In today's economic environment, interexchange carriers (IXCs): independent local exchange carriers (ILECs): post, telephone, and telegraph (PTT) companies, competitive local exchange carriers (CLECs): and cable operators are all in search of new, profitable services to supplant their declining voice revenue base. Cisco Systems® believes that creating such services requires the confluence of new provisioning systems such as Cisco Transport Manager and Cisco Transport Controller, new service interfaces such as Ethernet and Fibre Channel, and new control plane capabilities such as Generalized Multiprotocol Label Switching (GMPLS), all of which are delivered over the standard Synchronous Optical Network (SONET) and Synchronous Digital Hierarchy (SDH) service network. Cisco® is bringing all these new technologies to bear within the Multiservice over SONET/SDH (MSOS) initiative on the Cisco ONS optical platforms.
Through MSOS, Cisco Systems will educate the marketplace about the importance of packet-based services on SONET/SDH platforms. To create new services, carriers need to look at the Ethernet and IP packets that are being put into their networks. They need to recognize the applications that these packets belong to, prioritize them into SONET/SDH channels, and charge the customers based on the level of service for that application that the customers select. As an example, instead of reserving OC-3 bandwidth on the ring to support a single 100-Mbps Ethernet private line (EPL), using Layer 2 or 3 switching and quality-of-service (QoS) mechanisms, the provider can deliver a private-line service that comprises a guaranteed rate and a peak rate and divide the OC-3 channel among many customers, each of whom gets a guaranteed rate lower than the rate of the Ethernet port. In this way, the carrier can take advantage of the available bandwidth across a much greater number of customers.
Several technology innovations fit into the MSOS Initiative. First, it is important to clarify the definition of Resilient Packet Ring (RPR) technology by suggesting a distinction between RPRs, which Cisco's current Ethernet-over-SONET and /SDH products support, and the IEEE 802.17 specification, which will be supported when the standards become available. As for concatenation, both real concatenation (RCAT) and extended concatenation (ECAT) are supported across the variety of Ethernet-over-SONET/SDH interfaces that Cisco ships today. Virtual concatenation, or "VCAT," will be supported in the future product versions to further enhance network efficiencies. The same holds true for the Link Capacity Adjustment Scheme (LCAS) standard.
Also addressed through the MSOS product direction is the need for advanced QoS functions. The ability to classify packets, queue them based on that classification, and then schedule them efficiently into Synchronous Transport Signal (STS) channels is necessary to enable services that create and maintain sustainable revenue.
Various methods for encapsulating Ethernet packets into SONET/SDH payloads have been discussed in the industry. The Cisco MSOS strategy focuses on delivering a single encapsulation scheme for both Ethernet and storage area network (SAN) extension services, while enabling interoperability between the transport components and the Layer 2 and 3 devices, which may exist within service provider networks. This will be accomplished using generic-framing-procedure (GFP) developments.
Finally, the MSOS strategy highlights the need for signaling-based circuit provisioning using the User-Network Interface (UNI) signaling protocol and Cisco's vision regarding the adoption of standards-based Unified Control Plane and GMPLS signaling.
Cisco will be extending the capabilities of the MSOS architecture in three directions as the product delivery evolves. First, Cisco will extend the same capabilities to products that operate at the customer access point as well as the ring aggregation layer in the transport network. By providing uniform packet processing at every node, Cisco will allow service providers to dramatically lower the cost of offering packet-based services. Secondly, Cisco will augment the raw capacity of the interfaces and rings through the judicious development of dense wavelength-division multiplexing (DWDM) technologies. Finally, Cisco will deliver new interfaces that support new services, such as Fibre Channel, content, and security services, across all the platforms.
Now consider the products and applications that accomplish Cisco's MSOS strategy. This paper reviews the current Ethernet product offerings for the Cisco ONS 15454 multiservice provisioning platforms (MSPPs) and then discusses how they can be applied to deliver scalable, high-speed, reliable data services—today. Three real-world service applications (EPL, VPN service, and Internet access) are defined to help reiterate the features, benefits, functions, and applications of the Cisco ONS 15454 Ethernet product portfolio. Cisco's MSOS product migration plan is outlined through the course of this paper, showing how the service provider network infrastructure can be evolved and continuously streamlined as Cisco continues to innovate within the metropolitan (metro) optical Ethernet space.
First, a baseline system design of a representative SONET/SDH network used to deliver TDM services is established. This baseline model is used throughout the document to highlight architectural changes in the network as new data services are introduced.
For reference purposes, a quick introduction to the Cisco ONS 15454 MSPP and review of SONET/SDH ring architectures and their associated protection schemes has been included at the end of this paper as Appendix A.
Traditional North American service provider networks are typically based on backbone SONET ring(s) deployed at either OC-48 or OC-192 rates. Internationally, similar ring-based infrastructures exist and are based on SDH standards. For simplicity purposes, this paper assumes SONET/SDH networks to be alike in design. Therefore, this paper generically uses SONET ring terminology (unidirectional path switched ring [UPSR], bidirectional line switch ring [BLSR]) and bandwidth sizing (STS-n, OC-n), but its intent is to reference both SONET/SDH networks.
The Cisco ONS 15454 platform is available in both an American National Standards Institute (ANSI)-compliant version for SONET networks and a European Telecommunications Standards Institute (ETSI)-compliant version for SDH networks. All currently available and future MSOS products for the Cisco ONS 15454 platform are designed for operation within either ANSI or ETSI shelves.
In traditional networks, multiple rings converge and interconnect at major network traffic collection points—central office or service point of presence (POP)—as referred to by incumbent carriers—or as headends in cable industry terms. The backbone rings are often referred to as interoffice facility (IOF) rings because they interconnect these collection points. Access rings are smaller systems that reach further out to customer premises locations or to secondary distribution points in the network. They are said to "subtend" off the larger IOF systems and are usually a magnitude smaller in rates. Remember that in a TDM-based architecture, the sum of all subtending rings equals the total bandwidth required at the backbone.
Traffic flows in the access rings are typically of a hub-and-spoke nature, consolidating back at the local central office. UPSR architectures are well-suited for such multiple point-to-point traffic flows. IOF rings, however, support large amounts of traffic between access rings. As such, IOF ring traffic travels in a mesh, from any central office to any other central office. Because of their inherent potential for bandwidth reservation, BLSR architectures work well for such distributed "mesh" and node-to-node traffic applications. Therefore, assume that Figure 1 represents the baseline system architecture.
The baseline system has two subtending metro rings, each OC-12, interconnected by an OC-48 IOF ring. The system has three customers; customers A and B have sites spanning across metro rings, whereas customer C has three locations, all interconnected via the same subtending ring. Assume that all add/drop multiplexing (ADM) functionality is provided by Cisco ONS 15454 MSPPs. Furthermore, note that a router (Cisco 7600 Series Router) provides Internet access in the service POP. This router establishes connectivity between the SONET/SDH network being discussed and the Internet core. The current connection between the Cisco ONS 15454 and the router may be via DSn or OC-n interfaces. Remember, in this discussion, data interfaces are not yet added onto the SONET/SDH platforms.
The Cisco ONS 15454 has defined the next-generation SONET marketplace and continues to lead the MSPP revolution. The Cisco ONS 15327 provides the same technology in a smaller footprint, allowing more cost-effective penetration into the metro edge. One of the key options afforded to customers that did not exist prior to the introduction of MSPPs is service variety. The ability to deliver 10/100 and Gigabit Ethernet services over standards-based, carrier-class SONET infrastructures—all without affecting their current TDM service delivery data interfaces—presents service providers the opportunity to raise their top-level revenue. Similarly, enterprise customers can now take advantage of a more flexible, scalable transport mechanism to implement high-speed data and content-delivery practices, a scenario that, in the long run, will streamline their business operations and drive down operational costs.
Integrating Ethernet services over SONET/SDH has been the first step in the Cisco MSOS strategy. The inherent, field-proven, standards-based, customer-accepted reliability of SONET/SDH are extended to Ethernet services when provided over the Cisco ONS 15454. These data services using the Cisco ONS 15454 MSPP can be implemented across UPSR, BLSR, linear, unprotected, and path-protected meshed network (PPMN) topologies. Furthermore, 50-ms recovery is provided for these Ethernet services in the same manner as is done currently for DSn and OC-n circuits.
Compliant with SONET/SDH standards, the Cisco ONS 15454 also provides for SONET/SDH performance monitoring, as well as Ethernet Remote Monitoring (RMON) capability. SONET performance monitoring allows service providers to monitor networks with known statistical quantities. The Ethernet RMON allows both the service provider and the customer to monitor networks with RMON, which gives an excellent view of the packet side of the network.
Before reviewing the current Cisco ONS 15454 Ethernet product offerings, it is important to note that the current Cisco ONS 15454 Ethernet 10/100/1000 solutions and the Cisco ONS 15327 data cards of the same series are fully compatible. As such, you can deliver data services over a ring using a combination of both platforms.
The first set of Ethernet product offerings introduced for the Cisco ONS 15454 MSPP was the E-Series. This product group comprises two cards: The E100T-12, a 12-port 10/100, and the E1000-2, a 2-port Gigabit Ethernet blade. This discussion focuses on the Cisco ONS 15454 E-Series products, but a 4-port 10/100 E-Series card is also available for the Cisco ONS 15327. This card is fully compatible with the Cisco ONS 15454 cards and allows a service provider to extend Ethernet services further out to the metro edge and integrate smaller sites into the network more cost-effectively.
The E100T-12 card provides 12 ports of IEEE 802.3- and IEEE 802.3u-compliant 10/100 interfaces via RJ-45 connectors. Each interface supports full-duplex operation for a maximum bandwidth of 200 Mbps per port and 2.4 Gbps per card. Furthermore, each of these 12 customer side ports independently autosenses (detects the speed of an attached device) and automatically connects at the appropriate speed, whether 10 or 100 Mbps.
The E1000-2 is a 2-port Gigabit Ethernet card. Each port accepts modular gigabit interface converters (GBICs). Two GBIC options are available for the E1000-2 card: 1000BASE-SX and 1000BASE-LX. The 1000BASE-SX is an IEEE-compliant GBIC intended for short-range transmission up to 550 meters. The transmission medium is multimode fiber, and the laser operates at 850 nm. The 1000BASE-LX is an IEEE-compliant GBIC designed for long-reach applications up to five kilometers using single-mode fiber transmitting at a wavelength of 1320 nm. Two different types of GBICs may be used on a single E1000-2 card.
Both the E100T-12 and E1000-2 cards support 802.1Q virtual LANs (VLANs) with a maximum of 512 VLANs. The E-Series cards also support 802.1p priority queuing for transporting high-priority Ethernet traffic through the network first during times of traffic congestion.
The E-Series cards can be installed into any of the eight general-purpose slots in the Cisco ONS 15454 shelf assembly. Each of these data cards can access the Cisco ONS 15454 TDM backplane at up to STS-12 rate. Furthermore, the E-Series products support STS bandwidth scaling. The easiest way to understand this concept is by envisioning the E100T-12 as a 24-port device, with 12 front-panel 10/100 interfaces that can map into the 12 STS-1 ports for access to the TDM architecture. Similarly, the E1000-2 resembles a 14-port device, with 2-Gigabit Ethernet customer-facing interfaces and 12 STS-1 internal interfaces. Logical ports can be created in the following increments: STS-1, STS-3c, STS-6c, or a full STS-12c (point-to-point applications only). Figure 2 provides a pictorial view of bandwidth scaling as implemented on the E-Series cards.
STS Bandwidth Scaling with the E-Series
STS bandwidth scaling allows for rudimentary statistical multiplexing and bandwidth oversubscription. For example, assume two customers, a school district and a local cable provider, deliver cable modem-based residential subscriber services. Both customers are provided a 100-Mbps interface to their backbone switch and cable modem terminating device, respectively. Because of time-of-day demand fluctuations, neither customer is using the full provided bandwidth simultaneously. As such, the service provider may choose to place traffic from both customers onto a single STS-3c circuit across the SONET backbone. (Note that traffic is logically separated via IEEE 802.1Q tags placed at port ingress.)
Previously, each 100-Mbps customer circuit would consume a full OC-3c (155 Mbps) of bandwidth across the network. Through STS bandwidth scaling, however, one OC-3c pipe has been preserved. This enhances service provider profitability by allowing the service provider to generate additional revenue by delivering additional data and TDM services with no effect on capital expenditures (CapEx). Assuming $250 per month per DS1 service, an OC-3c worth of bandwidth equates to 84 DS1 circuits, or $21,000 in incremental monthly revenue for the service provider.
Two specific Ethernet-over-SONET/SDH configurations are supported by the E-Series product line, point-to-point and shared packet ring. Each configuration can be implemented in a BLSR, UPSR, or linear automatic protection switching (APS) network topology. Point-to-point configurations over a BLSR or a linear APS are provided full SONET switching protection. Point-to-point circuits do not need spanning tree because the circuit has only two termination points. Therefore, the point-to-point configuration allows a simple circuit creation between two Ethernet termination points, making it a viable option for network operators looking to provide 10/100-Mbps access drops for high-capacity customer LAN interconnects, Internet traffic, and cable modem traffic aggregation. This service is commonly referred to as EPL.
Shared packet ring configurations enable statistical multiplexing of traffic while taking advantage of Layer 2 resiliency. Network designers and planners implementing this type of resilient packet ring architectures should refer to the Ethernet Transport on the Cisco ONS 15454/327 Platform white paper on the E-Series for product, system, and implementation caveats.
The next generation of data offerings for the Cisco ONS 15454 is the Quad Gigabit Ethernet card, G1000-4. With this product, carriers can provide higher-speed EPL services with the same provisioning, management, and billing tools as for SONET lines and guarantee the same type of high availability. A 2-port G-Series card for the Cisco ONS 15327 is also shipping.
The G-Series product line provides Layer 1 transport of Ethernet encapsulated frames across SONET or SDH networks. Each G-Series card for the Cisco ONS 15454 platform offers four GBIC slots for customer-facing interfaces, including support for 1000BASE-ZX, which is not available on the E-Series Gigabit Ethernet card. The GBICs can be mixed and matched between any of the four slots. This card accesses the TDM backplane of the Cisco ONS 15454 at up to STS-48 rates. STS bandwidth scaling is selectable in RCAT increments of STS-1, -3c, -12c, and -24c, as well as ECAT increments of STS-6c, -9c, and -24c. Note that this is a maximum aggregate access rate four times that of the E-Series cards. Thus, with the G-Series card, any two of the four ports can set to STS-24c (1.2 Gbps) and thus be configured for line rate or full 1000-Mbps Gigabit Ethernet service delivery, a service not previously available.
Because all frames arriving on the ingress ports of this card are simply mapped into SONET payloads without undergoing Ethernet switching functionality, the G-Series can build on the point-to-point configurations delivered by the E-Series. More precisely, the pure physical layer transport function allows it to be transparent to Media Access Control (MAC) addressing, VLAN tunneling, and the IEEE 802.1p priority parameters, which previously required careful design consideration when implementing typical E-Series-based network designs. Also, because no Ethernet switching is performed on the G-Series cards, ultra-low latency is available across the transport facility.
Another key benefit of the G-Series products is support for Cisco's Gigabit EtherChannel® technology or the IEEE 802.1ad Link Aggregation. This capability allows service providers to deliver point-to-point connectivity at speeds beyond 1 Gbps.
Another product within The Cisco MSOS strategy is the ML-Series product line, which truly delivers on the promise of the MSPP. Using a single ML-Series card, the provider can create any kind of point-to-point or multipoint service using the Layer 2 or Layer 3 control plane or using only provisioned circuits through Cisco Transport Manager or Cisco Transport Controller. This card supports multiple levels of priority of customer traffic that can be managed using existing operations support systems (OSSs).
- The ML-Series cards bring packet processing to SONET/SDH platforms using Cisco IOS® Software. The benefit is that new services can be created around the notion of guaranteed and peak bandwidth, a feature that really enhances the service provider business model.
- The ML-Series cards offer the ability to create multipoint services. This means that the provider can deploy the equivalent of a private-line service and a Frame Relay service out of the same transmission network infrastructure and thereby realize significant cost savings.
- The ML-Series has a common code base to the enterprise routers. The benefit of this feature is that there can be a common way of queuing and scheduling packets between what the enterprise routers want and what the service network can deliver.
- The ML-Series cards deliver carrier-class services. The key benefit is that the resiliency of the service is derived from the SONET/SDH 50-msec failover.
- The ML-Series supports Transaction Language One (TL-1) and Simple Network Management Protocol (SNMP). The key benefit is that these services can be created to a large extent within the existing service provider provisioning systems, and then the packet services can be managed using Cisco Transport Manager or Cisco Transport Controller. There is, therefore, minimal disruption to existing business processes.
The ML-Series Ethernet cards extend the data service capabilities of the Cisco ONS 15454, enabling service providers to evolve the data services available over their optical transport networks. The ML-Series consists of two cards: a 12-port, 10/100BASE-T module (part number ML100T-12) with faceplate-mounted RJ-45 connectors and a 2-port Gigabit Ethernet module (part number ML1000-2) with 2 receptacle slots for field-installable, industry-standard, small form-factor pluggable (SFP) optical modules. These next-generation cards operate in any of the 12 multiservice interface slots, and each card provides up to 2.4 Gbps of transport bandwidth, software provisionable in transport bandwidths from 50 Mbps to the port full line rate, in STS-1, STS-3c, STS-6c, STS-9c, STS-12c, and STS-24c increments. Additionally, each service interface supports bandwidth guarantees down to 1 Mbps, enabling service providers to aggregate traffic from multiple customers onto shared network bandwidth, while still offering TDM or optical services from the same platform.
- Autonegotiation for half- or full-duplex operation—Minimizes setup time
- 802.3x/z flow control—Reduces dropped packets from overflowing buffers, resulting in more satisfied system administrators
- User-selectable transport bandwidth protection—Enables tiered service offerings for supporting lower-cost, unprotected circuits
- Flexible networking architectures—Supports multiple shared packet rings or point-to-point capabilities over UPSR, BLSR, PPMN, linear, and unprotected systems
- Giant and jumbo packet format acceptance—Enables deployment with a wide variety of networking equipment
- 802.1Q VLANs and Q-in-Q tunneling—Provides traffic segregation and eases end-user network configurations
- 802.1Q/p packet format acceptance—Reduces additional networking configurations
- Port mirroring—Enables network monitoring for proactive maintenance and troubleshooting
- Fast and Gigabit EtherChannel support—Provides higher-bandwidth service offerings, transport or protected port interfaces
- Delegated management—Allows management and provisioning of the transport and data capabilities to be handled by the appropriately trained personnel as well as under their present method of procedures
The fact that traditional carrier networks are built on SONET/SDH-based architectures has been established. Furthermore, it is understood that there is a rapidly growing end-customer requirement for transporting bandwidth-intensive data communications. To accommodate these "data" service requirements, providers have begun offering EPL services, which provide simple LAN extension and high-bandwidth options to their customers. These services mimic the traditional TDM circuit services that they already offer, such as DSn and OC-n. However, EPL services offer little in terms of network scalability or efficiencies. Profitable and wide-scale Ethernet services can be deployed only when packet multiplexing and oversubscription are enabled to deliver Ethernet switched services, analogous to ATM or Frame Relay networks.
As mentioned, early adoption for Ethernet-based services offerings across the metro has been in the form of the EPL service. For this discussion, EPL services can be defined as a dedicated point-to-point Ethernet circuit delivered transparently across the metro network. Transparency implies that the customer does not see the service provider core but just the endpoints of the Ethernet circuit. This is analogous to the traditional T1 and T3 private-line services in the TDM world in the sense that the customer is offered a "private line" between the source and destination. That is, this private line cannot be shared with other customers or any other service provider traffic.
Over the past two years, demand for EPL-based transparent LAN services has seen steady increases. In fact, analysts at DRW have stated that metro Ethernet has already begun impeding on the $23B annual leased-line, ATM, and Frame Relay markets. This interest may be attributed to several variables. Familiarity with the technology, as well as lower interface costs, ready-to-use features, and ubiquity of Ethernet have caught the attention of enterprise customers, most of whom already operate Ethernet LANs in their sites and currently rely on private-line services to interconnect them.
Meanwhile, the ability to deliver Ethernet services over the existing optical transport infrastructure gives service providers an opportunity to raise top-line revenue by offering multiservices with minimum CapEx and little or no impact to their existing service base. Furthermore, when using SONET or SDH for data transport, service providers can take advantage of the inherent resiliency (sub 50-ms recovery) of SONET/SDH.
The current Ethernet product offerings on the Cisco ONS 15454 allow service providers to establish these high-speed, point-to-point connections at 10-Mbps, 100-Mbps, or Gigabit data rates. Private-line services may be established between two customers' sites or between a customer site and a hub location. Using the baseline service provider architecture outlined previously, Figure 3 illustrates how private-line connections may be delivered across one of the access rings.
A G-Series Ethernet card can be installed into any of the open slots on the Cisco ONS 15454 nodes. Remember, each card has access to the TDM backplane of the shelf at an STS-48 rate, and bandwidth scaling on the G-Series can be established in STS-1, -3c, -6c, -9c, -12c, -24c, and -48c increments. For full line-rate service, two of the four Gigabit Ethernet ports may be used at the circuit ingress, with each of these assigned to an STS-24c "pipe." "Book ending" is required at the egress, or other end of the circuit, where another G-Series card is installed in that Cisco ONS 15454. When line-rate services are provisioned, as in this example, each G-Series card supports two private-line circuits. Therefore, if a line-rate, Gigabit Ethernet, private-line circuit is required between each ring node and the POP node, two G-Series cards are required at the Cisco ONS 15454 in the POP for connectivity to the Internet access router. However, based on the service rates offered, the service provider may choose to scale bandwidth on the network backend. Thus, the customer demarcation point would still be the ubiquitous Gigabit Ethernet interface; however, the service provider maps all the ingress traffic from that port onto a 155- or 622-Mbps TDM "pipe."
Similar private-line services in 10/100-Mbps rates are enabled via the E100T-12 cards. For more information about network design and configuration with the E- and G-Series, refer to the individual design guidelines documents.
Several vendors now deliver systems that map Ethernet frames to SONET/SDH circuits statically, in a fashion similar to the G-Series products for the Cisco ONS 15454 and ONS 15327 products. However, these vendors have very little experience in designing multipoint multi-QoS packet service networks, which is exactly what providers and enterprises alike require to build a profitable Ethernet service offering that is scalable and that enables a sustainable business model. Cisco's expertise across Layer 1, 2, and 3 networking allows it to provide more than the competition.
With straight mapping of Ethernet over traditional SONET/SDH networks, providers lack the ability to specify the exact amount of bandwidth that a particular node can access, an important feature for addressing smaller enterprise customers' needs and for multitenen-unit (MTU) applications. With Ethernet-over-SONET mapping products, bandwidth can be specified only in exact terms of 10, 100, or 1000 Mbps on the customer side and in specific n x STS-1 increments on the network side (as listed previously).
Further, assume an n x STS-1 is shared among multiple customer connections; the service provider can limit the nodal access for each customer only to a maximum bandwidth of 10, 100, or 1000 Mbps. Realistically, the amount of bandwidth the node receives will be less, depending on how many customers at other nodes are accessing that bandwidth simultaneously. In addition, the service provider cannot allocate a specific amount, such as 80 Mbps, to a node. Finally, the service provider is unable to control the percentage of allocated bandwidth that each customer gets (that is, one customer could use all the bandwidth and leave nothing for the others). These rate-limiting functions would enable a service provider to control the amount of bandwidth a customer receives and, therefore, to charge customers based on specific service-level agreements (SLAs).
Today, however, a Cisco Layer 3 switch such as the Cisco Catalyst® 3550-12T is used in conjunction with the current Cisco ONS 15454 mapped data cards to allow service providers to benefit from both the Ethernet rate-shaping edge function as well as the highly reliable (sub 50 ms) SONET transport infrastructure.
This Cisco Catalyst and Cisco ONS 15454 Ethernet combined solution provides Ethernet rate-shaping capabilities to the node and enables Ethernet rate shaping for the individual customers at each node. This configuration, as depicted in Figure 4, will enable them to specify how much of the shared STS-1 or STS-12 each node can use. For example, assume that there are three nodes on a ring, sharing an STS-6 (155-Mbps, STS-3c access bandwidth with STS-3c reserved bandwidth for transport resiliency). Using a Cisco Layer 2 or Layer 3 device, such as the Cisco 7600 Series Router at the central office, that bandwidth can be allocated to the customer any way the service provider wants (for example, 80 Mbps to node 1, 50 Mbps to node 2, and 20 Mbps to node 3).
Efficient Services Delivery, Using Cisco's Layer 1, 2, and 3 Expertise
With the introduction of the ML-Series cards on the Cisco ONS 15454, customers will enjoy an integrated solution that offers various cost savings, ease-of-provisioning mechanisms, as well as the ability to offer SLAs in less than 1-Mbps increments. Furthermore, these SLAs can be configured to have both a committed rate and a burst- or peak-rate component, thus further supporting network efficiency and maximizing the number of customers that could be supported across the network infrastructure.
Now, how can two different data services (VPN services and Internet access) be delivered using Cisco's multilayer expertise? It should be noted that each of these data services—EPL (already discussed), VPN services, and Internet access—can be offered incrementally after the Cisco ONS 15454 and 15327 product-based SONET/SDH infrastructure is in place. As such, no complete equipment upgrade requirements are necessary and the Ethernet services may be delivered incrementally, without affecting any existing services.
A VPN service can be viewed as an extension of an enterprise customer's LAN, such that all LANs from each of the geographically dispersed sites of the entities are interconnected across the metropolitan network. Therefore, the distance between sites, topologies followed, and all underlying technologies required to establish the interconnectivity are completely transparent to the customers, who simply enjoy the "look and feel" of being on a single LAN across all their sites. From an architectural perspective, VPN service delivered over a hub-and-spoke design is similar to creating point-to-point circuits between each ring node back to the POP node.
As with EPL service, VPN services can be delivered at line rates. However, because of high bandwidth costs and actual bandwidth requirements, most customers prefer rate-limited services. A recent poll of enterprise customers indicated that highest demand for Ethernet service speeds across the metro was placed on 1 to 10 Mbps (possibly smaller companies, currently using DS1 for interconnectivity). This was followed by 100- to 1000-Mbps service (large corporations, looking for a more cost-effective alternative for their current OC-n services).
Transparency also implies that end customers do not need to make any changes to their internal network designs or Layer 2 VLAN configurations. However, one problem that often arises for service providers attempting to maintain transparency is that the ranges of VLANs established by end customers may overlap. Assigning a unique range of VLANs to each customer within the service provider network solves this issue, but it can easily consume the 4096 maximum VLANs supported by IEEE 802.1Q.
The ML-Series supports Q-in-Q, a technique that expands the VLAN space by retagging the tagged packets entering the service provider infrastructure. When the service provider's ingress interface receives an Ethernet frame from the end user, a second-level 802.1Q tag is placed in that frame, immediately preceding the original end-user 802.1Q tag. The service provider's network then uses this second tag as the frame transits the metro network. The ML-Series interface of the egress removes the second tag and hands off the original frame to the end customer. This builds a Layer 2 VPN where traffic from different business customers is segregated inside the service provider network, yet the service provider is able to deliver a service that is completely transparent to the Layer 2 VLAN configuration of each enterprise customer.
Although Q-in-Q provides a solid solution for smaller networks, its VLAN ID limitations and reliance on the IEEE 802.1d Spanning Tree algorithm make it difficult to scale to meet the demands of larger networks. Therefore, other innovations, such as Ethernet over MPLS (EoMPLS), must be introduced. As the name implies, EoMPLS encapsulates the Ethernet frames into an MPLS label switch path, which allows a Multiprotocol Label Switching (MPLS) core to provide transport of native Ethernet frames.
Figure 5 shows the same access ring described earlier, to now deliver VPN services between customer C's three metro sites. Either the ML-Series or the edge Cisco Catalyst 3550 devices provide both the rate-limiting and Q-in-Q functions. The Cisco 7600 Series provides Layer 3 functions required to interconnect the individual point-to-point connections together. Note that because all of Enterprise C sites are local to the access network, its VPN service is enabled via hub-and-spoke design back to the hub site where the individual links are interconnected. Q-in-Q may be implemented as an option. Enterprises A and B, however, have other corporate sites across the service provide core. For VPN delivery to those customers, a combination of Q-in-Q in the access and EoMPLS across the core is recommended.
Internet access is similar to private-line services architecture, with the exception that all Internet access circuits are between customer locations and the POP, where centralized access to the Internet is maintained. Like VPN service, Internet access is typically a rate-limited service—large, line-rate connections across the metro do not guarantee faster Internet access, which is typically regulated between the service POP and the Internet service provider (ISP). Therefore, imagine Internet access service to follow the physical topology of the EPL service mentioned earlier, but with Layer 2 and 3 switching functions at the network edges required to deliver rate-limiting functionality, as in the VPN services case.
The Layer 2 and Layer 3 switching and routing capabilities of the ML-Series products make them ideally suitable for all switched Ethernet services support. In applications such as Internet access and IP services, the ML-Series provides several advantages.
First, the ML-Series card takes advantage of the industry-leading Cisco IOS Software currently found on Cisco Catalyst switches. Therefore, eliminating the external switch at the customer premises will not limit functionality offered to or by the service provider. In fact, service provider training costs will be maintained because most networking technicians are already fully trained to operate Cisco's router platforms operating Cisco IOS Software. On the SONET side, Cisco Transport Controller will continue to be used to manage and provision the transport network, and the A-to-Z provisioning wizard will be used to set up the transport bandwidth across the Cisco ONS 15454 network. This, too, will minimize the provider's training costs because all this data service provisioning is similar to the way a service provider's staff is currently trained to establish and maintain the TDM circuits.
Internet and IP Services with ML-Series Cards
The integrated solution also appeals to service providers because of its reliability benefits. Typically, each active device in a network introduces a single point of failure to the network. Eliminating platforms, no matter how reliable, reduces the single point of failure in the overall network architecture. More importantly, the integrated approach extends the Cisco ONS 15454 NEBS compliance to the ML-Series data cards. Therefore, service providers have confidence that their data platforms have been tested and certified for operation under stringent conditions.
Another service provider cost benefit of the ML-Series is provided through its inherent statistical multiplexing function. At the customer edge, assume 12 end customers, each provided a 10- or 100-user interface. Further, assume that each of these subscribers requests SLA-based Internet access services between 1 and 20 Mbps each, or an average of 8 Mbps each. Therefore, 96 Mbps (12 customers, 8 Mbps each) would be required across the network. With the ML-Series cards, the provider can choose to further aggregate and maximize bandwidth utilization. In the example, another 2:1 aggregation may be deemed appropriate. It would permit the provider to reserve only about 50 Mbps instead of the nearly 100 Mbps that would have been otherwise required. Again, this frees bandwidth to deliver more or other services without a network upgrade.
Consider this same situation with regard to the POP. With the inherent statistical multiplexing capability of the ML-Series, all traffic collected from the entire access ring can now be further aggregated. As such, a single, more efficiently packed connection between the headend Cisco ONS 15454 and the Cisco 7600 Series is now required, thus reducing the number of "fat" connections typically required between the Cisco ONS 15454 and the Cisco 7600 Series. Each connection eliminated lowers the CapEx requirements in terms of expensive Cisco 7600 Series high-speed interfaces.
Finally, the ML-Series supports several encapsulation schemes. As such, it offers the unique ability to interoperate with the G-Series cards, packet-over-SONET (POS) interfaces of core routers (such as Cisco 12000 Series), and Cisco Catalyst POS interfaces (Cisco 7600 Series and Cisco Catalyst 6500 Series).
- How competitively they price their data services, without cannibalizing their current service offerings
- How efficiently they are able to take advantage of their existing SONET or SDH infrastructure
- How they choose to deliver differentiated services
- How cost-effectively they can provision new services and manage them after they are operational
Cisco innovates across IP, Ethernet, and Fibre Channel technologies to enable the creation of profitable new services over the proven SONET/SDH-based Cisco ONS platforms. Cisco's E-Series and G-Series enable private-line Ethernet services and high-speed connectivity. To establish even more profitable Ethernet services, providers need to look at the Ethernet and IP packets that are being put into their networks, recognize the applications these packets belong to, prioritize them into SONET/SDH channels, and charge the customers based on the level of service for that application that the customers select.
As the service provider is successful with its multiservice-over-SONET/SDH offerings, it will come to a critical junction where it will run out of backbone bandwidth capacity. The Cisco COMET product portfolio makes network scale simple, fast, and easy. Table 1 outlines different alternatives, each allowing the service provider the opportunity to continue scaling its networks and enhance delivery of profitable data services.
Table 1 Scaling the Network
The Cisco ONS 15454 Optical Network System provides efficient bandwidth delivery and management in optical transport networks. It is a flexible SONET/SDH add/drop multiplexer (ADM) that offers service aggregation and high-bandwidth transport of voice and data traffic on a single platform. The Cisco ONS 15454 allows users to easily manage services and quickly increase capacity without disrupting service. The Cisco ONS 15454 is a NEBS compliant shelf assembly (environmentally hardened for SONET) that contains 17 card slots, back (ANSI) or front (ETSI) access interfaces, a fan tray, a front panel with a LCD, and alarm indicators. The Cisco ONS 15454 carries traditional TDM and high-speed data traffic—a variety of card configurations offer incremental bandwidth increases as needed and support EC-1, DS1, E1, DS3, E3, E4, OC-3, STM-1, OC-12, STM-4, OC-48, STM-16, OC-192, STM-64, and 10/100/1000 Ethernet speeds. Workstations can connect to the Cisco ONS 15454 using direct, LAN, or firewall-compliant connections, as well as DCC connections. Cisco Transport Controller, the integrated Cisco ONS 15454 Software interface, provides easy card-, node-, and network-level provisioning and troubleshooting.
The Cisco ONS 15454 supports all the major SONET/SDH protection schemes, including UPSRs, BLSRs, SNCP, MS-SPR, subtending rings, linear ADM supporting 1 + 1 protection, and mixed configurations. You can also create PPMNs.
A UPSR and SNCP ring is a closed-loop, two-fiber transport architecture that survives cable cuts and equipment failure because it provides duplicate fiber paths for each service. Nodes in the ring are connected using a single pair of optical fibers. Working traffic flows in one direction on the ring, and the second fiber provides a protection path flowing in the opposite direction. If a problem occurs in the working traffic path, the receiving node switches to the path coming from the opposite direction. Services can originate and terminate on the same ring or can be passed to an adjacent access or interoffice ring for transport to the service-terminating location. Because each traffic path is transported around the entire ring, UPSR and SNCP rings are best suited for networks where traffic concentrates in one or two locations and is not widely distributed. Figure A-1 shows a basic UPSR and SNCP ring configuration. If node ID 0 sends a signal to node ID 2, the working signal travels on the working traffic path through node ID 1. The same signal is also sent on the protect traffic path through node ID 3. If a fiber break occurs, node ID 2 switches its active receiver to the protect signal coming through node ID 3.
UPSR and SNCP Ring Configuration
BLSRs and MS-SPRs allocate half the available ring bandwidth for protection. In a 2-fiber OC-48 BLSR and STM-16 MS-SPR, see Figure A-2, STSs 1-24/VC-4 #1 to #8 are allocated to working traffic, and STSs 25-48/VC-4 no. 9 to no. 16 are allocated for protection. If a break occurs on one fiber, working traffic switches to the protection bandwidth (STSs 25-48/VC-4 no. 9 to no. 16) on the other fiber. Working traffic travels in one direction on STSs 1-24/VC-4 no. 1 to no. 8 on one fiber, and on STSs 1-24/VC-4 no. 1 to no. 8 in the opposite direction on the second fiber. Because the working and protection bandwidths must be equal, you can create only OC-12/STM-4, OC-48/STM-16, and OC-192/STM-64 BLSRs or MS-SPRs. BLSRs and MS-SPRs work well for distributed "mesh" and node-to-node traffic applications, such as interoffice networks and access networks.
BLSR and MS-SPR Ring Configuration
A Cisco ONS 15454 with Multiple Subtended Rings
Cisco ONS 15454 networks give you the option of setting up PPMNs, which extends the protection scheme of UPSR from the basic ring configuration to the meshed architecture of several interconnecting rings. Typical UPSR protection creates two separate routes between source and destination nodes on a single UPSR. PPMN does this for source and destination nodes that do not lie on the same ring but link together through a network of meshed connections. When applied to a single ring, PPMN uses the same paths as the UPSR. PPMN connects the source and destination of a circuit over two diverse paths through a network of single or multiple meshed rings. These two routes form a circuit-level UPSR. The source sends traffic on each of the diverse routes to the destination node, where the destination node uses the active route or switches to the standby route. Cisco Transport Controller can automatically route circuits across the PPMN, or you can manually route circuits. An example of a PPMN is outlined in Figure A-4. In this example, node 3 is the source and node 9 is the destination. Cisco Transport Controller automatically determines that the shortest route between the two end nodes passes through node 8 and node 7, shown by the dotted line. Cross-connections are automatically created at nodes 3, 8, 7, and 9 to provide a working-traffic route.
Protected-Path Mesh Network
If you check the protected circuit box in Cisco Transport Controller, PPMN establishes a second unique route between nodes 3 and 9 and automatically creates cross-connections at nodes 3, 2, 1, 11, and 9, shown by the dashed line. If a signal failure occurs on the primary path, traffic switches to the second, protected circuit path. In this example, node 9 switches from the traffic coming in from node 7 to the traffic coming in from node 11, and service resumes. This switch occurs within 50 milliseconds.
For SDH networks, SNCP presented in a ring topology is also defined in ITU-T standards for mesh networks. The principle is the same with the preprovisioning of an active and a protection path between the circuit source and destination. A selection function in the destination node selects the path that has the best signal quality based on SDH errors and performance bytes monitoring.