Integration Solutions Guide for Managed Broadband Access Using MPLS VPNs for Cable Multiservice Operators
|
|
- Cuthbert Thornton
- 8 years ago
- Views:
Transcription
1 Integration Solutions Guide for Managed Broadband Access Using MPLS VPNs for Cable Multiservice Operators This document describes a secure, scalable, managed broadband access system utilizing multiprotocol label switching virtual private networks (MPLS VPNs). The system configuration proposed in this document will enable cable multiple service operators (MSOs) to share the broadband transport system of the cable television infrastructure with different service providers and business customers. In so doing, MSOs will be able to offer their subscribers a choice from a variety of service providers while simultaneously delivering multiple value-added services such as Web and media caching. Note This solutions guide deals only with the MPLS VPN method of managed broadband access. This document is intended primarily for system administrators responsible for installing and configuring internetworking equipment in a hybrid fiber-coaxial (HFC) cable network environment. It is assumed that the reader is familiar with the fundamentals of router-based and cable-based internetworking, and also familiar with routers and IOS software. This document will describe the basic network setup and configuration of the MPLS VPNs managed broadband access system. It will explain how to interface the cable modem termination system (CMTS) with the MPLS cloud, and how to interface ISPs with MPLS VPNs. It will not provide cable-specific installation information or describe the details of MPLS configuration. The following sections are included in this document: Business Objectives, page 2 Possible Solutions, page 3 Proposed Solution: MPLS VPN-Enabled Cable Network, page 5 Implementation, page 9, page 12 Related Documents, page 26 1
2 Business Objectives Integration Solutions Guide for Managed Broadband Access Using MPLS VPNs for Cable Multiservice Operators Business Objectives For a variety of business reasons, it is advantageous for cable Multiple Service Operators (MSOs) to be able to make their subscribers available to other organizations or Internet Service Providers (ISPs), and/or to provide their subscribers with IP access to other ISPs. The challenge faced by MSOs is to find a way of providing this kind of open access to their subscribers while maintaining the ability to track, bill, and monitor connections. The answer to this challenge is a process called managed broadband access. In a managed broadband access environment, each ISP must have a method of moving traffic to and from a subscriber s PC, through the MSO s physical network infrastructure, to the ISP s network. One of the optimal ways of accomplishing this is to form a secure virtual private network (VPN) through the MSO s network. In an ideal scenario, each ISP VPN is insulated from other ISPs who might be using the same MSO infrastructure. MPLS VPNs are an efficient, scalable method of transporting ISP traffic seamlessly across the MSO s network. The method used by an MSO to provide managed broadband access will depend on the MSO s business model and on the agreements made with their partner ISPs. In some business models, the MSO will bill the cable subscriber extra for providing the capability to connect to another ISP. The extra billing may be based on the time the subscriber is using the other ISP, or on the amount of data transferred by the subscriber while connected to the other ISP. Typical Business Needs of a Cable MSO In evaluating the advantages and disadvantages of alternate methods of providing managed broadband access, the following business needs were considered: Cable MSOs must provide a means by which end subscribers can obtain IP and internet services from any ISP with which the cable operator has a business agreement. MSOs must be able to maintain full control of the cable modems at the end subscriber premises. MSOs desire to use authentication for logging onto an ISP, and have the ability to bill the subscriber for either time logged on or volume of data used while logged on. Some MSOs want to be able to support multiple PCs behind a cable modem, each accessing a different ISP. Most ISPs do not wish to have a connection into each MSO headend, but they do want redundant connections into a Point of Interconnect. Initial or Original Network Topology Figure 1 depicts a typical DOCSIS cable modem network connected to a hybrid fiber/coax infrastructure (HFC network). Cable modems (CMs) connected to the HFC network are terminated on a cable modem termination system (CMTS), typically a ubr7200 series cable router. The CMTS connects via a high-speed medium (typically OC-3 or Fast Ethernet) to the MSO s IP core. The IP core consists of several large routers or switches such as the GSR12008 or other enterprise-class routing platform. Connected somewhere on the MSO network are one or more DOCSIS-based provisioning servers to provide DHCP, ToD, and TFTP to cable modems as they initialize. The MSO network is connected to the internet via a high-speed leased line. Working together, these components allow the MSO to supply IP connectivity to subscribers homes. 2
3 Possible Solutions Figure 1 Typical MSO IP Network without MPLS VPNs Internet 7200 GSR MSO Provider core 7200 ubr7246 Cable modem (CM) HFC PC MSO subscriber Management subnet Cable Network Registrar (CNR)/ DHCP server GSR HFC cable network Business Drivers Without additional configuration, the basic cable network depicted above lacks the ability to differentiate subscriber traffic and route it separately to a relavant ISP. Thus, the MSO must either supply IP service to its customers itself, or rely on a single ISP partner to supply it. Possible Solutions There are two primary strategies for providing managed broadband access: Physical separation. The MSO assigns a set of frequencies to each ISP upon which subscriber services are provided. Because frequencies essentially map to physical ports, this implies specific hardware dedicated to ISPs. Logical separation. Logical separation can be accomplished in a number of ways, one of which is by using virtual private networks (VPNs). The MSO creates a distinct VPN for each ISP, all sharing the same pair of frequencies at the physical level. 3
4 Possible Solutions Integration Solutions Guide for Managed Broadband Access Using MPLS VPNs for Cable Multiservice Operators Managed Broadband Access Via Separate Frequencies There are several difficulties encountered in providing managed broadband access by assigning a separate pair of frequencies to each ISP. Four of these difficulties are summarized below: 1. The DOCSIS specification states the that the cable modem (CM) MUST operate using the first valid downstream signal that it encounters while scanning (Section ). The specification further states that the CM can be instructed via configuration file parameters to shift operations to a different downstream frequency. This implies that there needs to be a single provisioning system that will know about all cable modems assigned to all of the various frequencies. Each ISP will therefore have to be able to upload cable modem information to the provisioning system for each new subscriber, and associate that cable modem with the appropriate frequency pair for that ISP. Because the provisioning system is the heart of the data-over-cable system, it will be a considerabe challenge to keep the information from multiple ISPs updated in real time. 2. If a cable modem locks onto the wrong downstream frequency for the ISP to which it is subscribed, the provisioning system that is assigned to the locked-on frequency will not assign an IP address to the cable modem because it will not know about its MAC address. (A provisioning system will only respond to cable modems whose MAC addresses are known; that is, whose MAC addresses are assigned to its ISP.) 3. There is a limited amount of usable upstream bandwidth. If the entire usable upstream bandwidth is assigned to ISPs, there will be no room for upstream frequency hopping in the event of ingress noise. 4. Assigning separate frequencies maps each ISP to a specific upstream port on the ubr7246 CMTS. Mapping a specific upstream port to an ISP means that a specific channel is mapped to each ISP. Because of the above factors, separate frequency assignments is not recommended as a method for providing managed broadband access. Managed Broadband Access Via Logical Separation To provide managed broadband access via logical separation, a virtual tunnel is constructed between the MSO and the managed partner ISP. The tunnel can be created using one of the following methods: Point-to-Point Tunneling Protocol (PPTP) Point-to-Point Protocol over Ethernet (PPPoE) Layer 2 Tunneling Protocol (L2TP) IP Security (IPSEC) Service Selection Gateway (SSG) Policy-Based Routing Source Routing Multi-Protocol Label Switching VPN (MPLS VPN)] 4
5 Proposed Solution: MPLS VPN-Enabled Cable Network Proposed Solution: MPLS VPN-Enabled Cable Network has extensively evaluated the range of technologies for providing managed broadband access and has concluded that network-based MPLS is the preferred technological foundation for building managed broadband access networks. For MSOs that require specific tunneling protocols, these approaches can work in conjunction with MPLS. MPLS is an Internet Engineering Task Force (IETF) draft standard based on RFC 2547, and is supported by many equipment vendors around the world. MPLS VPN technology is useful for providing voice telephony services, digital video services such as movies, video on demand (VoD), and other streaming media services such as distant TV news or entertainment programming. Overview/Strategy The basic components of a network that supports MPLS are the devices of two entities: a provider and a customer. The provider is the owner of a physical network infrastructure. The customer s goal is to route traffic across the provider s network. In an MPLS network there are three basic types of router: the customer edge (CE) router, which interfaces with the provider edge (PE) router, and the provider (P) router that is located in the core of the provider s network and that helps route traffic. The MPLS VPN connects an interface on one PE router to an interface on a distant PE router, thus causing two or more remote CE routers to be virtually connected to each other via the VPN. The MPLS VPN solution operates as an overlay on top of the typical MSO network and requires minimal changes to the physical network. Typically the network has a unique VPN that is used exclusively for management of the MSO provider s devices. This VPN is called the management VPN and contains the servers and other devices to which all other VPNs require access. In Figure 2, each ISP that signs a contract with the MSO is peered to a provider edge (PE) router that is MPLS-capable. The ubr7246, acting as CMTS and also as a PE router, and having its own managed broadband access subscribers to the ISPs, creates a VPN with each PE router that peers with an ISP. There may be multiple MSO routers in the core of the network that act as provider (P) routers. In addition to the PE routers connected to the ISPs, one additional PE router is connected to management servers (the CNR/DHCP) and is part of the management VPN. Because each ISP has its own set of IP addresses and its own VPN with the CMTS, whenever a cable modem is assigned an IP address belonging to a particular ISP, that cable modem along with all of the devices connected to its Ethernet port are placed into that ISP s VPN. Thus, the PC can acquire an IP address in the ISP s address range directly from the ISP s DHCP server. 5
6 Proposed Solution: MPLS VPN-Enabled Cable Network Benefits In addition to the advantages described above, MPLS VPN cable networks provide operationally scalable private IP services and internet access. Following are additional specific benefits of this solution: Allows the MSO to maintain full control over the cable modems or other devices directly connected to the cable plant Highly flexible, scalable, and easy to manage system Easy to add or move devices No additional backbone configuration needed One VPN per ISP scales well Supports overlapping IP address ranges Provides secure support for multiple intranets and extranets VPN isolation guaranteed by label stacking and L2 switching in core VPN_ID cannot be spoofed IPsec or application-level encryption supported (up to 3DES) Supports multiple IP QoS classes IP precedence copied into MPLS header MPLS/TAG QoS supported in the core CAR precedence marking supported at ingress Guarantees privacy via BGP authentication, VPN routing domain (per VPN FIB) 6
7 Proposed Solution: MPLS VPN-Enabled Cable Network Network Topology Figure 2 MPLS VPN Enabled Network Topology ISP-A 7500 ISP-A customer ISP-B 7500 Internet Customer edge router MSO as ISP Provider edge router Provider edge router MSO Provider core 7500 ubr maintenance router HFC HFC cable network ISP-B customer MSO as ISP customer Management subnet Cable Network Registrar (CNR)/ DHCP server 7
8 Proposed Solution: MPLS VPN-Enabled Cable Network How this Solution Works The MPLS VPN network operation is as follows: 1. The MSO and the ISP negotiate a contract to provide internet services for end subscribers. 2. The MSO CMTS is notified of the new ISP, the classes of service allowed, the range of IP addresses provided by the ISP, and the location of the ISP s authentication server. 3. The network administrator assigns a range of IP addresses to the new ISP for the cable modems (CMs) that will be associated with the new ISP, and configures the CNR appropriately. 4. As subscribers sign up for the ISP s services with the MSO, the CMTS notifies the CM management provisioning server of the new subscribers. The provisioning server will keep track of the MAC addresses of the subscriber cable modems and CPE devices, and will build a relationship between MAC address, service provider, and class of service. Note Provisioning systems such as CSRC can be used to implement auto-provisioning and other management schemes. 5. The CMTS will know the IP addresses and subnet masks of the various router interfaces. The MSO will use this information to add the subnets and subnet masks to the CNR s scope table. 6. The network administrator will add the appropriate configuration information to the PE routers and add the VPN information to Cable Manager if Cable Manager is supporting VPNs. When a cable modem at an end subscriber site is connected to the HFC network and is powered on, the following events occur: 1. The cable modem completes its boot cycle and sends a DHCP discover packet. 2. The CMTS adds the giaddr to the discover packet and forwards it to the MSO s provisioning system. 3. The provisioning system checks its tables to see if the MAC address of the cable modem is listed there. If it is not listed, it will forward the packet to the CNR with a class of service (CoS) of an unregistered cable modem. Unregistered cable modems can be denied service, connected to an auto-provisioning service, or allowed limited access. 4. Once the provisioned cable modem is reset, the provisioning system finds the cable modem s MAC address in its tables and forwards the DHCP discover packet to the CNR with the appropriate CoS. 5. The CNR issues an IP address to the cable modem based on the giaddr taken from the discover packet. As the IP address passes through the CMTS on its way to the cable modem, the CMTS gleans the IP address, assigns a corresponding SID to the cable modem, and associates that SID with the subinterface that is assigned to the ISP to which that IP address belongs. Note Because each subinterface on the CMTS is tied to a specific ISP, when a cable modem is assigned a SID that ties it to a specific subinterface, the PC connected to that cable modem is then tied to a specific ISP. 8
9 Implementation Ramifications The MPLS VPN method of providing managed broadband access is the most flexible and scalable of all of the methods of providing VPN service over cable. It does require MPLS on the entire backbone; however, it offers the following advantages: Supports both permanent and temporary subscriber sessions Does not require PC-based software PC IP address is assigned by the ISP Provides virtual routing table for each ISP Supports QoS and traffic engineering Supports service level agreements (SLAs) Supports multiple classes of service per ISP Supports multiple PCs per cable modem Supports multicast Supports billing per session or per usage Implementation The primary strategy used to provide managed broadband access via MPLS VPNs is to enable the creation of subinterfaces on a physical cable interface or on a bundle of cable interfaces. Each subinterface is then configured to connect to a separate managed partner ISP network; in this case, a separate ISP. The subinterfaces are tied to virtual routing and forwarding tables (VRFs) for their respective ISPs. In addition to creating one subinterface for each ISP, one additional subinterface needs to be created for a management VPN. The management VPN connects the CMTS to a PE router that is connected to cable modem management servers such as CNR, DHCP, ToD, etc. The MPLS model has some elementary built-in security. Because each MPLS VPN has its own routing/forwarding table, the VPN will only know about its own addresses. Any knowledge of other IP networks will come only from the ISP s normal Internet routing. Therefore, even though two ISPs have an MPLS VPN on the same router, the only traffic through the router will be via the ISP s internet routes. In implementing MPLS VPNs, it is essential that the management subinterface be configured first. Note that the CMTS needs a management subinterface to route DHCP packets coming from cable modems when they come online for the first time. This is because the CMTS does not know which subinterface a cable modem belongs to until it has seen the assigned IP address by gleaning the DHCP reply message from the CNR. 9
10 Implementation Integration Solutions Guide for Managed Broadband Access Using MPLS VPNs for Cable Multiservice Operators Network Topology Figure 3 Post-Implementation Traffic Flow High-speed leased line ISP-A 7500 ISP-A customer Highspeed leased line Internet ISP-B 7500 PE router MSO as ISP 7500 MSO 7500 VPN MSO as ISP PE router VPN B CE router 7500 maintenance router PE router VPN MGMT PE router VPN A Provider core 7500 ubr 7246 PE router HFC HFC cable network ISP-B customer MSO as ISP customer Management subnet 10
11 Implementation Prerequisites and Design Considerations Prerequisites To implement managed broadband access for cable using MPLS VPNs, the following conditions must be met: The cable return path must be available The cable network must be DOCSIS-compliant Cable modems must be currently deployed and operational You must have an operational IP network Design Considerations The basic supposition of this design is that the MSO must be able to maintain full control over the devices directly connected to the cable plant, whether they be cable modems (CMs), set top boxes (STBs), or integrated telephony cable modems (ITCMs). It is also imperative for security purposes that each home connected to each ISP gets its DHCP addresses from that ISP and not from any other source. Implementation Procedure To implement the MPLS VPN solution, the MSO configures its routers to be MPLS-capable. To establish each new VPN, you only have to configure the VPN on the edge of the network. The implementation process is as follows: 1. Configure the ubr7246 CMTS 2. Configure each provider edge router 3. Configure the provider core router(s) to be MPLS-capable 4. Confirm the operation of MPLS 5. Configure the Cable Network Registrar (CNR) server Details of each of these implementation steps are provided in the following case study section. 11
12 The following table describes the hardware, software, and interface IP addresses for the devices used in the case study sample configuration files. Table 1 Hardware and Software Used in the Case Study Customer Edge Provider Edge Provider Provider Edge Customer Edge Customer Edge Hostname Cable Modem PC Chassis type 7200 series router Physical interfaces Software loaded Ethernet IP Address and IP Address Ranges 7500 series router Configuration Tasks for Managed Broadband Access with MPLS Before configuring the MSO network for managed broadband access, it is assumed that the network has the following characteristics: the ubr7246 is configured to route internally IGRP is operational 7500 series router the subscriber cable modems are operational the CNR server is operational ubr7246 cable access router ubr924 cable modem FastEthernet FastEthernet FastEthernet FastEthernet Cable subinterface Host PC Cable subinterface 12.1(2)T 12.1(2)T 12.1(2)T 12.1(2)T 12.1(2)T 12.1(2)T the cable plant is operating properly To implement managed broadband access with MPLS, accomplish the following tasks: Configure the ubr7246 CMTS Create subinterfaces Determine the number of VPNs and their names Create VRFs using the VPN naming established above Assign the VRFs to subinterfaces Configure BGP with address families to route VRF traffic and distribute routes Use route maps and access lists to limit route sharing Note The BGP address families define how the routing occurs between the VPNs. The VPN configuration considers groups of routes. An address family is a group of route parameters associated with the specified VRF. BGP is the engine that allows things to talk in this network environment. 12
13 Configure the PE routers Configure VRFs Assign the VRFs to subinterfaces Configure BGP with address families to route VRF traffic and distribute routes Use route maps and access lists to limit route sharing Configure the provider core routers for MPLS Use the tag switching ip CLI command Confirm MPLS operation Use the ping ip vrf command Use the show ip vrf command Configure the CNR server for MPLS Configuration Files for Managed Broadband Access with MPLS VPNs This section contains a show running config file for each of the devices shown in the detailed network diagram (see Figure 3). The following configuration files are included: Configuration File for the Provider Edge Device: ubr7246 Configuration File for the Provider Device: 7500 Series Router Configuration File for the Provider Edge Device: 7500 Series Router Configuration File for the Customer Edge Device: 7200 Series Router Configuration File for the Provider Edge Device: ubr7246 The ubr7246 is located at the cable headend to supply IP connectivity to the cable modems via its cable interfaces (Cable 3/0 through Cable 6/0). The ubr7246 operates as a PE router on the MPLS network; it is an endpoint for every VPN in use on the attached cable plant. IOS is used to build multiple logical subinterfaces, each associated with a specific ISP s VPN. An additional management subinterface exists to supply OSS to the cable modems during initial registration.. The ubr7246 also has a high-speed OC-3 SONET connection to the MSO s core IP network. 13
14 Figure 4 Provider Edge Device (Device 2005): ubr7246 ISP-A MSO PE router PE router HFC cable network VPN A Provider core ubr 7246 PE router HFC Configuration File for Device 2005: ubr 7246 (Provider Edge Device) Identifies the version of IOS software installed. version 12.1 Defines the hostname of the ubr7246 hostname region-1-ubr Describes where the system is getting the software image it is running. In this configuration example, the system is loading a ubr7246 image named AdamSpecial from slot 0. boot system flash slot0:ubr7200-p-mz.adamspecial Creates the enable secret password. enable secret 5 $1$SCp7$yyOG5jxTUPWPJht7WrR9F0 enable password cable Sets QoS per modem for the cable plant. no cable qos permission create no cable qos permission update cable qos permission modems Allows the system to use a full range of IP addresses, including subnet zero, for interface addresses and routing updates. ip subnet-zero Enables Express Forwarding. ip cef Configures a IOS Dynamic Host Configuration Protocol (DHCP) server to insert the DHCP relay agent information option in forwarded BOOTREQUEST messages. 14
15 ip dhcp relay information option Enters the virtual routing forwarding (VRF) configuration mode and maps a VRF table to the virtual private network (VPN) called MSO. The VRF table contains the set of routes that points to or gives routes to the CNR device, which provisions the cable modem devices. Each VRF table defines a path through the MPLS cloud. ip vrf MAINT Creates the route distinguisher and creates the routing and forwarding table of the router itself. rd 100:1 Creates a list of inport and/or export route target communities for the VPN. route-target export 100:2 route-target export 100:3 Maps a VRF table to the VPN called isp1. ip vrf isp-a Creates the route distinguisher and creates the routing and forwarding table of the router itself. rd 100:2 Creates a list of inport and/or export route target communities for the VPN. route-target import 100:1 Maps a VRF table to the VPN called isp2. ip vrf isp-b Creates the route distinguisher and creates the routing and forwarding table of the router itself. rd 100:3 Creates a list of inport and/or export route target communities for the VPN. route-target import 100:1 Maps a VRF table to the VPN called MSO-isp. Note: MSO-isp could be considered ISP-3; in this case, the MSO is competeing with other ISPs for other ISP services. ip vrf MSO-isp Creates the route distinguisher and creates the routing and forwarding table of the router itself. rd 100:2 Creates a list of inport and/or export route target communities for the VPN. route-target export 100:2 route-target import 100:2 route-target import 100:1 Builds a loopback interface to be used with MPLS and BGP; creating a loopback interface eliminates unnecessary updates (caused by physical interfaces going up and down) from flooding the network. interface Loopback0 ip address no ip directed-broadcast Assigns an IP address to this Fast Ethernet interface. MPLS tag-switching must be enabled on this interface. interface FastEthernet0/0 description Connection to MSO core. ip address no ip directed-broadcast full-duplex tag-switching ip 15
16 Enters cable interface configuration mode and configures the physical aspects of the 3/0 cable interface. Please note that no IP addresses are assigned to this interface; they will be assigned instead to the logical subinterfaces. All other commands for this cable interface should be configured to meet the specific needs of your cable RF plant and cable network. interface Cable3/0 no ip address ip directed-broadcast no ip mroute-cache load-interval 30 no keepalive cable downstream annex B cable downstream modulation 64qam cable downstream interleave-depth 32 cable downstream frequency cable upstream 0 frequency cable upstream 0 power-level 0 no cable upstream 0 shutdown cable upstream 1 shutdown cable upstream 2 shutdown cable upstream 3 shutdown cable upstream 4 shutdown cable upstream 5 shutdown Configures the physical aspects of the 3/0.1 cable subinterface. If cable modems have not been assigned IP addresses, they will automatically come on-line using the settings for subinterface X.1. interface Cable3/0.1 description Cable Administration Network Associates this interface with the VRF and MPLS VPNs that connect to the MSO cable network registrar (CNR). The CNR provides cable modems with IP addresses and other initialization parameters. ip vrf forwarding MSO Defines a range of IP addresses and masks to be assigned to cable modems not yet associated with an ISP. ip address Disables the translation of directed broadcasts to physical broadcasts. no ip directed-broadcast Defines the DHCP server for cable modems whether they are associated with an ISP or with the MSO acting as ISP. cable helper-address cable-modem Defines the DHCP server for PCs that are not yet associated with an ISP. cable helper-address host Disables cable proxy Address Resolutio Protocol (ARP) and IP multicast echo on this cable interface. no cable proxy-arp no cable ip-multicast-echo Configures the physical aspects of the 3/0.2 cable subinterface. interface Cable3/0.2 description MSO as ISP Network Assigns this subinterface to the MPLS VPN used by the MSO to supply service to managed partner ISPs in this case, MSO-isp. ip vrf forwarding MSO-isp Defines a range of IP addresses and masks to be assigned to cable modems associated 16
17 with the MSO as ISP network. ip address secondary Defines a range of IP addresses and masks to be assigned to host devices associated with the MSO as ISP network. ip address Disables the translation of directed broadcasts to physical broadcasts. no ip directed-broadcast Defines the DHCP server for cable modems whether they are associated with an ISP or with the MSO acting as ISP. cable helper-address cable-modem Defines the DHCP server for PC host devices. cable helper-address host Disables cable proxy Address Resolutio Protocol (ARP) and IP multicast echo on this cable interface. no cable proxy-arp no cable ip-multicast-echo Configures the physical aspects of the 3/0.3 cable subinterface interface Cable3/0.3 description ISP1's Network Makes this subinterface a member of the MPLS VPN. ip vrf forwarding isp1 Defines a range of IP addresses and masks to be assigned to cable modems associated with the MSO as ISP network. ip address secondary Defines a range of IP addresses and masks to be assigned to host devices associated with the MSO as ISP network. ip address Disables the translation of directed broadcasts to physical broadcasts. no ip directed-broadcast Disables cable proxy Address Resolutio Protocol (ARP) and IP multicast echo on this cable interface. no cable proxy-arp no cable ip-multicast-echo Defines the DHCP server for cable modems whether they are associated with an ISP or with the MSO acting as ISP. cable helper-address cable-modem Defines the DHCP server for PC host devices. cable helper-address host Configures the physical aspects of the 3/0.4 cable subinterface interface Cable3/0.4 description ISP2's Network Makes this subinterface a member of the MPLS VPN. ip vrf forwarding isp2 Defines a range of IP addresses and masks to be assigned to cable modems associated with the MSO as ISP network. ip address secondary 17
18 Defines a range of IP addresses and masks to be assigned to host devices associated with the MSO as ISP network. ip address Disables the translation of directed broadcasts to physical broadcasts. no ip directed-broadcast Disables cable proxy Address Resolutio Protocol (ARP) and IP multicast echo on this cable interface. no cable proxy-arp no cable ip-multicast-echo cable dhcp-giaddr policy Defines the DHCP server for cable modems whether they are associated with an ISP or with the MSO acting as ISP. cable helper-address cable-modem Defines the DHCP server for PC host devices. cable helper-address host Configures OSPF as an IGP (Interior Gateway Protocol). OSPF should be configured so that the MSO network can communicate appropriately. router ospf 100 redistribute connected network area 0 network area 0 default-metric 25 Enables BGP on the router and configures the IP addresses for the BGP neighbors. BGP communication is linked to the loopback interface. router bgp 100 neighbor remote-as 100 neighbor update-source Loopback0 neighbor remote-as 100 neighbor update-source Loopback0 Defines static route parameters for every BGP PE to CE session in essence, associating an address family with a defined VPN. address-family ipv4 vrf isp2 redistribute connected redistribute static no auto-summary no synchronization exit-address-family address-family ipv4 vrf isp1 redistribute connected redistribute static no auto-summary no synchronization exit-address-family address-family ipv4 vrf MSO-isp redistribute connected redistribute static no auto-summary no synchronization exit-address-family 18
19 Configures an address family for the MSO that makes the MSO avaialble to all other address families. address-family ipv4 vrf MSO redistribute connected neighbor remote-as 100 neighbor update-source Loopback0 neighbor activate no auto-summary no synchronization network mask network mask exit-address-family address-family vpnv4 neighbor activate neighbor send-community extended neighbor activate neighbor send-community extended exit-address-family ip classless no ip http server Configures passwords for telnet sessions. line con 0 password cable login transport input none line aux 0 line vty 0 4 password cable login end 19
20 Configuration File for the Provider Device: 7500 Series Router Following is a description of what is being accomplished by configuring this device and the purpose of this device in the larger view of the configuration. Figure 5 Provider Device (Device 2004): 7500 Series Router Internet 7500 MSO HFC cable network MSO as ISP VPN MSO as ISP Provider core ubr 7246 HFC Sample Configuration File for Device 2004: One of Several 7500 Series Core Routers (Provider Device) version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption service udp-small-servers service tcp-small-servers hostname region boot system flash slot1:rsp12108.t enable secret 5 $1$wsjq$v1F6SXDGtBlsqLxiKbUNA. enable password cable ip subnet-zero ip cef distributed cns event-service server interface FastEthernet0/0 no ip address shutdown half-duplex 20
21 interface FastEthernet0/1 ip address full-duplex tag-switching ip interface FastEthernet1/0/0 no ip address ip route-cache distributed shutdown half-duplex interface FastEthernet1/1/0 no ip address ip route-cache distributed shutdown half-duplex interface POS2/0/0 ip address ip route-cache distributed no keepalive Enables MPLS tag switching on this interface. tag-switching ip clock source internal no cdp enable interface POS3/0/0 ip address ip route-cache distributed no keepalive tag-switching ip clock source internal no cdp enable This is part of the IGP. This must be configured as per IGP. router ospf 100 redistribute connected network area 0 default-metric 25 ip classless no ip http server line con 0 transport input none line aux 0 line vty 0 4 password cable login end 21
22 Configuration File for the Provider Edge Device: 7500 Series Router Following is a description of what is being accomplished by configuring this device and the purpose of this device in the larger view of the configuration. The provider edge device provides routing through the MPLS cloud so that the MSO can reach the ISPs. Figure 6 Provider Edge Device (Device 2014): 7500 Series Router MSO HFC cable network ISP-B VPN B Provider core ubr 7246 HFC Configuration File for Device 2014: 7500 Series Router (Provider Edge Device) version 12.1 hostname region boot system flash slot1:rsp12108.t enable secret 5 $1$wc3I$.06R34MjkfJMeDM2j8PiH1 enable password cable ip subnet-zero ip vrf MSO rd 100:1 route-target export 100:1 route-target import 100:1 route-target import 100:2 route-target import 100:3 route-target import 100:4 22
23 ip vrf MSO-isp rd 100:2 route-target export 100:2 route-target import 100:2 route-target import 100:1 ip vrf isp1 rd 100:3 route-target export 100:3 route-target import 100:3 route-target import 100:1 ip vrf isp2 rd 100:4 route-target export 100:4 route-target import 100:4 route-target import 100:1 ip cef distributed cns event-service server interface Loopback0 ip address interface FastEthernet0/0 description Region-2 connection no ip address shutdown full-duplex tag-switching ip interface FastEthernet0/1 ip vrf forwarding MSO ip address half-duplex interface POS1/0/0 description Connect 2004(region ) ip address ip route-cache distributed no keepalive tag-switching ip clock source internal no cdp enable interface POS2/0/0 description 2001(region-1and2-gsr) ip address no ip route-cache cef ip route-cache distributed no keepalive clock source internal no cdp enable interface FastEthernet3/0/0 description ISP1 ip vrf forwarding isp1 ip address ip route-cache distributed full-duplex 23
24 interface FastEthernet3/1/0 ip vrf forwarding isp2 ip address ip route-cache distributed full-duplex router ospf 100 network area 0 network area 0 router bgp 100 redistribute connected neighbor remote-as 100 neighbor update-source Loopback0 neighbor remote-as 100 neighbor update-source Loopback0 address-family ipv4 vrf isp2 neighbor remote-as 6200 neighbor activate no auto-summary no synchronization exit-address-family address-family ipv4 vrf isp1 neighbor remote-as 6100 neighbor activate no auto-summary no synchronization exit-address-family address-family ipv4 vrf MSO-isp no auto-summary no synchronization exit-address-family address-family ipv4 vrf MSO no auto-summary no synchronization network mask exit-address-family address-family vpnv4 neighbor activate neighbor send-community extended neighbor activate neighbor send-community extended exit-address-family no ip classless no ip http server line con 0 transport input none line aux 0 line vty 0 4 password cable login end 24
25 Configuration File for the Customer Edge Device: 7200 Series Router Following is a description of what is being accomplished by configuring this device and the purpose of this device in the larger view of the configuration. Figure 7 Customer Edge Device (Device 2016): 7200 Series Router MSO HFC cable network Provider core ubr maintenance router VPN MGMT Management subnet Configuration File for Device 2016: 7200 Series Router (Customer Edge Device) version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption hostname cse-ce boot system flash slot0:c t enable secret 5 $1$inJL$97cEHC5GGR4qI2WtDbMDb1 enable password cable ip subnet-zero cns event-service server interface Loopback0 ip address
26 Related Documents Integration Solutions Guide for Managed Broadband Access Using MPLS VPNs for Cable Multiservice Operators interface FastEthernet0/0 ip address full-duplex interface FastEthernet1/0 ip address full-duplex router bgp 6100 redistribute connected neighbor remote-as 100 ip classless no ip http server line con 0 transport input none line aux 0 line vty 0 4 password cable login end Related Documents For additional information on MPLS, VPNs, managed broadband access, and cable networks, refer to the following documents: Introduction to MPLS VPNs for Cable Beyond Tunneling: The Managed Broadband Access Architecture for Cable MSOs and Other Service Providers Virtual Private Networks: An Overview ubr7200 Series MPLS VPN Cable Enhancements 26
Provisioning Cable Services
CHAPTER 10 This chapter describes how to provision MPLS VPN cable in IP Solutions Center (ISC). It contains the following sections: Overview of MPLS VPN Cable, page 10-1 in ISC, page 10-5 Creating the
More informationMPLS-based Layer 3 VPNs
MPLS-based Layer 3 VPNs Overall objective The purpose of this lab is to study Layer 3 Virtual Private Networks (L3VPNs) created using MPLS and BGP. A VPN is an extension of a private network that uses
More informationConfiguring Basic Broadband Internet Access
CHAPTER 1 This chapter describes the parameters of configuring and maintaining basic broadband Internet access. The chapter contains these sections: Overview of Basic Broadband Internet Access section
More informationConfiguring a Basic MPLS VPN
Configuring a Basic MPLS VPN Help us help you. Please rate this document. Contents Introduction Conventions Hardware and Software Versions Network Diagram Configuration Procedures Enabling Configuring
More informationConfiguring Basic Broadband Internet Access
CHAPTER 4 This chapter describes the parameters of configuring and maintaining basic broadband Internet access. The chapter contains these sections: Overview of Basic Broadband Internet Access section
More informationMPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre
The feature overcomes the requirement that a carrier support multiprotocol label switching (MPLS) by allowing you to provide MPLS connectivity between networks that are connected by IP-only networks. This
More informationTable of Contents. Cisco Configuring a Basic MPLS VPN
Table of Contents Configuring a Basic MPLS VPN...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Related Products...2 Conventions...2 Configure...3 Network Diagram...3 Configuration
More informationMPLS. Cisco MPLS. Cisco Router Challenge 227. MPLS Introduction. The most up-to-date version of this test is at: http://networksims.com/i01.
MPLS Cisco MPLS MPLS Introduction The most up-to-date version of this test is at: http://networksims.com/i01.html Cisco Router Challenge 227 Outline This challenge involves basic frame-mode MPLS configuration.
More informationTesting Juniper Networks M40 Router MPLS Interoperability with Cisco Systems 7513 and 12008 Routers
Interoperability Test Paper Testing Juniper Networks M40 Router MPLS Interoperability with Cisco Systems 7513 and 12008 Routers Mark Anderson, Systems Engineer Annette Kay Donnell, Marketing Engineer Juniper
More informationMPLS VPN Implementation
MPLS VPN Implementation Overview Virtual Routing and Forwarding Table VPN-Aware Routing Protocols VRF Configuration Tasks Configuring BGP Address families Configuring BGP Neighbors Configuring MP-BGP Monitoring
More informationN2X Core Routing - BGP-4 MPLS VPN scenario with integrated traffic Application Note
Agilent N2X N2X Core Routing - BGP-4 MPLS VPN scenario with integrated traffic Application Note Introduction Test Objective The objective of this application note is to demonstrate the power of N2X (in
More informationAT&T Managed IP Network Service (MIPNS) MPLS Private Network Transport Technical Configuration Guide Version 1.0
AT&T Managed IP Network Service (MIPNS) MPLS Private Network Transport Technical Configuration Guide Version 1.0 Introduction...2 Overview...2 1. Technology Background...2 2. MPLS PNT Offer Models...3
More informationMPLS Implementation MPLS VPN
MPLS Implementation MPLS VPN Describing MPLS VPN Technology Objectives Describe VPN implementation models. Compare and contrast VPN overlay VPN models. Describe the benefits and disadvantages of the overlay
More informationConfiguring Remote Access to MPLS VPN
CHAPTER 3 TheCisco 10000 series router supports the IP virtual private network (VPN) feature for Multiprotocol Label Switching (MPLS). MPLS-based VPNs allow service providers to deploy a scalable and cost-effective
More informationIPv4/IPv6 Transition Mechanisms. Luka Koršič, Matjaž Straus Istenič
IPv4/IPv6 Transition Mechanisms Luka Koršič, Matjaž Straus Istenič IPv4/IPv6 Migration Both versions exist today simultaneously Dual-stack IPv4 and IPv6 protocol stack Address translation NAT44, LSN, NAT64
More informationFor internal circulation of BSNLonly
E3-E4 E4 E&WS Overview of MPLS-VPN Overview Traditional Router-Based Networks Virtual Private Networks VPN Terminology MPLS VPN Architecture MPLS VPN Routing MPLS VPN Label Propagation Traditional Router-Based
More informationDevice Provisioning in Cable Environments
A white paper by Incognito Software March, 2009 2009 Incognito Software Inc. All rights reserved. Page 1 of 8 Introduction... 2 Auto-Provisioning and Pre-Provisioning... 2 Components Involved in Device
More informationNetwork Scenarios Pagina 1 di 35
Network Scenarios Pagina 1 di 35 Table of Contents Network Scenarios Cisco 827 s Network Connections Internet Access Scenarios Before You Configure Your Internet Access Network Replacing a Bridge or Modem
More informationConfiguring MPLS VPN & Remote Access. 12- ian- 2010
Configuring MPLS VPN & Remote Access 12- ian- 2010 What this lecture is about: Quick recap of MPLS and MPLS VPN. MPLS VPN configurahon. Cable technologies. DSL technologies. 3 MPLS VPN Reminder First,
More informationOBJECTIVES This paper examines how NetFlow is implemented on logical interfaces. Logical interfaces can be divided into two groups:
Configuration Guide NetFlow on Logical Interfaces: Frame Relay, Asynchronous Transfer Mode, Inter-Switch Link, 802.1q, Multilink Point to Point Protocol, General Routing Encapsulation, Layer 2 Tunneling
More information- Multiprotocol Label Switching -
1 - Multiprotocol Label Switching - Multiprotocol Label Switching Multiprotocol Label Switching (MPLS) is a Layer-2 switching technology. MPLS-enabled routers apply numerical labels to packets, and can
More informationMPLS Configration 事 例
MPLS Configration 事 例 JANOG6 MPLSパネル グローバルワン 株 式 会 社 06/16/2000 JANOG6 MPLS Pannel 1 MPLS Configration なにが 必 要?(Ciscoしかわかりません) IOSは12.0(7) T 以 上 がいい PEは3600, 4500, 7200, and 7500 PはCisco LS1010, 7200,
More informationConfiguring MPLS Hub-and-Spoke Layer 3 VPNs
CHAPTER 23 This chapter describes how to configure a hub-and-spoke topology for Multiprotocol Layer Switching (MPLS) Layer 3 virtual private networks (VPNs) on Cisco NX-OS devices. This chapter includes
More informationNotice the router names, as these are often used in MPLS terminology. The Customer Edge router a router that directly connects to a customer network.
Where MPLS part I explains the basics of labeling packets, it s not giving any advantage over normal routing, apart from faster table lookups. But extensions to MPLS allow for more. In this article I ll
More informationProvisioning Dial Access to MPLS VPN Integration
CHAPTER 3 Provisioning Dial Access to MPLS VPN Integration This chapter describes how to provision each of the methods of dial access to MPLS (Multiprotocol Label Switching) VPN (virtual private network)
More informationFrame Mode MPLS Implementation
CHAPTER 4 Frame Mode MPLS Implementation Lab 4-1: Configuring Frame Mode MPLS (4.5.1) In this lab, you learn how to do the following: Configure EIGRP on a router. Configure LDP on a router. Change the
More informationWholesale IP Bitstream on a Cable HFC infrastructure
Wholesale IP Bitstream on a Cable HFC infrastructure In order to understand the issues related to an ISP reselling Cable Based Internet access it is necessary to look at similarities and dissimilarities
More informationPRASAD ATHUKURI Sreekavitha engineering info technology,kammam
Multiprotocol Label Switching Layer 3 Virtual Private Networks with Open ShortestPath First protocol PRASAD ATHUKURI Sreekavitha engineering info technology,kammam Abstract This paper aims at implementing
More informationIMPLEMENTING CISCO MPLS V3.0 (MPLS)
IMPLEMENTING CISCO MPLS V3.0 (MPLS) COURSE OVERVIEW: Multiprotocol Label Switching integrates the performance and traffic-management capabilities of data link Layer 2 with the scalability and flexibility
More informationDocument ID: 45741. Introduction
Products & Services 6bone Connection Using 6to4 Tunnels for IPv6 Document ID: 45741 Contents Introduction Prerequisites Requirements Components Used Conventions How 6to4 Tunnels Work Limitations of 6to4
More informationNote: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.
Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials. CHAPTER 5 OBJECTIVES Configure a router with an initial configuration. Use the
More informationSSVVP SIP School VVoIP Professional Certification
SSVVP SIP School VVoIP Professional Certification Exam Objectives The SSVVP exam is designed to test your skills and knowledge on the basics of Networking, Voice over IP and Video over IP. Everything that
More informationCisco CCNA Optional Semester 4 Labs Wide Area Networking LAB 1 T1 TSU WAN LINK OVERVIEW - Instructor Guide (Estimated time: 30 minutes)
CNAP @ VCC 1 of 8 LAB 1 T1 TSU WAN LINK OVERVIEW - Instructor Guide (Estimated time: 30 minutes) Objectives: Understand the function of a T1 Service Unit (TSU) in network telecommunications Connect routers
More informationWhite Paper. Cisco MPLS based VPNs: Equivalent to the security of Frame Relay and ATM. March 30, 2001
The leading edge in networking information White Paper Cisco MPLS based VPNs: Equivalent to the security of Frame Relay and ATM March 30, 2001 Abstract: The purpose of this white paper is to present discussion
More informationHow Routers Forward Packets
Autumn 2010 philip.heimer@hh.se MULTIPROTOCOL LABEL SWITCHING (MPLS) AND MPLS VPNS How Routers Forward Packets Process switching Hardly ever used today Router lookinginside the packet, at the ipaddress,
More informationIP/MPLS-Based VPNs Layer-3 vs. Layer-2
Table of Contents 1. Objective... 3 2. Target Audience... 3 3. Pre-Requisites... 3 4. Introduction...3 5. MPLS Layer-3 VPNs... 4 6. MPLS Layer-2 VPNs... 7 6.1. Point-to-Point Connectivity... 8 6.2. Multi-Point
More informationMPLS VPN. Agenda. MP-BGP VPN Overview MPLS VPN Architecture MPLS VPN Basic VPNs MPLS VPN Complex VPNs MPLS VPN Configuration (Cisco) L86 - MPLS VPN
MPLS VPN Peer to Peer VPN s Agenda MP-BGP VPN Overview MPLS VPN Architecture MPLS VPN Basic VPNs MPLS VPN Complex VPNs MPLS VPN Configuration (Cisco) CE-PE OSPF Routing CE-PE Static Routing CE-PE RIP Routing
More informations@lm@n Cisco Exam 400-201 CCIE Service Provider Written Exam Version: 7.0 [ Total Questions: 107 ]
s@lm@n Cisco Exam 400-201 CCIE Service Provider Written Exam Version: 7.0 [ Total Questions: 107 ] Cisco 400-201 : Practice Test Question No : 1 Which two frame types are correct when configuring T3 interfaces?
More informationCisco Which VPN Solution is Right for You?
Table of Contents Which VPN Solution is Right for You?...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1 Components Used...1 NAT...2 Generic Routing Encapsulation Tunneling...2
More informationImplementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software
Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Netwk (L3VPN) services, over an IP ce netwk, using L2TPv3 multipoint
More informationEnterprise Network Simulation Using MPLS- BGP
Enterprise Network Simulation Using MPLS- BGP Tina Satra 1 and Smita Jangale 2 1 Department of Computer Engineering, SAKEC, Chembur, Mumbai-88, India tinasatra@gmail.com 2 Department of Information Technolgy,
More informationCisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications
Cisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications Product Overview Cisco Dynamic Multipoint VPN (DMVPN) is a Cisco IOS Software-based security solution for building scalable
More informationNetworking 4 Voice and Video over IP (VVoIP)
Networking 4 Voice and Video over IP (VVoIP) Course Objectives This course will give delegates a good understanding of LANs, WANs and VVoIP (Voice and Video over IP). It is aimed at those who want to move
More informationInter-Autonomous Systems for MPLS VPNs
Inter-Autonomous Systems for MPLS VPNs This feature module explains how to provide MPLS VPN services that can span several autonomous systems (ASs) and VPN service providers. History of the Inter-Autonomous
More informationImplementing Cisco MPLS
Implementing Cisco MPLS Course MPLS v2.3; 5 Days, Instructor-led Course Description This design document is for the refresh of the Implementing Cisco MPLS (MPLS) v2.3 instructor-led training (ILT) course,
More informationLAN-Cell to Cisco Tunneling
LAN-Cell to Cisco Tunneling Page 1 of 13 LAN-Cell to Cisco Tunneling This Tech Note guides you through setting up a VPN connection between a LAN-Cell and a Cisco router. As the figure below shows, the
More informationQuidway MPLS VPN Solution for Financial Networks
Quidway MPLS VPN Solution for Financial Networks Using a uniform computer network to provide various value-added services is a new trend of the application systems of large banks. Transplanting traditional
More informationBroadband Network Architecture
Broadband Network Architecture Jan Martijn Metselaar May 24, 2012 Winitu Consulting Klipperaak 2d 2411 ND Bodegraven The Netherlands slide Broadband Services! Dual play, Triple play, Multi play! But what
More informationSEC-370. 2001, Cisco Systems, Inc. All rights reserved.
SEC-370 2001, Cisco Systems, Inc. All rights reserved. 1 Understanding MPLS/VPN Security Issues SEC-370 Michael Behringer SEC-370 2003, Cisco Systems, Inc. All rights reserved. 3
More informationIMPLEMENTING CISCO MPLS V2.3 (MPLS)
IMPLEMENTING CISCO MPLS V2.3 (MPLS) COURSE OVERVIEW: The course will enable learners to gather information from the technology basics to advanced VPN configuration. The focus of the course is on VPN technology
More informationImplementing Secured Converged Wide Area Networks (ISCW) Version 1.0
COURSE OVERVIEW Implementing Secure Converged Wide Area Networks (ISCW) v1.0 is an advanced instructor-led course that introduces techniques and features that enable or enhance WAN and remote access solutions.
More informationCisco Configuring Basic MPLS Using OSPF
Table of Contents Configuring Basic MPLS Using OSPF...1 Introduction...1 Mechanism...1 Hardware and Software Versions...2 Network Diagram...2 Configurations...2 Quick Configuration Guide...2 Configuration
More informationExam Name: BGP + MPLS Exam Exam Type Cisco Case Studies: 3 Exam Code: 642-691 Total Questions: 401
Question: 1 Every time a flap occurs on a route, the route receives A. 750 per-flap penalty points which are user configurable B. 1500 per-flap penalty points which are user configurable C. 200 per-flap
More informationHow To Configure A Cisco Router With A Cio Router
CHAPTER 1 This chapter provides procedures for configuring the basic parameters of your Cisco router, including global parameter settings, routing protocols, interfaces, and command-line access. It also
More informationMPLS-based Virtual Private Network (MPLS VPN) The VPN usually belongs to one company and has several sites interconnected across the common service
Nowdays, most network engineers/specialists consider MPLS (MultiProtocol Label Switching) one of the most promising transport technologies. Then, what is MPLS? Multi Protocol Label Switching (MPLS) is
More informationHow To Make A Network Secure
1 2 3 4 -Lower yellow line is graduate student enrollment -Red line is undergradate enrollment -Green line is total enrollment -2008 numbers are projected to be near 20,000 (on-campus) not including distance
More informationMP PLS VPN MPLS VPN. Prepared by Eng. Hussein M. Harb
MP PLS VPN MPLS VPN Prepared by Eng. Hussein M. Harb Agenda MP PLS VPN Why VPN VPN Definition VPN Categories VPN Implementations VPN Models MPLS VPN Types L3 MPLS VPN L2 MPLS VPN Why VPN? VPNs were developed
More informationICTTEN4215A Install and configure internet protocol TV in a service provider network
ICTTEN4215A Install and configure internet protocol TV in a service provider network Release: 1 ICTTEN4215A Install and configure internet protocol TV in a service provider network Modification History
More informationThe Cisco IOS Firewall feature set is supported on the following platforms: Cisco 2600 series Cisco 3600 series
Cisco IOS Firewall Feature Set Feature Summary The Cisco IOS Firewall feature set is available in Cisco IOS Release 12.0. This document includes information that is new in Cisco IOS Release 12.0(1)T, including
More informationKingston University London
Kingston University London Thesis Title Implementation and performance evaluation of WAN services over MPLS Layer-3 VPN Dissertation submitted for the Degree of Master of Science in Networking and Data
More informationImplementing MPLS VPNs over IP Tunnels
Implementing MPLS VPNs over IP Tunnels The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Netwk (L3VPN) services, over an IP ce netwk, using L2TPv3 multipoint tunneling instead
More informationMultiprotocol Label Switching Load Balancing
Multiprotocol Label Switching Load Balancing First Published: July 2013 The Cisco ME 3800 and ME 3600 switches support IPv4 and IPv6 load balancing at the LER and LSR. Effective with Cisco IOS Release
More informationWhy Is MPLS VPN Security Important?
MPLS VPN Security An Overview Monique Morrow Michael Behringer May 2 2007 Future-Net Conference New York Futurenet - MPLS Security 1 Why Is MPLS VPN Security Important? Customer buys Internet Service :
More information- Basic Router Security -
1 Enable Passwords - Basic Router Security - The enable password protects a router s Privileged mode. This password can be set or changed from Global Configuration mode: Router(config)# enable password
More informationSkills Assessment Student Training Exam
Skills Assessment Student Training Exam Topology Assessment Objectives Part 1: Initialize Devices (8 points, 5 minutes) Part 2: Configure Device Basic Settings (28 points, 30 minutes) Part 3: Configure
More informationCCT vs. CCENT Skill Set Comparison
Operation of IP Data Networks Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs Select the components required to meet a given network specification
More informationCase Study for Layer 3 Authentication and Encryption
CHAPTER 2 Case Study for Layer 3 Authentication and Encryption This chapter explains the basic tasks for configuring a multi-service, extranet Virtual Private Network (VPN) between a Cisco Secure VPN Client
More informationRA-MPLS VPN Services. Kapil Kumar Network Planning & Engineering Data. E-mail: Kapil.Kumar@relianceinfo.com
RA-MPLS VPN Services Kapil Kumar Network Planning & Engineering Data E-mail: Kapil.Kumar@relianceinfo.com Agenda Introduction Why RA MPLS VPNs? Overview of RA MPLS VPNs Architecture for RA MPLS VPNs Typical
More informationInterconnecting Cisco Networking Devices Part 2
Interconnecting Cisco Networking Devices Part 2 Course Number: ICND2 Length: 5 Day(s) Certification Exam This course will help you prepare for the following exam: 640 816: ICND2 Course Overview This course
More information640-816: Interconnecting Cisco Networking Devices Part 2 v1.1
640-816: Interconnecting Cisco Networking Devices Part 2 v1.1 Course Introduction Course Introduction Chapter 01 - Small Network Implementation Introducing the Review Lab Cisco IOS User Interface Functions
More informationUIP1868P User Interface Guide
UIP1868P User Interface Guide (Firmware version 0.13.4 and later) V1.1 Monday, July 8, 2005 Table of Contents Opening the UIP1868P's Configuration Utility... 3 Connecting to Your Broadband Modem... 4 Setting
More informationNovember 2013. Defining the Value of MPLS VPNs
November 2013 S P E C I A L R E P O R T Defining the Value of MPLS VPNs Table of Contents Introduction... 3 What Are VPNs?... 4 What Are MPLS VPNs?... 5 What Are the Benefits of MPLS VPNs?... 8 How Do
More informationCable Modems. Definition. Overview. Topics. 1. How Cable Modems Work
Cable Modems Definition Cable modems are devices that allow high-speed access to the Internet via a cable television network. While similar in some respects to a traditional analog modem, a cable modem
More informationBuilding Trusted VPNs with Multi-VRF
Building Trusted VPNs with Introduction Virtual Private Networks (VPNs) have been a key application in networking for a long time. A slew of possible solutions have been proposed over the last several
More informationUsing a Sierra Wireless AirLink Raven X or Raven-E with a Cisco Router Application Note
Using a Sierra Wireless AirLink Raven X or Raven-E with a Application Note Cisco routers deliver the performance, availability, and reliability required for scaling mission-critical business applications
More informationData Networking and Architecture. Delegates should have some basic knowledge of Internet Protocol and Data Networking principles.
Data Networking and Architecture The course focuses on theoretical principles and practical implementation of selected Data Networking protocols and standards. Physical network architecture is described
More informationIntroducing Basic MPLS Concepts
Module 1-1 Introducing Basic MPLS Concepts 2004 Cisco Systems, Inc. All rights reserved. 1-1 Drawbacks of Traditional IP Routing Routing protocols are used to distribute Layer 3 routing information. Forwarding
More informationSprint Global MPLS VPN IP Whitepaper
Sprint Global MPLS VPN IP Whitepaper Sprint Product Marketing and Product Development January 2006 Revision 7.0 1.0 MPLS VPN Marketplace Demand for MPLS (Multiprotocol Label Switching) VPNs (standardized
More informationSSVP SIP School VoIP Professional Certification
SSVP SIP School VoIP Professional Certification Exam Objectives The SSVP exam is designed to test your skills and knowledge on the basics of Networking and Voice over IP. Everything that you need to cover
More informationMPLS Multi-Vendor Provisioning. Presented by Brian O Sullivan Director, Product Management Dorado Software October 21, 2003
MPLS Multi-Vendor Provisioning Presented by Brian O Sullivan Director, Product Management Dorado Software October 21, 2003 1 Agenda Why Interoperability? Types of VPNs Industry Standards Interoperability
More informationImplementing Cisco Service Provider Next-Generation Edge Network Services **Part of the CCNP Service Provider track**
Course: Duration: Price: $ 3,695.00 Learning Credits: 37 Certification: Implementing Cisco Service Provider Next-Generation Edge Network Services Implementing Cisco Service Provider Next-Generation Edge
More informationConfiguring the Transparent or Routed Firewall
5 CHAPTER This chapter describes how to set the firewall mode to routed or transparent, as well as how the firewall works in each firewall mode. This chapter also includes information about customizing
More informationCisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)
Cisco Certified Network Associate Exam Exam Number 200-120 CCNA Associated Certifications CCNA Routing and Switching Operation of IP Data Networks Operation of IP Data Networks Recognize the purpose and
More informationBuilding VPNs. Nam-Kee Tan. With IPSec and MPLS. McGraw-Hill CCIE #4307 S&
Building VPNs With IPSec and MPLS Nam-Kee Tan CCIE #4307 S& -.jr."..- i McGraw-Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto
More informationConfiguring a Leased Line
CHAPTER 4 Configuring a Leased Line The configuration in this chapter describes how to configure a Cisco 1700 router for IP and IPX over a synchronous serial line. Before You Begin The configuration in
More informationBRI to PRI Connection Using Data Over Voice
BRI to PRI Connection Using Data Over Voice Document ID: 14962 Contents Introduction Prerequisites Requirements Conventions Background Information Configure Network Diagram Configurations Verify Troubleshoot
More informationMulti Protocol Label Switching (MPLS) is a core networking technology that
MPLS and MPLS VPNs: Basics for Beginners Christopher Brandon Johnson Abstract Multi Protocol Label Switching (MPLS) is a core networking technology that operates essentially in between Layers 2 and 3 of
More informationJOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01
JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT Test Code: 4514 Version: 01 Specific Competencies and Skills Tested in this Assessment: PC Principles Identify physical and equipment
More information"Charting the Course...
Description "Charting the Course... Course Summary Interconnecting Cisco Networking Devices: Accelerated (CCNAX), is a course consisting of ICND1 and ICND2 content in its entirety, but with the content
More informationTask 20.1: Configure ASBR1 Serial 0/2 to prevent DoS attacks to ASBR1 from SP1.
Task 20.1: Configure ASBR1 Serial 0/2 to prevent DoS attacks to ASBR1 from SP1. Task 20.2: Configure an access-list to block all networks addresses that is commonly used to hack SP networks. Task 20.3:
More informationMPLS VPN Route Target Rewrite
The feature allows the replacement of route targets on incoming and outgoing Border Gateway Protocol (BGP) updates Typically, Autonomous System Border Routers (ASBRs) perform the replacement of route targets
More informationRFC 2547bis: BGP/MPLS VPN Fundamentals
White Paper RFC 2547bis: BGP/MPLS VPN Fundamentals Chuck Semeria Marketing Engineer Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408 745 2001 or 888 JUNIPER www.juniper.net
More informationMPLS VPN Services. PW, VPLS and BGP MPLS/IP VPNs
A Silicon Valley Insider MPLS VPN Services PW, VPLS and BGP MPLS/IP VPNs Technology White Paper Serge-Paul Carrasco Abstract Organizations have been demanding virtual private networks (VPNs) instead of
More informationIP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life
Overview Dipl.-Ing. Peter Schrotter Institute of Communication Networks and Satellite Communications Graz University of Technology, Austria Fundamentals of Communicating over the Network Application Layer
More informationCisco IP Solution Center MPLS VPN Management 5.0
Cisco IP Solution Center MPLS VPN Management 5.0 As part of the Cisco IP Solution Center (ISC) family of intelligent network management applications, the Cisco ISC MPLS VPN Management application reduces
More informationDD2491 p2 2011. MPLS/BGP VPNs. Olof Hagsand KTH CSC
DD2491 p2 2011 MPLS/BGP VPNs Olof Hagsand KTH CSC 1 Literature Practical BGP: Chapter 10 MPLS repetition, see for example http://www.csc.kth.se/utbildning/kth/kurser/dd2490/ipro1-11/lectures/mpls.pdf Reference:
More informationCisco Group Encrypted Transport VPN: Tunnel-less VPN Delivering Encryption and Authentication for the WAN
Cisco Group Encrypted Transport VPN: Tunnel-less VPN Delivering Encryption and Authentication for the WAN Product Overview Today s networked applications such as voice and video are accelerating the need
More informationInternet Connectivity Options
White Paper Connectivity Options Introduction access is perhaps one of the most popular services that Service Providers offer their customers. Customers have flexibility to purchase MPLS VPN services connectivity
More information4141_02_2002_c1. 2002, Cisco Systems, Inc. All rights reserved.
1 Managed Access Cisco Cable-Ready Solution March 2002 2 Agenda Managed Access Definition Market Opportunities Deployment Challenges Cisco s Managed Access Strategy Benefits Managed Access Cisco Cable-Ready
More informationConfiguration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example
Configuration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example Document ID: 113337 Contents Introduction Prerequisites Requirements Components Used Conventions Configuration
More information