Guest

Cisco 7600 Series Routers

Cisco IOS Software Release 12.2SR New Features and Hardware Support

  • Viewing Options

  • PDF (3.0 MB)
  • Feedback

Contents

Cisco IOS Software Release 12.2SR Introduction

Cisco IOS Software Release 12.2(33)SRE

New Features

Hardware

Cisco 7600 Series Ethernet Services Plus Line Cards

4500W DC Power Supply for the Cisco 7606-S Chassis

Cisco 7600 Series Enhanced Optics Support

Carrier Ethernet Flexible Infrastructure

ITU-T Y.1731 Fault Management Functions (AIS/RDI/LCK)

IEEE 802.1ag-2007 Compliant Connectivity Fault Management (CFM) - Bridge Domain Support

IEEE 802.1ag-2007-Compliant CFM - PW/VFI Support

CFM over EFP Interface Configured with xconnect

802.1ah with VPLS Integration

Service Groups (EVC)

Multichassis Link Aggregation Control Protocol (mLACP)

REP Integration with EVC and VPLS

Multiple Spanning Tree (MST) Access Gateway (Reverse L2GP)

Gigabit Ethernet LAG on UNI with Advanced EVC Load Balancing

H-VPLS with Port-Channel Core Interface (VPLS LAG NNI)

Control Word Configuration for VPLS

Static MAC Binding to EVCs and Pseudowires

Layer 3/Layer 4 ACL on Service Instance (EVC)

Custom Ethertype for EVC on Port Channels

MAC Address Security on EVC Port Channels

DHCP Snooping with Option 82 on EVC Port Channel

Flexible Service Mapping Based on CoS, Ethertype

Bridge Domain MIB

Four-Level Egress/Three-Level Ingress H-QoS on EFP Group

Layer 3 Classification and Marking on EVC on Cisco 7600 Series ES+20 Line Cards

Triple-Nesting QoS

Per VC-QoS Classification for ATM Virtual Path Pseudowires

IPv6 - Hop-by-Hop Rate Limiter

BGP Support for 4-Byte Autonomous System Numbers (ASNs)

MPLS VPN - MPLS L3VPN over GRE

Dynamic Layer 3 VPNs (RFC 2547) with Multipoint GRE (mGRE) Tunnel Support for SIP-400 and ES+40 Cards on the Cisco 7600 Series Platform

IS-IS MPLS LDP Synchronization and Autoconfiguration

Label Switched Multicast: Point-to-Multipoint Traffic Engineering (P2MP-TE)

NSF/SSO Multicast (IPv4/6IPv6)

L2VPN Pseudowire Preferential Forwarding (Active/Standby Status)

L2TPv3 Pseudowire Redundancy

BFD SSO Support

BFD IPv6 support

BFD MIB v2

MPLS Traffic Engineering Path Protection Increased to Eight Paths

BGP PIC Edge for IP/MPLS VPN and BGP Best External

Subscriber-Aware Ethernet with Cisco ISG Support on Cisco 7600 Series ES+ Line Cards

Support for IP Sessions on Gigabit EtherChannel

Support for PPPoE or IP sessions on 1:1 Link Aggregation Control Protocol (LACP) port channels. The port channel is configured in active/standby mode and can operate across line cards. Session state is preserved on the port channel during a failover.

Multicast Coexistence with IP Sessions

DHCP Server User Authentication

ISG NASPort Option 82 and Option 60 Transparent Auto Logon (TAL)

L2VPN Support for ATM Cell Packing on Static Pseudowire

End-to-End VCCV on Multisegment Peudowire

Access Circuit Redundancy

Virtual Circuit and Virtual Path Mode Cell Packing on Cisco 7600 Series SIP-400 for CEoPs and OC-48 ATM SPAs

Synchronous Ethernet Support

2G Grooming with the CEoPs SPA (AIS Processing)

Release 12.2(33)SRD Feature Highlights

Hardware

Cisco 7600 Series Ethernet Services Plus 40G Line Cards

SPA-8X1FE-TX-V2 & SPA-4X1FE-TX-V2 Support on Cisco 7600-SIP-400

Cisco 7200 Series Routers, Cisco 7201 Router, and Cisco 7301 Router Support

Carrier Ethernet Flexible Infrastructure

Service Instance (EVC) on Portchannel for Cisco 7600 40G Ethernet Services Plus Line Cards

Broadcast Storm Control on Switchports and Ports with Service Instances (EVCs)

DHCP Snooping on Service Instance (EVC)

Uni-Directional Link Detection on Service Instances (EVCs)

IP Source Guard for Service Instance (EVC)

Custom Ethertype on Service Instance (EVC)

MAC address security for Service Instances (EVC)

Private Host on interface VLAN

Carrier Ethernet Manageability

Ethernet-OAM: ITU-T Y.1731 Fault Management Functions

CFM Outward Facing (Down) MEP on Switchports

Service Instance (EVC) MIB

CFM (802.1ag) IEEE MIB

802.3ah SNMP MIB

Cisco Netflow MIB

Carrier Ethernet Quality of Service

Dual Rate Three Color ingress policer on Service Instances

IP SLAs Metro-Ethernet 2.0 (EVC)

Bandwidth Remaining Ratio Support

L2 Access Control List on Service Instance (EVC)

Resiliency

MST on Service Instance (EVC) Bridge Domain

NSF/SSO - E-LMI support

NSF/SSO - 802.3ah OAM support

NSF/SSO - CFM Support

Asymmetric Carrier Delay

Subscriber Aware Ethernet

SAE: DHCP - Relay Option 82 encapsulation

SAE: Authentication - DHCP Option 60 Support and VPN-ID Support

SAE: RSVP support for IP Sessions

Mobile

IMA Core Facing Support

Port Mode Cell Relay Support

ISG Support on SAMI Blade

Layer 2 Enhancements

L2VPN Routed Mode Interworking: Ethernet/VLAN to ATM/FR/PPP

L2TPv3 - Layer-2 Tunneling Protocol Version 3 on Cisco Ethernet Services Plus Line Cards

Bridging using RFC1483 Routed Encapsulation (BRE) on 7600-SIP-400

Mini Protocol Analyzer using SPAN

Release 12.2(33)SRC Feature Highlights

Hardware

Cisco 7600 Series Route Switch Processor 720-10GE (RSP720-3C-10GE & RSP720-3CXL-10GE)

8-Port 10 Gigabit Ethernet Module for Cisco 7600 Series Routers

Wireless Services Module for Cisco 7600 Series Routers

PA-MC-T3-EC and PA-MC-2T3-EC for Cisco 7200 and 7301 Series Routers

Cisco 7200 Series Routers, Cisco 7201 Router, and Cisco 7301 Router Support

Broadband

Cisco Intelligent Services Gateway Session Control High Availability (SSO/EFSU)

Cisco Intelligent Services Gateway Support for Cisco 7600 Series Routers

Cisco ISG: Service Control Engine (SCE) Common Control Bus

Cisco ISG: MQC Support for IP Sessions

Cisco ISG: IP Session Keepalives (ARP and ICMP)

Broadband PPP Features for Cisco 7600 Series Routers

Authentication, Authorization and Accounting Enhancements

Quality of Service

Tunnel-Based Admission Control Support for Cisco 7600 Series Routers

Per-User QoS for Cisco 7600 Series Routers

Per-Session QoS for Cisco 7600 Series Routers

Per-Session Shaping and Queuing on LNS for Cisco 7600 Series Routers

Traffic Shaping Overhead Accounting for ATM for Cisco 7600 Series Routers

GRE Tunnel Marking for Cisco 7200 Series Routers

Layer 2 VPN

High Availability for Any Transport over MPLS (AToM): NSF with SSO; EFSU

AToM Tunnel Selection for Cisco 7200 Series Routers and the Cisco 7301 Router

MPLS PW Status Signaling

Per Subinterface MTU for Ethernet over MPLS (EoMPLS)

High Availability for Virtual Private LAN Service (VPLS): NSF with SSO; EFSU

H-VPLS N-PE Redundancy for QinQ or MPLS Access

VPLS MAC Address Withdrawal

TDM Local Switching

MPLS and Layer 3 VPN

Cisco IOS MPLS TE/RSVP Enhancements

Cisco IOS MPLS LDP Enhancements

Cisco IOS MPLS Embedded Management Enhancements

Cisco IOS MPLS Layer 3 VPN Enhancements

IP Addressing and Services

HSRP Group Shutdown

VRRP Stateful Switchover/Enhanced Fast Software Upgrade

DHCPv4 Server Management Enhancements

DHCPv4 Server, Proxy, Relay, ODAP Enhancements

DHCPv6 Relay Enhancements

Updated IPv6 MIB - RFC 4292 (IP MIB) and RFC 4293 (IP Forwarding MIB)

IP Routing

Bidirectional Forwarding Detection Enhancements

OSPF Graceful Shutdown

OSPF Generic TTL Security Mechanism

Cisco IOS Infrastructure and Embedded Management

Cisco IOS Scripting with Tcl

Embedded Syslog Manager

CNS Interactive CLI

Command Scheduler (KRON)

HTTP TACAC+ Accounting Support

HTTP Access over IPv6

Release 12.2(33)SRB Feature Highlights

Hardware

Cisco 7600 RSP720-3C-GE and RSP720-3CXL-GE

Cisco 7600 Series Ethernet Services 20 Gbps (ES20) Line Cards

Cisco 7606-S Router

Cisco 7609-S Router

Carrier Ethernet

Carrier Ethernet Management Enhancements

Service Layer OAM (IEEE 802.1ag Ethernet Connectivity Fault Management)

Ethernet Local Management Interface (E-LMI)

Cisco Performance Management and Monitoring through IP SLAs for Ethernet

OAM Interworking

High Availability

In-Service Software Upgrade Support for Cisco 7600 Series Routers - Phase I

MPLS Nonstop Forwarding and Stateful Switchover - MPLS LDP, MPLS VPN

Quality of Service

Cisco IOS QoS Enhancements

Cisco IOS QoS: Distribution of Remaining Bandwidth via Ratio

Cisco IOS QOS: Enhancement for Dual Priority Queues on SIP-600 and ES20

Cisco IOS QOS: Percent Priority and Percent Bandwidth for SIP400

Cisco IOS QoS: Two-Rate Policer

Cisco IOS RSVP Enhancements

Cisco IOS RSVP Application ID Support

Cisco IOS RSVP Control Plane DSCP Support for RSVP

Cisco IOS RSVP Fast Local Repair (RSVP FLR)

Cisco IOS RSVP Interface-Based Receiver Proxy

Cisco IOS RSVP Refresh Reduction and Reliable Messaging

Cisco IOS RSVP Scalability Enhancements

Cisco IOS RSVP Message Authentication

MPLS and VPNs

IPv6 VPN Provider Edge Router (6VPE) over MPLS for Cisco 7600 Series

Cisco IOS MPLS Embedded Management Enhancements

Cisco IOS MPLS LDP Enhancements

Cisco IOS MPLS Traffic Engineering Enhancements

Cisco IOS MPLS Layer 3 VPN Enhancements

Cisco IOS L2VPN Enhancements

L2VPNs over MPLS - Any Transport over MPLS (AToM)

Ethernet over MPLS (EoMPLS)

Frame Relay over MPLS (FRoMPLS)

Any Transport over MPLS Static Pseudo Wire Provisioning

Any Transport over MPLS Tunnel Selection

Any Transport over MPLS (AToM) Interworking

Layer 2 Local Switching - Same Port Switching for Frame Relay

Any Transport over MPLS (AToM) High Availability

L2VPN Management

Virtual Private LAN Service (VPLS): BGP Support for L2VPN Address Family

Virtual Private LAN Service (VPLS): BGP Based Auto Discovery/Zero Touch Provisioning

VPLS Multiple VCs per Spoke

IP Addressing and Services

HSRP and GLBP SSO/EFSU

Cisco HSRP Multiple Group Optimization

HSRP Group Shutdown

HSRP for IPv6

Enhanced Object Tracking Integration with Embedded Event Manager

DHCP Client, Relay and Server Enhancements

IPv6 Default Router Preferences

IP Multicast and Routing

IP Multicast Enhancements

Bandwidth Based Call Admission Control (CAC) for IP Multicast

Enhanced Multicast Multi-path

Per interface Mroute State Limit

Multicast MVPN Inter-AS

Multicast IPv6 Enhancements

Auto-RP Enhancement

IPv4 extended ACL for IGMP to support SSM

IP Multicast Route Standard MIB (IPMROUTE-STD-MIB)

Multicast Virtual Private Network (MVPN) MIB (CISCO-MVPN-MIB)

Multicast Source Distribution Protocol (MSDP) compliance with IETF RFC 3618

Multi-Topology Routing

Cisco Optimized Edge Routing

Bidirectional Forwarding Detection (BFD) Enhancements

Border Gateway Protocol Enhancements

BGP Multicast Inter-AS (IAS) VPN

BGP Support for BFD

Border Gateway Protocol Support for Next-Hop Address Tracking

BGP Per Neighbor SoO Configuration

Border Gateway Protocol Support for Dual Autonomous System Configuration for Network Autonomous System Migrations

BGP Support for Named Extended Community Lists

BGP Support for Sequenced Entries in Extended Community Lists

Border Gateway Protocol Support for IP Prefix Import from Global Table into Virtual Routing and Forwarding Table

Reliable Static Routing Back-up using Object Tracking

CLNS Support for GRE Tunneling of IPv4 and IPv6 Packets in CLNS Networks

Open Shortest Path First Enhancements

Area Command in Interface Mode for OSPF v2

OSPF Area Transit Capability

Enhanced Interior Gateway Routing Protocol Enhancements

Enhanced Interior Gateway Routing Protocol for IPv6

EIGRP Support for Route Map Filtering

Cisco IOS Infrastructure and Embedded Management

Cisco IOS Embedded Resource Manager

Cisco IOS Embedded Event Manager

Per Interface NetFlow

NetFlow Layer 2 and Security Monitoring Exports

Release 12.2SR Additional Information

Cisco IOS Software Release Feedback and Questions

Release 12.2S Information

Cisco IOS Software Center

Cisco Software Advisor (requires Cisco.com account)

Cisco Feature Navigator (requires Cisco.com account)

Cisco IOS Planner (requires Cisco.com account)

Cisco MIB Locator

Cisco Bug Toolkit (requires Cisco.com account)


Product Bulletin No. 393294
Last Updated: April 2010

This Product Bulletin introduces Cisco IOS ® Software Release 12.2SR and includes the following sections:
 

Cisco IOS Software Release 12.2SR Introduction

Cisco IOS Software Release 12.2S is designed for Service Provider edge and Enterprise campus networks that require world-class IP and Multiprotocol Label Switching (MPLS) services.
Release 12.2SR is the premier Cisco IOS Software for delivering industry-leading Carrier Ethernet, Broadband Aggregation and Subscriber Services, and MPLS Provider Edge functionality for next generation Service Provider edge, Enterprise MAN/WAN, and Federal networks that run the Cisco 7600 Series Routers, Cisco 7200 Series Routers, and the Cisco 7301 Router. Releases 12.2(33)SRD, 12.2(33)SRC, and 12.2(33)SRB are available from Cisco.com.
Release 12.2(33)SRD, the latest customer release of Release 12.2SR, delivers over 75 new Cisco IOS Software features and powerful new hardware support for the Cisco 7600 Series Routers. Release 12.2(33)SRD also provides support for the Cisco 7200 Series Routers, the Cisco 7201 Router, and the Cisco 7301 Router.
Release 12.2(33)SRC, the third release of 12.2SR supports the Cisco 7200 Series Routers, the Cisco 7201 Router, the Cisco 7301, and the Cisco 7600 Series Routers. Release 12.2(33)SRB, the second release of Release 12.2SR, is specific to the Cisco 7600 Series Routers.
For detailed information about the features and hardware supported in Releases 12.2(33)SRD, 12.2(33)SRC, and 12.2(33)SRB, refer to the Cisco IOS Software Release 12.2SR release notes and customer documentation at the following website: http://www.cisco.com/en/US/products/ps6922/tsd_products_support_series_home.html
Not all features may be supported on all platforms. Use Cisco Feature Navigator to find information about platform support and Cisco IOS Software image support. Access Cisco Feature Navigator at http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp. You must have an account on Cisco.com.

Cisco IOS Software Release 12.2(33)SRE

Like all Cisco IOS ® Software 12.2SR releases, Release 12.2(33)SRE integrates innovations that span multiple technology areas, including flexible Carrier Ethernet infrastructure, manageability, and quality of service (QoS). It also features further improvements in the areas of resiliency, subscriber-aware Ethernet on the Cisco ® 7600 Series Ethernet Services Plus (ES+) line cards, mobility, and Layer 2 functionality.
Release 12.2(33)SRE also includes support for the Cisco 7600 Series ES Plus Extended Combo and Transport Line Cards, extending the capabilities of the existing ES+ portfolio.
The following sections include Cisco IOS Software Release 12.2(33)SRE hardware and software feature highlights.

New Features

Table 1. Cisco IOS Software Release 12.2(33)SRE Feature Highlights

Description

Features Highlights

Hardware

Cisco 7600 Series Ethernet Services Plus Extended Combo Line Card

Cisco 7600 Series Ethernet Services Plus Transport Line Cards (12.2(33)SRE1)

Cisco 7606-S 4500W DC Power Supply

Cisco 7600 Series enhanced optics support

Carrier Ethernet Flexible Infrastructure

Service groups (EVC)

ITU-T Y.1731 fault-management functions (AIS/RDI/LCK)

IEEE 802.1ag-2007-compliant CFM - Bridge Domain support

IEEE 802.1ag-2007-compliant CFM - PW/VFI support

CFM on EFP interface configured with xconnect

REP integration with EVC and VPLS

Reverse L2GP

Static MAC binding to EVCs and pseudowires

Multichassis LACP (mLACP)

Flexible service mapping based on CoS, Ethertype

Control Word Configuration for VPLS

L3/L4 ACL on service instance

802.1ah (includes VPLS integration)

H-VPLS with port-channel core interface (VPLS LAG NNI)

GE LAG on UNI with advanced EVC load balancing

Bridge Domain MIB

Custom Ethertype for EVC port channel

MAC security on EVC port channel

DHCP snooping with Option 82 on EVC port channel

Carrier Ethernet Quality of Service

4-level egress/3-level ingress H-QoS on EFP group

SIP-400 card triple-nesting QoS

Per-VC QoS classification for ATM VP pseudowires

L3/L4 class/marking on EVC(ES20)

IPv6 Hop-by-Hop Rate Limiter

Routing and Infrastructure

BGP support for 4-byte ASN MPLS over GRE on ES+ card

Dynamic Layer 3 VPNs (RFC 2547) with multipoint GRE (mGRE) tunnel support for SIP-400 and ES+40 cards on Cisco 7600 Series platform

ISIS MPLS LDP synchronization and autoconfiguration

Label Switched Multicast: Point-to-Multipoint Traffic Engineering (P2MP-TE)

Resiliency

NSF/SSO Multicast (IPv4/6IPv6)

L2VPN Pseudowire Preferential Forwarding (active/standby status)

L2TPv3 pseudowire redundancy

BFD on port channel

BFD NSF/SSO support

BFD IPv6

BFD MIB v2

MPLS/IP BGP PIC Edge

TE Path Protection > 8+ paths

Subscriber-Aware Ethernet

Subscriber-aware Ethernet with Cisco Intelligent Services Gateway (ISG) support on ES+ cards

IP sessions on Gigabit EtherChannel support

Multicast coexistence with IP sessions

ISG Nas port Option 82+ Option 60 Transparent Auto Logon

DHCP Server User Authentication

Mobile

L2VPN support for ATM cell packing on static pseudowire

Cell packing for OC-48 ATM SPA, CEoPS SPA

End-to-end VCCV on multisegment pseudowire

Access circuit redundancy for MPLS pseudowire

SyncE L1 support on ES+ cards

2G grooming with CEoP SPA AIS processing

Hardware

Cisco 7600 Series Ethernet Services Plus Line Cards

The Cisco 7600 Series Ethernet Services Plus 40 Gbps (ES+40) Line Cards utilize an extensible design that enables service prioritization for voice, video, data, and wireless mobility services. Service providers and enterprises benefit from the improved economics, density, advanced Carrier Ethernet features, and the high performance of the ES+40 fixed-configuration line cards. With the same architecture and features, the Cisco 7600 Series Ethernet Services Plus 20 Gbps (ES+20) Line Cards are designed for networks with lower interface density requirements.
The Cisco ® 7600 Series Ethernet Services Plus Extended Combination (ES Plus XC) Line Cards are designed for interface-flexible Ethernet services. They allow service prioritization for voice, video, data, and wireless mobility services and can connect to LAN, WAN, and Optical Transport Network Physical Layer (OTN PHY) interfaces as well as Gigabit Ethernet ports on the same physical line card. This unique form factor allows for configurations with redundant network-to-network 10 Gigabit Ethernet interfaces to reside on separate line card slots for resiliency, while offering user-to-network Gigabit Ethernet interfaces on the same slots for efficiency. Service providers and enterprises benefit from the efficiency gains in power consumption, optimized service scale, and feature capability as well as the flexibility in interface speeds for Ethernet solutions.
The Cisco 7600 Series Ethernet Services Plus Transport Line Cards are designed for cost-efficient Carrier Ethernet service delivery. The cards allow service prioritization for voice, video, data, and wireless mobility services and can connect to LAN, WAN, and OTN PHY interfaces. Service providers and enterprises benefit from the efficiency gains in power consumption, improved economics from higher density, and service scalability and feature capability optimized for cost-sensitive transport Ethernet solutions.
The ES+ programmable interface processors protect network investments and reduce total cost of ownership. The design maximizes connectivity options and offers superior service intelligence through programmable interface processors operating at line rate. Figure 1 shows the Cisco 7600 Series Ethernet Services Plus Extended Combo (ES+XC) Line Cards and Figures 2 and 3 show the Cisco 7600 Series Ethernet Services Plus Transport (ES+T) Line Cards.

Figure 1. Cisco 7600 Series ES+XC 20G and 40G Line Cards

combo 20g ES+combo hres

Figure 2. Cisco 7600 Series ES+T 40G Line Cards (12.2(33)SRE1)

C:\Documents and Settings\smiles\Desktop\index_files\launch_clip_image002.jpg C:\Documents and Settings\smiles\Desktop\index_files\launch_clip_image004.jpg

Figure 3. Cisco 7600 Series ES+T 20G Line Cards (12.2(33)SRE1)

C:\Documents and Settings\smiles\Desktop\index_files\launch_clip_image006.jpg C:\Documents and Settings\smiles\Desktop\index_files\launch_clip_image008.jpg

Benefits

• The Cisco 7600 Series ES+XC Line Cards offer greater flexibility with 10 Gigabit Ethernet and Gigabit Ethernet ports on the same line card

• The Cisco 7600 Series ES+T Line Cards offer enhanced Ethernet service capabilities for lower-scale, cost-sensitive Ethernet deployments

• Higher density, greater scalability

– The line cards offer up to 40G density per slot

– ES+XC cards support 256,000 queues (128,000 ingress and 128,000 egress)

– ES+T cards support 16 Leaf-Node Queues

• Line rate with services enabled

– Line cards provide line-rate forwarding performance on Gigabit Ethernet and 10 Gigabit Ethernet interfaces with services enabled.

• Cisco Service Instance (EVC) Support

– The ES+ line cards support Cisco Service Instance (EVC) to enable flexible UNI

• WAN PHY, DWDM, and CWDM optics support

– The ES+ line cards support DWDM and CWDM optics to help reduce operational costs

– G.709/FEC capability on 10 Gigabit Ethernet interfaces

– WAN PHY capability on 10 Gigabit Ethernet interfaces

Hardware

• Cisco 7600 Series Routers

• Chassis: Cisco 7603-S, 7604, 7606, 7606-S, 7609, 7609-S, and 7613

Additional Information

www.cisco.com/go/7600

www.cisco.com/en/US/products/hw/routers/ps368/prod_installation_guides_list.html

www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

www.cisco.com/en/US/partner/prod/collateral/routers/ps368/data_sheet_c78-570732.html

www.cisco.com/en/US/partner/prod/collateral/routers/ps368/data_sheet_c78-570730.html

4500W DC Power Supply for the Cisco 7606-S Chassis

Cisco is now offering a new variable-output power supply, scalable from 1500 watts (W) to 4500W, for the Cisco 7606-S specifically designed for DC environments. The power supply features a variable-output design configurable for 4500W, 3000W, or 1500W output corresponding to three inputs, two inputs, or one input active:

• Equally sized, multiple inputs, which allow lower fusing requirements and maintain consistent wire gauge among 4500W, 3000W, and 1500W output configurations

• Industry-standard dual post terminals

• Terminal design that facilitates cable entry from left or right side

• Pawl type sliding power switch

• Compatible with Cisco 7606-S chassis

Figure 4. 4500W DC Power Supply for the Cisco 7606-S Chassis

PWR-4500-DC

Benefits

• Increased power capacity for high-density Ethernet modules in redundant power configurations

Hardware

• Cisco 7606-S Routers

Cisco 7600 Series Enhanced Optics Support

• X2-ZR: Cisco Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks (RSP720-10GE), Cisco Catalyst 6500 8-Port 10 Gigabit Ethernet Module (WS-X6708-10G)

• X2-DWDM-XX.XX: RSP720-10GE, WS-X6708-10G line card

• X2-10GB-LRM: RSP720-10GE, WS-X6708-10G line card

• DWDM SFP for Cisco 7600 Series Supervisor Engine 32 (WS_SUP32-3B), 48 and 24 port High Performance Mixed Media Gigabit Ethernet interface module and WS-X6724-SFP/WS-X6748-SFP

• Eight new DWDM SFP wavelengths

Additional Information

www.cisco.com/en/US/products/hw/modules/ps5455/prod_module_series_home.html

Carrier Ethernet Flexible Infrastructure

ITU-T Y.1731 Fault Management Functions (AIS/RDI/LCK)

Y.1731 implementation is based on standard 802.1ag for AIS and RDI (available since Release 12.2(33)SRD). Ethernet Locked Signal function (ETH-LCK) is used to communicate the administrative locking of a maintenance endpoint (MEP) and interruption of data traffic forwarding toward the MEP expecting this traffic, and to differentiate between a defect condition and an administrative locking.

Benefits

The main purpose of the ETH-LCK function is to inform the immediate clients of MEG level regarding maintenance/administrative conditions and consequential interruption of data traffic. It differentiates between a real fault scenario as opposed to an administrative/maintenance window where tests are being performed, such as 802.3ah loopback function, etc, enabling clients to isolate actual faults. The ETH-LCK messages are multicast in the direction opposite to the direction of the loopback tests/out-of-service tests as the case may be. These messages are sent for all the S-VLANs at the port for all services.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/ios/cether/configuration/guide/ce_cfm-ieee_y1731.html

www.cisco.com/en/US/docs/ios/cether/configuration/guide/ce_cfm_y1731.html

www.cisco.com/en/US/docs/ios/cether/configuration/guide/ce_cfm_y1731_ps6922_TSD_Products_Configuration_Guide_Chapter.html

IEEE 802.1ag-2007 Compliant Connectivity Fault Management (CFM) - Bridge Domain Support

Standards-based implementation of 802.1ag. Feature parity with Release 12.2(33)SRD CFM implementation (switch port, routed port, EVC/bridge domain). This includes also Y.1731 AIS/RDI and LCK implementation.

Note: No interoperability with pre-standard version will be provided.

Benefits

Prior to Cisco IOS Software Release 12.2(33)SRE, the Cisco 7600 Series only supported the pre-standard version based on Draft 1.0. With Release 12.2(33)SRE, all CFM functions are fully compliant with the standardized version 802.1ag. The pre-standard version of CFM based on Draft 1.0 of 802.1ag has been deprecated and only the standardized version of CFM based on 802.1ag 2007 is available from Release 12.2(33)SRE. The Cisco 7600 Series will not support the Area Edge Bridge (AEB) function, which allows the integration between regions of the pre-standard regions and the standard regions.
In addition CFM enhancements include the implementation Y.1731 AIS/RDI and LCK implementations.
Ethernet Alarm Indication Signal (ETH-AIS) functionality allows the MEP that detects a connectivity failure at level N to mulitcast AIS in the direction away from the detected failure at the next most superior level for all S-VLAN affected by the failure.
AIS provides the following two key benefits:

• Alarm suppression so that an NMS does not receive and excessive number of redundant alarms for a particular fault.

• If MEP enters AIS state due to RX of AIS, it indicates that there is no troubleshooting required for that MEP.

• Informs clients that a transport path has failed.

ETH-RDI (Ethernet Remote Defect Indication) functionality allows a downstream MEP that detects a defect condition, such as receive signal failure or AIS, it will send RDI in the opposite upstream direction to its peer MEP or MEPs.

• RDI serves in informing upstream MEPs that there has been a downstream failure

Ethernet Lock (ETH-LCK): Please refer to section 2.2.1

Hardware

• Cisco 7600 Series Routers

• Cisco 7600-ES+ line cards, ES+20 line cards, SPAs

Additional Information

www.cisco.com/en/US/docs/ios/cether/configuration/guide/ce_cfm-ieee.html

www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/7600series/sipspasw.html

www.cisco.com/en/US/docs/routers/7600/install_config/ES20_config_guide/baldcfg.html

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html

IEEE 802.1ag-2007-Compliant CFM - PW/VFI Support

Support for standard CFM for VPLS (VFI). CFM MEP will be enabled on the VPLS instance under the VFI configuration.
This feature is also supported on scalable EoMPLS. The requirement is to forward CCM over pseudowires toward the core and receive CFM messages from the core and forward them to the access side. CFM is enabled on pseudowire endpoints.

Benefits

Prior to Release 12.2(33)SRE, CFM functionality was limited only as a Down MEP on the Bridge Domain and that too with the pre-standard version of CFM. CFM over Layer 2 VFI now is completely based on the standardized version of 802.1ag 2007. Release 12.2(33)SRE on the Cisco 7600 Series now supports the CFM over Layer 2 VFI with the Down MEP functionality on the network side. This allows end-to-end service management for VPLS domains at the provider level and customer domains.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/ios/cether/configuration/guide/ce_cfm-ieee.html

www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/7600series/sipspasw.html

www.cisco.com/en/US/docs/routers/7600/install_config/ES20_config_guide/baldcfg.html

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html

CFM over EFP Interface Configured with xconnect

Standards-based CFM MIP/MEP on scalable EoMPLS. The requirement is to forward CCM over pseudowires toward the core and receive CFM messages from the core and forward to the access side. CFM is enabled on pseudowire endpoints.

Benefits

Prior to Release 12.2(33)SRE, CFM functionality was limited to the support of only Down MEP on EVC based on the pre-standard version of 802.1ag. Release 12.2(33)SRE on the Cisco 7600 Series now allows the implementation of CFM Down MEP and Up MEP functionality for pseudowires completely.
This allows customer CFM functionality to extend over the pseduowires transparently while service provider CFM domains can coexist across the pseudowire.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html

802.1ah with VPLS Integration

IEEE 802.1ah is a standard extending the scale of Metro Ethernet services deployments. It provides higher scale for VLANs with the introduction of the Service Identifier I-SID with new 24-bits I-TAG values. MAC scale is also extended by encapsulating customer MAC addresses (C-MAC) into provider MAC addresses (B-MAC), thus isolating and hiding customer address spaces.
In Release 12.2(33)SRE, Cisco 7600 Series 802.1ah implementation enables the following deployments:

1. Native Layer 2 Ethernet IB-BEB functionality on the Cisco 7600 Series Router: This allows Layer 2 C-Bridges to be transported over native Layer 2 Ethernet B-Bridges in a one-box solution instead of a two-box solution.

2. 802.1ah and VPLS: This allows a provider to have 802.1ah access circuit into a VPLS core. In this case, the VPLS core behavior is similar to the B-Bridge.

Integrated with MPB, xconnect, or VPLS forwarding, 802.1ah provides flexible implementation options for service providers. 802.1ah can be implemented with 802.1q or 802.1ad encapsulation. It is supported on all variants of the ES+ cards. The 802.1ah encapsulation imposition and disposition is performed on the UNI subscriber-facing port.

Benefits

802.1ah provides extended scale to the customer MAC address and thus allows larger Metro Ethernet provider-edge deployments on a single Cisco 7600 Series Router. . The use of Service Identifier I-SID extends the scale of bridged services to 16,000 in Release 12.2(33)SRE.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html

Service Groups (EVC)

Service group is an infrastructure construct allowing grouping multiple logical interfaces into a single logical entity. In Release 12.2(33)SRE, EVC grouping is supported. Multiple EVCs, regardless of the forwarding implemented, are grouped under single logical group. The group serves in turn to attach a shared QoS policy that will apply to all EVCs under a group.

Benefits

EVC service groups allow new service models with enhanced QoS management.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/ios/qos/configuration/guide/service_groups.html

Multichassis Link Aggregation Control Protocol (mLACP)

Multichassis LACP (mLACP) is an innovation allowing dual-homing of devices connected via LACP port-channels to two separate routers. mLACP appears as standard IEEE 802.3ad to the dualhomed device. The implementation is supported via Inter-Chassis Communication Protocol signaling status of attachment links within specific port channels between the two routers. In addition, mLACP is integrated with a hot-standby pseudowire feature allowing advanced end-to-end resiliency implementations. In Release 12.2(33)SRE, mLACP is implemented for EVCs.

Benefits

mLACP is part of Layer 2 convergence enhancements. It is applicable for residential and business deployments and can be widely deployed for access resiliency.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ and ES+20 Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_pref.html

REP Integration with EVC and VPLS

Resilient Ethernet Protocol (REP) enables very fast convergence on Metro Ethernet Layer 2 networks and is supported on the switch port of the Cisco 7600 Series since Release 12.2(33)SRC on a switchport. In Release 12.2(33)SRE, REP will be enabled on ports with EVC configuration for bridge-domain (including VPLS with MAC withdrawal), xconnect and connect functions, and 802.1ah. REP will also support EVCs with a range of VLANs. The implementation includes port channel support.

Benefits

REP provides sub-second fast convergence for Layer 2 networks. Integration with VPLS enables reliable end-to-end Layer 2 VPN implementations. Starting with Release 12.2(33)SRE, REP will benefit from all EVC features support.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ and ES+20 Line Cards

Additional Information

www.cisco.com/en/US/docs/ios/lanswitch/configuration/guide/lsw_cfg_rep.html

www.cisco.com/en/US/docs/routers/7600/install_config/ES20_config_guide/baldcfg.html

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html

Multiple Spanning Tree (MST) Access Gateway (Reverse L2GP)

MST Access Gateway is a significant improvement for Spanning Tree-based deployments. Static preconfigured BPDUs are sent out on each ring access port of network provider edge routers (NPE) to simulate a per-access instantiation of the Spanning Tree Protocol in such a way that the NPEs appear to be either the root bridge or the second-best bridge with a zero-cost path to the root. This greatly simplifies the NPE protection mechanism for L2VPN.

Benefits

MST Access Gateway simplifies Spanning Tree deployments by removing full Spanning Tree Protocol processes from NPE routers, which reduces complexity and enhances scale. It also provides TCN isolation between the domains.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ and ES+20 Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES20_config_guide/baldcfg.html

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html

Gigabit Ethernet LAG on UNI with Advanced EVC Load Balancing

On EVC port channels, the load-balancing hash algorithm uses EVC ID. In some cases, this may result in undesirable traffic split on port-channel member links. This feature will allow manual assignment of EVC to a particular link in a link bundle. This allows service providers to explicitly load balance the traffic from various EVCs.

Benefits

Enhance load-balancing scheme on EVC port channel.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_pref.html

H-VPLS with Port-Channel Core Interface (VPLS LAG NNI)

Port channel and MPLS functions are supported on Cisco 7600 Series Routers. Starting with Release 12.2(33)SRE, port channels will be allowed as uplinks for VPLS. In addition, enhanced load-balancing mechanisms will be added to allow splitting the load from a single pseudowire across the port-channel member links and thus avoiding uneven traffic split challenges. MPLS Fast Reroute (FRR) support will be added in a subsequent software release.

Benefits

Allows taking benefits of core link bandwidth to achieve higher bandwidths with VPLS support.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ and ES+20 Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_pref.html

Control Word Configuration for VPLS

Control Word is a mandatory part of non-Ethernet Any Transport over MPLS (AToM) pseudowires. It is optional and negotiated for EoMPLS pseudowire. This feature allows a user to enable, disable or set the control word to auto-sense mode, as part of the pseudowire configuration. For static pseudowire, the control word can be enabled or disabled through xconnect sub-mode. With this new CLI, it can be configured for dynamic pseudowire as well under a pseudowire class. As a part of this feature, users can also configure the VC type to type 4 or type 5 explicitly.

Benefits

Explicit configuration of control word and VC type allows interoperability with wider range of MPLS equipments with restrictions for control word or VC type support.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_any_transport.html

www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_l2vpn_intrntwkg.html

Static MAC Binding to EVCs and Pseudowires

Static MAC support for EVC and pseudowire introduces a capability to bind statically unicast or multicast MAC addresses to a pseudowire (VPLS) or EFP. When defined, permanent static MAC entry will be programmed in the MAC table. This enhancement avoids flooding in some convergence scenarios.

Benefits

Static MAC on EVC and pseudowire allows limiting floods within 802.1ah provider space. It also allows building explicitly multicast trees on Layer 2 networks. In some deployment scenarios, static MAC can avoid MAC learning on a VLAN.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES20_config_guide/baldcfg.html

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html

Layer 3/Layer 4 ACL on Service Instance (EVC)

Layer 3/Layer 4 security ACLs (standard and extended) will be supported on EVC to allow traffic filtering based on Layer 3/Layer 4 information. This enhancement will be supported on all types of EVCs: xconnect, connect, and bridge domain.

Benefits

EVC is a Layer 2 construct. Introducing support for Layer 3/Layer 4 ACLs allows enhanced filtering for Layer 2 traffic based on Layer 3/Layer 4 security policies. It is also a base feature for Layer 3 SVI services.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_pref.html

Custom Ethertype for EVC on Port Channels

This feature introduces the support of Custom Ethertype definition, as per SRD, for port channel links. Supported Ethertypes are 0x88a8, 0x9100, and 0x9200.

Benefits

Defining customizable Ethertype allows interoperating with 802.1ad switches and third-party equipment for VLAN tagged traffic.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html

MAC Address Security on EVC Port Channels

MAC security features allow specifying the maximum number of MACs, stickiness, duplicate MAC avoidance, and static secure MACs on EVCs. This feature will be supported on EVCs on port channel interfaces.

Benefits

Introducing support for MAC security on port channels allows service providers to use port channels on UNI with full EVC security benefits.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/ios/cether/configuration/guide/ce_mac-addlmt-bdsin.html

DHCP Snooping with Option 82 on EVC Port Channel

DHCP snooping builds tables of IP and MAC assignments for access devices using DHCP and disallows further new requests from the MAC addresses with already existing bindings. It is an important DoS protection feature. Further, the snooping table is used for ARP inspection and IP Source Guard features. Additionally, with DHCP snooping on EVC Option 82, insertion is supported with port/circuit ID and subscriber identifier string. This feature will be supported on EVCs provisioned on port channel interfaces.

Benefits

Introducing support for DHCP snooping with Option 82 on port channels allows service providers to use port channels on UNI with full DOS mechanisms benefits.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap4.html

Flexible Service Mapping Based on CoS, Ethertype

EVC supports flexible VLAN-based classification today. Enhancements to EVC selection criteria include CoS or range of CoS values, VLAN and CoS (with restrictions), and Ethertype values (IPv4, IPv6, PPPoE).

Benefits

Enhanced EVC classification models allow simplified residential network infrastructures, better QoS alignment, interoperability with older ATM networks, and simplified migrations.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ and ES+20 Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES20_config_guide/baldcfg.html

www.cisco.com/en/US/docs/routers/7600/install_config/ES40_config_guide/es40_chap7.html

Bridge Domain MIB

CISCO-BRIDGE-DOMAIN-MIB allows collecting information using SNMP for bridge domains: members, member status, MACs, and split-horizon information.

Benefits

Improves manageability of EVC infrastructures with bridge domains.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ and ES+20 Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/technical_references/7600_mib_guides/MIB_Guide_ver_
6/7600mib3.html

Four-Level Egress/Three-Level Ingress H-QoS on EFP Group

Service Group Support for EVCs

This new feature allows grouping of multiple EVCs under a single logical instance called Service Group Interface (SGI). A Service Group allows attaching service policies in order to implement H-QoS not only on a per-EVC basis but rather a per-group-of-EVCs basis. With the ES+ line card, 4-level QoS scheduling hierarchies can be implemented using a flat policy on SGI and H-QoS policies on the EVCs grouped in that SGI. On both the ES+ and ES20 line cards, 3-level QoS scheduling hierarchies can be implemented using an H-QoS policy on the SGI with no policies on the EVCs grouped in the SGI at the same time.

Benefits

The Service Group feature allows for aggregate per-customer QoS SLA enforcement while having multiple EVCs (one per service) delivered to the customer.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ and ES+20 Line Cards

Additional Information

www.cisco.com/en/US/docs/ios/qos/configuration/guide/service_groups.html

Layer 3 Classification and Marking on EVC on Cisco 7600 Series ES+20 Line Cards

EVC is a Layer 2 construct and policy maps configured on ES20 Series Line Cards did not initially support classifying based upon IP precedence or DSCP bits and marking of IP precedence or DSCP bits. This capability was added for the Cisco 7600 Series ES+ Line Cards in Release 12.2(33)SRD and is now added for ES+20 line cards as well.

Benefits

In some Carrier Ethernet deployments, access concentration devices such as DSLAM may not be able to mark 802.1p (CoS) bits correctly, hence the provider is required to classify on IP precedence and DSCP bits. With this enhancement, ES+20 line cards can be used to connect to such devices and perform the required classification.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+20 Line Cards

Additional Information

www.cisco.com/en/US/docs/routers/7600/install_config/ES20_config_guide/SRD/bald_qos.html

Triple-Nesting QoS

Triple-nesting QoS on the Cisco 7600 Series SPA Interface Processor-400 (SIP-400) allows you to define Modular QoS CLI (MQC) policies with parent, child, and grandchild (three policies nested in each other). Queuing functions are supported for parent and child and policing only for grandchild. The MQC triple-nested policies can be applied on the: main interface, sub interface, EVC, FR DLCI, and ATM VC.
Nesting three policies in each other has been treated as a 4-level scheduling hierarchy by the SIP-400 regardless whether there are queuing functions configured in the grandchild policy or not. With this enhancement it is now verified whether queuing functions are configured, and if not the policy is accepted.

Benefits

With this enhancement it is possible to shape a customer connection, perform queuing inside the shaper, and mix multiple traffic classes inside a queue while policing/re-marking the traffic classes in the same queue in a different manner.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series SIP-400

Additional Information

www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/7600series/76cfgsip.html#wp1441234

Per VC-QoS Classification for ATM Virtual Path Pseudowires

This feature allows for attaching an MQC policy on ingress on an ATM PVP that is configured for a VP-mode ATMoMPLS pseudowire (Cell Relay) in order to mark MPLS EXP for traffic sent into the pseudowire and across the MPLS network. The classes of the MQC policy are using "match atm-vci" classification in order to mark EXP differently on a per-VC basis inside the PVP.

Benefits

VP-mode pseudowires allow customers to transport multiple ATM VCs within a single ATMoMPLS pseudowire and increase the scalability of the network solution. This feature does make sure that, while increasing the scale, the ability to mark EXP differently on a per-VC basis is not lost.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series SIP-400

• 2- and 4-port OC-3/STM-1 ATM shared port adapter (SPA), 1-port OC-12/STM-4 ATM SPA, 1-port OC-48/STM-16 ATM SPA

Additional Information

www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/7600series/76ovwsip.html#wp1094663

www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/7600series/76cfgatm.html

IPv6 - Hop-by-Hop Rate Limiter

This feature introduces a policer implemented on the Enhanced FlexWAN and SIP-200 line cards in order to limit the amount of IPv6 packets with Hop-by-Hop extension headers included.

Benefits

IPv6 packets with Hop-by-Hop extension headers included require processing by the MSFC RP on the supervisor or route switch processor. This policer makes sure that the amount of packets sent to the MSFC RP is limited to avoid high route-processor CPU loads and denial-of-service attacks.

Hardware

• Cisco 7600 Series Routers

• Line cards: Enhanced FlexWAN and SIP-200

Additional Information

www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/7600series/76cfgsip.html#wp1418679

www.cisco.com/en/US/docs/routers/7600/install_config/flexwan_config/flexqos.html

www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/7600series/sipspasw.html

BGP Support for 4-Byte Autonomous System Numbers (ASNs)

The IETF has proposed a 32-bit ASN scheme defined in RFC 4893 to allow for more ASNs. Both 2- and 4-byte ASNs will be supported. 4-byte ASNs will be supported for IPv4, VPNv4, and IPv6 address families.

Benefits

The number of 2-byte ASNs is limited and most of them are already allocated. The introduction of 4-byte ASNs prevents the scarcity of ASNs and the possibility that customers or providers cannot connect to the Internet because no ASN is available to them.

Hardware

• Cisco 7600 Series Routers

• Any line card

Additional Information

www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/data_sheet_C78-521821.html

www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/datasheet_c78_516825.html

www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/white_paper_C11_516823.html

MPLS VPN - MPLS L3VPN over GRE

This feature allows tunneling of L3VPN MPLS traffic over GRE tunnels in order to implement MPLS connectivity over IPv4-only transport in case an ES+ line card is used for the MPLS core-facing ports. This feature has been introduced first by using SIP-400 line cards for MPLS core-facing ports and now is enhanced to include ES+ line cards as well.

Benefits

MPLS L3VPNs are commonly deployed by customers to separate departments, applications, and clients, but dedicated Layer 2 connectivity that allows MPLS transport may not be available. Often only IPv4 transport connectivity is available and in such case MPLS L3VPNs over GRE allow you to deploy the desired network architecture.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ for MPLS core-facing ports, any line card for customer-edge-facing ports

Additional Information

www.cisco.com/en/US/partner/docs/interfaces_modules/shared_port_adapters/configuration/6500series/76cfgeth.html#wp1173305

www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_vpn_gre.html

Dynamic Layer 3 VPNs (RFC 2547) with Multipoint GRE (mGRE) Tunnel Support for SIP-400 and ES+40 Cards on the Cisco 7600 Series Platform

MPLS VPN over mGRE uses IPv4-based mGRE tunnels (RFC 2784) for encapsulation of L3VPN packets between provider-edge routers in case there is only IPv4 transport available. The implementation follows RFC 4023 Encapsulating MPLS in IP or Generic Routing Encapsulation (GRE) and facilitates dynamic GRE tunnel creation mechanisms of mGRE such as Next Hop Resolution Protocol (NHRP). (For details refer to mGRE documentation.)

Benefits

mGRE eliminates the need to create and manage a mesh of point-to-point GRE tunnels. Instead a multipoint GRE tunnel is used with dynamic peer creation among the provider-edge routers that are configured with NHRP. mGRE greatly reduces the operational demands of L3VPN over GRE.

Hardware

• Cisco 7600 Series Routers

• Line cards: ES+ or SIP-400 for MPLS core-facing ports, any line card for customer-edge-facing ports

Additional Information

www.cisco.com/en/US/docs/ios/interface/configuration/guide/ir_greL3vpn.html

IS-IS MPLS LDP Synchronization and Autoconfiguration

The Label Distribution Protocol (LDP) Intermediate System-to-Intermediate System (IS-IS) AutoConfig and Synchronization feature reduces the packet loss as a result of the synchronization between Interior Gateway Protcol (IGP) and LDP convergence. The implementation requires information exchange between LDP and IGP. LDP needs to know the configuration state of IGPs on interfaces in order to automatically enable/disable an LDP on those interfaces. IGP needs to know the state of an LDP session on interfaces in order to avoid updating the RIB/FIB to use paths on which LDP label exchange has not converged.

Benefits

A common problem in networks tuned for IGP fast convergence is that when a previously failed link comes back up, LDP neighbor establishment takes longer than IGP convergence. In other words IGP is out of sync with LDP, reroutes traffic onto the recovered link, but traffic requiring MPLS transport is lost due to LDP neighbor ships not being established yet and MPLS not being ready.
With IGP LDP sync the IGP convergence is delayed until LDP and MPLS forwarding is ready and unnecessary traffic loss is avoided.

Hardware

• Cisco 7600 Series Routers

• Line cards: any type

Additional Information

www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fsldpsyn.html

Label Switched Multicast: Point-to-Multipoint Traffic Engineering (P2MP-TE)

P2MP MPLS TE tunnels allow service providers to transport multicast traffic in an MPLS network. The P2MP tunnels are established between one head end and multiple tail ends with RSVP-TE signaling. Multicast groups are mapped to P2MP tunnels. RSVP-TE protocol extensions for P2MP LSP are defined in RFC 4875 and TE-FRR is supported as well.
Cisco 7600 Series implementation of P2MP-TE/FRR is based on egress replication model and allows for core-facing features to be applied including QoS.

Benefits

Using MPLS TE in a multipoint manner for multicast traffic combines the efficient transport of a multipoint tree with resiliency mechanisms of TE-FRR in order to allow for <50 ms protection in case of core network failures.

Hardware

• Supported routers: Cisco 7600 Series

• Supported supervisors: RSP720, SUP720, RSP720-10GE

• Supported line cards: ES+, ES20, 65xx, 67xx, E-Flexwan, SIP-200, SIP-400, SIP-600

Additional Information

www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_te_p2mp.html

NSF/SSO Multicast (IPv4/6IPv6)

Release 12.2(33)SRE extends multicast high availability to support NSF/SSO and ISSU/eFSU to improve convergence upon route switch processor (RSP) switchover for Layer 3/Layer 2 multicast traffic.

Benefits

Improved convergence and resiliency in the event of a supervisor or RSP failover.

Hardware

• Cisco 7600 Series Routers

Additional Information

www.cisco.com/en/US/docs/ios/ipmulti/configuration/guide/imc_high_availability.html

L2VPN Pseudowire Preferential Forwarding (Active/Standby Status)

The L2VPN Pseudowire Preferential Forwarding feature allows you to configure pseudowires so that you can use ping, traceroute, and show commands to find status information before, during, and after a switchover. The implementation of this feature is based on Preferential Forwarding Status Bit Definition (draft-ietf-pwe3-redundancy-bit-xx.txt).

Benefits

The L2VPN Pseudowire Preferential Forwarding feature provides these enhancements for displaying information about the pseudowires:

• You can issue ping mpls commands on the backup pseudowires.

• You can display status of the pseudowires before, during, and after a switchover, using the show xconnect and show mpls l2transport vc commands.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ and ES+20 Line Cards

Additional Information

www.cisco.com/en/US/docs/ios/mpls/configuration/guide/l2vpn_pw_preferential_forwarding.html

L2TPv3 Pseudowire Redundancy

The L2VPN Pseudowire Redundancy feature lets you configure your network to detect a failure in the network and reroute the Layer 2 service to another endpoint that can continue to provide service.

Benefits

This feature provides the ability to recover from a failure either of the remote provider-edge router or of the link between the provider-edge and customer-edge routers.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards, SPA Interface Processor-400 (SIP400)

Additional Information

www.cisco.com/en/US/docs/ios/wan/configuration/guide/wan_l2vpn_pw_red.html

BFD SSO Support

Stateful Switchover (SSO) is a key feature toward achieving a highly available and robust network. On a dual route processor (RP) configuration, such as on the Cisco 7600 Series Router, SSO allows the standby RP to take immediate control and maintain connectivity protocols in case of failure of the primary RP. Bidirectional Forwarding Detection (BFD) SSO implements the capability to switchover from the active RP to the standby RP.
When evaluating BFD SSO for the network, the customer should note the following considerations:

• BFD SSO is supported on both Cisco 76xx and 76xx-S chassis however some limitations in term of timers apply to help ensure proper functioning on the platform in conjunction with SSO.

• To enable echo mode the system must be configured with the no ip redirects command

Current performance and scale will vary based on device configuration and "real world" network conditions.

Benefits

BFD SSO awareness provides high availability capability for clients using BFD as the hello connectivity check mechanism to survive SSO.

Hardware

• Cisco 7600 Series Routers

Additional Information

www.cisco.com/en/US/docs/ios/iproute_bfd/configuration/guide/irb_bfd.html

BFD IPv6 support

BFD is the standard connectivity check mechanism for failure detection at the IP layer. This functionality enhances the current BFD implementation so that support for the IPv6 address family can be used. It provides the necessary infrastructure for running BFD over an IPv6-enabled network.
BFD clients such as OSPFv3 and static IPv6 route can use this capability and use BFD as the mechanism providing fast hellos.

Benefits

Provides fast failure-detection capability, which improves and optimizes network performance and availability for IPv6-based networks.
Allows the use of single hello fast detection mechanism, which can be used by multiple clients.

Hardware

• Cisco 7600 Series Routers

• Cisco 7200 Series Routers

Additional Information

www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-bfd.html

BFD MIB v2

BFD MIB support provides the embedded management capability to system running BFD. With this capability, network operators can use standard SNMP to gather and retrieve data related to BFD operation from systems running BFD. Current implementation allows the retrieval of both IPv4 and IPv6 BFD related information.

Benefits

Provides MIB statistics for BFD operations for both BFD IPv4 and BFD IPv6 sessions.
Allows easy access with the use of standard SNMP and facilitates integration with current SNMP-based network management systems.

Hardware

• Cisco 7600 Series Routers

• Cisco 7200 Series Routers

Additional Information

www.cisco.com/en/US/docs/routers/7600/technical_references/7600_mib_guides/MIB_Guide_ver_6/7600mib3.html

http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&mibName=CISCO-IETF-BFD-MIB

MPLS Traffic Engineering Path Protection Increased to Eight Paths

Up to eight protection paths can be signaled upon primary path failure. Only one of the configured protect-path options will be actively signaled at any given point of time. Backup path priorities are identified by path-option identifiers and are configurable for each backup path option.

Benefits

Increased path protection allows for improved fault protection in the event of multiple path failures.

Hardware

• Cisco 7600 Series Routers

Additional Information

www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_te_frr_node_prot_ps6922_TSD_Products_Configuration_Guide_Chapter.html

BGP PIC Edge for IP/MPLS VPN and BGP Best External

The Border Gateway Protocol Prefix Independent Convergence (BGP PIC) edge feature includes a set of functions that allow fast BGP convergence in case of a BGP next-hop change. First the BGP and RIB process is improved in order to store not only one best path but rather a best and backup path. Second the Cisco IOS FIB infrastructure is improved in order to pre-install the backup path and to quickly switch onto it in case of a failure. Third BGP is further enhanced in order to force a BGP peer to always announce its best external path even though a better path is learned through iBGP.

Benefits

A router needs to rewrite all BGP prefixes to reflect a BGP next-hop change. As a consequence, the BGP convergence time is directly proportional to the number of BGP prefixes installed in the FIB table.
BGP PIC edge allows for installing a backup path in the FIB (forwarding plane) in order to perform fast recovery independent of the number of BGP prefixes in the FIB. This allows customers to achieve sub-second convergence even with hundreds of thousands of BGP prefixes managed by their routers.
BGP best external is an extension to BGP PIC to help ensure that a provider-edge router is always announcing its external path learned from the customer-edge router even if for the same prefix a better path is learned from the route reflector or another provider-edge router using iBGP. This helps to guarantee that customers can use BGP communities and BGP local_pref mechanisms to deploy active/standby exit-point topologies while helping ensure that provider-edge routers always receive both the active and standby BGP path and are able to use BGP PIC edge for fast restoration.

Additional Information

www.cisco.com/en/US/docs/ios/iproute_bgp/configuration/guide/irg_bgp_mp_pic.html

www.cisco.com/en/US/docs/ios/ios_xe/iproute_bgp/configuration/guide/irg_bgp_mp_pic_xe.html

Subscriber-Aware Ethernet with Cisco ISG Support on Cisco 7600 Series ES+ Line Cards

Cisco Intelligent Services Gateway (ISG) is the premier policy management solution from Cisco, providing dynamic control of subscriber services and industry-leading subscriber control for PPP and native IP sessions. With this functionality, PPP or native IP subscribers obtain full lifecycle management, AAA support, and support for dynamic policy enforcement.
Release 12.2(33)SRE, extends the functionality that is currently available on the SIP-400 to the ES+ line cards.

Benefits

Cisco 7600 Series subscriber-aware Ethernet is an important strategy for service providers implementing triple-play that want to:

• Simplify client protocols for video and voice with DHCP-initiated IP session while maintaining HSI services with PPPoE

• Eliminate redundant investment in legacy BRAS by utilizing zero-touch subscriber management functions in the aggregation network

• Scale subscriber bandwidth while maintaining per-subscriber control

Service providers can now distribute provisioning and per-subscriber control into their Ethernet access infrastructures. Cisco 7600 Series features include:

• IP sessions with Transparent Auto-Logon support

• PPPoE sessions

• Cisco Intelligent Services Gateway (ISG) with dynamic MQC policy assignment

• ISG to Service Control Engine (SCE) control bus

• High availability with PPP and IP session SSO/EFSU

Hardware

• Cisco 7600 Series Routers

• Route Switch Processors: RSP-720-GE-3CXL and RSP-720-10G-3CXL

• Line cards: 7600-ES+2TG-3CXL, 7600-ES+20G-3CXL, 7600-ES+4TG-3CXL, 7600-ES+40G-3CXL, 76-ES+XT-2TG-2CXL, 76-ES+XT-4TG-2CXL, ES+2XC-3CXL, ES+4XC-3XCL

Additional Information

www.cisco.com/en/US/docs/ios/isg/configuration/guide/12_2sr/isg_12_2sr_book.html

Support for IP Sessions on Gigabit EtherChannel

Support for PPPoE or IP sessions on 1:1 Link Aggregation Control Protocol (LACP) port channels. The port channel is configured in active/standby mode and can operate across line cards. Session state is preserved on the port channel during a failover.

Benefits

Simple, low-cost redundancy options are now available using Link Aggregation to preserve PPPoE and IP sessions. The service is protected from line card or link failures to lower operational costs and improve customer satisfaction.

Hardware

• Cisco 7600 Series Routers

• Route switch processors: RSP-720-GE-3CXL and RSP-720-10G-3CXL

• Line cards: 7600-ES+2TG-3CXL, 7600-ES+20G-3CXL, 7600-ES+4TG-3CXL, 7600-ES+40G-3CXL, 76-ES+XT-2TG-2CXL, 76-ES+XT-4TG-2CXL, ES+2XC-3CXL, ES+4XC-3XCL

Additional Information

www.cisco.com/en/US/docs/ios/isg/configuration/guide/12_2sr/isg_12_2sr_book.html

Multicast Coexistence with IP Sessions

This feature allows the coexistence of IP sessions and IP multicast on the same sub-interface. Multicast will not be treated as in session traffic but as transparent pass-through. That feature will also bring changes to QoS model to allow applying policy on sub-interface with non-default class to help ensure differentiated treatment for video traffic.

Benefits

Simplifies management and improves scalability for video and triple-play service offerings by combining multicast and IP-session traffic on the same subinterface. Fewer VLANS are needed; correspondence between services improves for configuration and troubleshooting simplicity. Dynamic session management using ISG operates alongside IP multicast on the same service-VLAN (N:1 model).

Hardware

• Cisco 7600 Series Routers

• Route switch processors: RSP-720-GE-3CXL and RSP-720-10G-3CXL

• Line cards: 7600-ES+2TG-3CXL, 7600-ES+20G-3CXL, 7600-ES+4TG-3CXL, 7600-ES+40G-3CXL, 76-ES+XT-2TG-2CXL, 76-ES+XT-4TG-2CXL, ES+2XC-3CXL, ES+4XC-3XCL

Additional Information

www.cisco.com/en/US/docs/ios/isg/configuration/guide/12_2sr/isg_12_2sr_book.html

DHCP Server User Authentication

DHCP-initiated IP sessions now support user authentication within the DHCP request prior to the assignment of the IP address. User authentication consists of the challenge-response to authenticate a user name and password in the context of DHCP [RFC2131]. EAP [RFC3748] is used within the DHCP request for authentication purposes. Implementation follows IETF draft-pruss-dhcp-auth-dsl-03.txt.

Benefits

Provides true user-name and password-level authentication for DHCP-initiated IP sessions to:

• Protect valuable content

• Eliminate fraud

• Protect the network and users from security threats

DHCP authentication brings IP sessions to the level of security that was previously only possible with PPP.

Hardware

• Cisco 7600 Series Routers

• Route switch processors: RSP-720-GE-3CXL and RSP-720-10G-3CXL

• Line cards: 7600-ES+2TG-3CXL, 7600-ES+20G-3CXL, 7600-ES+4TG-3CXL, 7600-ES+40G-3CXL, 76-ES+XT-2TG-2CXL, 76-ES+XT-4TG-2CXL, ES+2XC-3CXL, ES+4XC-3XCL

Additional Information

www.cisco.com/en/US/docs/ios/isg/configuration/guide/12_2sr/isg_12_2sr_book.html

ISG NASPort Option 82 and Option 60 Transparent Auto Logon (TAL)

For IP session (DHCP-initiated) services, Option 82 and Option 60 are passed in RADIUS server in the NAS-Port ID for authorization. Option 82 can convey the identity of the line (or household), while Option 60 can identify the specific device.

Benefits

Service providers that offer triple-play, IPTV, or broadband service models now have simpler ways to manage subscriber access using information about the household and the CPE. Benefits include the ability to enable IP session wholesale models where customers can be authorized through RADIUS before being logged on. Service profiles may also be applied based on the device in the home.

Hardware

• Cisco 7600 Series Routers

• Route switch processors: RSP-720-GE-3CXL and RSP-720-10G-3CXL

• Line cards: 7600-ES+2TG-3CXL, 7600-ES+20G-3CXL, 7600-ES+4TG-3CXL, 7600-ES+40G-3CXL, 76-ES+XT-2TG-2CXL, 76-ES+XT-4TG-2CXL, ES+2XC-3CXL, ES+4XC-3XCL

Additional Information

www.cisco.com/en/US/docs/ios/isg/configuration/guide/12_2sr/isg_12_2sr_book.html

L2VPN Support for ATM Cell Packing on Static Pseudowire

This feature allows for static configuration of virtual circuit labels, without using LDP signaling for virtual circuit label distribution. This feature adds support for static labels for TDM pseudowire on Circuit Emulation over Packet Switched Networks (CEoPs) SPAs.

Benefits

Static pseudowire support allows operators to form virtual circuits with provider edge routers that do not support LDP. It also provides increased scale to thousands of peers.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ and SIP-400 Line Cards

Additional Information

www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_atom_pseud_prov.html

End-to-End VCCV on Multisegment Peudowire

Virtual Circuit Connectivity Verification (VCCV) is extended to support end-to-end connectivity verification across a pseudowire switching point and to provide the ability to trace the path of a multi-segment pseudowire (MS-PW) over any number of segments. LSP ping can be used to verify connectivity between any set of provider-edge routers (terminating [T-PE] or switching [S-PE]), one or more hops away, in an MS-PW path. Path verification across multiple pseudowire segments can also be performed.

Benefits

Previously, VCCV could only be used to verify the connectivity across a single pseudowire and could not verify connectivity of VCs that spanned multiple administrative domains. This feature allows the operator to verify end-to-end VC connectivity in the case where the pseudowire spans multiple administrative domains and associated pseudowire switching points.

Hardware

• Cisco 7600 Series Routers

Additional Information

• MPLS OAM configuration: www.cisco.com/en/US/docs/switches/metro/catalyst3750m/ software/release/12.2_52_se/configuration/guide/swmpls.pdf

Access Circuit Redundancy

This feature enables a pair of Layer 2 attachment circuits to be operated in active/standby mode in order to provide redundant customer-edge attachment to a provider-edge node. With Release 12.2(33)SRE, ATM attachment circuits are supported in single-router automatic protection switching (APS) environments. This helps ensure data traffic downtime of less than 150 ms in the case of a switchover. Primary and backup access circuits are on the same Cisco 7600 Series chassis. This feature applies to attachment circuits connected to MPLS pseudowires.

Benefits

This feature allows a "working" and "protect" attachment-circuit pair to be associated with a single pseudowire rather than a separate pseudowire for each attachment circuit. When the working attachment circuit goes down, signaling and bring-up time of a backup pseudowire is no longer incurred as part of the switchover time, allowing for the 150 ms resiliency target to be achieved.

Hardware

• Routers: Cisco 7600 Series

• Route switch processors: SUP2/MSFC2, SUP32/MSFC2A, SUP720/MSFC3C, RSP720-10GE/MSFC4, RSP720/MSFC4

• Line cards: 7600-SIP-400

• SPAs: SPA-2XOC3-ATM, SPA-4XOC3-ATM, SPA-1XOC12-ATM, SPA-1XOC48-ATM

Additional Information

Only ATM clients are supported for Release 12.2(33)SRE.

• ATM SPA Configuration: www.cisco.com/en/US/partner/docs/interfaces_modules/shared_port_adapters/ configuration/7600series/76cfgatm.html

Virtual Circuit and Virtual Path Mode Cell Packing on Cisco 7600 Series SIP-400 for CEoPs and OC-48 ATM SPAs

This feature brings port-mode, virtual circuit (VC)-mode, and virtual path (VP)-mode cell packing to Circuit Emulation over Packet Switched Networks (CEoPs) and OC-48 ATM SPAs. Cell packing allows for the transport of multiple ATM cells in a single MPLS encapsulated frame. Port mode enables transport of all cells arriving on an ATM port over the MPLS cloud, while the VC mode transports of all cells belonging to a VC (cells with same VPI/VCI) over the MPLS tunnel in packed form. Similarly, VP mode transports all cells belonging to a VP (cells with same VPI) in packed form. The timer for cell packing is configurable. Release 12.2(33)SRE adds this support for OC-48 ATM and CEoPs SPAs. All variants of CEOP SPA are supported.

Benefits

Cell packing is a bandwidth-efficiency feature for ATM-over-MPLS transport, allowing the packing of multiple cells into an MPLS encapsulated payload. Cell packing allows the amortization of the MPLS, pseudowire, and Layer 2 headers over many ATM cells, rather than just one, making it more efficient than a single-cell-relay-based connection.

Hardware

• Routers: Cisco 7600 Series Routers

• Line cards: Cisco 7600 Series SIP-400

• SPAs: SPA-24CHT1-CE-ATM, SPA-1CHOC3-CE-ATM, SPA-2CHT3-CE-ATM, SPA-1XOC48-ATM

Additional Information

ATM SPAs are limited to three cell-packing timers in total and CEoPs SPAs are limited to four.

• ATM SPA configuration: www.cisco.com/en/US/partner/docs/interfaces_modules/shared_port_adapters/ configuration/7600series/76cfgatm.html

• CEOPs SPA configuration: www.cisco.com/en/US/partner/docs/interfaces_modules/shared_port_adapters/ configuration/7600series/76cfgcep.html

Synchronous Ethernet Support

Support for delivering precise frequency over Gigabit Ethernet physical links as defined in ITU specifications for Ethernet Equipment Clock. This feature extends the physical-layer network synchronization capabilities traditionally provided by TDM and SONET network interfaces to Ethernet network interfaces, allowing a Metro Ethernet network to be part of an overall synchronous network implementation within a service provider network, providing that each element in the Metro Ethernet network is capable of Synchronous Ethernet support. ESMC is not supported in this release.

Benefits

The Cisco 7600 Series supports precise frequency across a Metro Ethernet network in order to serve applications that require precise and stable frequency and/or synchronization between client endpoints. Examples are mobile base stations and legacy TDM circuit emulation.

Hardware

• Cisco 7600 Series Routers

• Cisco 7600 Series ES+ Line Cards

Additional Information

Feature is compliant with G.8261/G.8262 as well as G.823/G.824/G.825 jitter and wander specifications. ESMC is not supported in Release 12.2(33)SRE.

• ES+ line card configuration: www.cisco.com/en/US/partner/docs/routers/7600/install_config/ ES20_config_guide/SRD/ES20SRD.html

2G Grooming with the CEoPs SPA (AIS Processing)

Allows for multiple base stations (2G networks) to share a single VC-12 in CEOP over cSTM-1 or cE1. Before this enhancement, one BTS going down triggers an AIS for the entire VC-12, bringing all base stations sharing that VC-12 down. AIS generation per VC-12 will be disabled by default and can be enabled through the CLI.

Release 12.2(33)SRD Feature Highlights

The following sections include Release 12.2(33)SRD hardware and software feature highlights.
Like all 12.2SR releases, Release 12.2(33)SRD integrates Cisco IOS Software innovations that span multiple technology areas, including Carrier Ethernet Flexible Infrastructure, Manageability, and Quality of Service. It also features further improvements in the areas of Resiliency, Subscriber Aware Ethernet, Mobility, and Layer 2 functionality.
The 12.2(33)SRD Release also includes support for the Cisco 7600 Ethernet Services Plus (ES+) Series line cards that will be released in Q1CY2009. The 7600-ES+ series of line cards enables 40G per slot performance for video, voice, data, and mobility services.

Table 2. Release 12.2(33)SRD Highlights

Hardware

Carrier Ethernet Flexible Infrastructure

Carrier Ethernet Manageability

Carrier Ethernet Quality of Service

Cisco 7600 Series - Ethernet Services Plus 40G Line Cards*

SPA-8X1FE-TX-V2 & SPA-4X1FE-TX-V2 Support on Cisco 7600-SIP-400

Cisco 7200 Series Routers, Cisco 7201 Router, and Cisco 7301 Router Support

Service Instance (EVC) on Portchannel for Cisco 7600 40G Ethernet Services Plus Line Cards

Broadcast Storm Control on Switchports and Ports with Service Instances (EVCs)

DHCP Snooping on Service Instance (EVC)

Uni-Directional Link Detection on Service Instance (EVC)

IP Source Guard for Service Instance (EVC)

Custom Ethertype for Service Instance (EVC)

MAC address security for Service Instances (EVC)

Private Host on interface VLAN

Ethernet-OAM: ITU-T Y.1731 Fault Management Functions

CFM Outward Facing MEP on Switchports

Service Instance (EVC) MIB

CFM (802.1ag) IEEE MIB

802.3ah SNMP MIB

Cisco Netflow MIB

Dual Rate Three Color ingress policer on Service Instances

IP SLAs Metro-Ethernet 2.0 (EVC)

Bandwidth Remaining Ratio Support

L2 Access Control List on Service Instance (EVC)

Resiliency

Subscriber Aware Ethernet

Mobile

L2 Enhancements

MST on Service Instance (EVC) Bridge Domain

NSF/SSO - E-LMI support

NSF/SSO - 802.3ah OAM support

NSF/SSO - CFM Support

Asymmetric Carrier Delay

SAE: DHCP - Relay Option 82 encapsulation

SAE: Authentication - DHCP Option 60 Support and VPN-ID Support

SAE: RSVP support for IP Sessions

IMA Core Facing Support

Port Mode Cell Relay Support

ISG Support on SAMI Blade

L2VPN Routed Mode Interworking: Ethernet/VLAN to ATM/FR/PPP on Cisco 7600

L2TPv3 - Layer-2 Tunneling Protocol Version 3 on Cisco Ethernet Services Plus Line Cards

Bridging using RFC1483 Routed Encapsulation (BRE) on 7600-SIP-400

Mini Protocol Analyzer using SPAN

* Ethernet Services Plus 40G Line cards will be available in Q1 CY2009

Hardware

Cisco 7600 Series Ethernet Services Plus 40G Line Cards

The Cisco ® 7600 Series Ethernet Services Plus 40 Gbps (ES+40) Line Cards utilize an extensible design that enables service prioritization for voice, video, data, and wireless mobility services. Service Provider and Enterprise customers benefit from the improved economics, density, advanced Carrier Ethernet features, and the high performance of the ES+40 fixed-configuration line cards. With the same architecture and features, the Cisco 7600 Series Ethernet Services Plus 20 Gbps (ES+20) Line Cards are designed for networks with lower interface density requirements. In the following sections, the ES+40 and ES+20 Line Cards will be referred to as the ES+ series.
The ES+ series programmable interface processors protect network investments and reduce total cost of ownership. The design maximizes connectivity options and offers superior service intelligence through programmable interface processors operating at line rate. The family of Cisco 7600 ES+ series Line Cards is shown in Figure 5.

Figure 5. Cisco 7600 ES+ Series Line Cards: 4-port 10GE and 40-port GE; 2-port 10GE and 20-port GE

Benefits

• Higher density, greater scalability

– Offers up to 40G density per slot

– 256K queues (128K ingress and 128K egress)

– Available with DFC3C or DFC3CXL

• Line rate with services enabled

– Provides line rate forwarding performance on GE and 10GE interfaces with services enabled.

• Cisco Service Instance (EVC) Support

– ES+ supports Cisco Service Instance (EVC) to enable flexible UNI

• 10GE and GE port options

– Offers 4x10GE, 40xGE, 2x10GE, and 20xGE options

• DWDM and CWDM optics supports

– ES+ line cards support DWDM and CWDM optics that should reduce operational costs

Hardware

Routers

• Cisco 7600 Series Routers
• Chassis: Cisco 7603-S, 7604, 7606, 7606-S, 7609, 7609-S, and 7613

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/hw/routers/ps368/prod_installation_guides_list.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Songbin Wei ( songbin@cisco.com)

SPA-8X1FE-TX-V2 & SPA-4X1FE-TX-V2 Support on Cisco 7600-SIP-400

The Cisco 4- and 8- port Fast Ethernet SPAs version 2 are now available on Cisco 7600-SIP-400, offering the benefits of network scalability with lower initial costs and easy upgrades. The Cisco SPA/SIP portfolio continues the company's focus on investment protection along with consistent feature support, broad interface availability, and the latest technology. The Cisco SPA/SIP portfolio allows deployment of different interfaces (packet over SONET/SDH [POS], ATM, Ethernet, etc.) on the same interface processor.
Fast Ethernet interfaces are commonly used to interconnect routers or other devices within a central office or data center or in a metropolitan-area network (MAN). With Cisco Fast Ethernet SPAs, users can mix and match SPA ports with other types of interfaces in the same slot. Each SPA provides standards-based Fast Ethernet implementation for compatibility and interoperability. The 8-port SPA is shown below in Figure 6.
The Cisco Fast Ethernet SPAs can be used in any combination of the following applications:

• Residential triple-play services

• Metro Ethernet services

• Converged residential and business services

• Internet peering

• Inter- and intra-point of presence (POP) aggregation

Figure 6. Cisco 8-Port 10BASE-T/100BASE-TX Fast Ethernet SPA

Benefits

• Member of the Cisco SIP/SPA portfolio

– Allows mixing and matching with other compatible port adaptors

– Provides improved slot economics when increasing density to reduce capital expenditures (CapEx)

• Expands interface breath on the 7600-SIP-400

– Adds Fast Ethernet interface to the 7600-SIP-400

Hardware

Routers

• Cisco 7600 Series Routers - 7600-SIP-400

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/hw/routers/ps368/prod_installation_guides_list.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Tony Le ( tonyle@cisco.com)

Cisco 7200 Series Routers, Cisco 7201 Router, and Cisco 7301 Router Support

Cisco IOS Software Release 12.2(33)SRD includes support for the Cisco 7200 Series Routers and Cisco 7301 Router. Release 12.2(33)SRD also includes support for the Cisco 7201 Router, the latest generation of the Cisco 7200 Series Family.
Within the Cisco IOS Software Release 12.2S family, the migration path for new features on the Cisco 7200 Series Routers and Cisco 7301 Router is from Release 12.2SB to Release 12.2SR. Release 12.2(31)SB2 is the last Release 12.2SB release to include support for the Cisco 7200 Series Routers and Cisco 7301 Router.

Cisco 7200 Series Routers

The industry's most widely deployed universal services aggregation router for enterprise and service provider edge applications, the Cisco 7200 Series offers (See Figure 7):

• Exceptional price/performance - The NPE-G2 Network Processing Engine aggregates services at up to 2 Mpps

• A wide range of connectivity options and numerous features including serviceability and manageability

• Increased VPN performance with VPN Services Adapter

• Increased scalability and flexibility with the Port Adapter Jacket Card

Figure 7. Cisco 7200 Series Routers

Cisco 7201 Router

The Cisco 7201 Router is the latest generation of the Cisco 7200 Series Family. It is a compact, high performance Single Rack Unit (RU) router that uses the latest Cisco 7200VXR Network Processing Engine NPE-G2 coupled with a comprehensive range of interface options. (See Figure 8.)

Figure 8. Cisco 7201 Router

The Cisco 7201 Router addresses the demand for the same performance enhancements, and Cisco IOS Software features of the latest Cisco 7200VXR NPE-G2 but in a smaller form-factor and with low power consumption. The Cisco 7201 provides four built-in Gigabit Ethernet ports and one Port Adapter (PA) slot which make it ideal for various Service Providers and Enterprise applications. It also offers redundant and field-replaceable AC and DC power supplies
With its combination of scalable performance, compact architecture, high density, and low price per port, the Cisco 7301 is ideally suited for a variety of key applications within both the Service Provider and Enterprise markets.

Cisco 7301 Router

The Cisco 7300 Series is optimized for flexible, feature rich IP/MPLS services at the customer network edge, where service providers and enterprises link together. (See Figure 9.) With 3 built-in Gigabit Ethernet interfaces (copper or optical) and a single slot for any Cisco 7000 Series port adapter, the Cisco 7301 is highly flexible for a variety of applications. Additionally for broadband aggregation, the Cisco 7301 supports up to 16,000 subscribers sessions making it ideal for pay-as-you-grow broadband deployment models.

Figure 9. Cisco 7301 Router

Additional Information

http://www.cisco.com/go/7200

http://www.cisco.com/en/US/products/hw/routers/ps352/ps4972/index.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Alex Johnstone ( ajohnsto@cisco.com)

Carrier Ethernet Flexible Infrastructure

Service Instance (EVC) on Portchannel for Cisco 7600 40G Ethernet Services Plus Line Cards

802.3ad or port-channel has become a requirement for many Cisco 7600 customers. The predominant application for this feature is the aggregation of U-PE nodes or access nodes that don't have 10Gbps interfaces but require more than 1Gbps as an uplink. This translates to support on the Cisco 7600 for UNI facing link bundles/ether channels.
This particular feature allows for the bundling of EVC service instances into an 802.3ad bundle on the Ethernet Services Plus line cards.

Benefits

There are primarily two main reasons for implementing 802.3ad bundles:

1. increased bandwidth between nodes

2. increases redundancy by having link(s) protected by other member link(s) in the bundle

Hardware

Routers

• Cisco 7600 Series Routers
• Line cards: 7600-ES+ Series Line Cards

Additional Information

http://www.cisco.com/en/US/docs/ios/12_2sb/feature/guide/sbcelacp.html

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

Broadcast Storm Control on Switchports and Ports with Service Instances (EVCs)

A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. The traffic storm control feature prevents LAN ports from being disrupted by a broadcast, multicast traffic storm on physical interfaces. Traffic storm control (also called traffic suppression) monitors incoming traffic levels over a 1-second traffic storm control interval and, during the interval, compares the traffic level with the traffic storm control level that you configure. The traffic storm control level is a percentage of the total available bandwidth of the port. Each port has a single traffic storm control level that is used for all types of traffic (broadcast, multicast).
Traffic storm control monitors the level of each traffic type for which you enable traffic storm control in 1-second traffic storm control intervals. Within an interval, when the ingress traffic for which traffic storm control is enabled reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the traffic storm control interval ends.
The following are examples of traffic storm control behavior:

• If you enable broadcast traffic storm control, and broadcast traffic exceeds the level within a 1-second traffic storm control interval, traffic storm control drops all broadcast traffic until the end of the traffic storm control interval.

• If you enable broadcast and multicast traffic storm control, and the combined broadcast and multicast traffic exceeds the level within a 1-second traffic storm control interval, traffic storm control drops all broadcast and multicast traffic until the end of the traffic storm control interval.

• If you enable broadcast and multicast traffic storm control, and broadcast traffic exceeds the level within a 1-second traffic storm control interval, traffic storm control drops all broadcast and multicast traffic until the end of the traffic storm control interval.

If you enable broadcast and multicast traffic storm control, and multicast traffic exceeds the level within a 1-second traffic storm control interval, traffic storm control drops all broadcast and multicast traffic until the end of the traffic storm control interval.

Benefits

This feature adds support for broadcast storm control on switch-ports and on ports with Service Instances on Ethernet Services and Ethernet Services Plus Line Cards.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/storm.html

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

DHCP Snooping on Service Instance (EVC)

DHCP snooping is a security feature that acts like a firewall between untrusted hosts and trusted DHCP servers. The DHCP snooping feature performs the following activities:

• Validates DHCP messages received from untrusted sources and filters out invalid messages.

• Rate-limits DHCP traffic from trusted and untrusted sources.

• Builds and maintains the DHCP snooping binding database, which contains information about untrusted hosts with leased IP addresses.

• Utilizes the DHCP snooping binding database to validate subsequent requests from untrusted hosts.

Other security features, such as dynamic ARP inspection (DAI) and IP Source Guard, also use information stored in the DHCP snooping binding database. DHCP snooping is enabled on a per-VLAN basis. By default, the feature is inactive on all VLANs. You can enable the feature on a single VLAN or a range of VLANs.
The DHCP snooping feature is implemented in software on the Route processor. Therefore, all DHCP messages for enabled VLANs are intercepted in the PFC and directed to the Route processor for processing.

Benefits

This feature addresses the support of DHCP snooping with service instances.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/snoodhcp.html

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

Uni-Directional Link Detection on Service Instances (EVCs)

UDLD is a Layer 2 protocol that works with Layer 1 mechanisms to determine the physical status of a link. At Layer 1, auto-negotiation takes care of physical signaling and fault detection. UDLD performs tasks that auto-negotiation cannot perform, such as detecting the identities of neighbors and shutting down misconnected ports. When you enable both auto-negotiation and UDLD, Layer 1 and 2 detections work together to prevent physical and logical unidirectional connections and the malfunctioning of other protocols.

Benefits

This feature extends the benefits of UDLD to a port that has a service instance configured underneath it.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/udld.html

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

IP Source Guard for Service Instance (EVC)

IP Source Guard is a security feature that restricts IP traffic on untrusted Layer 2 ports by filtering traffic based on the DHCP snooping binding database or manually configured IP source bindings. This feature helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host. Any IP traffic coming into the interface with a source IP address other than that assigned (via DHCP or static configuration) will be filtered out on the untrusted Layer 2 ports.
The IP Source Guard feature is enabled in combination with the DHCP snooping feature on untrusted Layer 2 interfaces. It builds and maintains an IP source binding table that is learned by DHCP snooping or manually configured (static IP source bindings). An entry in the IP source binding table contains the IP address and the associated MAC and VLAN numbers.

Benefits

This feature extends the IP Source Guard benefits to a service instance on Ethernet Services Plus Line Cards.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

Custom Ethertype on Service Instance (EVC)

Currently, the default ether type is 0x8100 on a Cisco 7600 for the Q-in-Q outer tag. However, a few non-Cisco vendors use 0x9100 or 0x9200 ether type for the Q-in-Q outer tag. For Cisco 7600 router to operate seamlessly with other vendors it is required to provide a mechanism to change the default ethertype.
Moreover, there is a need to support ethertype 0x88A8 to support provider bridge defined by IEEE 802.1ad. Custom ethertype feature is proposed as a solution for this problem that enable change of ethertype as per requirements. Under the custom ethertype model, ethertype 0x9100, 0x9200 and 0x88A8 can be configured using "dot1q tunneling" CLI under a physical port.

Benefits

This provides for a seamless interoperability with other vendors and solutions when using default ethertype.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

MAC address security for Service Instances (EVC)

The Cisco 7600 supports the Port Security feature on a per-port basis. With the advent of the Service Instance (EVC) infrastructure, it is now possible to provide the same type of functionality on a per-service instance basis. Since multiple customers and multiple services can be supported on a single port, it becomes useful to provide this functional to the granularity of the service instance. For instance, when a violation requires a shutdown, just the customer assigned to a given service instance is affected rather than all customers using the port.
MAC security operation is enabled on a service instance by configuring the "mac security" configuration command.

Benefits

The MAC Security functionality can be roughly divided into the following categories:
1. Configuration

• Enabling/Disabling MAC Security on service instance

• MAC Address whitelist configuration on service instance

• Sticky configuration

• Aging

• MAC Address limiting on service instance

• MAC Address limiting on BD

• Violation response configuration on service instance

• Service instance removed from BD

• Service instance moved to new BD

2. Processing of received MAC

• No violation

• MAC move

• Max addresses exceeded on service instance

• Max addresses exceeded on BD

3. Processing of service instance state change

• Service instance transition from up to down

• Service instance transition from down to up

4. Aging

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

Private Host on interface VLAN

The Private Hosts feature provides Layer 2 (L2) isolation between the hosts in a VLAN. You can use Private Hosts as an alternative to the Private VLAN isolated-trunks feature, which is currently not available on the Cisco 7600 router.
Service Providers (SPs) worldwide face increasing demand to provide their customers with triple-play services (voice, video, and data) over a single physical interface (copper or fiber). Typically, triple-play services are delivered over three different VLANs for each user, even though the VLAN for video traffic is often shared by multiple end users.
The key benefits of the Private Hosts feature are the ability to:

• Isolate traffic among hosts (subscribers) that share the same VLAN ID

• Reuse VLAN IDs across different subscribers, which improves VLAN scalability by making better use of the 4096 VLANs allowed

• Prevent MAC spoofing to prevent denial of service (DOS) attacks

The Private Hosts feature uses port-based Protocol-Independent MAC ACLs (PACLs) to provide Layer 2 isolation between hosts on trusted ports within a purely Layer 2 domain. The PACLs isolate the hosts by imposing Layer 2 forwarding constraints on the router ports.

Benefits

This feature addresses adding SVI's into the Private Host configuration, thus eliminating the need for an external router.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/pacl.html

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

Carrier Ethernet Manageability

Ethernet-OAM: ITU-T Y.1731 Fault Management Functions

ITU-T Y.1731 (AIS, RDI)

Overview:
In the ITU-T specification Y.1731 a superset of fault management options have been defined that extend some of the Service Management functions outlined in the IEEE's Connectivity Fault Management (CFM) 802.1ag standard. Two of these are the Alarm Indication Signal (AIS) and the Remote Defect Indication (RDI)*. The added benefits of these two options are expanded upon below.

Alarm Indication Signal (ETH-AIS)

Ethernet Alarm Indication Signal function (ETH-AIS) is used to suppress alarms following detection of defect conditions at the server (sub) layer. Due to independent restoration capabilities provided within the Spanning Tree Protocol (STP) environments, ETH-AIS are not expected to be applied in the STP environments. In our case AIS is configurable and it's up to administrator to enable and disable AIS in STP environment or not.
Transmission of frames with ETH-AIS information can be enabled or disabled on a MEP (or on a Server MEP).
Frames with ETH-AIS information can be issued at the client Maintenance Level by a MEP, including a Server MEP upon detecting defect conditions. For example, the defect conditions may include:

• Signal fail conditions in the case that ETH-CC is enabled

• AIS condition or LCK condition in the case that ETH-CC is disabled.

For multipoint ETH connectivity, a MEP cannot determine the specific server (sub) layer entity that has encountered defect conditions upon receiving a frame with ETH-AIS information. More importantly, it cannot determine the associated subset of its peer MEPs for which it should suppress alarms since the received ETH-AIS information does not contain that information. Therefore, upon reception of a frame with ETH-AIS information, the MEP will suppress alarms for all peer MEPs whether there is still connectivity or not.
For a point-to-point ETH connection, however, a MEP has only a single peer MEP. Therefore, there is no ambiguity regarding the peer MEP for which it should suppress alarms when it receives the ETH-AIS information.
Only a MEP, including a Server MEP, is configured to issue frames with ETH-AIS information. Upon detecting a defect condition the MEP can immediately start transmitting periodic frames with ETH-AIS information at a configured client Maintenance Level. In Cisco IOS we send at MIP level configured at the interface. A MEP continues to transmit periodic frames with ETH-AIS information in the opposite direction of the defect until the defect condition is removed. AIS will automatically clear the defect condition of no AIS frames are received for a period of 3.5 times the AIS transmit interval.

Benefits

• AIS provides an mechanism for asynchronous notification of a failure in the network.

• AIS suppresses multiple redundant alarms from being transmitted to the NMS for a particular fault

Remote Defect Indication (ETH-RDI)

Ethernet Remote Defect Indication (ETH-RDI) can be used by a MEP to communicate to its peer MEPs that a defect condition has been encountered. ETH-RDI is used only when ETH-CC transmission is enabled as it is carried as bit in the Flags field of the ETH-CC message.
ETH-RDI has the following two applications:

• Single-ended fault management: The receiving MEP detects an RDI defect condition, which gets correlated with other defect conditions in this MEP and may become a fault cause. The absence of received ETH-RDI information in a single MEP indicates the absence of defects in the entire Maintenance.

• Contribution to far-end performance monitoring: It reflects that there was a defect condition in the far-end which is used as an input to the performance monitoring process.

A MEP that is in a defect condition transmits frames with ETH-RDI information. A MEP, upon receiving frames with ETH-RDI information, determines that its peer MEP has encountered a defect condition. However, for multipoint ETH connectivity, a MEP, upon receiving frames with ETH-RDI information, cannot determine the associated subset of its peer MEPs with which the MEP transmitting RDI information encounters defect conditions, as the transmitting MEP itself does not always have that information.

Benefits

• The Remote Defect Indication (RDI) serves to inform upstream MEPs that there has been a downstream failure and can be used as input to far-end performance monitoring.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Eric Matkovich ( ematkovi@cisco.com)
* Remote Defect Indication is now included in the IEEE 802.1ag draft 8.1 (CFM) standard.

CFM Outward Facing (Down) MEP on Switchports

Existing Ethernet Connectivity Fault Management (CFM) provides for the provisioning of inward facing (UP) Maintenance End Points (MEP) on layer 2 switch ports. The CFM functionality was extended to support Outward Facing Maintenance End Points on Routed Ports for mainly monitoring the connectivity from CE to CE. With CFM being deployed in the core in bridges/switches, there comes a necessity to monitor the adjacent links with Outward Facing MEPs on switchport as well. The following figure illustrates where Outward (Down) MEPs are applied.

Figure 10. Outward MEP application

The following rules describe the behavior of an Outward (Down) MEP on switchport:

• It can send and receive CFM frames at its level via the wire connected to the port where the MEP is configured.

• It will drop all CFM frames at its level (or lower level) that come from the relay function side.

• It will drop all CFM frames at a lower level coming from the direction of the wire.

• It transparently forwards all CFM frames at a higher level, independent of whether they come in from the relay function side or the wire side. Not applicable to routed ports.

• If the port on which the MEP is configured is blocked by STP, the MEP can still transmit and receive CFM messages via the wire.

Benefits

• The Outward (Down) MEP on Switchport provides another option for CFM monitoring in Carrier Ethernet networks.

• This functionality compliments Y.1731 fault management functions.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Eric Matkovich ( ematkovi@cisco.com)

Service Instance (EVC) MIB

The Service Instance (EVC) MIB has been implemented to support NMS functions for Cisco's flexible, scalable Carrier Ethernet Infrastructure. This includes the ability to retrieve information about the carrier Ethernet system. A partial list of reporting functions the Service Instance MIB can provide includes:

• Device capabilities in terms of Maximum EVC capability

• Currently configured EVCs, the nature of the EVC (point-to-point, or multipoint), and much more.

• Current EVC status (Active, Partially Active, etc.)

• Information on Flexible Service Mapping

• VLAN Matching Information

• VLAN Re-write operations in effect

• EVC forwarding information (Bridge Domain)

• Much more..

Benefits

• The Service Instance MIB allows operators to poll Service Instance information from NMS systems and provide operational status of provisioned services

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Eric Matkovich ( ematkovi@cisco.com)

CFM (802.1ag) IEEE MIB

The CISCO IEEE CFM MIB provides an excellent mechanism for managing the connectivity and the faults in providing EVC service. The CFM The MIB has several tables and objects that can be created, written and read by the network owners. It also provides for flexible allocation or rights. For instance, the owner may provide limited access to another provider, who can become the administrator of that table or object. The MIB interacts with the IF MIB and the scalable Carrier Ethernet Infrastructure sub-systems to provide information about connectivity and faults. A partial list of information the CISCO IEEE CFM MIB can provide includes:

• Information about the Maintenance Points configured on any given interface

• System Maintenance Point IDs,

• Maintenance Domain Levels including EVCs, MAs, MAC Address of an MP, etc.)

• VLANs associated with the Maintenance Points

• Much more.

Benefits

• The CISCO IEEE CFM (802.1ag) MIB allows operators to retrieve information about Connectivity Fault Management configuration and status in the network.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Eric Matkovich ( ematkovi@cisco.com)

802.3ah SNMP MIB

IEEE 802.3ah provides link level OAM monitoring for Service Providers utilizing native Ethernet to build out their Carrier Ethernet systems. Link Level OAM can provide early detection when a link is failing. Provide useful statistics about the general health of an interface. It can provide a means to put a link in to loopback for testing purposes. The 802.3ah MIB allows operators to retrieve information to an NMS that is available at the CLI. A partial list of the 802.3ah MIB capabilities includes:

• Providing status of the OAM enabled link (i.e. disabled, link fault, passive, active, etc.)

• Information about fault condition thresholds (i.e. Error Frames Thresholds)

• Interface Loopback status

• Much more.

Benefits

• The CISCO IEEE 802.3ah MIB allows operators to utilize an NMS to retrieve information about Link Level OAM that is available at the command line.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Eric Matkovich ( ematkovi@cisco.com)

Cisco Netflow MIB

The Netflow MIB provides a simple and easy method to configure NetFlow, NetFlow aggregation caches, and NetFlow Data Export. You use the snmpget and snmpwalk tools to get NetFlow cache information and current NetFlow configuration information. The NetFlow MIB feature enables medium to small size enterprises to take advantage of NetFlow technology over SNMP at a reduced infrastructure cost. The MIB is created to provide Netflow information in these areas:

• Cache information and configuration

• Export information and configuration

• Export Statistics

• Protocol Statistics

• Version 9 Export Template information

• Top Flows information

Benefits

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/docs/ios/netflow/configuration/guide/cfg_snmp_mib_mon_nf_ps6922_TSD_Products_Configuration_Guide_Chapter.html

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

Carrier Ethernet Quality of Service

Dual Rate Three Color ingress policer on Service Instances

The Two Rate Three Color Marker (trTCM) meters an IP packet stream and marks its packets either conform, violate or exceed. This is based on the RFC 2698. Cisco IOS uses a token bucket algorithm to achieve this. The token bucket algorithm provides users with three actions for each packet: a conform action, an exceed action, and a violate action. Traffic entering the interface with traffic policing configured is placed into one of these categories.
Within these three categories, users can decide packet treatments. For instance, packets that conform can be configured to be transmitted; packets that exceed can be configured to be sent with a decreased priority; and packets that violate can be configured to be dropped.

Benefits

This feature allows the user to configure dual rates policing with 3 actions that can be specified (conform, exceed and violate) on the ingress of service instances.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

IP SLAs Metro-Ethernet 2.0 (EVC)

With Release 12.2(33)SRD, the Cisco IOS IP Service Level Agreement (IPSLA) infrastructure has been extended to encompass the EVC infrastructure. Cisco IOS IPSLA enables customers to assure new business-critical IP applications, as well as IP services that utilize data, voice, and video, in an IP network. Cisco has augmented traditional service level monitoring and advanced the IP infrastructure to become IP application-aware by measuring both end-to-end and at the IP layer.
With Cisco IOS IP SLAs, users can verify service guarantees, increase network reliability by validating network performance, proactively identify network issues, and increase Return on Investment (ROI) by easing the deployment of new IP services. Cisco IOS IP SLAs use active monitoring to generate traffic in a continuous, reliable, and predictable manner, thus enabling the measurement of network performance and health.

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Routers, Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/ipsla

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Ernie Mikulic ( emikulic@cisco.com)

Bandwidth Remaining Ratio Support

Bandwidth Remaining Ration (BRR) is used to split bandwidth between users when the port is congested (i.e. oversubscribed). The configuration is simply "bandwidth remaining ratio <number>". Larger the number, the more bandwidth the session/sub-interface/evc the QoS policy-map is applied to will receive under congestion.
Priority rate propagation (PRP) is a knob that changes the baseline of calculation for BRR. PRP may be implicitly ON/OFF for a linecard, or may have a CLI that allows it to be explicitly turned ON/OFF. When PRP is ON, and a port is congested in egress, the bandwidth remaining on the link after all LLQ traffic has been serviced is split between users in the ratio configured.

Benefits

This feature brings the BRR support on SIP-400, Ethernet Services and Ethernet Services Plus modules on the Cisco 7600 platform.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru (mgandlur@cisco.com)

L2 Access Control List on Service Instance (EVC)

Cisco's continued success in the carrier ethernet market is dependent on the availability of features that provide security, quality of service, and scalability, among other benefits. The ability to impose packet filters in a modular and scalable fashion is not only important for network security, but also for easier management of scaling networks. Therefore, the conventional methods of packet filtering are also being considered within the context of carrier ethernet technology.
Access Control Lists (ACLs) have provided the necessary packet filtering ability in routers and switches. Essentially a collection of sequential rules (ACEs), the ACL can be used to filter network traffic at a fine granularity.

Benefits

This feature addresses the requirement of making access control lists available on service instances (EVCs) on the Ethernet Services and Ethernet Services Plus line cards.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

Resiliency

MST on Service Instance (EVC) Bridge Domain

Spanning-Tree Protocol (STP) is a layer 2 link management protocol that provides path redundancy while preventing undesirable loops in the network. For a layer 2 Ethernet network to function properly, only one active path can exist between any two stations. In addition, STP forces redundant data paths into a standby (blocked) state. If a network segment in the spanning tree fails and a redundant path exists, the STP algorithm recalculates the spanning tree topology and activates the standby path.
With MSTP, a MSTP instance specifies a topology. A group of VLANs can be mapped to a MSTP instance, and ports with those VLANs share the same spanning tree, i.e. the set of forwarding and blocking ports will be the same. MSTP is completely independent of bridge domain.
It is now possible to use MSTP in the Service Instance (EVC) model without any changes to the semantics of the protocol as long as one continues to use VLAN IDs for service instance to MSTP instance mapping. EVC service instances can have encapsulations with a single tag as well as double tags. There is no confusion on which VLAN IDs in the service instances with single tag encapsulation will be used for MSTP instance mapping. In case of double tag encapsulations, the outer VLAN ID shall be used for the MST instance mapping, and the inner VLAN ID is ignored.

Benefits

• MSTP over Service Instance (EVC) Bridge Domain allows for Service Providers to take advantage of Cisco's scalable Carrier Ethernet Infrastructure, while utilizing the resilient capabilities of the MST protocol.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6550/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Eric Matkovich ( ematkovi@cisco.com)

NSF/SSO - E-LMI support

Cisco IOS Software Release 12.2(33)SRD delivers High Availability (HA) functionality for Ethernet Local Management Interface (E-LMI) for Cisco 7600 Series Routers.
Ethernet Local Management Interface (E-LMI) Nonstop Forwarding (NSF) with Stateful Switchover (SSO) improves the availability of a network that uses E-LMI to provide Carrier Ethernet services. E-LMI NSF/SSO provides the ability to detect failures and handle them with minimal disruption to the service being provided. E-LMI NSF is achieved by Stateful Switchover (SSO) and Nonstop Forwarding (NSF) mechanisms. A standby route processor (RP) provides control-plane redundancy. The control plane state and data plane provisioning information for the E-LMI are checkpointed to the standby RP to provide NSF for E-LMI upon switchover from the primary RP.

Benefits

• NSF with SSO together for E-LMI provides the ability to detect failures and handle them with minimal disruption to the E-LMI service being provided

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6550/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Songbin Wei ( songbin@cisco.com)

NSF/SSO - 802.3ah OAM support

Cisco IOS Software Release 12.2(33)SRD delivers High Availability (HA) functionality for 802.3ah OAM for Cisco 7600 Series Routers.
802.3ah Nonstop Forwarding (NSF) with Stateful Switchover (SSO) improves the availability of a network that uses E-LMI to provide Carrier Ethernet services. 802.3ah NSF/SSO provides the ability to detect failures and handle them with minimal disruption to the service being provided. 802.3ah NSF is achieved by Stateful Switchover (SSO) and Nonstop Forwarding (NSF) mechanisms. A standby route processor (RP) provides control-plane redundancy. The control plane state and data plane provisioning information for the 802.3ah are checkpointed to the standby RP to provide NSF for E-LMI upon switchover from the primary RP.

Benefits

• NSF with SSO together for 802.3ah provides the ability to detect failures and handle them with minimal disruption to the 802.3ah service being provided

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6550/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Songbin Wei ( songbin@cisco.com)

NSF/SSO - CFM Support

Cisco IOS Software Release 12.2(33)SRD delivers High Availability (HA) functionality for Connection Fault Management (CFM) for Cisco 7600 Series Routers.
Connection Fault Management (CFM) Nonstop Forwarding (NSF) with Stateful Switchover (SSO) improves the availability of a network that uses CFM to provide Carrier Ethernet OAM services. CFM NSF/SSO provides the ability to detect failures and handle them with minimal disruption to the service being provided. CFM NSF is achieved by Stateful Switchover (SSO) and Nonstop Forwarding (NSF) mechanisms. A standby route processor (RP) provides control-plane redundancy. The control plane state and data plane provisioning information for the CFM are checkpointed to the standby RP to provide NSF for CFM upon switchover from the primary RP.

Benefits

• NSF with SSO together for CFM provides the ability to detect failures and handle them with minimal disruption to the CFM service being provided

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6550/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Songbin Wei ( songbin@cisco.com)

Asymmetric Carrier Delay

In redundant link deployment scenario, a link/port may be declared UP during line card boot-up even before it is ready for forwarding, which leads to loss of traffic under switchover cases. By providing a separate notification times for link UP and DOWN, it can prevent the traffic loss.

Benefits

The Asymmetric Carrier Delay enables users to set different delay timers for link UP and link Down notification. By setting a larger link UP timer, it can prevent traffic blackhole resulting from false declaration of link up. At the same time, a smaller timer for link Down notification will facilitate the fast detection of link failure.

Hardware

Routers

Cisco 7600 Series Routers

Line Cards and SPA's:

• SIP-200 with 4 or 8-port FE SPA
• SIP-400 with 4 or 8-port FE SPA, 2-port GE SPA, or 5-port GE SPA
• SIP-600 with 1-port 10GE SPA or 10-port GE SPA
• ES20 Series Line Cards
• ES+ Series Line Cards

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6550/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Songbin Wei ( songbin@cisco.com)

Subscriber Aware Ethernet

SAE: DHCP - Relay Option 82 encapsulation

IOS DHCP relay is enhanced to add an encapsulated option 82. IOS creates a composite value from the existing option 82 in the received DHCP message plus new information added by Radius via ISG during the initial authorization of the session. For example, the VPN-ID can added to the DHCP request before it is forwarded on the the server. The DHCP server can then use the VPN-ID to pick a specific address pool for wholesaling, or for other policy enforcement purposes.

Figure 11. DHCP Relay Option 82 handling

Benefits

Enables wholesaling in an IP session and DHCP-relay architecture with Transparent Auto Logon. The service provider can provide the scalable zero-touch provisioning of triple play services, with unique QOS, in a wholesale environment.

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Routers, Cisco 7600 Series Routers with RSP720 and 7600-SIP-400

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/go/7200

http://www.cisco.com/en/US/products/hw/routers/ps352/ps4972/index.html

http://www.cisco.com/en/US/products/ps6549/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

David Lapier ( dlapier@cisco.com); Ben Strickland ( bstrickl@cisco.com)

SAE: Authentication - DHCP Option 60 Support and VPN-ID Support

DHCP Vendor Class Identifier (Option 60) provides a new way for a service provider to differentiate between devices on a customer's premises when provisioning IP sessions. With Cisco support for Option 60 in ISG, the type of premises device can be used to authorize access and set-up the end-customer's services using Cisco Intelligent Services Gateway (ISG) functionality. For example, the ption 60 value can identify a certain type of Set Top Box. When used in conjunction with DHCP Option 82 and the VPN-ID, Cisco also supports new models for wholesaling using IP sessions.

Benefits

Improves customer exerience while improving network security for FTTH and 3-play deployments. Allows for the precise application of services, including QOS, that is tuned to the CPE in a highly-scalable way.

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Routers, Cisco 7600 Series Routers with RSP720 and 7600-SIP-400

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/go/7200

http://www.cisco.com/en/US/products/hw/routers/ps352/ps4972/index.html

http://www.cisco.com/en/US/products/ps6549/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

David Lapier ( dlapier@cisco.com); Ben Strickland ( bstrickl@cisco.com)

SAE: RSVP support for IP Sessions

12.2SRD now provides support for RSVP on the same interface as IP sessions. RSVP can be used to deterrmine the availability of end-to-end network resources in parallel to the application of services using ISG.

Benefits

Service Providers can further improve network utilization and scalability while offering 3-play services with IP sessions.

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Routers, Cisco 7600 Series Routers with RSP720 and 7600-SIP-400

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/go/7200

http://www.cisco.com/en/US/products/hw/routers/ps352/ps4972/index.html

http://www.cisco.com/en/US/products/ps6549/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

David Lapier ( dlapier@cisco.com); Ben Strickland ( bstrickl@cisco.com)

Mobile

IMA Core Facing Support

IMA core facing support has become a requirement for many Cisco 7600 customers. This feature allows the use of IMA interfaces as interface facing the core. This address the market which uses ATM interfaces and would like to take advantage of bundling multiple ATM interfaces towards the core.

Benefits

There are primarily two main reasons for implementing IMA core facing:

• increased bandwidth between nodes using ATM interfaces

• increases redundancy by having link(s) protected by other member link(s) in the bundle

Hardware

Routers

• Cisco 7600 Series Routers
• Line cards: 7600-SIP-400 with SPA-24CHT1-CE-ATM, or SPA-1CHOC3-CE-ATM

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6551/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Mohamed Shommo ( mshommo@cisco.com)

Port Mode Cell Relay Support

Cell Relay can be done in 3 modes - VC, VP and Port. The VC mode involves transport of all cells belonging to a VC (cells with same VPI/VCI) over the MPLS tunnel in either the Single or Packed form. Similarly VP mode transports cells belonging to a VP (cells with same VPI) over the MPLS tunnel, either in Single or Packed form. The Port mode involves transport of all the cells arriving on an ATM port over the MPLS cloud, separately or packed together.

Benefits

The ability to support port mode relay on ATM ports

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6551/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Mohamed Shommo ( mshommo@cisco.com)

ISG Support on SAMI Blade

Intelligent Service Gateway (ISG) is a Cisco IOS feature set that provides a structured framework in which edge access devices can deliver flexible and scalable services to subscribers.
Because almost any IP device can be voice-, video-, or data-enabled, service providers are delivering many services to many screens over converged fixed and mobile networks. Today's consumers of data, voice and video (triple-play) services demand a unified, high-performance experience at home, at work and on the move. The Cisco ISG controls subscriber access at the edge of the network to enable the provisioning and management of broadband networks for a broad range of access and edge technologies, subscriber numbers and service types, effectively linking subscriber service requests with distributed policy control to help ensure a high quality of experience for the emerging "Connected Life."
ISG on the SAMI has been designed with High Scalability and Wireless Deployment Scenarios in mind. With a massively distributed control plane contained within a single c7600 chassis, immense numbers of aggregated wireless customers can be terminated with very rich feature support.

What Is ISG?

Intelligent Service Gateway functionality provides advanced subscriber awareness, resource provisioning and access control capabilities. Cisco ISG distributes service intelligence to the Internet Protocol (IP) network edge. This simplifies creation and speeds delivery of advanced IP services over Cisco IP Next-Generation Networks (IP NGNs).
ISG handles the following key aspects of subscriber management:

• Full IP Session Support

• Subscriber identification

• Service and policy determination

• Session policy enforcement

• Session life-cycle management

• Accounting for access and service usage

• Session state monitoring

In addition, ISG provides a dynamic element to the provisioning and activation of services through control policies and Change of Authorization (CoA) extensions to the RADIUS protocol. This allows for "zero-touch" provisioning of an individual subscribers experience, all without impacting service to the end-user.
An ISG-enabled device may be deployed at the access edge and service edge of a network and is applicable to a range of subscriber network environments, such as digital subscriber line (DSL), public wireless LAN (PWLAN), mobile wireless, and WiMAX. Moreover, ISG has been designed to accommodate a flexible distribution of subscriber and service information within a given solution.
It is also possible to define services directly on an ISG. In all cases, service activation may be triggered as a result of a locally defined control policy, user profile associations, or CoA commands from an external policy server or portal application.

Benefits

Advanced Subscriber Management - ISG allows for numerous methods of identifying subscribers with the concept of the multi-dimensional id.
Broad Range of Ingress and Egress Methods - ISG allows a wide range of Layer 2 and Layer 3 access methods to be utilized.
Advanced Policy and User LifeCycle Management - Manage users or allow users to manage themselves. With CoA, user sessions can be managed dynamically in real time in ways never before possible.

Hardware

Routers

• Cisco 7600 Series Routers with Cisco SAMI Application blade

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/go/isg

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Ben Strickland ( bstrickl@cisco.com); Tom Bakita ( bakita@cisco.com)

Layer 2 Enhancements

L2VPN Routed Mode Interworking: Ethernet/VLAN to ATM/FR/PPP

Routed interworking is used in cases where an SP wants to provide IP or other L3 routing protocol connectivity to different sites irrespective of their L2 connectivity to these sites and the sites can belong to a single customer or to multiple customers. In such cases, the SP doesn't participate in the customer's L3 network (e.g. routing functionality).
7600 supports various combinations of IP/Routed interworking including VLAN-to-Any combination. From 12.2SRD release onwards, PFC-based Ethernet-to-Any IP/Routed interworking is phased out. The 7600 VLAN to-Any IP/Routed interworking (this is also referred to as SVI/VLAN-based IP/Routed interworking) is the recommended combination for customers.

Benefits

Until the 12.2SRC release, the SVI/VLAN-based IP routed Interworking combination only works when the core-facing linecard is Flexwan, Enhanced Flexwan, and 7600-SIP-200. From 12.2SRD release, this feature is supported on the 7600-SIP400, 7600-SIP-600, ES-20, and ES+ line cards.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

L2TPv3 - Layer-2 Tunneling Protocol Version 3 on Cisco Ethernet Services Plus Line Cards

Cisco IOS ® Release 12.2(33)SRD offers Layer 2 Tunneling Protocol (L2TP) Version 3 on the Ethernet Services Plus Line Cards. L2TPv3 helps enable service providers to deliver traditional Layer 2 services entirely from their IP infrastructures.
Offering a traditional Layer 2 service such as Frame Relay using an IP network infrastructure can lower the cost of providing the same service compared to offering the same service using a dedicated Layer 2 network. IP network infrastructures support multiple service types, and multi-service networks can spread network investments and operating costs across a larger and more diverse customer base. L2TPv3 also allows a service provider to extend the geographic reach of its traditional Layer 2 service to areas where its Layer 2 networks do not currently exist. Traditional Layer 2 services can now be offered as far as the IP network can reach.
Using L2TPv3, service providers can now enhance their product portfolios to include managed Internet, intranet, and extranet services without adding complexity and expense. Customer equipment investments are protected as customers continue to connect to the service provider through their existing infrastructures.
On the Cisco 7600 series routers, L2TPv3 is a line card feature that was traditionally only implemented on the 7600-SIP-400 line card. In the 12.2(33)SRD Release, L2TPv3 is supported on the 7600-ES+20/40 line cards in hardware, with the same capabilities (excluding the non-Ethernet interface support) and restrictions as the 7600-SIP-400. The minimum hardware requirement for enabling the L2TPv3 service on a 7600 router are an L2TPv3-aware line card (such as the 7600-SIP-400/ES+) at the Layer 2 CE- facing side and an IP interface on any line card at the IP core-facing side. A service card is not required for L2TPv3.
7600-ES+40 line card supports 16,000 Psuedowires (up form 8,000 on 7600-SIP-400) with 512 tunnels and Ethernet (only) attachment circuit types.

Benefits

• Drive down the cost of providing traditional Layer 2 services through superior cost efficiencies of multiservice IP infrastructures and service bundling

• Extend their existing Layer 2 networks without expanding their legacy networks

Hardware

Routers

• Cisco 7600 Series Routers
• Line Cards: 7600-SIP-400, Cisco 7600 Ethernet Services Plus Series Line Cards

Additional Information

http://www.cisco.com/en/US/netsol/ns341/ns396/ns172/ns155/networking_solutions_white_paper09186a008017fa6e.shtml

http://www.cisco.com/en/US/docs/ios/wan/configuration/guide/wan_l2_tun_pro_v3.html

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Scott Miles ( smiles@cisco.com)

Bridging using RFC1483 Routed Encapsulation (BRE) on 7600-SIP-400

Bridging Routed Encapsulation (BRE) provides a network migration solution for ATM Service Providers starting to offer Ethernet Access services. Such service provider needs to migrate one of their network endpoints to an Ethernet service. This means that the routed connection from one router now goes across ATM cloud, gets terminated on an ATM sub-interface PVC, and then bridged traffic to another Ethernet router.
With the 12.2(33) SRD Release, Cisco 7600 now supports BRE on the 7600-SIP-400 in addition to the 7600-SIP-200.

Benefits

• Investment protection

– Service providers can continue to use the ATM and Ethernet equipment and reduce capital expenditures as they evolve their network.

• Increased SIP/SPA interface selection

– With the addition of 7600-SIP-400, there is an increase in the breadth of interface selections that supports BRE

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

Mini Protocol Analyzer using SPAN

Mini protocol analyzer provides a standalone packet capture tool to assist in remote troubleshooting. This feature allows the capture and inspection of packets on a live box using CLI. 7600 can passively capture the packets to local memory and display the packets on the console or export the captured buffer to external servers for post processing.
The captured packets are dumped on local flash disk in a standard PCAP format and can be later sourced to a common packet analyzing tools such as ethereal. This provides a powerful diagnostic tool to network administrators to quickly define and capture interesting traffic for troubleshooting purposes without any service disruption.

Benefits

• Improved troubleshooting

– Allows the capture and inspection of packets on a Cisco 7600 using CLI.

– Provides a method for remote troubleshooting.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/go/7600

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

Release 12.2(33)SRC Feature Highlights

The following sections include Release 12.2(33)SRC hardware and software feature highlights.
Like all Release 12.2SR releases, this Release 12.2(33)SRC integrates Cisco IOS Software innovations that span multiple technology areas, including Broadband, Quality of Service, Layer 2 VPN, MPLS and Layer 3 VPN, IP Addressing and Services, and IPv6, IP Routing, and Infrastructure and Embedded Management.

Table 3. Release 12.2(33)SRC Highlights

Hardware

Broadband

Quality of Service

Layer 2 VPN

Cisco 7600 Series Route Switch Processor 720-10GE (RSP720-3C-10GE & RSP720-3CXL-10GE)

8-Port 10 Gigabit Ethernet Module for Cisco 7600 Series Routers

Wireless Services Module (WiSM) for Cisco 7600 Series Routers

PA-MC-T3-EC and PA-MC-2T3-EC for Cisco 7200 and 7301 Series Routers

Cisco 7200 Series Routers, Cisco 7201 Router, and Cisco 7301 Router Support

Cisco ISG Session Control High Availability (SSO/EFSU)

Cisco ISG Support for Cisco 7600 Series Routers

Cisco ISG: Service Control Engine Common Control Bus

Cisco ISG: MQC Support for IP Sessions

Cisco ISG: IP Session Keepalives (ARP and ICMP)

Broadband PPP - Features for Cisco 7600 Series Routers

Authentication, Authorization and Accounting Enhancements

Tunnel-Based Admission Control Support for Cisco 7600 Series Routers

Per-User QoS for Cisco 7600 Series Routers

Per-Session QoS for Cisco 7600 Series Routers

Per-Session Shaping and Queuing on LNS for Cisco 7600 Series Routers

Traffic Shaping Overhead Accounting for ATM for Cisco 7600 Series Routers

GRE Tunnel Marking for Cisco 7200 Series Routers

High Availability for Any Transport over MPLS (AToM): NSF with SSO;EFSU

AToM Tunnel Selection for Cisco 7200 Series Routers and the Cisco 7301 Router

MPLS PW Status Signaling

Per Subinterface MTU for Ethernet over MPLS (EoMPLS)

High Availability for Virtual Private LAN Service (VPLS): NSF with SSO; EFSU

H-VPLS N-PE Redundancy for QinQ or MPLS Access

VPLS MAC Address Withdrawal

TDM Local Switching

L2VPN PW Redundancy - ATM Attachment Circuits

MPLS and Layer 3 VPN

IP Addressing and Services, and IPv6

IP Routing

Cisco IOS Infrastructure and Embedded Management

Cisco IOS MPLS TE/RSVP Enhancements

Cisco IOS MPLS LDP Enhancements

Cisco IOS MPLS Embedded Management Enhancements

Cisco IOS MPLS Layer 3 VPN Enhancements

HSRP Group Shutdown

VRRP Stateful Switchover/Enhanced Fast Software Upgrade

DHCPv4 Server Management Enhancements

DHCPv4 Server, Proxy, Relay, ODAP Enhancements

DHCPv6 Relay Enhancements

Updated IPv6 MIB - RFC 4292 (IP MIB) and RFC 4293 (IP Forwarding MIB)

Bidirectional Forwarding Detection Enhancements

OSPF Graceful Shutdown

OSPF Generic TTL Security Mechanism

Cisco IOS Scripting with Tcl

Embedded Syslog Manager

CNS Interactive CLI

Command Scheduler (Kron)

HTTP TACAC+ Accounting Support

HTTP Access over IPv6

Hardware

Cisco 7600 Series Route Switch Processor 720-10GE (RSP720-3C-10GE & RSP720-3CXL-10GE)

The Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet uplinks is specifically designed to deliver high scalability, performance, and fast convergence required for today's and tomorrow's demanding voice, video, data, and mobility (quadruple-play) services. The RSP720-10GE offers Carrier Ethernet Service Providers tremendous flexibility, scalability and performance at the access or aggregation edge while deploying advanced IP video and triple-play (voice, video, and data) system applications in both the residential and business services markets. In essence, it gives Service Providers and Enterprises true service convergence with the ability to manage a wide variety of applications over a range of access mediums using a single platform, the Cisco 7600 Series. (See Figure 12).

Note: The RSP720-10GE in Release 12.2(33)SRC is orderable on a limited basis. Contact your Cisco sales representative for details.

Figure 12. Cisco 7600 Series Route Switch Processor 720-10GE

Benefits

• Integrated 720-Gbps switch fabric

– Offers Layer 2 forwarding rates of up to 30 million packets per second (Mpps)

– Provides bandwidth capacity of 40 Gbps per slot

– Allows additional slots for increased port density

• Hardware-based Cisco Express Forwarding

– Offers Layer 3 (IP and MPLS) forwarding rates of 30 Mpps

• 10GE and GE port options

– Offers 2x10Gigabit Ethernet and 3xGigabit Ethernet ports options (including 1x 10/100/1000 RJ45 port) on the RSP

– Interfaces are configured either in 10GE port mode only or in mixed-mode

• Faster CPU and added memory - Performance improvements include:

– Faster protocol convergence times

– Improved Internet Group Management Protocol (IGMP) snooping times

– Improved router boot-up times

– Faster rates of establishing Dynamic Host Configuration Protocol (DHCP) server, Label Distribution Protocol (LDP), IP sessions, and traffic engineering

• High-density residential subscribers aggregation

– Allows customers to support a combination of Layer 2 VPN (L2VPN) and L3VPN features for use in a quadruple-play network

Hardware

Routers

• Chassis: Cisco 7603-S, 7604, 7606-S, 7609, 7609-S
• Line cards: SIP-200/SIP-400/SIP-600, Enhanced FlexWAN Module, 7600-ES20-GE3C, 7600-ES20-GE3CXL, 7600-ES20-10G3C, 7600-ES20-10G3CXL, DFC3C, DFC3CXL, DFC3B, DFC3BXL, WS-X6700, WS-6500, WS-X6100

Additional Information

http://www.cisco.com/en/US/products/hw/routers/ps368/index.html

http://www.cisco.com/en/US/products/hw/routers/ps368/prod_installation_guides_list.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Murali Gandluru ( mgandlur@cisco.com)

8-Port 10 Gigabit Ethernet Module for Cisco 7600 Series Routers

The 8-port 10 Gigabit Ethernet module doubles the 10 Gigabit Ethernet density on the Cisco 7600 Series, providing up to 64 ports of 10 Gigabit Ethernet in a single Cisco 7600 Series chassis. (See Figure 13).
There are two versions of the Series 8-port 10 Gigabit Ethernet module:

• 8-port 10 Gigabit Ethernet module with Distributed Forwarding Card 3C (DFC3C)

• 8-port 10 Gigabit Ethernet module with Distributed Forwarding Card 3C (DFC3CXL)

Both modules contain the WS-X6708-10GE base board and a distributed forwarding card. The base module supports up to eight pluggable X2 optics and has a 40 Gbps connection to the fabric and is therefore 2:1 oversubscribed. The distributed forwarding card provides hardware-based MAC learning and forwards traffic at 48 Mpps. 8-port 10 Gigabit Ethernet module can demonstrate up to 64 Gbps local switching. Besides port density, it also has increased port buffering and enhanced queuing and scheduling mechanisms for congestion management.

Figure 13. 8-Port 10 Gigabit Ethernet Module for Cisco 7600 Series Routers

Benefits

• Increased port density

– 8 ports per module (up to 64 ports per chassis)

– Consolidates chassis for bandwidth aggregation

• Increased port buffering

– 200MB per port

– More efficient transmissions for long haul connections

• New scheduler

– Shaped Round Robin (SRR) in egress

– More efficient handling of bursty traffic

• New queuing mechanism

– Differentiated Services Code Point (DSCP)-based queue mapping

– Allows both ingress and egress queuing based on Layer 3 TOS and provides more granular classes of traffic

• Increased memory

– Default 1 GB DRAM

– Storage of larger forwarding table

Hardware

Routers

• Cisco 7604, 7606, 7606-S, 7609, 7609-S, and 7613
• Line cards: Supervisor Engine 720 with any PFC

Additional Information

http://www.cisco.com/en/US/products/hw/routers/ps368/index.html

http://www.cisco.com/en/US/products/hw/routers/ps368/prod_installation_guides_list.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Jeevak Bhatia ( jeevak@cisco.com)

Wireless Services Module for Cisco 7600 Series Routers

Wireless Services Module (WiSM) support for Cisco 7600 Series Routers provides unparalleled security, mobility, redundancy, and ease of use for business-critical wireless LANs (WLANs). It delivers the most secure wireless system available for Enterprise-scale WLANs. As a Cisco 7600 Series module, it delivers centralized security policies, wireless Intrusion Prevention System (IPS) capabilities, award-winning RF management, Quality of Service (QoS), and Layer 3 fast secure roaming for WLANs. As a key component of the Cisco Unified Wireless Network, the Cisco WiSM provides the control, security, redundancy, and reliability that network managers need to scale and manage their wireless networks easily. (See Figure 14).

Figure 14. Cisco 7600 Series Wireless Services Module

The Cisco WiSM is a member of the Cisco Wireless LAN Controller family. It works in conjunction with Cisco Aironet ® access points, the Cisco Wireless Control System (WCS) and the Cisco Wireless Location Appliance to support mission-critical wireless data, voice, and video applications. It provides real-time communication between access points and other WLAN controllers to deliver a secure and unified wireless solution.
The Cisco WiSM smoothly integrates into existing Cisco 7600 Series Enterprise networks. It communicates using the emerging Lightweight Access Point Protocol (LWAPP) standard to establish secure connectivity between access points and modules across Layer 3 networks. This protocol enables the automation of important WLAN configuration and management functions for cost-effective WLAN operations. With this integrated approach to large-scale wireless networking, customers can realize significant total cost of ownership benefits by streamlining support costs and reducing planned and unplanned network downtime.
Because the Cisco WiSM supports 802.11a/b/g and the IEEE 802.11n draft 2.0 standard, organizations can deploy the solution that best meets their individual requirements. Organizations can offer robust coverage with 802.11 a/b/g or deliver greater performance with 5x the throughput and unprecedented reliability using 802.11n and Cisco's Next-Generation Wireless Solutions and Cisco Enterprise Wireless Mesh.

Benefits

Cisco 7600 Series Integration - Embedded system for the Cisco 7600 Series infrastructure, delivering centralized security policies, IPS, RF management, QoS, and Layer 3 fast secure roaming for WLANs

Enterprise Scalability - Scalable architecture provides business-critical wireless services for deployments of all sizes

Enterprise Reliability - Automated recovery from failures of Cisco Aironet access points, Cisco WiSMs, and Cisco 7600 Series Supervisor Engine 720 maximizes the availability of the wireless network

Integrated RRM - Creates an intelligent RF control plane for self-configuration, self-healing, and self-optimization

Zero-Configuration Deployment - The Cisco WiSM is deployed without manually configuring access points or modifying existing network infrastructures

Multilayered Security - Flexible security policies adapt to changing corporate security needs

Intrusion Detection, Location, and Containment - Integrated wireless intrusion protection preserves the integrity of wireless networks and sensitive corporate information

Mobility Management - Users can roam between access points and across bridged and routed subnets without requiring changes to the underlying infrastructure

Intuitive Management Interfaces - Better visibility and control of the air space reduces operational costs

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/hw/routers/ps368/index.html

http://www.cisco.com/en/US/products/hw/routers/ps368/prod_installation_guides_list.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Mike Sy ( micsy@cisco.com)

PA-MC-T3-EC and PA-MC-2T3-EC for Cisco 7200 and 7301 Series Routers

The 1- and 2-port multichannel T3 port adapters for the Cisco 7200 Series Routers and Cisco 7301 Router are enhanced versions of the previous multichannel T3 port adapters (part numbers PA-MC-T3 and PA-MC-2T3+). (See Figure 15).
The new port adapters address specific scalability challenges by increasing performance and lowering CPU usage. They offload advanced capabilities and features from the CPU, delivering them directly to meet Enterprise and Service Provider WAN link-aggregation service requirements. Each port adapter T3 interface can be independently configured for either multichannel T3 or clear-channel packet-over-T3 operation. With T3 port configurations, connections to DS-3 and subrate DS-3 services can be provisioned. With multichannel T3 port configurations, up to 28 T1 links per T3 interface can be brought in on a singlewide port adapter. Each T1 can be further channelized to DS-0, making the port adapters highly flexible interfaces for WAN provisioning.

Figure 15. Cisco 1- and 2-Port Multichannel Enhanced Capability Port Adapters

The combination of multichannel T3 and clear-channel functions makes the Cisco 1- and 2-Port Multichannel Enhanced Capability Port Adapters ideal for today's rapidly changing WAN environment. Specific features such as MLPPP, MLFR, LFI, and FRF.12 have been offloaded from the CPU to further enable agile response to new services while using existing infrastructure connections to better advantage.
As an integral part of a service node where customer bandwidth needs are uncertain, the port adapters allow Service Providers to avoid determining beforehand how ports will be allocated between DS-0, DS-1, and DS-3 connections. For Enterprise remote-site connection, the flexibility to support DS-0, DS-1, and DS-3 connections means the port adapters reduce equipment expenditures by integrating the capabilities and services of numerous port adapters onto a single adapter. They also provide investment protection by growing with the Enterprise to meet the needs of both today's DS-0 and DS-1 aggregation networks and tomorrow's T3 aggregation networks.

Benefits

• Operation Modes

– Multichannel (channelized) - 28 T1 ports multiplexed onto a single T3 connection per interface

– Clear channel (unchanelized) - Offers an unchannelized 45-Mbps T3 clear channel per interface

• Performance

– Line rate - Provides full T3 line usage and throughput

– New intelligent software architecture - Lower CPU usage increases router efficiency and improves resource usage, enabling more services

• Feature Offloads

– MLPPP - Port adapter intelligence alleviates heavy processing of CPU-intensive features

– MLFR - Lowers CPU processing while performing fragmentation and defragmentation

– LFI - Reduces delay on slower-speed links by breaking up large datagrams and interleaving low-delay traffic packets with the smaller packets resulting from the fragmented datagram

– FRF.12 - Controls delay and delay variation when real-time traffic such as voice is carried across the same interfaces as data

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/hw/routers/ps341/

http://www.cisco.com/en/US/products/hw/modules/ps2033/products_data_sheet0900aecd8054951d.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Rubin Rios ( rurios@cisco.com)

Cisco 7200 Series Routers, Cisco 7201 Router, and Cisco 7301 Router Support

Starting with Cisco IOS Software Release 12.2(33)SRC, Release 12.2SR includes support for the Cisco 7200 Series Routers and the Cisco 7301 Router. Release 12.2(33)SRC also includes support for the Cisco 7201 Router, the latest generation of the Cisco 7200 Series Family.
Within the Cisco IOS Software Release 12.2S family, the migration path for new features on the Cisco 7200 Series Routers and the Cisco 7301 Router is from Release 12.2SB to Release 12.2SR. Release 12.2(31)SB2 is the last Release 12.2SB release to include support for the Cisco 7200 Series Routers and the Cisco 7301 Router.

Cisco 7200 Series Routers

The industry's most widely deployed universal services aggregation router for Enterprise and Service Provider edge applications, the Cisco 7200 Series offers (See Figure 16):

• Exceptional price/performance - The NPE-G2 Network Processing Engine aggregates services at up to 2 Mpps

• A wide range of connectivity options and numerous features including serviceability and manageability

• Increased VPN performance with VPN Services Adapter

• Increased scalability and flexibility with the Port Adapter Jacket Card

Figure 16. Cisco 7200 Series Routers

Cisco 7201 Router

The Cisco 7201 Router is the latest generation of the Cisco 7200 Series Family. It is a compact, high performance single Rack Unit (RU) router that uses the latest Cisco 7200VXR Network Processing Engine NPE-G2 coupled with a comprehensive range of interface options. (See Figure 17.)

Figure 17. Cisco 7201 Router

The Cisco 7201 Router addresses the demand for the same performance enhancements, and Cisco IOS Software features of the latest Cisco 7200VXR NPE-G2 but in a smaller form-factor and with low power consumption. The Cisco 7201 provides four built-in Gigabit Ethernet ports and one Port Adapter (PA) slot which make it ideal for various Service Providers and Enterprise applications. It also offers redundant and field-replaceable AC and DC power supplies.
With its combination of scalable performance, compact architecture, high density, and low price per port, the Cisco 7301 is ideally suited for a variety of key applications within both the Service Provider and Enterprise markets.

Cisco 7301 Router

The Cisco 7300 Series is optimized for flexible, feature rich IP/MPLS services at the customer network edge, where Service Providers and Enterprises link together. (See Figure 18.) With 3 built-in Gigabit Ethernet interfaces (copper or optical) and a single slot for any Cisco 7000 Series port adapter, the Cisco 7301 is highly flexible for a variety of applications. Additionally for broadband aggregation, the Cisco 7301 supports up to 16,000 subscribers sessions making it ideal for pay-as-you-grow broadband deployment models.

Figure 18. Cisco 7301 Router

The following are some of the key Cisco IOS Software highlights on the Cisco 7200 Series, the Cisco 7201, and the Cisco 7301 Routers in Release 12.2(33)SRC:

Bidirectional Forwarding Detection (BFD)

BFD is a detection protocol designed to provide fast forwarding path failure detection times for all media types, encapsulations, topologies, and routing protocols. BFD also provides a consistent failure detection method for network administrators.
BFD support was first introduced to Release 12.2SR in Release 12.2(33)SRA for the Cisco 7600 Series Routers. Release 12.2(33)SRB and Release 12.2(33)SRC include BFD enhancements which are highlighted in the later sections of this document. For more detailed information on BFD support in Release 12.2SR, please visit:
http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

MPLS Traffic Engineering (TE) - Fast ReRoute

The MPLS TE - Fast Reroute (FRR) Link and Node Protection feature provides link protection (backup tunnels that bypass only a single link of the Label-Switched Path (LSP)), node protection (backup tunnels that bypass next-hop nodes along LSPs), and the following FRR features:

• Backup tunnel support

• Backup bandwidth protection

• Resource Reservation Protocol (RSVP) Hellos

MPLS TE - FRR Link and Node Protection was first introduced to Release 12.2SR in Release 12.2(33)SRA for the Cisco 7600 Series Routers. For more detailed information on MPLS TE - FRR Link and Node Protection in Release 12.2(33)SRA, please visit:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a0080264560.html

IPv6 VPN Provider Edge Router (6VPE)

The Cisco implementation of IPv6 VPN provider edge router over MPLS is referred to as Cisco 6VPE and enables IPv6 sites in a VPN that communicate with each other over an MPLS IPv4 core network using MPLS Label Switched Paths (LSPs).
Cisco 6VPE was first introduced to Release 12.2SR in Release 12.2(33)SRB for the Cisco 7600 Series Routers, and is further highlighted later in this document. For more detailed information on Cisco 6VPE in Release 12.2(33)SRB, please visit: http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_configuration_guide_chapter09186a00807d26c0.html

MPLS LDP-IGP Synchronization (OSPF)

Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) Interior Gateway Protocol (IGP) Synchronization ensures that LDP is fully established before the IGP path is used for switching. This feature is only supported on interfaces running OSPF or IS-IS processes.
MPLS LDP-IGP Synchronization was first introduced to Release 12.2SR in Release 12.2(33)SRB for the Cisco 7600 Series Routers. In Release 12.2(33)SRB and Release 12.2(33)SRC, MPLS LDP-IGP Synchronization is not supported with IS-IS. Only OSPF is supported. For more detailed information on MPLS LDP-IGP Synchronization in Release 12.2(33)SRB, please visit:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a00802d95dd.html

IP SLAs for MPLS Pseudo Wire (PWE3) via VCCV

IP SLAs for MPLS Pseudo Wire (PWE3) via VCCV is used to schedule pseudo-wire ping operations and provide monitoring and alerts for Round Trip Time (RTT), failure, and connection threshold violations via SNMP Traps.
Cisco IOS IP Service Level Agreement (IP SLA) is a capability embedded in Cisco IOS Software. IP SLAs allow Cisco customers to understand IP service levels, increase productivity, lower operational costs, and reduce the frequency of network outages. IP SLA utilizes active monitoring of network performance and can be used for network troubleshooting, network assessment and health monitoring. The feature reduces MPLS network trouble shooting time and allows proactive monitoring of MPLS network performance. IP SLAs Pseudo Wire (PWE) Health Monitor automatically tests connectivity for PWE between MPLS network edges. Threshold violations and scalable operation scheduling are also available.
For more detailed information on IP SLAs for MPLS Pseudo Wire (PWE3) via VCCV support in Release 12.2(33)SRC, please visit:
http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Multicast VPN Extranet

Multicast VPN Extranet allows VPN closed user groups to share information and common multicast information to be distributed across multiple VPN customers.
An extranet can be viewed as part of a company's intranet that is extended to users outside the company. Extranet is a VPN connecting the corporate site or sites to external business partners or suppliers, to securely share part of the information of a business or operations among them. MPLS VPNs inherently provide security, ensuring that users access only appropriate information. The MPLS VPN Extranet service offers users unicast connectivity without comprising the integrity of their corporate data. Multicast VPN Extranet extends this service offering to include multicast connectivity to the extranet community of interest. It allows Service Providers to offer the next generation of flexible extranet services, helping to enable business partnerships between different Enterprises.
For more detailed information on Multicast VPN Extranet support in Release 12.2(33)SRC, please visit: http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

MPLS LDP - Lossless MD5 LDP Session Authentication

The MPLS LDP MD5 Global Configuration feature provides a configuration enhancement for enabling MD5-based session authentication of LDP sessions, which helps prevent unauthorized LDP peer applications from establishing LDP sessions with the local LDP process and also helps to block spoofed TCP messages.
MPLS LDP MD5 Global Configuration is further highlighted later in this document. For more detailed information on MPLS LDP MD5 Global Configuration in Release 12.2(33)SRC, please visit: http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

AToM Tunnel Selection

Any Transport over MPLS (AToM) Tunnel Selection allows you to specify the path that AToM traffic uses.
AToM Tunnel Selection was first introduced to Release 12.2SR in Release 12.2(33)SRA for the Cisco 7600 Series Routers, and is further highlighted later in this document. For more detailed information on AToM Tunnel Selection in Release 12.2(33)SRA, please visit: http://www.cisco.com/en/US/products/ps6922/products_feature_guide09186a008067cf79.html

Multi-Topology Routing

Multi-Topology Routing (MTR) is a new and exciting technology that extends the capabilities of Cisco routing technologies. Multi-Topology Routing adds a service differentiation dimension to traditional destination based routing. In other words, different classes of services can follow different paths across the network.
MTR was first introduced to Release 12.2SR in Release 12.2(33)SRB for the Cisco 7600 Series Routers, and is further highlighted later in this document. For more detailed information on MTR in Release 12.2(33)SRB, please visit: http://www.cisco.com/en/US/products/ps6922/products_feature_guide09186a00807c64b8.html

MPLS VPN PE-CE Link Protection Support

The MPLS VPN carrier class feature portfolio is further enriched with MPLS VPN PE-CE link protection. Upon PE-CE link failure, VPN end-to-end convergence can be improved with an egress PE (Point of Local Repair) switching VPN traffic to an alternative egress PE before the control plane has converged.
For more detailed information on MPLS VPN PE-CE link protection support in Release 12.2(33)SRC, please visit: http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Additional Information

http://www.cisco.com/en/US/products/hw/routers/ps341/

http://www.cisco.com/en/US/products/hw/routers/ps352/ps4972/index.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Alex Johnstone ( ajohnsto@cisco.com)

Broadband

Cisco Intelligent Services Gateway Session Control High Availability (SSO/EFSU)

Cisco IOS Software Release 12.2(33)SRC delivers Cisco IOS High Availability features with sub-second switchover during periods of hardware or software failure for Cisco Intelligent Services Gateway (ISG) PPP Sessions, IP Sessions or IP interface sessions on Cisco 7600 Series Routers.
Cisco ISG Session Control Stateful Switchover (SSO) enhancements extend Cisco SSO technologies to include PPPoEoX Sessions, IP Sessions, IOS Policy Manager and DHCP. With these enhancements, seamless route processor switchover is provided for dynamic session services available on a deployed Cisco ISG/BRAS. Cisco SSO protects from hardware or software faults on an active route processor by synchronizing session state information, including session initiator type, DHCP information, and Radius Change of Authorization (CoA) messages, with a standby router processor.
Release 12.2(33)SRC also delivers Cisco ISG Session Control Enhanced Fast Software Upgrade (ISSU/EFSU). Cisco IOS ISSU is the industry's first, true, in-service upgrade solution for the Broadband edge, mitigating network downtime due to upgrading or downgrading Cisco IOS Software images on Cisco 7600 Series Routers with redundant supervisor engines. Based on Nonstop Forwarding/Stateful Switchover (NSF/SSO), Cisco 7600 Series Routers implement Enhanced Fast Software Upgrade (eFSU), which allows users to upgrade or downgrade complete Cisco IOS Software images with only a short system outage. EFSU enables rapid software upgrades for new line cards, new power supplies, new features, or software fixes.
Currently, only session based-services are protected by SSO and EFSU. Services which apply to flow-based traffic classification (traffic classes) will have high availability services added to them in an upcoming release.

Benefits

Cisco ISG Session Control High Availability enhancements provide a route-processor protection solution with the following benefits:

Provides automatic fault detection and seamless recovery - Allows for the persistence of PPP, Interface, or IP Sessions during an RP switchover scenario; the control plane recovers gracefully minimizing network churn.

Reduces costs - Decreases network downtime expenses, including SLA penalties, lost revenue opportunities, user and administrative productivity costs, and emergency network expenditures

Hardware

Routers

• Cisco 7600 Series Routers with RSP720
• Chassis: Cisco 7604, 7606, 7609, 7613, 7603-S, 7606-S, 7609-S
• Line cards with warm reload support: SIP-400

Note: Line cards not capable of warm reload will reload normally. If a fix requires new line card software, the upgrade will revert to eFSU.

Additional Information

http://www.cisco.com/en/US/products/ps6549/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6550/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Ben Strickland ( bstrickl@cisco.com)

Cisco Intelligent Services Gateway Support for Cisco 7600 Series Routers

First introduced in Cisco IOS Software Release 12.2SB for Cisco 7200 Series Routers, the Cisco 7301 Router, and Cisco 10000 Series Routers, Release 12.2(33)SRC introduces Cisco Intelligent Services Gateway (ISG) support for Cisco 7600 Series Routers.
Cisco ISG is a Cisco IOS Software feature set that provides a structured framework in which edge access devices can deliver flexible and scalable services to subscribers. Because almost any IP device can be voice-, video-, or data-enabled, Service Providers are delivering many services to many screens over converged fixed and mobile networks. Today's consumers of data, voice and video (triple-play) services demand a unified, high-performance experience at home, at work, and on the move.
Cisco ISG controls subscriber access at the network edge to enable the provisioning and management of broadband networks for a broad range of access and edge technologies, subscriber numbers and service types, effectively linking subscriber service requests with distributed policy control to help ensure a high quality of experience for the emerging "Connected Life."
Cisco ISG provides advanced subscriber awareness, resource provisioning, and access control capabilities. Cisco ISG distributes service intelligence to the Internet Protocol (IP) network edge, which simplifies service creation and speeds delivery of advanced IP services over Cisco IP Next-Generation Networks (IP NGNs).
Cisco ISG handles the following key aspects of subscriber management:

• Subscriber identification

• Service and policy determination

• Session policy enforcement

• Session life-cycle management

• Accounting for access and service usage

• Session state monitoring

Cisco ISG also provides a dynamic element to the provisioning and activation of services through control policies and Change of Authorization (CoA) extensions to the RADIUS protocol. This element allows for "zero-touch" provisioning of an individual subscriber experience, all without impacting service to the end-user.
A Cisco ISG-enabled device may be deployed at the access edge and service edge of a network and is applicable to a range of subscriber network environments, such as a Digital Subscriber Line (DSL), public wireless LAN (PWLAN), and mobile wireless. Moreover, Cisco ISG has been designed to accommodate a flexible distribution of subscriber and service information within a given solution. Figure 12 illustrates the range of deployment types for which service profile data for individual subscribers may be stored in an Authentication, Authorization, and Accounting (AAA) database and retrieved and cached on demand.

Figure 19. Cisco ISG Sample Topology

It is also possible to define services directly on a Cisco ISG-enabled device. In all cases, service activation may be triggered as a result of a locally defined control policy, user profile associations, or CoA commands from an external policy server or portal application.

Benefits

Advanced Subscriber Management - Cisco ISG allows for numerous methods of identifying subscribers with the concept of the multi-dimensional id.

Broad Range of Ingress and Egress Methods - Cisco ISG allows a wide range of Layer 2 and Layer 3 access methods to be utilized.

Advanced Policy and User LifeCycle Management - Manage users or allow users to manage themselves. With CoA, user sessions can be managed dynamically in real time in ways never before possible.

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Router, Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6588/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Ben Strickland ( bstrickl@cisco.com)

Cisco ISG: Service Control Engine (SCE) Common Control Bus

Cisco ISG in Cisco IOS Software and the Service Control Engine (SCE) are critical components of the Cisco NGN SP network. Cisco ISG is becoming the primary mechanism for PPP and IP Session by which subscribers are authenticated and administered into a broadband network of any type. The scaleable, high performance deep-packet-inspection capabilities of SCE make it the platform of choice for the delivery of granular application-based services. Together, they provide an ideal toolset to implement high-touch broadband services.
The ISG-SCE common control bus project provides a mechanism by which Cisco ISG and SCE can communicate to co-manage subscriber sessions, without requiring coordination and orchestration by additional components (namely a policy-server or AAA server). The primary benefit that emerges is the simplification of the design and implementation of these platforms into an operational network. This reduces the dependency on third party components and reduces overall solution cost. (See Figure 20.)
This new, tighter integration between these two Cisco products, with Cisco ISG providing subscriber management and Layer 1-4 policies, and SCE providing Layer 5 through 7 deep packet inspection capabilities, open up numerous possible use cases including:

Parental Control - Limit access to restricted websites for a specific user; limit access to specific applications for specific users at specific times of day

Value Added Premium Packages - Offer differential services based on specific application traffic for a specific user

Application Boost - Boost the bandwidth of a specific application

Limit Resources for Basic Subscribers - In tiered services models, the basic level of service could have specific limits placed on specific users

Figure 20. Cisco ISG and SCE Integration

Benefits

Simplified Architecture - Only one interface needs to be utilized to control both ISG and SCE

Advanced Per-User Per-Application Services - By utilizing the best of both ISG and SCE products, new use cases can be created

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Router, Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6588/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Ben Strickland ( bstrickl@cisco.com)

Cisco ISG: MQC Support for IP Sessions

Within ISG Sessions, full Modular QoS CLI (MQC) support was previously only available for dynamic PPP Sessions. With the inclusion of MQC support for IP Sessions in Cisco IOS Software Release 12.2(33)SRC, full MQC support is now available for setting QoS shapers and policers on IP Sessions, IP Subnet Sessions, and IP Interface Sessions.
MQC is a Command-Line Interface (CLI) structure that allows users to create traffic polices and attach these polices to interfaces. A traffic policy contains a traffic class and one or more QoS features. A traffic class is used to classify traffic, while the QoS features in the traffic policy determine how to treat the classified traffic.

Benefits

ISG Session Control High Availability enhancements provide a route-processor protection solution with the following benefits:

Common Configuration - The same configuration used to define QoS characteristics for other WAN interfaces now applies to IP Sessions

Flexible Services - Increased flexibility in defining QoS behavior for IP Sessions beyond simple rate policing.

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Router, Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6588/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Ben Strickland ( bstrickl@cisco.com)

Cisco ISG: IP Session Keepalives (ARP and ICMP)

IP Session Keepalives provides end-to-end keepalive support for IP and IP interface sessions, similar to the functionality supplied by PPP keepalives for PPP sessions. (See Figure 14.) This determines if an individual customer premises end-device (PC, set top box, CPE, etc.) is still connected to an aggregation network in an IP-only environment. Often in public and private networks, users may walk away with or power down their client devices without gracefully signing-off from the network. This can lead to a longer-lasting session context for the user in a Cisco ISG if the session doesn't periodically ensure user connectivity or existence.
Two types of keepalives are provided by this functionality:
ARP Keepalives - ARP Keepalives are used in a network where the Cisco SG/BRAS is directly connected to the client host device without any Layer 3 device in the circuit. Cisco ISG will be able to reach the client device by Layer 2 ARP Ping. The primary advantages of using ARP ping are that ARP has a relatively low packet overhead and that firewalls usually don't block ARP Pings.
ICMP Keepalives - ICMP Keepalives are used in a network where the Cisco ISG/BRAS is not directly connected to the client host device or if there are any Layer 3 devices between the host and the Cisco ISG/BRAS. In a layer 3 path, only ICMP keepalives will be able to be used.
Session lifecycle management can also be controlled by idle-timers, absolute timers, or disconnect events, but IP Session keepalives allow the system to have greater control of when a user session should be disconnected.
When traffic has not been seen for the configured amount of time, the ICMP or ARP ping is sent directly to the end-device. If no response is received, the session is torn down, the resources are returned to the system, and an accounting stop record is sent to the AAA server.

Figure 21. IP Session Keepalives

Benefits

Advanced Session Life Cycle Management - Cisco ISG can proactively disconnect sessions where the end-device is no longer present freeing up system resources.

More Accurate Billing - By disconnecting sessions as soon as the end device is powered off or moved, more accurate usage information is obtained.

Greater Security - Remove sessions as quickly as possible when no longer in use to reduce the chance of address spoofing.

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Router, Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6588/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Ben Strickland ( bstrickl@cisco.com)

Broadband PPP Features for Cisco 7600 Series Routers

Cisco IOS Software Release 12.2(33)SRC equips Cisco 7600 Series Routers with a wide range of broadband Point-to-Point Protocol (PPP) features that extend broadband capabilities and enable a much wider range of network configurations and environments.
This broadband PPP feature set allows Service Providers to deploy next-generation policy and subscriber management for their PPPoE-based subscribers. Many Service Providers are looking to transition to IP-based access for their subscribers to reduce Service Provider costs while also benefiting from the easy management and provisioning of value-added services. As Service Providers make this transition they are faced with the challenge of supporting their legacy PPPoE-based subscribers.
The Broadband PPP feature set on Cisco 7600 Series Routers allows Service Providers to seamlessly deploy the routers to support their PPPoE-based subscribers while allowing them to benefit from other next generation features, such as PPPoE SSO/EFSU, which provides high availability for PPPoE sessions by preserving PPPoE sessions during a RP switchover. Without SSO/EFSU support, all PPPoE sessions are reset during a route processor switchover. PPPoE SSO support provides minimal interruption in Layer 2 connectivity.
Following PPP broadband features are supported on Cisco 7600 Series Routers:

• PPPoE over Gigabit Ethernet

• PPPoE over dot1q sub-interfaces

• PPPoE over QinQ sub-interfaces

• PPPoE over ambiguous VLANs (single or double)

• PPPoE support over PVC ranges

• PPPoEoE Session Limit

• PPPoEoE Session Throttle

• PPPoEoE Service Selection

• 802.1p COS Bits

• PPPoEoE session recovery after reload

• PPPoE tag enhancements - Circuit Id, Remote Id, IWF (Interworking flag)

• PPPoEoE SSO and EFSU

Benefits

• The broadband PPP feature set allows Service Providers to offer next generation network features to their existing PPPoE subscribers. The feature set also allows a smooth transition of legacy PPPoE subscribers to IP based access.

• PPPoE SSO/EFSU enhancements allow minimal layer 2 interruption in a RP switchover scenario. The control plane recovers gracefully restoring PPPoE sessions as well as minimizing network churn. By preserving user sessions and minimizing packet loss, PPPoE SSO/EFSU reduces the impact of service outages on network users and delivers increased network uptime at the provider edge. PPPoE SSO/EFSU decreases downtime expenses, including SLA penalties, lost revenue opportunities, user and administrative productivity costs, and emergency network expenditures.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6549/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Nachiket Deshpande ( nachiket@cisco.com)

Authentication, Authorization and Accounting Enhancements

Cisco IOS Software Release 12.2(33)SRC enhances Cisco IOS Software Authentication, Authorization and Accounting (AAA) capabilities with following new features:

• Throttling of AAA Accounting Records

• Inclusion of RADIUS Attribute Accounting-Session-Id in Access Requests

Throttling of AAA Accounting Records

AAA Remote Authentication Dial-In User Service (RADIUS) protocol operates over User Datagram Protocol (UDP) transport layer and can not take advantage of a transport layer built-in flow control mechanism such as those available in Transmission Control Protocol (TCP).
The ever increasing demand for reduced capital spending has resulted in development of NAS/BRAS platforms with higher port/interface density and capability to efficiently generate high volume RADIUS load in a dynamic network environment. Ironically such improvement in scaling exacerbates the lack of flow control problem in RADIUS. The heavy RADIUS load from AAA client experiencing a changing network condition such as reload, may cause irrecoverable failure in the RADIUS server.
Throttling of AAA records helps to limit RADIUS load on RADIUS servers and its surrounding network by allowing the customers to configure a required throttling rate to reduce sudden bursts of RADIUS traffic on the RADIUS servers.

Inclusion of RADIUS Attribute Accounting-Session-Id in Access Requests

The Accounting Session ID is the only identifier provided by the RADIUS protocol that can relate authentication and accounting requests with absolute certainty.
The new commands introduced in this feature enables the sending of RADIUS attribute 44 (Accounting Session ID) in all RADIUS packets, not just in accounting packets sent after user authentication. This method of operation allows Service Providers to track all packets associated with a given subscriber session by the session ID. It also allows the policy servers at the Service Provider to use the CoA interface of Cisco ISG to dynamically manage a subscriber session using Accounting Session Id.

Benefits

Following are benefits of Throttling of AAA Accounting Records:

• Helps protect the health of RADIUS servers by avoiding sudden bursts of RADIUS traffic to the servers

• Avoids loss of critical accounting data at RADIUS servers by preventing sudden bursts of accounting records sent to the AAA server from NAS/BRAS

Following are benefits of Inclusion of RADIUS Attribute Accounting-Session-Id in Access Requests:

• Allows Service Providers to correlate various RADIUS records generated for a subscriber session through Accounting Session Id

• Allows Service Providers to extend their policy managers to use Accounting session id to dynamically manage subscriber sessions

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Router, Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6663/products_ios_protocol_option_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Nachiket Deshpande ( nachiket@cisco.com)

Quality of Service

Tunnel-Based Admission Control Support for Cisco 7600 Series Routers

MPLS TE Tunnel-Based Admission Control (TBAC) enables classic Resource Reservation Protocol (RSVP) unicast flows traveling across a Multiprotocol Label Switching-Traffic Engineering (MPLS-TE) core to be aggregated over an MPLS TE tunnel. TBAC aggregates traffic from multiple, classic RSVP sessions across different forms of tunneling technologies that include MPLS TE tunnels, which act as aggregate reservations in the core.

Benefits

To understand the benefits of TBAC, you should be familiar with how Call Admission Control (CAC) works for RSVP and QoS. TBAC benefits include the following:

Cost Effective - Real-time traffic is very sensitive to loss and delay. CAC avoids QoS degradation for real-time traffic because CAC ensures that the accepted load always matches the current network capacity. As a result, you do not have to overprovision the network to compensate for absolute worst peak traffic or for reduced capacity in case of failure.

Highly Accurate - CAC uses RSVP signaling, which follows the exact same path as the real-time flow, and routers make a CAC decision at every hop. This ensures that the CAC decision is very accurate and dynamically adjusts to the current conditions such as a reroute or an additional link. Also, RSVP provides an explicit CAC response (admitted or rejected) to the application, so that the application can react appropriately and fast; for example, sending a busy signal for a voice call, rerouting the voice call on an alternate VoIP route, or displaying a message for video on demand.

Combining RSVP and MPLS TE - TBAC allows you to combine the benefits of RSVP with those of MPLS TE. Specifically, you can use MPLS TE inside the network to ensure that the transported traffic can take advantage of Fast Reroute protection (50 millisecond restoration), Constraint Based Routing (CBR), and aggregate bandwidth reservation.

Seamless Deployment - TBAC allows you to deploy IPv4 RSVP without any impact on the MPLS part of the network because IPv4 RSVP is effectively tunneled inside MPLS TE tunnels that operate unchanged as per regular RSVP TE. No upgrade or additional protocol is needed in the MPLS core.

Enhanced Scaling Capability - TBAC aggregates multiple IPv4 RSVP reservations ingressing from the same MPLS TE head-end router into a single MPLS TE tunnel and egressing from the same MPLS TE tail-end router.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6558/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Bertrand Duvivier ( bduvivie@cisco.com)

Per-User QoS for Cisco 7600 Series Routers

Along with Per-Session QoS, Per-User QoS is a key QoS enhancement in Cisco IOS Software Release 12.2(33)SRC for Broadband Aggregation.
Per-User QoS provides the ability to apply QoS features (such as traffic classification, shaping, queuing, and policing) on a per-user basis. Per-User QoS can be configured using either a virtual template or a RADIUS server.

Policy Maps and QoS Features

A policy map specifies the QoS feature to be applied to network traffic. Examples of QoS features that can be specified in a policy map include traffic classification, shaping, queuing, and policing, among others. Each QoS feature is configured using the appropriate QoS commands. A RADIUS server is then used to "push" the information in the policy map between the nodes of the network topology.

Per-User Traffic Shaping

Traffic shaping allows you to control the traffic going out an interface in order to match its flow to the speed of the remote target interface. Traffic shaping ensures that the traffic conforms to policies contracted for it. Thus, traffic adhering to a particular profile can be shaped to meet downstream requirements, eliminating bottlenecks in topologies with data-rate mismatches.

Per-User Queuing

The queuing mechanism, Weighted Fair Queuing (WFQ), offers dynamic, fair queuing that divides bandwidth across queues of traffic based on weights. WFQ ensures that all traffic is treated fairly, given its weight. Class-Based WFQ (CBWFQ) extends the standard WFQ functionality to provide support for user-defined traffic classes. For CBWFQ, you define traffic classes based on match criteria including protocols, Access Control Lists (ACLs), and input interfaces. Packets satisfying the match criteria for a class constitute the traffic for that class. A FIFO queue is reserved for each class, and traffic belonging to a class is directed to the queue for that class.

Two Methods for Configuring Per-User QoS

When you configure Per-User QoS, you can choose one of the following configuration methods:

Configure the feature using a virtual template - This method is considered a "legacy" method. It is of earlier origin and is still an available option for those familiar with using virtual templates.

Configure the feature using a RADIUS server - This method takes advantage of more recent technology and is the recommended method.

Benefits

The ability to apply QoS features on a per-user basis helps Internet Service Providers (ISPs) to adhere to the Service Level Agreement (SLA) established for handling traffic. Applying QoS on a per-user basis provides a higher degree of granularity when managing traffic in the network.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6558/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Bertrand Duvivier ( bduvivie@cisco.com)

Per-Session QoS for Cisco 7600 Series Routers

Along with Per-User QoS, Per-Session QoS is a key QoS enhancement in Cisco IOS Software Release 12.2(33)SRC for Broadband Aggregation.
Per-Session QoS provides the ability to apply QoS features (such as traffic classification, shaping, queuing, and policing) on a per-session basis. The Per-Session QoS feature can be configured using either a virtual template or a RADIUS server.

Policy Maps and QoS Features

A policy map specifies the QoS feature to be applied to network traffic. Examples of QoS features that can be specified in a policy map include traffic classification, shaping, queuing, and policing, among others. Each QoS feature is configured using the appropriate QoS commands. A RADIUS server is then used to "push" the information in the policy map between the nodes of the network topology.

Per-Session Traffic Shaping

Traffic shaping allows you to control the traffic going out an interface in order to match its flow to the speed of the remote target interface. Traffic shaping ensures that the traffic conforms to policies contracted for it. Thus, traffic adhering to a particular profile can be shaped to meet downstream requirements, eliminating bottlenecks in topologies with data-rate mismatches.

Per-Session Queuing

The queuing mechanism, Weighted Fair Queuing (WFQ), offers dynamic, fair queuing that divides bandwidth across queues of traffic based on weights. WFQ ensures that all traffic is treated fairly, given its weight. Class-Based WFQ (CBWFQ) extends the standard WFQ functionality to provide support for user-defined traffic classes. For CBWFQ, you define traffic classes based on match criteria including protocols, Access Control Lists (ACLs), and input interfaces. Packets satisfying the match criteria for a class constitute the traffic for that class. A FIFO queue is reserved for each class, and traffic belonging to a class is directed to the queue for that class.

Two Methods for Configuring Per-Session QoS

When configuring Per-Session QoS, you can choose one of the following configuration methods:

Configure the feature using a virtual template - This method is considered a "legacy" method. It is of earlier origin and is still an available option for those familiar with using virtual templates.

Configure the feature using a RADIUS server - This method takes advantage of more recent technology and is the recommended method.

Benefits

The ability to apply QoS features on a per-session basis helps ISPs to adhere to the SLA established for handling traffic. Applying QoS on a per-session basis provides a higher degree of granularity when managing traffic on the network.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6558/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Bertrand Duvivier ( bduvivie@cisco.com)

Per-Session Shaping and Queuing on LNS for Cisco 7600 Series Routers

Per-Session Shaping and Queuing on LNS supports traffic shaping and Class-Based WFQ (CBWFQ). With Per-Session Shaping and Queuing on LNS, traffic shaping and CBWFQ is implemented on a per-session basis (ie: when traffic arrives at the interface).
Traffic shaping allows you to control the traffic going out an interface in order to match its flow to the speed of the remote target interface. Traffic shaping ensures that the traffic conforms to policies contracted for it. Thus, traffic adhering to a particular profile can be shaped to meet downstream requirements, eliminating bottlenecks in topologies with data-rate mismatches.
WFQ offers dynamic, fair queuing that divides bandwidth across queues of traffic based on weights. WFQ ensures that all traffic is treated fairly, given its weight. CBWFQ extends the WFQ functionality to provide support for user-defined traffic classes. For CBWFQ, you define traffic classes based on match criteria including protocols, Access Control Lists (ACLs), and input interfaces. Packets satisfying the match criteria for a class constitute the traffic for that class. A FIFO queue is reserved for each class, and traffic belonging to a class is directed to the queue for that class.
Figure 22 shows a sample topology for per-session shaping and queuing on LNS. Downstream traffic is forwarded from the ISP (the source) to an ISP subscriber (the destination) during a PPP session. From an LNS at the ISP, the traffic is transmitted over an L2TP tunnel to an L2TP Access Concentrator (LAC), and then to the subscriber.

Figure 22. Per-Session Shaping and Queuing Sample Topology

Benefits

• The ability to shape or queue traffic on a per-session basis helps to avoid traffic congestion and allows the ISP to adhere to the SLA established for handling traffic.

• Shaping or queuing traffic on a per-session basis provides a higher degree of granularity when managing traffic on the network.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6558/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Bertrand Duvivier ( bduvivie@cisco.com)

Traffic Shaping Overhead Accounting for ATM for Cisco 7600 Series Routers

The Modular QoS CLI (MQC) Traffic Shaping Overhead Accounting for ATM feature enables a Broadband Remote Access Server (BRAS) to account for various encapsulation types when applying QoS to packets.
Typically, in Ethernet Digital Subscriber Line (DSL) environments, the encapsulation from the router to the Digital Subscriber Line Access Multiplexer (DSLAM) is Gigabit Ethernet and the encapsulation from DSLAM to Customer-Premises Equipment (CPE) is ATM. ATM overhead accounting enables the router to account for ATM encapsulation on the subscriber line and for the overhead added by cell segmentation. This enables the Service Provider to prevent overruns at the subscriber line and ensures that the router executes QoS features on the actual bandwidth used by ATM packets.
Release 12.2(33)SRC supports the following subscriber line encapsulation types and traffic shaping overhead accounting on Cisco 7600 Series Routers:

• snap-rbe

• mux-rbe

• snap-dot1q-rbe

• mux-dot1q-rbe

• snap-pppoa

• mux-pppoa

• snap-1483routed

• mux-1483routed

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6558/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Bertrand Duvivier ( bduvivie@cisco.com)

GRE Tunnel Marking for Cisco 7200 Series Routers

Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco that can encapsulate a wide variety of protocol packet types inside IP tunnels, creating a virtual point-to-point link to Cisco routers at remote points over an IP Internetwork.
The QoS: Tunnel Marking for GRE Tunnels feature allows you to define and control QoS for incoming customer traffic on the PE router in a Service Provider network. The feature lets you set (mark) either the IP precedence value or the Differentiated Services Code Point (DSCP) in the header of a GRE tunneled packet.
GRE tunnel marking can be implemented by using a QoS marking command, such as set ip {dscp | precedence} [tunnel], and it can also be implemented in QoS traffic policing. This feature simplifies administrative overhead previously required to control customer bandwidth by allowing you to mark the GRE tunnel header on the incoming interface on the PE routers.
Figure 23 shows traffic being received from the CE1 router through the incoming interface on the PE1 router on which tunnel marking occurs. The traffic is encapsulated (tunneled) and the tunnel header is marked on the PE1 router. The marked packets travel (tunnel) through the core and are decapsulated automatically on the exit interface of the PE2 router. This feature is designed to simplify classifying Customer Edge (CE) traffic and is configured only in the Service Provider network. This process is transparent to the customer sites. The CE1 and CE2 routers simply exist as a single network.

Figure 23. Sample Tunnel Marking Topology

Benefits

• GRE tunnel marking provides a simple mechanism to control the bandwidth of customer GRE traffic.

• This feature is configured entirely within the Service Provider network and only on interfaces that carry incoming traffic on the PE routers.

• Generally used within the mVPN scenario to mark mGRE tunnels in addition to mark Tunnel LSP.

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6558/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Bertrand Duvivier ( bduvivie@cisco.com)

Layer 2 VPN

High Availability for Any Transport over MPLS (AToM): NSF with SSO; EFSU

Cisco IOS Software Release 12.2(33)SRC delivers High Availability (HA) functionality for Any Transport over MPLS (AToM) for Cisco 7600 Series Routers.
Any Transport over MPLS (AToM) Nonstop Forwarding (NSF) with Stateful Switchover (SSO) improves the availability of a network that uses AToM to provide Layer 2 VPN services. AToM NSF/SSO provides the ability to detect failures and handle them with minimal disruption to the service being provided. AToM NSF is achieved by Stateful Switchover (SSO) and Nonstop Forwarding (NSF) mechanisms. A standby Route Processor (RP) provides control-plane redundancy. The control plane state and data plane provisioning information for the Attachment Circuits (ACs) and AToM pseudowires (PWs) are checkpointed to the standby RP to provide NSF for AToM L2VPNs upon switchover from the primary RP.
Any Transport over MPLS (AToM) supports Enhanced Fast Software Upgrade (EFSU) to minimize downtime for software upgrades. Apply bug fixes and deploy new features and services through in-service upgrade of the complete Cisco IOS Software image. A subset of ISSU, EFSU helps to minimize outage time during a software upgrade by preloading new line card software images onto supported line cards.

Benefits

• NSF with SSO together for AToM provides the ability to detect failures and handle them with minimal disruption to the AToM service being provided. The following are the AToM services protected by AToM NSF with SSO:

– Ethernet over MPLS

– Frame Relay over MPLS

– ATM AAL5 over MPLS

– ATM Cell Relay over MPLS

– PPP over MPLS

– HDLC over MPLS

– TDM over MPLS

• AToM support for EFSU provides the ability to upgrade router software while the router continues to forward traffic. EFSU increases network availability and reduces the downtime required for software upgrades.

– Rapid deployment of new features/services as well as maintenance updates

– Reduces planned downtime and operational expenses

– Ability to streamline and minimize planned downtime windows

Hardware

Routers

• Supervisor Engines: Sup720 3B/3BXL, RSP720, and Sup32
• Chassis: Cisco 7604, 7606, 7609, 7613, 7603-S, 7606-S, 7609-S
• Line cards with warm reload support: SIP-400/SIP-600, WS-X6704-10GE, WS-X6724-SFP, WS-X6748-SFP, WS-X6748-GE-TX, 7600-ES20-10G3C, 7600-ES20-10G3CXL, 7600-ES20-GE3C, 7600-ES20-GE3CXL

Note: Line cards not capable of warm reload will reload normally. If a fix requires new line card software, the upgrade will revert to eFSU.

Additional Information

http://www.cisco.com/en/US/products/ps6550/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6603/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/hw/routers/ps368/products_configuration_guide_chapter09186a00807f1c85.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Tim McSweeney ( timcswee@cisco.com)

AToM Tunnel Selection for Cisco 7200 Series Routers and the Cisco 7301 Router

First introduced to Release 12.2SR in Release 12.2(33)SRA for the Cisco 7600 Series Routers, Release 12.2(33)SRC adds support for Cisco 7200 Series Routers and the Cisco 7301 Router.
Any Transport over MPLS (AToM) Tunnel Selection allows you to specify the path that AToM traffic uses. You can specify either a Multiprotocol Label Switching (MPLS) traffic engineering tunnel or a destination IP address and Domain Name System (DNS) name. If the specified path is unreachable, you can specify that the Virtual Circuits (VCs) should use the default path, which is the path that MPLS Label Distribution Protocol (LDP) uses for signaling. The option of having a backup LDP path is enabled by default; you must explicitly disable it.

Benefits

AToM Tunnel Selection allows you to specify the path that Any Transport over MPLS (AToM) traffic uses.

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6603/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Tim McSweeney ( timcswee@cisco.com)

MPLS PW Status Signaling

MPLS Pseudowire (PW) Status Signaling supports Provider Edge router (PE) signaling using LDP PW Status TLV (type-length-value) to indicate PW status to remote PE peers.

Benefits

Supports Signaling of Pseudowire Status per RFC 4447 Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP).
A pseudowire label mapping message can be signaled as soon as the pseudowire is administratively enabled to setup the pseudowire, irrespective of what the pseudowire status is. Further, a pseudowire status can be signaled using a status message without the need to withdraw the pseudowire label mapping message.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6603/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Tim McSweeney ( timcswee@cisco.com)

Per Subinterface MTU for Ethernet over MPLS (EoMPLS)

Per Subinterface MTU for Ethernet over MPLS (EoMPLS) provides a submode configuration Command-Line Interface (CLI) that allows per-subinterface setting of the MTU in xconnect configuration mode.
On Gigabit Ethernet (GE) interfaces the Maximum Transmission Unit (MTU) is inherited by the subinterfaces. Typically this MTU is 1500, which works well for customer-facing Ethernet connections. However, a Service Provider may want a different, typically larger, MTU for core-facing subinterfaces. Using this option, a Service Provider can configure the MTU on subinterfaces as desired.

Benefits

The submode configuration CLI option allows Service Providers to configure MTU values as required for different purposes, as in the following examples.

• Allows a Service Provider to use a subinterface default MTU of 1500 for customer-facing Ethernet subinterfaces and to configure an MTU of 2000 for core-facing subinterfaces.

• Allows a Service Provider to use a subinterface default MTU of 1500 for customer-facing VLAN subinterfaces and to configure a jumbo, 4470 or larger, MTU for core-facing subinterfaces.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6603/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Tim McSweeney ( timcswee@cisco.com)

High Availability for Virtual Private LAN Service (VPLS): NSF with SSO; EFSU

Cisco IOS Software Release 12.2(33)SRC delivers High Availability (HA) functionality for Cisco Virtual Private LAN Service (VPLS) for Cisco 7600 Series Routers.
High availability for Cisco VPLS is provided by Cisco Nonstop Forwarding (NSF) with Stateful Switchover (SSO). Cisco VPLS supports Enhanced Fast Software Upgrade (EFSU) to minimize downtime for software upgrades. Apply bug fixes and deploy new features and services through in-service upgrade of the complete Cisco IOS Software image. A subset of ISSU, EFSU helps to minimize outage time during a software upgrade by preloading new line card software images onto supported line cards.

Benefits

• Cisco VPLS NSF/SSO builds on AToM NSF/SSO for Ethernet over MPLS (EoMPLS) and improves the availability of a VPLS network. As with AToM NSF/SSO, VPLS NSF/SSO provides the ability to detect failures and handle them with minimal disruption to the service being provided. VPLS NSF is achieved by Cisco SSO and NSF mechanisms.

• VPLS support for EFSU provides the ability to upgrade router software while the router continues to forward traffic. EFSU increases network availability and reduces the downtime required for software upgrades.

– Rapid deployment of new features/services as well as maintenance updates

– Reduces planned downtime and operational expenses

– Ability to streamline and minimize planned downtime windows

Hardware

Routers

• Supervisor Engines: Sup720 3B/3BXL, RSP720, and Sup32
• Chassis: Cisco 7604, 7606, 7609, 7613, 7603-S, 7606-S, 7609-S
• Line cards with warm reload support: SIP-400/SIP-600, WS-X6704-10GE, WS-X6724-SFP, WS-X6748-SFP, WS-X6748-GE-TX, 7600-ES20-10G3C, 7600-ES20-10G3CXL, 7600-ES20-GE3C, 7600-ES20-GE3CXL

Note: Line cards not capable of warm reload will reload normally. If a fix requires new line card software, the upgrade will revert to eFSU.

Additional Information

http://www.cisco.com/en/US/products/ps6550/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6603/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/hw/routers/ps368/products_configuration_guide_chapter09186a00807f1c85.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Tim McSweeney ( timcswee@cisco.com)

H-VPLS N-PE Redundancy for QinQ or MPLS Access

Hierarchical VPLS (H-VPLS) N-PE redundancy allows a User-facing Provider Edge routers/switches (U-PEs) to be dual-homed to their respective Network-facing Provider Edge router/switch (N-PE) in a loop-free topology with QinQ or MPLS as the access/aggregation domain. Upon PW failure detection by a U-PE, PW Redundancy selects the backup N-PE, and then a MAC address withdrawal message is sent by the U-PE to the N-PE2 backup.

Benefits

• Provides higher availability for VPLS networks by providing backup connectivity to an alternate N-PE with a failover mechanism for the U-PEs attached as spokes to an N-PE hub in a Hierarchical VPLS topology, thereby eliminating the N-PE as a single point of failure.

• MAC address withdrawal improves recovery from an N-PE failure by signaling for removal of now-stale MAC addresses in affected VPLS Virtual Forwarding Instances (VFIs), stopping switching of traffic onto the broken path.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6603/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Tim McSweeney ( timcswee@cisco.com)

VPLS MAC Address Withdrawal

In a Hierarchical VPLS (H-VPLS) topology using Network-facing Provider Edge router/switch (N-PE) Redundancy, when a User-facing Provider Edge routers/switches (U-PEs) detects loss of Pseudowire (PW) connectivity to its active N-PE and the backup PW on the U-PE moves out of the hot-standby state to the established state, the VPLS MAC Address Withdrawal mechanism sends LDP-based MAC Withdrawal messages to the N-PE and to the VPLS Virtual Forwarding Instance (VFI).

Benefits

• VPLS MAC Address Withdrawal improves recovery from an N-PE failure by signaling for removal of now-stale MAC addresses in affected VPLS VFIs, stopping switching of traffic onto the broken path.

• VPLS MAC Address Withdrawal supports VPLS N-PE Redundancy for either QinQ or MPLS Access.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6603/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Tim McSweeney ( timcswee@cisco.com)

TDM Local Switching

Circuit Emulation over Packet Switched Networks (CEoPs) allows customers to provide Time Division Multiplexing (TDM) circuit service over a packet switched network. TDM Local Switching enables TDM circuit emulation between two interfaces of the same type or between interfaces of different types on the same router. Figure 24 shows a sample topology.

Figure 24. TDM Local Switching Sample Topology

Both CEs are connected to the PE through channelized T1 controllers acting as serial interfaces, so that IP addresses can be configured on the serial interfaces.

Benefits

• TDM Local Switching enables connection of TDM circuits among Customer Edge (CE) devices attached to the same Provider Edge (PE) router.

• The PE interfaces can be on the same line card or on two different line cards.

Hardware

Routers

• Cisco 7600 Series Routers with CEoP SPA and SIP-400

Additional Information

http://www.cisco.com/en/US/products/ps6603/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/hw/routers/ps368/module_installation_and_configuration_guides_chapter09186a00807fa016.html

http://www.cisco.com/en/US/products/hw/routers/ps368/products_data_sheet0900aecd8027c9e6.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Tim McSweeney ( timcswee@cisco.com)
L2VPN PW Redundancy - ATM Attachment Circuits
Supports ATM attachment circuits (ACs) for L2VPN PW Redundancy.

Benefits

The L2VPN Pseudowire Redundancy feature enables you to set up your network to detect a failure in the network and reroute the L2 service - in this case ATM service - to another endpoint that can continue to provide service.

Hardware

Routers

• Cisco 7600 Series Routers with CEoP SPA and SIP-400

Additional Information

http://www.cisco.com/en/US/products/ps6603/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Tim McSweeney ( timcswee@cisco.com)

MPLS and Layer 3 VPN

Cisco IOS MPLS TE/RSVP Enhancements

Cisco IOS MPLS Traffic Engineering (TE) offers standards-based feature capabilities for MPLS traffic management, including explicit path configuration and protection, via signaling of TE/Resource Reservation Protocol (RSVP) Tunnels. In addition to RFC-compliant TE/RSVP signaling procedures, Cisco MPLS TE also offers a number of value-added feature capabilities, which enable improved configuration and usability of MPLS TE functionality, such as coexistence support with theCisco High Availability (HA) feature set, including NSF with SSO and EFSU.
Cisco IOS Software Release 12.2(33)SRC includes the following new MPLS TE feature enhancements:

• MPLS TE - BFD-triggered TE Fast Re-Route (FRR)

• MPLS TE - Path Protection (Including NSF/SSO and EFSU Support)

• MPLS TE Support for Bundle Interfaces

BFD-triggered TE Fast Re-Route (FRR)

Bidirectional Forwarding Detection (BFD) is introduced as a new link failure detection mechanism for MPLS TE to trigger switchover to a TE backup path. (See Figure 25.) BFD, as a generalized Hello protocol, offers a standards-based and interoperable link failure detection solution, which now can be leveraged for MPL TE Fast Re-Route (FRR). BFD can offer failure detection times of approximately 150ms (platform dependent) and complement existing link failure detection mechanisms currently already supported for MPLS TE FRR:

• LOS signal detection (on POS links only)

• Fast RSVP Hellos

Figure 25. BFD-triggered TE FRR

MPLS TE - Path Protection (Including NSF/SSO and EFSU Support)

In addition to MPLS TE node and link protection, TE Path Protection offers additional protection capabilities for MPLS network connectivity established through TE/RSVP. TE Path Protection offers an end-to-end failure recovery mechanism for MPLS TE tunnels. In addition to the primary TE tunnel (protected tunnel), one or more backup paths (TE tunnels) are established by MPLS TE. When a failure is detected on the protected TE tunnel by the head-end, traffic is redirected to one of the standby/backup tunnels to temporarily carry the tunnel's traffic.
Path Protection can be used with a single area (OSPF or IS-IS), inter-area (OSPF or IS-IS), or Inter-AS (BGP, EBGP, and static) and offers full MPLS HA supports, including NSF/SSO and EFSU.

MPLS TE Support for Bundle Interfaces

MPLS TE, including TE FRR, now provides support for bundle interfaces, including Etherchannel and MLPPP interfaces, on Cisco 7600 Series Routers. Table 3 lists a detailed feature support matrix.

Table 4. MPLS TE Support for Bundle Interfaces Support Matrix

TE FRR Trigger Mechanism

Cisco 7600 Bundle Interface Types

Ether Channel Interface


MLPPP Interface


POS Bundle Interface1

Minimum links as TE FRR trigger

Supported

Supported

No Support

BFD as TE FRR trigger

No Support

No Support

No Support

Percentage bandwidth as TE FRR trigger

No Support

No Support

No Support

RSVP Fast Hello as TE FRR trigger

Supported

Supported

No Support

Notes:

1. POS Bundle interfaces not supported on Cisco 7600 platform in Cisco 7600-2/Cobra release.

Benefits

Following are key benefits of the new MPLS TE feature enhancements:

BFD-triggered TE Fast Re-Route (FRR) - Offers a standards-based and interoperable, vendor independent, link failure detection mechanism for MPLS TE Fast Re-Route (FRR).

MPLS TE Path Protection (including NSF/SSO and EFSU Support) - Offers enhanced MPLS traffic protection via end-to-end failure recovery capabilities of MPLS TE tunnels.

MPLS TE Support for Bundle Interfaces - Offers traffic protection capabilities of bundle interface configurations.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6608/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Harmen van der Linde ( havander@cisco.com)

Cisco IOS MPLS LDP Enhancements

Cisco IOS MPLS LDP offers standards-based feature capabilities for MPLS label information signaling between MPLS-enabled routers. In addition to RFC3036-compliant MPLS signaling, Cisco MPLS LDP also offers a number of value-added feature capabilities, which enable improved configuration and usability of MPLS LDP functionality. MPLS LDP feature capabilities are focused on MPLS LDP Command-Line Interface (CLI) configuration enhancements, enhanced security, and coexistence support with the Cisco High Availability (HA) feature set, including Cisco NSF with SSO and ISSU/EFSU.
Cisco IOS Software Release 12.2(33)SRC includes the following new MPLS LDP feature enhancements:

• MPLS LDP - Lossless MD5 LDP Session Authentication

• MPLS LDP - Local Label Allocation Filtering

MPLS LDP - Lossless MD5 LDP Session Authentication

The MPLS LDP MD5 Global Configuration feature provides a configuration enhancement for enabling MD5-based session authentication of LDP sessions, which helps prevent unauthorized LDP peer applications from establishing LDP sessions with the local LDP process and also helps to block spoofed TCP messages. This feature enables configuration of LDP MD5 support globally (ie: for all LDP-enabled interfaces on a MPLS-enabled router) instead of on a per-LDP peer basis. In addition, MD5 session authentication can be enabled for a selective set of LDP sessions via access-control lists.
New LDP feature enhancements are introduced, which enable dynamic change and configuration of MD5 keys for LDP session authentication. (See Figure 26.) Through a configurable MD5 keychain, multiple MD5 authentication keys with specific activation intervals can be configured for a given LDP session. The new LDP enhancements complement existing MD5 LDP session authentication capabilities, which only enabled configuration of one single MD5 key per LDP session.

Figure 26. MPLS LDP - Lossless MD5 LDP Session Authentication

MPLS LDP - Local Label Allocation Filtering

LDP allocates a local label for every route learned from its Interior Gateway Protocol (IGP). In the absence of any inbound and outbound label filtering, these local labels are stored and advertised to remote LDP peers. The number of labels allocated in LDP and the number of advertisements is proportional to the number of routes learned from the IGP; the number of routes is proportional to the number of peers. During LDP session establishment, LDP may be notified of a large number of routes in succession.
New LDP CLI commands are introduced to control allocation of local MPLS labels and exchange of label mappings with remote nodes via use of prefix lists. The amount of memory used and the number of label binding advertisements by LDP can be reduced via enabling these local label allocation filtering rules, which improves convergence time for LDP.

Benefits

Following are key benefits of the new MPLS LDP feature enhancements:

MPLS LDP - Lossless MD5 LDP Session Authentication - No need to tear down LDP session to activate new MD5 key for LDP session authentication. Configurable key chain enables flexible scheduling of multiple MD5 keys to be used for LDP session authentication.

MPLS LDP - Local Label Allocation Filtering - Enhanced LDP local label filtering capabilities, which reduce memory used by LDP for maintaining its Label Information Base (LIB) and improve LDP convergence (exchange of LDP label information between MPLS-enabled nodes).

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Router, Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6608/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Harmen van der Linde ( havander@cisco.com)

Cisco IOS MPLS Embedded Management Enhancements

Cisco IOS MPLS embedded management offers standards-based management capabilities for IP/MPLS networks. The Cisco industry leading MPLS management feature portfolio offers network operators detailed MPLS resource monitoring and MPLS connectivity troubleshooting capabilities, which include MPLS-specific SNMP MIBs, MPLS OAM, and MPLS-enabled NetFlow features.
Cisco IOS Software Release 12.2(33)SRC includes new MPLS VPN MIB enhancements that complete Cisco support for RFC-compliant MPLS embedded management capabilities. The MPLS embedded management feature portfolio includes the following feature capabilities:
MPLS MIBs

• MPLS LSR MIB - RFC3813

• MPLS LDP MIB - RFC3815

• MPLS TE MIB - IETF draft version 05

• MPLS VPN MIB - RFC4382

MPLS OAM

• MPLS LSP Ping/Trace for MPLS core (LDP IPv4 and RSVP IPv4 FEC support) - RFC4379

• IP SLA automation for MPLS LSP Ping/Trace

• MPLS LSP Ping for L2VPNs (via VCCV) - RFC4379

• MPLS Multi-path (ECMP) Tree Trace - RFC4379

• IP SLA automation for MPLS Multi-path (ECMP) Tree Trace

MPLS Netflow

• MPLS-aware NetFlow

• MPLS Prefix Application Label (PAL)

MPLS-L3VPN-MIB Updates

Within Cisco IOS Software Release 12.2(33)SRC, with the upgrade from IETF draft version 05 to RFC4382, various changes have been made to the MPLS-L3VPN-STD-MIB modules, which are summarized in Table 4.

Table 5. MPLS-L3VPN-MIB Updates

MPLS-L3VPN-MIB Component

Change as a result of RFC4382 update

Comments

Scalar objects

mplsL3VpnVrfConfMaxPossRts

Name change

mplsL3VpnVrfConfRteMxThrshTime

mplsL3VpnIllLblRcvThrsh

New objects to set trap notification intervals

mplsL3VpnIfConfTable (was mplsVpnInterfaceConfTable)

mplsL3VpnIfConfIndex

mplsL3VpnIfVpnClassification

mplsL3VpnIfVpnRouteDistProtocol

mplsL3VpnIfConfStorageType

mplsL3VpnIfConfRowStatus

Updated object names

mplsVpnInterfaceLabelEdgeType

Deleted object

mplsL3VpnVrfTable

mplsL3VpnVrfVpnId

mplsL3VpnVrfConfAdminStatus

New objects

mplsL3VpnVrfRD

mplsL3VpnVrfConfMidRteThresh

mplsL3VpnVrfConfHighRteThresh

Updated object names

mplsL3VpnVrfRTTable (was mplsVpnVrfRouteTargetTable)

mplsL3VpnVrfRTIndex

mplsL3VpnVrfRTType

mplsL3VpnVrfRT

mplsL3VpnVrfRTDescr

mplsL3VpnVrfRTRowStatus

Updated object names

mplsL3VpnVrfRTStorageType

New object

mplsL3VpnVrfSecTable

mplsL3VpnVrfSecIllegallLblVltns

Updated object name

mplsVpnVrfSecIllegallLabelRcvThresh

Deleted object

mplsL3VpnVrfSecDiscontinuityTime

New object

mplsL3VpnVrfPerfTable

mplsL3VpnVrfPerfRoutesDropped

mplsL3VpnVrfPerfDiscTime

New objects

mplsL3VpnVrfRteTable
(was: mplsVpnVrfRouteTable)

mplsL3VpnVrfRteInetCidrDest

mplsL3VpnVrfRteInetCidrDestType

mplsL3VpnVrfRteInetCidrNextHop

mplsL3VpnVrfRteInetCidrNHopType

mplsL3VpnVrfRteInetCidrIfIndex

mplsL3VpnVrfRteInetCidrType

mplsL3VpnVrfRteInetCidrProto

mplsL3VpnVrfRteInetCidrAge

mplsL3VpnVrfRteInetCidrNextHopAS

mplsL3VpnVrfRteInetCidrMetric1

mplsL3VpnVrfRteInetCidrMetric2

mplsL3VpnVrfRteInetCidrMetric3

mplsL3VpnVrfRteInetCidrMetric4

mplsL3VpnVrfRteInetCidrMetric5

mplsL3VpnVrfRteInetCidrStatus

Updated object names

mplsVpnVrfRouteMask

mplsVpnVrfRouteMaskAddrType

mplsVpnVrfRouteTos

mplsVpnVrfRouteInfo

mplsVpnVrfRouteStorageType

Deleted objects

mplsL3VpnVrfRteInetCidrPfxLen

mplsL3VpnVrfRteInetCidrPolicy

mplsL3VpnVrfRteXCPointer

New objects

mplsVpnVrfBgpNbrAddrTable

Table completely deleted.

-

mplsVpnVrfBgpNbrPrefixTable

Table completely deleted.

-

SNMP Trap Notifications

mplsVpnVrfIfUp

mplsVpnVrfIfDown

Deleted trap notifications

mplsL3VpnVrfUp

mplsL3VpnVrfDown

New trap notifications

mplsL3VpnVrfRouteMidThreshExceeded

mplsL3VpnVrfNumVrfRouteMaxThreshExceeded

mplsL3VpnNumVrfSecIllglLblThrshExcd

mplsL3VpnNumVrfRouteMaxThreshCleared

Updated object name and included varbinds

MPLS Management Solution

The embedded management capabilities for MPLS can be used in various usage scenarios ranging from manual CLI-based trouble shooting to fully automated trouble shooting systems. (See Figure 27.) In addition to MPLS MIB, OAM, and NetFlow features, Cisco also offers complementary management tools, which can be integrated with the embedded MPLS management capabilities.

Auto IP SLA - Automatic execution of MPLS OAM probes.

Cisco MPLS Diagnostics Expert (MDE) - Unique Cisco management application for automated MPLS troubleshooting, which leverages embedded MPLS management capabilities.

Depending on the level of automation and integration needed, an operator may decide to only leverage MPLS OAM capabilities manually through CLI access or to leverage the Cisco Auto IP SLA and MDE solution to deploy a fully automated MPLS management system architecture.

Benefits

Following are key benefits of the MPLS embedded management solution:

Enables enhanced MPLS resource monitoring - MPLS MIB modules provide standard SNMP access to a wide variety of MPLS-specific resources supported on Label Switched Routers (LSR), including MPLS label forwarding and LDP session information. Existing SNMP-based management applications can be configured to retrieve and collect MPLS-specific management information via the new MPLS MIB modules.

Increases operational efficiency - MPLS OAM tools, such as LSP Ping and LSP Trace, enable fast detection and isolation of complex MPLS connectivity problems, which improves trouble resolution time and will help reduce network downtime.

Provides a comprehensive solution for addressing MPLS network and service availability - Cisco's MPLS embedded management capabilities, together with Cisco Auto IP SLA automation and automated trouble resolution capabilities via the Cisco MPLS Diagnostics Expert (MDE), provide a comprehensive end-to-end solution for MPLS network monitoring and trouble resolution.

Hardware

Routers

• Cisco 7200 Series Routers, Cisco 7301 Router, Cisco 7600 Series Routers

http://www.cisco.com/en/US/products/ps6755/index.html

http://www.cisco.com/en/US/products/ps6557/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6602/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Harmen van der Linde ( havander@cisco.com), MPLS Embedded Management
Ernie Mikulic ( emikulic@cisco.com), Cisco Auto IP SLA
Stephen Speirs ( sspeirs@cisco.com), Cisco MPLS Diagnostics Expert (MDE)

Cisco IOS MPLS Layer 3 VPN Enhancements

Cisco IOS Multiprotocol Label Switching Virtual Private Network (MPLS VPN), also known as Layer 3 MPLS VPN, provides efficient and standard-based virtual routing and forwarding using MPLS and multi-protocol BGP. In addition to IETF standard compliance, Cisco MPLS VPN also offers a number of value-added feature and carrier-grade capabilities such as High Availability including "Enhanced Fast Software Upgrade," expanded management tools, and advanced inter-provider feature set.
Cisco IOS Software Release 12.2(33)SRC includes the following new Layer 3 MPLS VPN feature enhancements:

• MPLS VPN - Inter-AS option AB

• MPLS VPN - Half Duplex VRF (HDVRF)

• MPLS VPN - PE-CE Link Protection

Benefits

MPLS VPN Inter-AS option AB Inter-provider Services - Provides an improved inter-as peering solution that retains the benefit of inter-as option A forwarding plane with per VRF IP forwarding and IP QoS on inter-as link. The solution, requiring a single BGP session between peering ASBR, represents a significant control plane scalability improvement when compared with option A peering solution. As an additional enhancement, CSC can be provisioned per VRF.

MPLS VPN Half Duplex VRF - Provides a scalable mechanism to deploy VPN in "Hub & Spoke" topology under which all spoke traffic must traverse to a central location. It allows MPLS Service Providers to provide wholesale transport service for "hub & spoke" type of Internet access to ISP. The feature imposes no restriction on PE-CE protocol selection as well as subscriber's distribution on PEs and VRFs.

MPLS VPN PE-CE Link Protection - The MPLS VPN carrier class feature portfolio is further enriched with MPLS VPN PE-CE link protection. Upon PE-CE link failure, VPN end-to-end convergence can be improved with an egress PE (Point of Local Repair) switching VPN traffic to an alternative egress PE before the control plane has converged.

Hardware

Routers

• MPLS VPN - Inter-AS option AB: Cisco 7600 Series Routers
• MPLS VPN - Half Duplex VRF (HDVRF): Cisco 7600 Series Routers
• MPLS VPN - PE-CE Link Protection: Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6604/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Ted Qian ( tqian@cisco.com), MPLS VPN

IP Addressing and Services

HSRP Group Shutdown

This feature gives the ability for a router to stop acting as a member of an HSRP group, based on a tracked object state, without decommissioning the router.

Benefits

This allows for automatically disabling an entire HSRP group when a condition is met, hence avoiding sending a packet to a gateway when not needed.

Hardware

Routers

• Supervisor Engines: Sup720 3B/3BXL, RSP720, and Sup32
• Chassis: Cisco 7604, 7606, 7609, 7613, 7603-S, 7606-S, 7609-S, Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6600/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Benoit Lourdelet ( blourdel@cisco.com)

VRRP Stateful Switchover/Enhanced Fast Software Upgrade

The Stateful Switchover (SSO)-Aware Virtual Router Redundancy Protocol (VRRP) feature enables the Cisco IOS VRRP subsystem software to detect that a standby Route Processor (RP) is installed and the system is configured in SSO redundancy mode. Further, if the active RP fails, no change occurs to the VRRP group itself and traffic continues to be forwarded through the current active gateway router.
Prior to this feature, when the primary RP failed on the active VRRP router, it would stop participating in the VRRP group and trigger another router in the group to take over as the active VRRP router.
The SSO-Aware VRRP feature is required to preserve the forwarding path for traffic destined to VRRP virtual IP through a RP switchover.
Configuring SSO on the edge router enables the traffic on the Ethernet links to continue during an RP failover without the Ethernet traffic switching over to another VRRP router.
With this feature, VRRP SSO information is synchronized to the standby RP, allowing traffic that is sent using the VRRP virtual IP address to be continuously forwarded during a switchover without a loss of data or a path change.
VRRP supports EFSU, so upgrading from one Cisco IOS Software version to another happens seamlessly in a router with two RPs.

Benefits

The addition of SSO to the VRRP redundancy scheme provides unparallel gateway high availability.

Hardware

Routers

• Supervisor Engines: Sup720 3B/3BXL, RSP720, and Sup32
• Chassis: Cisco 7604, 7606, 7609, 7613, 7603-S, 7606-S, 7609-S
• Line cards with warm reload support: SIP-400/SIP-600, WS-X6704-10GE, WS-X6724-SFP, WS-X6748-SFP, WS-X6748-GE-TX, 7600-ES20-10G3C, 7600-ES20-10G3CXL, 7600-ES20-GE3C, 7600-ES20-GE3CXL

Note: Line cards not capable of warm reload will reload normally. If a fix requires new line card software, the upgrade will revert to eFSU.

Additional Information

http://www.cisco.com/en/US/products/ps6644/products_ios_protocol_option_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Benoit Lourdelet ( blourdel@cisco.com)

DHCPv4 Server Management Enhancements

The DHCPv4 server is enhanced to offer better manageability in large scale scenarios. Cisco IOS Software Release 12.2(33)SRC includes the following new DHCPv4 server management enhancements:

• DHCPv4 Server MIB

• DHCP Server Per interface lease limit

• DHCP Server Per interface statistics

Benefits

Larger scale DHCPv4 server deployment is easier to manage.

Hardware

Routers

• Supervisor Engines: Sup720 3B/3BXL, RSP720, and Sup32
• Chassis: Cisco 7604, 7606, 7609, 7613, 7603-S, 7606-S, 7609-S
• Line cards with warm reload support: SIP-400/SIP-600, WS-X6704-10GE, WS-X6724-SFP, WS-X6748-SFP, WS-X6748-GE-TX, 7600-ES20-10G3C, 7600-ES20-10G3CXL, 7600-ES20-GE3C, 7600-ES20-GE3CXL

Note: Line cards not capable of warm reload will reload normally. If a fix requires new line card software, the upgrade will revert to eFSU.

Additional Information

http://www.cisco.com/en/US/products/ps6641/products_ios_protocol_option_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Benoit Lourdelet ( blourdel@cisco.com)

DHCPv4 Server, Proxy, Relay, ODAP Enhancements

Cisco IOS Software Release 12.2(33)SRC includes the following new DHCPv4 server, proxy, relay, and On Demand Address Pools (ODAP) enhancements:

• Dynamic Default Gateway using DHCP

• Autoinstall with DHCP

• VRF aware Relay

• Relay per Interface Option 82 support

• Relay Unnumbered EFSU

• Server Secured IP address Assignment

• Server option import

• Server Release and Renew CLI

• Server EFSU

• Static mapping

• Proxy Client SSO/EFSU

• ODAP SSO/EFSU

Benefits

All the DHCP components are enhanced to support more advanced DHCP deployments.

Hardware

Routers

• Supervisor Engines: Sup720 3B/3BXL, RSP720, and Sup32
• Chassis: Cisco 7604, 7606, 7609, 7613, 7603-S, 7606-S, 7609-S
• Line cards with warm reload support: SIP-400/SIP-600, WS-X6704-10GE, WS-X6724-SFP, WS-X6748-SFP, WS-X6748-GE-TX, 7600-ES20-10G3C, 7600-ES20-10G3CXL, 7600-ES20-GE3C, 7600-ES20-GE3CXL

Note: Line cards not capable of warm reload will reload normally. If a fix requires new line card software, the upgrade will revert to eFSU.

Additional Information

http://www.cisco.com/en/US/products/ps6641/products_ios_protocol_option_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Benoit Lourdelet ( blourdel@cisco.com)

DHCPv6 Relay Enhancements

Cisco IOS Software Release 12.2(33)SRC includes DHCPv6 Relay enhancements to support a stateless relay - remote Id and Interface Id options are supported. DHCPv6 Relay now works in conjunction with Prefix Delegation and adds or removes corresponding routes in the relay agent routing table. (See Figure 28.)

Figure 27. DHCPv6 Option Handling at the Relay Agent

Benefits

DHCPv6 Prefix Delegation is now fully deployable when a relay is involved with route maintenance and relay options to enable prefix selection at the server side (remote Id) and proper message forwarding at the relay side (interface Id).

Hardware

Routers

• Supervisor Engines: Sup720 3B/3BXL, RSP720, and Sup32
• Chassis: Cisco 7604, 7606, 7609, 7613, 7603-S, 7606-S, 7609-S

Additional Information

http://www.cisco.com/en/US/products/ps6641/products_ios_protocol_option_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Benoit Lourdelet ( blourdel@cisco.com)

Updated IPv6 MIB - RFC 4292 (IP MIB) and RFC 4293 (IP Forwarding MIB)

Cisco IOS Software supports RFC 2011 (IP MIB) and RFC2096 (FORWARDING MIB), which are proposed standards for IPv4 only. When IPv6 was first introduced in Cisco IOS Software, the Internet Engineering Task Force (IETF) had two variants of MIBs for IPv6. The first variant, referred as IPv6-only MIBs (RFC2465 [IP MIB] and RFC2466 [ICMP MIB]), were never implemented in Cisco IOS Software and have since been deprecated at the IETF. The second variant, referred to as draft-ietf-ipv6-rfc2011-update (IP MIB) and draft-ietf-ipv6-rfc2096-update (FORWARDING MIB), were version independent MIBs used to access information about both the IPv4 and IPv6 stack. The ID-00 of those MIBs was implemented in Cisco IOS Software as Cisco-IETF-IP-MIB and Cisco-IETF-IP-Forwarding-MIB but only for their IPv6 information.
Recently, the IETF published RFC 4292 (IP MIB) and RFC 4293 (IP Forwarding MIB), which are the official version for the updated MIBs. Cisco IOS Software Release 12.2(33)SRC provides an updated implementation of the updated IP and IP Forwarding MIBs for IPv6 that complies with RFC 4292 and RFC 4293.

Benefits

• IETF standard compliancy for IPv6 information

• Support for Interface Stats table

Standards

• RFC 4292, IP Forwarding Table MIB

• RFC 4293, Management Information Base for the Internet Protocol (IP)

Hardware

Routers

• Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6553/products_ios_technology_home.html

http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_configuration_guide_chapter09186a00801d65ed.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Patrick Grossetete ( pgrosset@cisco.com)

IP Routing

Bidirectional Forwarding Detection Enhancements

Bidirectional Forwarding Detection (BFD) is a detection protocol designed to provide fast forwarding path failure detection times for all media types, encapsulations, topologies, and routing protocols. This detection is typically accomplished through hardware detection mechanisms. However, not all of the hardware mechanisms have the capability to detect failures, for example Ethernet failures.
BFD also provides a consistent failure detection method for network administrators. Because the network administrator can use BFD to detect forwarding path failures at a uniform rate, rather than the variable rates for different routing protocol hello mechanisms, network profiling and planning is easier, and reconvergence time is consistent and predictable.
Initial support for BFD on the Cisco 7600 Series Routers was in Release 12.2(33)SRA. Release 12.2(33)SRB added support for BFD Version 1 and BFD Echo Mode. Release 12.2(33)SRC adds support for the Cisco 7200 Series Routers and the Cisco 7301 Router, and further enhances BFD by including the following new features:

• BFD Static Routes for Cisco 7600 Series Routers

• BFD VRF Aware Support for Cisco 7600 Series Routers, Cisco 7200 Series Routers, and Cisco 7301 Router

• BFD WAN Interfaces Support for Cisco 7600 Series Routers, Cisco 7200 Series Routers, and Cisco 7301 Router

• BFD SSO Phase 1 for Cisco 7600 Series Routers, Cisco 7200 Series Routers, and Cisco 7301 Router

In addition to the above new features, Release 12.2(33)SRC also provides support for more than 128 sessions of BFD with aggressive timers (Note: this feature is hardware dependent). As BFD is becoming the de-facto liveliness detection protocol, it is critical to be able to run concurrently a high number of BFD sessions on a single device.

BFD Static Routes for Cisco 7600 Series Routers

Static routes allow users to manually configure routing information for a prefix. This routing information points to an interface or a gateway in order to reach the specified prefix. The routing information is valid only when the interface or the gateway is reachable. If a static route is no longer valid, then any other alternate route that is learned via a dynamic routing protocol may be used to reach the prefix. It is important to delete the static route information if it is no longer valid quickly to achieve faster convergence.
Currently, static route information is updated only when the interface or the gateway goes down. Static routes with BFD allow faster detection of an interface or a gateway down, and thereby achieving faster convergence.

BFD VRF Aware Support for Cisco 7600 Series Routers, Cisco 7200 Series Routers, and Cisco 7301 Router

BFD VRF Aware Support extends BFD failure detection capability within a VRF context. With Cisco IOS Software Release 12.2(33)SRC, network operators can run BFD from a VRF based interface so that any failure in the forwarding path between PE and CE devices can be detected even though the physical link might still be up. The combination of BFD VRF support along with the different embedded OAM MPLS tools such as MPLS Ping and Traceroute give network operators a comprehensive end-to-end solution to address overall network reliability and enhance their L3VPN service availability.

BFD WAN Interfaces Support for Cisco 7600 Series Routers, Cisco 7200 Series Routers, and the Cisco 7301 Router

For failure detection on WAN interfaces, network operators usually rely on the physical layer (such as Loss of Signal (LOS) for POS interfaces). For IP traffic over WAN interfaces, situations exist where the next-hop is not reachable but the interface remains up and hence the lack of reachability in the forwarding path is not detected. BFD provides failure detection in the forwarding path.
BFD WAN Interfaces Support enables the use of BFD as fast failure detection in the forwarding path for interfaces such as: ATM, POS, and Frame Relay. Moreover, as part of the BFD WAN Interfaces Support feature, BFD support for VLAN interface (802.1q) is also available.
Deployment Example: Various Service Providers are launching ADSL2+ services aggregated on IP-DSLAMs and carried over Metro Ethernet networks towards the PE. The CPE is connected to the IP-DSLAM via ADSL2+ which is via ATM interfaces. BFD can provide a standard failure detection mechanism in this case for the ATM interfaces.
BFD WAN Interfaces Support in Release 12.2(33)SRC includes support for the following interface types:

• ATM interface with AAL5 MUX, AAL5 SNAP, AAL0 encapsulations

• ATM sub interface

• POS interface with HDLC and PPP Encapsulations

• POS sub interface

• Serial interface, Serial interfaces with FR Encapsulation

• Serial sub interface with FR Encapsulation

• VLAN interface (802.1q)

BFD SSO Phase 1 for Cisco 7600 Series Routers, Cisco 7200 Series Routers, and the Cisco 7301 Router

Stateful Switchover (SSO) is a key feature toward achieving a highly available and robust network. On a dual Route Processor (RP) configuration, such as on the Cisco 7600 Series Routers, SSO allows the standby RP to take immediate control and maintain connectivity protocols in case of failure of the primary RP.
Stateful Switchover (SSO) for Cisco 7600 Series Routers Phase I - implements the capability in case of planned switchover from the active RP to the standby RP. To avoid remote peers detecting a failure in the forwarding plane following the loss of BFD sessions, the BFD state is transitioned to AdminDown on both the local and remote peers. During planned RP switchovers, BFD sessions can be decommissioned by setting them to Admin Down state. The sessions can be brought back to UP state once the switchover is complete. This prevents the remote peers from informing its clients (ie: Routing) as BFD sessions have gone down.

Benefits

BFD Static Routes

– Minimal impact on data forwarding - By converging static routes faster when an interface or a gateway goes down, the router forwards the traffic along the right path to the final destination quickly.

– Improved network reliability - By quickly converging and using the latest routing information, the impact on services is minimal.

BFD VRF Aware Support - Offers the capability to improve convergence on the PE-CE link and ultimately improves overall layer3 VPN network reliability and availability.

BFD WAN Interfaces Support - Extends BFD support to the most commonly used WAN interface type so that fast failure detection in the forwarding path (based on a single standard protocol) can be achieved and therefore increase overall network availability and reliability.

BFD SSO Phase 1 (AdminDown capability) - Offers the capability during planned switchovers to suppress temporarily failure detections so that the higher level protocols still stay up. This capability allows aggressive BFD timers to be set.

Hardware

Routers

• BFD Static Routes: Cisco 7600 Series Routers
• BFD VRF Aware Support: Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router
• BFD WAN Interfaces Support: Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router
• BFD SSO Phase 1: Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6599/products_ios_protocol_group_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Hari Rakotoranto ( hrakotor@cisco.com), BFD
Suresh Katukam ( skatukam@cisco.com), BFD Static Routes

OSPF Graceful Shutdown

OSPF Graceful Shutdown feature allows network administrator to take out a router from the network gracefully without impacting data traffic. When a user issues an OSPF shutdown command, the router informs all its neighbors that it is going down by sending OSPF messages indicating that all links originating from the router are not useful for data forwarding. In addition, it also sends an empty hello message to bring down any adjacency relationships with neighbors. The router is reachable even after the graceful shutdown for troubleshooting or upgrading the software or hardware.

Benefits

Enables software and hardware upgrades in a single route processor device - Users can gracefully shutdown the router from the network, and then upgrade software or hardware in the router as needed.

Enables trouble shooting and debugging of a router without impacting data traffic - After shutting down the router gracefully, users can login to the router to debug or trouble shoot any problems.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6629/products_ios_protocol_option_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Suresh Katukam ( skatukam@cisco.com)

OSPF Generic TTL Security Mechanism

An OSPF router exchanges topology information with neighboring routers for building routing tables. OSPF mechanism allows a user to configure MD5 or a simple password for authenticating an adjacent router before any information is exchanged. The OSPF generic TTL Security mechanism provides an additional security mechanism by ensuring that the neighboring OSPF router is exactly the number of hops away as specified in the configuration. When an OSPF router receives a message from another OSPF neighbor, it compares the TTL in IP header with the TTL that is configured for that neighbor. Only when the TTL matches, the OSPF router will process the message from the neighbor.
The flexible configuration of this feature allows the user to configure the TTL per OSPF process or per interface. When TTL is configured per OSPF process, this TTL is used to validate all neighbors on all interfaces on that router. If a TTL is configured on an interface, it will override the TTL configured at the process level.
Note: This feature needs to be configured on all neighboring routers so that these routers can insert the appropriate TTL value in the IP header.

Benefits

Easier and Simpler OSPF Security Mechanism - This feature provides an additional security mechanism that is easier and simpler by simply configuring the number of hops between two OSPF routers. This ensures that a remote hacker cannot form an adjacency with any OSPF router in the network.

Hardware

Routers

• Cisco 7600 Series Routers

Additional Information

http://www.cisco.com/en/US/products/ps6629/products_ios_protocol_option_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Suresh Katukam ( skatukam@cisco.com)

Cisco IOS Infrastructure and Embedded Management

Cisco IOS Scripting with Tcl

Cisco IOS Scripting with Tool Command Language (Tcl) provides the ability to run Tcl version 8.3.4 commands from the Cisco IOS Software Command-Line Interface (CLI).
Tcl is a standard scripting language, and a partial implementation of Tcl has been in Cisco IOS Software in support of internal applications, such as Cisco IOS Software Interactive Voice Response (IVR).
Tcl version 8.3.4 provides support for the Embedded Syslog Manager (ESM) feature as well as exposing a Tcl Shell (tclsh) for use in the Cisco IOS Software CLI.

SNMP MIB Object Access

Designed to make access to Simple Network Management Protocol (SNMP) MIB objects easier, a set of UNIX-like SNMP commands has been created. The Tcl shell is enabled either manually or by using a Tcl script, and the new commands can be entered to allow you to perform specified get and set actions on MIB objects. To increase usability, the new commands have names similar to those used for UNIX SNMP access.

Benefits

Powerful Scripting Capability - Powerful method of custom-processing the events or states within a router, and taking a variety of actions based on them.

Easy to Learn - Industry standard language.

Complete Coverage of Cisco IOS Software Commands - All Cisco IOS Software CLI commands may be referenced by Tcl scripts, in both EXEC and CONFIG mode.

Customization of Cisco IOS Software Commands - Tcl scripts can be used to create customized commands, grouping multiple IOS commands, processing and customizing output, even creating auto-refreshing commands for real-time refresh at the CLI level.

Hardware

Routers

• Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6555/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Madhu Vulpala ( mvulpala@cisco.com)

Embedded Syslog Manager

Embedded Syslog Manger (ESM) is a customizable framework integrated in Cisco IOS Software for correlating, augmenting, filtering, and routing syslog messages generated by the Cisco IOS logger. (See Figure 28.) ESM allows complete control over system message logging at the source. ESM provides a programmatic interface to allow you to write custom filters that meet your specific needs in dealing with system logging.
ESM allows the user to configure post-processing of syslog messages with selected ESM filters, via new message queue in parallel with standard Cisco IOS syslog message stream. Either filtered or non-filtered syslog streams may be configured for individual syslog destinations. ESM leverages the Cisco IOS Scripting (Tcl 8.3.4).

Figure 28. Embedded Syslog Manager Version 1.0

Benefits

Customization - Fully customizable processing of system logging messages, with support for multiple, interfacing syslog collectors.

Severity Escalation for Key Messages - Ability to configure unique severity levels for syslog messages instead of using the system-defined severity levels.

Specific Message Targeting - Ability to route specific messages or message types, based on type of facility or type of severity, to different syslog collectors.

SMTP-Base Email Alerts - Capability for notifications using TCP to external servers, such as TCP-based syslog collectors or Simple Mail Transfer Protocol (SMTP) servers.

Message Limiting - Ability to limit and manage syslog "message storms" by correlating device-level events.

Hardware

Routers

• Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6555/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Rick Williams ( rwill@cisco.com)

CNS Interactive CLI

The CNS Interactive CLI feature introduces a new XML interface that allows you to send interactive commands to a router, such as commands that generate prompts for user input.

Benefits

• Interactive commands can be aborted before they have been fully processed. For example, for commands that generate a significant amount of output, the XML interface can be customized to limit the size of the output or the length of time allowed for the output to accumulate.

• The capability to use a programmable interface to abort a command before its normal termination (similar to manually aborting a command) can greatly increase the efficiency of diagnostic applications that might use this functionality.

• The new XML interface also allows for multiple commands to be processed in a single session. The response for each command is packaged together and sent in a single response event.

Hardware

Routers

• Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6555/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Udayan Palekar ( upalekar@cisco.com)

Command Scheduler (KRON)

The Command Scheduler (KRON) Policy for System Startup feature enables support for the Command Scheduler upon system startup.
Command Scheduler has two basic processes. A policy list is configured containing lines of fully-qualified EXEC CLI commands to be run at the same time or same interval. One or more policy lists are then scheduled to run after a specified interval of time, at a specified calendar date and time, or upon system startup. Each scheduled occurrence can be set to run either once only or on a recurring basis.

Benefits

• The Command Scheduler allows customers to schedule fully-qualified EXEC mode CLI commands to run once, at specified intervals, at specified calendar dates and times, or upon system startup.

• Using the CNS image agent feature, remote routers residing outside a firewall or using Network Address Translation (NAT) addresses can use Command Scheduler to launch CLI at intervals, to update the image running in the router.

Hardware

Routers

• Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6555/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Udayan Palekar ( upalekar@cisco.com)

HTTP TACAC+ Accounting Support

The HTTP TACAC+ Accounting Support feature adds the ability to log accounting records for HTTP transfers to the Cisco IOS HTTP(S) 1.1 server.

Benefits

Network administrators track network changes by configuring an accounting mechanism. This is accomplished by installing an accounting server on the network and configuring each device connected to the network to log the state changes (or events) it experiences to this accounting server. State changes occur for several reasons such as the following:

• Administrator configuring the device

• Remote users configuring the device

• Local users configuring the device

Each such event is framed as an accounting record, which is sent to the accounting server.
The HTTP TACAC+ Accounting Support feature adds the capability to generate and log accounting records for these HTTP requested configuration changes.

Hardware

Routers

• Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6555/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact

Udayan Palekar ( upalekar@cisco.com)

HTTP Access over IPv6

HTTP access over IPv6 is automatically enabled if an HTTP server is enabled and the router has an IPv6 address. If the HTTP server is not required, it should be disabled.

Hardware

Routers

• Cisco 7600 Series Routers, Cisco 7200 Series Routers, Cisco 7301 Router

Additional Information

http://www.cisco.com/en/US/products/ps6555/products_ios_technology_home.html

http://www.cisco.com/en/US/products/ps6922/products_feature_guides_list.html

Product Management Contact