• Dynamically add functionality
Process recovery:• Higher network availability• No single process can take down the system
XOS ACL’s:• Wirespeed ACL forwarding• Dynamic ACL editing• Precise wirespeed “accounting” on matching ACL
Virtual Domains:• Ability to collapse multiple L3 switches on one device• Flexibility to support overlapping IP addresses
White Paper January 2005
© 2005 Extreme Networks, Inc. All Rights Reserved
EVC1
CE-VLAN CoS 6
CE-VLAN CoS 4
CE-VLAN CoS 2
EVC2
UNI
EVC3
Ingress ProfilePer COS ID 6Ingress ProfilePer COS ID 4Ingress ProfilePer COS ID 2
Speed- Ethernet Interface rates:10 MB,100MB,1GB, 10GB- Increments
Service Performance Parameters- Apply per-COS ID- Frame delay, Jitter, Loss
Class Of Service (COS)- Per Port: All EVCs at UNI- Per COS ID
Bandwidth Parameters- Potentially apply per UNI, EVC, or VLAN ID- CIR, CBS, PIR, PBS
UNIEVC3
EVC2
EVC1Ingress BWProfile perIngress UNI
UNIEVC3
EVC2
EVC1
Service Level Agreements- Built around bandwidth &
performance parameters
Source: Based on Metro Ethernet Forum material
Pain Point: Ethernet Provisioning Complexity
SPs needs multi-vendor, multi-technology provisioning of:
E-Line services (Point to Point)Private line, and Virtual private line
E-LAN services (Multipt to Multipt)Private LAN, and Virtual private LAN
Ingress BW ProfilePer EVC1
Ingress BW ProfilePer EVC2
Ingress BW ProfilePer EVC3
MEF Compliance
Quelle:
© 2005 Extreme Networks, Inc. All Rights Reserved
Advanced Traffic Management Engine
Bi-directional (ingress and egress) rate limiting• On egress, “phantom” scheduling is supported to distribute unused
bandwidth to other customers
3-tiered hierarchical rate limiting1. Per application (up to 8 apps per customer)
2. Per customer (up to 4K per 10Gig link / 32K customer in total)
3. Per physical port (up to 160 = 2 * 80-port)
Packet Classification• Any data field can be used to classify the packet (in 4GNSS
programmable packet processor = Cartman)
© 2005 Extreme Networks, Inc. All Rights Reserved
QoS Characteristic
Dual Rate Limiter2K Limiters per Physical Port
8 Limiters per Ingress Service ID
1GbE Port
Dual Rate Limiter4K Limiters per Physical Port
8 Limiters per Ingress Service ID
10GbE Port
3rd Level (Physical Port)2nd Level (Customer ID)1st Level (Application CoS)
Dual Rate Limiter400 Limiters per Physical Port
8 Limiters per Egress Service ID
1GbE Port
Dual Rate Limiter4K Limiters per Physical Port
8 Limiters per Egress Service ID
10GbE Port
3rd Level (Physical Port)2nd Level (Customer ID)1st Level (Application CoS)
Ingress Limiting / MAX 180K limiters per Chip
Egress Limiting / MAX 288K limiters per System
1st Level 2nd Level 3rd Level
© 2005 Extreme Networks, Inc. All Rights Reserved
Egress QoS “Queue”
Ingress and Egress3-tier Hierarchical Rate Limiting
3rd level Limiter
(Port CIR/PR)
1st level Limiter
(Application CIR)
Port #1.1
App #1
App #2
App #8
App #3
2nd level Limiter
(Customer PR)
CIR
PR
Customer #A
CIR
PR
CIR
PR
QP #1
App #1
App #2
App #8
App #3 Customer #B
App #1
App #2
App #8
App #3 Customer #B
QP #2
QP #3
QP #8
Rate Limiting
Rate Shaping / Prioritization
Only applicable to Egress control
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme: Ingress and Egress Strict Queuing
I/O Module
Backplane Switching Fabric
Low Priority Traffic High Priority Traffic
Low Priority Traffic
From other I/O modules or ports
1. With Ingress Strict Queue Enforcement, Priority Traffic will always be guaranteed bandwidth when congestion occurs on the
backplane
2. In addition, Priority Traffic will continue to get enforced on the
Egress
© 2005 Extreme Networks, Inc. All Rights Reserved
Carrier Ethernet Protection
Quelle:
Scalability• Services and
Bandwidth• 100,000’s of EVC’s• From Mbps to
x10Gbps
Protection• 50ms Protection• End to End Path Protection• Aggregated Line & Node Protection
Hard QoS• Guaranteed end to end SLA• End to End CIR and EIR• Business, Mobile, Residential
TDM Support• Seamless integration of TDM• Circuit Emulation Services• Support existing voice applications
ServiceManagement• Fast service creation• Carrier class OAM capabilities• Customer Network Management (CNM)
CarrierEthernetCarrier
Ethernet
© 2005 Extreme Networks, Inc. All Rights Reserved
Protecting the Network
Detection of anomalies Extreme’s CLEAR-Flow:• is an ASIC-based technology built into our 4GNSS chipset
• examines the first 120 bytes in every packet, on every port, of a 4GNSS switch
• enables discovery of anomalous traffic even in 10 gig core networks
Rate limit traffic and alert a network administrator
Block traffic automatically
Send suspicious traffic for analysis by an IPS
X
X
© 2005 Extreme Networks, Inc. All Rights Reserved
Implications for Day-Zero attacksA
ttack
Tra
ffic
(pac
kets
/sec
)A
ttack
Tra
ffic
(pac
kets
/sec
)
TimeTime
Focus so far is postFocus so far is post--attack mitigation …attack mitigation …
Suspicious Suspicious ActivityActivity
PrePre--Attack Attack
Rapidly Propagating Infection Rapidly Propagating Infection (Under Attack)(Under Attack)
Mitigation Mitigation (Manual)(Manual)
Find TargetsFind Targets Infect TargetsInfect Targets
© 2005 Extreme Networks, Inc. All Rights Reserved
Smarter AlternativeA
ttack
Tra
ffic
(pac
kets
/sec
)A
ttack
Tra
ffic
(pac
kets
/sec
)
Detect & mitigate Detect & mitigate before attack is before attack is
launchedlaunched
Find Targets ..Find Targets ..
•• Detect Suspicious BehaviorDetect Suspicious Behavior
•• Identify Threat Source(s)Identify Threat Source(s)
•• Automate Mitigation Automate Mitigation
Extreme Security SolutionsExtreme Security Solutions
TimeTime
© 2005 Extreme Networks, Inc. All Rights Reserved
CLEAR-FlowFirst order threats that can be mitigated
Smurf attack
Ping of death
Ping sweep
Ping flood
Port sweep
TCP Flood (Syn, Syn-Ack, Ack, Fin, Xmas, Rst)
Syn attack: RFC-2827
Denial of ServiceAttacks
Login services
RPC, NFS
File sharing
X windows
Name services
Mail services
Web services
ICMP messages
Flood attacks against well know port numbers
…
© 2005 Extreme Networks, Inc. All Rights Reserved
Virtual Router BD10k
Layer 3 Virtual Switch #1Layer 3 Virtual Switch #1
Subnet 1Subnet 1 Subnet 2Subnet 2
Subnet 1Subnet 1
Subnet 2Subnet 2
VLAN 1VLAN 1 VLAN 2VLAN 2
Layer 3 Virtual Switch #2Layer 3 Virtual Switch #2
Layer 2 Virtual Switch #1Layer 2 Virtual Switch #1
Virtual Switches provide isolated route tables and traffic
Overlap IP address spaces initially• VLAN spaces (vlan ID´s) in a future release
Benefits: Collapse / simplify networks without compromise• Security: Total isolation between users on different Virtual Switches
• Availability: If one virtual switch is attacked, others will be unaffected
© 2005 Extreme Networks, Inc. All Rights Reserved
Protecting the Network: Illustration
Measure
Analyze
- Pre-Filter Data- Maintain Counters- Sample Flows- ID Traffic bursts- ID State Changes
- Baseline normal behavior- Identify anomalies- Generate alerts
Respond- Shutdown Hosts- Shutdown Ports- Initiate detailed monitoring- send data to mirror port- Throttle large movements of data
Enforce- Deep & Extensive ACLs- Rate Limiting- Traffic Marking
Analysis Engine
CLEAR-Flow for Interactive Threat Containment
© 2005 Extreme Networks, Inc. All Rights Reserved
EAPSEthernet Automatic Protection Switching
Proven sub-50ms failover timesFeatured on all Extreme product linesDesigned for Carriers/ISP – Required for
Convergence in the Enterprise
© 2005 Extreme Networks, Inc. All Rights Reserved
EAPS v2: redundant ring connections
Avoids „super loop“ problem if a common link betwenn 2 EAPS rings fails„health-check“ pakets between „controller“ and „partner“If common link fails, the controller blocks all but one port, the „active open“ port
S8
S6
S67
P S
Master Switch
S1
S3
S2
P S
Master Switch
S4
S5EAPS Domain 1 EAPS Domain 2
Shared PortsController
Partner
Common Link
© 2005 Extreme Networks, Inc. All Rights Reserved
Carrier Ethernet Management
Quelle:
Scalability• Services and
Bandwidth• 100,000’s of EVC’s• From Mbps to
x10Gbps
Protection• 50ms Protection• End to End Path Protection• Aggregated Line & Node Protection
Hard QoS• Guaranteed end to end SLA• End to End CIR and EIR• Business, Mobile, Residential
TDM Support• Seamless integration of TDM• Circuit Emulation Services• Support existing voice applications
ServiceManagement• Fast service creation• Carrier class OAM capabilities• Customer Network Management (CNM)
CarrierEthernetCarrier
Ethernet
© 2005 Extreme Networks, Inc. All Rights Reserved
“EPICenter” OverviewProduct focus: Network / Device Monitoring, Element Management
Inventory Manager with Network DiscoveryVLAN ManagerExtremeView SystemReal-Time StatisticsIP/MAC Address FinderAdministration ToolTopological Discovery with Display MapAlarm System with Configurable AlarmsConfiguration Management ESRP ApplicationEPICenter Report SystemExportable databaseConfigurable Functionality
© 2005 Extreme Networks, Inc. All Rights Reserved
“EPICenter Policy Manager”
Functionality upgrade to EPICenter• License key only
• Enables two additional applets: Policy and VoIPConfig
QoS policy configuration• One switch or group of switches
• Automatic policy synchronization
Security Policies• User based dynamic policies
• Network Login / 802.1x
VoIP Configuration• Assists in QoS configuration for VoIP traffic
Directory-enabled deployment• Windows Domain Integration
• Active Directory, LDAP, NIS
© 2005 Extreme Networks, Inc. All Rights Reserved
Converged Network Analyzer (CNA)VoIP Monitoring & Resolution for Extreme Networks
Extreme Switches provide QoS on the LAN
CNA Server Appliance • Find QoS problems with CNA
• Fix WAN problems by re-routing calls over high quality WAN links
CNA Agent client monitoring software- embedded in:• Extreme XoS- based switches (BD10K, BD8810, Summit 450)
• External box for non-Extreme or supported equipment
Extreme Switch
IV Network Management Station
Overall Network Topology View
CNA Server
CNA Agent
Test Request
Test Result SNMP
Trap
WANRouter
IBM xSeries 306/336Third Party Switch
CNA Agent
© 2005 Extreme Networks, Inc. All Rights Reserved
CNA Dashboard: Managing applications in the Operations Center
Application performance(e.g., VoIP, VPN, VoD, IPTV)
Urgentproblems
Rescuedusers
User experience and application availability
© 2005 Extreme Networks, Inc. All Rights Reserved
sFlow Traffic Analysisone part of the Clearflow functionality
Protocol for traffic accounting:• Usage-based billing
• Baselining
• Troubleshooting
• Security (Attack Identification)
Defined in RFC 3176
Similar to Netflow• But takes samples and extrapolates network traffic profile
SwitchingEngine
1 in N sampling
packet header src/dst i/f sampling parms forwarding user ID URL i/f counterssFlow agent
forwarding tables
interface stats/counters
sFlow Datagram
eg 128B ratepool
src 802.1p/Qdst 802.1p/Qnext hopsrc/dst maskAS pathcommunitieslocalPref
src/dstRadiusTACACS
sFlow Collector & Analyzer
Network
© 2005 Extreme Networks, Inc. All Rights Reserved
IP Mediation – Web Services
(1) Network connections from the m obile network to PSDN / Internet
(2) Subscriber look up for unique identification of the subscriber using IP network session inform ation
(3) Network session events
- End of user session (Start of user session)
- CSTM service ended (started)
All services to be inspected by the traffic m onitor are reported to tecControl, e.g. web browsing, MMS, IP telephony incl. start time, end time, service type, data volum e.
Access to the serv ice is always granted.
(4) Rated call records in real tim e
The reported service events are m apped to call records, rated depending on service type, duration andvolum e and transferred to the billing server.
Depending on the service, content specific information is available and used for rating purposes, e.g. tooverwrite volum e or duration of the CDR for processing in the billing server.
(5) N.A.
(6) tecControl adm inistration, configuration, m aintenance
MSP
Billing Server
AAA server
GUI (3)
Switches
(4a)
(5)
(1c)
CRM
(4b)
(6) (2)
© 2005 Extreme Networks, Inc. All Rights Reserved
IP Mediation – VoIP
(1) Network connections from the mobile network to PSDN / Internet
(2) Subscriber look up for unique identification of the subscriber using IP network session information
(3) Network session events
- End of user session (Start of user session)
- CSTM service ended (started)
All services to be inspected by the traffic monitor are reported to tecControl, e.g. web browsing, MMS, IP telephony incl. start time, end time, service type, data volume.
Access to the serv ice is always granted.
(4) Rated call records in real time
The reported service events are mapped to call records, rated depending on service type, durationand volume and transferred to the billing server.
Depending on the serv ice, content specific information is available and used for rating purposes, e.g.to overwrite volume or duration of the CDR for processing in the billing server.
(5) N.A.
(6) tecControl administration, configuration, maintenance
(3)
SIP server (for proxy, registrar, redirect, location funct.)
(1a)
(6)
(3)
AAA server
MSP
Billing Server
GUI
(5)
(4a) CRM
(4b)
(2)
© 2005 Extreme Networks, Inc. All Rights Reserved
Seamless Real-Time and Historical Drilldown for SLAs
Drill--Downto technical details
Service Level Violation
Service
Customer
Resources Supportingthe Service
© 2005 Extreme Networks, Inc. All Rights Reserved
Open integration with Fault Management tools
Easy High-resolution, Real-time Analysis
Performance Analysis and Early Warning System
API / SNMP / XML
Performance Problem
Identification
Performance Problem
Identification
1 : Performance Notifications
Faults & up/down status
Trouble TicketingTrouble Ticketing
Event ManagementEvent Management
CRMCRM
appsapps serversservers
networks, systems, applications
2 : Access to performance reports
Directory
Domain Controller
EPI CenterPolicy Manager
EPI CenterPolicy Manager
Switch Analyses, Reporting, Policies
SNMP ConnectionCNAServerCNA
Server
LDAP
Faults and Performance Notifications
© 2005 Extreme Networks, Inc. All Rights Reserved
Carrier Ethernet TDM Support
Quelle:
Scalability• Services and
Bandwidth• 100,000’s of EVC’s• From Mbps to
x10Gbps
Protection• 50ms Protection• End to End Path Protection• Aggregated Line & Node Protection
Hard QoS• Guaranteed end to end SLA• End to End CIR and EIR• Business, Mobile, Residential
TDM Support• Seamless integration of TDM• Circuit Emulation Services• Support existing voice applications
ServiceManagement• Fast service creation• Carrier class OAM capabilities• Customer Network Management (CNM)
CarrierEthernetCarrier
Ethernet
© 2005 Extreme Networks, Inc. All Rights Reserved
TDM ready - ExtremeWare XOS and P-ASICs
Open architecture with UNIX-like scale and availability
• Memory protection
• Hitless software migration
• Flexible configuration management based on XML with scriptable CLI
Highly resilient• Virtual Router Architecture
• Process Monitoring and Restart
Extensible• New features to market – faster!
Infrastructure for the intelligent network
• Distributed processing both inside and outside of the box
Highly Availabile• Memory protection
• Hitless failover
• Module upgrades
• Virtual Router Architecture
• Process Monitoring and Restart
Extensible• Flexible configuration management and
APIs based on XML with scriptable CLI
• Dynamic loading of extensions
• New features to market – faster!
Future Proof• Scalable through modularity and HAL
• Device management via XML, …
© 2005 Extreme Networks, Inc. All Rights Reserved
Supporting Business Services
MetroMetroCarrier EthernetCarrier Ethernet
IPIP
MetroMetroCarrier EthernetCarrier Ethernet
MetroMetroCarrier EthernetCarrier Ethernet
Any-to-any Layer 2 VPN to interconnect multiple locations transparently and effectively (with high and guaranteed bandwidth)
Supporting the convergence of data and voice
Branch
ISP
Nationwide/GlobalNationwide/GlobalCarrier EthernetCarrier Ethernet
Branch
BranchBranch
HQ
Internet
EE--LANLAN
© 2005 Extreme Networks, Inc. All Rights Reserved
MPLS TLS: Simplifying Provisioning
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
SwitchSwitch
Customer Site A
802.1Q Tag500
Customer Site B
802.1Q Tag500
Switch
Switch
SwitchSwitch
Switch
Switch
SwitchNEW
Customer Site C
• Example Network; a customer has 2 sites in a TLS network, and wants to add an additional site.
• Before adding the site, 4 switches must be configured with his 802.1Q tag (500).
© 2005 Extreme Networks, Inc. All Rights Reserved
MPLS TLS: Simplifying ProvisioningTransport Layer Security
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
SwitchSwitch
Customer Site A
802.1Q Tag500
Customer Site B
802.1Q Tag500
NEWCustomer
Site C802.1Q Tag
500
Switch
Switch
Switch
• How many switches must be reconfigured when the additional site (Site C) is added?
• A TOTAL OF 9 SWITCHES MUST BE RECONFIGURED – IN THIS SMALL NETWORK ( Hub and Spoke Mode )
© 2005 Extreme Networks, Inc. All Rights Reserved
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
SwitchSwitch
Customer Site A
Customer Site B
Switch
Switch
Switch
NEW
vMAN
vMAN: Simplifying Provisioning
vMAN
vMAN
vMANvMAN
Customer Site C
• Example Network; a customer has 2 sites in a vMAN network, and wants to add an additional site (Site C).
• Before adding the site, only 2 switches must be configured with vMANconnecting Site A and Site B.
© 2005 Extreme Networks, Inc. All Rights Reserved
vMAN: Simplifying Provisioning
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
SwitchSwitch
Customer Site A
802.1Q Tag500
Customer Site B
802.1Q Tag500
NEW Customer Site C
802.1Q Tag500
Switch
Switch
Switch
• How many must be reconfigured when the additional site (Site C) is added?
• Only with one config Line for vMAN Setup on all Switches and another one for the 802.1Q Tag on the Site C Switch.
© 2005 Extreme Networks, Inc. All Rights Reserved
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
SwitchSwitch
Customer Site A
Customer Site B
Customer Site C
NEW
Switch
Switch
Switch
• How many switches must be reconfigured when the additional site (Site C) is added? Now just the LERs must be reconfigured.
• Only 3 MPLS switches must be reconfigured; other nodes require no configchange but it is normal a Multicast Protocol.
• RSVP-TE SIGNALING SETS UP LSP ON LSR’s ( Full Meshed Mode )
LSP Site A to Site BLSP Site A to Site C
LSP Site B to Site C
MPLS RSVP-TE: Simplifying ProvisioningResource Reservation Protocol - Traffic Extension RFC3209
Rate limiting can be done at ingress, and RSVP-TE “reserves” bandwidth for the LSP, and ensures no oversubscription.
LSP = label switched paths
© 2005 Extreme Networks, Inc. All Rights Reserved
Supporting Transport for IP Network
MetroMetroCarrier EthernetCarrier Ethernet
MetroMetroCarrier EthernetCarrier Ethernet
MetroMetroCarrier EthernetCarrier Ethernet
Nationwide/GlobalNationwide/GlobalCarrier EthernetCarrier Ethernet
IPIPIPIP
IPIP
IPIP
IPIP
IPIP
IPIP
IPIP IPIP
IPIP
IPIP
IPIP
E-LAN connections among routers• Any logical IP topology, multiple EVC’s of a single physical interface
It supports all business IP services, from IP VPN to Internet access
R R
R
R
R
R
R
R
R
R
R
RIP NetworkIP Network
Using Carrier EthernetUsing Carrier Ethernetas the Transport Layeras the Transport Layerwith MPLS and EAPS with MPLS and EAPS
NationwideNationwideandand
EAPS with EAPS with vMANvMAN in the in the Metro Metro
Layer3 Switch:vMAN pro Port or
vLAN pro Port50ms Failover
Layer3 Switch:MPLS / vMAN50ms Failover
© 2005 Extreme Networks, Inc. All Rights Reserved
Supporting TV Distribution Service
MetroMetroCarrier EthernetCarrier Ethernet
MetroMetroCarrier EthernetCarrier Ethernet
MetroMetroCarrier EthernetCarrier Ethernet
Nationwide/GlobalNationwide/GlobalCarrier EthernetCarrier Ethernet
IP DSLAMIP DSLAM
IPIP
IPIP
IPIP
IPIP
IPIP IPIP
Video Source
Video Source
1. Multicast tree(s) is(are) established with QoS guaranteed
2. Subscribers (the Set-Top-Box) sends request for a channel
3. Carrier Ethernet filters, only replicates and forwards the requested channel to the subscribers with IGMP Snooping
Subs
crib
ers
4. Video source protection and network protection are set up automatically between the HE and CPE
L2 DSLAML2 DSLAM
IP DSLAMIP DSLAM
IP DSLAMIP DSLAM
IP DSLAMIP DSLAM
L2 DSLAML2 DSLAM
IPIP
© 2005 Extreme Networks, Inc. All Rights Reserved
Supporting VoD Service
MetroMetroCarrier EthernetCarrier Ethernet
MetroMetroCarrier EthernetCarrier Ethernet
MetroMetroCarrier EthernetCarrier Ethernet
Nationwide/GlobalNationwide/GlobalCarrier EthernetCarrier Ethernet
IP DSLAMIP DSLAM
IPIP
IPIP
IPIP
IPIP
IPIP IPIP
1. An E-LAN connection is established between DSLAMs and VoD servers2. Subscribers (the Set-Top-Box) sends request to RSM for a movie3. RSM finds/informs the best VoD server, acknowledge subscribers of such4. The subscriber establishes session with VoD and Command server respectively
L2 DSLAML2 DSLAM
IP DSLAMIP DSLAM
IP DSLAMIP DSLAM
IP DSLAMIP DSLAM
L2 DSLAML2 DSLAM
IPIP
Resource & Subscriber Manager (RSM)
VoD server
Command Server
IPIP
IPIP
IPIP
E-LAN
Subs
crib
ers
IPIP
© 2005 Extreme Networks, Inc. All Rights Reserved
Supporting VoIP Service
MetroMetroCarrier EthernetCarrier Ethernet
MetroMetroCarrier EthernetCarrier Ethernet
MetroMetroCarrier EthernetCarrier Ethernet
Nationwide/GlobalNationwide/GlobalCarrier EthernetCarrier Ethernet
IP DSLAMIP DSLAM
IPIP
IPIP
IPIP IPIP
L2 DSLAML2 DSLAM
IP DSLAMIP DSLAM
CPECPE
IPIP
IPIP
IPIP
IPIP
CPECPE
CPECPE
1. An E-LAN connection is established between WAN routers to build an IP WAN2. An E-LAN connection is established between the DSLAMs/CPEs and the IP PoP in each metro3. Caller contacts the SIP Proxy server in order to find the IP address of the called party4. Caller establishes session with the called party through E-LAN connection
E-LAN
IP WAN
Location Server
SIP ProxyServer
IPIP
Subs
crib
ers
© 2005 Extreme Networks, Inc. All Rights Reserved
Carrier Ethernet StandardsProtection• MEF 2 – Ethernet Protection • MEF 4 – Architecture Framework
Quelle:
CarrierEthernetCarrier
Ethernet
Hard QoS• MEF 6 – Service
Definition• MEF 10 – Service
Attributes
Scalability• MEF 9 – UNI Testing• MEF 11 – UNI Framework
ServiceManagement• MEF 7 – EMS and NMS Info Model
TDM Support• MEF 3 – CES Framework• MEF 8 – CES Implementation
© 2005 Extreme Networks, Inc. All Rights Reserved
MetroMetroCarrier EthernetCarrier Ethernet
MetroMetroCarrierCarrierEthernetEthernet
Metro Metro Carrier Carrier EthernetEthernet
The New MEF Network Architecture
BusinessSubscriber
Service Provider
NationwideNationwideCarrier EthernetCarrier Ethernet
Transport
IPIP
IPIP
IPIP
IPIP
IPIP
IPIP
IPIP IPIP
IPIPIPIP
IPIP
IPIP
• Carries all applications• Internet Access• IP VPN service
• Hard QoS and Traffic Engineering• Better bandwidth utilization/Scalability• Protection Switching (50ms)• OAM functions and TDM Support• Any-to-Any VPN services• Multicast support with Hard QoS
ResidentialSubscriber
First MEF9 Tested Solution
• ASIC Technologie, IPv6 in Hardware• QoS, 8 Hardwarequeues, Ingreesshaping, Egreesshaping, 3-tier hierachical Ratelimiting• EAPS• Full Redundant Switching Technologie, XOS, Open XML integration for other vendors• vMAN: per port, VLAN to VMAN mapping , MPLS L2 VPN implementation (Q4/05)• Multicast streams - 100kbps- 2M (size), 2000(number), Multicast receivers - 10k, Multicast zapping rate - 4 per second
Quelle:
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme’s Key StrengthsKey Strengths BenefitQuality Connections
• Ingress and Egress QoS for low latency and jitter -tested superior over Cisco (June 05 Tolly Report)
• CNA: End-to-end Application Monitoring and Resolution
Clear Voice Calls on LAN
Clear Voice Calls on WAN
Video implementation
High Zapping rate
Continuous Uptime• ExtremeWare OS hardened OS
• EAPS
• Hardware Redundancy
No lost or dropped calls
Service continuity – dial tone always available.
Security & Compliance:• MAC Radius to authenticate CPEs
• Sentriant Security Appliance
• Layer 3 Virtual Routing
CPE device control. Simplify deployment.
Prevents VoIP / VoD DOS attacks directed to IP telephony / TV server
Hierarchical isolation for multiple levels of security, i.e., protect Call centers. Also, enables hosted IP telephony services
MEF 9 Certified
Simple Management:• EPICenter management / AIM Manager
• Plug and play with LLDP and Universal Port Manager, Auto PoE
• XML APIs with EPICenter and Extreme switches
EPICenter to manage Extreme network inventory. Simplified network (VoIP/Video) troubleshooting for IT= lowers help desk costs.
Std. based device discovery & power mgmt = Lower cost of operation. Std. based APIs allow rapid development and deployment of applications. Example: Interactive Voice Response (IVR) system. Dynamically open and close ports for voice calls.
© 2005 Extreme Networks, Inc. All Rights Reserved
Metro Ethernet Network OverviewStandard based and flexible
Customer EdgeProvider EdgeMetro Core
Wifi-NetworkMT
U
PoPPoP
PoP
IP DSLAM
CMTS
HFC(Cable)
DSL
OLT PON
T1/E1/T3/E3PoP
M/C
M/CCopper
FiberFE/GbE
MDU
MTU
GbE
FE
PoP
2 – 4 Link Aggregated GbE
GbE/10GbEAccess Ring GbE/10GbE
Access RingAccess Ring
10GbE Core Ring
Extreme Networks Confidential and Proprietary
Thank You
This product roadmap represents Extreme Network’s current strategic direction. All ExtremeWare® releases will be on a when-and-if available basis. Actual feature development and timing of releases will be at the sole discretion of Extreme Networks. Presentation of the product roadmap does not create a commitment by Extreme Networks to deliver a specific
feature.