Odd010009 Ip Man Planning Issue1_1

HUAWEI TECHNOLOGIES CO., LTD. All rights reserved

www.huawei.com

Internal

ODD010009 IP MAN Planning

ISSUE 1.1

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

http://www.huawei.com

http://www.pdffactory.com

HUAWEI TECHNOLOGIES CO., LTD. Page 1All rights reserved

With the MPLS VPN, NGN, IPTV, and 3G services growing mature and being put into commercial use in large scale, the metropolitan area network (MAN) is developing from the single broadband Internet access service to the integrated IP MAN that can provide access for and bear multiple services such as data services, packet voice service, video service, and streaming service. This course discusses how to build the integrated IP MAN.




This course helps you to:

[Master the IP MAN network planning.

[Master the IP MAN service planning.

[Master the IP MAN optimization plan.

[Learn typical MAN networking instances.




Chapter 1 Overview of MAN PlanningChapter 1 Overview of MAN Planning

Chapter 2 MAN Service PlanningChapter 2 MAN Service Planning

Chapter 3 MAN Optimization PlanChapter 3 MAN Optimization Plan

Chapter 4 MAN Typical Case AnalysisChapter 4 MAN Typical Case Analysis





1.1 What Is MAN1.1 What Is MAN

1.2 Present Situation of MAN1.2 Present Situation of MAN

1.3 General Clue and Optimization 1.3 General Clue and Optimization

Objectives of MAN Objectives of MAN

1.4 MAN Target Network Architecture1.4 MAN Target Network Architecture




What Is MAN

l The network architectures available for large Internet providersare as follows:

[National backbone network

[Provincial backbone network

[MAN

l The MAN refers to the part that is under the provincial backbone network and above the user access side.

l With the concept of larger MAN being put forward, the current 3-level architecture (backbone network to provincial network to MAN) is evolving to the 2-level architecture (backbone network to MAN).

Concept of MANConcept of MAN




Service Situation of the MAN

l Internet broadband dialing access service

[ ADSL or LAN access, ATM or Ethernet convergence, BRAS terminated PPPoEsession

l Internet leased line access service

[ ADSL leased line: ADSL access, BRAS terminated 1483bridge/routing or VLAN

[ LAN leased line: LAN access, layer-2 and layer-3 switch termination

l VLAN interconnection layer-2 VPN (for most switched MANs)

[ MPLS layer-3 VPN (for a few routing MANs)

[ VPN in other modes such as VR VPN, L2TP VPDN, IPSec, and GRE

[ VPN leased line service

Service Situation of the MAN Service Situation of the MAN




Networking Types of MAN

l The IP MAN falls into the following types based on networking devices:

[Layer-3 switch-centered switched MAN

[High-speed router-centered routing MAN

Networking Types of MANNetworking Types of MAN




Switched MAN

l The switched MAN has the following features:

[There are no egress routers, and the MAN serves as the local extension network of the IP backbone network

[Layer-2 and layer-3 switches serve as the core of the layer-2 network and layer-3 network

[Layer-2 and layer-3 switches are also responsible for layer-2 convergence, layer-3 access, and layer-3 convergence.

[The BRAS is mounted with layer-2 and layer-3 switches for access of the PPPoE.

Features of Switched MANFeatures of Switched MAN




Service Implementation of Switched MAN

VLAN layer-2 VPN service

Note: When an arrow points at a device, the device is terminated or forwarded in layer-3. When a straight line passes a device, the device is penetrated in layer-2.

Internet broadband dial-up service

Internet leased line service

LAN leasedline uses

BRAS

ChinaNet router

Intra-city interconnection user

ADSLPPPoE user

LAN PPPoEuser

DSLAM

Cell switch

IP MAN

Broadband access network ATM

Intra-city interconnection user

Layer-2/Layer-3 switch





Problems of Switched MAN

ATM PPPoELAN专线 MPLS CE

MPLS PELayer-2/Layer-3

switch

BRAS

Core layer of IP MAN

Convergence layer of IP MAN

Router

Softswitch AG

Broadband access network

It does not support MPLS.It does not support multicast.The layer-3 forwarding capability is inadequate. The uplink bandwidth is not enough. The functions of QoS and traffic control are weak.It is not secure enough and is easy to be attacked.

Cards or boards can be mounted only, and the multicast function cannot be enabled.

The PE has a weak performance and is less likely to be extended, and it does not support the VPN.

It has complicated functions and can serve as:•LAN leased line access router •Ethernet layer-2 convergence switch •Layer-3 convergence router:

The port density is low, and the performance is weak.

It cannot isolate or bind users.New service deployment is affected due to restriction on uplink bandwidth of the DSLAM.The Ethernet switching network is too big and is restricted by the upper limit of VLAN. The layer-2 protection is unavailable. The QoS function of the equipment is weak.




Routing MAN

l The routing MAN has the following features: A router is used for egress and the core layer for networking.

[Layer-2 and layer-3 switches are also responsible for layer-2 convergence, layer-3 access, and layer-3 convergence.

[The BRAS is mounted with layer-2 and layer-3 switches for access of the PPPoE.

[The MPLS PE is set especially, and it is mounted with layer-2 and layer-3 switches.

Features of Routing MANFeatures of Routing MAN




Service Implementation of Routing MAN

MPLS layer-3 VPN service

Note: When an arrow points at a device, the device is terminated or forwarded in layer-3. When a straight line passes a device, the device is penetrated in layer-2.

Internet broadband dial-up service

Internet leased line service

IP MAN


BRAS

MPLS CE LAN

PPPoE useer

DSLAM

ATM

Core router of MAN

LAN leasedline uses

ChinaNet router

ADSLPPPoE user

LAN PPPoEuser

Layer-2switch

Cell switch








1.3 General Clue and Optimization 1.3 General Clue and Optimization Objectives of MAN Objectives of MAN





Service Development Trends of MAN

l The service grows rapidly. [ In 2005, the number of broadband subscribers grows by 10 million. The total

number of subscribers reaches around 25 million. [ It is estimated that the number of broadband subscribers will grow to 62.88

million by 2008.l Broadband is more and more popular in services.

[ Video application requires that the bandwidth of common application reaches 2 M and that of some advanced application reached around 8 M by 2008.

l Integration of services’[ The MAN bears voice services, video services, data services, and enterprise

interconnection service simultaneously. l Differentiation of services

[ According to requirements of customers and application, provide services in different QoS levels

l Service Control[ Centralized control and management such as awareness, authentication,

charging, security, and QoS for services

Service Development Trends Service Development Trends




Network Performance Features Required for Service Development of MAN

Network Performance FeaturesNetwork Performance Features

Network availability: 99.9%

Note:The above specifications are sited from ITU-T Y.1541, G.114, YD/T 1071 of the communication standards of People’s Republic of China, and documents from some manufacturers. All specifications are network end-to-end (UNI-UNI) unidirectional specifications. “U” indicates that the upper limit is not specified.

100ms 50ms 0.1% 0.01%

100ms 50ms 0.1% 0.01%

IPTV 1000ms 1000ms 0.1% 0.01%

100ms U 0.1% 0.01%

U U U U

Application type

Instant voice

Instant video(video telephony

and video conferencing)

Streaming video

Instant interaction data

Common data

Typical services

Softswitchvoice

Video telephony and video conferencing

Games and signaling

Upper limit of end-to-end unidirectional average delay

Upper limit ofend-to-end unidirectionalaverage jitter

Upper limit ofend-to-endunidirectionalpacket loss rate

Upper limit of end-to-end Unidirectionalpacket error rate




General Clue of MAN Building

l Network layers are clear.[ Layer-2 and layer-3 networks are separated to build the layer-3 routing network (IP MAN) with

clear physical and logical levels and layer-2 broadband access network.l The network architecture is flat.

[ The capacity is large, the number of nodes is small, and the coverage is large so as to reduce the number of physical and logical cascading levels.

l The network quality is differentiated.[ The Diffserv mechanism is deployed for the network so as to provide different levels of QoS for

different users and services.l Management control is centralized.

[ Use the broadband access server (BRAS) and service router (SR) to build the border-to-service control layer of clear IP MAN to provide and control services on a centralized basis. In addition, normalize the network management interface requirements of devices, strengthen building of the integrated network management system, improve manageability of network, and achieve the carrier-class management.

l The requirements for devices are normalized.[ The requirements are normalized to make new devices support network functions and

performance features required for service deployment of MAN.

General ClueGeneral Clue




MAN Optimization Objectives: Network Function Features

l Isolate users in the layer-2 access network, identify users uniquely, and trace sources of application.

l The broadband access network and the IP MAN have differentiated service capability

l .Multicast capability of commercial scale Layer-2 and layer-3 VPN service capability in multiple access modes

l Implement the functions of secure trace, location, and isolationin the network layer.

Optimization of Network Function Features Optimization of Network Function Features




MAN Optimization Objectives: Network Quality Specifications

l Network availability: [99.9%

l Unidirectional average delay upper limit (packet length: 1500 bytes)[ IP MAN: 10 ms (between service access control point and

egress of MAN)[Broadband access network: 10 ms (between service

access control point and user CPE)l Upper limit of unidirectional packet loss rate: [ IP MAN: 5/10000[Broadband access network: 5/10000

l Upper limit of unidirectional average jitter: [ IP MAN and broadband access network: 5 ms

Optimization of Network Quality Specifications Optimization of Network Quality Specifications




Overview of MAN Target Network

l IP MAN target network architecture:

[ IP MAN

− Service access control points (BRAS and service router) and layer-3 routing network consisting of routers above the points

− The IP MAN consists of the core layer, convergence layer, and service access control layer.

[ Broadband access network

− Layer-2 access network under service access control points

− The network layer consists of layer-2 convergence network and last-mile access network. The service plane falls into the public access network plane and key account access network plane in logic.

Overview of Target Network Overview of Target Network




MAN Classification

MAN Classification Based On ScaleMAN Classification Based On Scale

MAN types Phone capacity

(classification standard) Total number of broadband

users (reference)

Extra large Over four million Over 90 million

Large 0.4 million to 0.9 million 40－90 million

Medium 50－200 million 10－40 million

Small Below 50 million 4-10million




MAN Target Network Architecture Model Target Network Architecture Model Diagram Target Network Architecture Model Diagram

Core layer

(egress)

Transit layer

Layer-3 convergence network

Last-mile access network

Public access network planeKey account access network plane

Access layer(service

access control point)

IP MAN

BRAS MAN SR

SDH/MSTP/RPR/Ethernet ATM switching network

MSTP/RPR

ADSLaccessnetwork

LAN access network

CN2 SR

CN2ChinaNet


Core router/Egress router

Backbone network

Transit router

Ethernet switching network




IP MAN Target Network Architecture Topology

Principle of IP MAN DesignPrinciple of IP MAN Design

SRBRAS

Core router/Transit router

SRBRASCN2 SR

Service access control point

SR-CN2 SR is needed for deployment of MPLS and for the MAN that requires cross-domain connection.

ChinaNet CN2




Broadband Access Network Target Network Model Broadband Access Network Target Network Model Broadband Access Network Target Network Model

Tandem exchange

Access switch Access equipment

ATME switching network


DSLAM

LAN access network

Park switch DSLAMEthernet switching

network

Layer-2 convergence network on the key account access plane

LAN userKey

account

SDH/MSTP/RPR network

Last-mile access networkon the public access plane

BRASMANSR

CN2SR

Access switch

Access equipment

Access equipment

ADSL user

Public access plane layer-2 convergence layer




IP MAN Node Setting Examples

l Extra large MAN[ It is recommended to configure four routers in the core layer (also serve as

the egress routers and convergence routers of the node), 8 to 12 routers in the transit layer, 40 to 60 BRASs (30000 users/BRAS), and 8 to 15 SRs(distributed in a centralized manner).

l Large MAN [ It is recommended to configure 2 routers in the core layer (also serve as the

egress router and convergence router of the node), four to eight routers in the transit layer, 30 to 40 BRASs (25000 users/BRAS), and five to eight SRs(distributed in a centralized manner).

l Medium MAN [ It is recommended to configure four routers in the core and convergence

layer (two of which serve as the egress router and convergence router of the node), 8 to 20 BRASs (20000 users/BRAS); and two SRs (distributed in a centralized manner).

l Small MAN [ It is recommended to configure two routers in the core and convergence

layers (also serve as the egress router and convergence router) and 5 to 10 BRASs (10000 users/BRAS). The SR is not set. It is shared with that of CN2.

Recommended Node Setting ExamplesRecommended Node Setting Examples





2.2.1 Design of Route 1 Design of Route

2.2 Design of 2.2 Design of QoSQoS

2.3 MAN Service Implementation 2.3 MAN Service Implementation

2.4 User Management/Network2.4 User Management/Network

Management/Network Security Design Management/Network Security Design

2.5 IPV6 Network Deployment Planning2.5 IPV6 Network Deployment Planning




Design of MAN Route: IGP Design Principles

l The principles of designing MAN IGP routing protocols are as follows:

l It is recommended to use a dynamic routing protocol for the MAN and use a static routing protocol as supplement when necessary.

l A dynamic routing protocol is specified for each MAN, and IGP shall cover the service access layer and all devices above the layer.

l It is recommended to use the OSPF and IS-IS based on link status as dynamic routing protocols.It is recommended to use static routes between the MAN and leased line users to reduce the impact of user route fluctuation on the MAN.

l It is recommended to converge routes on the BRAS or leased line access routers to reduce the number of routes in the MAN and theimpact of routing fluctuation on the whole network, thus improving network stability.

IGP Design PrinciplesIGP Design Principles




Design of MAN Route: BGP Design Principles

l The principles of designing MAN BGP routing protocols are as follows:

[ In principle, the egress router of the MAN exchanges routing information with ChinaNet and CN2 through the EBGP. Some routers in the convergence layer in large MANs can run the IBGP, which is used to bear and control user route in the MAN.

[ The MAN only receives routing information from the CN2 and a default route from ChinaNet.

[ Some large MANs can receive all Internet routes from ChinaNet.

[ The MAN notifies ChinaNet and CN2 of convergence routes in the MAN.

[ The egress router of MAN is used for strategic route forwarding modes based on destination address and service levels.

BGP Design PrinciplesBGP Design Principles




MAN Route Design: MAN Egress Division Principle

l MAN users can visit applications of CN2 and ChinaNet.

l Service can be divided in the following two methods:

[ Allocate different IP addresses for users in different types and divide based on source addresses.

[ Assign different QoS levels for user different application types and divide based on the QoS.

l The service access control point of the MAN marks service levels.

l The egress router of the MAN can complete strategic routes based on destination address, source address,and service levels to divide the applications of CN2 and ChinaNet. It is recommended to use the forwarding mode based on destination address and strategic forwarding based on service leve

MAN Egress Division PrinciplesMAN Egress Division Principles




MAN Route Design: Route Design Chart Route Design Chart:Route Design Chart:

BRAS

Core router

ChinaNet CN2 CN2 key account/PE access router

EBGP Peering EBGP Peering

IGP Domain

Forward routes according to destination addresses, source addresses, and service levels.

MBGP switching VPN route

Configure and summarize the static routes to leased line users and static VRF routes to VPN users.

Static routes are configured on the BRAS. Cities or regions can decide whether the BRAS joins the IGP.

Use the OSPF or ISIS

Attach the specified service level labels on the packets to be transmitted by CN2.

Transit router

SRBRAS SRBRAS




MAN QoS Design: QoS ModelQoSQoS Model Model

Broadband accessnetwork

SRBRAS BRAS

Core router

Diffserv domain

CN2 SR

SRBRAS

Transit router

Classification, marking, and speed limit

Traffic shaping

IP MAN

Diffserv PHB: queuing and congestion control (WRED)

ChinaNet CN2

ATM access network

Ethernet accessnetwork SDH/MSTP/RPR

In physical combination with layer-2 QoS of 802.1P




Brief Introduction to MPLS VPN Technology

l MPLS L3VPN is growing into a standard.

[ BGP/MPLS VPN: RFC2547bis

l Recently, MPLS L2VPN grows rapidly, and the technology is becoming mature. Although the standard is at the draft stage, some actual standards come into being due to support of multiple manufacturers.

[ Martini: draft-martini-l2circuit-trans-mpls-xx

[ Kompella: draft-kompella-ppvpn-l2vpn-xx

[ The standards are not uniform for the VPLS.

[ Circuit cross connect (CCC): Set up between two PE–CE connections a transparent connection, which uses a tunnel exclusively and one layer label.

[ SVC: A static implementation of Martini.

MPLS VPN Classification MPLS VPN Classification




MPLS L3VPN

l P router

[The core router or convergence router of the MAN serves as the P router.

l PE router

[The BRAS and SR, implementing the VPN service for public users and key accounts respectively, serve as the PE router. For the BRAS that does not support the MPLS, use the SR of the MAN to implement the VPN service for public users.

l MBGP和IGP

[The MBGP is used to transmit VPN routing information between PEs. The IGP routing protocol ensures the reachability between PEs.

MPLS L3VPN Planning MPLS L3VPN Planning




MPLS L3VPN (Continued)

l Route between PE and CE

[ Static route

[ EBGP

[ RIP

[ OSPF

[ IS-IS

[When the number of routes is small, it is recommended to use a static routing protocol. When the number of routes is large, it is recommended to use the EBGP.

l Cross-domain MPLS VPN

[ Option A－VRF to VRF

[ Option B: MP - EBGP single jump

[ Option C: MP - EBGP multiple jump

MPLS L3VPN PlanningMPLS L3VPN Planning




Introduction of MAN Services

Internet gateway

Internet gateway

MPLS PEService function module

Access function module

Access network

BRAS MAN SR

Leased line access Leased line access

MPLS

PE

Internet gatewa

y

CN2 SRPublic service system Key account service system

Layer-2 transmission network

Last-mile access network

Leased line access

Dial-up access

Public access network plane Key account access plane

Internet gateway

Internet gateway

MPLS PE

SDH/MSTP/RPR/Ethernet ATM switching network

MSTP/RPR

ADSL access network

LAN access network





MAN Service System and Service Types

l Service system [ Public service system: public + public access network plane + BRAS or MAN SR[ Key account service system: key account + key account access network plane +

MAN SR or CN2 SRl Service type[ Combination of the network function of service access control points and access

function module. The following service types are provided:− BRAS

▪ Internet dial-up access service and Internet leased line access service▪ MPLS VPN dial-up access service and MPLS VPN leased line access

service▪ Multicast service

− SR▪ Internet leased line access service▪ MPLS VPN leased line access service ▪ Multicast type services

Service System and Service TypesService System and Service Types




MAN Service Access Modes and Service Levels

l Access modes

l The public service system uses the public access network plane to implement access of users.

− ADSL access network + Ethernet switching network access

− ADSL access network + ATM switching network access

− LAN access network + Ethernet switching network access

− The key account service system uses the key account access network plane to implement access of users.

− SDH/MSTP/RPR access

l Service levels

[ Users of a service have several service levels, for example, common service (for common users) and advanced service (for VIP users). Service levels are implemented through the access network Diffserv and IP MAN Diffserv.

Service Access Modes and Service LevelsService Access Modes and Service Levels




Internet Access Service Implementation Chart

SRBRAS

Core router

CN2

CN2 SRBRAS

ATM switching network

Tandem exchange

Access switch

Park switch

Corridor switch

DSLAM

Cascading DSLAM

QinQencapsulation

PPPoE dial-up and Internet gateway leased line access, downlink speed limit, layer-3 QoS label

Personal dial-upuser

Medium and small enterprise leased line user

Allocate separate VLAN ID or PVC for different users and different services at user ports.

Personal VIPuser

Uplink speed limit, CoSlabel

Key account

Link protection through dedicated VC loop, good QoSguarantee

Internet gateway leased line access, downlink speed limit, layer-3 label

SR

ChinaNet

Ethernet switching network/MSTP/RPR SDH/MSTP

/RPR




Enterprise Interconnection Service Implementation Strategy

l The MAN provides two technologies to interconnect enterprises:

[ Layer-2/Layer-3 VPN service based on MPLS borne by IP MAN. Provide layer-2 and layer-3 VPN interconnection for common enterprises.

[ Lower-layer connection service borne by MSTP transmission network. Provide physical leased line connection or pure layer-2 connection with high security and QoS guarantee for government institutions, public security, finance, and security industries.

l As the layer-2 access mode between users and PE or MSTP equipment, the Ethernet switching network VLAN extends the above two interconnection services.

l Physical connection between SR and CN2-SR. Option 2 is used for it to implement MPLS VPN.

l Users can originate PE terminated IPSec or Tunnel in other forms so as to access MPLS layer-3 VPN remotely.

Enterprise Interconnection Service Implementation Strategy Enterprise Interconnection Service Implementation Strategy




Enterprise Interconnection Service Implementation Chart

SRBRAS

CN2

CN2 SRBRAS


DSLAM

PPPoE dial-up and PPPoE leased line access MPLS PE, downlink speed limit, forwarding sensitive

CN2 MPLS PE

Key account leased line accessed MPLS PESDH/MSTP/RPR

Physical link between PE ASBR. Option 2 is used to implement cross-domain MPLS VPN.

SR

ChinaNet

Core router

Ethernet switching network/MSTP/RPR

Tandem exchange

Access switch

Park switch

Corridor switchCascading DSLAM



Personal VIPuser

Key account




Pure L2 VPN service implement

SRBRAS

CN2

CN2 SRBRAS SR

ChinaNet

SDH/MSTP/RPR

Intra-city interconnected VC

MSTP interconnection mode. The TDM mode is used for transparent transmission between loops.

DSLAM

级连DSLAM

VLAN interconnection mode: VPN users that accessed the public plane are connected to the MSTP through convergence switch. Only interconnected VLAN numbers need be allocated.

Core router


Tandem exchange

Access switch

Park switch

Corridor switchCascading

DSLAM


Key account

Key account

Personal VIPuser






IPTV Service ChartIPTV Service ChartIPTV Service Chart


Access switch

Park/Corridor switch

DSLAM

IP MANBRAS/SR


Tandem exchange

DSLAM

Set top box

Provide a dedicated uplink channel.

PIM multicast routing protocol border, IGMP termination, configuration of static multicast groups, multicast service AAA management, PPP replication or port replication

Configure dedicated PVC for IPTV.

Allocate the internal VLAN for IPTV users and play the role of IGMP snooping.

Bundle the internal VLAN for dedicated PVC of IPTV users and play the role of IGMP snooping.

SVLAN. The access switch bundles an external VLAN for several DSLAM/park switches. IGMP snooping

Separate terminal. Public addresses are configured by preference.




Softswitch Network Bearer Chart

Key account IAD


Access switch

Park/Corridor switch

DSLAM

RPR/MSTP/SDH

SR/CN2 SR

Softswitch core processing layer

AG

Soft terminal user


Tandem exchange

DSLAMTG

BAC

Non-telecom access IAD

Anonymous user IAD

BRAS

Common network users can serve as VIP users and enjoy higher priority.

The SS, AG, TG and key account IAD, serving as leased lines of key accounts, access through the MSTP. Allocate a dedicated VLAN for the SoftSwitch and give 802.1P higher priority.

The SS, AG, and TG start the VPN service through SR/CN2 SR.

The SIP and IAD can access softswitch terminals through the BAC by revisiting AG and TG.

If the IDA of key accounts are connected through key account leased lines, the IAD must be able to mark voice with different QoSlabels and allocate different VLANs for online users.

Allocate a dedicated VLAN and provide higher priority.

Softswitch terminals can be connected through the public network when the service demand is slight and security can be fully ensured.

IP MAN









Management/Network Security DesignManagement/Network Security Design





User Management Principles

l Service access control points BRAS and SR, together with RADIUS,accomplish user management, including:

[ An account can be used by one user only according to multiple restrictions.

[ Bind attributes such as username, address, VLAN, and PVC.

[ Prevent users from applying for IP addresses maliciously.

[ Prevent users from maliciously originating dialing attack through the PPP scanning mode by restricting the number of dialing times and dial speed by users.

[ Prevent users from acting as illegal agents by restricting the connection times of TCP with sessions.

[ Prevent dummy address attack through functions of the equipment.

User Management Principles User Management Principles




User Authentication and Charging in MAN

l The BRAS, together with the Portal Server, Radius Server and background databases, authenticates dial-up users.

l Two co-existing authentication modes: PPPOE, DHCP+WEB

l The MAN can charge users based on duration or traffic.

l The MAN can implement Internet application charging through the pre-paid mode or by binding user broadband accounts.

l The MAN can charge based on the service network. The service network refers to services except Internet connection, for example, 3G, NGN, and video conferencing.

l The MAN can sign the service level agreement (SLA) with users.

User Authentication and Charging User Authentication and Charging




MAN NMS Building Principles

l In a province, the integrated network management system (NMS) of the IP MAN and broadband access network is built to manage networks above service access points of MANs on a centralized basis. ；

l Manage the VPN of all MANs on a centralized basis.

l All cities and regions have level-2 NMS or separate terminals to maintain and manage devices of MAN in the cities and regions, and separate NMS of MAN is not developed or built for the cities and regions.

NMS Building PrinciplesNMS Building Principles




MAN Security Control Function

l To ensure the security of MAN, the system must be able to scan virus

and prevent virus from spreading.

[The MAN can filter and restrict traffic. It can restrict the uplink or

downlink speeds based on the type of packets at the BRAS,

DSLAM or park switches for incoming and outgoing traffic. It

supports access control strategies based on standard quintuple or

MAC address.

[The MAN can monitor exceptional traffic or exceptional packets.

Security Control FunctionSecurity Control Function




IPv6 Deployment Principles

l The IPv4/IPv6 dual stack transition strategy is adopted. In the MAN, you can start the dual stack function partially and then enable the function in the whole MAN.

l If the equipment of MAN cannot support IPv6 well, add IPv6 layer-3 equipment to implement the IPv6 function of MAN based on servicedemands and implement interconnection through the MPLS or tunnel.

l Use the dual stack mode for access of users. You can use the tunnel mode at the initial stage and then transit to the dual stack mode gradually.

l The newly added devices of IP MAN or access network implement the dual stack function of IPv4/IPv6.

IPv6 Deployment PrinciplesIPv6 Deployment Principles




Internal Causes for Optimization of MAN

l At present, the following problems exist in the MAN:

l Because slots on the BRAS are all inserted and ports cannot be added, mount the BRAS directly.

[The path between DSLAM and BRAS is complicated. Any adjustment has much impact on users.

[There are not enough routers or ports to build the core layer or transit layer.

[There are no dedicated leased line access routers.

l To solve the above problems, much investment and complicated project must be implemented. To achieve the final objective, the IP MAN must be built gradually.

Problems Exist in the MANProblems Exist in the MAN




Optimization of Routing MAN l At present, the routing MAN has its own core egress router. The BRAS is

mounted aside mostly. The transit layer consists of large number of layer-3 switches, and it also serves as the access device of commercial users.

DSLAMEthernet

dedicated line DSLAM


Key account router/CE

Exchange routinginformation through the EBGP

Backbone network border router Routing MAN

Leased lineaccess point

AS65001

ATM/FR/DDN/Ethernet

SS

SS

RR RR

RR RR

SS Layer-2/Layer-3 switch

MAN egress router




Routing MAN after Optimization

Leased line access/PE router

Layer-3 direction

Layer-2 network

DSLAM

Ethernet dedicated line

ATM/FR/DDN/Ethernet

SS SS

SS

China Net

CN2


MAN core/transit router


Key account

router/CE






Optimization of Switched MAN l At present, the switched MAN is often a small and medium MAN. The core egress of the MAN is

the layer-3 switch, which also serves as the transit layer. The BRAS accesses by mounting aside. The transit layer consists of large number of layer-3 switches. The transit layer or access layer switch also serves as the access device of commercial users.

DSLAM DSLAM

Switched MAN

ATM/FR/DDN/Ethernet

SS

SS

RR RR

SSBRAS


Leased line access/PE router




Key account router/CE





Switched MAN after Optimization

Layer-3 direction

New MANCORE ROUTER

DSLAM

ATM/FR/DDN/Ethernet

SS SS

SS

China Net

CN2


Leased line access/PE router Layer-2/Layer-3

switch



Key account

router/CE


Layer-2 network




NE80

NE80

MA5200

GE GE

2.5G POSCore layer

Transit layer

155M POS

NE80

NE80 NE80 NE80 NE80 NE80 NE80NE80

CMNET provincial backbone CMNET provincial backbone

Typical Case: XX Province IP MANl In the province, 10 NE80s are

used to implement the MPLS VPN, egress planning, and line speed network access translation (NAT).

l The MA5200G has strong service management capability. It manages key accounts and the access of WLAN/LAN in detail.

l Support smooth upgrade of new services and IPv6 migration capability. The network is quite extensible and reliable.




Typical Case: XX City MAN l The core layer of the MAN consists of four NE5000Es；

l In the convergence layer, seven NE5000Es are responsible for converging services of large districts.

NE5000E NE5000E

NE5000E NE5000E

NE5000E

NE5000E

NE5000ENE5000E

NE5000E

NE5000E

NE5000E

ChinaNet



www.huawei.com

Thank You


http://www.huawei.com


Odd010009 Ip Man Planning Issue1_1

Documents

Transcript of Odd010009 Ip Man Planning Issue1_1