Documente Academic
Documente Profesional
Documente Cultură
Ananth Nagarajan
Feb 2005, SANOG V, Dhaka, Bangladesh
PPPoA L2 Access
AAL5
PC IP Edge
DSL
PPP BRAS
IP Core
1483-R
AAL5 ATM
DSL
Router
Radius
PPPoE PPP
DSLAM
1483-B
AAL5
Radius DHCP
DSL
Home GW
4
2
3
1. User initiates PPP session
and provides 6
identification and RADIUS Repository Registration
password Server Rating & 5. Services Router configures
Billing
Service Provider Back-office the connection
2. Services Router detects Server
PPP initiation and
6. The RADIUS server starts
formulates RADIUS
an accounting usage
query
record
3. RADIUS queries directory 4. The RADIUS profile is
to validate user-id and 7. The user can now access
returned to the Services
password. If valid, services such as the
Router to configure the
RADIUS also queries the Internet
directory for the user’s connection
RADIUS profile
8
DSLAM
10 11
Content
1
Provider A
5
DSLAM
Content
4
Provider B
2
7
6
1. User initiates PPP
session and provides Service RADIUS Repository Registration
identification and Selection Server Rating &
password Portal Billing
Server Server
2. Services Router detects PPP Service Provider Back-office
6. The RADIUS server starts an accounting
initiation and formulates RADIUS 4. The RADIUS profile is returned to usage record for the xDSL BRAS session
query the Services Router to configure the
connection. 7. The user can only access services
3. RADIUS queries directory to validate granted (in this example - Service
userid and password. If valid, RADIUS 5. Services Router Configures the
queries directory for the RADIUS profile Portal Only)
connection to allow access to
which will contain an Service Portal profile. Service Portal only (or Service
Portal+Internet Only)
Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 10
BRAS Dynamic Service
Selection w/ Service Portal Internet
Content
Provider A
DSLAM
1
SSP
4
Content
5 Provider B
3
GSM/GPRS
LMDS
WLAN
802.11
IP Backbone
Ethernet
(VLAN)
Leased Line Service Provider
IP or L2 Edge Router
Storage
Network
B-RAS
Gaming
PPPoE/DSL Network
DSLAM
Video
Services
PPP/DSL
DSLAM
RADIUS Policies
DHCP
PPP Content
Provider
DSLAM
Policies
RADIUS
DHCP
L2 Access
IP Edge LNS ISP
1
IP Core
PC
LAC
PPPoA
Access L2TP Tunnels
PPPoE DSLAM
BRAS
LNS ISP 2
Home GW
Radius DHCP
IP Edge
Access IP Core
PC PPPoA Provider LAC
LNS
L2TP Tunnels
Access LAC BRAS
PPPoE Provider
Home GW
Radius DHCP
Tunnel Switch
LAC LTS
PC PPPoA
LNS ISP X
L2TPLNS
Tunnels LAC
LNS
BRAS
LAC
PPPoE
Home GW
Radius DHCP
LAC L2TP
NB-RAS
IP Edge
IP Core
LNS
ML-PPP
over L2TP MPLS-VPN Core
BRAS
L2TP
Dial-out
Radius
IP/Frame Relay
L2TP/IPSec Tunnel
LNS/ VR
PC Access
IPSec LNSVPN VPN
A A
BRAS VR VR
Transport VPNVPN
B B
Access
Home GW
Radius Radius
Service Provider
Laptop PC R
Va ad
lid ius Network
PPPoE ati
on
PPPoE L2TP
Client Broadband
Laptop PC Wireless Aggregation
Access Router
Point Broadband
PDA
PDA Aggregation
Router
Radius
HotSpot Location Server
TV Servers
Services Router
TV Servers
• IP Based Subscriber Management
• Policy is enforced for each subscriber flow
• Rate shaping, rate limiting, filters, queuing
• Subscriber applications are treated according to policy
• I.E. Napster downloads won’t degrade home VPN connection
• VPN membership
• QoS Access
Gigabit Ethernet
IP Edge
IP Core ASP A
Services Router
VLAN 1 VLAN 5
ASP B
IP/ETH VLAN 6
PPPoE
VLAN 7
ISP B
Ethernet VLAN 2
Switch
(VLAN tagged)
Policies
RADIUS
DHCP
Consumer PC
Layer 3
FTTB / DSL
Service Delivery Point
OC-12 (MPLS)
ATM / FR / IP Core
Layer 2 PPP, etc.
Access Network
Ethernet
Edge
Router
PPP, F/R or ATM
Business
Customer Application
Server
Consumer PC
Layer 3
Service Delivery Point PIM
Policy Engine
Business
Customer Video Server
Typical Subscriber
Services Router
GE
Authentication Network and Service Video Server
Authorization Policies DHCP Management;
Accounting (COPS) Billing
Ethernet IP HEAD-END
Switch
Directory
(LDAP)
Access
Network
Broadband DSLAM
Users
ISP 1
PPPoE
1M bW – Best Effort QoS
BGP4, OSPF, ISP 2
ATM IS-IS, MPLS
Multicast
DSLAM
IP Core ISP N
IP/1483 Bridged
1.5M bW – Gold QoS
Access
Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 34
PPPoE based Hotspot
Service
Broadband LNS
Router (BRAS)
L2TP ISP 1
ATM or Ethernet Service
Layer 2 Provider
IP Core Radius
Access Network
PC with 802.11
W-LAN cards 802.11 Wireless
Access Point
PPPoE Client Software
Radius ISP 2
Radius
• No special features required for W-LAN network operation
- Wireless Ethernet is just another Layer 2 access method
• Users simply treated like ordinary DSL or FTTB network subscribers
• PPPoE client software required on users’ PCs
• Supports retail and wholesale business models
Web Login