Metropolitan Ethernet Design Fundamentals - 2004 PDF

METROPOLITAN ETHERNET
DESIGN FUNDAMENTALS
SESSION OPT-1042
OPT-1042
9816_05_2004_c1 © 2004 Cisco Systems, Inc. All rights reserved. 1
Agenda
Metro Ethernet: Services Drive Transport
Enterprise Drivers
Metro Ethernet Services
Architecture and Design Considerations
SP and Enterprise—QoS Model
SP and Enterprise—CPE Considerations
OPT-1042
© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Presentation_ID.scr
Enterprise Focus ENTERPRISE
DRIVERS
Protect, Optimize and Grow Business
OPTIMIZE INCREASING
COSTS PRODUCTIVITY
• Lowering Total Cost of Ownership • Saving employees time
(TCO) directly impacts profitability • Improve responsiveness
• Doing something at a lower cost • Doing more with less
through technology investment
and new business model • Improving business processes
ADDRESSING GROW
UNCERTAINTIES REVENUE
• Being prepared for • Deliver better customer value
the unpredictable • Pursue new growth opportunities
• What happens if there is a • Build competitive advantage
disaster at the headquarters site?
• Compliance with new regulation
OPT-1042
Business Driven Initiatives ENTERPRISE

The Network Is the Key Enabler DRIVERS
LOWERING INCREASING
COSTS PRODUCTIVITY
• Server consolidation • Multimedia office applications
• Storage area networking • Distributed applications
• Data/voice convergence • Web-based applications
• Virtualization • Application integration
• New IT model: On-demand/
outsourced
ADDRESSING IMPROVING
UNCERTAINTIES CUSTOMER VALUE
• Distributed data centers • Customer relationship
• Business continuity management
• Disaster recovery • Data warehousing
• Remote storage • Customer portals
• Secure networks
OPT-1042

Presentation_ID.scr
Applications Driving Ethernet
Internet Access 84 13
LAN-to-LAN 75 18
Currently
VPN 53 36 Use
Extranet 49 33
Will Deploy
Business in <24
Continuity
46 39 Months
Videoconferncing 33 47
VoIP 31 49
0 20 40 60 80 100
Source: The Yankee Group, 2003

OPT-1042
Enterprise Requirements and CISCO

VALUE
Expectations from Service Providers
Service Level Agreement (SLA) Characteristics

Multicast
• Networks today
Classes Service
Security Management not suited for any-
of Service Uptime to-any voice/video/
collaboration type
• Analogous to • High availability • Secure private • Minimal of traffic
WAN classes of networks (VPNs) management
service (4
• Resiliency/
overhead for Protocols
redundancy • Protection
levels or more,
against hackers
provisioning Handling
shaping and • Customers would from end-user • Large routing
rate limiting) pay a premium for • Mechanisms to perspective domain between
dual redundancy prevent DOS • Bandwidth SP and
• LAN extension,
adjustment enterprises
priority and • Firewall/IDS • Self-provisioning • Transport of
non-priority,
• Authentication/ may become a enterprise L2
CIR and PIR
login tie breaker PDUs across SP
network
• Cost Effective
• Investment Protection
• Interworking
OPT-1042

Presentation_ID.scr
Comprehensive Platform Capabilities to CISCO
VALUE
Address Enterprise Requirements
The Challenges of Metro Ethernet
Network Security Classes of Manageability

Uptime Service
• High • Access control • Multiple CoS • Centralized
availability • Authentication/ • Policing • Single login
• Resiliency login • Traffic • Analysis/
• Redundancy • Encryption classification planning tools
• MTTR • Client security • Congestion • OSS
• Firewall/IDS avoidance
• Scheduling
OPT-1042
Agenda
Enterprise Drivers
OPT-1042

Presentation_ID.scr
Summary of Ethernet-Based Services
Ethernet-Based Services
Layer 1 Layer 2 Layer 3
Point-to-Point Multipoint
Ethernet
Ethernet Ethernet Ethernet Ethernet Ethernet
Relay MPLS
Private Relay Wire Private Multipoint
Multipoint VPN
Line Service Service Ring Service
Service
Virtual Transparent LAN

Private LAN Service
Similar to a Leased Line over a Packet Network
Analogous to Frame Relay using VLANs for Multiplexing
Analogous to Private Line over SONET/SDH/xWDM Network
OPT-1042
Metro Ethernet Connectivity SERVICE

Ethernet Wire Service DESCRIPTION
• Features
Internet
Point-to-point connectivity ISP PoP IP VPN
SP PoP
Carrier network transparency
Tiered service offering based
on bandwidth, CoS, distance
L2 transparency
SLA capability based on Metro Ethernet
classes of service Service Provider
Network
Bandwidth granularity Enterprise A Enterprise C
Branch
• Sample SP service offering Office
Ethernet local loop Enterprise B
Ethernet access to providers
Enterprise C
Dedicated Internet access (HQ)
OPT-1042

Presentation_ID.scr
Switched Ethernet (Relay) Service DESCRIPTION
Metro HQ
• Features
Point-to-multipoint—
Hub and spoke
Uses SP assigned VLAN ID
Multiple EVCs
Service multiplexing at UNI
Scalability for large sites
Service tiering based on
Metro Ethernet
bandwidth, CoS, distance Service Provider
No L2 BPDU transparency Network Metro
SLA—CIR/PIR/Burst, loss Branch 3
FR/ATM Interworking
• Sample SP service offering
Metro Metro
Remote branch connectivity
Branch 1 Branch 2
Internet access
Internet/Intranet/Extranet CPE-Router
OPT-1042

L2 Access to MPLS VPN DESCRIPTION
Metro HQ
• Features
ERS UNI that maps to MPLS VPN on
PE
L3 Multipoint service that maps Multiple EVCs
VLANs to VRFs at UNI SP POP
Service multiplexed UNI (e.g. 802.1Q
trunk)
Blue VRF
Opaque to customer PDUs (e.g. Orange
VRF
BPDUs)
ISP
• Sample Applications
Remote branch connectivity
Metro Metro
Internet access
Branch 1 Branch 2
Internet/Intranet/Extranet
CPE-Router
OPT-1042

Presentation_ID.scr
Ethernet Multipoint Service DESCRIPTION
• Features
Data Back-Up
MP Any-to-any LAN
Site
10/100/1000Mbps Ethernet
customer interface
Rate limiting possible
L2 transparency
Service Tiering based on Service Provider
bandwidth, CoS, distance Network
Metro
SLA—CIR/PIR/Burst, loss
SP VLAN Branch—2
Corporate/campus
LAN extension
Metro
Cost effective large bandwidth HQ Branch—1
LAN Extension over WAN
Simplicity/transparency
CPE-Router/Bridge
OPT-1042

Ethernet Private Line/Ring Service DESCRIPTION
Secondary Data Center

• Features HQ
Point-to-Point or Multipoint
Uses Sonet/SDH or RPR
transport
Dedicated bandwidth
High availability-protected
Scalability
Simple SLA—Uptime Service Provider Network
SONET/SDH/RPR
Mission critical
Metro
Typically Intra-Metro
Branch—2
Internet access
Data centers
Business continuity Primary Data Center Metro
HQ/campus ring Branch—1
Network consolidation CPE-Router/Bridge
OPT-1042

Presentation_ID.scr
Agenda
Enterprise Drivers
OPT-1042
Metro Ethernet Network Architecture
• Characteristics of each architecture-element/layer

technology agnostic
Consistent Ethernet services
• Different technological solutions can co-exist

within one network
Ethernet is usually the access/UNI, not necessarily the
entire network
• Elements of different technological solutions can

be combined—building block approach
• Transport protocols and topologies are
deployment options
OPT-1042

Presentation_ID.scr
Metro Ethernet Architecture and
Terminology
Integrated System
Full Service Efficient Large Scale Intelligent Multiservice Intelligent Efficient Full Service
Customer Access Edge Edge Access Customer
Equipment
Aggregation Core
Equipment
Si
User Facing Provider Edge (U-PE) Metro C

Metro A U-PE
PE-AGG
Hub and 10/100/
10/100/ GE Ring Spoke
Si
1000 Mbps
1000 Mbps P U-PE
P
N-PE
MPLS/IP/TDM
Metro B 10/100/
N-PE 1000 Mbps
P P
DWDM/ RPR
CDWM
N-PE
U-PE 10/100/
Network Facing Provider Edge (N-PE) U-PE 1000 Mbps

Metro D
OPT-1042
Core Device (P)

P Frame Forwarding, Congestion Management
Emulated
VC Emulated VC Endpoint (N-PE)* Specific for
(Pseudowire) MPLS/L2TPv3 Pseudowire Encapsulation, L2 Interworking, Ethernet:
IP Service Integration, Congestion Management, L3VPN
N-PE VPLS
Interconnection (for PEs Supporting that function) Bridging
Extension Aggregation Device (PE-AGG)

VC
PE-
PE-AGG Traffic Aggregation and Congestion Management
(Note: S-P and Extension VC’s Are Formally Identified in Switched Ethernet
Access Domains, although the Functions Exist in FR and ATM Networks as Well)
U-PE Attachment VC UNI Endpoint (U-PE)* Specific for

Admission Control, Policy Enforcement, Classification, Ethernet:
Attachment
VC Policing and Marking, Congestion Management, SLA
Monitoring and Reporting, VC Mapping to L1 Channel, Bridging
CE VC-ID Translation
*draft-ietf-l2vpn-l2-framework-04.txt These Different Roles Can Be Collapsed within a Single Box

OPT-1042

Presentation_ID.scr
Access Layer
User-Facing Provider Edge: U-PE
• Service and admission control policies of the P

network
Security—802.1x authentication, port based security
• Traffic multiplexing and congestion management N-PE
QoS—classification, policing, marking and queuing, 802.1p
bit mapping
• Copper and optical interfaces PE-
PE-AGG
• Service definition layer
EMS, ERMS and EWS—L2PT, Tag Stacking (Q-in-Q)
L3VPN—VRF-lite, VLAN tagging
U-PE
Mapping function: “VPN Mapping” to a VLAN to
SONET/SDH circuit, VLAN to EoMPLS tunnel,
VRF lite to MPLS VPN CE
OPT-1042
Aggregation Layer
Aggregation Device: PE-AGG
• Efficient aggregation of traffic to higher P

speed connections
• Traffic multiplexing and congestion
management N-PE
• Local switching for Ethernet services
• Sparse topologies may not require an PE-
PE-AGG
aggregation layer
U-PE
CE
OPT-1042

Presentation_ID.scr
Service Application Layer
Network-Facing Provider Edge: N-PE
• High density optical interfaces P

• High-speed switching
• Sophisticated traffic and congestion
management N-PE
• MPLS and IP service gateway

VPLS and VPWS service definition layer
PE-
PE-AGG
L2VPN service inter-working gateway
L3VPN service layer
• High-touch Layer 3 service application device U-PE
Content services, firewall, intrusion detection, etc.
CE
OPT-1042
Core Layer
Core Node: P
• High-speed packet forwarding P

• Sophisticated traffic management
• Highly available
N-PE
• High-speed optical interfaces
OC-48/STM-16, OC-192/STM-64
GE, 10GE PE-
PE-AGG
• Convergence of packet-processing and

optical (circuit-based) technology and
U-PE
(dependent on installed base) ATM, etc.
CE
OPT-1042

Presentation_ID.scr
Connectivity Options: Behind the Clouds
• Relationship between layers/functional

P elements and components defines protocols,
topologies and their deployment
Scalability
N-PE Topology—ring vs. hub and spoke
Protocols
Cost—fiber consumption, interface costs
PE-
PE-AGG
Availability
STP convergence vs. SONET/SDH/RPR
U-PE Dual-homing/redundancy
SLAs
Fair and secure access, consistent SLA—e2e QoS
CE
Service ubiquity—access over any
technology/protocol
OPT-1042
Metro Access Network May Be Deployed

with Different Technologies…
Ethernet Using Spanning Tree
(Migrate Rings with (Inexpensive Interfaces,
New Low Cost Direct Connections) “Enterprise” Protocols)
Local
Traffic
Local
Traffic
Metro
Core Metro
Core
DWDM/CWDM DPT/RPR
(Point-to-Point Behavior without New Fiber) (Spatial Reuse for Local Traffic) Local
Local
Traffic Traffic
OPT-1042

Presentation_ID.scr
Metro Access Networks: Transport Options
Switched Gigabit Ethernet Switched Gigabit Ethernet
Hub and Spoke Ring
• Lower cost solution • Lower cost solution
• Perceived simplicity of Ethernet • Flexible bandwidth
switching • Easy to deploy over dark fiber
• Can be built on a fiber ring • Sub-second convergence
infrastructure with CWDM • The node position within the ring
• Consistent delay/jitter characteristics influences delay/jitter, convergence time
• Foundation for Ethernet/IP L2/3 VPN • Foundation for Ethernet/IP L2/3 VPN
DWDM/CWDM DPT/RPR
• Scales fiber capacity • Shared packet ring scales bandwidth up
8Gbps, 320Gbps, 800Gbps to 5 Gbps today
• Convergence dictated by xWDM • SONET/SDH framing provides insertion
solution point for many providers
• Cost effective • Large number of nodes per ring
• Easy to deploy • 50 ms convergence
• Foundation for all services—enables • Foundation for Ethernet/IP L2/3VPN
storage, etc. as well
OPT-1042
Case Study: ILEC/PTT in Region
A Design Alternative for Markets SP CoS Marking and Traffic

with Dark Fiber Availability Concentration Occurs at CO/POP
• Enough dark fiber to each customer Location
To MLPS
Backbone
CO/POP Core
Distribution
Wire Center
Customer
Premise
Customer Fx—Tx
Premise
CE Tx—Fx
Customer Premise
Dedicated Fiber
for Every CE
Connection
OPT-1042

Presentation_ID.scr
Case Study: ILEC/PTT Out of Region/IXC
Hub and Spoke A Good Design for High Density Areas with:
from Dark Fiber • Large multi-tenant buildings, and
• Dark fiber available only to the buildings
CO/POP Core
Distribution
Wire Center
To MLPS
CE Edge Backbone
Customer Premise
CE Edge
Customer Premise CE Edge
Customer Premise
SP CoS Marking and Traffic Concentration

Occurs at Customer Location
OPT-1042
Case Study: ILEC/PTT in Region
A Good Design for Buildings: SP CoS Marking

• Without dark fiber, or with low bandwidth requirements Occurs within 4K
at POP
• Without multiple customers (no need for local U-PE) To MLPS
Backbone
POP N-PE
T “U-PE”
Wire Center SONE
Dedicated 15454 4000 7600

and 4000 Ports G
for Every CE 15454
Multiple L2/L3
G Boxes Needed in
CE 15454 POP (4K Also
Customer Premise Deployable at
Dedicated Customer Premises)
Channelized
Bandwidth for
Every CE
Connection
Access SONET
OPT-1042

Presentation_ID.scr
SERVICE ENABLERS
OPT-1042
Service Traffic Patterns

Intra-EAD Services Inter-EAD Services
• Defined as services that are • Defined as services that traverse
contained within a L2 Ethernet multiple L2 Ethernet Access Domains
Access Domain (EAD) (EAD) over an IP/MPLS core
L2
Core
(IP/MPLS)
L2
Intra-EAD Services
Inter-EAD Services
OPT-1042

Presentation_ID.scr
802.1Q Tunnelling (aka Q-in-Q)
Integrated System
Full Service Efficient Large Scale Intelligent Multiservice Intelligent Efficient Full Service
Customer
CE Access Edge Edge Access Customer
CE
Equipment
Aggregation Core
Equipment
Si
U-PE PE-AGG N-PE P N-PE U-PE

Len/ Len/
DMAC SMAC .1Q Data FCS DMAC SMAC .1Q Data FCS
6 bytes 6 bytes
4 Type 0–1500 bytes
4
6 bytes 6 bytes
4 Type 0–1500 bytes
4
bytes 2 bytes bytes bytes 2 bytes bytes
CE CE
802.1P
802.1P
Etype Etype
VLAN_ID VLAN_ID
0x8100 0x8100
100 100
2 bytes 3 bits 12 bits 2 bytes 3 bits 12 bits
Len/
DMAC SMAC .1Q .1Q Data FCS
4
6 bytes 6 bytes
4 4 Type 0–1500 bytes
4
bytes bytes 2 bytes bytes
SP CE
802.1P
802.1P
Etype Etype
VLAN_ID VLAN_ID
0x8100 0x8100
200 100
2 bytes 3 bits 12 bits 2 bytes 3 bits 12 bits
• SP doesn’t coordinate CE VLANs (CE VLANs transparency)

• CE VLANs can overlap 802.1Q Tunneling
802.1Q Trunk
• Increased VLAN space (4k VLANs x 4k VLANs)
OPT-1042
1:1 VLAN Translation

Integrated System
Full Service Efficient Large Scale Intelligent Multiservice Intelligent Efficient
Customer
CE Access Edge Edge Access CE
Equipment
Aggregation Core
Si
VLAN 12 VLAN 152 VLAN 12
.1Q .1Q .1Q

DMAC SMAC TAG Data DMAC SMAC TAG Data DMAC SMAC TAG Data
• CE VLAN preservation for ERS Services

• SP does not enforce VLAN IDs for ERS Services
• VLANs from different CEs may overlap, SP will translate them
into different and unique SP VLAN IDs
802.1Q Trunk
OPT-1042

Presentation_ID.scr
2:1 VLAN Translation
(Double VLAN Translation)
Integrated System
Customer
Equipment
Aggregation Core
Si
VLAN 11 VLAN 15 + VLAN 11 VLAN 111 VLAN 15 + VLAN 11 VLAN 11
.1Q .1Q .1Q .1Q .1Q

DMAC SMAC TAG TAG Data DMAC SMAC TAG Data DMAC SMAC TAG TAG Data
VLAN 15 VLAN 11 VLAN 111 VLAN 15 VLAN 11
• Adds flexibility to ME Services based on Q-in-Q

• Allows to multiple different services on the same SP Q-in-Q
interface
802.1Q Tunneling
802.1Q Trunk
OPT-1042
2:1 VLAN Translation: Application Example

Outer/Inner 802.1Q Translated
CE3 Combo VLAN ID
< 25, 400> 100
VLAN 4000 < 25, 4000> 200
Q Internet
VLAN 100
VLANs 400, 4000 25 I N-PE
25
Q 25 SP VLAN 200
Network IP-VPN
CE1 Q
• L3 VPN VLAN 4000
Terminates both VLANs tags

based on outer/inner 802.1Q
tags combo
CE2 MP2MP Q-in-Q-tunnel
• The CEs see an EMS
I 2:1 VLAN Translation Point
service while the N-PE
sees an ERS service Q 802.1Q Tunneling UNI
OPT-1042

Presentation_ID.scr
EoMPLS
• Layer 2 tunneling technology to forward Ethernet

frames across an MPLS network
• Allows connectivity between remote sites without
the extension of spanning tree domains in service
provider network
• EoMPLS Connections appear to be a point-to-point
link between customer locations
• Simple to provision, no IP routing is needed
between CE and PE
• Uses a pseudowire concept for connectivity
between PE’s over a MPLS network
OPT-1042
Deploying EoMPLS
How Is it Possible to Offer
Point-to-Point Inter-EAD
Ethernet Services over an EoMPLS Frame-Relay (H&S)
IP/MPLS Core?
L2
B
IP/MPLS
L2
A
LOGICAL
ERS and EWS Can Be
Deployed within the L2
Domain Using Local
Switching
L2 Point-to-Point Services
OPT-1042

Presentation_ID.scr
VPLS
• Architecture
It is an end-to-end architecture that allows IP/MPLS networks to
provide Layer 2 multipoint Ethernet services while using LDP as
signaling protocol
• Bridge emulation
Emulates an Ethernet bridge
• Bridge functions
Operation is the same as for an Ethernet bridge, ie forwards using the
destination MAC address, learns source addresses and floods broad-
/multicast and unknown frames
• Several drafts in existence

draft-ietf-l2vpn-vpls-ldp-01.txt
draft-ietf-l2vpn-vpls-bgp-01-txt
OPT-1042
Deploying VPLS
How Is it Possible to Offer
Multi-Point Inter-EAD Ethernet
Services over an IP/MPLS VPLS!!
Core?
D C
L2
L2
IP/MPLS
B
L2
A L2
LOGICAL
D C L2 Multipoint Services
A B
OPT-1042

Presentation_ID.scr
SECURITY
OPT-1042
Metro Ethernet Trust Model

Premises
Ensure the Configuration Can’t
Be Accessed and Modified
POP
Protect Against
DOS Attacks or
Limited
Premises Resource POP
Switch Contention Switch
(U-PE) (N-PE/PE-AGG)
PE
VLAN 1 VLAN 1 VCs

10/100/1000 VLAN 2 VLAN 2
VLAN 3 VLAN 3
10/100/1000 VLAN 4
VLAN 4
10/100/1000 CE VLAN 1
CE VLAN 2 (QinQ) VLAN 5
Gigabit Ethernet Transport
VLAN 5
Untrusted Mostly Trusted Trusted

Customer Network Protection
Protection
Authenticate Customer UNI Protect from Compromised U-PE

OPT-1042

Presentation_ID.scr
Attacks and Defensive Features/Actions
Attack Defensive Features/Actions
MAC Attacks
Port Security, Per VLAN MAC Limiting
(CAM Table Overflow)
ARP Attacks (ARP Spoofing, Misuse of Private VLANs, Wire-Speed ACLs, Dynamic ARP
Gracious ARP) Inspection
Careful Configuration (Disable Auto-trunking, Used
VLAN Hopping, DTP Attacks Dedicated VLAN-ID for Trunk Ports, Set User Ports to
Non-trunking, Avoid VLAN 1, Disable Unused Ports,…)
Spanning Tree Attacks BPDU Guard, Root Guard, MD5 VTP Authentication
DHCP Snooping (Differentiate Trusted and

DHCP Rogue Server Attack
Untrusted Ports)
Secure Variants of Management Access Protocols—Not
Hijack Management Access
Telnet etc., but SSH,… and out of Band Management)
Pro-Active Defence Deploy MAC Level Port Security, Wire-Speed ACLs, 802.1x
OPT-1042
Ethernet Security:
SP Recommendations
Disable Password Recovery
BPDU Filter (for Egress SP BPDU) VTP Mode Transparent
MAC ACLs (for Ingress CE BPDU)
Access VTP Mode Transparent
Enable ROOT Guard
Customer—SP Per VLAN MAC Limiting
Boundary
CPE X SP BPDU Core
CE BPDU X SP
NV 66
IP/MPLS/
Untagged NV 5 NV 66 802.1Q
VLAN 10 X VLAN 5
Network
VLAN 20 VLAN 20
VLAN 30 VLAN 30
VLAN 40 VLAN 40
802.1Q 802.1Q
Enable Port Security Trunk UNI Trunk
Enable 802.1X LOOP Guard
Disable CDP Prune All Unused VLANs from
Remove VLAN 1 and Reserved VLANs from UNIs Allowed List
Set DTP to “Non-Negotiate” Remove VLAN 1 and Reserved
Prune All Unused VLANs from Allowed List VLANs from Trunks
UNI VLANs Must Not Be Used as Native VLAN Reserve a VLAN ID for the
on SP Trunks Native VLAN on the SP Trunks
OPT-1042

Presentation_ID.scr
QUALITY OF SERVICE
OPT-1042
Overview of QoS Functions
1 Po
ng n
2
k i io
li c
ar at
in
M ic
g
d s if
an l as
C
C
QoS
Av on
oi ges ng
da ti ui
nc on ue
e Q 3
4
OPT-1042

Presentation_ID.scr
QoS Functions:
What QoS Functions Happen at Each Area within the Network ?
Customer Access Aggregation Edge Core Edge Access Customer

Equipment Equipment
1 3 3 3 3
2 2 2 2
Scheduling, Bandwidth
Management and
Classification, Marking Classification and
and Policing Queuing
Congestion Avoidance
Steps 1 2 3
Policer Drop Scheduler Drop
OPT-1042
What SLAs Can I Expect?
• One SLA per port: Best effort, CIR, or Voice on a port basis
U-PE
EWS Service Class
CE VLAN 100
Best Effort 802.1p Cos=0
CE VLAN 101 PE
CE VLAN 102 VLAN 802.1Q
CE VLAN 103 Tunnel
CE VLAN 100
Business 802.1p Cos=2
CE VLAN 101 PE
CE VLAN 103 Tunnel
EMS Service Class

CE VLAN 100
Best Effort 802.1p Cos=0
CE VLAN 101 PE
CE VLAN 103 Tunnel
OPT-1042

Presentation_ID.scr
What SLAs Can I Expect?
• Multiple SLAs per port: Best effort, CIR/PIR or voice on a VLAN basis
• Multiple SLAs per VLAN: Best effort, CIR/PIR or voice on a class basis
(classified based on L2 COS, IP ToS, outer/inner VLAN)
U-PE
ERS Service Class
Best Effort VLAN 200 802.1p Cos=0
Business Critical VLAN 201 802.1p Cos=2
Voice VLAN 202 802.1p Cos=5
Data All Other DSCP Best 802.1p Cos=0
Voice Control DSCP 24/26 Effort VLAN 802.1p Cos=3
+ 203
Voice DSCP 46 Voice ERS UNI 802.1p Cos=5
802.1Q
Data All Other DSCP Business Trunk 802.1p Cos=0
Voice Control DSCP 24/26 Critical VLAN 802.1p Cos=3
+ 204
Voice DSCP 46 Voice 802.1p Cos=5
ERMS Service Class ERMS

VLAN 200 Best Effort 802.1Q 802.1p Cos=0
Trunk
OPT-1042
End to End Classification/Marking Model:

How Is Traffic Classified and Marked Between Domains?
Integrated System
Customer
Equipment
Aggregation Core
Si
U-PE
U-PE PE-AGG
PE-AGG N-PE
N-PE PP N-PE
N-PE U-PE
U-PE
DiffServ Code DiffServ Code

802.1p MPLS EXP 802.1p
Point (DSCP) Point (DSCP)
802.1p MPLS
Classes of Service
COS EXP
Best Effort 0 0
Business Critical
CIR 2 2
PIR 1 1
Real Time
AVVID Voice Transport 5 5
AVVID Call Control 3 3
OPT-1042 Interactive Video 4 4

Presentation_ID.scr
Per Hop Queuing:
CoS MPLS Value Mapping
SP Network SNMP
SP Network
Alarms VoIP
Critical
UNI UNI
Best
802.1p MPLS
Queue
COS EXP WRR Effort
Best Effort 0 0 5
Priority
PIR (planned) 1 1 Queue (PQ)
0
Business Critical Best
(CIR)
2 2 Effort 10%
1
AVVID Call Control 3 3 CIR 80%
Interactive Video 4 4 2 and PIR
AVVID Voice Signaling 4%
5 5 7 and Mgt.
Transport
Unused 6 6 Voice 5%
3 Signaling
SP Network Mgt 7 7
• Queuing behavior APPEARS consistent across EVERY hop

• CIR and PIR in same queue ensures no packet re-ordering
• Best effort doesn’t always have to be discarded in favor of CIR
• Traffic engineering based on offered load determines proper queue
allocations; this will require experience to tune properly
OPT-1042
802.1Q Tunneling Enhancement

(CoS Mutation)
Integrated System
Customer
Equipment
Aggregation Core
Si

CoS 5 CoS 5 CoS 5
.1Q .1Q .1Q .1Q
DMAC SMAC TAG Data DMAC SMAC TAG TAG Data DMAC SMAC TAG Data
VLAN 100 VLAN 152 VLAN 100 VLAN 100
CoS 5 CoS 5 CoS 5 CoS 5
CoS Mutation Table

0 0
• QoS marking preserved also 1 1
on Q-in-Q interfaces 2 2
3 3
• Multiple Classes of Service 4 4
bundles on the same 5 5 802.1Q Tunneling
Q-in-Q interface 6 6 802.1Q Trunk
OPT-1042 7 7

Presentation_ID.scr
NETWORK AVAILABILITY
OPT-1042
Network Availability
n
D d
ig
R
k i ze
es
es
w tim
ili
en
et p
or
N O
cy
Network
Availability
da ols
H dun
y
R
ar d
nc
e
un oc
dw a
ed t
R Pro
ar ncy
e
OPT-1042

Presentation_ID.scr
Network Availability
Multiple CE
Connections SP Network
to a PE
Access
Ethernet Rings
Access Pseudowires
Domain
Ethernet
Access
Ethernet Domain EtherChannel
Access UNI
Domain
Multiple Tiers
of Aggregation
Dual Homing
of CE
OPT-1042
Unidirectional Link Detection (UDLD)

Access Aggregation Edge Core
MPLS
• Cisco proprietary protocol

• Detects uni-directional links due to GBIC failures or fiber
strands misplaced (tx and rx swapped)
Port in Forwarding State

Port in Blocking State
OPT-1042

Presentation_ID.scr
GBIC
F Rx Failure
STP
Loop MPLS
• Link might become uni-directional
Without UDLD:
• Spanning tree loops might occur
• It takes time to detect a change in the forwarding topology

OPT-1042

Err-disable
GBIC Failure
MPLS
• Link might become uni-directional
With UDLD:
• The affected interfaces are error-disabled
• Spanning tree detects immediately the change in the forwarding topology

OPT-1042

Presentation_ID.scr
Err-disable
GBIC Failure
MPLS
Recommendations:
• UDLD in “aggressive” mode
• UDLD enabled on all non-UNI physical interfaces

OPT-1042
Spanning Tree PortFast

30 Seconds
BLK > LSTN > LRN > FWD
PortFast Disabled
MPLS
PortFast Enabled
BLK > FWD
• After the link comes up, the port moves into forwarding state
by-passing the intermediate STP states
• To be enabled on the edge ports (UNI)

OPT-1042

Presentation_ID.scr
EtherChannel
MPLS
• PAgP (Cisco proprietary) or IEEE 802.3ad

• To provide link redundancy
• To increase the aggregate bandwidth
• To load-balance the traffic based on sMAC/dMAC

OPT-1042
EtherChannel
F F
MPLS
B F
Without EtherChannel:
• Link redundancy is offered by spanning tree protocol, which blocks one link

OPT-1042

Presentation_ID.scr
EtherChannel
F
Link Failure
< 1 sec MPLS
B F
• When one physical link fails, spanning tree identifies the alternate
forwarding path

OPT-1042
EtherChannel
F
Link Failure
MPLS
F
With EtherChannel:
• When one physical link fails, the logical port “stays up”
(single port EtherChannel)

OPT-1042

Presentation_ID.scr
EtherChannel
< 200 msec MPLS

F
With EtherChannel:
• Traffic is switched across the active link within < 200 msec, without spanning
tree protocol intervention

OPT-1042
EtherChannel
acity 1 Gb
Cap Cap
1 Gb F F acit
y
A B
1 Gb Capacity MPLS
B F 50% Loss
• To increase the aggregate bandwidth towards “C” endpoint
• Since one redundant link is blocked by spanning tree, the link can only
accommodate 1 Gigabit of traffic Æ traffic loss

OPT-1042

Presentation_ID.scr
EtherChannel
acity 1 Gb
Cap Cap
1 Gb F acit
y
A B
2 Gb Capacity MPLS
F
0% Loss
• To increase the aggregate bandwidth towards “C” endpoint
With EtherChannel:
• By bundling 2 physical interfaces, the logical link can accommodate up to 2
Gigabits of traffic Æ no data loss

OPT-1042
EtherChannel
F F
MPLS
B F
• All the traffic will traverse a single link, since the redundant path is blocked
by spanning tree

OPT-1042

Presentation_ID.scr
EtherChannel
dMAC sMAC dMAC sMAC MPLS
With EtherChannel:
• Traffic is load-balanced across the links in the EtherChannel, accordingly to
the criteria configured (sMAC or dMAC)

OPT-1042
IEEE 802.1w/1s: Recommendation #1

Primary STP Root
MPLS
Secondary STP Root
• Configure primary and secondary root to provide root

redundancy and load-balancing across multiple path
• One switch will be the primary root for one set of instances

OPT-1042

Presentation_ID.scr
IEEE 802.1w/1s: Recommendation #1 (Cont.)
Secondary STP Root
MPLS
Primary STP Root
• Configure primary and secondary root to provide root

redundancy and load-balancing across multiple path
• One switch will be the primary root for one set of instances
and the other switch will be the primary root for the other set
of instances
OPT-1042

MPLS
• Same MST configuration in terms of VLANs-instance

mapping, revision numbers, name on all the devices part of
the same L2 domain:
Name [Networkers-Config]
Revision 1
Instance Vlans mapped
-------- -----------------------------------
0 1-99,167-199,267-1499,1566-4094
1 100-166
2 200-266
15 1500-1565
OPT-1042

Presentation_ID.scr
Cost
MPLS
Po1 10000
Cost
3/1 15000
• Make sure that the port cost of the preferred path is lower
than the port cost of alternate ports, also in case of a single
port EtherChannel configuration

OPT-1042

Link Failure
Cost
MPLS
Po1 20000
Cost
3/1 15000
Scenario #1
• Physical link in a 2 ports channel fails
• Port cost of the channel is re-calculated

OPT-1042

Presentation_ID.scr
Cost
MPLS
Po1 20000
F B
Cost
3/1 15000
B F
Scenario #1
• Port cost of the channel is re-calculated
• Port 3/1 has a lower port cost Æ spanning tree re-converges

OPT-1042

Link Failure
Cost
MPLS
Po1 20000
Cost
3/1 30000
Scenario #2
• Port cost of the channel is recalculated

OPT-1042

Presentation_ID.scr
Cost
MPLS
Po1 20000
F
Cost
3/1 30000
B
Scenario #2
• Port cost of the channel is recalculated
• Port 3/1 has a higher port cost Æ spanning tree does not reconverge

OPT-1042
Spanning Tree Loop Guard

Primary STP Root
RP
Us
BPD
MPLS
BP
BPD Secondary STP Root

Us
• BPDUs sent by the root are not received by the access switch
(unidirectional link)
Or
• CPU overloaded on the root switch Æ BPDUs are not sent at the
proper rate (BPDUs are skewed)

OPT-1042

Presentation_ID.scr
Primary STP Root
RP DP
Us
BPD
MPLS
BP DP
BPD Secondary STP Root

Us
Without Spanning Tree Loop Guard:

• The access does NOT receive BPDUs, its ports will become
designated transitioning into FWD when the previous root
information is aged out

OPT-1042

Primary STP Root
STP MPLS
Loop
Secondary STP Root
Without Spanning Tree Loop Guard:

• The access does NOT receive BPDUs, its ports will become
designated transitioning into FWD when the previous root
information is aged out
STP Loop
OPT-1042

Presentation_ID.scr
STP Root
Loop-Guard
Inconsistent
MPLS
With Spanning Tree Loop Guard:

• The access does NOT receive BPDUs, its ports will transition into loop-
inconsistence (i.e. BLK) when the previous root information is aged out
To Be Enabled on the Non-Root Switch

OPT-1042
Route Processor Redundancy +(RPR+)/

Fast Software Upgrade (FSU)
• Provides supervisor redundancy

• Line cards are not reloaded nor re-initialized during
the supervisor switchover
• Dynamic protocols are re-started after the
switchover
• The Cisco IOS® image is downloaded on the
standby supervisor
OPT-1042

Presentation_ID.scr
Stateful Switchover (SSO)/
Non-Stop Forwarding (NSF)
• SSO
Active and standby supervisor have the configuration
synchronized
Protocol processes are created on both active and standby
supervisors
When the primary supervisor fails, the redundant
supervisor become active maintaining the switching
information previously learnt and without restarting the L2
protocols (CDP, DTP, STP, 802.1Q, Port Security, … )
• NSF
Routing protocols such as EIGRP/OSPF/BGP and IS-IS
are not restarted nor re-initialized after a primary
supervisor failure
OPT-1042
Network Resiliency Model: Summary

802.1w/1s
802.1w/1s
RPR+/FSU
Access SSO/NSF
Customer—SP
Boundary
CPE Core
SP
VLAN 5
IP/MPLS
VLAN 20
Network
VLAN 30
VLAN 40
802.1Q 802.1Q
Trunk UNI Trunk
UDLD
UDLD LOOP Guard
Spanning Tree PortFast PAgP/802.3ad
OPT-1042

Presentation_ID.scr
Agenda
Enterprise Drivers
OPT-1042
Why Is Queuing Needed in the Campus?

Oversubscription: Uplink Congestion
Instantaneous
Interface
Core Congestion
Si Si
Typical 4:1
Data Over-
Over-
subscription
Distribution
Si Si
Typical 20:1
Data Over-
Over-
subscription Access
= Data
= Voice
OPT-1042

Presentation_ID.scr
Classification Tools:
IPv4 IP Precedence and DiffServ Code Points
Version ToS
Length Byte Len ID Offset TTL Proto FCS IP SA IP DA Data
IPv4 Packet
7 6 5 4 3 2 1 0
IP Precedence Unused Standard IPv4
DiffServ Code Point (DSCP) Flow Ctrl DiffServ Extensions
• IPv4: Three most significant bits of ToS byte are called IP

Precedence (IPP)—other bits unused
• DiffServ: Six most significant bits of ToS byte are called
DiffServ Code Point (DSCP)—remaining two bits used for
flow control
• DSCP is backward-compatible with IP precedence
OPT-1042
QoS Design: Provisioning for

Voice, Video and Data
Voice
• 17-106 kbps guaranteed priority
bandwidth per call
• 150 bps (+ layer 2 overhead)
Smooth, Drop Sensitive Delay guaranteed bandwidth for voice-
Sensitive, UDP Priority control traffic per call
Video • Minimum priority bandwidth

guarantee required is:
Video-Stream + 20%
Bursty, Greedy, Drop Sensitive, e.g. a 384 kbps stream would require
460 kbps of priority bandwidth
Delay Sensitive, UDP Priority
Data
• Latency ≤ 150 ms One-Way
Requirements
• Jitter ≤ 30 ms
Smooth/Bursty, Benign/Greedy, Drop for Voice and
Insensitive, Delay Insensitive, • Loss ≤ 1% Video
TCP Retransmits
OPT-1042

Presentation_ID.scr
QoS Design: Classification and Marking
Marking Recommendations to the Enterprises
L3 Classification
Application
IPP PHB DSCP CoS
Routing 6 CS6 48 6
Voice 5 EF 46 5
Video Conferencing 4 AF41 34 4
Streaming Video 4 CS4 32 4
Mission-Critical Data 3 - 25 3
Call Signalling 3 AF31 Î CS3 26 Î 24 3
Transactional Data 2 AF21 18 2
Network Management 2 CS2 16 2
Bulk Data 1 AF11 10 1
Scavenger 1 CS1 8 1
Best Effort 0 0 0 0
OPT-1042
QoS Design: Classification and Marking

Collapsing the Classes of Service
11 Class 7 Class Model 5 Class Model

QoS Baseline Model
Voice Voice Voice
Video Conferencing
Video Video
Streaming Video
Call Signaling Call Signaling Call Signaling
IP Routing
Network Control
Network Management
Critical Data
Mission-Critical Data
Critical Data
Transactional Data
Bulk Data Bulk Data
Scavenger Best Effort
Best Effort
Best Effort
OPT-1042
9816_05_2004_c1
Time © 2004 Cisco Systems, Inc. All rights reserved. 89

Presentation_ID.scr
OPT-1042
SP-Enterprise QoS Model Summary
• At the ingress of the SP network, the 11 enterprise

classes of service get mapped into 4-5 SP classes
• The enterprise DSCP marking scheme is translated
into a SP CoS marking scheme, which does not
change the enterprise DSCP values
• Egress shaping on the enterprise CPEs required to
increase the goodput
• Enterprise jitter, latency and drop requirements are
guaranteed by the SP QoS model
OPT-1042

Presentation_ID.scr
Agenda
Enterprise Drivers
OPT-1042
CPE Redundancy Considerations
• CPE
Router
Switch
• Resiliency mechanism
EtherChannel
Spanning tree
Flexlink
Hot Standby Routing Protocol (HSRP)
• Attachment to service provider
Dual-attached
Dual-homed
OPT-1042

Presentation_ID.scr
CPE Attachment Considerations
Dual-Attached Dual-Homed
SP Network
SP Network
Customer Location
HSRP SP Network
OPT-1042
Example #1:
Router or Switch Dual Attached with EtherChannel
ERS Service
Service Provider Network

Port Port
Channel #1 Channel #1
FE 1 FE 1 FE 1
IP/MPLS
Network
FE 2 FE 2 FE 2
RTR #1 U-PE #1 N-PE #1 N-PE #2 U-PE #2 RTR #2
• ERS service flowing between RTR #1 and RTR #2

• RTR #1 uses 192.168.1.1/30 on Port Channel #1
• RTR #2 uses 192.168.1.2/30 on the Port Channel #1
OPT-1042

Presentation_ID.scr
Example #1:
Router or Switch Dual Attached with EtherChannel (Cont.)
ERS Service

Port Port
FE 1 1 FE 1 FE 1
IP/MPLS
Network
FE 2 FE 2 FE 2
1. On RTR #1, FE 1 fails in the port channel
OPT-1042
Example #1:
Router or Switch Dual Attached with EtherChannel (Cont.)
ERS Service

Port Port
FE 1 FE 1 FE 1
IP/MPLS
Network
FE 2 2 FE 2 FE 2
1. On RTR #1, FE 1 fails in the port channel

2. On RTR #1, traffic converges onto FE 2
Service outage is less than 200ms due to using EtherChannel
OPT-1042

Presentation_ID.scr
Example 2:
Switch Dual Homed Using Spanning-Tree
EMS Service
FE 1 Service Provider Network

FE 1
Spanning-Tree*
FE 1 FE 1
F IP/MPLS F
Network
B B
FE 2 FE 2
SW #1 U-PE #1 N-PE #1 N-PE #2 U-PE #2 SW #2
• Ethernet Multipoint Service is configured between SW #1 and SW #2 * BPDU’s Are Only

• The customer uses VLAN 100 for the service between SW #1 and SW #2 Seen by CPE, not the
Service Provider
• SW #1 uses 192.168.1.1/30 for VLAN 100 and allows VLAN 100 on FE #1
and FE #2
• SW #2 uses 192.168.1.2/30 for VLAN 100 and allows VLAN 100 on FE #1
and FE #2
OPT-1042
Example 2:
EMS Service

Spanning-Tree* FE 1
1
FE 1 FE 1
F IP/MPLS F
Network
B B
FE 2
FE 2
* BPDU’s Are Only

1. Failure occurs Seen by CPE, Not
Service Provider
(Because of the
EMS Configuration)
OPT-1042

Presentation_ID.scr
Example 2:
EMS Service

Spanning-Tree* FE 1
FE 1 B FE 1
IP/MPLS F
Network
F F
FE 2 FE 2
2
* BPDU’s Are Only

1. Failure occurs Seen by CPE, Not
Service Provider
2. 2nd link becomes active and traffic reverts (Because of the
to the alternate path EMS Configuration)
OPT-1042
Example #3:
Router or Switch Dual Attached: FlexLink*
ERS Service
FE 1 FE 1 FE 1
IP/MPLS
Network
FE 2 FE 2 FE 2
• ERS service flowing between RTR #1 and RTR #2 * FlexLink—a

• FlexLink is configured on U-PE #1 for FE 2 to backup FE 1 Feature Used to
• FlexLink is configured on U-PE #2 for FE 2 to backup FE 1 Backup Another L2
• RTR #1 uses 192.168.1.1/30 on Port Channel #1 Interface and
Provide 100ms or
• RTR #2 uses 192.168.1.2/30 on Port channel #1 Less Convergence
OPT-1042

Presentation_ID.scr
Example #3:
Router or Switch Dual Attached: FlexLink (Cont.)
ERS Service
FE 1 1 FE 1 FE 1
IP/MPLS
Network
FE 2 FE 2 FE 2
1. On RTR #1, FE 1 fails in the Port Channel
OPT-1042
Example #3:
Router or Switch Dual Attached: FlexLink (Cont.)
ERS Service
FE 1 FE 1 FE 1
IP/MPLS
Network
FE 2 2 FE 2 FE 2
1. On RTR #1, FE 1 fails in the Port Channel

2. On RTR #1, traffic converges onto FE 2
Failure recovery is 100ms or less due to FlexLink
OPT-1042

Presentation_ID.scr
Example 4:
Router and HSRP
ERS Service
HSRP HSRP
FE 1 Service Provider
Network
RTR #2 FE 1 RTR #4
Enterprise IP/MPLS Enterprise

Network Network Network
RTR #1 RTR #6
RTR #3 RTR #5
U-PE #1 N-PE #1 N-PE #2 U-PE #2
• Dual exit paths are needed out of the enterprise network

• Two routers are used with diverse paths as exit points
• RTR #2, #3, #4, #5 track interfaces connecting to the service provider for failure
• HSRP is used between RTR #2 & RTR #3 for an exit path for RTR #1
• HSRP is used between RTR #4 & RTR #5 for an exit path for RTR #6
OPT-1042
Example 4:
Router and HSRP
ERS Service
HSRP HSRP
Network
RTR #2 FE 1 RTR #4

1 Network
Network Network
RTR #1 RTR #6
RTR #3 RTR #5
U-PE #1 N-PE #1 N-PE #2 U-PE #2
1. Failure occurs
OPT-1042

Presentation_ID.scr
Example 4:
Router and HSRP
ERS Service
HSRP HSRP
Network
RTR #2 FE 1 RTR #4

Network Network Network
RTR #1 RTR #6
RTR #3 RTR #5
2 U-PE #1 N-PE #1 N-PE #2 U-PE #2
2
1. Failure occurs
2. 2nd path is available; traffic uses 2nd path to reach remote
destinations
OPT-1042
CPE Redundancy Summary
• There are different attachment options to consider when

connecting to the service provider network, such as:
Dual—attached
Dual—homing
• Depending on the desired connectivity option to the service

provider, various resiliency options are provided, such as:
EtherChannel
Spanning Tree
FlexLink
HSRP
• A new feature “FlexLink” may provide the fastest switchover

time with 100ms or less
OPT-1042

Presentation_ID.scr
Q AND A
OPT-1042
Associated Sessions
• ACC-1000/ACC-1N0-1: Introduction to Layer 2

Transport and Tunneling Technologies (L2VPNs)
• ACC-2000: Layer 2 Transport and Tunneling
(L2VPN) Application and Deployment
• ACC-2001: Design Considerations for Sizing and
Scaling Metro Layer 2 Services
• OPT-2045: Extending Metro Ethernet Across
SONET/SDH Transport Infrastructure
• ACC-3001: Troubleshooting Layer 2 Transport and
Tunneling (L2VPN) Technologies
OPT-1042

Presentation_ID.scr
Recommended Reading
• Metro Ethernet [1-58705-096-X]

• Cisco Self-Study: Building Cisco Metro Optical
Networks (METRO) [1-58705-070-6]
• DWDM Network Designs and Engineering Solutions
[1-58705-074-9]
• Optical Network Design and Implementation [1-
58705-105-2]
OPT-1042
Network Availability Recommendations
Feature Catalyst 3550 ML-Series Cisco 7600
802.1w/.1s Enable Enable
PVRSTP Enable
Spanning Tree Port Fast Enable on UNI
Spanning Tree Loop Guard Enable
Spanning Tree Root Guard Enable
PAgP/802.3ad Enable Enable
EtherChannel Enable Enable* Enable
*Other Considerations Should Be Taken into Account When Enabling EtherChannel between the
PE-AGG and N-PE within the ML Topology; Review the ML-DiG for More Information
OPT-1042

Presentation_ID.scr
Network Availability Recommendations
(Cont.)
Feature Catalyst 3550 ML-Series Cisco 7600
UDLD Enable Enable
Resilient Packet Ring Enable
RPR+ Enable
FSU Enable
OPT-1042
Complete Your Online Session Evaluation!
WHAT: Complete an online session evaluation

and your name will be entered into a
daily drawing
WHY: Win fabulous prizes! Give us your feedback!
WHERE: Go to the Internet stations located
throughout the Convention Center
HOW: Winners will be posted on the onsite
Networkers Website; four winners per day
OPT-1042

Presentation_ID.scr
OPT-1042

Presentation_ID.scr

Metropolitan Ethernet Design Fundamentals - 2004 PDF

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Metropolitan Ethernet Design Fundamentals - 2004 PDF

Hochgeladen von

Copyright:

Verfügbare Formate

METROPOLITAN ETHERNET

Metro Ethernet: Services Drive Transport

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Business Driven Initiatives ENTERPRISE

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Source: The Yankee Group, 2003

Enterprise Requirements and CISCO

Service Level Agreement (SLA) Characteristics

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

The Challenges of Metro Ethernet

Network Security Classes of Manageability

Metro Ethernet: Services Drive Transport

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Layer 1 Layer 2 Layer 3

Virtual Transparent LAN

Metro Ethernet Connectivity SERVICE

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Metro Ethernet Connectivity SERVICE

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Metro Ethernet Connectivity SERVICE

Secondary Data Center

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Metro Ethernet: Services Drive Transport

Metro Ethernet Network Architecture

• Characteristics of each architecture-element/layer

• Different technological solutions can co-exist

• Elements of different technological solutions can

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

User Facing Provider Edge (U-PE) Metro C

Network Facing Provider Edge (N-PE) U-PE 1000 Mbps

Metro Ethernet Network Architecture

Core Device (P)

Extension Aggregation Device (PE-AGG)

U-PE Attachment VC UNI Endpoint (U-PE)* Specific for

*draft-ietf-l2vpn-l2-framework-04.txt These Different Roles Can Be Collapsed within a Single Box

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

User-Facing Provider Edge: U-PE

• Service and admission control policies of the P

Aggregation Device: PE-AGG

• Efficient aggregation of traffic to higher P

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Network-Facing Provider Edge: N-PE

• High density optical interfaces P

• MPLS and IP service gateway

• High-speed packet forwarding P

• Convergence of packet-processing and

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

• Relationship between layers/functional

Metro Access Network May Be Deployed

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Case Study: ILEC/PTT in Region

A Design Alternative for Markets SP CoS Marking and Traffic

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

SP CoS Marking and Traffic Concentration

Case Study: ILEC/PTT in Region

A Good Design for Buildings: SP CoS Marking

Dedicated 15454 4000 7600

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

Service Traffic Patterns

© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.

U-PE PE-AGG N-PE P N-PE U-PE

• SP doesn’t coordinate CE VLANs (CE VLANs transparency)

1:1 VLAN Translation