Extreme Networks

Transcription

Extreme Networks

Extreme Networks
Metro Solutions
Olaf Hagemann
Senior Network Consultant
[email protected]
Extreme Networks Confidential and Proprietary
Provider installations with Extreme
© 2005 Extreme Networks, Inc. All Rights Reserved
Triple Play Solutions GmbH Lab
Oct. 2005 in Munich-Dornach
http://www.tp-alliance.net
Triple Play ISP / Metro Solution:
Voice,Video, Data
•
•
•
•
•
•
•
•
•
•
•
•
•
http://www.triple-play-solutions.com
TP-Alliance
one World goes Online
Core Router Solution
Backbone Switching Solution
Aggregation Switching Solution
CPE´s Solution
Hotspot Solution
Headend Solution
TP-Alliance a network for us and our child's future
Security Solution
Content Solution
Migrations Solutions
Special Customer Solutions
Pipe / Cabel / Shelter Solution
48 V / USV / Clima Solution
etc.
Extreme Standards Leadership
Standards Bodies
Industry Affiliations
802.1ad/ah Provider Bridging
•
Craig Easley,
Director
Steve Haddock 802.1 – 802.3 Liaison
802.3 Ethernet
• 802.3z Gigabit Ethernet
•
Editor, Steve Haddock
802.3ad link aggregation
Chair, Steve Haddock
•
802.3ae 10 Gigabit Ethernet
•
Co-Chair, Steve Haddock
802.3ah Ethernet in the First Mile
RFC 3619 Ethernet Automatic
Protection Switching EAPS
Craig Easley,
President
Tony Lee,
former Chairman
Produktportfolio for Convergence
Summit Familiy
Value Solutions
10/100 BASE-T
1000 BASE-SX/LX/ZX
Summit 200-24
Security
BlackDiamond
Familiy
Intrusion Prevention /
Virtual Security Resource
Fixed Port
100/1000 BASE-TX
1000 BASE-SX/LX/ZX
New ! Sentriant 1
Summit7i
BD 10K
Summit 200-48
New !
Alpine Familiy
Summit48si
High Density Gig to Edge
10/100/1000
10 Gig E Uplinks
Summit5i
BlackDiamond 8810
(former Aspen)
Alpine 3808
XOS
Summit1i
POE
POE
New !
BD 6816
Summit 400-24t und 24p
Summit X450t und X450x
XOS
Summit 400-48t
Alpine 3804
Summit 300 (24/48)
BD 6808
New !
WIRELESS
WIRELESS
Summit WM-Series
POE
New !
Alpine 3802
POE
XOS
POE
BD 6804
ExtremeWare Device Management
Command Line
Interface
ExtremeWare
Vista
EPICenter
Manager
RS-232, Telnet,
SSH2
HTTP
SNMP v1/v2c/v3
Radius (incl. Per command)
Username/password database
Community
string
Access Lists; encrypted pword/comm string; conf logging
What’s Carrier Ethernet ?
Protection
•
•
•
50ms Protection
End to End Path Protection
Aggregated Line & Node Protection
Hard QoS
Scalability
•
•
•
Services and
Bandwidth
100,000’s of EVC’s
From Mbps to
x10Gbps
Carrier
Ethernet
Service
Management
•
•
•
•
•
•
Fast service creation
Carrier class OAM capabilities
Customer Network Management (CNM)
Guaranteed end to end SLA
End to End CIR and EIR
Business, Mobile, Residential
TDM Support
•
•
•
Quelle:
Seamless integration of TDM
Circuit Emulation Services
Support existing voice applications
Policy-Based QoS
Traffic Grouping Classification + QoS Profile => Policy
• Classifications: L1-L4 information, WINS username (using EEM and DLCS), Observe and/or
overwrite 802.1p and IPDiffServ packet markings.
• QoS Profile: Determines Bandwidth Management (e.g. Min. Bandwidth %; Max Bandwidth
%; priority). Option for Random Early Detection.
• Layer Independent QoS: Use of Layer 3 & 4, IP DiffServ info without routing;
Classification
Packets
IN
QoS Profile (configured queue)
=Policy
Qp1 - Best Effort Traffic
• Ordered Hierarchy
• Layer 1,2,3,4, .1p, IP
DiffServ packet info
Packet
Layer 4
Layer 3 Layer 2
Layer 1
Layer 4
Layer 3 Layer 2
Layer 1
0% Min/100% Max
Low Priority
5% Min/100% Max
Higher Priority
QpX - Essential Traffic
Packet
Packets
Out
Scalable and Available Unix based
Operating System
Modularity Æ Availability and scale
Communications
Security
Monitoring
Hitless
Hitless
Failove
Failove
rr
Routing
Routing
Virtual
Virtual
Routing
Routing
Mgmt
Mgmt
Memory protection
•
Process Monitoring and Restart
•
Dynamic module loads (e.g. SSH2, SCP2)
Expensibility and open-ness Æ New
features faster
XML
Device
Device Management
Management
•
•
POSIX APIs gives a great starting point for new
code
•
TCL and scriptable CLI enable easier
management
•
•
Configurable CLI
Security
Security
System
System
Libraries
Libraries
TCP/IP
TCP/IP v4
v4 &
&
v6
v6
Hardware Abstraction Layer
Device Drivers & Network Interfaces
XML Internal configuration representation
Security
•
•
•
ClearFlow
Denial of Service Detection and Prevention
Hooks for Interactive Threat Containment
ExtremeWare XOS,
Tested by Tolly Group
Key Findings of Tolly Group:
Modularity has benefits:
• Extensible OS
• Higher network availability
• Dynamically add functionality
White Paper
Process recovery:
• Higher network availability
• No single process can take down the system
XOS ACL’s:
• Wirespeed ACL forwarding
• Dynamic ACL editing
• Precise wirespeed “accounting” on matching ACL
Virtual Domains:
• Ability to collapse multiple L3 switches on one device
• Flexibility to support overlapping IP addresses
January 2005
Pain Point: Ethernet Provisioning
Complexity
MEF Compliance
SPs needs multi-vendor, multi-technology
provisioning of:
E-Line services (Point to Point)
Private line, and Virtual private line
CE-VLAN CoS 6
UNI
EVC1
CE-VLAN CoS 4
CE-VLAN CoS 2
E-LAN services (Multipt to Multipt)
Ingress Profile
Per COS ID 6
Ingress Profile
Per COS ID 4
Ingress Profile
Per COS ID 2
Private LAN, and Virtual private LAN
EVC2
EVC3
Speed
- Ethernet Interface rates:
10 MB,100MB,1GB, 10GB
- Increments
Class Of Service (COS)
- Per Port: All EVCs at UNI
- Per COS ID
Bandwidth Parameters
- Potentially apply per UNI, EVC, or VLAN ID
- CIR, CBS, PIR, PBS
Service Level Agreements
- Built around bandwidth &
performance parameters
Service Performance Parameters
- Apply per-COS ID
- Frame delay, Jitter, Loss
EVC1
UNI
EVC2
Ingress BW
Profile per
Ingress UNI
EVC3
Source: Based on Metro Ethernet Forum material
Quelle:
UNI
EVC1
Ingress BW Profile
Per EVC1
EVC2
Ingress BW Profile
Per EVC2
EVC3
Ingress BW Profile
Per EVC3
Advanced Traffic Management
Engine
Bi-directional (ingress and egress) rate limiting
•
On egress, “phantom” scheduling is supported to distribute unused
bandwidth to other customers
3-tiered hierarchical rate limiting
1. Per application (up to 8 apps per customer)
2. Per customer (up to 4K per 10Gig link / 32K customer in total)
3. Per physical port (up to 160 = 2 * 80-port)
Packet Classification
•
Any data field can be used to classify the packet (in 4GNSS
programmable packet processor = Cartman)
QoS Characteristic
Ingress Limiting / MAX 180K limiters per Chip
1st Level (Application CoS)
2nd Level (Customer ID)
3rd Level (Physical Port)
10GbE
Port
8 Limiters per Ingress
Service ID
4K Limiters per Physical
Port
Dual Rate Limiter
1GbE
Port
8 Limiters per Ingress
Service ID
Port
Dual Rate Limiter
Egress Limiting / MAX 288K limiters per System
1st Level (Application CoS)
2nd Level (Customer ID)
3rd Level (Physical Port)
10GbE
Port
8 Limiters per Egress
Service ID
Port
Dual Rate Limiter
1GbE
Port
8 Limiters per Egress
Service ID
400 Limiters per Physical
Port
Dual Rate Limiter
1st Level
2nd Level
3rd Level
Ingress and Egress
3-tier Hierarchical Rate Limiting
Rate Limiting
Rate Shaping / Prioritization
CIR
CIR
CIR
App #1
App #2
QP #1
App #3
QP #2
Customer #A
QP #3
App #8
PR
PR
Port #1.1
QP #8
App #1
App #2
Egress QoS “Queue”
Customer #B
PR
App #3
App #8
App #1
App #2
App #3
Customer #B
Only applicable to
App #8
Egress control
1st level Limiter
2nd level Limiter
3rd level Limiter
(Application CIR)
(Customer PR)
(Port CIR/PR)
Extreme: Ingress and Egress Strict
Queuing
2. In addition, Priority Traffic will
continue to get enforced on the
Egress
Backplane
Switching Fabric
Low Priority Traffic
1. With Ingress Strict Queue
Enforcement, Priority Traffic will
always be guaranteed bandwidth
when congestion occurs on the
backplane
From other I/O
modules or ports
High Priority Traffic
Low Priority Traffic
I/O Module
Carrier Ethernet Protection
Protection
•
•
•
50ms Protection
Hard QoS
Scalability
•
•
•
Services and
Bandwidth
100,000’s of EVC’s
From Mbps to
x10Gbps
Carrier
Ethernet
Service
Management
•
•
•
•
•
•
TDM Support
•
•
•
Quelle:
Protecting the Network
Detection of anomalies Æ Extreme’s CLEAR-Flow:
• is an ASIC-based technology built into our 4GNSS chipset
• examines the first 120 bytes in every packet, on every port, of a
4GNSS switch
• enables discovery of anomalous traffic even in 10 gig core
networks
Send suspicious traffic
for analysis by an IPS
Rate limit traffic and
alert a network
administrator
Block traffic
automatically
X
X
Implications for Day-Zero attacks
Infect Targets
Attack Traffic (packets/sec)
Find Targets
Suspicious
Activity
PreAttack
Rapidly Propagating Infection
(Under Attack)
Mitigation
(Manual)
Focus so far is post-attack mitigation …
Time
Smarter Alternative
Attack Traffic (packets/sec)
Find Targets ..
Extreme Security Solutions
• Detect Suspicious Behavior
• Identify Threat Source(s)
• Automate Mitigation
Time
Detect & mitigate
before attack is
launched
CLEAR-Flow
First order threats that can be mitigated
Denial of Service
Attacks
Smurf attack
Ping of death
Ping sweep
Ping flood
Port sweep
TCP Flood (Syn, Syn-Ack,
Ack, Fin, Xmas, Rst)
Syn attack: RFC-2827
Flood attacks against
well know port numbers
Login services
RPC, NFS
File sharing
X windows
Name services
Mail services
Web services
ICMP messages
…
Virtual Router BD10k
Subnet 1
Subnet 2
Layer 3 Virtual Switch #1
Subnet 1
Subnet 2
VLAN 1
VLAN 2
Virtual Switches provide isolated route tables and traffic
Overlap IP address spaces initially
• VLAN spaces (vlan ID´s) in a future release
Benefits: Collapse / simplify networks without compromise
• Security: Total isolation between users on different Virtual Switches
• Availability: If one virtual switch is attacked, others will be unaffected
Protecting the Network: Illustration
Analyze
- Baseline normal behavior
- Identify anomalies
- Generate alerts
Analysis
Engine
Respond
- Shutdown Hosts
- Shutdown Ports
- Initiate detailed monitoring
- send data to mirror port
- Throttle large
movements of data
Measure
- Pre-Filter Data
- Maintain Counters
- Sample Flows
- ID Traffic bursts
- ID State Changes
Enforce
- Deep & Extensive ACLs
- Rate Limiting
- Traffic Marking
CLEAR-Flow for Interactive Threat Containment
EAPS
Ethernet Automatic Protection Switching
Proven sub-50ms failover times
Featured on all Extreme product lines
Designed for Carriers/ISP – Required for
Convergence in the Enterprise
EAPS v2: redundant ring connections
Avoids „super loop“ problem if a common link betwenn 2 EAPS
rings fails
„health-check“ pakets between „controller“ and „partner“
If common link fails, the controller blocks all but one port, the
„active open“ port
Common Link
Controller
Shared Ports
S6
S3
S4
S2
EAPS Domain 2
EAPS Domain 1
S5
P
P
S
S1
Master Switch
Partner
S
S8
Master Switch
S67
Carrier Ethernet Management
Protection
•
•
•
50ms Protection
Hard QoS
Scalability
•
•
•
Services and
Bandwidth
100,000’s of EVC’s
From Mbps to
x10Gbps
Carrier
Ethernet
Service
Management
•
•
•
Quelle:
•
•
•
TDM Support
•
•
•
“EPICenter” Overview
Product focus: Network / Device Monitoring, Element Management
Inventory Manager with Network Discovery
VLAN Manager
ExtremeView System
Real-Time Statistics
IP/MAC Address Finder
Administration Tool
Topological Discovery with Display Map
Alarm System with Configurable Alarms
Configuration Management
ESRP Application
EPICenter Report System
Exportable database
Configurable Functionality
“EPICenter Policy Manager”
Functionality upgrade to EPICenter
•
License key only
•
Enables two additional applets: Policy and VoIP
Config
QoS policy configuration
•
One switch or group of switches
•
Automatic policy synchronization
Security Policies
•
User based dynamic policies
•
Network Login / 802.1x
VoIP Configuration
•
Assists in QoS configuration for VoIP traffic
Directory-enabled deployment
•
Windows Domain Integration
•
Active Directory, LDAP, NIS
Converged Network Analyzer (CNA)
VoIP Monitoring & Resolution for Extreme Networks
CNA Server
IBM xSeries 306/336
Third
Party
Switch
CNA Agent
Test
Request
Test
Result
WAN
SNMP
Trap
Router
Extreme
Switch
CNA Agent
IV Network
Management
Station
Extreme Switches provide QoS on the LAN
CNA Server Appliance
• Find QoS problems with CNA
• Fix WAN problems by re-routing calls over high quality WAN links
CNA Agent client monitoring software- embedded in:
• Extreme XoS- based switches (BD10K, BD8810, Summit 450)
• External box for non-Extreme or supported equipment
Overall Network
Topology View
CNA Dashboard: Managing applications in the
Operations Center
User
experience
and
application
availability
Urgent
problems
Rescued
users
Application
performance
(e.g., VoIP,
VPN, VoD,
IPTV)
sFlow Traffic Analysis
one part of the Clearflow functionality
Protocol for traffic accounting:
•
•
•
•
Usage-based billing
Baselining
Troubleshooting
Security (Attack Identification)
Defined in RFC 3176
Similar to Netflow
•
But takes samples and extrapolates network traffic profile
sFlow Datagram
forwarding
tables
sFlow
agent
eg 128B
interface
stats/counters
Switching
Engine
packet header
1 in N
sampling
src/dst i/f
sampling parms
rate
pool
forwarding
src 802.1p/Q
dst 802.1p/Q
next hop
src/dst mask
AS path
communities
localPref
user ID
URL
src/dst
Radius
TACACS
Network
sFlow Collector &
Analyzer
i/f counters
IP Mediation – Web Services
(3)
AAA
server
GUI
(1c)
(5)
(4a)
CRM
MSP
(4b)
Switches
(6)
Billing
Server
(2)
(1) Network connections from the m obile network to PSDN / Internet
(2) Subscriber look up for unique identification of the subscriber using IP network session inform ation
(3) Network session ev ents
-
End of user session (Start of user session)
-
CSTM service ended (started)
All services to be inspected by the traffic m onitor are reported to tecControl, e.g. web browsing,
M M S, IP telephony incl. start tim e, end tim e, service type, data volum e.
Access to the serv ice is always granted.
(4) Rated call records in real tim e
The reported service events are m apped to call records, rated depending on service type, duration and
volum e and transferred to the billing serv er.
Depending on the service, content specific inform ation is av ailable and use d for rating purposes, e.g. to
ov erwrite v olum e or duration of the CDR for processing in the billing serv er.
(5) N.A.
(6) tecControl adm inistration, configuration, m aintenance
IP Mediation – VoIP
AAA
server
(3)
GUI
(5)
SIP server
(for proxy,
registrar,
redirect,
location
funct.)
(4a)
(1a)
CRM
MSP
(6)
(4b)
(3)
Billing
Server
(2)
(1) Network connections from the m obile network to PSDN / Internet
(2) Subscriber look up for unique identification of the subscriber using IP network session inform ation
(3) Network session ev ents
-
End of user session (Start of user session)
-
CSTM service ended (started)
All services to be inspected by the traffic m onitor are reported to tecControl, e.g. web browsing,
MMS, IP telephony incl. start time, end time, service type, data volum e.
Access to the serv ice is always granted.
(4) Rated call records in real tim e
The reported service events are m apped to call records, rated depending on service type, duration
and v olum e and transferred to the billing serv er.
Depending on the serv ice, content specific information is available and used for rating purposes, e.g.
to overwrite volum e or duration of the CDR for processing in the billing server.
(5) N.A.
(6) tecControl adm inistration, configuration, m aintenance
Seamless Real-Time and Historical
Drilldown for SLAs
Resources Supporting
the Service
Customer
Service
Drill--Down
to technical details
Service Level Violation
Open integration with Fault
Management tools
1 : Performance Notifications
Performance
Performance
Problem
Problem
Identification
Identification
2 : Access to performance reports
CRM
CRM
Performance Analysis and
Early Warning System
API / SNMP / XML
apps
apps
Trouble
Trouble Ticketing
Ticketing
Event
Event Management
Management
Faults & up/down
status
Easy High-resolution,
servers
Real-time Analysis
servers
networks, systems, applications
CNA
CNA
Server
Server
Directory
Switch Analyses, Reporting,
Policies
SNMP Connection
LDAP
EPI
EPICenter
Center
Policy
PolicyManager
Manager
Domain
Controller
Faults and
Performance
Notifications
Carrier Ethernet TDM Support
Protection
•
•
•
50ms Protection
Hard QoS
Scalability
•
•
•
Services and
Bandwidth
100,000’s of EVC’s
From Mbps to
x10Gbps
Carrier
Ethernet
Service
Management
•
•
•
•
•
•
TDM Support
•
•
•
Quelle:
TDM ready - ExtremeWare XOS and
P-ASICs
Open architecture with UNIXlike scale and availability
Highly Availabile
•
Memory protection
•
Hitless failover
•
Memory protection
•
Module upgrades
•
Hitless software migration
•
Virtual Router Architecture
•
•
Flexible configuration management based
on XML with scriptable CLI
Highly resilient
Extensible
•
Flexible configuration management and
APIs based on XML with scriptable CLI
•
Dynamic loading of extensions
•
New features to market – faster!
Future Proof
•
Scalable through modularity and HAL
•
Device management via XML, …
•
Virtual Router Architecture
•
Extensible
•
New features to market – faster!
Infrastructure for the
intelligent network
•
Distributed processing both inside and
outside of the box
Supporting Business Services
Any-to-any Layer 2 VPN to interconnect multiple locations
transparently and effectively (with high and guaranteed bandwidth)
Supporting the convergence of data and voice
Branch
ISP
Internet
IP
Metro
Carrier Ethernet
Nationwide/Global
Ethernet
Carrier
E-LAN
Metro
Carrier Ethernet
HQ
Branch
Metro
Carrier Ethernet
Branch
Branch
MPLS TLS: Simplifying Provisioning
Customer
Site B
802.1Q Tag
500
Switch
Switch
Switch
Switch
Customer
Site A
802.1Q Tag
500
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
Switch
•
•
Switch
NEW
Customer
Site C
Example Network; a customer has 2 sites in a TLS network, and wants to
add an additional site.
Before adding the site, 4 switches must be configured with his 802.1Q tag
(500).
MPLS TLS: Simplifying Provisioning
Transport Layer Security
Switch
Customer
Site B
802.1Q Tag
500
Switch
Switch
Switch
Switch
Switch
Customer
Site A
802.1Q Tag
500
Switch
Switch
Switch
Switch
Switch
NEW
Customer
Site C
802.1Q Tag
500
Switch
Switch
Switch
Switch
•
How many switches must be reconfigured when the additional site (Site C)
is added?
•
A TOTAL OF 9 SWITCHES MUST BE RECONFIGURED – IN THIS
SMALL NETWORK ( Hub and Spoke Mode )
vMAN: Simplifying Provisioning
Customer
Site B
Switch
Switch
Switch
Switch
vMAN
vMAN
Switch
Switch
Customer
Site A
vMAN
Switch
vMAN
Switch
Switch
Switch
vMAN
Switch
Switch
Switch
•
•
Switch
Switch
NEW Customer
Site C
Example Network; a customer has 2 sites in a vMAN network, and wants
to add an additional site (Site C).
Before adding the site, only 2 switches must be configured with vMAN
connecting Site A and Site B.
vMAN: Simplifying Provisioning
Switch
Customer
Site B
802.1Q Tag
500
Switch
Switch
Switch
Switch
Switch
Customer
Site A
802.1Q Tag
500
Switch
Switch
Switch
Switch
Switch
NEW Customer
Site C
802.1Q Tag
500
Switch
Switch
Switch
Switch
•
How many must be reconfigured when the additional site (Site C) is
added?
•
Only with one config Line for vMAN Setup on all Switches and another
one for the 802.1Q Tag on the Site C Switch.
MPLS RSVP-TE:
Simplifying Provisioning
Resource Reservation Protocol - Traffic Extension RFC3209
Rate limiting can be done at ingress, and RSVP-TE “reserves” bandwidth for the LSP, and ensures no oversubscription.
Switch
Customer
Site B
Switch
Switch
Switch
Switch
Switch
Customer
Site A
LSP = label switched
paths
Switch
Switch
Switch
Switch
NEW Customer
Site C
Switch
LSP Site A to Site B
Switch
Switch
Switch
•
•
•
Switch
LSP Site A to Site C
LSP Site B to Site C
How many switches must be reconfigured when the additional site (Site C) is
added? Now just the LERs must be reconfigured.
Only 3 MPLS switches must be reconfigured; other nodes require no config
change but it is normal a Multicast Protocol.
RSVP-TE SIGNALING SETS UP LSP ON LSR’s ( Full Meshed Mode )
Supporting Transport for IP
Network
E-LAN connections among routers
•
Any logical IP topology, multiple EVC’s of a single physical interface
It supports all business IP services, from IP VPN to Internet access
IP
IP
Layer3 Switch:
vMAN pro Port or
vLAN pro Port
50ms Failover
R
R
Layer3 Switch:
MPLS / vMAN
50ms Failover
Metro IP
R
Carrier Ethernet
Nationwide/Global
Carrier Ethernet
Metro
Carrier Ethernet
IP
R Carrier
RIP
R
IP
R
IP
IP
R
R
IP
Metro
Carrier Ethernet
R
IP
R
IP
R
IP
IP Network
Using Carrier Ethernet
as the Transport Layer
with MPLS and EAPS
Nationwide
and
EAPS with vMAN in the
Metro
Supporting TV Distribution Service
1. Multicast tree(s) is(are) established with QoS guaranteed
2. Subscribers (the Set-Top-Box) sends request for a channel
3. Carrier Ethernet filters, only replicates and forwards the requested channel to the subscribers with IGMP Snooping
4. Video source protection and network protection are set up automatically between the HE and CPE
Video
Source
Subscribers
IP
IP DSLAM
IP
Video
Source
L2 DSLAM
IP
Metro
Carrier Ethernet
Nationwide/Global
Carrier Ethernet
Metro
Carrier Ethernet
IP DSLAM
IP
L2 DSLAM
Metro
Carrier Ethernet
IP DSLAM
IP
IP
IP
IP DSLAM
Supporting VoD Service
1. An E-LAN connection is established between DSLAMs and VoD servers
2. Subscribers (the Set-Top-Box) sends request to RSM for a movie
3. RSM finds/informs the best VoD server, acknowledge subscribers of such
4. The subscriber establishes session with VoD and Command server respectively
Subscribers
IP
IP DSLAM
IP
IP
E-LAN
IP
Resource &
Subscriber
Manager
(RSM)
Metro
IP
Carrier Ethernet
IP DSLAM
VoD server
L2 DSLAM
Nationwide/Global
Carrier Ethernet
Metro
IP
Ethernet
Carrier
Command Server
IP
L2 DSLAM
IP
Metro
Carrier Ethernet
IP DSLAM
IP
IP
IP
IP DSLAM
Supporting VoIP Service
1. An E-LAN connection is established between WAN routers to build an IP WAN
2. An E-LAN connection is established between the DSLAMs/CPEs and the IP PoP in each metro
3. Caller contacts the SIP Proxy server in order to find the IP address of the called party
4. Caller establishes session with the called party through E-LAN connection
Location Server
IP WAN
IP
SIP Proxy
Server
Subscribers
IP
CPE
CPE
IP
Metro
IP
Carrier Ethernet
bal
Nationwide/Glo
E-LAN
Carrier Ethernet
Metro
IP
Ethernet
Carrier
IP DSLAM
CPE
L2 DSLAM
IP
Metro
Carrier Ethernet
IP DSLAM
IP
IP
IP
Carrier Ethernet Standards
Protection
• MEF 2 – Ethernet Protection
• MEF 4 – Architecture Framework
Scalability
Hard QoS
• MEF 9 – UNI Testing
• MEF 11 – UNI Framework
Carrier
Ethernet
Service
Management
TDM Support
• MEF 7 – EMS and NMS Info Model
Quelle:
• MEF 6 – Service
Definition
• MEF 10 – Service
Attributes
• MEF 3 – CES Framework
• MEF 8 – CES Implementation
The New MEF Network Architecture
First MEF9 Tested Solution
Transport
Business
Subscriber
IP
IP
IP
Metro
Carrier
Ethernet
Nationwide
Carrier Ethernet
IP
IP
Metro
Carrier
Ethernet
IP
IP
IP
Residential
Subscriber
Service Provider
• Hard QoS and Traffic Engineering
• Better bandwidth utilization/Scalability
• Protection Switching (50ms)
• OAM functions and TDM Support
• Any-to-Any VPN services
• Multicast support with Hard QoS
• Carries all applications
• Internet Access
• IP VPN service
IP
Metro
Carrier Ethernet
IP
IP
• ASIC Technologie, IPv6 in Hardware
IP
• QoS, 8 Hardwarequeues, Ingreesshaping, Egreesshaping, 3-tier hierachical Ratelimiting
• EAPS
• Full Redundant Switching Technologie, XOS, Open XML integration for other vendors
• vMAN: per port, VLAN to VMAN mapping , MPLS L2 VPN implementation (Q4/05)
• Multicast streams - 100kbps- 2M (size), 2000(number), Multicast receivers - 10k, Multicast zapping rate - 4 per second
Quelle:
Extreme’s Key Strengths
Key Strengths
Benefit
Quality Connections
9Clear Voice Calls on LAN
• Ingress and Egress QoS for low latency and jitter tested superior over Cisco (June 05 Tolly Report)
• CNA: End-to-end Application Monitoring and
Resolution
9Clear Voice Calls on WAN
9Video implementation
9High Zapping rate
9 No lost or dropped calls
Continuous Uptime
• ExtremeWare OS hardened OS
• EAPS
• Hardware Redundancy
9 Service continuity – dial tone always available.
9 CPE device control. Simplify deployment.
Security & Compliance:
• MAC Radius to authenticate CPEs
• Sentriant Security Appliance
• Layer 3 Virtual Routing
9 Prevents VoIP / VoD DOS attacks directed to IP
telephony / TV server
9 Hierarchical isolation for multiple levels of security,
i.e., protect Call centers. Also, enables hosted IP
telephony services
9 MEF 9 Certified
9 EPICenter to manage Extreme network inventory.
Simple Management:
• EPICenter management / AIM Manager
• Plug and play with LLDP and Universal Port
Manager, Auto PoE
• XML APIs with EPICenter and Extreme switches
Simplified network (VoIP/Video) troubleshooting for
IT= lowers help desk costs.
9 Std. based device discovery & power mgmt = Lower
cost of operation. Std. based APIs allow rapid
development and deployment of applications.
Example: Interactive Voice Response (IVR) system.
Dynamically open and close ports for voice calls.
Metro Ethernet Network Overview
Standard based and flexible
Metro Core
Provider Edge Customer Edge
MDU
10GbE Core Ring
2 – 4 Link Aggregated GbE
PoP
GbE/10GbE
Access Ring
T1/E1/T3/E3
GbE/10GbE
Access Ring
Access Ring
PoP
PoP
PoP
OLT
PON
PoP
CMTS
FE
M/C
IP DSLAM
HFC
(Cable)
DSL
Fiber
FE/GbE
Copper
M/C
MT
U
GbE
MT
U
WifiNetwork
Thank You
This product roadmap represents Extreme Network’s current strategic direction. All
ExtremeWare® releases will be on a when-and-if available basis. Actual feature development
and timing of releases will be at the sole discretion of Extreme Networks. Presentation of the
product roadmap does not create a commitment by Extreme Networks to deliver a specific
feature.
Extreme Networks Confidential and Proprietary

Extreme Networks

Transcription

Similar documents

RoomWizard® II Scheduling System Technical Specifications

csi global connect-internet remote access

the FlightLite 100 data sheet

Supermarket 7/01 reprint

LumiGrow® SmartPAR™ Light Management Service

ES14-OTDR

PERRYHOMES.com

Bill of Lading

The Overnight Trucking Company for New England Customers

Setup Guide