Download - Extreme Networks Update - Swiss Network Operators Group · Extreme Networks Confidential and Proprietary Extreme Networks Metro Solutions Olaf Hagemann ... Policy-Based QoS Traffic

Extreme Networks Confidential and Proprietary

Extreme Networks Metro Solutions

Olaf HagemannSenior Network [email protected]

© 2005 Extreme Networks, Inc. All Rights Reserved

Provider installations with Extreme


Triple Play Solutions GmbH Lab Oct. 2005 in Munich-Dornach

http://www.tp-alliance.net http://www.triple-play-solutions.com

Triple Play ISP / Metro Solution:

Voice,Video, Data• Core Router Solution

• Backbone Switching Solution

• Aggregation Switching Solution

• CPE´s Solution

• Hotspot Solution

• Headend Solution

• Security Solution

• Content Solution

• Migrations Solutions

• Special Customer Solutions

• Pipe / Cabel / Shelter Solution

• 48 V / USV / Clima Solution

• etc.

TP-Allianceone World goes Online

TP-Alliance a network for us and our child's future


Extreme Standards LeadershipIndustry Affiliations

802.1ad/ah Provider Bridging• Steve Haddock 802.1 – 802.3 Liaison

802.3 Ethernet • 802.3z Gigabit Ethernet

Editor, Steve Haddock• 802.3ad link aggregation

Chair, Steve Haddock• 802.3ae 10 Gigabit Ethernet

Co-Chair, Steve Haddock• 802.3ah Ethernet in the First Mile

Standards Bodies

Craig Easley, Director

Craig Easley, President

Tony Lee, former Chairman

RFC 3619 Ethernet AutomaticProtection Switching EAPS


Produktportfolio for ConvergenceBlackDiamondBlackDiamond

FamiliyFamiliy

Alpine Alpine FamiliyFamiliy

Summit Summit FamiliyFamiliy

Alpine 3808

Alpine 3804

Alpine 3802

POE

POE

POE

Summit7i

Summit1i

Summit5i

Summit 200-24

Summit 200-48

Summit48si

High Density Gig to Edge10/100/1000

10 Gig E Uplinks

Fixed Port100/1000 BASE-TX

1000 BASE-SX/LX/ZX

Value Solutions10/100 BASE-T

1000 BASE-SX/LX/ZX

BD 6804

BD 6808

BD 6816

BD 10K

New !BlackDiamond 8810

(former Aspen)

POE

SecuritySecurity

Sentriant 1

Summit X450t und X450x

New !

New !

POE

Summit 400-24t und 24pNew !

XOS

XOS

XOS

WIRELESSSummit 300 (24/48)

Summit 400-48t

Intrusion Prevention / Virtual Security Resource

WIRELESSSummit WM-Series

New !


ExtremeWare Device Management

Community string

RS-232, Telnet,SSH2 HTTP SNMP v1/v2c/v3

Command Line Interface

ExtremeWare Vista

EPICenterManager

Access Lists; encrypted pword/comm string; conf logging

Radius (incl. Per command)Username/password database


What’s Carrier Ethernet ?

Quelle:

Scalability• Services and

Bandwidth• 100,000’s of EVC’s• From Mbps to

x10Gbps

Protection• 50ms Protection• End to End Path Protection• Aggregated Line & Node Protection

Hard QoS• Guaranteed end to end SLA• End to End CIR and EIR• Business, Mobile, Residential

TDM Support• Seamless integration of TDM• Circuit Emulation Services• Support existing voice applications

ServiceManagement• Fast service creation• Carrier class OAM capabilities• Customer Network Management (CNM)

CarrierEthernetCarrier

Ethernet


Policy-Based QoSTraffic Grouping Classification + QoS Profile => Policy• Classifications: L1-L4 information, WINS username (using EEM and DLCS), Observe and/or

overwrite 802.1p and IPDiffServ packet markings. • QoS Profile: Determines Bandwidth Management (e.g. Min. Bandwidth %; Max Bandwidth

%; priority). Option for Random Early Detection.• Layer Independent QoS: Use of Layer 3 & 4, IP DiffServ info without routing;

PacketsPacketsININ

Classification QoS Profile (configured queue)

•• Ordered HierarchyOrdered Hierarchy•• Layer 1,2,3,4, .1p, IP Layer 1,2,3,4, .1p, IP

DiffServ packet infoDiffServ packet info0% Min/100% Max0% Min/100% Max

Qp1 Qp1 -- Best Effort TrafficBest Effort Traffic

Layer 4Layer 4 Layer 3Layer 3 Layer 2Layer 2 Layer 1Layer 1

PacketsPacketsOutOut

5% Min/100% Max5% Min/100% Max

QpXQpX -- Essential TrafficEssential TrafficLayer 4Layer 4 Layer 3Layer 3 Layer 2Layer 2 Layer 1Layer 1

=Policy

Low PriorityLow Priority

Higher PriorityHigher Priority

PacketPacket

PacketPacket


Scalable and Available Unix based Operating System

Modularity Availability and scale• Memory protection

• Process Monitoring and Restart

• Dynamic module loads (e.g. SSH2, SCP2)

Expensibility and open-ness New features faster

• POSIX APIs gives a great starting point for new code

• TCL and scriptable CLI enable easier management

• Configurable CLI

• XML Internal configuration representation

Security • ClearFlow

• Denial of Service Detection and Prevention

• Hooks for Interactive Threat Containment

Hardware Abstraction Layer

Hitless Failove

r

Hitless Failove

r

Device Drivers & Network Interfaces

MgmtMgmt

TCP/IP v4 & v6

TCP/IP v4 & v6

Virtual RoutingVirtual Routing System

LibrariesSystem

Libraries

Device ManagementDevice Management Routing Routing SecuritySecurity

XML

Monitoring

Communications

Security


ExtremeWare XOS,Tested by Tolly Group

Key Findings of Tolly Group:Modularity has benefits:• Extensible OS• Higher network availability• Dynamically add functionality

Process recovery:• Higher network availability• No single process can take down the system

XOS ACL’s:• Wirespeed ACL forwarding• Dynamic ACL editing• Precise wirespeed “accounting” on matching ACL

Virtual Domains:• Ability to collapse multiple L3 switches on one device• Flexibility to support overlapping IP addresses

White Paper January 2005


EVC1

CE-VLAN CoS 6

CE-VLAN CoS 4

CE-VLAN CoS 2

EVC2

UNI

EVC3

Ingress ProfilePer COS ID 6Ingress ProfilePer COS ID 4Ingress ProfilePer COS ID 2

Speed- Ethernet Interface rates:10 MB,100MB,1GB, 10GB- Increments

Service Performance Parameters- Apply per-COS ID- Frame delay, Jitter, Loss

Class Of Service (COS)- Per Port: All EVCs at UNI- Per COS ID

Bandwidth Parameters- Potentially apply per UNI, EVC, or VLAN ID- CIR, CBS, PIR, PBS

UNIEVC3

EVC2

EVC1Ingress BWProfile perIngress UNI

UNIEVC3

EVC2

EVC1

Service Level Agreements- Built around bandwidth &

performance parameters

Source: Based on Metro Ethernet Forum material

Pain Point: Ethernet Provisioning Complexity

SPs needs multi-vendor, multi-technology provisioning of:

E-Line services (Point to Point)Private line, and Virtual private line

E-LAN services (Multipt to Multipt)Private LAN, and Virtual private LAN

Ingress BW ProfilePer EVC1



MEF Compliance

Quelle:


Advanced Traffic Management Engine

Bi-directional (ingress and egress) rate limiting• On egress, “phantom” scheduling is supported to distribute unused

bandwidth to other customers

3-tiered hierarchical rate limiting1. Per application (up to 8 apps per customer)

2. Per customer (up to 4K per 10Gig link / 32K customer in total)

3. Per physical port (up to 160 = 2 * 80-port)

Packet Classification• Any data field can be used to classify the packet (in 4GNSS

programmable packet processor = Cartman)


QoS Characteristic

Dual Rate Limiter2K Limiters per Physical Port

8 Limiters per Ingress Service ID

1GbE Port


8 Limiters per Ingress Service ID

10GbE Port

3rd Level (Physical Port)2nd Level (Customer ID)1st Level (Application CoS)

Dual Rate Limiter400 Limiters per Physical Port

8 Limiters per Egress Service ID

1GbE Port


8 Limiters per Egress Service ID

10GbE Port

3rd Level (Physical Port)2nd Level (Customer ID)1st Level (Application CoS)

Ingress Limiting / MAX 180K limiters per Chip

Egress Limiting / MAX 288K limiters per System

1st Level 2nd Level 3rd Level


Egress QoS “Queue”

Ingress and Egress3-tier Hierarchical Rate Limiting

3rd level Limiter

(Port CIR/PR)

1st level Limiter

(Application CIR)

Port #1.1

App #1

App #2

App #8

App #3

2nd level Limiter

(Customer PR)

CIR

PR

Customer #A

CIR

PR

CIR

PR

QP #1

App #1

App #2

App #8

App #3 Customer #B

App #1

App #2

App #8

App #3 Customer #B

QP #2

QP #3

QP #8

Rate Limiting

Rate Shaping / Prioritization

Only applicable to Egress control


Extreme: Ingress and Egress Strict Queuing

I/O Module

Backplane Switching Fabric

Low Priority Traffic High Priority Traffic

Low Priority Traffic

From other I/O modules or ports

1. With Ingress Strict Queue Enforcement, Priority Traffic will always be guaranteed bandwidth when congestion occurs on the

backplane

2. In addition, Priority Traffic will continue to get enforced on the

Egress


Carrier Ethernet Protection

Quelle:



x10Gbps






Ethernet


Protecting the Network

Detection of anomalies Extreme’s CLEAR-Flow:• is an ASIC-based technology built into our 4GNSS chipset

• examines the first 120 bytes in every packet, on every port, of a 4GNSS switch

• enables discovery of anomalous traffic even in 10 gig core networks

Rate limit traffic and alert a network administrator

Block traffic automatically

Send suspicious traffic for analysis by an IPS

X

X


Implications for Day-Zero attacksA

ttack

Tra

ffic

(pac

kets

/sec

)A

ttack

Tra

ffic

(pac

kets

/sec

)

TimeTime

Focus so far is postFocus so far is post--attack mitigation …attack mitigation …

Suspicious Suspicious ActivityActivity

PrePre--Attack Attack

Rapidly Propagating Infection Rapidly Propagating Infection (Under Attack)(Under Attack)

Mitigation Mitigation (Manual)(Manual)

Find TargetsFind Targets Infect TargetsInfect Targets


Smarter AlternativeA

ttack

Tra

ffic

(pac

kets

/sec

)A

ttack

Tra

ffic

(pac

kets

/sec

)

Detect & mitigate Detect & mitigate before attack is before attack is

launchedlaunched

Find Targets ..Find Targets ..

•• Detect Suspicious BehaviorDetect Suspicious Behavior

•• Identify Threat Source(s)Identify Threat Source(s)

•• Automate Mitigation Automate Mitigation

Extreme Security SolutionsExtreme Security Solutions

TimeTime


CLEAR-FlowFirst order threats that can be mitigated

Smurf attack

Ping of death

Ping sweep

Ping flood

Port sweep

TCP Flood (Syn, Syn-Ack, Ack, Fin, Xmas, Rst)

Syn attack: RFC-2827

Denial of ServiceAttacks

Login services

RPC, NFS

File sharing

X windows

Name services

Mail services

Web services

ICMP messages

Flood attacks against well know port numbers

…


Virtual Router BD10k

Layer 3 Virtual Switch #1Layer 3 Virtual Switch #1

Subnet 1Subnet 1 Subnet 2Subnet 2

Subnet 1Subnet 1

Subnet 2Subnet 2

VLAN 1VLAN 1 VLAN 2VLAN 2



Virtual Switches provide isolated route tables and traffic

Overlap IP address spaces initially• VLAN spaces (vlan ID´s) in a future release

Benefits: Collapse / simplify networks without compromise• Security: Total isolation between users on different Virtual Switches

• Availability: If one virtual switch is attacked, others will be unaffected


Protecting the Network: Illustration

Measure

Analyze

- Pre-Filter Data- Maintain Counters- Sample Flows- ID Traffic bursts- ID State Changes

- Baseline normal behavior- Identify anomalies- Generate alerts

Respond- Shutdown Hosts- Shutdown Ports- Initiate detailed monitoring- send data to mirror port- Throttle large movements of data

Enforce- Deep & Extensive ACLs- Rate Limiting- Traffic Marking

Analysis Engine

CLEAR-Flow for Interactive Threat Containment


EAPSEthernet Automatic Protection Switching

Proven sub-50ms failover timesFeatured on all Extreme product linesDesigned for Carriers/ISP – Required for

Convergence in the Enterprise


EAPS v2: redundant ring connections

Avoids „super loop“ problem if a common link betwenn 2 EAPS rings fails„health-check“ pakets between „controller“ and „partner“If common link fails, the controller blocks all but one port, the „active open“ port

S8

S6

S67

P S

Master Switch

S1

S3

S2

P S

Master Switch

S4

S5EAPS Domain 1 EAPS Domain 2

Shared PortsController

Partner

Common Link


Carrier Ethernet Management

Quelle:



x10Gbps






Ethernet


“EPICenter” OverviewProduct focus: Network / Device Monitoring, Element Management

Inventory Manager with Network DiscoveryVLAN ManagerExtremeView SystemReal-Time StatisticsIP/MAC Address FinderAdministration ToolTopological Discovery with Display MapAlarm System with Configurable AlarmsConfiguration Management ESRP ApplicationEPICenter Report SystemExportable databaseConfigurable Functionality


“EPICenter Policy Manager”

Functionality upgrade to EPICenter• License key only

• Enables two additional applets: Policy and VoIPConfig

QoS policy configuration• One switch or group of switches

• Automatic policy synchronization

Security Policies• User based dynamic policies

• Network Login / 802.1x

VoIP Configuration• Assists in QoS configuration for VoIP traffic

Directory-enabled deployment• Windows Domain Integration

• Active Directory, LDAP, NIS


Converged Network Analyzer (CNA)VoIP Monitoring & Resolution for Extreme Networks

Extreme Switches provide QoS on the LAN

CNA Server Appliance • Find QoS problems with CNA

• Fix WAN problems by re-routing calls over high quality WAN links

CNA Agent client monitoring software- embedded in:• Extreme XoS- based switches (BD10K, BD8810, Summit 450)

• External box for non-Extreme or supported equipment

Extreme Switch

IV Network Management Station

Overall Network Topology View

CNA Server

CNA Agent

Test Request

Test Result SNMP

Trap

WANRouter

IBM xSeries 306/336Third Party Switch

CNA Agent


CNA Dashboard: Managing applications in the Operations Center

Application performance(e.g., VoIP, VPN, VoD, IPTV)

Urgentproblems

Rescuedusers

User experience and application availability


sFlow Traffic Analysisone part of the Clearflow functionality

Protocol for traffic accounting:• Usage-based billing

• Baselining

• Troubleshooting

• Security (Attack Identification)

Defined in RFC 3176

Similar to Netflow• But takes samples and extrapolates network traffic profile

SwitchingEngine

1 in N sampling

packet header src/dst i/f sampling parms forwarding user ID URL i/f counterssFlow agent

forwarding tables

interface stats/counters

sFlow Datagram

eg 128B ratepool

src 802.1p/Qdst 802.1p/Qnext hopsrc/dst maskAS pathcommunitieslocalPref

src/dstRadiusTACACS

sFlow Collector & Analyzer

Network


IP Mediation – Web Services

(1) Network connections from the m obile network to PSDN / Internet

(2) Subscriber look up for unique identification of the subscriber using IP network session inform ation

(3) Network session events

- End of user session (Start of user session)

- CSTM service ended (started)

All services to be inspected by the traffic m onitor are reported to tecControl, e.g. web browsing, MMS, IP telephony incl. start time, end time, service type, data volum e.

Access to the serv ice is always granted.

(4) Rated call records in real tim e

The reported service events are m apped to call records, rated depending on service type, duration andvolum e and transferred to the billing server.

Depending on the service, content specific information is available and used for rating purposes, e.g. tooverwrite volum e or duration of the CDR for processing in the billing server.

(5) N.A.

(6) tecControl adm inistration, configuration, m aintenance

MSP

Billing Server

AAA server

GUI (3)

Switches

(4a)

(5)

(1c)

CRM

(4b)

(6) (2)


IP Mediation – VoIP

(1) Network connections from the mobile network to PSDN / Internet

(2) Subscriber look up for unique identification of the subscriber using IP network session information

(3) Network session events

- End of user session (Start of user session)

- CSTM service ended (started)

All services to be inspected by the traffic monitor are reported to tecControl, e.g. web browsing, MMS, IP telephony incl. start time, end time, service type, data volume.

Access to the serv ice is always granted.

(4) Rated call records in real time

The reported service events are mapped to call records, rated depending on service type, durationand volume and transferred to the billing server.

Depending on the serv ice, content specific information is available and used for rating purposes, e.g.to overwrite volume or duration of the CDR for processing in the billing server.

(5) N.A.

(6) tecControl administration, configuration, maintenance

(3)

SIP server (for proxy, registrar, redirect, location funct.)

(1a)

(6)

(3)

AAA server

MSP

Billing Server

GUI

(5)

(4a) CRM

(4b)

(2)


Seamless Real-Time and Historical Drilldown for SLAs

Drill--Downto technical details

Service Level Violation

Service

Customer

Resources Supportingthe Service


Open integration with Fault Management tools

Easy High-resolution, Real-time Analysis

Performance Analysis and Early Warning System

API / SNMP / XML

Performance Problem

Identification

Performance Problem

Identification

1 : Performance Notifications

Faults & up/down status

Trouble TicketingTrouble Ticketing

Event ManagementEvent Management

CRMCRM

appsapps serversservers

networks, systems, applications

2 : Access to performance reports

Directory

Domain Controller

EPI CenterPolicy Manager

EPI CenterPolicy Manager

Switch Analyses, Reporting, Policies

SNMP ConnectionCNAServerCNA

Server

LDAP

Faults and Performance Notifications


Carrier Ethernet TDM Support

Quelle:



x10Gbps






Ethernet


TDM ready - ExtremeWare XOS and P-ASICs

Open architecture with UNIX-like scale and availability

• Memory protection

• Hitless software migration

• Flexible configuration management based on XML with scriptable CLI

Highly resilient• Virtual Router Architecture


Extensible• New features to market – faster!

Infrastructure for the intelligent network

• Distributed processing both inside and outside of the box

Highly Availabile• Memory protection

• Hitless failover

• Module upgrades

• Virtual Router Architecture


Extensible• Flexible configuration management and

APIs based on XML with scriptable CLI

• Dynamic loading of extensions

• New features to market – faster!

Future Proof• Scalable through modularity and HAL

• Device management via XML, …


Supporting Business Services

MetroMetroCarrier EthernetCarrier Ethernet

IPIP



Any-to-any Layer 2 VPN to interconnect multiple locations transparently and effectively (with high and guaranteed bandwidth)

Supporting the convergence of data and voice

Branch

ISP

Nationwide/GlobalNationwide/GlobalCarrier EthernetCarrier Ethernet

Branch

BranchBranch

HQ

Internet

EE--LANLAN


MPLS TLS: Simplifying Provisioning

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

SwitchSwitch

Customer Site A

802.1Q Tag500

Customer Site B

802.1Q Tag500

Switch

Switch

SwitchSwitch

Switch

Switch

SwitchNEW

Customer Site C

• Example Network; a customer has 2 sites in a TLS network, and wants to add an additional site.

• Before adding the site, 4 switches must be configured with his 802.1Q tag (500).


MPLS TLS: Simplifying ProvisioningTransport Layer Security

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

SwitchSwitch

Customer Site A

802.1Q Tag500

Customer Site B

802.1Q Tag500

NEWCustomer

Site C802.1Q Tag

500

Switch

Switch

Switch

• How many switches must be reconfigured when the additional site (Site C) is added?

• A TOTAL OF 9 SWITCHES MUST BE RECONFIGURED – IN THIS SMALL NETWORK ( Hub and Spoke Mode )


Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

SwitchSwitch

Customer Site A

Customer Site B

Switch

Switch

Switch

NEW

vMAN

vMAN: Simplifying Provisioning

vMAN

vMAN

vMANvMAN

Customer Site C

• Example Network; a customer has 2 sites in a vMAN network, and wants to add an additional site (Site C).

• Before adding the site, only 2 switches must be configured with vMANconnecting Site A and Site B.


vMAN: Simplifying Provisioning

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

SwitchSwitch

Customer Site A

802.1Q Tag500

Customer Site B

802.1Q Tag500

NEW Customer Site C

802.1Q Tag500

Switch

Switch

Switch

• How many must be reconfigured when the additional site (Site C) is added?

• Only with one config Line for vMAN Setup on all Switches and another one for the 802.1Q Tag on the Site C Switch.


Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

Switch

SwitchSwitch

Customer Site A

Customer Site B

Customer Site C

NEW

Switch

Switch

Switch

• How many switches must be reconfigured when the additional site (Site C) is added? Now just the LERs must be reconfigured.

• Only 3 MPLS switches must be reconfigured; other nodes require no configchange but it is normal a Multicast Protocol.

• RSVP-TE SIGNALING SETS UP LSP ON LSR’s ( Full Meshed Mode )

LSP Site A to Site BLSP Site A to Site C

LSP Site B to Site C

MPLS RSVP-TE: Simplifying ProvisioningResource Reservation Protocol - Traffic Extension RFC3209

Rate limiting can be done at ingress, and RSVP-TE “reserves” bandwidth for the LSP, and ensures no oversubscription.

LSP = label switched paths


Supporting Transport for IP Network





IPIPIPIP

IPIP

IPIP

IPIP

IPIP

IPIP

IPIP IPIP

IPIP

IPIP

IPIP

E-LAN connections among routers• Any logical IP topology, multiple EVC’s of a single physical interface

It supports all business IP services, from IP VPN to Internet access

R R

R

R

R

R

R

R

R

R

R

RIP NetworkIP Network

Using Carrier EthernetUsing Carrier Ethernetas the Transport Layeras the Transport Layerwith MPLS and EAPS with MPLS and EAPS

NationwideNationwideandand

EAPS with EAPS with vMANvMAN in the in the Metro Metro

Layer3 Switch:vMAN pro Port or

vLAN pro Port50ms Failover

Layer3 Switch:MPLS / vMAN50ms Failover


Supporting TV Distribution Service





IP DSLAMIP DSLAM

IPIP

IPIP

IPIP

IPIP

IPIP IPIP

Video Source

Video Source

1. Multicast tree(s) is(are) established with QoS guaranteed

2. Subscribers (the Set-Top-Box) sends request for a channel

3. Carrier Ethernet filters, only replicates and forwards the requested channel to the subscribers with IGMP Snooping

Subs

crib

ers

4. Video source protection and network protection are set up automatically between the HE and CPE

L2 DSLAML2 DSLAM

IP DSLAMIP DSLAM

IP DSLAMIP DSLAM

IP DSLAMIP DSLAM

L2 DSLAML2 DSLAM

IPIP


Supporting VoD Service





IP DSLAMIP DSLAM

IPIP

IPIP

IPIP

IPIP

IPIP IPIP

1. An E-LAN connection is established between DSLAMs and VoD servers2. Subscribers (the Set-Top-Box) sends request to RSM for a movie3. RSM finds/informs the best VoD server, acknowledge subscribers of such4. The subscriber establishes session with VoD and Command server respectively

L2 DSLAML2 DSLAM

IP DSLAMIP DSLAM

IP DSLAMIP DSLAM

IP DSLAMIP DSLAM

L2 DSLAML2 DSLAM

IPIP

Resource & Subscriber Manager (RSM)

VoD server

Command Server

IPIP

IPIP

IPIP

E-LAN

Subs

crib

ers

IPIP


Supporting VoIP Service





IP DSLAMIP DSLAM

IPIP

IPIP

IPIP IPIP

L2 DSLAML2 DSLAM

IP DSLAMIP DSLAM

CPECPE

IPIP

IPIP

IPIP

IPIP

CPECPE

CPECPE

1. An E-LAN connection is established between WAN routers to build an IP WAN2. An E-LAN connection is established between the DSLAMs/CPEs and the IP PoP in each metro3. Caller contacts the SIP Proxy server in order to find the IP address of the called party4. Caller establishes session with the called party through E-LAN connection

E-LAN

IP WAN

Location Server

SIP ProxyServer

IPIP

Subs

crib

ers


Carrier Ethernet StandardsProtection• MEF 2 – Ethernet Protection • MEF 4 – Architecture Framework

Quelle:


Ethernet

Hard QoS• MEF 6 – Service

Definition• MEF 10 – Service

Attributes

Scalability• MEF 9 – UNI Testing• MEF 11 – UNI Framework

ServiceManagement• MEF 7 – EMS and NMS Info Model

TDM Support• MEF 3 – CES Framework• MEF 8 – CES Implementation



MetroMetroCarrierCarrierEthernetEthernet

Metro Metro Carrier Carrier EthernetEthernet

The New MEF Network Architecture

BusinessSubscriber

Service Provider

NationwideNationwideCarrier EthernetCarrier Ethernet

Transport

IPIP

IPIP

IPIP

IPIP

IPIP

IPIP

IPIP IPIP

IPIPIPIP

IPIP

IPIP

• Carries all applications• Internet Access• IP VPN service

• Hard QoS and Traffic Engineering• Better bandwidth utilization/Scalability• Protection Switching (50ms)• OAM functions and TDM Support• Any-to-Any VPN services• Multicast support with Hard QoS

ResidentialSubscriber

First MEF9 Tested Solution

• ASIC Technologie, IPv6 in Hardware• QoS, 8 Hardwarequeues, Ingreesshaping, Egreesshaping, 3-tier hierachical Ratelimiting• EAPS• Full Redundant Switching Technologie, XOS, Open XML integration for other vendors• vMAN: per port, VLAN to VMAN mapping , MPLS L2 VPN implementation (Q4/05)• Multicast streams - 100kbps- 2M (size), 2000(number), Multicast receivers - 10k, Multicast zapping rate - 4 per second

Quelle:


Extreme’s Key StrengthsKey Strengths BenefitQuality Connections

• Ingress and Egress QoS for low latency and jitter -tested superior over Cisco (June 05 Tolly Report)

• CNA: End-to-end Application Monitoring and Resolution

Clear Voice Calls on LAN

Clear Voice Calls on WAN

Video implementation

High Zapping rate

Continuous Uptime• ExtremeWare OS hardened OS

• EAPS

• Hardware Redundancy

No lost or dropped calls

Service continuity – dial tone always available.

Security & Compliance:• MAC Radius to authenticate CPEs

• Sentriant Security Appliance

• Layer 3 Virtual Routing

CPE device control. Simplify deployment.

Prevents VoIP / VoD DOS attacks directed to IP telephony / TV server

Hierarchical isolation for multiple levels of security, i.e., protect Call centers. Also, enables hosted IP telephony services

MEF 9 Certified

Simple Management:• EPICenter management / AIM Manager

• Plug and play with LLDP and Universal Port Manager, Auto PoE

• XML APIs with EPICenter and Extreme switches

EPICenter to manage Extreme network inventory. Simplified network (VoIP/Video) troubleshooting for IT= lowers help desk costs.

Std. based device discovery & power mgmt = Lower cost of operation. Std. based APIs allow rapid development and deployment of applications. Example: Interactive Voice Response (IVR) system. Dynamically open and close ports for voice calls.


Metro Ethernet Network OverviewStandard based and flexible

Customer EdgeProvider EdgeMetro Core

Wifi-NetworkMT

U

PoPPoP

PoP

IP DSLAM

CMTS

HFC(Cable)

DSL

OLT PON

T1/E1/T3/E3PoP

M/C

M/CCopper

FiberFE/GbE

MDU

MTU

GbE

FE

PoP

2 – 4 Link Aggregated GbE

GbE/10GbEAccess Ring GbE/10GbE

Access RingAccess Ring

10GbE Core Ring

Extreme Networks Confidential and Proprietary

Thank You

This product roadmap represents Extreme Network’s current strategic direction. All ExtremeWare® releases will be on a when-and-if available basis. Actual feature development and timing of releases will be at the sole discretion of Extreme Networks. Presentation of the product roadmap does not create a commitment by Extreme Networks to deliver a specific

feature.