SERVICE DESCRIPTION IP VPN - broadnet.no · 4 broadnet.no 1 IPVPN 1.1 Introduction IPVPN is a...
39
SERVICE DESCRIPTION IP VPN 17.04.2015/Version 6.3/OAN
-
Upload
nguyenliem -
Category
Documents
-
view
216 -
download
0
Transcript of SERVICE DESCRIPTION IP VPN - broadnet.no · 4 broadnet.no 1 IPVPN 1.1 Introduction IPVPN is a...
SERVICE DESCRIPTION
IP VPN
17.04.2015/Version 6.3/OAN
2
broadnet.no
1 IPVPN 4
1.1 Introduction .......................................................................................................................................... 4
1.2 Functionality and customer advantages of IPVPN ................................................................................. 6
1.3 Functional differences between IPVPN Managed and IPVPN Unmanaged ............................................ 7
Functionality 7
IPVPN managed 7
IPVPN unmanaged 7
2 TECHNICAL FUNCTIONALITY 7
2.1 Scalability .............................................................................................................................................. 7
2.2 Access technology and capacity ............................................................................................................. 7
2.2.1 ADSL – Shared access 8
2.2.2 Interface 8
2.3 Customer Edge router/switch ................................................................................................................ 8
2.4 Network topology ................................................................................................................................. 9
2.5 Responsibility ........................................................................................................................................ 9
2.6 Technical terms and conditions ........................................................................................................... 10
2.6.1 Transmission quality 10
2.6.2 Network protocols 10
2.6.3 Packet sizes 10
2.6.4 DHCP (Dynamic IP allocation) 11
2.6.5 Networktopology 11
2.7 Quality of Service (QoS) ....................................................................................................................... 11
2.7.1 Quality of Service 11
2.7.2 Traffic flow not traffic chaos 11
2.8 Traffic prioritization and traffic classes ................................................................................................ 12
2.9 Traffic profiles ..................................................................................................................................... 13
2.9.1 Standard profiles 14
2.9.2 Extended profiles 14
2.9.3 Traffic profiles with the use of partners 15
2.9.4 Design of solution with traffic prioritization 15
2.9.5 Functionality of traffic classes 15
2.9.6 Implementation of traffic prioritization 17
2.9.7 Tagging of traffic 17
3
broadnet.no
3 ADD-ON SERVICES 18
3.1 Parallel networks (MultiVPN) .............................................................................................................. 18
3.1.1 Parallel networks and network topology 20
3.2 Redundancy ........................................................................................................................................ 20
3.2.1 IP VPN Line redundancy 21
3.2.2 IP VPN Mobile Backup 21
3.3 IPVPN OffNet – connection via Internet .............................................................................................. 22
4 SUPPLEMENTARY SERVICES 24
4.1 Internet access .................................................................................................................................... 24
4.1.1 Internet BreakOut 24
4.1.2 Net-centric Internet access - Secure Internet Gateway 24
4.2 Security and net-centric services ......................................................................................................... 26
4.2.1 Customer-adapted firewall 27
4.2.2 Connection of several VPN 27
4.2.3 Home offices and Mobile users 27
4.3 NETS/Payment access ......................................................................................................................... 27
4.3.1 Net-centric payment access 27
5 SLA SERVICE LEVEL AGREEMENT 28
5.1 Servicetime ......................................................................................................................................... 28
5.2 Quality Level ....................................................................................................................................... 28
6 PERFORMANCE MANAGEMENT 29
6.1 Background ......................................................................................................................................... 29
6.2 Performance monitoring - VPNview .................................................................................................... 29
6.3 IPVPN SLA Report ................................................................................................................................ 31
7 PRICE 32
7.1 Price structure ..................................................................................................................................... 32
8 FAULTPROCEDURE AND FAULTCORRECTION TIME 33
4
broadnet.no
1 IPVPN
1.1 Introduction IPVPN is a flexible data communication service, built for the professional market in Norway. IPVPN is carried
over Broadnet’s nationwide MPLS-based core network in Norway, Sweden and Denmark. Based on this,
Scandinavian as well as national MPLS-based network solutions can be supplied.
IPVPN is supplied in two different types:
IPVPN Managed is an end-to-end service in which Broadnet has the ownership and operational
responsibility of CE routers (Customer Edge) or switch at customer locations. Broadnet is
responsible for the end-to-end solution and monitors availability and quality up to the CE
routers/switch LAN interface at the customer. The solution is suitable for customers that wish to
hand over the entire WAN operation to their supplier.
Figure 2-1: Principle overview of a suggested solution using IPVPN Managed
5
broadnet.no
IPVPN Unmanaged is an operated service for which Broadnet is responsible for the solution up to
and including the access modem. The solution is suitable for distributors that wish to resell
IPVPN, or for customers that wish to own, implement and operate the CE router/switch
themselves.
Figur 1-2: Principle overview of a suggested solution using IPVPN Unmanaged
6
broadnet.no
1.2 Functionality and customer advantages of IPVPN Traffic priority ensures traffic flow, giving priority to critical traffic via various traffic classes with
the correct Quality of Service, QoS
Fully meshed topology, in which all locations can communicate directly to one another or to net-
centric services at Broadnet.
Star network (point-to-multipoint) for example connecting to the customer’s head office or data
center
Various access types; Fiber, SHDSL, VDSL, ADSL2+, digital leased lines and Ethernet for the best
possible adaptation to the customer location needs
Redundancy in the form of line diversity and Mobile backup
Parallel networks (MultiVPN) can be set up for branch networks, extranet and similar, and be
terminated as VLAN or on separate ports on the CE router
National coverage with the possibility of expanded connection of global locations
Flexible service arranged for simple up/downgrading of capacity and adding new, or removing
existing locations
Active notification of customers in fault situations, if so required. This can be by telephone or
text message, or by using Broadnet’s web/mail-based ticketing system.
Traffic statistics available via a web interface. Updated and historical data is available for the use
of bandwidth per location.
Additional services for Internet access, security, payment access services, solutions for home
offices and Mobile users
Access to qualified support personnel and error reporting 24/7, based on the selected coverage
period
Service Level Agreement/Service Quality which is adapted to customer location requirements, in
accordance with quality levels and cost optimization
7
broadnet.no
1.3 Functional differences between IPVPN Managed and IPVPN Unmanaged
Table 2-1 below shows an overview of the functional differences between the services IPVPN Managed and
IPVPN Unmanaged.
Functionality IPVPN managed IPVPN unmanaged
Fully meshed topology √ √
Star Network (point-to-multipoint) √ No
Parallel Network (MultiVPN) √ No 1
Quality of service (QoS) and traffic prioritization √ √
IP VPN o/Internet (for global coverage) √ No
Line redundancy √ √
Mobile backup √ No
Internet Break Out √ No
Encryption √ No
SLA 2 √ √
VPNview2.0 √ No
Active notification √ No
Coverage Global Scandinavia
Table 2-1: Functionality support IPVPN Managed vs. IPVPN Unmanaged
2 Technical functionality
2.1 Scalability With IPVPN Managed, the customer can easily add new locations to a WAN solution, move existing locations
or close down locations if this should be required. The customer can easily change the functionality at one or
several locations. Changes can, for example, include IP addresses or functionality such as traffic prioritization,
redundancy or several VPNs at a later time if this has not been originally installed.
2.2 Access technology and capacity In principle, access is supplied from the customer location to Broadnet’s core network (connected to Provider
Edge PE router) on Broadnet’s self-owned infrastructure; however, if this is not possible, access provided by
third-party operators is used.
In principle, IPVPN Managed supports all access technologies, including fiber, Ethernet, digital leased lines,
SHDSL and ADSL. There may be differences in access technologies and capacities offered outside of Norway.
Table 2-1 below specifies access methods and capacity supplied for IPVPN Managed.
1 The exception is if the location is supplied with fiber access. In such case, parallel networks can be supplied for the specific location, on request case-by-case.
2 SLA may differ between the two services
8
broadnet.no
Access technology Access infrastructure Capacity
Fiber and Ethernet Broadnet self-owned 2 Mbps - 1 Gbps
Fiber and Ethernet Alternative supplier 10 Mbps - 1 Gbps
SHDSL (oa) Broadnet self-owned 1 – 8 Mbps
SHDSL (ws) Alternative infrastructure 1 – 8 Mbps
VDSL (oa) Broadnet self-owned 25 – 60 Mbps
VDSL (ws) Alternative supplier 25 – 40 Mbps
Leased line Alternative infrastructure 2 – 8 Mbps
ADSL (oa) Broadnet self-owned 1 – 20 Mbps
ADSL (ws) Alternative supplier 1 – 16 Mbps
Outside of Norway Alternative supplier On request
Table 2-1: Available access methods/capacity
For detailed information concerning alternative speeds, please see the recommended price list for IPVPN
Managed.
The access method/capacity ordered per location by the customer, is that which will be supplied if the desired
access form/capacity is available for the location.
2.2.1 ADSL – Shared access
The term shared access is used when the customer uses the IP VPN access (ADSL-based) which is to be used
for IP VPN Managed for telephony. The cost of copper line lease is shared in such case between the telephony
service and the IP VPN service.
If the customer does not have a telephone line at the relevant location, or the customer wishes to have IP VPN
Managed service supplied on a dedicated copper line, the IP VPN-access can be offered without telephony if a
line is available.
2.2.2 Interface
IPVPN Managed is supplied with the router/switch LAN interface, for example Ethernet, FE or GigE.
2.3 Customer Edge router/switch As part of IPVPN Managed, a router or switch is supplied - Customer Edge (CE) router/switch.
In principle, Broadnet will design the customer’s IP VPN solution with a suitable router, or in certain
circumstances a switch. The CE router/switch will be adapted to the capacity and functionality specified by the
customer per customer location.
Based on the router or switch model used, there may be limitations in the functionality that can be selected by
the customer. There may also be limitations in the type of functionality that can be added later, without
replacing CE equipment.
9
broadnet.no
2.4 Network topology IPVPN Managed can be run as a star network (point-to-multipoint), for example connected to the customer’s
head office or net-centric services at Broadnet, or by fully meshed topology in which all locations can
communicate directly to one another. If a star network is used, Broadnet, based on the customer’s
requirements, can determine to what degree indirect communication between locations shall be permitted.
2.5 Responsibility IPVPN Managed is supplied with a CE router/switch at each location owned and operated by Broadnet.
The interface between the customer and Broadnet is the CE router’s/switch LAN interface. Broadnet is
responsible for the supply and operation of the solution, including capacity in the core network, local access by
modem (normally) and CE router/switch. The customer is responsible for the local network and internal
cabling at each location, as well as the installation of the modem and CE router/switch.
Internal cabling at the customer's locations is not included in the IP VPN Managed service and any costs
related to fault situations/installation of internal cabling from the network terminal point (NTP) to the modem
is customer responsebility. In cases where the access provider does not own the internal cabling, local access
will be supplied to NTP according to the ”outside wall” principle.
Internal company networks from NTP to the installed RJ45 contact (or other) for connection of access
equipment, is also the responsibility of the customer; the same applies to costs of any new cabling and fault
correction in internal company networks.
Broadnet has the operational responsibility for the service, cf. arrow as in ”IPVPN Managed connection” in
Figure 2-1 on the next page.
Lokalaksess (xDSL,leid linje e.l.)
Ventelo Kjernenett
TegnforklaringDSLAM el. annet termineringsutstyr
Kundeutstyr
Nett Terminerings Punkt (NTP)
Modem
Ventelos ansvarKundeansvar Kundeansvar
Ventelo IP VPN Managed-forbindelse
”Customer Edge”
ruter/switch - eid og
driftet av Ventelo
CE Ruter
CE Ruter
Switch
Switch
Internkabling
Figure 2-1: Overview of areas of responsibility and demarcation point for IPVPN Managed
It is a condition that the terminal point for local access is placed in the immediate vicinity of the customer’s
LAN connection. This is normally resolved by internal cabling, installed by the installation company that
supplies the access connection. The customer is himself responsible for ordering and costs related to this.
Broadnet IPVPN Managed connection
Broadnet responsibility
«Customer Edge»
router/switch, owned
and operated by
Broadnet
Broadnet core network
10
broadnet.no
The customer can have access to SNMP read access to the CE router/switch, also access to ping for various
interfaces on the router/switch. With this service, in addition to Broadnet’s monitoring, the customer can also
use his own management systems with the solution.
Other access, such as telnet and ”SNMP write access”, to the CE router/switch will not be provided to the
customer. Among other things, this is to avoid any doubt regarding responsibility in the event of faults
occurring in the CE routers/switches.
2.6 Technical terms and conditions
2.6.1 Transmission quality
The values are mean values in normal situation, measured over a month from CE to CE. Quality parameters for
delay, packet loss and jitter does not apply when access lines when saturation above 75% utilization of
capacity, even for short time intervals.
* Accesses with asyncrone DSL technology is not included in the guarantees of transmission quality for Jitter and Packet
Table 3-4 Transmission quality
Measurment of packetloss: The percentage of data sent in the network, but not reaching the destination.
Data is collected from selected routers with an interval of five minutes. Monthly statistics on delay and
package deliveries calculated on the basis of the average of all samples from the previous month. Packet loss is
calculated using the formula below:
(Total data sent - total data received)*100
Total data received
Measurment of delay: Delay is the time it takes to send a data packet from sender to receiver (unidirectional
delay). Broadnet measures delay in terms of Round Trip Delay (RTD) corresponding delay from sender to
receiver and back to sender.
Measurment of jitter: Jitter is the variation in the time between packets
2.6.2 Network protocols
IPVPN is designed for the transport of IP, currently Ipv4. Routing between locations takes place based on IP. It
is a premise that the customer uses different IP subnets at each location. The customer may use both
unofficial IP addresses (RFC 1918) an official IP addresses in the network.
2.6.3 Packet sizes
MTU (Maximum Transmission Unit) specifies how many bytes can be transferred in an IP packet. MTU packet
size IPVPN is 1500 bytes. This is the same packet size as in most Ethernet-based LAN and is also standard,
among other things, in Microsoft Windows.
Traffic profile RT VOICE RT VIDEO BUSINESS LAN BULK STANDARD
DSCP value 46/EF 34/AF41 26/AF31 18/AF21 10/AF10 0/BE
Max packetloss 0,01 % 0,03 % 0,05 % 0,1 % 0,3 % 0,3 %
Max delay <1200km 43ms 45ms 47ms 51ms 55ms 55ms
Max delay >1200km 67ms 69ms 71ms 75ms 79ms 79ms
Max jitter* 15ms N/A
11
broadnet.no
The packet size may differentiate somewhat with the use of Mobile Backup and parallel networks.
2.6.4 DHCP (Dynamic IP allocation)
Individual CE routers can be set up with DHCP forwarding (also known as ”IP helper address”) for central DHCP
servers installed with the customer. Broadnet does not set up a DHCP service locally on individual CE routers,
since if this was the case we would have to be involved in the operation of the customer’s DHCP service.
2.6.5 Networktopology
IP VPN Managed include standard 'Fully meshed' VPN topology. As an option, the solution can be set up as a
star network (Hub & Spoke / point-to-multipoint).
When selecting HUB & Spoke, Broadnet may, based on customer requirement adapting to what extent indirect
communication between locations should be allowed.
Broadnet offers only one version of Hub & Spoke, where traffic on the HUB site will be separated logically on
ingoing- and outgoing-traffic. The service delivered to the customer LAN, either on a physical port, separated
on VLAN for inbound and outbound traffic, or on two physical ports.
2.7 Quality of Service (QoS)
2.7.1 Quality of Service
Quality of Service means in this context the quality that is defined for IP VPN Managed and/or the user’s
quality experience, taking into account the quality parameters of; jitter (variation in delay), delay, packet loss
and available bandwidth.
Different types of traffic/applications have different demands in regard to quality of service, and are of
different mission-critical importance for customers. This is resolved by prioritizing traffic in different traffic
classes with different levels of quality.
2.7.2 Traffic flow not traffic chaos
In a WAN solution, the customer will be able to run many different applications of varying importance for the
company's business and with different needs in regard to quality. It is important that all applications have
appropriate working conditions in order to function satisfactorily for users. Figure 2-1 below shows the
principal overview in which the users of the company's attempt to use a number of different applications at
the same time, such as IP telephony, ERP systems, video conferencing, Internet browsing and sending of e-
mail.
12
broadnet.no
Figure2-2: WAN- solution, in which users are attempting to run a number of different applications all at the
same time
The traffic begins to go slowly and applications do not function as intended; finally it is as good as impossible
to use IP telephony, videoconferencing or the order system.
Traffic flow
The solution here is to introduce a system based on IPVPN Managed with prioritization of the customers
various applications into different traffic classes with the appropriate quality. In this way, good flow is ensured
for all types of traffic. Prioritization of traffic by using different traffic classes with different qualities is often a
better solution than merely increasing bandwidth, as the working conditions for applications is also ensured.
However, it is important to note that the number of simultaneous video conferences and/or telephone calls
must be balanced against the available bandwidth.
2.8 Traffic prioritization and traffic classes In order to prioritize the customers various applications, it must be possible to divide these applications into
different traffic classes. Broadnet offers different traffic classes adapted to various applications’ characteristics
and identified (classified) applications are put into the desired/correct class.
Each traffic class has a set of quality parameters with certain values;
1) Jitter –variation in delay 2) RTD (Round Trip Delay) delay 3) Packet loss
13
broadnet.no
IP telephony is for example dependent on low packet loss and small variations in delay (jitter) in order to
function satisfactorily. Real-time video has the same requirements for limited jitter and packet loss, but has a
totally different traffic pattern, with variable packet sizes and an extremely dissimilar packet rate and should
therefore be in a separate traffic class than IP telephony. Terminal traffic (for example Citrix) is especially
affected by high delays through the network.
These application examples are thus dependent on continual bandwidth and correct quality and may be
negatively affected if the availability of bandwidth in periods is limited by other traffic and/or the quality in the
network depreciates. This can be counteracted by identifying critical traffic and giving this priority in front of
less critical traffic, such as for example e-mail replication and web traffic, and that the applications are sent in
traffic classes with a quality level adapted to the individual application’s characteristics.
IPVPN is designed to recognize and prioritize 6 traffic classes. Table 2-2 below shows which classes are defined
and examples of the type of application that can fit into each class.
Traffic class Application type Application example
Voice For typical real time applications that are sensitive to variations in delay, delay in general and packet loss
Telephony applications
Video Video conference real-time
Business Interactive traffic such as ERP applications and other applications that are sensitive to delay and packet loss
IFS, SAP, Citrix, Movex
LAN Interactive applications with small transfer amounts, or traffic that is to be prioritised after Business - less mission-critical
Payment transactions, measurement data
Bulk traffic ”Large data transfers” that are not sensitive to delays or packet loss
Backup/restore and replication of large amounts of data
Standard Robust and non mission-critical applications Internett browsing (ftp), e-post, backup, replication
Table 2-2: Defined traffic classes and examples of application types and/or applications
Traffic classes can be divided into two groups:
Voice and video classes are of the type “RealTime”
The remaining classes are known as “Data classes”
All traffic that is not specially classified, will be put in the data class ”Standard”. This will also apply to
customers that do not order the Traffic Prioritization product.
2.9 Traffic profiles A set of traffic profiles is designed based on the traffic classes that are defined for prioritization of different
applications. The profiles are composed of the different traffic classes, based on ”best practice” and
Broadnet’s experience.
The customer selects the profile that passes best per location, in relation to which applications are to be used
in the solution, based on application characteristics and commercial considerations.
The customer must decide himself which applications are to be prioritized and which traffic classes are to be
used. However, it is important that the solution is designed taking into account which locations are to
communicate with other locations, such that the prioritization mechanisms can be fully utilized. For example,
it is important that the profile with RealTime Voice is selected at all locations that use IP telephony, although it
is possible to use different profiles within a solution.
14
broadnet.no
In principle, the same profiles are used regardless of the access form. However, for xDSL accesses, the capacity
is ”shaped” down to the nearest full Mbps.
2.9.1 Standard profiles
See Figure 2-3 below for a visualization of available standard traffic profiles. The profiles are designed to offer
prioritization of up to 4 different traffic classes simultaneously, dependent on the selected profile.
Figure 2-3: Defined standard traffic profiles
2.9.2 Extended profiles
For customers with special requirements, there are two extended profiles, see Figure 2-4 below. These profiles
are only offered by request and require a special connection to Broadnet’s network.
“Extended profiles” offer the possibility to prioritize up to 5 or 6 different traffic classes simultaneously.
Trafikkprofil 5
30%
RealTime
- Voice
Trafikkprofil 4
25%
Standard
Trafikkprofil 3
55%
Business
50%
Standard
50%
Business
Trafikkprofil 1
100%
Standard
Trafikkprofil 0Trafikkprofil 6
70%
RealTime
- Voice
25%
Standard
20% LAN
Trafikkprofil 2
30%
RealTime -
Voice
35%
Business
10% LAN
20%
RealTime
- Video
20%
Business
30%
Standard
5% RT Voice
35%
RealTime -
Video
35%
Business
25%
Standard
15
broadnet.no
Figure 2-4: Extended traffic profiles
2.9.3 Traffic profiles with the use of partners
If IPVPN is supplied outside of Norway, Broadnet uses partners to provide IP VPN-access for connection to
Broadnet’s network. It is necessary to take into account the type of traffic prioritization and QoS level that
these supply. Broadnet has, however, strived to design profiles that are as closely adapted as possible to the
profiles that are defined for supply in Norway.
2.9.4 Design of solution with traffic prioritization
Design and implementation of an MPLS-based WAN solution with traffic prioritization requires specialist
competence both in regard to how the QoS and traffic prioritization functions, also knowledge of the
customer’s network solution and applications. A solution designer at Broadnet will therefore be able to assist
in this process as part of the IPVPN Managed service. In consultation with the customer, identification will be
made of how the customer’s specific applications should be prioritized in order to effectively utilize the
individual traffic classes and to design an optimal network solution based on the customer's demands and
commercial requirements.
2.9.5 Functionality of traffic classes
Flexibility
Even though traffic prioritization for IPVPN Managed is based on pre-defined profiles, the service is highly
flexible. The customer does not need to use all of the traffic classes in a selected profile. This makes it possible
for the customer to adapt the service to his needs, and the bandwidth per location will be utilized optimally; at
the same time consideration is taken for that applications will function optimally in accordance with the stated
characteristics.
Trafikkprofil 11
30%
RealTime
- Voice
Trafikkprofil 10
20%
Business
30%
Standard
10% RealTime - Voice
10% RealTime - Video
20%
Business
30%
Standard
10% LAN
20% Bulk
10% RealTime - Video
10% LAN
16
broadnet.no
RealTime classes
Based on the characteristics of typical real-time applications, all traffic in real-time classes that runs outside of
the selected profile is designed to be rejected. This is done to ensure the required quality in order for these
types of application to function optimally.
The audio part of the video class will go in the voice class if this traffic is tagged as voice. Some video systems,
however, tag the voice part such that this will go in the video class.
If the need arises for more capacity for real-time applications, available bandwidth for the specific location
must be increased; the maximum number of telephony and/or video channels that can be set up at the same
time from/to the location must be reduced
Data classes
Traffic in the data classes can utilize available capacity, also outside of that which the profile is designed for.
If there is too much traffic in a data class, this is only rejected if the other classes are running at full capacity of
that for which they are designed. This is to ensure good traffic flow for all traffic also to ensure the correct
quality for the applications that are running.
The quality level for traffic that runs over another class than that which the application(s) is/are designed for,
cannot however be guaranteed. Therefore there may be a need to increase the available bandwidth in order
to achieve the correct effect in the traffic prioritization service.
An example of traffic flow
The customer selects Traffic Profile 3, 30% Real Time Voice, 35% Business, 10% LAN (Transaction) and 25%
Standard. This traffic profile is installed at the head office, with an IP VPN access of 20Mbps, and thus total
available bandwidth.
1. The customer sends 30% Voice, 10% LAN and 25% Standard traffic. In addition the customer sends more than 35% Business traffic, e.g. 50%. In this case 15% of Business traffic will be rejected. The traffic in the remaining classes will get their allocated bandwidth and quality. The customer in this example runs too much traffic in total and should upgrade his IP VPN access, i.e. increased the available bandwidth, if this is a normal situation.
2. If the customer however does not utilize the remaining traffic classes in full, may be thus: the customer continues to send 30% Voice, but no traffic in the LAN class and only 205 in the Standard class and can thereby send 50% Business traffic and still not exceed the available 20 Mbps. 30% that is the guaranteed bandwidth, in addition to 15% that is ”loaned” from the other data classes that are defined for Profile 3. The correct quality level is only guaranteed however for the traffic that falls within 30%.
3. The customer tries to set up several simultaneous telephone calls than that which the 30% Voice capacity That Profile 3 allows for, i.e. he wishes to run Voice traffic over 30%. All Voice traffic that exceeds 30% (of 20 Mbps), will be rejected.
17
broadnet.no
2.9.6 Implementation of traffic prioritization
Traffic prioritization is implemented over the IP VPN access. Traffic is prioritized both in from the CE router
(customer side) and out from the PE router (network side).
The customer's applications are placed in the correct traffic class and are prioritized and transported based on
the quality parameters as defined for the given traffic class.
1. The traffic is classified on the CE router’s LAN port (customer side)
2. The traffic is prioritized on the CE router’s WEAN port and is ”shaped” in accordance with the capacity of the IP VPN access (customer side).
3. The traffic retains the information on classification and prioritization through the core network.
4. The traffic is prioritized out from the PE router (network side) and is ”shaped” in accordance with the capacity of the IP VPN access
2.9.7 Tagging of traffic
In order to send out different traffic types (applications) in the correct class, the traffic must be tagged. The
applications will either be tagged in the CE router by Broadnet, or the customer will tag the traffic himself -
also including when tagging is complete in the application.
It is possible to combine the two methods of classifying traffic; Broadnet-classified and customer-classified
tagging.
All traffic that is not specially tagged, will be put in the data class ”Standard”.
Broadnet classification of traffic
If Broadnet is to tag the traffic this is done based on the customer specifications, and/or based on an already
defined setup based on known ports, see Appendix A below. Traffic in the Business class is tagged when using
the standard setup.
Applications that are run in the network, for example IP telephony and various ERP applications, identified by a
Broadnet operated CE router based on the specifications given by the customer.
Classification of traffic can be based on known ports, customer specific TCP/UDP ports, (sub) interface or
source and/or destination IP addresses. It is also possible for Broadnet to re-tag based on the customer's own
tagging.
CE-ruter PE-ruter PE-ruter CE-ruter
Lo
ka
lne
ttL
ok
aln
ettIP VPN-
aksess
2
Ventelos kjernenett
1 2 3 4
18
broadnet.no
Customer classification of traffic
If the customer himself chooses to tag the traffic this must be carried out in accordance with DSCP values as
specified in Table 2-3 below. The applications are placed in the different traffic classes based on this
identification.
Traffic classes Values Description (dscp phb)
RealTime Voice 46 EF Expedited Forwarding
RealTime Video 34 AF41 Assured Forwarding
Business 26 AF31 Assured Forwarding
LAN (Transaction) 18 AF21 Assured Forwarding
Bulk traffic 10 AF11 Assured Forwarding
Standard 0 BE Best Effort
Table 2-3: DHCP- values defined for the different traffic classes
If the CE router (operated by Broadnet) handles the identification, the customer does not need to adhere to
these DSCP values.
3 Add-on Services
3.1 Parallel networks (MultiVPN) A network solution based on IPVPN Managed can be designed to contain several separate networks/VPN in
parallel, MultiVPN. Units on each of the separate networks can communicate with each other over the IP VPN
solution. At the same time, IP VPN Managed does not allow traffic between different separate VPN.
19
broadnet.no
The principle can be explained in a simple manner with an example:
Figure 3-1 Example of the use of IP VPN with parallel networks
Figure 3-1 above shows a potential solution for a company that has both PCs used by employees and PCs used
by guests. As visitors are not granted access to the company's internal systems, there is a need to separate the
networks. However, as both employees and guests are to have access to the Internet and central systems
installed at the head office, both of these separate networks are transported between the company’s
departments. In addition, IT system operations personnel at the head office must be able to remotely control
switches at several of the company’s department offices, without the company's other employees having
access to these.
This means that there is a need for transport of 3 networks in parallel; for IT operations, employees and
customers. Each CE router has only physical or logical LAN interfaces for the networks that are represented in
the departments in which they are located. Departments 1 and 5 in the example only have PCs for employees
and no switches that require remote control. Therefore, they only have the network for employees
represented. Departments 2, 3 and 4 have PCs both for guests and for employees, and have networks of both
customers and employees represented. Departments 2 and 3, in addition, have switches that are controlled
centrally from the IT department, and therefore have the IT operations network represented.
CE routers can either supply each separate VPN on a separate physical interface or in one interface separated
at VLAN at a switch. In Figure 3-1 this is exemplified with several physical interfaces in Department 4 and VLAN
at the head office, also Departments 2 and 3.
20
broadnet.no
The CE routers and IP VPN solution as a whole keeps the different networks totally separate. Security in regard
to joint resources and the Internet is safeguarded by firewalls at the head office, which the company itself
manages. Security between the separate networks is in this way completely and fully under the company's
control.
3.1.1 Parallel networks and network topology
IPVPN Managed can be supplied both as a star network and with fully meshed topology, see chapter 2.4
above.
When parallel networks are supplied, there may be limitations in relation to how many of these networks can
be supplied as fully meshed networks. Any limitations may mean that only one VPN can be supplied as fully
meshed and the others must be implemented as star networks. For the star networks it is the choice of the
customer, per VPN, whether communication between the individual locations is to be allowed.
3.2 Redundancy For customer locations with extra demands in regard to service reliability, for example the head office or a
data center in which applications are centralized, we offer several variations for redundancy. Depending on
the type of redundancy selected, this will significantly reduce the chance of downtime.
Figure 3-2: IPVPN Managed solution with line redundancy at a central location and GPRS/ISDN backup at two
branch offices
Figure 3-2 above illustrates the different grades of redundancy offered and how these can be combined in a
single solution.
21
broadnet.no
The following service types are offered:
IP VPN Line redundancy
IP VPN Mobile Backup
The following sections describe the different services in further detail.
3.2.1 IP VPN Line redundancy
For locations with especially stringent demands in regard to service reliability, such as for example a data
center, line redundancy is a good alternative.
At the customer location, two CE routers are installed, each with their own IPVPN access. It is a requirement
that the primary and secondary access is supplied via independent separate data lines. The transfer from
primary to secondary CE router and access takes place automatically using HSRP (Hot Standby Routing
Protocol).
IP VPN Line redundancy can also be used to build in redundancy for geographically separated units, for
example primary and secondary data centers. This requires that the customer has a connection between the
two locations outside of the WAN.
Primary access in a redundant solution is supplied as fiber/leased line, whilst the secondary access is supplied
as xDSL or as fiber/leased line. An evaluation of the physical circumstances will be required at a location before
IP VPN Line redundancy can be offered.
Locations with IP VPN Line redundancy will qualify for a quality level of 99.9% availability. One individual fault
will in principle not lead to downtime for a location with line redundancy.
3.2.2 IP VPN Mobile Backup
With Mobile Backup a location will still be able to communicate if a fault should arise in a modem, IP VPN-
access or PE router. This is done by the CE router automatically switching over to a GSM/3G network to
continue to send data traffic in a fault situation. Transfer to the backup solution may take 3-4 minutes.
Mobile Backup is installed per customer location that requires a backup solution. If the customer has
implemented several VPN, it must be specified which VPN backup is required for.
In order to ensure that the customer’s most critical traffic/applications get through in a backup situation,
access lists can be set up in the controlling CE router. An individual access list is defined per VPN, and this must
be the same for all locations with Mobile Backup for the given VPNet.
Mobile Backup is currently available for locations in Norway.
The service includes a GSM subscription and the cost of data traffic in a fault situation. However, if a fault in a
location leads to more than 5GB of traffic over a backup solution in the course of a month, traffic over 5GB will
be invoiced based on the amount of data.
The effectiveness of the MOBILE Backup service will depend on the distance from the customer location to the
base station(s) and the strength of the signal/interference.
Locations with Broadnet MOBILE Backup will qualify for 99.7% for the quality parameter availability, based on
the premise that the location has coverage in a fault situation.
22
broadnet.no
Capacity and stability
It is not possible for Broadnet to guarantee the capacity of a backup connection in a fault situation, nor to
guarantee any coverage at the location in a fault situation.
Table 3-1 below shows typical values for capacity and an indication of the delay that may occur using various
technologies for MOBILE Backup.
Technology/service Uplink Downlink Delay (1-way)
EDGE 80 Kbps 140 Kbps 250-300 ms
UMTS 250 Kbps 400 Kbps 150-200 ms
HSDPA 300 Kbps 700 Kbps 100-125 ms
Table 3-1: Typical capacity and delay
The speeds listed above are average speeds observed over multiple carrier networks at different times of the
day. Actual speeds will vary depending on the number of users, distance to base stations and signal
strength/interference.
The CE router’s standard configuration is such that the router selects the radio band in auto mode. In auto
mode the router selects 3G (HSDPA [UMTS+], UMTS) if the signal is better than -100dBM; if not the router falls
back on 2G (EDGE *MOBILE++, MOBILE). Within 3G and 2G, ”enhanced” is selected if this is available - HSDPA in
preference to UMTS and EDGE in preference to MOBILE.
For a stable connection, RSSI > 90dBm is required. A connection with RSSI = -125dBm means that there is no
signal.
For locations with variable coverage on 3G, in certain cases it can be best to configure the CE router to ”GSM-
all-bands” to achieve a more stable line, instead of the highest possible speed. This can, for example, be used
where stability is more important than speed. This can be a good solution if the connection is only to be used
for backup of smaller transactions, e.g. payment transactions.
3.3 IPVPN OffNet – connection via Internet The primary coverage area of IPVPN is Scandinavia; Norway, Sweden, Denmark and Finland. However, several
customers have one or several locations outside of this area. These locations can be included in the customer’s
WAN solution by using the service IPVPN OffNet.
IPVPN OffNet is run over an encrypted connection over the Internet.
For these locations, Broadnet will supply an IPSec-based VPN terminated net-centrically in Broadnet’s core
network via a firewall and will be made accessible for the rest of the customer’s IP VPN Managed solution. A
CE router is installed that handles 3DES encryption (or DES if 3DES is prohibited by local authorities) into
Broadnet’s core network.
23
broadnet.no
Figure 3-3 below shows an overview of a solution that includes two OFFNet locations.
”Customer Edge” Ruter -Ruter eid og driftet av Ventelo
Lokalaksess
Ventelo Kjernenett
Tegnforklaring
Kundens VPN
CE Ruter
Internett
Internettaksess, Kundens ansvar
Nettsentrisk Brannmur, eid og driftet av Ventelo
Brannmur
Hovedkontor
Avdelinger CE Ruter
CE Ruter
CE Ruter
Ventelo IP VPN OffNet
CE Ruter
CE Ruter
klynge
Brannmur
Salgskontor el.- Singapore
CE RuterSalgskontor el.- Malaysia
CE Ruter
Figure 3-3: Principle sketch for the use of IPVPN OffNet in Malaysia and Singapore
IPVPN OffNet locations can be members of several parallel networks, if several VPN tunnels are set up. Traffic
prioritization is however not available for IPVPN OffNet locations. The customer himself must install or use an
existing Internet access as local access to the CE router. It is a condition that the Internet access has a fixed,
official IP address.
Beyond the stipulations listed above, Broadnet does not decide which Internet service provider is to be used
by the customer or the specific quality required by the access. However, Broadnet will not have any
operational responsibility for the Internet access. This also means that Broadnet’s quality guarantees do not
apply where IPVPN OffNet is used.
Despite the above stated reservations, the use of IPVPN OffNet will provide customers with a complete
network also outside of Norway.
Broadnet core network
Broadnet IPVPN Off-net
Nett centric firewall, owned
and operated by Broadnet
«Customer Edge» router, owned and
operated by Broadnet
24
broadnet.no
4 Supplementary services
4.1 Internet access Internet access can be supplied along with IPVPN Managed in several ways:
Figure 4-1: Example of an IPVPN Managed based solution with Internet access, dedicated or net-centric.
4.1.1 Internet BreakOut
Internet Breakout can be configured per customer location, but advised delivered at a central punk ten
Customer networks. The service provides direct access to the Internet without any kind of security. Customer
safeguards assertiveness against Internet in their own firewall.
If Internet Breakout is delivered at a central location, for example on the customer's headquarters or data
center, can other sites use Internet via the customer's central location. This solution transport Internet traffic
over the same local access as all other traffic in the customer network. Traffic Prioritization can however be
implemented to ensure priority of another type of business-critical traffic.
4.1.2 Net-centric Internet access - Secure Internet Gateway
The service Secure Internet Gateway offers customers secure access to the Internet via a net-centric firewall in
Broadnet’s core network. All locations can thereby communicate securely with the Internet without going via
the customer’s head office, data center or similar, and this limits the capacity required at the central location,
and at the same time security is safeguarded by firewall functionality.
«Customer Edge» router, owned and
operated by Broadnet
Broadnet core
network
Firewall, owned
and operated by
Broadnet Broadnet Internet
25
broadnet.no
The network capacity per location is utilized optimally by combining intranet and Internet traffic in the same
access. Traffic prioritization can be implemented to ensure prioritization of mission-critical traffic.
Firewall functionality supported by Secure Internet Gateway
An official IP address per VPN for outgoing traffic (NAT = Network Address Translation)
All outgoing traffic from VPN is permitted. This traffic has NAT applied.
One customer specified IP address on the inside of VPNet can be made available for access from
the Internet with the following services: SMTP (e-mail), HTTP/HTTPS (web), RDP, POP3, IMAP.
This is done via NAT on the central firewall.
Weekly reporting (log analysis)
Limitations
On the inside of the IPVPN network, it is not possible to change the following services: SMTP (e-
mail), HTTP/HTTPS (web), RDP, POP3 or IMAP, including the selection of ports, restrictions on
addresses on the outside that shall have access to these, or to spread the services over several
machines.
Reports (log analysis)
A weekly report (log analysis) is available as an option for Secure Internet Gateway.
26
broadnet.no
4.2 Security and net-centric services In addition to the IPVPN service enabling communication between the customer’s locations, the service can
also be used for access to net-centric services central in Broadnet’s network.
Figure 4-2: Example of net-centric services for an IPVPN Managed solution
27
broadnet.no
4.2.1 Customer-adapted firewall
Broadnet has extensive experience and competence in the supply and operation of network security services.
Broadnet’s solutions include among other things the service ‘Customer-Adapted Firewall’.
Examples of functionality in Customer Adapted Firewall
URL (Web) filtering
Virus scanning (also for e-mail if the customer has an e-mail service supplied by Broadnet)
DMZ (via own VPN)
Weekly reporting (log analysis)
Reports (log analysis)
A weekly report (log analysis) is available as an option for Customer Adapted Firewall. For more information
see chapter 5.3.4 below. Customers that have installed Secure Internet Gateway and wish to have a more
advanced security solution, can migrate to Broadnet Customer Adapted Firewall.
4.2.2 Connection of several VPN
With IPVPN net solutions can be established in which several VPNs are connected together via a net-centric
firewall functionality in Broadnet’s core network.
The customer can for example have a need for communication with a partner’s IPVPN solution, or wish to
separate home office users in a separate VPN.
4.2.3 Home offices and Mobile users
Access for home offices and Mobile users can be made available via VPN clients, IPSec VPN, or SSL VPN on the
user's PC, which communicates with the firewall at Broadnet. For users that do not already have an Internet
access they wish to use, Broadnet can supply Internet access based on various access types and adapted
capacity.
4.3 NETS/Payment access
4.3.1 Net-centric payment access
Net-Centric Payment Access offers customers secure access to payment services via a net-centric firewall
localized in Broadnet’s core network.
Net-Centric Payment Access is suitable for customers with integrated back-office/terminals and/or customers
with a relatively large number of locations that run payment transactions.
All locations can communicate with the payment service provider without going via the customer's head office
or data center, whilst at the same time security is safeguarded in the firewall.
Access capacity per location is utilized optimally by combining Internet traffic and payment transactions in the
same access. Traffic prioritization can be implemented in order to ensure prioritization of mission-critical
applications.
Net-Centric Payment Access follows the IP VPN Managed solution’s design and offers the same level of
redundancy built into this solution.
28
broadnet.no
5 SLA Service Level Agreement Included as part of the IPVPN Managed service is a defined service quality - also known as Service Level
Agreement (SLA). The SLA specifies the quality agreed between the customer and Broadnet for the IPVPN
Managed service.
Broadnet’s Service Level Agreement (SLA) for IPVPN Managed is designed such that the quality level of service
can be adapted to the customer's requirements and/or cost/benefit analysis per location. This, along with the
reporting possibilities available, offers customers a predictable network and an excellent opportunity to follow
up the solution’s quality level.
Each quality parameter has a predefined quality level which indicates whether the IPVPN Managed service lies
within the agreed quality.
Please note that at this current time there may be variations in the agreed quality level for customer locations
outside of Norway. For these locations, technical personnel at Broadnet, on request, will assess which agreed
quality level Broadnet can offer per quality parameter based on the location’s geographical area and
requirements.
5.1 Servicetime Service time specifies the time period Broadnet performs error correction on the service. The customer can
choose Basic, Extended or Continuous service time. If desired debugging beyond the agreed service time must
be requested in each case with an associated cost for emergency and work. Broadnet can not guarantee that
such extra error correction can be performed.
5.2 Quality Level Broadnets redundant Core is designed for high service availability. The following Quality level can be selected
for the service:
Parameter Level 1 Level 2 Level 3
Availability pr Quarter 99,60% 99,75% 99,99%
Physical fault correction < 8 hours < 5 hours < 3 hours
Terminalbaset fauilt correction < 4 hours < 3 hours < 10 minutes
Access realisation Single Redundant Redundant with fys.
diveristy
Responstime < 1 hours < 30 minutes Instant
Feedback < 2 hours < 30 minutes < 10 minutes
29
broadnet.no
6 Performance Management
6.1 Background Today, more than ever, the performance of the customer's network reflects the business results. All
organizations are dependent on a costeffective IT infrastructure to remain competitive and grow. As networks
become more critical; it also becomes more complex in - scope, geographic reach, number of applications,
technologies and access methods must support.
Broadnets solution "Performance Management" in combination with appropriate traffic prioritization in the
network, will ensure customer communications solution.
6.2 Performance monitoring - VPNview Customer will have web access to a version of Performance Monitoring system vpnview.broadnet.no.
Figur2-1 below shows a limited choise of functionality available online in a web basted monitorering system.
Figur2-1 - VPNview – Broadnets Performance Monitoring system
30
broadnet.no
In summary, the system will provide the following functionality for the customer:
Graphical representation of bandwidth consumption at each location, distributed on physical
interfaces, networks (eg. Guest network or internal network) or quality grade. An example of the
latter is shown top right of Figur2-1 and will be available as soon as the configuration of traffic
prioritization in the routers is updated to support this
When selecting desired data, graphs for the last day, week, month and year are shown. Customer can
however customize these graphs further, with regard to measuring period, the size of the graph and
for several of the data, also which data should be displayed. (For traffic across physical ports or VPN,
Customer instance choose peak bits per second, packets per second, bytes per packet or error /
packet drop in addition to the default view for bits per second.)
Packet loss and delay per QoS calss as well as jitter and MOS (Mean Opinion Score) for voice traffic.
Here can the Customer in real time verify whether their traffic to the individual location and the
individual quality class is according to agreed values. MOS value of voice traffic is a measurement for
perceived speech quality in IP telephony solutions, and can thus be used to assess the extent to which
quality in the network affects the quality of IP telephony transported over the network. Bandwidth
graphs are also displayed basically for the last day, week, month and year, with the possibility to
customize both measuring period and size of the graph
In a "Hotspot" view, shown bottom left in Figure 2-1, the Customer may extract "top n" reports of
parameters in the network, eg. the 5 locations with the highest percentage of bandwidth utilization.
Customer elects number locations to be listed, which parameters desired report and, if desired, a list
of graphs or only numeric values
An overview of technical availability, shown bottom right of Figur2-1, Customer see technical
availability for the individual lines in IPVPN solution. Displays total availability over each connection,
both pirmær and backup communications through redundant locations, regardless of cause
downtime. This may therefore not directly correlate to agreed uptime guarantees such reports are
described in section 5.2, but can show real-time availability "unfiltered" so that all downtime for
whatever reason is visible
A "Ping" button in the web interface for the individual location, enable the Customer to verify
whether there is contact over the individual lines 'right now'
The Customer has acces through VPNview to traffic both IPVPN network and central Internet access.
31
broadnet.no
6.3 IPVPN SLA Report The report provides an overview and detailed information on the availability for the customer solution that
has been achieved through a measuring period. Measurements are made according to agreed quality level for
availability as stated in the customer's SLA (Service Level Agreement). In addition the report contains a table of
major error situations if reported.
The report is based on data from Broadnet Ticketing System separating downtime due to faults outside
Servicetime, wich is not included in the availability calculation. The report is very suitable also for bigger
solutions when it summarizes overall data for the solution as a whole, in addition to containing tables with
detailed information about downtime per location. The reports are electronically available to the customer in
pdf format.
Figur 6-1 under shows an example of a SLA and Fault Analysis report
Figur 6-1: Example of a SLA and Fault Analysis-report
The report first page shows the current up-time SLA and a list of the locations with the most downtime last period according agreed service time, with any SLA overruns clearly marked in red. First page also shows a list of the locations that have had the most downtime last year, which can be useful to reveal locations with recurring problems. A pie chart shows the percentage of locations that have had outages of varying duration
The customer gets a quick glance at the report's first page and very good idea about operational
stability in IPVPN network and possibly central Internet access
The second page shows a list of major common error (if any), which Customer locations that have
been affected, as well as a brief description of common error. Farther down the page has the
personnel of Broadnet prepared a summary of important operating related incidents last period
Subsequent pages of the report includes a calendar with an overview of downtime for each location,
specified in hours and minutes for those days there has been downtime, and accumulated downtime
period and percentage uptime for each location. Also here highlighted any SLA violations in red
The reports are based on data from the Vendor ticketing system. In this system any errors due to
circumstances at the Customer (as power outages) site , announced planned work in the service window and
any delays in debugging due Customer registered.
32
broadnet.no
7 Price
7.1 Price structure
The service is priced with a start up price and a monthly price. Start up prices of the service depends on the
agreement length and the service type. Additional prices, i.e internal cabling, relocation and other work in the
customer premesis, is not included in start up price.
33
broadnet.no
8 Faultprocedure and Faultcorrection time Broadnet monitors the service 24/7, throughout the year. Broadnets Network Operations Center will discover
many types of errors, and will then notify about this within AST (Agreed Service Time). In those cases the
Customer detects errors on the service that the Customer has been notified, this must be notified to Broadnet
as quickly as possible. Before customer reports errors to Broadnet it is important that own equipment is
checked. If a customer reportes errors wich are in the Customer Equipment, Broadnet will charge for
troubleshooting, outside responsibility.
If an error or a problem occurs, the necessary investigations and corrective actions must be initiated under
Broadnets specifications for error handling. Errors may be reported per. Telephone or email. Broadnets
Customer needs the following information:
Circuit number
Decription of the fault
Modem status (if possible) and a confimration that own customer equpiment has been checked
Telefonnumber, telefax number og e-mail to customer contact person for testing and access
Time of insindent
Address (where feasable)
Other relevant information
Fault reports and confirmations are reported to Customer pr. phone or email in an approved manner.
VDSL, ADSL and SHDSL accesses has a standard no guarantees fault rectification. For an additional price it is possible to order an upgrade with a guarantee of fault rectification for the access.
34
broadnet.no
Appendix A Standard classification setup If the customer wishes, Broadnet can classify the traffic according to a standard setup such as specified in
Table 6-1 below:
It is traffic in Business class that is tagged when using the standard setup.
APPLICATION TRANSPORT
PROTOCOL
PORT NO. PORT RANGE
Citrix TCP/UDP 1494, 1604, 2598
SAP TCP/UDP 3200 3399
RDP Remote Desktop Protocol TCP 3389
TELNET TCP 23
SQL TCP 1433
DISPLAY SYSTEMS PROTOCOL TCP/UDP 246
Table 6-1: Broadnet classified traffic, standard setup for prioritization in Business class
35
broadnet.no
Appendix B Abbreviations and definitions
Abbreviation/Definition Explanation
(Broadnet) IP VPN-access (Broadnet) IP VPN-access
Comprised of components: local access and VPN connection via Broadnet’s core
network
3DES Triple Data Encryption Standard
Encryption algorithm for secure encryption of data. A further development of
DES, that in certain countries is still the only permitted encryption algorithm.
ADSL
Asymmetric Digital Subscriber Line
An existing telephone line at the customer is used to transport data to the
supplier’s network. In Norway all ADSL providers use the telephone line that
was originally established by that which is now Telenor. At the customer, the
ADSL access terminates in a modem or a router/switch. In the telephone
exchange, the access is connected to the relevant ADSL supplier’s equipment.
ADSL is asymmetrical, which means that the customer has a higher capacity
bandwidth in (downloading) than out (uploading).
Access or local access Access or local access
The connection that connects the customer's location to Broadnet’s core
network - from the modem to PE router.
Alternative infrastructure Alternative infrastructure
Infrastructure for the supply of accesses when Broadnet cannot supply within
its own infrastructure. Access from a third party operator
BBS Bankenes Betalings Sentral
See Nets.
CE-router/switch Customer Edge router/switch
A router/switch placed at a customer location; can either be operated by
Broadnet, a distributor/service provider or by the customer himself.
DHCP Dynamic Host Configuration Protocol
Automatic allocation of IP addresses and other IP configuration to PCs and
other network units.
DSL Digital Subscriber Line
Common term for ADSL and SDSL/SHDSL. See definition of ADSL, SDSL and
SHDSL for further specification.
Completion notification Completion notification
A completion notification is sent to the customer after the ordered
service/amendment has been supplied. It contains the date of the start of
36
broadnet.no
Abbreviation/Definition Explanation
invoicing for the service.
Final check Final check
Broadnet’s supply control to ensure that the service has been supplied in
accordance with the specified functionality.
HSRP
Hot Standby Router Protocol
Technology that means that a secondary router (”hot standby router”)
automatically takes over the IP address of the primary router if this router loses
contact with the network becomes unavailable.
Information message
Information message
Notification of any exceptions in the supply process that need addressing.
Contains a description of the exception and information concerning possible
action to be taken.
IP Internet Protocol
Network protocol developed for what is now the Internet (hence the name),
but is now the most frequently used protocol for routed networks.
IP VPN
IP Virtual Private Network
IP-based Virtual Private Network. Common term for several technologies used
for WAN - wide area networks. Networks are implemented as virtual separate
networks across the service providers, network and are based on the transport
of IP.
ISP Internet Service Provider
Company selling and providing Internet services
Jitter Jitter
Variation in delay between a given point A and another point B.
Customer Customer
Contract holder with Broadnet and/or customer of distributor or reseller that
distributes the IPVPN services.
Quality parameters
Quality parameters
Term used to describe the various parameters that can be used to measure
quality against the agreed Service Level Agreement/service quality for IPVPN.
Examples of quality parameters are; availability, jitter, RTD and normal repair
times.
LAN Local Area Network
Often referred to as local network A LAN is a network that connects units within
a geographically limited area, often within same building.
37
broadnet.no
Abbreviation/Definition Explanation
One often refers to several separate local networks in which there are
limitations in the communication between the networks as separate LANs.
Supply date Supply date
The day that an ordered service/amendment is available for use by the
customer.
Delivery time Delivery time
The time from when Broadnet receives a correct order until the supply date.
MPLS
Multi Protocol Label Switching
Network protocol that permits the transport of several separate networks over
the same line and network components. The separation can be compared to
VLAN; however MPLS offers among other things are better possibility of routing
traffic over redundant connections.
Broadnet uses MPLS in its core network to combine separation of individual
customer’s networks and two at the same time safeguard redundancy.
Nets
Nets
Company that handles electronic IS and payment transactions.
Formally BBS (Norway) and PBS (Denmark).
NTP Net Terminal Point
Termination point for the access line
Packet loss Packet loss
A percentage of packets from a given point A that do not reach another given
point B.
PE-router Provider Edge router
Router in Broadnet’s MPLS-based core network for connection of customer
locations.
QoS
Quality of Service
This definition is used often in several contexts. In connection with IPVPN, it is
the quality defined for the service and/or experienced by the customer (or by
traffic class), that is referred to as QoS.
RTD
Round Trip Delay
The time it takes traffic to reach from a given point A to a given point B and
back again. This is for example the value presented as ”round trip delay” when
sending the ping command from one location to another.
SDSL Symmetric Digital Subscriber Line
An existing telephone line at the customer is used for the transport of data to
38
broadnet.no
Abbreviation/Definition Explanation
the supplier’s network. In Norway all SDSL providers use the telephone line that
was originally established by the company that is now Telenor. At the customer
the SDSL access terminates in a modem or a router/switch. In the exchange the
access is connected to the relevant SDSL provider’s equipment.
SDSL, in contrast to ADSL, this symmetrical, which means that the customer
gets the same bandwidth in (downloading) as out (uploading).
SHDSL Symmetric High-Speed Digital Subscriber Line
In general, SHDSL is the same as SDSL. In connection with IPVPN the term SHDSL
is used. See also SDSL.
SLA Service Level Agreement
Contract between Broadnet and the customer pertaining to service levels. Also
referred to as ”service quality”.
SNMP Simple Network Management Protocol
Protocol used for obtaining technical operational information from units in the
network.
Service quality Service quality
Contract between Broadnet and the customer pertaining to service levels. Also
referred to as ”SLA”.
Traffic classes
Traffic classes
Service classes with various defined quality adapted to different applications
characteristics and for prioritization of these. Defined traffic classes; RealTime,
Business, LAN and Standard.
Third-party operator Third-party operator
Operator providing alternative access, where Broadnet cannot supply within its
own infrastructure.
Broadnet core network Broadnet core network
Broadnet’s MPLS-based trunk network. Scandinavian coverage.
Business days Business days
Working days Monday to Friday with the exception of public holidays.
VLAN Virtual LAN (Local Area Network)
Several LAN (see separate description) are transported over the same line, cables
or switches without the possibility of internal communication.
VPN Virtual Private Network
Term used to describe data technology used to create ”point-to-point”
connections, so-called ”tunnels” through another data network, such as Internet
39
broadnet.no
Abbreviation/Definition Explanation
or an operator's private network.
It is possible to have encrypted VPN, for example based on IPSec, SSL or L2TP or
so-called ”trusted VPN” which for example can be based on MPLS (Multi Protocol
Label Switching).
VRF
Virtual Routing and Forwarding
Makes possible several separate routing tables on one and the same router. This
means that, among other things, in practical terms it is possible to use the same
router to transport several networks that cannot inter-communicate.
WAN Wide Area Network
A network that connects units within a wide geographical area.
