Escolar Documentos
Profissional Documentos
Cultura Documentos
Carrier Ethernet Arch Design
Carrier Ethernet Arch Design
Carrier Ethernet
Services, Architectures
and Products
Cassio Gomes
Systems Engineer
CCIE #13900 (R&S and SP)
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1
Agenda
Introduction
Metro Ethernet Services & Designs
Cisco IP NGN Architecture - Metro Ethernet
Operational Considerations
Metro Ethernet Switching Products
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2
“The Connected Life”
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 3
Perfil de cliente e a Matriz de tráfego estão mudando
Novas Demandas, Novas oportunidades
Consumer Broadband
(TB / month)
Consumer VoIP
(TB / month) Aparecimento
Consumer
IPTV / VoD
de Video / IPTV
Consumer FTTH
(TB / month)
24,500 TB/mês 654,000 TB/mês
47% CAGR
Proliferação
Corporativo
Business DSL
IP VPN
de acesso
Private Line
banda larga
(IP Portion) corporativo.
ATM / FR
(IP Portion)
Ethernet
172,000 TB/mês 1,190,000 TB/mês Source: Cisco Estimates, Ovum, Bernstein, Public Company Data
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 4
O que buscamos com Carrier Ethernet?
Sistemas fim-a-fim – Una arquitetura com elementos de hardware
e software para redes de agregação basedas em Ethernet.
Soluções padronizadas - MEF, IEEE, IETF, ITU-T and DSL Forum
Rede Convergente – serviços residenciais, corporativos e
“wholesale” para provedores móveis e fixos, sobre uma infra-
estrutura única de rede Carrier Ethernet.
Otimização de serviços – usar ao máximo agregação baseada em
tecnologia MPLS, Ethernet Virtual Circuit (EVC), Intelligent
Subscriber Gateway (ISG) e tecnologias de transporte que
diferenciam as aplicações provendo escalabilidade e resiliência.
Solução orientada a um sistema – documentado, testado e
disponível junto com os elementos de hardware, software e a
solução de gerência que fazem parte da solução.
Desenvolvimento contínuo – buscando sempre suportar novos
modelos de negócio, mais escalabilidade, resiliência e inovação.
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 5
Cisco Architecture
Carrier Ethernet
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 6
A 3-Step Approach to Carrier-Ethernet Standards
Evolution
1
1
2 2 2
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7
Building an Carrier-Ethernet Service Network
Areas to Be Addressed
Customer Aggregation Core Aggregation Customer
Business Business
Backbone Backbone
Provider Bridges Bridges Provider
Bridges Bridges
Residential Residential
IP/MPLS
UNI Definition How to Build the How to Build the How to Connect the
Ethernet Access Interconnect Media EA & IM Networks
• Customer STP • Minor changes to • MPLS/L2TPv3 • Redundancy,
and BPDU handling standard IEEE bridges • Redundancy Interaction w/ PWs
• 802.1x, 802.3x,802.3ad • Customer VLAN transp. address withdrawal • Dual-Homing
• Dual Homing • MAC address scalability • PW – encap & signal. • Backdoor links
• Customer’s • Redundancy • Auto-Discovery • STP & address scaling
GVRP, GMRP, LLDP,… • OAM&P,… • OAM&P,… • OAM&P, …
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8
SP Ethernet Cooks - Who does what?
Focus on the User-Perspective: Ethernet Services, UNI, Traffic
Engineering, E-LMI, ...
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9
Metro Ethernet Architecture
and Terminology
Integrated System
Full Service Efficient Large Scale Intelligent Multiservice Intelligent Efficient Full Service
Customer Access Aggregation Edge Core Edge Access Customer
Equipment Equipment
Si
Metro C
Metro A U-PE
PE-AGG
Hub and 10/100/
10/100/ GE Ring Spoke 1000 Mbps
Si
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11
Each Ethernet Service Instance Is an
Ethernet Virtual Connection (EVC)
1 Point to Point EVC 3 Rooted
2
Multipoint to Multipoint EVC
Multipoint EVC
1
2
3
VLAN 5 VLAN 29
VLAN 8 VLAN 8
VLAN 23 VLAN 23
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13
UNI
ATTRIBUTES
All to One Bundling
• All the CE-VLAN IDs are mapped to one EVC (see EVC 1)
• Only one EVC can exist at the UNI
• All to One Bundling is not compatible with Service Multiplexing
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14
802.1Q Tunnelling (aka Q-in-Q) Implementation
Integrated System
Full Service Efficient Large Scale Intelligent Multiservice Intelligent Efficient Full Service
Customer
CE Access Edge Edge Access CE
Customer
Equipment
Aggregation Core
Equipment
Si
CE CE
Etype Etype
802.1P
802.1P
VLAN_ID VLAN_ID
0x8100 0x8100
100 100
2 bytes 3 bits 12 bits 2 bytes 3 bits 12 bits
Len/
DMAC SMAC .1Q .1Q Data FCS
6 bytes 6 bytes
4 4 Type 0–1500 bytes 4 bytes
bytes bytes 2 bytes
SP CE
Etype Etype
802.1P
802.1P
VLAN_ID VLAN_ID
0x8100 0x8100
200 100
2 bytes 3 bits 12 bits 2 bytes 3 bits 12 bits
Carrier Carrier
Ethernet Ethernet
Network Network
VLAN Based
Port Based
Carrier
Carrier Ethernet
Ethernet Network
Network
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 17
Ethernet Wire Service / Ethernet Private Line
(for Reference)
Features
Simplest Metro Ethernet service
to deploy
Point-to-Point Service UNI
UNI
Dedicated bandwidth
No Oversubscription Carrier
Ethernet
High availability-protected Network
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 18
Ethernet Relay Service
(for Reference)
Features
Service Multiplexing at the UNI
Scalability for large sites UNI
UNI
Service tiering based on bandwidth,
CoS, distance
Carrier
SLA—CIR/PIR/Burst, loss Ethernet
Network
FR/ATM Interworking
Recommend a router as CPE device
Sample SP Service Offering
UNI
Branch Office VPN (L2VPN, F/R
equivalent)
IP VPN access (L3VPN -
Intranet/Extranet)
Internet (ISP) access
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 19
Ethernet Multipoint Service
(for Reference)
Features
Multipoint Layer 2 service
Service Tiering based on
UNI
bandwidth, CoS, distance
Routers and/or Switches as CPE UNI
devices
Carrier
Ethernet
Network
Sample SP Service Offering
Corporate/campus
LAN extension
LAN Extension over WAN UNI
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 20
Ethernet Relay Multipoint Service
(for Reference)
Features
Service Multiplexing at the UNI
Layer 2 Multipoint service
Service Tiering based on
bandwidth, CoS, distance
Carrier
Recommend a router as CPE Ethernet
device Network
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 21
Overview of Ethernet-Based Services
ETHERNET-BASED SERVICES
Point-to-Point Multipoint
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 22
Virtual Private Wire Service (VPWS)
Reference Model
Customer Customer
Site Site
PSN Tunnel
Pseudowires PWES
PWES
PE PE
PWES PWES
Customer Customer
Site Site
Emulated Service
A Pseudowire (PW) Is a Connection Between Two Provider Edge (PE) Devices
Which Connects Two Pseudowire End-Services (PWESs) of the Same Type
Service Types:
• Ethernet • HDLC
• 802.1Q (VLAN) • PPP
PWES
• ATM VC or VP • Frame Relay VC
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 23
Virtual Private Wire Service (VPWS)
Customer Perspective
CE2
CE1
CE3
CE5
CE4
Point-to-point connections between Provider Edge (PE) nodes
Same look and feel as existing L2 PVCs (i.e., Frame Relay point-to-point)
Service provider simply forwards incoming frames based on layer 2 information (i.e.
DLCI, VLAN tag, VPI/VCI, etc.)
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 24
Virtual Private LAN Service (VPLS)
Reference Model
Customer PE Customer
PE
Site Site
MPLS
Full Mesh of
Pseudowires Attachment VCs Are
Ethernet
Customer
Site
A Full Mesh of Pseudowires (PW) Is Used to Connect All Provider Edge (PE)
Devices Which Support a Given VPLS VPN
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 25
Virtual Private LAN Service (VPLS)
Customer Perspective
All PEs Appear Connected on a
Common Switch
CE1 CE3
CE2 CE4
Multipoint-to-multipoint configuration
Forwarding of frames based on learned MAC addresses
Uses Virtual Switching Instances (VSI) for customer separation
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 26
Hierarchical-VPLS: Why?
VPLS H-VPLS
Multipoint-to-Multipoint (at
Connection Type Point-to-Point (at L2)
L2)
Routing Involvement by SP No No
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 28
Services Standards Map
Summary
Point-to-Point EVC Multipoint EVC Rooted MP EVC
Dedicated Shared
Service Layer Service Layer
Port-Based EVC
Identification ITU-EPL Type1 (GFP-T)
ITU-EPL Type2 (GFP-F) ITU-EVPL Type 2
(un-mux’ed UNI) ITU: SG 15/11 work…
MEF-EPL
MEF-EVPL (w/ QoS: 3C2R or 2C1R) MEF: MEF6 successor
Cisco: EPL Cisco: EWS Cisco: EMS
VLAN-Based EVC
Identification ITU-EVPL Type 1 ITU-EVPL Type 3
(mux’ed UNI) ITU: SG 15/11 work…
MEF EVPL (w/ QoS: 3C2R or 2C1R) MEF: MEF6 successor
Cisco: EPL Cisco: ERS Cisco: ERMS
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 30
Visão Geral da solução IP NGN e
posicionamento de Carrier Ethernet
Telefonia IP
Video &y Data Baseada Serviços Apps. Contact
Aplicações
Framework e Funcionalidade
Gaming Center Web Moviles
Camada
Presença Center
IP NGN
Framework
Serviços
Camada para controle
Operações
Service baseado em
Exchange aplicação e por
usuário.
Carrier Ethernet
U-
PE
Location
N-PE Server
NMS
MSE
Access Aggregation Edge Core OSS/BSS
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 31
Architecture Vision
The Aggregation Network Virtual Transport System
Modular L3 Edge → Ethernet Tap Points
Broadcast VoD VoIP PeerGroup Ethernet Internet NMS/
Video Apps L2VPN OSS
Policy
Framework
&
Dynamic
Session
Control
Ethernet
UNI
L3 Service “BUS”
IP Service
L2 Service
L2 Service “BUS”
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 32
Arquitetura Cisco IP NGN
Como é a solução Cisco Carrier Ethernet?
Cisco 7200/
Cisco ASR 100X Cisco 10000/
(D-BRAS) ASR 100X
DSL (BRAS/BNG)
Corporate
Wireless CRS-1 /
C12K-XR
Cisco 7600
Metro (N-PE)
Aggregation Cisco 12000
ETTx 7600, (MSE)
6500, 4500
(U-PE)
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 33
Cisco ServiceFlex Design
End-to-End Carrier Ethernet
Scientific Linksys
3rd party ME 3400
Atlanta WAG52
xDSL/PON ME4924 (10G)
Set Top
ME6524 (NxG)
DSL/PON
Aggregation
Residence ISG
(BRAS/BNG)
S-A STB Scientific
4500 E-FTTH (LAC/LNS)
Atlanta NxG IP/MPLS Aggregation
ONT 90600 10G over Ethernet
Residence 10G
SCE
Mobile / WiMax 4500 10G
ME4924 7600
7600
PE-AGG
CPE
1G N-PE
CRS-1
12000 Core
ME 3400 Consumer Services MPLS-PE
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 34
Rede Carrier Ethernet para IP NGN
Mapa de Serviços e Mercados
Ethernet, PON,
VoD DSL Aplicação Número de STBs, qualidade do streaming, tipo de conteúdo,
TV
Ethernet, PON,
DSL Cisco Passes
Aplicação entrega IPTV test:
Número de STBs, pacotes de canais, conteúdo SD vs HD e qualidade de
http://www.lightreading.com/document.asp?doc_id=126475&site=nxtcomm
L3 VPN Ethernet, PON, Largura de banda, suporte a diferenciação de serviços, topologia L3 VPN,
Corporativo MPLS/Multicast DSL, WIMAX Transporte serviços gerenciados (MPLS/Multicast VPN)
Ethernet, PON,
E-Line DSL, WIMAX* Transporte Largura de banda, suporte a diferenciação por serviços , transparência
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 35
Cisco Architecture
Carrier Ethernet
Operational Considerations
Features
Security
QoS
Resiliency
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 36
Problem Scope
A few possible scenarios
Excessive Uni- D-LDP
Encoding directional session Duplex
Errors Link SP Network failure mismatch
Access
Excessive Core VC
Customer
FCS failure
Equipment
Errors N-PE 1 N-PE 3 U-PE D C-VLAN
U-PE A MPLS to EVC CE
CE Cross- Unexpecte SONET/SDH mismatch
connecte Native LSP Speed
Ethernet d Endpoint Failure mismatch
d Service
PW
CE N-PE 4 CE
U-PE B MPLS U-PE C
N-PE 2
AC
Ethernet UNI Ethernet UNI failure
Physical
link failure PW failure
Physical VLAN to VFI
link failure xconnect failure
UNI VFI
port failure
failure Physical
U-PE P-Router link failure
device failure
failure
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 37
Industry’s Only Solution with End-to-End
Manageability
Customer Loyalty: Service Level Assurance
ME 3400, 7600
3750 Metro
1800, 2800,
3800 ISR
Managed Firewall
Services IPSec
NAT
Solution CPE
ISR
7600 7600 7600 7600
ISR
ISR
Core
ME 3400 ME 3400 ISR
3750 Metro
E-LMI E-LMI
Service
802.3ah 802.3ah 802.3ah 802.3ah 802.3ah 802.3ah
Link
802.1ag
Service
CE CE
802.3ah
Ethernet in
the First Mile
N-PE
CE U-PE
802.3ah OAMPDUs
802.3ah OAMPDUs
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 39
Reduce Opex with E-LMI
RapidStart Service Turn Up – Reduce Truck Rolls
CPE U-PE
Enables service providers to reduce
errors, as well as improve
EVC performance by shaping on CE
egress customer configuration
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 40
QoS Overview
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 41
QoS Functions:
What QoS Functions Happen at Each Area within the
Network ?
Customer Access Aggregation Edge Core Edge Access Customer
Equipment Equipment
1 3 3 3 3
2 2 2 2
Scheduling, Bandwidth
Management and
Classification, Marking Classification and
and Policing Queuing
Congestion Avoidance
Steps 1 2 3
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 42
Metro Ethernet Trust Model
Premises
Ensure the Configuration Can’t
Be Accessed and Modified
POP
Protect Against
DOS Attacks or
Limited
Premises Resource POP
Switch Contention Switch
(U-PE) (N-PE/PE-AGG)
VLAN 1 VCs
PE
VLAN 1
10/100/1000 VLAN 2 VLAN 2
10/100/1000 VLAN 3 VLAN 3
VLAN 4
VLAN 4
10/100/1000 CE VLAN 1 Gigabit Ethernet Transport
CE VLAN 2 (QinQ) VLAN 5 VLAN 5
MAC Attacks
Port Security, Per VLAN MAC Limiting
(CAM Table Overflow)
Spanning Tree Attacks BPDU Guard, Root Guard, MD5 VTP Authentication
Pro-Active Defence Deploy MAC Level Port Security, Wire-Speed ACLs, 802.1x
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 44
Ethernet Security:
SP Recommendations—Summary
Disable Password Recovery
BPDU Filter (for Egress SP BPDU) VTP Mode Transparent
MAC ACLs (for Ingress CE BPDU)
Access VTP Mode Transparent
Enable ROOT Guard
Customer—SP per VLAN MAC Limiting
Boundary
CPE X SP BPDU Core
CE BPDU X SP
NV 66
IP/MPLS/
NV 5 NV 66
Untagged 802.1Q
VLAN 10 X VLAN 5
Network
VLAN 20 VLAN 20
VLAN 30 VLAN 30
VLAN 40 VLAN 40
802.1Q 802.1Q
Enable Port Security Trunk UNI Trunk
Enable 802.1X LOOP Guard
Disable CDP Prune All Unused VLANs from
Remove VLAN 1 and Reserved VLANs from UNIs Allowed List
Set DTP to “Non-Negotiate” Remove VLAN 1 and Reserved
Prune All Unused VLANs from Allowed List VLANs from Trunks
UNI VLANs Must Not Be Used as Native VLAN Reserve a VLAN ID for the
on SP Trunks Native VLAN on the SP Trunks
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 45
IP NGN Carrier Ethernet Resilient
Service & Infrastructure Resiliency
50 ms Recovery
4500
7600 7600
E-FTTH Access
MPLS FRR / REP Aggregation
MPLS FRR / REP
Core
Distribution
Aggregation
ME3400 Node
Node
3750 Metro ME6524
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 46
Resilient Ethernet Protocol (REP)
What is REP?
A new protocol designed to provide a solution for fast and predictable Layer 2
convergence for Carrier Ethernet networks
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 48
Flexibility of Implementation
REP Supports Various Topologies
Segment 2
Segment 3 Segment 1
Segment 3
Segment 1
Segment 2
Segment
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 49
Cisco Architecture
Carrier Ethernet
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 50
Cisco Carrier Ethernet Portfolio
Award Winning – Excellence in Innovation
IP/MPLS and Ethernet Ethernet/SONET/SDH
Ethernet/ DWDM
Cisco
10000
Cisco
7600 ONS
15454
Cisco
CRS-1 72xx/73xx
12000 / XR 12000
ME 6524
Catalyst 3750 ME 4924 ONS
Metro 15600
ME 3400
Catalyst Catalyst
6500 ONS
Integrated 4500 153xx
Services Router
Advanced Fixed
• Layer 2 switching with intelligent
layer 3/4 services • Metro Access: Enterprise
• Purpose Built for SP and Residential Services
• Q-in-Q
Cisco ME 3400 • Lower density 10/100
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 52
Carrier Ethernet Access Product Family
Typical Network Applications
FTTB Remote C.O. or
U-PE Environmentally
EPL, EVPL, E-LAN Controlled Cabinet
3750 Metro PE-AGG
ME 3400-24TS C.O.
Data ME 3400-2CS N-PE
ME 4900 7600 /
ME 6524
Video ME 3400G-12CS 7600 / 12K
Voice Service Provider
Core
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 53
Metro Ethernet Forum Certified
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 54
Features and Positioning
Cisco ME 3400 & ME 3750 Positioning
C3750-Metro
Premium Services
ME3400E
• Advanced Layer 2 and Layer 3 access
ME3400 Business access
• MPLS
• Layer 3: MPLS VPN
E-FTTH • Enhanced Layer 2 and Layer • Layer 2: EoMPLS and H-VPLS
3 access
• Advanced QoS
• Cost-effective products • CE Standards: • Hierarchical Queuing Framework
for Layer 2 and Layer 3 • 802.1ad • 1K Hierarchical policers
services • MEF • 8K egress queues
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 55
New Cisco Metro Access Product Family
ME 3400 series Catalyst 3750 Metro
Target Market
• ETTH / ETTB Target Market
• Layer 2 VPN
• ETTB – business premium
• Layer 3 VPN
• Intelligent Ethernet Demarcation • MTU
Metro Access Topology
•Ring
•Hub-and-spoke
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 56
Metro Access Product Family Positioning
Service Advanced IP
Offerings
3550
IP Base
L2 VPN
Service Range ME 3400 Series
Triple Play
Metro Base
2950
2004 2005 2006 Calendar Year
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 57
ME 3400 Series Hardware Overview -
Service Provider-friendly Design:
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 59
ME 3400-24FS-A
Product Overview
Application: E-FTTH
Availability: Shipping Since September 2007
Port Configuration: 24 100M SFP + 2 Dual-Rate SFP Ports
Power Supply Options: 1 Fixed AC (No DC Version Planned)
Cooling: Front to Rear, 2 Fans
Software Requirements: 12.2(40)SE or later release
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 60
ME 3400G-2CS January
2007
Product Overview
By default, all 10/100 ports are UNI ports By default, both SFP ports are NNI ports
UNI ports are shut down by default
UNI ports will not do local switching by default There can be maximum of 4 ports
defined as NNI ports*
For customers using multiple UNI ports on the
same ME 3400, up to 8 UNI ports can be
configured to do local switching
NNI ports are up by default
UNI port will have Control Plane Security
enable by default - control protocols can only
be dropped or tunneled (i.e. VTP, CDP, BPDU, NNI ports can negotiate port speed and
LACP, PAgP, DTP) – this offers protection duplex
agaist DoS attacks
UNI port still processes 802.1x, UDLD and
*METROIPACCESS image allows
IGMP packets for unlimited numbers of NNI
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 62
ME 3400 Series Security Features-
Overview
The Service Provider Challenge:
•As Metro Ethernet networks continue to expand, one of the challenges a
service provider has is to provide the same level of security as other access
technologies.
•Cisco ME 3400 Series Switches have been designed to offer a complete
security solution. By dividing security into three categories and designing a
comprehensive set of features for each:
Subscriber Security Switch Security Network Security
UNI Default No Local Switching Control Plane Security UNI Default Port Down
DHCP Snooping Port Security Access Control List
IP Source Guard Storm Control 802.1x
Dynamic ARP Inspection Configurable Per VLAN Configuration File
MAC Learning Security
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 63
Cisco Catalyst 3750 Metro Series
Metro Ethernet Access Switches
Greater Intelligence
• Intelligent 802.1Q tunneling QoS, VLAN mapping,
EoMPLS, H-VPLS
• MPLS VPN, Multi-VRF CE
• Advanced QoS: bi-directional hierarchical QoS, 2 rate
3 color rate limiting for CIR/EIR, traffic shaping and
sharing
More Differentiated Business
Services
• L2 VPN
Metro Access switch for • AC/DC redundant power supplies for high availability
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 65
Cisco 7600 Series
Chassis Form Factors
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 67
Why S-Series?
7609-S
Backplane
Enhanced Data Rates
Improved Signal Integrity
Enhanced Fabric
Enhanced Busbar allowing higher power draw (350A @ 42V on S-Series vs
100A @ 42V on vortex)
New Thermistor for better flow measurement and management
Enhanced VTT Board
New Variable high-speed Fan tray module for better cooling
7606-S
Backplane
Enhanced Data Rates
Improved Signal Integrity
Enhanced Fabric
New Thermistor for better flow measurement and management
New variable high-speed fan tray for with in-built brake mechanism and
better cooling
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 68
Cisco 7600 Engines
Sup720-3B/3BXL
Hardware Accelerated
Switch Fabric PFC-3B/3BXL Services
18 20Gbps Fabric Ports IPv4, IPv6, MPLS IPv4 and IPv6
MPLS, MPLS/VPN,
EoMPLS
IPv4 NAT
GRE
ACL, ACL counters
Egress policing
30 Mpps
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 69
Cisco 7600 Engines
SUP32-3B
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 70
Cisco 7600 RSP720-3C & 3CXL
Brains & Brawn for Converged Service Offerings
RSP720-3C/CXL Sup720-3B/3BXL
720 Gbps Integrated Fabric
Integrated 2x1 GE Uplinks
1.3Ghz RP & SP 600Mhz RP & SP
Up to 4G DRAM 1G DRAM
80/96k MAC Add 32/64k MAC Add
RSP720--3CXL-
RSP720 3CXL-GE 4MB NVRAM 2MB NVRAM
Sup720
RSP720
Feature RSP720--3C
RSP720 3C--10GE RSP720--3CXL-
RSP720 3CXL-10GE
Memory (RP/SP) 1 GB / 1 GB 2 GB / 1 GB
Compact Flash memory 512 MB/1 GB (post-FCS) 512 MB/1 GB (post-FCS)
NVRAM 4 MB 4 MB
FAT 32
Presentation_ID
file system
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Supported Supported 72
Cisco 7600 Supervisor
Performance & Positioning
Performance & Scale
SUP32-3B
256k Routes,
32/64k MAC Addr.,
15Mpps,
512MB RP DRAM SUP2
SUP2 +
SFM
4/8 10/100 TX
In SRC
rebuild
4T-Serial 1 10GE
10x1 GE
2/4 OC48 POS 1 OC192 POS
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 75
Highlights Cisco 7600
• Up to 720Gbps Fabric, Up to 48 Mpps distributed performance per linecard
• QoS: Granular, best-in-class queuing ability for Voice & Video applications
• Ethernet OAM
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 76
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 77