Subscriber Traffic and Policy Management (BNG) on the ... DSLAM BRAS/BNG . PPP to IP Migration Key

download Subscriber Traffic and Policy Management (BNG) on the ... DSLAM BRAS/BNG . PPP to IP Migration Key

of 47

  • date post

    24-Jun-2018
  • Category

    Documents

  • view

    256
  • download

    6

Embed Size (px)

Transcript of Subscriber Traffic and Policy Management (BNG) on the ... DSLAM BRAS/BNG . PPP to IP Migration Key

  • Subscriber Traffic and

    Policy Management

    (BNG) on the ASR9000

    and ASR1000

  • Agenda

    The next wave of Broadband

    ISG Overview

    ASR1k as BNG/ISG

    ASR 9k as BNG

    #CiscoPlusCA

  • The Next Wave of Broadband

    #CiscoPlusCA

  • Evolution in SP Network Architectures

    Increased revenue by decreasing cost of managing and maintaining multiple networks

    Increased overall revenue by increasing revenue per user

    Customized services

    Rapid deployment of new services based on market trends

    Subscriber Self Subscription and Self Care

    Diverged per Service Networks

    Converged All in One

    Networks

    Converged User Centric

    Networks

  • The New User Experience Cisco ISG Enabling the Next Wave of Broadband

    Add Subscribers

    Pay As You Go!

    Buy credit

    Pay What You Use!

    Buy

    Broadband Light

    Buy: $19.99

    Broadband Basic

    Buy: $29.99

    Broadband Premium

    Buy: $39.99

    Branded VoD ($4.99/movie)

    Branded TV ($29.99)

    Branded Phone ($15.99 + LD)

    Add Value

    Add Services

    Register Log in

  • The elements of customization Subscriber identified using multiple dimensions. Identity gathered:

    From multiple sources and events

    Over session lifecycle

    Services and Rules updated based on :

    How subscriber behaves

    What he requires NOW

    Different Services and Rules applied based on:

    Who subscriber is

    Where he is

    What he requires

    Identity

    Differentiated Services

    Dynamic Service Management

    Intelligent Services Gateway

    Subscriber Services

    Subscriber Sessions

    Subscriber Services

    Session creation/

    authentication

    Dynamic Policy Push and Pull

  • Building the Identity and Assigning Services

    MAC Addr: 00:DE:34:F1:C0:28

    IP Addr: ?

    Username: ?

    Service: DEFAULT_SRV

    Subscriber Session

    T0

    DHCP Exchange Starts

    MAC Addr: 00:DE:34:F1:C0:28

    IP Addr: 10.1.1.211

    Username: ?

    Service: DEFAULT_SRV

    Subscriber Session

    T1

    DHCP Exchange Completes(*)

    MAC Addr: 00:DE:34:F1:C0:28

    IP Addr: 10.1.1.211

    Username: Bhavani

    Service: PPU_SRV

    BHAVANI Subscriber Session

    T2

    Subscriber Authentication(*)

    MAC Addr: 00:DE:34:F1:C0:28

    IP Addr: 10.1.1.211

    Username: Bhavani

    Service: PREMIUM_FR_SRV

    BHAVANI Subscriber Session

    TN

    Dynamic Service Update

    Identities

    Services

    DEFAULT_SRV Only permits management traffic through the session

    PPU_SRV Pay Per Use Service: - Permits all traffic - 512K/1Mbps US./DS - Accounting enabled on session

    PREMIUM_FR_SRV Flat Rate Premium Data Service: - Permits all traffic - 1M/8Mbps US/DS

    ISG

    Subscriber

    (*) Order of operations not representative of a real call flow

    Example

  • Access Technology Abstraction

    Open Garden Walled Garden

    ATM/Ethernet

    Switch

    DSL

    802.11 or

    802.16

    Access Distribution Ethernet

    CMTS Cable

    Subscriber-centric services regardless of: Access Technology

    Access Protocol

    Access Technology: Legacy DSL/ATM

    Metro Ethernet, Wireless LAN, Cable

    Access Protocol: IP

    PPP

    DSLAM

    BRAS/BNG

  • PPP to IP Migration Key Requirements

    Subscriber Access Detection

    Subscriber authentication and authorization

    Subscriber address management

    G0/1.10

    Create a per subscriber construct over a shared interface (subscriber session)

    G0/1.10

    John

    Mike

    Ted

    John Mike Ted

    Subscribers are John, Mike and Ted.

    John and Mike are HSI users, Ted is VoIP user

    There are 3 subscribers connected through G0/1.10

    G0/1.10

    John

    John Mike Ted

    Subscribers addresses should be:

    10.1.1.10 John

    10.1.1.20 Mike

    10.1.1.30 Ted Mike

    Uniquely establish subscriber identity and determine services and service levels per subscriber

    Goal

    10.1.1.30 10.1.1.20 10.1.1.10

    Assign a unique IP address to each subscriber based on provider domain

    Ted

  • What is ISG? Policy Server

    Cisco Intelligent Services Gateway (ISG) is a licensed feature set on Cisco IOS that provides Session Management and Policy Management services to a variety of access networks

    Addresses PPPoE to IPoE migration while maintaining all subscriber management functions

    Subscriber Identity

    Management

    Policy Management

    and Enforcement

    DHCP Server

    AAA

    Server

    ISG

    Web Portal

    Open Northbound Interfaces

    Subscriber Policy Layer

    So focal, that the entire device is often referred as an: Intelligent Services Gateway router or simply The ISG

    ISG

  • ISG Overview

    #CiscoPlusCA

  • Deployed at access or service edge

    Communicates with other devices to control all aspects of subscriber access in network

    Single point of contact

    ISGs place in the network

    Internet/Core

    AAA Policy DHCP

    Aggregation

    Portal

    Subscriber Identification:

    based on:

    - who he is,

    - where he is,

    - how he behaves

    - what he requires

    Subscriber Authentication:

    - PPP CHAP/PAP

    - Transparent Auto Logon (TAL)

    - Web Logon

    - RADIUS

    Subscriber Services Determination and Enforcement

    Dynamic Service update

    Session Lifecycle Management: establishment, configuration and tear down

  • ISGs Subscriber Policy Layer

    Walled Garden Open Garden

    Internet/Core

    Guest Portal

    Subscriber Policy Layer

    Video Audio Servers

    AAA Server

    Subscriber Authentication

    Subscriber Authorization: User and Service Profile Repository

    Per access and Per Service Accounting

    Front-end toward billing system

    Policy Server Dynamic Policy Push (Application Level Trigger)

    Web Portal

    Front end toward the subscriber for:

    Self Subscription

    Web Logon

    Service Selection (Application Level Trigger)

    DHCP Server Hand over of addresses to subscribers

    Class-based address handover for ISG driven address pool selection

    AAA Server

    Policy Server

    Web Portal

    DHCP Server

    Note: AAA Server, Policy Server, Web Portal can co-reside in the sample appliance

  • ISGs Dynamic Policy Activation

    Walled Garden Open Garden

    Guest Portal

    DHCP Server

    Subscriber Policy Layer

    Walled Garden Open Garden

    Guest Portal

    DHCP Server

    AAA Server

    Subscriber Policy Layer

    Dynamic Policy Push (e.g. Turbo Button)

    Policy Server

    Application/ Service Layer event

    Web Portal

    Dynamic Policy Pull (e.g. Automatic Service-Profile

    Download on Session Establishment)

    Web Portal

    Policy Server

    Network Layer Event

    AAA Server

  • ISGs Northbound Interfaces

    RADIUS Interface, for subscriber AAA functionalities and service download

    RADIUS Extensions (RFC 3576) and XML based (SGI(*)) Open Interfaces, for dynamic, administrator or subscriber driven, session and service management functions

    Walled Garden Open Garden

    Internet/Core

    Guest Portal

    AAA Server

    Policy Server

    Web Portal

    DHCP Server

    Subscriber Policy Layer

    Video Audio Servers

    Policy PULL

    Policy PUSH

    (*) SGI: Services Gateway Interface

  • The Subscriber Session in ISG

    Construct within Cisco IOS that represents a subscriber subscriber: billable entity and/or an entity that should be authenticated/authorize

    Common context on which services are activated

    Created at first sign of peer activity (FSOL = First Sign Of Life)

    Walled Garden Open Garden

    Internet/Core

    Guest Portal

    Subscriber Policy Layer

    Video Audio Servers

    Subscriber 1

    Subscriber 2

    Subscriber 3

    Subscriber 1

    session

    Subscriber 2

    session

    Subscriber 3

    session

    AAA Server

    Policy Server

    Web Portal

    DHCP Server

    ISG Session

  • Dynamic Session Initiation ISG sessions are initiated at the First Sign of Life (FSOL)

    FSOL depends on the Session Type

    PPP Sessions - FSOL IP Sessions - FSOL .... there are options .....

    DHCP

    DHCP discover

    Data Traffic

    Unclassified MAC or IP IP packet with unknown MAC

    or IP source address Use MAC for L2-connected IP

    sessions

    Use IP for routed IP sessions

    DHCP Discover message

    ISG must be DHCP Relay or Server

    RADIUS Access/Accnt Start

    ISG must be a Radius Proxy

    Typically used in PWLAN and WiMAX environments

    ISG Session

    RADIUS

    AP Wireless Client

    RADIUS Access Request OR

    Accounting Start

    PPP Call Request (LCP)

  • Session Authentication

    Authentication models supported: Access Protocol Native Authentication:

    PPP: CHAP/PAP

    IP: EAP for wireless client

    DHCP Authentication

    Transparent Auto Logon (TAL): Authenticates using subscriber related

    network identifiers

    e.g. MAC/IP address, DHCP Option 82, PPPoE Tags...

    Web Logon