Transcript
Service Creation in Optical Ethernet Network02/20/2002Jangwoo SonNetmanias.ComE-mail) son@netmanais.com, PCS) 016-460-5747, URL) http://www.netmanais.com
Presentation for HSN2002
Contents
Legacy Leased Line (For Internet access, Private line)
Metro Optical Ethernet의도입
.Low-cost and High-speed service
.Internet access
.L2 Ethernet VPN: VLAN, MPLS (LAN-to-LAN interconnection service within MAN, WAN)
.Both, 1M~10M~100M~+ /customers
.VLAN의확장성한계: VPN based-on Ethernet over MPLS or IPsec
Service Creation
.Ethernet
.MPLS
.IPSEC
Conclusion
Big Picture
Metro Core
Metro Core
Nation-wide
Backbone
Metro Core
cloud-big
cloud-big
Global Internet
IDC
Enterprise
Home
Enterprise
Home
cloud-big
Access
Access
cloud-big
Access
Last-mile
cloud-big
Access
Enterprise
IX
POP
POP
POP
CO
CO
CO
CO
Legacy TDM-based service
Metro Core
Metro Core
Nation-wide
Backbone
Metro Core
cloud-big
cloud-big
Global Internet
IDC
Enterprise
Home
Enterprise
Home
Access
Last-mile
cloud-big
Access
Enterprise
Backbone
DWDM, TSR
LAN
Gigabit Ethernet
Metro
TDM/SONET
Access
64K, 128K,…, T1/E1, T3
Metro
TDM/SONET
Access
64K, 128K,…, T1/E1, T3
Access
64K, 128K,…, T1/E1, T3
LAN
Gigabit Ethernet
LAN
Gigabit Ethernet
Legacy TDM-based service
Metro Core
Metro Core
Nation-wideBackbone
Metro Core
cloud-big
cloud-big
Global Internet
IDC
Enterprise
Home
Enterprise
Home
cloud-big
Access
Access
Access
Last-mile
cloud-big
Access
Enterprise
IX
MAN: Private line
(64K~T1)
WAN: Private line(64K~T1)
Internet access
(64K~T1)
TDM/SONET
Low BW, High Price service
Problem of SONET/SDH
Metro Core
Metro Core
Nation-wide
Backbone
Metro Core
cloud-big
cloud-big
Global Internet
IDC
Enterprise
Home
Enterprise
Home
cloud-big
Access
Access
Access
Last-mile
cloud-big
Access
Enterprise
Backbone
DWDM, TSR
LAN
Gigabit Ethernet
Metro
TDM/SONET/POS
Access
64K, 128K,…, T1/E1, T3
Metro
TDM/SONET/POS
Access
64K, 128K,…, T1/E1, T3
Access
64K, 128K,…, T1/E1, T3
LAN
Gigabit Ethernet
LANGigabit Ethernet
.Circuit switching/TDM
.BW allocation flexibility
.Upgrade ?
.Long lead time
Metro Optical Ethernet
Metro Core
Nation-wide
Backbone
Metro Core
cloud-big
cloud-big
Global Internet
IDC
Enterprise
Home
Enterprise
Home
Access
Access
Last-mile
Enterprise
Backbone
DWDM, TSR
LAN
Gigabit Ethernet
LAN
Gigabit Ethernet
LAN
Gigabit Ethernet
100M~1Gbps
1~2.5~4~10 Gbps
Metro
TDM/SONET/POS
Access
64K, 128K,…, T1/E1, T3
Metro
TDM/SONET/POS
Access
64K, 128K,…, T1/E1, T3
Access64K, 128K,…, T1/E1, T3
MetroOptical EthernetNG-SONETRPRCWDM/DWDM
Access
Optical Ethernet
1M~10M~100M~1G
Access
Optical Ethernet
1M~10M~100M~1G
Access
Optical Ethernet
1M~10M~100M~1G
Metro
Optical Ethernet
NG-SONET
RPR
CWDM/DWDM
Ethernet Evolution
Native Ethernet
(LAN)
The 1stGeneration
Metro Optical Ethernet
The 2ndGeneration
Metro Optical Ethernet
BW guarantee(CO)
= Ingress rate-limiting (UPC)
+ 802.1q VLAN (Connection)
+ 802.1p priority queueing
Switch architecture
H/W-based wire-speed L2/L3
forwarding,queueing and scheduling
CoS/QoS
Diff-serv to 802.1p mapping
Resiliency/RestorationRSTP/EAPS (1sec)
No BW guarantee(CL)
Resiliency
STP (30sec)
P-to-P, Mesh topologies
Short range Optics
1000BaseLX (5Km)
Geographic limitation
Ethernet LAN
No CoS/QoS
End-to-end BW guarantee(CO)
= Ingress rate-limiting (UPC)
+ MPLS LSP
(Per-LSP BW reservation)
Switch architecture
H/W-based wire-speed MPLS
forwarding, queueing and scheduling
MPLS CoS/QoS
802.1p/TOS/Diff-serv/port #
to Exp/CoS or LSP
Resiliency/Restoration
MPLS fast reroute (100msec)
Ring: RPR (802.17)
-SRP
-Restoration (<50msec)
-Fair ring-access
-Statistical BW sharing
Long range optics
BGIC/CWDM/DWDM
Geographic limitation
Ethernet WAN
10 Gigabit Ethernet/40GbE
Real-time/Web-based/
Self-provisioning
VoIP
Usage-based billing
Ring topology
Usage-based billing
Real-time provisioning
1 Gigabit Ethernet/4GbE
Geographic limitation
Ethernet MAN
Long range optics (70~150Km)
BGIC/CWDM
Ethernet’s Value Chain
Dynamic provisioning
CWDM/DWDM
RSTP (ieee 802.1w)
Multi-Field Packet
Classification
Wire-speed forwarding (L2)
Port security: VLAN
VLAN connectivity
802.1p priority queueing
Wire-speed forwarding (L3)
ACL security
(L2: MAC filtering, Authentication)
Ethernet over MPLS
Diff-Serv/Int-Serv
Long range optic (40~120Km)
NAT
EFM / EoVDSL
Ethernet over MPLS
High speed switching fabric
STP
Ring topology
:RPR, fairness,SM
Rate-limiting
10GbE
RPR (ieee 802.17)
MPLS
Low cost and High Speed Ethernet
New Enabling
Ethernet Technologies
Ubiquitous Ethernet
Reducing total cost of ownership
Simplicity (reduce the operation-cost)
IP-based single network platform providing various service: Data, Voice and Video
End-to-end solutions
Easy deployment, installation, management and operation
Maintenance: Remote monitoring/maintenance operation/troubleshooting, statistics accounting for billing purpose.
99.999% availability
Scalability (10M-100M-1G-10Gbps)
Standard and interoperable (Operate multi-vendor networks)
Managed BW service
Value-added service through Differentiated Services
Metro access for long-haul networks (for Inter-city VPN service)
Ethernet can meet
Service Provider’s Need
Value-Added Services:
Internet access, Ethernet private line, VoIP, VoD, Wholesale service, ASP/CSP/DBSP access
Ethernet-based
Low cost & High speed
Service
Gigabit Ethernet MAN
Nation-wideBackbone
Metro Core
Global Internet
IDC
Enterprise
Enterprise
Access
MTU
100M~1Gbps
1~2.5~4~10 Gbps
Metro Core (국간)
Ethernet Switch
Ethernet Switch (L2/L3)
Optical Ethernet Access
Ethernet Switch
Edge Node(가입자집선)
Dark Fiber
Fiber
IP
ATM
SONET
GbE/10Gbe
Gigabit Ethernet MAN service
Metro Core
Eterprise
MTU
EN
Optical Ethernet Access
Internet
Data Center
LAN
Internet access
(1~10~100+Mbps)
Ethernet Private Line
802.1q VLAN
IDC access
(ASP, CSP, DBCP)
Internet Access: Edge Node
Enterprise
Optical Access
MTU
Internet access
Internet
Data Center
Metro Core Ethernet Switch
Edge Node
Company A (HQ)
Company B
Company A (BO)
Edge Node 기능= Ethernet Aggregation
Service Creation Node (SCN)
Enterprise
Optical Access
cloud-big
Optical Access
MTU
Internet access
Ethernet Private Line
802.1q VLAN
Internet
Data Center
IDC access
(ASP, CSP, DBCP)
Metro Core
Ethernet Switch
SCN
SCN (Service
Creation Node)
Company A
(HQ)
Company B
Company A
(BO)
Edge Node 기능
= Ethernet Aggregation + Service Creation (QoS, VPN,…)
= SCN (Service Creation Node)
LAN
LAN
LAN
LAN
Ethernet 전용회선
Enterprise
MTU
Ethernet Private Line
802.1q VLAN
Metro optical Core
MTU
Company A
BW: 5 Mbps
QoS: Best-Effort
Price: 500,000 Won/Month
Company B
BW: 20 Mbps
QoS: 1Mbps~Gold, 19Mbps~Best-Effort
Price: 1Mbps Gold~500,000 Won/Month
19Mbps Best-effort ~ 1,900,000 Won/Month
Total Price: 2,400,000 Won/Month
E
E
E
E
SCN
SCN
SCN
SCN
Service Creation
.End-to-end connection: 802.1q VLAN.Multi-Field Packet Classification (L2/L3/L4 header).Ingress rate limiting/guaranteeing (ex. 20Mbps ingress rate)
.MFPC (L2/L3/L4 header)
.802.1p로mapping (Priority marking).Priority queueing: 802.1p
cloud-small
LAN
PC
PC
PC
cloud-small
LAN
PC
PC
PC
Company B
BW: 20 Mbps
QoS: 1Mbps~Gold, 19Mbps~Best-Effort
Price: 1Mbps Gold~500,000 Won/Month
19Mbps Best-effort ~ 1,900,000 Won/Month
Total Price: 2,400,000 Won/Month
Fastlinx-5408
Fastlinx-5408
E
E
E
E
SCN
SCN
-Secure Tunnel
-Application BW guarantee
-Application QoS guarantee
1) Secure L2 Connectivity: Tagged VLAN
cloud-small
LAN
PC
PC
PC
cloud-small
LAN
PC
PC
PC
Fastlinx-5408
Fastlinx-5408
MAC VLAN ID port
B 7 b
G 105 g
MAC VLAN ID port
B 7 c
D 5 c
.One VLAN per customer
.VLAN across MAN-Statically pre-configured, or-Automatically provisionedusing GARP/GVRP
MAC
A
MAC
B
A
B
MAC VLAN ID port
B 7 x
K 106 y
MAC VLAN ID port
B 7 a
D 5 a
MAC VLAN ID portB 7 bK 106 g
VLAN 7
(802.1q)
Forwarding based-on
{dst MAC addr. + VLAN ID}
E
E
E
E
SCN
SCN
7
A
B
7
A
B
A
B
2) Multi-Field Flow Classification
Enterprise
optical-fiber
MTU
cloud-small
LAN
PC
PC
CPE
PC
MTU
cloud-small
LAN
PC
PC
PC
100BaseT
optical-fiber
Fastlinx-5408
5408RF
Mlayer-SW-1
Fastlinx-5408
Mlayer-SW-1
Policy
-Rate Limiting
-Priority marking
2 priority
queues
LOW
8B
6B
6B
4B
2B
1B
4B
4B
1B
2B
2B
Ethernet(L2)
IP (L3)
TDP/UDP (L4)
Pre
dst
MAC
srcMAC
Type
0x0800
CRC
dst
IP
Protocol
ID
src port
number
Userdata
TOS
src
IP
dst portnumber
Discard
VoIP packet
HIGH
Classification
(classify flows)
Max 100M
Unclassified
Packet Filter
19M
1M
cloud-small
LAN
PC
PC
PC
cloud-small
LAN
PC
PC
PC
Fastlinx-5408
Fastlinx-5408
MAC
A
MAC
B
A
B
Edge: Ingress Point
SCN
SCN
Multi-Field Flow Classification
MAC
IP
0800
IPX
8138
RARP8035
ARP
0806
VLAN Tag
1800
UDP17
TCP
06
RSVP
46
IGMP
02
ICMP
01
Telnet
23
HTTP
80
FTP
20
SMTP
25
DNS
53
RTP
5004
Ethernet(L2)
IP (L3)
TDP/UDP (L4)
Pre
dst
MAC
src
MAC
Type0x0800
CRC
dst
IP
Protocol
ID
src port
number
User data
TOS
src IP
dst port number
3) Rate-limiting
MTU-CO
Enterprise
optical-fiber
MTU
cloud-small
LAN
PC
PC
CPE
PC
MTU
cloud-small
LAN
PC
PC
PC
100BaseT
optical-fiber
Fastlinx-5408
5408RF
Mlayer-SW-1
Fastlinx-5408
Mlayer-SW-1
Policy
-Rate Limiting
-Priority marking
2 priority
queues
LOW
Discard
VoIP packet
HIGH
Classification
(classify flows)
Max 100M
Unclassified
PacketFilter
19M
1M
Rate Limiting1.Port rate-limiting
2.Application rate-limiting
Up: 20Mbps
20 Mbps
20 Mbps
Down: 20Mbps
Customer
cloud-small
LAN
PC
PC
PC
cloud-small
LAN
PC
PC
PC
Fastlinx-5408
Fastlinx-5408
MAC
A
MACB
A
B
Edge: Ingress Point
4) 802.1p priority marking
cloud-big
Fastlinx-5408
GbE
LAN
PC
Fastlinx-5408
5408RT
6509
Fastlinx-5408
Mlayer-SW-1
Mlayer-SW-1
Fastlinx-5408
Enterprise
optical-fiber
cloud-small
LAN
PC
PC
CPE
PC
MTU
LAN
PC
PC
PC
100BaseT
optical-fiber
Fastlinx-5408
5408RF
Mlayer-SW-1
Fastlinx-5408
Mlayer-SW-1
Policy
-Rate Limiting
-Priority marking
2 priority
queues
LOW
Discard
VoIP packet
HIGH
Classification
(classify flows)
Max 100MUnclassified
Packet
Filter
19M
1M
8B
6B
6B
4B
2B
1B
4B
4B
1B
2B
2B
Pre
dstMAC
src
MAC
Type
0x0800
CRC
dst
IP
Protocol
ID
src port
number
User
data
TOS
src
IP
dst port
number
802.1
p/q tag
2B
Type
0x8100
2B
TPI
0x8100
Priority
CFI
VLAN ID
16 b
3 b
1 b
12 b
Port srcMAC dstMAC TOS srcIP dstIP srcPort# dstPort# VLAN ID priority
#1 mac_a mac_b 7 165.132/16 165.154/16 x y 7 1
802.1p/q header
1/7
A
B
A
B
3/7
A
B
A
B
cloud-small
LAN
PC
PC
PC
cloud-small
LAN
PC
PC
PC
Fastlinx-5408
Fastlinx-5408
MAC
A
MAC
B
A
B
E
E
E
E
SCN
SCN
5) Priority queueing and scheduling
cloud-big
Fastlinx-5408
GbE
LAN
PC
Fastlinx-5408
5408RT
6509
Fastlinx-5408
Mlayer-SW-1
Mlayer-SW-1
Fastlinx-5408
Enterprise
optical-fiber
MTU
cloud-small
LAN
PC
PC
CPE
PC
PC
100BaseT
optical-fiber
Fastlinx-5408
5408RF
Mlayer-SW-1
Fastlinx-5408
Mlayer-SW-1
Policy
-Rate Limiting
-Priority marking
2 priority
queues
LOW
Discard
VoIP packet
HIGH
Classification(classify flows)
Max 100M
Unclassified
Packet
Filter
19M
1M
2 priority
queues
LOW
HIGH
Static priority,
WFQ
1/7
A
B
3/7
A
B
1/7
A
B
3/7
A
B
1/7
A
B
3/7
A
B
cloud-small
LAN
PC
PC
PC
cloud-small
LAN
PC
PC
PC
Fastlinx-5408
Fastlinx-5408
MAC
A
MAC
B
A
B
E
E
E
E
SCN
SCN
6) Priority queueing and scheduling
PC
PC
CPE
Enterprise
cloud-small
LAN
PC
PC
CPE
PC
100BaseT
5408RF
Mlayer-SW-1
Mlayer-SW-1
Fastlinx-5408
Fastlinx-5408
8B
6B
6B
4B
2B
1B
4B
4B
1B
2B
2B
Pre
dst
MAC
src
MAC
Type
0x0800
CRC
dst
IP
Protocol
ID
src port
number
User
data
TOS
src
IP
dst port
number
802.1
p/q tag
2B
Type
0x8100
2B
Priority
Field
체크
Highest Priority
Lowest Priority
Priority Field(802.1p bits)
7
A
B
1
5
C
D
3
Metro Core Node
-VLAN ID + DstMAC: Forwarding
-802.1p: Pririty queueing and scheduling
3/5
C
D
1/7
A
B
1/7
A
B
3/5
C
D
1/7
A
B
3/5
C
D
cloud-small
LAN
PC
PC
PC
cloud-small
LAN
PC
PC
PC
Fastlinx-5408
Fastlinx-5408
MAC
A
MAC
B
E
E
E
E
SCN
SCN
1/7
A
B
cloud-small
LAN
PC
PC
PC
cloud-small
LAN
PC
PC
PC
Fastlinx-5408
Fastlinx-5408
E
E
E
E
SCN
SCN
Secure and Differentiated Service
.End-to-end connection: 802.1q VLAN.Multi-Field Packet Classification (L2/L3/L4 header).Ingress rate limiting/guaranteeing (ex. 20Mbps ingress rate)
.MFPC (L2/L3/L4 header)
.802.1p로mapping (Priority marking).Priority queueing: 802.1p
Company B
BW: 20 Mbps
QoS: 1Mbps~Gold, 19Mbps~Best-Effort
Price: 1Mbps Gold~500,000 Won/Month
19Mbps Best-effort ~ 1,900,000 Won/Month
Total Price: 2,400,000 Won/Month
Best-Effort Stream
(Low priority, 19Mbps)
Secure Tunnel (VLAN)
Gold Stream
(High priority, 1Mbps)
Service Creation at Edge
SCN
D:\\PPT Master Folder\\_Brushstroke icons\\clouds\\cloud blue.JPG
Enterprise
02202002\\image.jpg
cloud-big
Optical Access
cloud-big
Optical Access
02202002\\image3.jpg
MTU
Internet access
Ethernet Private Line
802.1q VLAN
\\DC-27RACB.jpg
Internet
Data Center
IDC access
(ASP, CSP, DBCP)
E
E
E
E
SCN
SCN
E
Metro Core
Ethernet Switch
SCN
SCN (ServiceCreation Node)
Company A
(HQ)
Company B
Company A
(BO)
SCN (Service Creation Node) 기능= Ethernet Aggregation + Service Creation (QoS, VPN,…)
LAN
LAN
LAN
LAN
Low cost and High Speed
.Internet access service
.Ethernet Private Line service
Edge
.Multi-Field Packet Classification
.Rate-limiting (Customer, Application)
.QoS Marking (802.1p, Diff-Serv)
Metro Core
.High-speed forwarding
.802.1p priority queueing and scheduling
Secure and High-speed Ethernet Connection
.802.1q VLAN
.One VLAN ID per Customer
.Scalability Problems
Problem of VLAN-based Ethernet-VPN service
Enterprise
MTU
Ethernet Private Line802.1q VLAN
Metro optical Core
MTU
VLAN space limitation: 4096 VLANs (VLAN ID=12bits)
MAC address learning problem
No Bandwidth reservation in metro core (end-to-end)
No traffic engineering in metro core (STP Path)
Long STP Convergence time (>30sec)
E
E
E
E
SCN
SCN
SCN
E
Metro Core
Ethernet Switch
SCN
SCN (Service
Creation Node)
LAN
LAN
LAN
LAN
MPLS의도입
VLAN space 문제해결(VLAN ID Reuse)
Metro Core에서MAC주소수문제해결
Traffic Engineering in Metro Core
Protection: MPLS Fast Reroute (<100msec)
MPLS QoS: LSP별로차별화또는Ext/CoS비트
MPLS-based Layer 2 VPN
Scalability
Security
MPLS MAN의도입
Metro Core
Metro Core
Nation-wide
Backbone
Metro Core
cloud-big
Global Internet
IDC
Enterprise
Home
Enterprise
Home
cloud-big
Access
Access
Access
Access
Enterprise
LAN
Gigabit Ethernet
LANGigabit Ethernet
LAN
Gigabit Ethernet
MPLS Tunnel
Private line
(1~10~100+Mbps)
VLAN
VLAN
C1
C1
C2
C2
M
M
M
M
M
M
M
M
M
M
M
M
MPLS WAN의도입
Metro Core
Metro Core
Nation-wide
Backbone
Metro Core
Global Internet
IDC
Enterprise
Home
Enterprise
Home
Access
Access
Access
Access
Enterprise
LAN
Gigabit Ethernet
LAN
Gigabit Ethernet
LANGigabit Ethernet
MPLS Tunnel
Private line
(1~10~100+Mbps)
VLAN
VLAN
C1
C1
C2
C2
C2
MPLS Tunnel
M
M
M
M
M
M
M
M
IPsec 기반
기존IP Routing Network (Metro/WAN)을가지고있는사업자, 즉MPLS가올라가있지않은경우
기존Router에새로운H/W나S/W을업데이트하지않고아무변경없이VPN 서비스를제공하길원하는경우
MAN과WAN의Router는POS기반
Metro Edge에IPsec 기반의SCN (Service Creation Node)를도입
SCN는유입되어오는가입자트래픽을분석하여Internet access traffic, VPN traffic인지를판단
VPN traffic이면, IPsec service module (Encryption)로보내고
Internet traffic이면, NAT service module (사설IP를쓰는경우)로보낸다.
SCN node는Ethernet aggregation 기능과Service Creation (IPSEC VPN, Internet access, NAT, Firewall, QoS)기능을수행한다.
IPsec (Network-Based)
Metro Core
Metro Core
Nation-wide
Backbone
Metro Core
Global Internet
IDC
Enterprise
Enterprise
Optical Ethernet
Access Network
Access
Enterprise
Private line (MAN)(1~10~100+Mbps)
C1
C1
C2
C2
C1
IP Routing Network
IPsec Tunnel
VLAN
Private line (WAN)
(1~10~100+Mbps)
Optical Ethernet
Access Network
Optical Ethernet
Access Network
SCN
SCN
SCN
IPsec Tunnel
Sample Bill
Metro Core
Metro Core
Nation-wide Backbone
Metro Core
Global Internet
IDC
Enterprise
Enterprise
Optical EthernetAccess Network
Access
Enterprise
Private line
(1~10~100+Mbps)
C1
C1
C2
C2
C1
IP Routing Network
IPsec Tunnel
VLAN
Private line
(1~10~100+Mbps)
Optical Ethernet
Access Network
Optical Ethernet
Access Network
SCN
SCN
SCN
IPsec Tunnel
Conclusion
Optical Ethernet: BW 판매시장에진입
.100만원/10Mbps
.50만원/5Mbps
Next: Service 판매
.Internet Access Service
.QoS service
.VPN service
.Firewall service
Service Creation: Intelligent Edge
.Classification(L2/L3/L4)
.Rate-limiting(Service + L2/L3/L4)
.QoS (802.1p, Diff-Serv, MPLS)
.VPN (VLAN, IPsec, MPLS)
.Firewall
.Service/Policy Provisioning
.SLA
VPN Approach
.Legacy ISP: SCN(Ethernet aggregation+QOS+IPsec VPN) + IP Routed Core
.Startup: SCN(Ethernet aggregation + QOS+ MPLS VPN) + MPLS Core
.MSP: SCN(Ethernet aggregation + QOS+ VLAN VPN) + VLAN Core
