Loading ...
Global Do...
News & Politics
7
0
Try Now
Log In
Pricing
Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 1 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 3 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Designing Large Scale Wholesale Dial Networks Session SPL-220 4 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Wholesale Dial Isn’t Just Dial Anymore! Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 5 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Agenda • Wholesale Dial Market today • Architecture Overview • Solution Components • SS7/C7 Interconnect • Design & Performance Considerations • New Technologies and Features • Summary 6 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Wholesale Dial Market 2001 Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 7 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. < 5% Market Trends • E-commerce/Private Labeling/Dot.Coms Evolution of service provider from transport supplier to enabling enterprise e-commerce through “virtual ISPs” • Emergence of application service providers (ASPs) Offering unified messaging, Find Me-Follow Me & fax services • Wholesale Representing greatest market opportunity for service providers • Lead through offering of Differentiated Services! 8 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. What Is Wholesale Dial? • Wholesale ISP provides “virtual dial ports” to retail ISPs • Subscribers get Internet or Corporate network access • Retail ISP owns relationship with user base Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 9 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Retail/“Virtual” ISP (V-ISP) Call to access Internet/Corporate Network •Owns the physical ports •Provides “virtual” dial ports •Buys wholesale dial ports •Owns subscriber base Customer/Supplier Relationship Subscriber/ Service Provider Relationship Wholesale ISP (W-ISP) End Customer/ Subscriber The Wholesale Dial Relationship Triangle 10 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Challenges for Wholesaler • Geographic presence • Efficiently manage ports to lower costs • SLA guarantees without dedicated ports • Retail ISP controls over-subscription • Preserve retail subscriber experience Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 11 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Architecture Overview 12 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. • High-density trunk termination • Dial-up modem / ISDN • IP Routing • SS7 Gateway • WAP services • Unified messaging • Voice VPN • Pre/post-paid calling card • Wholesale long distance • SLA guarantees • Tunnel management • RADIUS proxy IP Access Policy & Management Applications & Services • Managed AAA • Access VPN PSTN Retail ISP • Retail app services SS7 Interconnect: SC2200 Node Access Servers AS5x00s Port Policy Manager: RPMS Proxy RADIUS: Access Registrar Typical Wholesale Dial Architecture Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 13 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. IMT Trunks Access Servers AS5x00s PSTN SS7 Interconnect: SC2200 Node SS7 Port Policy Manager: RPMS Retail ISP 1 “Virtual” ISP 2 ISP 1 User Database Wholesale ISP IP Backbone SSP SSP IP Control Proxy RADIUS: Access Registrar User Database: Access Registrar Hunt Group Pre-authentication User authentication Accounting Wholesale Dial Call Flow 14 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Access Policy & Management Applications & Services Access Servers AS5x00s Port Policy Manager: RPMS Proxy RADIUS: Access Registrar IP • Corporate network access • Internet Access PSTN HGWs/LNSs Enterprise / ISP • High-density trunk termination • Dial-up modem / ISDN • IP Routing • L2TP/L2TP Tunneling • SS7 Gateway • SLA guarantees • Tunnel management • RADIUS proxy SS7 Interconnect: SC2200 Node L2TP/L2F Wholesale Dial with Tunnels Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 15 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. • High-density trunk termination • Dial-up modem / ISDN • IP Routing • SS7 Gateway • WAP services • Unified messaging • Voice VPN • Pre/post-paid calling card • Wholesale long distance • SLA guarantees IP Access Policy & Management PSTN Retail ISP SS7 Interconnect: SC2200 Node RADIUS Based Port Policy Manager User Database: Access Registrar Pre-authentication Access Servers AS5x00s User authentication Wholesale Dial without Proxy Architecture 16 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Wholesale Dial Solution Components Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 17 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Component Breakout/ Design Considerations • Access Server Platforms • SS7 Integration • Port Policy Management • RADIUS Integration • IP Addressing and Routing • Preventing Spam and DoS attacks 18 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Which Wholesale Dial Solution for You? • Port-management with pooling of ports? RADIUS-based port-management? Resource pool management with RPMS? • IP Address Assignment Significant? L2F/2TP tunneled approach Dial-up clients get IP address out of retail ISPs address space Aggregate with 6400 / 7200 at SP edge or in Retail ISP network Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 19 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. What Do We Have Today? • Core wholesale dial capability Per-call PPP and RADIUS configs SS7 interconnection to PSTN Large scale L2TP tunnel capability AOL traffic handling—TCP-clear • Service Level Agreements RADIUS pre-authentication Resource pool management 20 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Cisco Access Gateways Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 21 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. AS5350 To 8 T1/E1/PRI 60/108 DSPs Universal Port Mid Range High End DensityAS5800 48 T1/E1/PRI or 3 CT3 Up to 2016 data ports Up to 1344 voice ports Full Codecs Medium Complexity Voice AS5300 4-8 T1/E1/PRI 192/240 data ports 96/120 voice ports Full Codecs AS5400 To 16 T1/E1/PRI or 1 CT3 384 universal ports Universal Port Low End AS5850 86 E1/PRI or 4 CT3 2688 universal ports Universal Port Ready AccessPath TS3 168 T1/E1/PRI 4032/5040 ports Analog/ISDN AP-UGS4 Universal port up to 192 PRI pre-racked Data up to 14xDS3 Cisco Remote Access Product Line 22 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. AS5300 Specifications • T1/E1: Up to 8 • Data ports: Up to 192/240 • Voice ports: Up to 96/120 • Serial: 4 • LAN: 10/100Mbps + 10Mbps • Power: Redundant AC or DC • Size: 2 RU • Compliance: NEBS/ETSI compliant Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 23 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. AS5400 Universal Gateway • Hardware Highlights: • 2RU Chassis (3.5-inches) 648 data modems at 75 pps or 384 universal ports • Lowest power per port 2.8A AC/6.6A DC per CT3 • High availability Hot-swappable cards Internal redundant power supply Environmental monitoring • 16 individual T1/E1s or CT3 ingress • Dual Fast Ethernet LAN ports • Dual 8-MB serial WAN backhauls • Building Integrated Timing System (BITS) interface port 24 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. AS5400 Universal Gateway • Highest density 2RU universal port gateway 384 universal ports—data, voice, fax Any service on any port • Low power and high availability design Hot-swappable cards Internal redundant power supply • Individual 16 T1/12 E1s or CT3 ingress • Compact form factor allows you to add capacity as the network grows • Cisco SS7/C7 signaling gateway interoperability • Ideal for co-location and mega-POP network architectures Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 25 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. AS5350 Universal Gateway • Universal DSPs • Increased Density: Up to 8T1 or 7E1 universal ports in 1 rack unit (1.75-inches) • ISDN ONLY Configurations: 8/16/24T1/E1 • CT3 card for 8 PRI density • DC Power Supply • Hardware Highlights: 216 Universal Ports 2/4/8 CT1/CE1/PRI interfaces Dual 10/100 autosensing FE ports Dual 8MB serial WAN backhauls (Frame Relay, PPP, and HDLC) Hot swappable cards AC or DC power supply SS7/C7 signaling gateway interoperability 26 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. * Requires dual router shelf configuration Carrier Class Access Server! AS5800 Specifications • T1/E1: Up to 72 * • T3: Up to 3 * • Data ports: Up to 2047 * • Modems: Up to 324 per card • WAN: OC3, POS, FR & more! • LAN: GE, 100Mbps, 10Mbps • Power: Redundant AC or DC • Compliance: NEBS/ETSI compliant Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 27 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Load 7206 IOS Standalone router with NPE-300 & 256M memory UPC cards migrate directly to AS5850 Most of the money invested in the AS5800 can be recovered AS5800 with UPC cards AS5850 Universal Access Server AS5800 to AS5850 Migration 28 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. AS5850 Universal Gateway • Highest density access gateway on the market Supports up to 2688 concurrent users • Designed to meet the demands of large service providers, PTTs and RBOCs 14 RU chassis—three AS5850s per rack High availability through redundant components and resilient architecture SS7/C7 interoperability Universal Port ready Manageable through the CLI, SNMP, Universal Gateway Manager or CiscoView Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 29 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. AccessPath-UGS4 • AccessPath-UGS4 is only integrated remote access solution 5,760 and 9,408E1 ports in E1 and T1 configurations respectively • Designed to meet the demand of rapidly growing ISPs and telecommunication carriers Rapid deployment Flexibility—pay as you grow High capacity High availability Universal Port 30 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. L2TP Tunnel Aggregators • 7200VXR Terminates approx 2000 L2TP sessions in | one box No redundancy story NEBS3 Good performance Small footprint Not ATM based • 6400 Terminates approx 12,000 L2TP sessions in one box Good redundancy Really NEBS3 Good performance Larger footprint Good ATM capabilities Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 31 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. SS7/C7 Interconnect 32 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Radius Proxy SS7 Trunks AS5300, AS5400, AS5800 AccessPath PSTN SC2200 SS7 Resource Pool Management Server SSP SSP ISP 1 ISP 2 AAA Managed AAA IP Control IP Backbone SS7 Interconnect Solution Overview Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 33 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. SC2200 Host SLT AS5x00 Signaling Controller AKA: SC2200 Host Signaling Link Terminal AKA: SLT Cisco Access Server Based on Sun Netra 1120’s, 1400’s & 1800’s And, NEW, T100 Based on 2611 w/ special IOS Image for the SLT IOS = 12.1(5)T Based on AS5300, AS5400, AS5350, or AS5800 w/ IOS 12.1 or later Supports over 60 different ISUP variants into Q.931+ over IP. Support terminating A or F links and encapsulating MTP 3 layers and above over IP. Provide muxing F links off of E1s. Diagram Description Details Purpose SC2200 Node Terminate inbound subscriber traffic: T1, E1, DS3 with ISDN PRI or SS7 signaling Solution Components 34 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Signaling Controller Cisco AS5X00 Data Network Trunks Cisco SS7 Signaling Trunks Interoffice Trunks Management PSTN Network Elements IP Network SLT Control Dual SLT support loadsharing of SS7 Links RUDP for reliable transport of MTP3> layers to SC2200 over IP Dual Carrier Class Netra w/ failover and stable call preservation. Modem Dial out for failure notification Full set of SNMP Alarms Management Console Redundant Link Manager to ensure delivering of signaling messages Multiple Servers Reliable IP Network automatically routes around problems Redundant Components (Design for Reliability) Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 35 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Cisco SS7 A or F Links Standby SC Host To Gateways (Extended Q.931 Over IP Utilizing RLM) Active SC Host SLT SLT Link Set A Link Set B Checkpointing MTP-3 and ISUP, NUP, and TUP - I , , Terminate MTP-2 MTP-1 i t - - CMM/CMNM Signaling Control Network MTP-3 and Above Over IP - I SC2200 Node Architecture 36 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. STP Switch Switch Terminate MTP1 & MTP2 layers of SS7 RUDP over IP Q.931 over IP A-Link Model F-Link Model Gateway SC2200 Host SLT Switch RUDP over IP Gateway SLT SC2200 Host T1 / E1 with imbedded F-Link SLT mux the F-line from T1/E1 Terminate MTP1 & MTP2 layers T1/E1 without F-Link (Groomed) Backhaul upper layers to SC2200 Backhaul upper layers to SC2200 SLT Architecture Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 37 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. POP IP Control Centralized POP Distributed POP IP SC2200 SC2200 Gateway Gateway Gateway Gateways POP Configurations 38 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Data or H.323 Network (Bearers) NAS or Gateways Session Manager Set: Active and Standby Bearer Channels SS7 Signaling Link’s SLT’s Backhaul SS7 via RUDP/SM Backhaul Q.931+/MGCP UDP/RLM IP WAN Signaling Network Redundant Signaling Controllers Current SLT Architecture Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 39 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Data or H.323 Network (Bearers) NAS or Gateways Bearer Channels SS7 Signaling Link IP WAN Signaling Network SLT Q.931+ or MGCP via UPD/RLM & SS7 via R-UDP/SM Backhaul Integrated SLT Architecture 40 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. SC2200 SLT2611 SC2200 PSTN TDM 2 MB/s including associated SS7 IP - QoS for Signaling AS5300 insert drop SS7/IP Dial in subscriber Internet PoP / POI Central Office bearers IP + NI2 SS7/IP + NI2 Remote SLT Architecture Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 41 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. CHI ATL JRSY DLLS C-Link A-Link A-Link 2 A-Links C-Link A-Link A-Link 2 A-Links C-Link 2 A-Links 2 A-Links Combined Link Sets (Yes) One Link Set per OPC 40% link utilization Up to 32 links per system Define regionalization at this level Port counts and Route Sets will be constraints Up to 6 OPC’s per system Up to 250 DPC’s per OPC 90K ports per system for now SLT’s collocated for now (or dedicated circuits) SS7 Interconnection 42 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Russian ISUP China ISUP and TUP Australian ISUP Mexican ISUP Japan ISUP ANSI ISUP Bellcore NI-2 Bellcore GR-317 Taiwanese ISUP Korean ISUP Hong Kong ISUP Malaysia ISUP Philippine TUP Thailand ISUP Singapore ISUP New Zealand ISUP ETSI ISUP ITU Q.764 ISUP ITU Q.70x MTP Q.931 Q.SIG ITU Q.721 TUP German ISUP Dutch ISUP Swiss ISUP French ISUP French TUP Portuguese ISUP Finnish ISUP Swedish ISUP Norwegian ISUP UK ISUP UK IUP BT NUP Polish ISUP Belgium ISUP Spanish ISUP Italian ISUP Chilean Cisco SS7 Argentina ISUP ITU Q-Series Q.700-707—MTP Q.761-764, 767—ISUP ANSI ISUP/MTP Pure ANSI Bellcore GRs I i . - . - , I I I / I ll New Protocols Are Constantly Added Brazilian ISUP Updated 9/25 World-Wide Signaling Support Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 43 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Port Policy Management 44 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Port Policy Management (PPM) • Wholesaler pools ports across NASs • Ports allocated on-demand to retail ISP customers • Port availability up to network capacity can be guaranteed • Ports may be oversubscribed • Policies on port usage enforced per PoP or across the entire network, not just per NAS RPMS Port Policy Manager 10,000 ports MSN 7000 data AOL 3000 data Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 45 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. PSTN 408-555-1000 408-555-2000 RPMS AS5x00s 4085552000 Retail ISP B Max = 20,000 Overflow = 0 Retail ISP A 4085551000 Max = 100,000 Overflow = 20,000 Wholesaler IP Network ISP A ISP B Cisco Resource Pool Management Server • Port policy management for wholesale dial providers • Enables service level agreements Maximum number of active ports Overflow capacity VPDN configuration and usage limits Call detail records with overflow flagging 46 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. AAA (Access Registrar) Port-Policy Manager (PPM) (Resource Pool Manager Server) Retail AAA AAA-proxy (Access Registrar) Wholesale ISP IP Backbone PSTN trunks Retail ISP-A Retail ISP-B Policy Managers in a Wholesale Dial Environment Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 47 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. RADIUS PPM RADIUS AAA Comparison of PPM and AAA • Models wholesale customer using pre- call information (DNIS, trunk) • Tracks port usage per wholesale customer • Enforces SLA before call is answered, accounts for calls not accepted. • Does not model wholesale customer in the pre-call phase. Keeps end-user service profiles • Tracks session counts per user • Enforces session limits typically after call is answered 48 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. RPMS 1.0 Retail AAA AAA-proxy Wholesale ISP IP Backbone PSTN trunks Retail ISP-A RM P RAD IUS Typical RPMS 1.0 Deployment Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 49 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Incomin g call Rej ect call •Identify customer from DNIS/call-type/trunk group •Check port-usage limits for customer •Blocked number •Usage limits exceeded •Apply rejection treatment •Assign resource •Configure resource •Apply VPDN profile Accept call Policy Decisions by RPM 50 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. AOL DNIS Group 408 555-2000 213 555-4000 MSN DNIS Group 408 555-1000 213 555-3000 MSN: 7000 ports AOL: 5000 ports RPMS 408 555-1000 408 555-2000 213 555-3000 213 555-4000 Port Limits Per DNIS Group Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 51 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. RPMS MSN National Access Number: 555-1000 Region A: 3000 ports Region B: 2000 ports Region C: 2000 ports AOL National Access Number: 666-2000 Region A: 2000 ports Region B: 1000 ports Region C: 2000 ports Region A Region C Region B E1 Trunks Port Limits Per Trunk Group 52 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. VPDN Management • VPDN tunnels using L2TP or L2F • VPDN groups based on realm or DNIS • Base/overflow limits for VPDN sessions • Load-balancing across LNSs • VPDN tunnel limits per LNS Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 53 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. RPMS 2.0 Retail AAA AAA-proxy Wholesale ISP IP Backbone PSTN trunks Retail ISP-A RADIUSRADIUS RPMS 2.0 can support RMP-based deployments as well RADIUS-Based PPM 54 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. RADIUS Integration Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 55 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. AAA RADIUS Requests in Wholesale Dial • Pre-authentication Wholesaler decides whether to accept the call • Authentication Retailer decides whether to accept the user • Accounting Start, intermediate, stop accounting Available for both retailer and wholesaler 56 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. NAS—RADIUS Interaction Accounting Request (INTERMEDIATE) Accounting Request Accept Accounting Request (STOP) Accounting Request Accept 1 AAA Server 2 4 3 5 6 9 8 B A 7 1 User Dials into NAS 2 Pre-Authentication Request 3 Pre-Authentication Accept 4 Authentication Request 5 Authentication Accept 6 Accounting Request (START) 7 Accounting Request Accept Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 57 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. ISP A ISP B RADIUS-based PPM Server NAS Wholesaler IP Network PSTN aaa preauth dnis password <key> 1015551234 Password = “<key>”, Service-Type = Outbound Service -Type = Outbound, Class = “ISP01”, Cisco:Ascend-Require-Auth=Require-Auth RADIUS-Based Pre-Authentication • Authenticates calls using DNIS as username 58 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Wholesaler PPM Server IP SC2200 Node AS5XX0s PSTN Wholesaler Proxy Server Retail ISP B Retail ISP B AAA Server Retail ISP A Retail ISP A AAA Server DNIS A, B, C user auth to ISP A DNIS D, E, F user auth to ISP B Proxy RADIUS Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 59 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Traffic Engineering IP Addressing and Routing 60 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Wholesale Dial Isn’t Just Dial Anymore! Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 61 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Impact of IP Address Allocation on IP Routing • PPP assigns IP address to end user • Creates host route on NAS for every dial user • Generates relatively large number of /32 routes • Frequent NAS route table changes • Potential for major impact on backbone routing if not properly managed 62 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Wholesale Dial IP Addressing and Routing • Wholesale dial provider owns address space Follow dial IP routing guidelines • Retail ISPs provide address space Use L2TP tunneling whenever possible • Mostly own, some retail ISP-provided Address pools (with care) L2TP where possible Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 63 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Retailer-Provided IP Address Space • Must aggregate addresses into larger blocks for routing sanity • Don’t know where users are going to “land” on the network • Can’t aggregate with per-user IP addressing • Use L2TP to tunnel users to retailers network 64 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Spam, Denial of Service and Other Anti-Social Behavior Prevention Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 65 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. ip access-list extended NoSPAM permit tcp any 192.168.55.0 0.0.0.255 eq smtp deny tcp any any eq smtp log permit ip any any Stopping E-Mail Spammers ACL configured on the access server blocks non-local SMTP spamford Password = ”wallace" Service-Type = Framed, Filter-Id = "NoSPAM.in", Framed-Protocol = PPP, Framed-MTU = 1500 Enabled in the RADIUS ‘user’ file 66 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Sun Mar 4 11:53:39 2001 NAS-IP-Address = 10.65.106.167 NAS-Port = 49 ... Acct-Session-Id = "1010013BE" Framed-Protocol = PPP POD-Session-Key = "DD62C63D" Acct-Delay-Time = 0 Accounting session ID Packet Of Death session key “Packet of Death” (Cont.) • Enable on NAS with command aaa pod server server-key <key> • Required attributes configurable on NAS auth-type any | all | session-key Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 67 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. ip verify unicast reverse-path Denial of Service Prevention: Stopping IP Address Spoofing • Problem: Hackers launching attacks forge source IP Smurf attack can use low bandwidth link • Solution: Reverse path filtering (part of CEF) Drops packets with forged IP source addresses *Mar 4 111043.439 CEF-Receive Packet for 172.21.13.110 -- receive *Mar 4 111043.439 CEF-Drop Packet from 10.1.1.10 via Serial1/1/023 -- unicast rpf check 68 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Wholesale Dial Performance Optimization Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 69 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Performance Optimization for Dial Access Servers • NEVER log to console • At least 10 AAA processes • Enable CEF (FIB) switching • Use virtual profile pre-cloning • Switch off VJ header compression • Always use conditional debug • Minimize dynamic routing Plan your IP address allocation accordingly • Minimize use of ACLs 70 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Wholesale Dial Today: New Technologies Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 71 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Remote Access: New Technologies • V.92/V.44 Supported on all 5xx0 platforms • Universal Port (Cisco ASAP = Any Service, Any Port) Same DSP for data, voice, fax Available on all universal gateways • TDM Switching Supported on all 5xx0 platforms 72 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. V.92 Modems PSTN Fast Access! Call accepted! SW Incoming call accepted while customer is online Modem on hold! Customer dials up Internet with V.92 modem Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 73 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. V.44 Benefits • Data compression algorithm optimized for Web content Speedier Web page downloads improves over previous technology which focused on text strings found in ASCI files such as email • Optimized for strings found in HTML pages • Requires more MIPS than V.42bis (older platforms may not support a software upgrade to V.44) • V.44 improves on V.42bis regardless of file type HTML Text 100-120% Executable 15-40% Word Doc 12-35% email 20-30% C Source 20-45% RTF, PDF 166% Amazon.com Browsing 91-104% 74 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Universal Gateway Product Line AS5350 Universal port up to 8 PRI AS5400 Universal port up to 16 PRI Data up to DS3 AS5850 Universal port up to 112 PRI (4 x DS3) AP-UGS4 Universal port up to 192 PRI pre-racked Data up to 14xDS3 CapacityCommon components • IOS codebase • DSP subsystem • SS7 capabilities • Trunking hardware • Wireless data functions Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 75 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. • Data, voice, fax and mobile wireless call termination • Programmable call handling for flexibility and to enable services Cisco ASAP Architecture Data, voice, fax and wireless clients IP Backbone Cisco AS5xxx Universal Gateways Policy and Accounting Back End Applications • Cisco and 3rd party applications • Application logic manipulates other parts of the network to implement the service PSTN Wireless Directory GK Cisco iPlanet Mirapoint Netspeak Voice Access Technologies Openwave etc. RPMS SS7 GW • Map applications to ports and vice versa • Enforce service level agreements 76 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. What Is TDM Switching? • ‘TDM Switching is the ability of the AS5XX0 Gateways to Transmit PCM data between two DS0 circuits (DS01 and DS02) directly using Timeslot Interchange Circuit’ AS5XX0 TDM Switch DS01 DS02 Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 77 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. TDM Switching Call Types • Incoming call leg SS7, PRI or CAS • Outgoing call leg SS7, PRI or CAS • Dialed Number Identifies the TDM Switched call AS5XX0 TDM Switch IMT/PRI/CAS IMT/PRI/CAS SC2200 SS7 Q.931/RLM/IP 78 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. TDM Switching D PSTN W V Voice Switch Legacy Equipment VoIP, Dial and Wireless TrafficTDM Traffic Dial IP Wireless Data VoIP Traditional Network Design Overlay Infrastructure Low Service Efficiency Feature and Services Constrained From Overlay to Cisco ASAP Network Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 79 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. TDM Switching • Cap investment in Legacy Technology • Resell PRI Generated from IMT • Lower Interconnect costs with SS7 • One box Solution Saves on Operations • Manage Migration to New Services • Support Call re-direction • Connect to External Test Equipment to meet Local Provisioning Requirements • Trunk to Special Services UP PSTN Voice Switch Legacy Equipment PRI ASAP Dial VoIP and Wireless IMT CAS Cisco ASAP Network Applications and Benefits 80 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Summary Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 81 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Why Cisco? • Understands and is focused on Wholesale Market opportunity • Best leverage with Enterprise customers to drive new business • Best architecture and end-to-end solution for wholesale services 82 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Summary • Wholesale dial infrastructure lays foundation for future services • Springboard to services based on universal ports • Cisco best positioned to transition wholesale dial SPs to universal port Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 83 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Wholesale Dial Isn’t Just Dial Anymore! 84 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Other Networkers Sessions of Interest: SPL-206 Designing Converged Voice/Dial in Wholesale Access Environments SPL-204 Deploying Edge Services for Large Scale Aggregation Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 85 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Resources/Contacts • http://www.cisco.com/ Everything that’s official • cisco-nas@external.cisco.com Open to all! Not an official Cisco mailing list but many technical Cisco staff read and respond daily Send e-mail to mailer@cisco.com containing the line subscribe cisco-nas <your e-mail> • comp.dcom.sys.cisco The oldest and still the most active list 86 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Questions? Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 87 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Designing Large Scale Wholesale Dial Networks Session SPL-220 88 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Please Complete Your Evaluation Form Session SPL-220 Copyright © 2000, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr 89 SPL-220 3145_05_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved.
