ISAM

7302-7330/5523 Operator
Getting started & Administration
1
Starting an AWS session
 Access to AWS Front Panel

• From Solaris Welcome Window:
– enter user name
– enter password
5523 AWS
Icon Menu
 AWS Management System icon
• at the bottom right of the AWS Front Panel
• access to the functions of 5523 AWS.
AWS
Management
System icon
WS activity Terminal
2
5523 AWS Icon Menu
 Allows to select the application

 Visible after clicking on the triangle above AWS Mgmt System icon
 information about software elements of 5523 AWS
 Launch AWS Application Manager
 Launch CAL USM
 Launch ANEL
 Launch Events and Log Management
3
Start/stop AWS core processes (1/3)
 Via Process monitoring

AWS
APL. MGR
• Control the UNIX processes running
on the 5523 AWS.
• Display the details about the
processes. Maintenance
 Start/Stop AWS core processes: Process Monitoring

(DPC-USM)
• select process, group or subsystem
– Go to Action Menu -> Start/Stop
Actions menu
or:
– Right mouse click -> Start/Stop
•Start
•Stop
4
 DPC-USM
• Menu bar
• Tree view on all core processes
• To see more info on a process:
– menu Actions - Show Info
5
RED: At least GREEN: Process(es)

one process is up and running
failing
This process has been stopped

BLUE: At least one
process has been stopped
6
Monitoring AWS core processes
 Status Icon or DPC Icon

• in the Icon window
• Color indication of the status AWS
– Status Icon: Green or Red APL. MGR
– DPC Icon: Green, Blue or Red
 Status Window
Maintenance
• information about the AWS workstations
• displays EML/Presentation workstations
which are installed to become part of the
AWS. Status
• button to launch Process Monitoring
7
Configuring/verifying AWS license (1/2)
 Possibility to configure and show license

 Multiple licenses possible, e.g.: AWS
APL. MGR
• AWSCore
• ADSL2+
• ADSL2+AnnexM
• READSL2 Maintenance
• IGMP
• PPPoXrelay
License
• PPPoXterm
 2 license keys
• active license key
for the active master in the 5523 AWS.
• passive license key
for the standby master in the 5523 AWS.
8
Configuring/verifying AWS license (2/2)
 Show license rights

• Click on a license AWS
APL. MGR
 Configure license
• Paste key in field and press OK
• Start license process in DPC-USM
Maintenance
• Clear: to erase the license key
• Audit: to show info on (+possibly save)
> number of ports
> host ID License
> ...
• Import: to retrieve the previous license key.
 button ‘list logged in users’

•List logged in •Clear
users
•Audit
•Import
9
ANEL
Navigation and indicators

Launching ANEL
 Main menu
 Network Elements
AWS
 Main menu APL. MGR
 Administration
 AWS Applications
Application
 Network Elements
Network
Elements
11
ANEL – Overall Structure
Menu Window
Bar Title
Tree
Area View
Area
Progress
Indicator
Message
Area Filter
Misaligned tag
 Tree Area: hierarchical view.

• Windows explorer like
 View Area: table containing one NE per row.
• In hierarchical mode, only NEs within the selected folder are shown
• Information given per row: supervision tag, type, ...
12
ANEL view area – tags used
 Supervision State  Alarm Synthesis tag

• Supervised • Cleared alarm synthesis tag
• Declared • Not cleared alarm synthesis tag
• Activating Color of tag indicates severity of
highest alarm on NE
• Deactivating
 Misaligned tag
• Aligned : no tag
 Reachability tag
• Misaligned
• Not supervised: no tag
 Filter tag
• Reachable : no tag
• Not filtered : no tag
• Not reachable
• Filtered
 Scoped Command tag

• Scoped command ongoing
13
ANEL : Display options
 Refresh
• Manual refresh of the NE states
ANEL
 Sort
• The list of the NEs in the View area can be sorted by:
– Name,
– Location,
– Type,
– Release, Views
– Supervision state,
– Reachability state,
– Alarm status,
– … •Refresh
• Sorting can be in ascending or descending order. •Sort
 Layout •Layout
• Hierarchical
Folders based on Location Name
• Flat view
All NEs in the system are shown
14
ANEL : Display options
 Filter
ANEL
• View or list a selection of NEs.
• By default no filter is applied
• You can create and save a new filter or apply an
existing one. Views
• Filter icon in the lower right corner

Filter
15
Navigation via ANEL
 IM load
ANEL
• IM load of EML-IM and LANX-IM processes
(in case of the 7302 ISAM)
 Show
• Allows navigation towards: Views
– EML-USM,
– AS-USM,
•IM Load
– PM viewer,
– Network Events, •Show
– TL1 CLI, •Go to
– Telnet
 Go to … port by customer
• You can select multiple NEs.
• Customer id search is not case sensitive
• Customer id’s that start with the substring that you enter
16
ANEL : Search options
 Find (in selected ASAM-CORE)

ANEL
• Find objects matching criteria.
• Command only available when NEs are
selected
Views menu
•Find
NEs by Active
NEs Subracks Boards Appliques
Template Ppoints
17
ANEL : Search options
 Find (in selected service hub)

ANEL
• Find (sub)NEs matching criteria.
• Command only available when a service
hub is selected:
– SW files/OSWPs present Views menu
– Active NT SW file/OSWP
– Changes triggered backup
•Find
– Periodic backup
– Clock synchro priority scheme
– Auto restore
– IP address (sub) NEs
– System ID
18
ANEL : Service menu
 Service ANEL
• Video/IGMP
• VLAN
• Ethernet/IP Service menu
• NE configuration • Definition • Deployment • Utilities
• Create
• Video/IGMP • Deploy
• Get free
• Modify
• VLAN • Upgrade VLANs
• Rename
• Ethernet/IP • Remove
• Change Status
• Show
•Delete
19
•Show
EML-USM

Starting up EML-USM (1/2)
 From ANEL ANEL-USM

• Double click on NE
• or select one NE  View  show Equipment 
EML-USM opens EML-USM
Rack view
 Four different views in EML-USM

• Rack view : shelves in the NE EML-USM
Subrack
• Subrack view: boards in a subrack view
• Board view: ports on a board
• Port view: connections on a port
EML-USM
Board view
EML-USM
Port view
21
Starting up EML-USM (2/2)
ANEL-USM
 Navigation to different views
• One level down:
EML-USM
Double click on object in the view area Rack view
• One level up:

EML-USM
Click on container icon in left upper corner Subrack
view
EML-USM
Board view
EML-USM
Port view
22
EML-USM – Overall Structure
Window Title
Menu Bar
Alarm Synthesis
Container Panel
Icon
View Title
Area
Status Icon
Bar
View Area
Message
area
Alarm overview area
23
EML USM – Menu Bar
Permanent menu items Context-specific menu items
Menu Bar
 Menu Bar - Permanent menu items

• Views navigate between views
• Configuration configure global NE attributes
• Supervision modify NE associated parameters
• Service configure SVC, ILMI and Video Channels
• PM Performance Monitoring
• Help Help application
24
EML-USM – Alarm Synthesis Panel
 Per-severity alarm subpanel
• Number of alarms of that severity

• color
Green (square – “Normal”): no alarm
Colored (round) according to the severity: alarms present
 Per-domain alarm subpanel

• Number of alarms of that domain
• color
Green (square - “Normal”): no alarm
Colored (round) according to the highest severity among the active alarms
 S Alarms Per-severity alarm subpanel = S Alarms Per-domain alarm subpanel
25
EML-USM – Status Icon Bar (1/2)
 Supervision state:
SUP green (Square) : Supervision active
SUP brown (Round) : Supervision not active
 Operational state: Reachability of the NE

ISO Green (Square) : NE is reachable
ISO Red (Round) : NE not reachable
 Protection mode: NT redundancy mode.

OFF yellow (Square) : Redundancy not active
ON yellow (round) : Redundancy active
A Green (Round): Chain A Active
B Green (Round): Chain B Active
 Synchronization mode : NT database synchronization
NSY yellow (Square): No synchronization

SYN yellow (Square): Synchronization
26
EML-USM – Status Icon Bar (2/2)
 Backup/restore mode: ongoing B/R operation on NE

B/R Green (Square) : No B/R operation ongoing on NE
B Blue (Round) : Backup ongoing
R Red (Round) : Restore ongoing
 Persistency status: persistent data loss

PRS green (Square): No persistent data loss
PRS red (Round) : Persistent data loss
 PPPoE server
PPPoE Green (Square) : enabled
PPPoE Blue (Round) : disabled
PPPoE Grey (Square) : not supported
 802.1x authenticator
802.1x Green (Square) : started
802.1x Blue (Round) : stopped
802.1x Grey (Square) : not supported
27
EML-USM - Alarm Display - Alarm synthesis tag
 Alarm Synthesis tag = summary of

• alarms of the object itself,
• and alarms of the contained objects.
 All alarms cleared:
 At least one alarm present: …
• Color of the tag is the color of the most severe alarm.
28
EML-USM - Alarm Display - Alarm status tag
 Alarm Status tag: summary of alarms of the object itself only.
All alarms on object cleared At least one alarm present on object
Alarm on object
…
 If the Alarm Status tag is selected, then the alarm overview

area/ panel displays the alarms of the object.
29
Alarm colors .
 RED indicates a critical alarm!  CRI
 ORANGE indicates a major alarm!  MAJ
 YELLOW indicates a minor alarm!  MIN
 BLUE indicates a warning alarm!  WNG
 WHITE indicates an indeterminate alarm!  IND
30
EML-USM Rack view

Rack view presentation / tags (1/2)
 Alarm status tag in Icon Container: ASAM related alarms

• NT redundancy failure, Label mismatch, Address conflict …
 Alarm synthesis tag on subrack summarizes alarms of:

• subrack itself
• contained boards.
 Alarm status tag on first subrack of the rack: status of the RACK
• External alarms, Power and equipment alarm on Rack level
 No display of operational state and administrative state tags for

subracks!
32
Rack view presentation / tags (2/2)
 Mismatch
• Configured shelf is different from the inserted one 
 Missing
• Configured shelf is not inserted 
 Top shelf 
 Protection status
• Protection disabled  No Tag
• Protection enabled (Standby) 
• Protection enabled (Active) 
33
EML-USM Subrack view

Subrack view presentation / tags (1/2)
 Alarm status tag in Icon Container: status of the shelf

• Power problem, equipment malfunction, configuration issue
 Alarm Synthesis tag and Alarm Status tag per board
 Alarm Status tag per applique
 Administrative state
• Locked 
• Not locked  No tag
 Operational state
• Disabled 
• Enabled 
 Power status
• Powered off 
• Powered on  No tag
35
Subrack view presentation / tags (2/2)
 Mismatch 
• Configured board different from inserted one
 Missing 
• Configured board not inserted
 Active chain 
• Active board (only on NT)
 Service hub 
• (only on NT of 7302 ISAM)
 Protection tags
• Protection disabled  No tag
• Protection enabled (Standby) 
• Protection enabled (Active) 
36
EML-USM Board view

Board view presentation (1/2)
 Table structure
• One row for each physical port.
• One row for each logical group: bonding
Below one bonding group row, one row for each port part of this
group.
Port
Area
Bonding Area
38
Board view presentation (2/2)
 Information given per row
ID Label Smith
1 2 3 4 5 6 7 8 9 10 11 12 13
1. View mode button 9. Administrative state tag

2. Row type tag 10. Cross-connection tag
3. Type tag
11. Performance monitoring tag
4. Identification label
12. IGMP control channel tag
5. Status tag
13. Carrier Data Collection
6. Customer Identification label
7. Alarm status tag
8. Operational state
39
Board view presentation / tags (1/5)
 View mode button

• "Expand" button indicates that the row is in "reduced“ mode.
• Click to expand “reduced” row(s)
• "Expand all" button: at least one row is in "reduced" mode.
• In reduced mode, not all commands are available
 Dots tag
• in reduced mode means that not all information is displayed.
40
 Row type tag

• Native port 
• Bonding group 
 Type tag
• User port 
• Subtending port 
• Network port 
• Control port 
• Out-of-band management 
• ASAM port 
41
 Port/bonding group status tag
• Available 
• Faulty 
• Reserved 
• Used 
 Alarm synthesis / status tag

• In "reduced mode” only one alarm synthesis tag.
• In expanded view max. 8 alarm status tags are used.
42
Port status diagram
Configure
port
Configured
+
Connection(s)
Configure port
Configured Unconfigured
Unconfigure (available)
Configure
port
Faulty Reserved
43
 Operational state
• Synchronized 
• Not synchronized 
 Administrative state
• Locked 
• Not locked  No tag
 Cross-connections tag
• presence of TP(s) on port/bonding group. 
44
 Presence of performance monitoring points

• 15 minutes 
• 24 hours 
• 15 minutes and 24 hours 
 IGMP control channel configured
 Carrier Data Collection
45
NT / service hub - configuration
 STP:
• Configuration: EML-USM
– STP status
– STP parameters:
e.g. priority, hello time…

Configuration menu
• Operational
– STP parameters
 Link aggregation:
• Stopped • STP • Link
aggregation
• Started (protocol enabled)
• Started (protocol disabled)
• Configure • Configure
• Show config • Show config
46
NT / service hub - link aggregation
 Create a link aggregation group:

• Select a configured network port and EML-USM
an unconfigured port on the service
hub.
• Port  Link aggregation 
aggregate Port menu
• Link
aggregation
• Aggregate
47
EML-USM Port view

Port view presentation / tags (1/2)
 View area
• Table with:
– One row for each connection/TP on that port
– One row for each service/VLAN associated to that port
49
Port view presentation / tags (2/2)
 Administrative state 
 802.1x enabled 
 IGMP control channel 
 Default VLAN 
 Default VLAN for untagged IPoE frames 
50
LT – VLAN association
EML-USM
 Create ATM termination
• Do not select anything
• Connection  ATM termination Port view
• Connection
 Associate VLAN:
• Select ATM termination
• Connection  VLAN association • ATM • VLAN
termination association
 select VLAN mode
 configure or create
• RB VLAN
• CC VLAN
• QoS Aware VLAN
• Configure
• Show …
51
Miscellaneous
Creation of ISAM and Service hub on AWS
 NE information
• General information on the NE
Type, Release, Name, Location...
• EML-workstation and EML-IM ANEL
process
• Security related information
• Comments NE
 OAM interface of NE
• Information necessary to establish
OAM connectivity •Create •Show Info •Delete •NE
• Possibility to enable SNTP •Modify defaults
 OAM interface at EML
• Ethernet or ATM
 Supervision can be started manually
 NE Defaults
53
AWS-NE connectivity related commands
 Supervision
• Start ANEL
• Stop
 Reachability Test NE
• IP connectivity
• SNMP connectivity
Supervision Reachabililty (OAM
• Transaction test
Test Counters
•Start – not on
•Stop ISAM)
 (OAM Counters)
• Counters at OAM interface port of the NE
– on IP level
– on Ethernet level
• Also via EML-USM  Supervision  OAM Counters
54
Locking
 Locking disables the operation of the object!
 Lock board
• On ISAM: Power on, but all ports are disabled.
 Lock port
• Restricts all communication over the port, also the physical layer.
 Lock NT port
• Restricts communication over 1 or more links of an NT link
aggregation group.
 Lock ATM termination point
• Restricts all communication over a PVC
55
Management of 7302 ISAM
Management strategy (1/4)
 Managed as two separate entities.

• Alcatel Service Hub
– Set-up of VLAN (e.g. new ISP)
– Service specific functions performed
on Service Hub
• ASAM/LT shelf (ASAM-CORE)
– Rest of the ISAM
– Configuration management of users
– Set-up of VLAN
– Service specific functions performed
on ASAM-CORE
 Service Hub and ASAM-CORE

contain a separate SNMP agent
57
 Management of 7302 possible by

• General CLI
management of ASAM-CORE and Service Hub via General CLI
• Via TL1
Management of ASAM-Core
• Service Hub CLI
Management of Service Hub
• Management via AWS
Management of ASAM-CORE and Service Hub
 Configuration possibilities release dependent
58
 Inband management
• use the same interface as the user data path
– An Ethernet 100BaseT or1000BaseT network link of the Service Hub
is used for OAM data and for user data
Possible ports: 18  24
 Outband management
• use a different interface as the user data path
– A dedicated Ethernet 100BaseT or 1000Base T network link of the
SHub is exclusively used for OAM data
configured as Network port
Possible ports: 18  24,
– via the 10Base-T Ethernet interface (on NT I/O)
– Via RS232
59
7302
ISAM
Remote AWS PSTN
or CLI
A5523
1 GE P …
Service LT
Remote AWS S
Hub
or CLI
NT I/O .
Router
EMAN .
NT
.
Router 1 GE P …
LT
S
ACU
Remote AWS
or CLI TL1 & CLI’s/RS232
60
Full CLI basic operations
Connecting to the TL1/ Full CLI on the ASAM part
7302
ISAM  Login to the ISAM Full CLI
PSTN • Telnet session
• via Serial interface on ACU
 Via RS232 port on AACU

• DCE DB9 interface
NT I/O LT P …
4 x FE/GigE S • ASCII coding
elec or
GigEoptical • 9600 bps
• 8 bits
NT • no parity
.
• 1 stop bit
. • No flow control
SMAS
. • Parameters are configurable!
ACU
LT P …  CLI:
S Login: isadmin
Password: i$@mad-
Craft Terminal (to be changed at first time login)
62
CLI Basic operations (1/4)
 Full CLI can be used to configure and manage ISAM equipment

• ASAM Core and Service Hub
 The root node is the highest level.
Directly below the root node you find the command nodes
Important command nodes are ‘configure’ and ‘show’.
 Show a short explanation on what can entered at this position in the
command..
• Enter ?
Possible at each position of a command
 Show an extensive explanation on the command.
• Enter help
 Show configuration
• Enter info
Shows only the parameters which don’t have the default value.
• Enter info detail
shows all nodes and all parameters shown.
63
 Move cursor left one space

• press <left arrow>
 Move cursor right one space
• press <right arrow>
 Recall previous command
• press <up arrow> or <ctrl>p
 Recall successive commands

• press <down arrow> or <ctrl>n
 Delete previous input character

• press <backspace>
 Delete character under the cursor
• press <delete>.
 Toggle between insert and overwrite mode.
• press <insert>.
64
 Reset command input processing

• press <ctrl>c.
 Auto completion of the command when only entered partially
• Press <Space> or <Tab>
 Go one level up
• Enter exit
 Go to the level you were at before you entered the last
command (previous)
• Enter back
 Display the last commands entered at the terminal.
• Enter history
 Display the structure of configurable nodes and subnodes.
• Enter tree
65
 Telnet session to another server

• Enter <telnet IP address>
• Telnet session towards Service Hub CLI possible without having IP
address assigned to Service
<telnet shub> command
Exit Telnet session towards shub with <exit>
or connection closed by telnet server (session inactivity-time
protection)
 Filter
• < | match <parameters>
• Possible parameters displayed by entering <?>
66
7302/5523 Hands-on
Getting started with the CDE & Alcatel 5523 AWS

Hands-on
 Hidden Slide, see Notes Page

 Exercises
• Getting started with the CDE & Alcatel 5523 AWS
• ANEL features of AWS
• License Key of 5523 AWS
68
Hands-on

 Exercises
69
Hands-on

 Exercises
70
Hands-on

 Exercises
71
Turn-up procedure
7302/5523 operator
72
Objectives
 After this section, you’ll be able to:

• Configure and turn-up a new ISAM
• Configure the ISAM’s IP-address
• Configure the network port and management VLAN
• Set-up the SNMP management between AWS and ISAM
73
Management interfaces on the Service Hub
 Internal Communication VLAN: IC-VLAN

• internal communication between Control
controller (NT) and ASAM I/F network link controller
links
Internal Ethernet ports of the ASAM
E-MAN ASAM link
• IC-VLAN-ID is 4094 L
Fixed by Software ASAM link
T
L
This VID cannot be used externally subtending T
Range to be used in the links user links
network 1  4093
 External VLAN
• Used for all communication of the Control
x
NT outside the 7302 ISAM network link
x
links
• Typical value used 4093
E-MAN ASAM link
Configurable L
T
• Management VLAN ASAM link
L
• Same as External VLAN-ID subtending T
links user links
***Optional on subtending links and

other NW links
74
VLAN port Mapping on Service Hub for management
* Not involved in the dataplane

* Port mapped to IC-VLAN and External
* Port mapped to: management VLAN)
-management VLAN NT
external VLAN*
control link
E-MAN
network
Port mapped to IC-VLAN
links
LT
ASAM links
subtending
user links
links
Port possibly mapped to
management VLAN
External VLAN*
75
Management communication
SHUB IP@
external MGT SHUB
 Internal management
communication
External Internal
• IC via VLAN4094. VLAN 4093 VLAN 4094
Fixed IP address
For Service Hub/NT : 127.0.0.2
 External management
• Mgmt VLAN by default VID 4093
IP addresses configurable by
operator
Single IP address mode
76
Turn up procedure
 Log on to the ISAM for the first time via Full CLI
• Connect via RS232 port on AACU
DCE DB9 interface
ASCII coding no parity
9600 bps 1 stop bit
8 bits No flow control
• Choose CLI <C>
• First time login to the Full CLI
Login: isadmin
Password: i$@mad- (first time login)
New password: xxxxx
Confirm new password : xxxxx
77
Turn up procedure
 Single IP-address
• isadmin># Configure system single-public-ip
• isadmin># Configure system management host-ip-address

manual:IP-address/netmask
• isadmin># Configure system management default-route <def-

gateway>
78
Turn up procedure: network port config
 network port in the external management vlan:
• configure interface shub port 1 port-type outband-mngt

admin-status auto-up
• configure vlan shub id 4093

egress-port network:1
untag-port network:1 <optional>
• configure bridge shub port 1

pvid 4093 <optional>
79
Turn up procedure: SNMP
 Make ISAM manageable from the AWS

• configure system security snmp community public host-address
<ipaddr/netmaskbits of AWS> ( on ASAM-Core)
• configure system security snmp community NETMAN host-address

<ipaddr/netmaskbits of AWS> context shub ( on SHUB)
 Save settings of the shub
• admin software-mngt shub database save
 Reboot the Shub
• Admin equipment reboot-shub systemreset
 Create & supervise the ISAM on the AWS
80
7302/5523 Hands-on
Resetting the Alcatel 7302 ISAM

Hands-on

 Exercises
• Resetting the Alcatel 7302 ISAM
82
Hands-on

 Exercises
83
Hands-on

 Exercises
84
o
7302 ISAM: Basic Configuration
7302/5523 Operator
85
Objectives
After completing this section, you’ll be able to:

 Describe the most important parameters in:
• the XDSL profiles,
• the XDSL port configuration,
• the logical port (ATM / EFM) configuration
 Describe the use of LACP and RSTP
 Retrieve information on and configure:
• Equipment
• Profiles
• Ports
• STP
• LACP
86
Table of contents
 Basic configuration of the 7302 ISAM . . p. 4

• Equipment configuration . . . p. 5
• Port configuration . . . . p. 11
• Logical flow configuration . . . p. 37
 Link aggregation & spanning tree . . p. 42
 Exercises - Questions . . . . . p. 51
87
Basic Configuration of the 7302 ISAM
 Equipment
• ISAM  Rack  Shelf  Boards  Equipment
configuration
 Port
• Ports on Service Hub
– Physical
– QoS
• xDSL end user ports
 Port configuration
– xDSL and QoS profiles
– xDSL line + xDSL interface
– QoS DSL port
 Logical flow
• ATM:
– ATM TP  Logical flow
– ATM-Ethernet interworking point configuration
• EFM:
– Line-Ethernet interworking point
88
Equipment configuration
Equipment configuration
 The system detects presence of equipment at startup and

auto-configures a number of items.
• Autoconfiguring of ISAM (no description) , Rack, shelf, ACU and NT.
 Equipment configuration 
• Unit configuration  Equipment configuration
System, rack, shelf
• Board configuration
LT’s, appliques
• As long as equipment is not planned, it is impossible to
configure/offer service
90
Configuration of boards
ISAM NT I/O – applique 2  CLI: physical slot numbers

PWR • ACU slot - slot 1
• NT-slots - slots 2 & 3
• NT I/O - applique 2
• 16 LT-slots - slots 4  19
LT slot number + 3
LT-slot 19
ACU-slot 1
LT-slot 4
LT-slot 5
LT-slot 6
NT-slot 2
LT
LT
LT
LT
LT
LT
LT
LT
LT
LT
LT
LT
ACU
SMAS
For LT-4:
Configure slot 1/1/7
(= rack 1/shelf 1/slot 7)
Fan unit
91
Configuration of LT and applique boards
EML USM EML USM

view view
Configuration Board
Accept all boards • Accept

/ appliques...
• Create
 LT
• configure equipment slot <rack/shelf/slot>
[no] planned-type <Board Type>
 Applique
• configure equipment applique <rack/shelf/slot>
[no] planned-type <Board Type>
92
Other equipment related commands
 Unconfigure equipment
EML USM
view • Configure equipment
shelf/slot/applique <index>
no planned-type
Board
 Lock or Unlock equipment

Delete Power •Lock • Configure equipment
•Unlock shelf/slot/applique <index>
•ON [no] unlock
•OFF
 Power down equipment
• Configure equipment
shelf/slot/applique <index>
[ no] power-down
93
Retrieval of equipment information
EML USM EML USM

view view
 View the status
• show equipment
Isam (detail) Board Subrack
Rack (detail)
Shelf (detail) Show Show
slot/applique (detail)
e.g. show equipment slot/applique 1/1/5
 Verify the configuration

• Info configure equipment ...
• Configure>equipment> ... > info detail
94
Port configuration
Physical configuration of ports
 Ports to distinguish
• Ethernet port on Service Hub
• xDSL user ports on ASAM-CORE
 Physical port configuration
Ethernet ports on SHUB Xdsl ports on ASAM-CORE
96
Configuration of Ethernet ports the Shub (1/2)

7302
ISAM
PSTN
Ethernet ports on SHUB
4 FE/GE
 24 Ethernet interfaces on Shub
P …
NT I/O L
S
• 16 ports for LT = ASAM links
T
• 1 (0) control link
• 7 (8) ports for user links, subtending
3 (4) FE/GE NT ASAM links
1-16 . links and network links
SMAS
.
Logical Port type NAME full CLI
. port
ACU
L P …
S 1 16 ASAM LT:1/1/116
T
17 CONTROL
1824 NETWORKING NW Port 1 7 (8)
97
Configuration of Ethernet ports on the Shub (2/2)
 ASAM ports and control port are preconfigured

 Uplink (network) ports are configurable
• Port-type: EML USM
Board view
– Network
– Subtended
– User
– Out-band mgmt Port
 Configuration of uplink ports on SHUB

Configure
• configure interface shub port (index) <Port-Type> ...
98
Show Ethernet port configuration commands
 View status of interfaces on SHUB

• show interface shub port (all)
• show interface shub port 1
 Verify configuration of interfaces
• Info configure interface shub detail
all interfaces on shub:
– IP interfaces,
– vlan interfaces
– and Ethernet (port)
• To view Ethernet ports only, use filter “| match after exact:port”

• For port 1 only: “info configure interface shub port 1 detail
99
Configuration of xDSL port
 Configure xDSL physical parameters
Content
Provider Client PC
Internet ASP/ISP ISAM
ANT
xDSL
LT
NT
Eth NT
xDSL
LT
App App
HTTP HTTP
TCP connection
TCP TCP
Public
IP IP IP IP
IP
Phys routing Phys PPP PPP
PPPoE PPPoE
802.3 802.3 802.3 802.3 802.3 802.3
LLC LLC
VLAN VLAN SNAP SNAP Phys Phys
PHYS PHYS AAL5 AAL5
ATM ATM
ADSL
xDSL ADSL
xDSL
100
Configuration of port via AWS
 Assign xDSL profiles:

• service profile
EML USM
Board view
• spectrum profile
 Operational modes of the port
• ADSL flavors Port
• VDSL
Port
 minimum severity for alarm reporting on
the port
Configure
101
Configuration of a xdsl port for CLI
 . xDSL profiles

 . xDSL line

• Physical
DSL ports on ASAM-CORE
• Associate xDSL profiles
• Operational modes . Configure xdsl profiles
• TCA thresholds *xDSL service profile
*xDSL spectrum profile
 . xDSL-line interface .
• Management parameters
. Configure xdsl line
• desired state
- traps?
• threshold for alarm reporting . Configure xdsl-line
interface
 .  QoS
• CAC, scheduling and BAC
• Assign QoS profiles . configure DSL port
QoS profiles
102
XDSL Profiles
 XDSL service profile

ANEL
• line rate & interleaving parameters
• number of latency paths
Templates
 XDSL spectrum profile

Profile
• supported modes (ADSL2, VDSL, …)
• noise parameters, carrier masking & RFI bands
Create
• mode specific power & PSD parameters
XDSL XDSL Profile

Spectrum Service Type x
103
Two xDSL line profiles
 xDSL service profile  xDSL spectrum profile

• line rate & interleaving • Parameters on physical level
• Mainly related to xDSL- Environmental line conditions
channel interface Spectrum management
. Configure xDSL Line profiles
xDSL service profile xDSL spectrum profile
Common part Specific part
Adsl-adsl2 Re-adsl Adsl2-plus vdsl
104
xDSL line profiles: Where used ?
7302
ISAM
EBLT
Port 1
ASAM links
Port 2
NT I/O
Port 3 xDSL line configuration
1-16
•Service profile
Port 4
NT
•Spectrum profile
E1LT
ASAM links
SMAS EBLT
NT I/O
ACU Port 1
1-16
Port 2
NT
Port 3
SMAS Port 4
ACU
7302
105 ISAM
Profiles & Templates
“Profile Templates” “Profiles on ISAM”
ANEL
on AWS
Profile 2
Profile 1 DOWNLOAD TO NE Profile 5
Profile 2 Profile 6
Profile 3
Templates Profile 4
Profile 5
Profile 6
Profile Profile x
.
.
.
Create
ISAM
Profile Profile Profile

Type x Type y Type z
106
Global set
XDSL service :
Profile 1 ANEL
Profile 2
… Profile u CREATE
XDSL spectrum : GLOBAL SET xxx
Profile 1
Profile 2 XDSL service :
… Profile v Profile 1 Templates
Profile 8
... Profile 9
XDSL spectrum : Global Set
Profile 2
Profile 4
Global set : Set 1
Set 2
Set x DOWNLOAD
GLOBAL SET xxx
Create Download •Delete

to NE
ISAM •Modify
AWS
•Show
107
XDSL line service profile
 Rate adaption mode

• Can be different for each direction
 Bit rate parameters
• No link to which xDSL used!
Number of frame bearers (max.1 today)
Bit rate parameters
Interleaving parameters
Max. delay will determine final interleaving depth
Reed-Solomon/Interleaving parameter
108
xDSL Spectrum profile: modes
 Defines allowed
modes on the port
• ADSL2 .. VDSL
109
XDSL Improvements
After years of ADSL field experience …

Multi-vendor Real world: Bridged taps, Crosstalk
Interoperability & Narrowband Interferers
Adaptation to time The green line:
varying line conditions Power savings
Monitoring and trouble All Digital Mode

resolution tools
ADSL Anywhere:
Enabling applications: RU deployment
voice, games and video
Egress Friendliness
Enabling implementation
technologies Ease of CPE installation
110
Overview of the new standards
ITU-T
 G.dmt = G.992.1 = ADSL
G.dmt = G.992.1
= current ADSL  G.dmt.bis = G.992.3 = ADSL2
• better performance
• loop diagnostics
• improved initialization & fast start-up
G.dmt.bis = G.992.3 • power management
= ADSL2
• …
 G.adslplus = G.992.5 = ADSL2+
• More downstream bandwidth (spectrum 
2.2 MHz)
G.adslplus =  on G.992.3
= ADSL2+ • up to 24 Mbps / at least 16 Mbps
READSL2 = G.992.3 annex L
= Reach Extended ADSL2  READSL2 = Annex L G.992.3
• Reach Extended ADSL2
111
Some examples of ‘new’ annexes: Annex I, J and M
Annex A POTS UP DOWN
138kHz 1.1 MHz

ISDN
Annex B UP
DOWN
120kHz 276kHz
Annex I
UP DOWN
All digital
Annex J
UP DOWN
POTS
Annex M UP
UP DOWN
112
ADSL2+ doubles the frequency spectrum
113
xDSL Spectrum profile: noise
 Noise margin parameters

• Minimum Noise Margin
• Target Noise Margin
• Maximum Noise Margin
 If maximum not enabled,

default: 51dB
114
DSL Line Profiles: SNR/QAM relationship
Bits/symbol QAM Signal/Noise ratio (dB)

for BER<10-7
4 QAM-16 21,8
6 QAM-64 27,8
8 QAM-256 33,8
9 QAM-512 36,8
10 QAM-1.024 39,9
12 QAM-4.096 45,9
14 QAM-16.384 51,9
 Relation between the SNR and the max. QAM.

(QAM is linked to line rate)
 To obtain a certain speed we need a min. SNR!
115
Noise margin parameters
SNR (dB) S1 = SNR for max. output power at startup

NM (dB)
STARTUP SHOWTIME
S2 = SNR needed for startup= S0 + TNM
S1 SNR measured at
startup (Pmax) S3 = SNR at startup = S2 + MANM
S3
MAX.
ADD.
NOISE Adjust output power
MAX. MARGIN
NOISE (MANM)
MARGIN
S2 6dB (MaxNM)
TARGET
NOISE
MARGIN
(TNM) MINIMUM NOISE MARGIN !
(MinNM) >1’: RESET
S0
t (s)
SNR needed for the configured line rate
116
xDSL Spectrum profile: carriers
 Enable/disable carriers
• Not applicable for VDSL
 Upstream (in)
• Max. up to carrier 64
(ISDN) (max. 276kHz)
 Downstream (out)
• Max. up to carrier 512
(ADSL2+) (max. 2.2Mhz)
 Used carrier range
• Depends on actual operating
mode
117
xDSL spectrum profile: RFI (Hamming bands)
 Define modem behavior

(PSD) for radio bands
International amateur radio bands

(HAM)
Band start Band stop Band stop

ETSI/ITU/ANSI ETSI/ITU ANSI
kHz kHz kHz
1810 2000 2000
3500 3800 4000
7000 7100 7300
10100 10150 10150
14000* 14350* 14350*
18068* 18168* 18168*
21000* 21450* 21450*
24890* 24990* 24990*
28000* 29100* 29700*
(*) Frequency bands above 12 MHz are out of the VDSL modem frequency band.
118
RFI details: Egress vs. ingress
 Egress control notched

PSDdBm/Hz
-60
or …
< -80
f1 f2 fMHz
• Notched: adapt PSD mask to –80dBm/Hz for that range

 Ingress control
• Operator informs modem of possible disturbance level of RFI bands
• Modem could decide not to charge those frequencies too heavily
119
Port configuration via CLI
DSL ports on ASAM-CORE
 . Configure profiles . Configure xDSL profiles

*xDSL service profile
*xDSL spectrum profile
 . Configure physical parameters of xDSL line
• configure xdsl line rack/shelf/slot/port
. Configure xDSL line
service-profile <index>
spectrum-profile <index>
 . Configure xdsl interface

• configure interface port xdsl-line: . Configure xDSL-line
rack/shelf/slot/port interface
120
Logical flow configuration
Configuration of logical flow via AWS
 AWS inherently configures Ethernet EML USM

interworking point port view
• For xDSL: at creation of the ATM TP

Connection
• For VDSL :
– at creation of VLAN association Create
(for L2 forwarding model)
– at creation of the IPoE or PPPoE interface
ATM Termination
point
122
Configuration of logical flow via CLI (1/2)
 Logical flow
configuration
 Configure ATM TP
. Configure ATM TP • VPI/VCI value
only in case of ADSL flavors • AAL 5 parameters
 Configure Ethernet interworking point.

• Configuration of bridge port
. Configure Ethernet
With default parameters
interworking point on the LT
• No VLAN association
Only necessary in case of L2 forwarding
mode on that particular port
123
 Configure ATM TP
• Only in case of ADSL flavors
• configure atm pvc (rack/shelf/slot/ port:VPI:VCI) ...
Content
Client PC
Provider
Internet ASP/ISP ISAM
ANT
xDSL
LT
App
Eth NT
NT
App
xDSL
LT
HTTP HTTP
TCP connection
TCP TCP
IP IP IP
Public IP
IP
Phys routing Phys PPP PPP
PPPoE PPPoE
802.3 802.3 802.3 802.3 802.3 802.3
LLC LLC
VLAN VLAN SNAP SNAP Phys Phys
PHYS PHYS AAL5 AAL5
ATM ATM
124 ADSL ADSL
 Configure Ethernet interworking point

• ADSL-flavors:
configure bridge port <rack/shelf/slot/port:VPI:VCI>
• VDSL:
configure bridge port <rack/shelf/slot/port>
x/Eth x/Phys layer x/Eth
LT x
EFM / Logical
FW Engine
user port
ASAM link
LT Y
PVC / Logical
FW Engine
IWF
user port
x/Eth x/ATM/Phys. Layer x/Eth
125
Link Aggregation & Spanning
Tree
802.3ad Link Aggregation Protocol
 Links can be aggregated into a link aggregation group (LAG)

• only for network & subtending links
• combine links with same speed
• n x data rate of components links
• aggregate participates in forwarding decision process
• max. 7 (8) LAG
• max. 7 (8) physical links in a LAG EMAN node
7302 iSAM 7302 iSAM
• support for LACP
• hashing
L.A.G. L.A.G.
xDSL xDSL
127
Configure Link Aggregation system parameters
 CLI: configure la > [no] disable lacp

EML-USM
Configuration
Link Aggregation
•Configure
•Show Config.
128
Configure LAG on a network port (SHUB)
 configure la aggregator-port … EML-USM

 show la …
Port
Link Aggregation
Select the logical port (LAG)

•Configure
Select 1 configured port +
•Show Config
one or more unconfigured
•Aggregate ports
•Deaggregate
Select one or more
ports in a LAG
129
802.1w – Rapid Spanning Tree Protocol
X xDSL
xDSL
X
 Avoids loops in a bridged network
• provides path redundancy
• RSTP: reconvergence time < 1s
• one spanning tree for all VLANs
• can be configured in STP compatible mode
• RSTP limits number of hops (typically 8)
130
Configure RSTP parameters
EML-USM
Configuration
STP
•Configure
•Show Config.
131
Configure STP on a network port (SHUB)
 EML-USM > Select network port

EML-USM
• You cannot configure STP on other types of ports!
Port
•Configure
•Unconfigure
•Show
132
Configure RSTP parameters via CLI
 Show RSTP port settings:

• show rstp port-info
 Configure RSTP settings applicable to the SHUB:

• configure rstp
 Configure RSTP settings on a port

• configure rstp network-port (port)
RSTP operates on a port rather than on a VLAN
 Trigger a specific SHUB port to revert to RSTP protocol (vs

STP):
• admin bridge rstp port (port)
133
Exercises - Questions
o
VLAN forwarding modes and IB
7302/5523 operator
141
Objectives
142
Table of contents
 Forwarding modes : general . p.3

 layer 2 forwarding :
The Basics p.6
Intelligent bridging. p.13
 VLAN setup . . . . p.39

 VLAN association . . . p.54
 Exercises . . . . . P.69
143
Forwarding modes
General
Forwarding engines
 On the LT
 On the NT
• the forwarding engine is part of the service hub
x/Eth x/Eth x/Phys layer x/Eth
NT
LT x
FW Engine
Service
Forwarding Engine
External Hub EFM / Logical

Ethernet user port CPE
ASAM
links
GE/FE link LT 1
FW Engine
1-7 GE1-16 IWF
PVC / Logical CPE

user port
x/Eth x/Eth x/ATM/Phys. Layer x/Eth
145
Forwarding modes: General
7302 ISAM
L3+
Network L3
side L2+ User
L2 side
Eth-VLAN
ANT
Decision Forwarding mode

L2 VLAN Cross-Connect (CC)
Intelligent Bridge (IB)
L2+ PPPoA to PPPoE translation
IP aware Bridge
L3 Routed
L3+ PPP termination
146
L2 Forwarding mode
General overview
7302 ISAM
Network Anything Anything Anything
side Eth - VLAN L2 Eth – (VLAN) Eth – (VLAN) User
ATM/AAL Phys layer side
Phys layer
Eth-VLAN
 layer 2 forwarding
• Ethernet layer must be present at both sides.
• encapsulation at CPE must include Ethernet
148
Two L2 forwarding modes
 the cross-connect (CC): one (or more) VLANs per circuit

Forwarding based upon
– User side: PVC for ATM or DSL port for EFM
– Network side: Single or stacked VLAN tag
 the intelligent bridging (IB): one (or more) circuits per VLAN
Forwarding based upon MAC addresses
149
L2 functionalities
NT Control/Mgt function
Eethernet
External
Control link LT 16
ASAM link
links
FE
Aggregation function IWF

GE/FE
1-7 Service Hub
GE1 ..16
GE1-16 LT 1
48 ADSL lines
Standard VLAN enabled IWF
bridge. Special VLAN enabled
bridge.
PVC / Logical
user port
150
L2 functionalities
ISAM
GE
POTS,ISDN
E-MAN NT
LT
Network
CPE
Anything
Anything
ETH-ATM Ethernet Ethernet
Ethernet Interworking
Ethernet Layer 2 Layer 2
Layer 2 Function
Layer 2 LLC
(IWF) LLC
SNAP
SNAP
(+ MAC (+ MAC AAL5
AAL5
Control) Control)
ATM
EthSwitchEth EthSwitchEth ATM
PHY GE PHY xDSL?

PHY FE/GE FE/GE GE
151
Standard bridging concept
 MAC bridges can interconnect all kinds of LANs together

 No guaranteed delivery of frames
 A bridge learns MAC addresses
 Flooding occurs when destination MAC address is broadcast,
multicast or unknown, :
• “If you do not know, send it to everybody’
 If the destination MAC address has been learned, the frame is
forwarded to the indicated interface
152
Security/scalability issue with standard bridging
 Broadcast frames (ARP, PPPoE-PADI…) forwarded to

all users & flooding to all ports.
• MAC-address of a user is exposed to other users
• Broadcast storms
BC or unknown MAC DA
Ethernet BR
CPE
BRAS DSLAM PC
BC or unknown MAC DA
CPE
PC
 PC
CPE
DSLAM
153
Standard bridging: Issues
 Broadcast storms
 Security
• Broadcast frames are forwarded to all users
 Customers identified by MAC-address (not guaranteed unique)
 Restrictions on services and revenues:
• IP edge device has no info on the access line
So not possible to limit the # of sessions per access line
• User-to-user communication possible without passing the BRAS
NOT FIT FOR USE IN PUBLIC NETWORKS
154
Intelligent bridging: network issues
B
VLAN1 R CPE
MACA
IP edge ISAM
Ethernet

Problem:
If user A can obtain the MAC@ of
User C, since the Ethernet switch
learns all Mac @ , user to user
communication is possible
CPE
MACB
ISAM
155
Broadcast messages & flooding US
 Upstream BC frames & flooding only forwarded only towards

network port(s) within a VLAN
• 1 VLAN per IP-edge
• Reduction of flooding in the aggregation network.
• No user-to-user communication without passing the BRAS
BC or unknown Mac DA
VLAN 1
Ethernet BR
VLAN 2 CPE
BRAS ISAM PC A
CPE

PC B
ISAM PC
CPE
156
Intelligent bridging
The intelligent bridging model (1/2)
 Multiple users connected to 1 VLAN ID Note: Tagged frames not

supported for IB???
 IB-VLAN has:
• 1 or more user logical ports, subtending ports or user Ethernet
ports
Internet
• 1 or more network ports
Internet ISP1
ISP
IP
E-MAN Login to ISP
Network or corporate
E-MAN BAS
ISP2 Network
Corporate
Routing to the correct

Routing to the
ISP is done based on
correct ISP is
user-id and password in
based on the
the BRAS
VLAN-id
158
The intelligent bridging model (2/2)
 Special layer 2 behavior needed in an access environment

• IB with VLAN tagging
 Intelligent Bridge (IB) means
• distinction between network ports and user ports
Frames from a user always sent towards the network
No user to user communication
• prevent broadcast traffic from escalating
avoid broadcast or flooding to all users
• secure MAC-address learning within a VLAN
avoid MAC-address duplication over multiple ports
• protocol filtering
may lead to a frame being forwarded, sent to a host processor,
discarded or forwarded & sent to a host processor
159
Broadcast messages & flooding DS
 Blocking of broadcast & flooding in the downstream

• Avoids messages unintentionally distributed to all users
For some applications forwarding of BC is “needed”
Solution: Make BC flooding / BC discarding a configurable option per VLAN
Ethernet BR
CPE
ISAM PC
BRAS
BC or unknown
 MAC DA
CPE
PC
CPE
ISAM PC
160
 Bridge: learning, aging, forwarding
• lookup MAC DA done based on VLAN and MAC-address
• intelligent bridging enhancements implemented on ISAM
 LT and SHUB have

• independent MAC-address learning
• independent MAC-address aging
aging timers are configurable
161
LT self-learning
 only in the upstream - when initiated from user logical port
• Self-learning can be disabled per user logical port.

• In case of self-learning, limiting number of MAC addresses is
possible.
Learning of Source Mac@

within VLAN
NO selflearning
LT MacA
x
To Service MacB
Hub y
MacC
z
162
Self learning in the Service Hub
 Self-learning implemented for both upstream and downstream

 Discard all user unicast frames with MAC DA known on an
ASAM or subtending port
• No user to user communication
Learning of Source
Mac@ within VLAN
Service LT MacA
Hub
X’
E-MAN U’
LT MacB
Y’
B A
B C
E-MAN V’ Z’ LT
MacC
163
Blocking of user to user communication
 Port mapping on the service hub/NT

• An interface can only communicate with its mapping ports
Control 7 Network Control X Network

link links link links
User links
Service
Service
Hub
Hub
1 15 16
subtending
1 15 16
links
ASAM links ASAM links ?
164
Port mapping
 Port mapping is used to …

• block user to user communication on the service hub
NT
Control link
LT
E-MAN
network
links
LT
ASAM links
subtending links
user links
165
Upstream
 Only user to network allowed

<-- <-- <-- BC User A - LT1
Network SHUB LT --> User B - LT1
--> User C - LT4
--> User D
--> S-ASAM
<-- <-- <-- Unknown MAC DA User A - LT1

--> User C - LT4
--> User D
--> S-ASAM
<-- <-- <-- Known MAC DA User A - LT1

--> User C - LT4
--> User D
--> S-ASAM
166
Downstream
 Broadcast control configurable per VLAN in IB mode

BC --> --> --> User A - LT1
Network SHUB --> LT -->if BC allowed User B - LT1
--> --> User C - LT4
--> User D
--> S-ASAM
Unknown MAC DA --> --> --> User A - LT1

Network SHUB --> LT --> User B - LT1
--> --> User C - LT4
--> User D
--> S-ASAM
Known MAC DA --> --> --> User A - LT1

Network SHUB --> LT --> User B - LT1
--> --> User C - LT4
--> User D
--> S-ASAM
167
Duplicate MAC-address learning
port Mac@
x MacA MacA
y MacA
Port x
ETH
?
 Port y
Packet with destination address MacA MacA
Problem:
If 2 users with same MAC-
address, forwarding engine can’t
distinguish
• Traffic from duplicate MAC-address in separate DSLAM can be

distinguished as separate flows in the Ethernet switches of
aggregation Network when different VLAN id per DSLAM is used
168
Secure MAC address learning
 Service Hub  LT
• MAC movement to highest priority • Blocking duplicate MAC-
• Within priority 2 , always MAC address
Movement  Static MAC-addresses never
• Within priority 3 , MAC disappear from learning table
movement only when feature is NT
enabled in the VLAN
Control link
1
LT
E-MAN network links,
2 ASAM links
outband MGT link 3 IWF
2
LT
3 IWF
subtending links
3
3
user links
169
Secure MAC address learning
 Configure maximum number MAC-addresses per port

• Prevents attacks that would fill up the bridging tables
• Subscription rules: maximum devices connected simultaneously.
Internet
ISP
MacC MacB
IP
Port x
ETH bridged MacA

BAS
PADI with source address=MacC
ISAM
Connected
port Mac@ via PPPoE
port Max x MacA
Mac@
x MacB
x 2
170
Intelligent Bridging, things to consider
 Security Services !
• IP edge has no info on the line id
Solutions: PPP-connections (BRAS) or DHCP option 82…
• User can access network with a different IP address than the
assigned IP address.
Pure layer 2 device
 No support for duplicate MAC-addresses on the same ISAM

• Within the same VLAN
 Scalability
• Switches learn all MAC addresses of all end-users
• IP edge learns all MAC addresses & IP addresses of all end-users
171
Intelligent Bridging, things to consider
 Advised to use unique VLAN per [IPedge -DSLAM]-pair in

EMAN
• avoid user-to-user communication
• Traffic management per DSLAM
• Complex IP network configuration
 When 1 VLAN shared by multiple DSLAMs
• User to user traffic in EMAN
• Easy IP network configuration
• One single subnet for all DSLAMs
• MAC-address spoofing
Standard MAC address learning at EMAN level
Traffic will be rerouted to any spoofed MAC address
172
IB vlan set up
IB VLAN set-up
 VLAN set-up:  Create VLAN for

•  Create VLAN service to be deployed
Creation of VLAN on SHUB and LTs
•  Add ports to VLAN

On SHUB and LTs  Add ports to VLAN
 Via AWS
• Service templates are used
• Need to be deployed on ISAM (download)
Service mapped on specific VLAN-ID
• Different versions of one template possible
174
Creation of IB VLAN (AWS ) : use of service template
 Parameters to configure
• Identification
ANEL
• Allocation strategy
• System mode settings
• Protocol settings
Service
• IGMP settings
• State
Definition
Create VLAN 2 – Serv id: x

Service 1 – Serv id: x VLAN 5
Service 2
- RB VLAN Service 3
Service 4
Service 5 DEPLOY TO NE
Service 6
Service 7
...
“Service Templates”
175
on AWS ISAM
176
VLAN service template states
 Under construction ANEL

• not ready to be deployed
• Service parameters can be modified
 Ready for use Service
• Ready to be deployed to ISAM.

• Can’t return to status “under construction” Definition
• Service parameters can only be modified in
a new version of VLAN service template •Create
 Obsolete •Modify
•Change state
• ready for deletion
 Preferred
• preferred version to be deployed
177
VLAN identification
 Service Name
 Service Identifier
• Service in ISAM is only known by service identifier
• By default AWS puts Service Identifier = Service Name
Service NAME
Service Identifier
Version
Service Identifier
Version
AWS
178
ISAM
Residential bridge parameters
BC button not checked

Default
 Broadcast control From
Service
Hub
LT
• Only applicable in IB mode MAC-DA
Broadcast
Disabled (default):
BC in IWF on LT blocked in DS
Enabled:
Allow BC in DS
NT
 MAC movement
• Only applicable in IB mode SHUB 1
Disabled (default): 2 LT
No MAC movement in SHUB within E-MAN
3
priority 3 interfaces 2
Enabled: LT
MAC movement allowed within 3

priority 3 interfaces
3
3
179
Residential bridge parameters
 DHCP option 82/PPPoE Relay Tag

• Only applicable in IB mode
Disabled (default):
No option 82/PPPoE information added by LT
Enabled:
Option 82/PPPoE information added by LT
 Protocol Group Filter

• Different from Protocol based VLAN association
• 3 possibilities
All : allow all protocols on VLAN
IPoE: allow only IPoE on VLAN
PPPoE : allow only PPPoE on VLAN
180
Creation of IB VLAN via CLI (1/3)
 Creation of VLAN in 2 steps

• on SHUB
• on LTs (ASAM-CORE)
 VLAN mode according to forwarding model
 Create VLAN
Mode i.f.o service to be deployed
Create VLAN on LT Create VLAN on SHUB

Residential bridge Residential bridge
181
VLAN mode
SHUB LTs (ASAM-core)
Model
Intelligent Bridge Residential bridge Residential bridge
IP aware Bridge
Layer2 Terminated * Layer2 Terminated *
(forwarding)
Layer2 Terminated NW
Routed Layer2 Terminated *
port & v-vlan *
PPP termination in forwarding

mode
PPP termination in routed Layer2 Terminated NW

Layer2 Terminated *
mode port & v-vlan *
* : see next chapters
183
 Vlan ID range: 1 to 4093

• Exluding the VLAN ID used for management
 Create VLAN on ASAM-CORE
• configure vlan id < VLAN ID> mode <VLAN Mode >
• Optional parameters
[no] name <VLAN name>
[no] priority <VLAN Priority>
[no] broadcast frames
[no] Protocol filter <pass -protocol group>
[no] PPPoE relay – only for RB vlan
[no] dhcp-option-82 – only for RB vlan
 Create VLAN on SHUB

• configure vlan shub id <VLAN ID> mode <VLAN Mode >
[no] name <VLAN name>
[no] mac-move-allow
184
VLAN service template: Allocation strategy
 When service is deployed on ISAM, it is mapped to one VLAN-

ID
 VLAN ID in function of allocation strategy
• User select = At download VLAN-ID per ISAM is defined
• Shared with VLAN-ID = ISAMs share the same VLAN-ID
Give
VLAN-ID/NE
User Select Shared with VLAN-ID
ISAM
ISAM
Give
VLAN-ID/NE DEPLOY TO NE
WITH MUTUAL VLAN-ID
AWS AWS
ISAM
185
ISAM
VLAN service template transitions
Modify
within version
Service Template
Under construction DELETE
Service Template Service Template

Ready for use Obsolete
Service Template
Preferred
DEPLOY or
UPGRADE Modify
New version created
186
ISAM
IB vlan association
 Port based VLAN association
• VLAN ID based on port of arrival
• Untagged frames receive port VLAN identifier – PVID
Also called the default VLAN ID
 Port-and-protocol-based VLAN classification

• VID based on port of arrival and the protocol identifier of the frame
• Multiple VLAN-Ids associated with port of the bridge – VID set
188
IB VLAN association of port on ASAM-CORE
 Frames received by end users  Frames received from end users

are tagged are untagged
• On logical port define • User port can be mapped to
different VIDs and configure multiple VID using port-
frames received from end- Protocol based association
user as tagged Only applicable in Residential
Bridging mode
E-MAN LT
CPE IPoE
Network IPoE PPPoE
PPPoE LT xxx
E-MAN CPE
xxx
Network
= PVID
189
IB VLAN association of port on ASAM-CORE
 One logical user port can be mapped to multiple VIDs

 One logical port associated to CC or Residential-bridge VIDs
 One logical user port can accept tagged and untagged frames
together
• Configured on the level of VID definition
 Per user logical port a PVID can be defined
• Before PVID can be configured VLAN association has to be
configured
Configuration of VID within the bridged port
190
Definition of logical user port on ASAM-CORE
x/Eth x/ATM/ADSL x/Eth

 xDSL based on ATM
• 1 VP/VC is mapped on
1 logical user port on the IWF of the LT. LT 1
• 1 xDSL line can have multiple VP/VCs IWF
FW Engine
ASAM
• link
PVC / Logical
user port
CPE
 xDSL based on ethernet (EFM)

LT 1
• 1 end user is mapped to one logical
user port on the IWF of the LT IWF
FW Engine
One to one mapping ASAM EFM / Logical
link user port
CPE
x/Eth X/Eth/Phys layer x/Eth

191
Add port to VLAN in IB
 Add ports to VLAN
on ASAM-CORE on SHUB
Bridge port – VID mapping Define egress ports within
the VLAN
Control Control/mgt
link
External functions
ethernet Aggregation
links function FE
GE/FE 1
GE/FE 2
….. LIM
GE/FE 7
ASAM
links IWF LIM
GE1
….. IWF
GE16
PVC
PVC
192
VLAN association of port on ASAM-CORE with AWS :
 Select ATM termination point

EML
and assign VLAN to it USM
 Add port to RB VLAN

• VLAN needs to be deployed first Connection
VLAN Association
Residential Bridge VLAN

Cross Connect VLAN
193
Assign port to RB VLAN
VLAN with protocol

filtering: only PPPoE
allowed
Port-protocol based VLAN assaciation: when this protocol received map it to that VLAN
194
VLAN association on SHUB ports
 Configured SHUB ports are automatically associated with the

VLAN when VLAN deployed from AWS
195
Add port to a IB VLAN on the SHUB via CLI (1/2)
 Attachment of ports to the VLAN included in the “configure

VLAN SHUB” command.
• configure vlan shub id <VLAN ID>
mode residential-bridge
• Optional parameters egress LT-ports Network
[no] name <VLAN name> ports ASAM links Interfaces
Vlan Mode
[no] mac-move-allow
[no] egress-port CC mode Restricted to One or more**
[no] untag port one
Intelligent All One or more **
bridge
Layer 2 All One or more **
terminated
Layer2-term None One or more
nwport
V-vlan All None
196
Add port to a IB VLAN on the SHUB via CLI (2/2)
 Attachment of ports to the VLAN on SHUB for IB.

• Define egress ports in the “configure VLAN shub” command
Configure>vlan>shub>id <VLAN ID> egress port LT:xx
defines an ASAM-link
Configure>vlan>shub>id <VLAN ID> egress port network:x

defines an external NT port
 Tag mode can be configured on network ports

• Configure vlan shub id <VLAN ID> untag port network port:x
ASAM-links support only tagged frames
•
197
IB VLAN association of port on ASAM-CORE (CLI)
 define VIDs in the “configure bridge port” command

• configure bridge port 1/1/<slot>/<port>:<VP>:<VC>#
vlan-id <VLAN ID> or
vlan-id stacked <S-VLAN ID:C-VLAN ID>
Optional parameters per vlan-id
[no] tag
[no] qos profile
Priority for this VLAN
[no] prior-best effort

[no] prior-background
on this port (QOS)
[no] prior-spare
[no] prior-exc-load
[no] prior-ctrl-load
[no] prior-less-100ms
[no] prior-less-10ms
[no] prior-nw-ctrl
 Define PVIDs in the “configure bridge port” command

• configure bridge port 1/1/<slot>/<port>:<VP>:<VC>#
pvid <VLAN ID>
198
Deletion of VLAN
 It is not possible to delete a VLAN if there are still ports

attached to the VLAN
 Alternative procedure instead of deleting member by member
• admin vlan delete-vlan-member-ports vlanid <VLAN ID>
This command erases all member ports from vlan a specific
VLAN ID
 Deleting VLAN on ASAM-CORE

• configure vlan no id <VLAN ID>
 Deleting VLAN on SHUB
• configure VLAN shub no id <VLAN ID>
199
VLAN related show commands
 Selection of multiple show vlan commands

• Display list of command via “Show vlan ?”
• Interesting commands on ASAM-CORE
Show vlan residential bridge <VLAN ID>
gives al bridge ports connected to vlan
Show vlan bridge-port-fdb < bridge port id >
Gives all MAC-adresses learned or configured on that port
Show vlan fdb <VLAN ID>
Gives you MAC -adresses learned on all ports of that vlan
Show vlan-port-map <bridge port id>
Gives all the VLANS to which that port is mapped
• Same commands available on shub
200
Exercises
Cross connect mode (L2)
7302/5523 operator
213
Objectives
 After completing this section, you’ll be able to

• Describe the different types of cross-connect modes (S-, C-, S/C-)
• Retrieve VLAN information on the system.
• Associate a VLAN in cross-connect mode to a port on the ASAM-
CORE and to ports on the SHUB.
– Unstacked C-VLAN cross-connect
– S-VLAN cross-connect (C-VLAN transparency)
– SC-VLAN cross-connect
214
Forwarding modes – overview
7302 ISAM
L3+
Network L3
side L2+ User
L2 side
Eth-VLAN
ANT
 Different forwarding modes for different forwarding decisions:

IP aware Bridge
L3 Routed
L3+ PPP termination
215
Cross connect mode
 Transparent bit pipe

• Conceptually very similar to classical ATM PVC cross-connect
 One “customer”-VLAN (C-VLAN) contains strictly one user

• User port or user logical port or user on subtended interface
• Two variants: residential & business cross-connect
 One user can be cross-connected to multiple VLANs

• in this case user frames need to be tagged
216
Cross connect mode: Example
Ethernet
CPE
PC
BRAS ISAM
Appl.
TCP
IP 1 VLAN id per DSL line 1 PVC / DSL line
IP
routing
PPP
PPP
PPPoE
PPPoE
Eth. Eth. Bridging Eth. Xconnect Eth. bridging Eth.
LLC LLC
VLAN VLAN VLAN VLAN SNAP SNAP Phys. Phys.
Phys. Phys. Phys. Phys. AAL5 AAL5
ATM ATM
xDSL xDSL
217
VLAN Cross-connect mode
 Transparent pipe for unicast, multicast and broadcast traffic

• any protocol : IP, PPP, IPX, AppleTalk,...
Note : Tagged frames supported for

Internet cross-connect mode
VP/VC VLAN
2/100 10
CPE
2/101 20
CPE
ISP2
ISP1 E-MAN
Network
CPE
IP
BAS CPE
CPE
ISAM
218
Cross connect mode
 Customer identified by access port

• 1 VLAN = 1 VP/VC
Or even multiple VLANs per PVC
• MAC-address not used in the forwarding decision
 Security
• IP edge device knows the line id
• Edge can limit number of PPP sessions per line (VP/VC)
 Separation of broadcast traffic per user
 Number of MAC-addresses can be limited
• enable self-learning on the DSL port
219
Cross connect mode in 7302 ISAM
 Service Hub behaves as standard bridge

 LT Cross connect mode configurable
• C-VLAN cross connect
• S-VLAN cross connect
• SC-VLAN cross connect Ph port VLAN
EFM
x 30 VP/VC VLA
External Service ISAM - shelf N
ethernet Hub ASAM 1/100 10
FW Engine
links link
Ph. Port 1/200 20
GE1-16
1/100
FW Engine
1/200
220
C-VLAN cross connect
EDGE EMAN ISAM CPE
VLAN
VLAN-CC
ROUTER
IP IP
PPP PPP
PPPoE IP CC CC PPPoE IP
Eth Eth Service Eth Eth
Hub/NT LT ATM ATM
DSL DSL
221
C-VLAN cross connect mode, things to consider
 Scalability issue:
• VLAN technology only 4000 VLAN-ids
• Switches learn all MAC-addresses of all end-users
• IP edge learns all MAC-address<->IP-address of all end-users in
ARP table
VLAN 100 IP1

HSIA MAC1
VLAN 101
IP edge VLAN 100 BR VLAN 102
IP2
MAC2
VLAN 101 CC CPE
VLAN 103 IP3
Bridge
VLAN 102 … MAC3
ISAM-1 IP101
BTV VLAN 103 MAC101
…
ARP VLAN 1000 CPE IP102
MAC102
VLAN 1001 Bridge
IP1 MAC IP103
MAC103
VoD IP2 VLAN 1002
MAC1 IP201
IP3 MAC201
VLAN 1003 MAC2 CC
IP101 … MAC3 CPE IP202
… MAC101 Bridge MAC202
…
ISAM-2 IP203
MAC203
VoIP 222
Cross connect mode and VLAN stacking
 Scalabality issue is solved by VLAN stacking:

• Customer VLAN : C-VLAN
• Service provider VLAN : S-VLAN
 2 extra cross connect modes
• S-VLAN cross connect (C-VLAN transparency)
• SC-VLAN cross connect
223
C-VLAN cross connect
 Stack type: unstacked C-VLANs

#1 #3
Ethernet
#2
VLAN 333
VLAN 444
VLAN 555 #4
#1 #2 #4
• 1 user port per VLAN

• VLAN 333 is sent untagged towards CPE
• Untagged frames are tagged with pvid (e.g. 333)
• Unknown VLAN IDs for that port are discarded
224
S-VLAN cross connect (C-VLAN transparency)
 Stack type: S-VLANs

#1 c #3
Ethernet c #2
S-VLAN 400
S-VLAN 402
s #1 s c #2 s c #3
• 1 S-VLAN per bridge port

• No S-VLAN tag sent to CPE
• We don´t care about the C-VLAN ID
225
SC-VLAN cross connect
 Stack type: stacked C-VLANs
sc #2 c #2
Ethernet
sc #1
#1
c #3
sc #4
c #4
S-VLAN
• Create and deploy “Stacking VLAN” (from the AWS or CLI)

• Unknown C-VLAN IDs for a bridge port are discarded
• C-VLAN ID is unique within S-VLAN
• Multiple bridge ports can share the same S-VLAN
226
QoS aware cross connect
 Support PVC-bundles as subscriber interfaces

pbit = 7 (from PVC 8/36)
pbit = 1 (from PVC 8/37) Voice / Untagged / PVC = 8/36
Ethernet HSI / Untagged / PVC = 8/37
VLAN 333
VLAN 444
Voice / Untagged / PVC = 8/36
pbit = 7 (from PVC 8/36) HSI / Untagged / PVC = 8/37
pbit = 1 (from PVC 8/37)
• Upstream: map PVC with VLAN + p-bit

• Downstream: Select PVC according to p-bit value
• Applicable for all cross connect modes
227
Protocol aware cross connect (“residential cc”)
 Protocol aware for 802.1x, DHCP, IGMP, PPPoE
#1 #2
Ethernet
UNTAGGED ONLY !
VLAN 333
#3
VLAN 444
#1 #3
 Support for “residential bridge” alike features:

• DHCP option 82
• IGMP control channel (multicast applications with cross VLAN)
• PPPoE Relay tag
228
CC-VLAN association
Add port to VLAN in ASAM-CORE CLI (1/2)
 Add ports to the VLAN  command: “configure VLAN

SHUB”.
• configure vlan shub id <VLAN ID> mode cross-connect
[no] name <name>
egress LT-ports Network
[no] mac-move-allow ports ASAM links Interfaces
[no] egress-port Vlan Mode
[no] untag port CC mode Restricted to One or more
one
Intelligent All One or more
bridge
Layer 2 All One or more
terminated
Layer2-term None One or more
nwport
V-vlan All None
230
Add port to VLAN in the SHUB via CLI (2/2)
 Attachment of ports to the VLAN on SHUB for CC.

• Define egress ports in the “configure VLAN shub” command
Configure>vlan>shub>id <VLAN ID> egress port LT:xx
defines an ASAM-link
Configure>vlan>shub>id <VLAN ID> egress port network:x

defines an external NT port
 Tag mode can be configured on network ports

Configure vlan shub id <VLAN ID> untag port network port:x
ASAM-links support only tagged frames
231
VLAN in CC mode
 Action to perform
• SHUB: Create VLAN in CC mode
• ASAM Core: Create VLAN in CC mode
Control
Aggregation
function
External 1
ethernet 2
... ASAM LIM
links
links LIM
GE1
…..
...
Max one PVC

232
VLAN related show commands
 Selection of multiple show vlan commands

• on ASAM-CORE:
Show vlan cross-connect <VLAN ID>
 all bridge ports connected to vlan
Show vlan bridge-port-fdb < bridge port id >
 all MAC-addresses learned or configured on that port
Show vlan fdb <VLAN ID>
 all MAC -adresses learned on all ports of that vlan
Show vlan vlan-port-map <bridge port id>
all the VLANS to which that port is mapped
• Similar commands available on shub: show vlan shub ...
233
Delete a VLAN
 You can’t delete a VLAN that has ports attached it

• And you can’t delete the VLAN-association with VLAN-id = PVID
 Delete VLAN on ASAM-CORE

• configure vlan no id <VLAN ID>
 Delete VLAN on SHUB
• configure VLAN shub no id <VLAN ID>
234
VLAN association for cross connect
 Select ATM termination point

EML
USM
 Add port to C-VLAN and S-VLAN CC
• No VLAN service deployment needed
Connection
• VLAN creation at VLAN association
 Add port to SC-VLAN CC VLAN Association
• Deploy stacking S-VLAN first
Residential Bridge VLAN

Cross Connect VLAN
QOS aware VLAN
235
7302/5523 Hands-on
Cross-connect: VLAN setup and end-user setup

Hands-on

 Exercises
• Cross connect
• VLAN setup and end-user setup
237
Hands-on

 Exercises
• Cross connect
238
Hands-on

 Exercises
• Cross connect
239
Hands-on

 Exercises
• Cross connect
240
Hands-on

 Exercises
• Cross connect
241
Hands-on

 Exercises
• Cross connect
242
Hands-on

 Exercises
• Cross connect
243
Hands-on

 Exercises
• Cross connect
244
IP aware bridging (L2+)
7302-7330/5523 Operator
245
Objectives
 After completing this section, you’ll be able to:

• Describe IP aware bridging and explain why it is not layer 3
forwarding.
• Retrieve IP aware bridging data from the ISAM.
• Configure IP aware bridging on the ISAM:
246
General: concepts & principles
7302-7330/5523 operator
Forwarding modes: General
7302/7330 ISAM
L3+
Network L3
side L2+ User
L2 side
Eth-VLAN
ANT

IP aware Bridge
L3 Routed
L3+ PPP termination
248
IP aware bridge - general overview
7302/7330 ISAM
IP IP IP IP
Network Eth – (VLAN) Eth ATM Eth
side L2+ ATM Phys layer Phys layer User
Phys layer side
Eth-VLAN PPP PPP
PPPoE ATM
Eth – (VLAN) Phys layer
 IP-aware bridging  forwarding based on IP

• IP aware bridge/IP forwarder
 Bridged like model
• users on ISAM and IP-edge belong to same subnet
249
IP aware bridging
Edge Router ISAM

IPR1 NT LT IPA
MACR1 MACA
IP
VLAN x IPB
IB FW
Network MACB
VLAN y
IPR2 No IPLT
MACR2 MACLT
 Forwarder in ISAM looks at IP destination for forwarding decision

• IP forwarder is located on LT
• NT behaves as a normal bridge
• Simple network model
250
IP aware bridging vs. IP routing
Edge Router ISAM

IPR1 NT LT IPA
MACR1 MACA
IP IPB
FW
Network MACB
No IPLT
MACLT
IP subnet 1
Edge Router ISAM

IPR1 NT LT IPA
MACR1 MACA
IP IPB
Network MACB
IPR
MACR
IP subnet 1 IP subnet 2
251
In the ISAM
7302-7330/5523 operator
IP aware bridge
7302 ISAM
Edge
Router
FW untagged POTS,IS
IB VRF-RED DN
E-MAN LT
NT
Network VRF-Blue
CPE
 Aggregation at DSLAM level within a lightweight VRF

• Forwarding based on IP addresses
• IP forwarder on LT, normal bridge on NT
 A VRF blocks broadcast traffic!
253
Principle – forwarding
 Two separate forwarding information bases (FIB) on LT

1. Downstream: Subscriber IP-address configured by operator or
learned through DHCP snooping
2. Upstream: Static routes configured by operator
ISAM upstream FIB ISAM downstream FIB

Same for all ISAMs
IP_Subsr_i  DSL xx
0.0.0.0 / 0  IP@ER Statically or through
DHCP snooping
IP@ER  VLAN X
ISP/Internet NT LT
IB
VRF
IP VLAN X FW
Network
IP@ER E-MAN
254
VLAN types in the ISAM
VLAN mode
SHUB LTs (ASAM-core)
Model
Intelligent Bridge Residential bridge Residential bridge
IP aware Bridge
Layer2 Terminated Layer2 Terminated
(forwarding)
Layer2 Terminated NW
Routed Layer2 Terminated *
port & v-vlan *
PPP termination in forwarding

mode
PPP termination in routed Layer2 Terminated NW

Layer2 Terminated *
mode port & v-vlan *
255
IP aware bridge VLANs
7302 ISAM
Edge
Router
FW POTS,IS
IB VRF-RED DN
E-MAN LT
NT
Network VRF-Blue
CPE
VLAN x
Layer2 Layer2
terminated terminated
 ASAM-core & SHUB VLAN mode is defined as layer 2

terminated
• On SHUB behaves as a normal bridge VLAN
• On ASAM-core only this mode can be connected to a VRF
256
ARP proxy (1/2)
Edge Router ISAM

NT LT IPA
E-MAN MACA
Network VRF
IP IPB
IB
Network FW MACB
IPR
MACR
No IPLT
MACLT
user ARP: who has IPR
ISAM has already
learned IPA ISAM ARP reply: MACLT has IPR
ISAM ARP: who has IPR

ISAM hasn´t yet
ER ARP reply: MACR has IPR learned MACR of IPR
257
ARP proxy (2/2)
Edge Router ISAM

NT LT IPA
E-MAN MACA
Network VRF
IP IPB
IB
Network FW MACB
IPR
MACR
No IPLT
MACLT
ER ARP: who has IPA

ISAM has already
learned IPA
ISAM ARP reply: MACLT has IPA
ISAM ARP: who has IPA
ISAM hasn´t yet

learned MACA of IPA user ARP reply: MACA has IPA
258
Scenarios
7302-7330/5523 operator
Basic configuration set-up
IP subnet on VLAN
X
LT
NT
ISAM 1
E-MAN
IPW IP11 Network ISAM 2
WWW
One IP pool for the access LT

NT
network (shared VLAN) : easy IP
subnet mgmt, efficient IP pool
usage
 Basic topology  ISAM configuration

• Single service : e.g. HSI • All ISAMs configured identically
• Single IP edge • One IP Aware Bridge per ISAM
• One single subscribers’ IP pool • One default route to the IP edge
• One VLAN in the access • Subscriber’s configuration self-
network, shared by all ISAMs learned
260
IPA  IPx: different subnets (upstream)
IPR ISAM 1
MACR
IP E-MAN LT
IPW
Network
NT IPA
MACA
LT1
MACLT1
ISAM 2 ARP: who has IPR

MACX
IPX
Discard if IPA is not known on this interface. ARP reply: MACLT has IPR
Learn SRC-IP/SRC-MAC relation.
forwarding table: IPX  next-hop IP-address?
ARP lookup or request  next-hop MAC-address
MACA/IPA  MACLT1/IPX
ARP (from MACLT1/IPA): who has IPR
ARP reply: MACR has IPR
IPX  MACLT1/IPA  MACR/IPX
261
IPX  IPA: different subnets (downstream)
IPR ISAM 1
MACR
IP E-MAN LT
IPW
Network
NT IPA
MACA
LT1
MACLT1
IPX  IPA IPA known?
MACA ?
ARP policy trusted?
MACX ARP: who has IPA Learn IP/MAC relation
IPX
ARP reply: MACLT1 has IPA
MACR /IPX  MACLT1/IPA

MACA ?
ARP (from MACLT1/IPR): who has IPA
ARP reply: MACA has IPA
MACLT1/IPX  MACA /IPA
262
IPA  IPB: same subnet
IPR ISAM 1
MACR
IP E-MAN LT IPA
IPW
Network
NT LT MACA
MACLT1
ISAM 2 IPB
LT MACB
MACLT2
MACX
IPX IPB & IPA in same ARP: who has IPB
network?
ARP reply: MACLT has IPB
forwarding table: IPB  next-hop IPaddress?
MACA/IPA  MACLT1/IPB
ARP lookup or request  next-hop MACaddress
ARP (from MACLT1/IPA): who has IPR
ARP reply: MACR has IPR
MACLT1/IPA  MACR/IPB
MACB ?
ARP: who has IPB
ARP reply: MACLT2 has IPB
MACR / IPB  MACLT1/IPA
MACB ?
ARP (from MACLT2/IPR): who has IPB
263
etc. …
Configuration Multiple IP pools
Disable secured ARP Gateway for ISAMs!
LT
NT IP12
IP11
ISAM 1
IP E-MAN IP22
IP21
Network ISAM 2
IPW PE
IP13
LT
NT
IP subnets on VLAN X
IP23
 Only one gateway defined on ISAMs:

• For example IP11
 “Secured ARP” handling at IP edge must be disabled
• No check if ARP IPSA within same subnet as target IPDA
264
User to user communication IPA(SN1)  IPB (SN2)
ISAM 1
IPR1 / MACR1 IP SN1
IP E-MAN LT IPA
IPW
Network
NT LT MACA
MACLT1
IPR2
MACR2 ISAM 2 IPB
LT IP SN2 MACB
MACLT2
MACX
IPX
ARP: who has IPR1
ARP reply: MACLT1 has IPR1
IPB  next-hop IPaddress?
(IPR1) MACA/IPA  MACLT1/IPB
IPR1  next-hop MACaddress?
ARP (from MACLT1/IPA): who has IPR1
ARP reply: MACR1 has IPR1
IP routing from MACLT1/IPA  MACR1/IPB
SN1 to SN2 ARP: who has IPB
ARP reply: MACLT2 has IPB
MACR2 / IPA  MACLT2/IPB
ETC. …
265
User to user communication IPB(SN2)  IPA (SN1)
ISAM 1
IPR1 / MACR1 IP SN1
IP E-MAN LT IPA
IPW
Network
NT LT MACA
MACLT1
IPR2
MACR2 ISAM 2 IPB
LT IP SN2 MACB
Gateway for ISAMs! MACLT2
MACX ARP: who has IPR2
IPX
IPA  next-hop IPaddress? (=IPR1) ARP reply: MACLT2 has IPR2
IPR1  next-hop MACaddress?
MACB/IPB  MACLT2/IPA
ARP (from MACLT2/IPB): who has IPR1
ARP reply: MACR1 has IPR1

Forwarding over subnets!
MACLT2/IPB  MACR1/IPA
IP routing
from SN2 to ARP: who has IPA
SN1 ARP reply: MACLT1 has IPA
MACR1 / IPB  MACLT1/IPA
ETC. …
266
Different VLANs
Edge Router ISAM

NT LT IPA
MACA
VLAN y VRF
IP IPB
Network IPR1 FW MACB
MACR1
No IPLT
MACLT
VoD
IPR1, IPR2 & IPA are in
IPR2
the same IP subnet
MACR2
VoIP
 Allows traffic seperation

• For example VoIP & VoD traffic over VLAN x and data traffic over
VLAN y
267
IP aware bridge, things to consider/ extra benefits
 Scalability
• VLANs shared by N ISAMs:
• Network switches learn MAC addresses of LT cards
1:48 reduction factor  easier for EMAN
• ARP proxy to network: ARP issued by ISAM, not by all subscribers
IP edge still learns all IP addresses of all end-users in ARP table
IP1
HSIA MAC1
VLAN 100
IP edge VLAN 100 BR IP2
VLAN 200 MAC2
FW
VLAN 200 VLAN 300 IP3
MAC3
VLAN 400
VLAN 300 ISAM-1 IP101
BTV MAC101
VLAN 400
ARP IP102
MAC102
MAC IP103
IP1 MAC103
VoD IP2 MAC-LT1 IP201
IP3 Common VLAN MAC-LT2 FW MAC201
IP101 per Service MAC-LT3
… IP202
… MAC202
ISAM-2 IP203
MAC203
VoIP
268
IP aware bridge, things to consider/ extra benefits
 Security
• MAC address translation
Subscriber’s MAC-address never seen by the network
full proof security
• user to user communication fully blocked even for shared VLANs
• ARP proxy to subscribers
No ARP broadcast to all subscribers
Downstream LT knows IP-subscriber – interface relationship
• Anti-IP address spoofing
ISAM responds to ARP request by its own MAC-address if target IP DA
is not associated with the originating DSL line and IP SA is learnt
269
How to configure
7302-7330/5523 operator
Virtual routers on the ISAM
 Independent of each other

 On ASAM CORE (LTs)
• 127 VRFs can be defined
 On SHUB
• 127 VRFs can be created.
VRF 0 is a default one which can not be deleted, created or modified.
LT
VRF-RED
NT
VRF-A VRF-Green
LT
VRF-RED
VRF-B
VRF-Green
271
configuration on VRF - General
  Create VLANs
• VLAN mode i.f.o forwarding mode
  Create VRF
• VRF mode i.f.o forwarding mode
  Create L3 interface(s) & map interface(s) to VRF
• Interface can be on network side and/or user side
  Configure IP parameters
• IP address on the interface
• Routing information in the VRF
.a interface 
• Configuration for
not explicitely
ARP proxy functionality
mapped
on VLAN
.b interface
VLAN explicitely mapped  VRF
on VLAN
272
AWS: VLAN creation
 Create from ANEL the L2 terminated VLAN

• Select service L2 terminated ANEL
• Define name, VLAN ID & system priority

• Select correct system mode
Choice between L2 Terminated (IP aware bridge) Service
L2 Terminated on NW port
Definition
ANEL
 Deploy VLAN towards ISAM(s)
Create
Service
• RB VLAN
Deployment
• L2 term. VLAN
• Deploy • Stacking VLAN
• upgrade
• Remove
273 • Show
AWS: VRF creation
 In Show equipment window navigate to the VRF view

• Views  VRF EML USM
VRF view
• = ASAM-core (NT) VRF
 Create from here the VRF on the ASAM-Core Service
• Define ID, name
• Select correct system mode Ethernet/IP
Choice between IP aware bridge
IP Router VRF
• Router address = 0.0.0.0
Create
• On NT
• On SHUB
274
AWS: interface creation towards network/user
 Create the IP interface on NT side

• In first window select VLAN to interface with EML USM
Your L2 terminated VLAN!

• Next window: define ARP policy and select the VRF
Service
 Create the IP interface on LT side
• Select user bridge port (for IPoE) or VC TP (for IPoA) Ethernet/IP
• Then do command to create IP interface on LT
IP interface
Create
• Network
• SHUB
• User
275
AWS: VRF IP parameters
 Forwarding table (IP route)

• Select IP routes under ASAM-core VRF
EML USM
• Define IP destination information, next hop, route type VRF View
and VLAN
 User subnet – User gateways Service
• Select IP subnet under ASAM-core VRF
• Define IP subnet & subnet gateway Ethernet/IP
• Will also be learned by ISAM DHCP snooping
ISAM reads out the DHCP reply
User subnet IP route
• Create • Create
• Delete • Delete
• Show
276
AWS: VRF IP parameters user side
 Forwarding table
• Double-click IP interface under the user bridge port EML USM
• Select user subnet, define IP destination information

• Will also be learned by ISAM DHCP snooping
Service
ISAM reads out the DHCP reply if user uses DHCP
Ethernet/IP
IP route
• Create
• Delete
• Show
277
CLI: VLAN & VRF creation
  VLAN on ASAM-CORE:
• configure vlan id <ID 1> mode layer2-terminated
 VLAN on SHUB:
• configure vlan shub id <ID 1> mode layer2-terminated
  Creation of the VRF on ASAM-CORE

• configure ip vrf <VRF-ID> name <VRF-name> mode <VRF-mode>
VRF mode: forwarder = for IP aware bridge
router = for routed mode , LT’s are aware NT is next hop
 Once VRF is created optional parameters become available:

• Route-destination: Route entries for the VRF step 
• Network-itf: step 
• User-itf: step 
• Gateway-itf: step 
278
CLI: Interfacing from the VRF
  Create the L3 interfaces and mapping to VRF

Network side User side
• Create network interface: • Create interfaces at user side:

Go to VRF  Go to VRF
configure ip vrf <VRF-ID>  configure ip vrf <VRF-ID> 
Create interface Create interface

network-itf <VLAN-ID> unnumbered user-itf (bridge)port <PORT-ID>
arp-policy trusted  > bridgeport: IPoE
> port: IPoA
 
.IP interface .IP interface
mapped on VLAN towards end user.
Towards network
 VRF
PC
LT
279
CLI: IP VRF parameters
  define user gateway and user subnet

• configure ip vrf <VRF-ID> 
gateway-itf ip-address <ip-address/mask>
• Only needed in case of static IP address configuration of end users
 Routing information upstream

route-dest <network ID/mask> next-hop direct:network:<VLAN-ID>
 Routing information downstream

route-dest <network ID/mask> next-hop direct:user-(bridge)port:<port-ID>
• Only needed in case of static IP address configuration of end users
280
Diagnostics
7302-7330/5523 operator
IP tools
doubleclick
EML USM
Service
Ethernet/IP
IP addresses… IP route DHCP relay ARP entries…
• Create
• show
• Delete counters
282 • Show
DHCP relay counters
283
ARP entries
284
DHCP forwarding in IP aware bridge
7302-7330/5523 operator
DHCP forwarding
DHCP server
ISAM
NT LT IPA
E-MAN MACA
Network VRF
IP IPB
IB
Network FW MACB
IPR
MACR
No IPLT
MACLT
DHCP discover/request
from MACA / no IP
DHCP discover/request
DHCP param.: client MACA
from MACLT / no IP
DHCP param.: client MACA DHCP forwarding enabled on VRF?
VLAN in which to forward?
Add option 82?
DHCP offer/ack
to MACLT / IPA
DHCP offer/ack
to MACA / IPA
Which interface has MACA?
Forward DHPC replies on this intf.
286
AWS: DHCP forwarding on ASAM-core VRF
 Select the VRF for which to define DHCP forwarding

EML USM
• Go to the modify VRF window VRF view
 In modify VRF window choose tab: DHCP configuration

• Enable/disable DHCP option 82 Service
• Define the VLAN in which to forward DHCP request
Ethernet/IP
VRF
Modify
• tab: VRF config.

• tab: DHCP config
287
CLI: DHCP forwarding on ASAM-core VRF
 Define VLAN in which to forward for that VRF:

• configure dhcp-relay agent <VRF-ID> 
bcast-vlan l2-vlan:<VLAN-ID>
 Optionally enable DHCP option 82:

• configure dhcp-relay agent <VRF-ID> 
option-82 
circuit-id <physical-id | customer-id | ccsa-format | notadd>
remote-id <customer-id | notadd>
288
Excersises
7302-7330/5523 operator
PPPoA to PPPoE translation (L2+)
7302/5523 Operator
297
Objectives

• Describe PPPoA to PPPoE translation
• Retrieve PPPoA to PPPoE translation data from the ISAM.
• Configure PPPoA to PPPoE translation on the ISAM
298
Forwarding modes – overview
7302 ISAM
L3+
Network L3
side L2+ User
L2 side
Eth-VLAN
ANT
 Different forwarding modes for different forwarding decisions:

IP aware Bridge
L3 Routed
L3+ PPP termination
299
L2+ functionality - General overview
7302 ISAM
IP IP IP IP
Network Eth – (VLAN) Eth ATM Eth
side L2+ ATM Phys layer Phys layer User
Phys layer side
Eth-VLAN PPP PPP
PPPoE ATM
Eth – (VLAN) Phys layer
 Forwarding based on
• PPPoE session-ID  PPPoA to PPPoE translation
• From network point of view, users on ISAM and IP-edge belong to
same subnet
300
L2+ forwarding: PPPoA to PPPoE Relay

• All users in same subnet as BRAS
• 1 IP pool for all subscribers
 Forwarding based on (PPPoE session ID, BRAS ID)
• PPPoE client on the LT
 Ethernet layer added by LT
• Mac-address of LT
7302 ISAM
translation
BRAS to PPPoE POTS,IS
IB GE by PPPoE DN
client
E-MAN Aggr.
Network LT CPE
301
L2+ forwarding: PPPoA to PPPoE Relay
7302 ISAM
translation
BRAS to PPPoE POTS,IS
IB GE by PPPoE DN
client
E-MAN Aggr.
Network LT CPE
PPPOA
LCP Configure Request
PADI + Line ID : Broadcast

PPPOE: Discovery
PADO + Line ID : unicast stage
PADR + Line ID : unicast

PADS + Line ID : unicast with session ID
LCP Configure Request
LCP Configure ACK
NCP
DATA (PPPoE session ID,BRAS ID)
302
PPPoA to PPPoE relay Network model, Residential users
 No network model difference with Bridged model for residential subscribers

BRAS EMAN ISAM CPE
To the Internet
IP PPP
Routin Termin PPPoA to PPPoE
Bridge
g ation Translation
IP subnet
IP address
PPP session
translation
VLAN
to PPPoE
by PPPoE
client
IP IP IP
PPP PPP PPP
PPPoE IB PPPoE ATM
Eth Eth DSL
NT
PPPoE LT PPPoA
session layer
unchanged!
303
(transparent)
PPPoA to PPPoE relay, things to consider
 One VLAN can be shared by multiple DSLAMs

• User-to-user fully blocked
• No user MAC-addresses to network  Security!
 Scalability
• Switches learn MAC-addresses of LT cards
 Subscriber management fully centralized translation
to PPPoE
 IP address allocation, 1 pool for all subscribers by PPPoE
client
BRAS VLAN 100 BR VLAN 100 IP1

MAC1
CPE
Bridge
ISAM-1
IP101
IP1 MAC101
IP2 CPE
IP3 Bridge
IP101 MAC
… MAC-LT1
Common VLAN MAC-LT2 IP201
for PPP service MAC201
MAC-LT3
… CPE
Bridge
ISAM-2
304
Add port to VLAN in ASAM-CORE
 Port is logical user port

 Depends on forwarding mode
Forwarding mode Add of port to VLAN

L2 VLAN Cross-Connect VLAN association is configured via
(CC) configuration of bridge port
Intelligent Bridge (IB) VID(s) and PVID configuration
L2+ PPPoA to PPPoE Forwarding based on IP-DA

translation interface(s) towards NW on ASAM-CORE
IP aware bridge mapped to P-VLAN(s)
L3 Routed Forwarding based on IP-DA

interface(s) towards NW on ASAM-CORE Covered
mapped to V-VLAN in respective
chapters
L3+ PPP termination Mapping of user interface to VRF i.f.o
domain name.
Forwarding like in IP aware bridge
305
o
RSTP, LACP & NT Redundancy
7302/5523 Operator
306
Objectives
After completing this section, you’ll be able to:

 Describe the most important RSTP parameters
 Enable/disable RSTP on the system
 Configure RSTP settings on a network port
 Check the status of the network ports in a spanning tree
 Describe link aggregation
 Configure a LAG
 Describe and compare the different scenario’s for access
resiliency (NT redundancy)
 Configure NT protection.
307
Rapid Spanning Tree Protocol
802.1w – Rapid Spanning Tree Protocol
X xDSL
xDSL
X
 Avoids loops in a bridged network
• provides path redundancy
• RSTP: reconvergence time < 1s
• one spanning tree for all VLANs
• RSTP backwards compatible with STP
• RSTP limits number of hops (typically 8)
309
Configure RSTP parameters
EML-USM
Configuration
STP
•Configure
•Show Config.
310
Configure STP on a network port (SHUB)
 EML-USM > Select network port

• STP isn’t supported on other types of ports! EML-USM
• STP operates on a port, not on a VLAN!
Port
•Configure
•Unconfigure
•Show
311
Configure RSTP parameters via CLI
 Show RSTP port settings:

• show rstp port-info
 Configure RSTP settings applicable to the SHUB:

• configure rstp
 Configure RSTP settings on a port

• configure rstp network-port (port)
RSTP operates on a port rather than on a VLAN
312
RSTP on out-band management link
By default, RSTP is enabled on out-band management link
 Neither visible, nor configurable with AWS!
 Configure with CLI (make sure there’s no loop!!):
• Disable RSTP:
configure rstp network-port (port) disable-stp
• configure the out-band management port as edge port

configure rstp network-port (port) edge-port
313
Link Aggregation
802.3ad Link Aggregation Control Protocol
 Links can be aggregated into a link aggregation group (LAG)

• combine links with same speed
• n x data rate of components links
• aggregate participates in forwarding decision process
• max. 7 (8) LAG
• max. 7 (8) physical links in a LAG Ethernet switch
• support for LACP 7302 ISAM
or router
7302 ISAM
• hashing
LAG LAG
xDSL xDSL
315
Configure Link Aggregation system parameters
 Links can be aggregated into a LAG

EML-USM
 Enable/disable LACP:
• Link aggregation is by default disabled Configuration
• Configure la >[no] disable-lacp (CLI)
Link Aggregation
Stopped
Started (Protocol Enabled)
•Configure
Started (Protocol Disabled)
•Show Config.
316
Configure LAG on a network port (AWS)
EML-USM
Port
Link Aggregation
Select 1 configured port
(= aggregator port / primary link)
+ one or more unconfigured ports
•Configure
•Show Config
Select the LAG
•Aggregate
•Deaggregate
Select one or more
ports in a LAG
317
Link Aggregation Control Protocol
 LACP: transmission of info and state rather than commands

 Passive LACP: preference not to speak unless spoken to
• Active LACP: preference to speak
 Periodic transmission of LACPDUs
• depending on time-out of partner
Local LACPDU Remote

actor partner
switch switch
318
Configure Link Aggregation on a network port (CLI)
 configure la aggregator-port <port on SHUB> name <…> etc.

• [no] link-up-down-trap
• [no] actor-sys-prio (default=1)
• Selection-policy
• Actor-key
• [no] actor-port-prio (default=1)
• [no] active-lacp
• [no] short-timeout
• [no] aggregatable
• Lacp-mode
 Show la > (3 possibilities):
• Show la aggregator-info
information on LAG configured on the SHUB
• Show la aggregate-list
• Show la network-port-info
information of a member of a LAG
319
Associate VLAN to aggregator port
 Select aggregator port > Associate VLAN

• VLAN is automatically associated to other links in the LAG
EML-USM
Connection
VLAN association
•Configure
•Show
320
NT Redundancy
Access Resiliency – what to protect?
 What is resiliency? Where needed?

 Node protection = ISAM Equipment Protection
• Redundancy Configurations
• 1+1 NT redundancy
 Link protection = ISAM Uplink(s) Protection
• Link aggregation
• “Cold standby” / RSTP
322
What is resiliency and where is it needed?
 Resiliency = ability to recover from failure (HW/SW/data)

Type of failure port – LT – NT – link – NT – link – access/ - link – access/ - link - head-end
control control
resiliency matters in aggregation/edge

# users impacted
upon failure
now it also matters in access (3play!)
1,000,000
100,000
10,000
1,000 Protection required
100
10
1
323
Equipment Protection vs Link Protection
 Equipment Protection Switching

• EPS
1
• Protects against HW failures NT A
• Semi-permanent data secured …
(database synchronization) NT B
16
Active
 Link Protection Switching 1 NT A Standby
• Similar to SDH/SONET APS … (e.g. RSTP)
• Protects against link failures
• Traffic sent to active link only
16
324
ISAM equipment protection - Architecture
LT NT I/O
 links to NT-A & NT-B  Uncoupling equipment & link protection
 traffic towards active NT  Forward 4 GE interfaces to active NT
 xDSL
 no N+1 LT redundancy
1
 server cards (e.g. IVPS) NT A
 1+1 LT redundancy
2
NT B
…
16
LTs
NT protection scheme
 Active / Standby
• Semi-permanent data secured
325
ISAM Equipment Protection – Configurations
NT protection only Link & NT combined
NT A
NT B
“hot standby” LAG RSTP
No NT I/O Duplication of links
passive splitter  No single point of failure  LPS is coupled with EPS
Link protection only Link & NT independent
LAG RSTP
LAG
RSTP
 Independent LPS / EPS  single point of failure
326
Ethernet switch/IP router aggregation
 Protection against link failure

(1:N)
• Not against aggregation node
failure!
LAG
 load balancing
 If a link fails  lower capacity
in LAG
Parent node can be either router  MAC layer redundancy
or ethernet switch • Transparent for upper layers
 Recovery time ~ 2-3 seconds
• Topology independent
 Independent of service and
forwarding model
327
Ethernet switch aggregation: cold standby
 ISAM is hot standby

• NT A active, with active uplink A
A
• NT B in hot-standby, no traffic
NT A • Triggers for a switchover:
– switch failure
NT B
– NT failure
S – link failure
 pre-defined threshold for number
of bad links in a LAG
“hot standby” “cold standby”
 Aggregation switch  cold standby
• Operator intervention required
328
Ethernet switch aggregation: RSTP
 RSTP runs over network links

 Protection against:
• link failure
• aggregation node failure
A
 Recovery time ~ 2-3 s
• Topology dependent
RSTP
 Can be combined with LA
S • forced switchover to ‘full’
backup LAG possible
 Supported for all forwarding
models
329
Ethernet switch aggregation: MSTP
 Common Spanning Tree

A (e.g. RSTP)
• Blocks on interface level
• All VLANs mapped to same
RSTP Spanning Tree
 under-utilized links
S
 Multiple Spanning Tree Protocol

AS
• IEEE 802.1s
• Map VLAN ranges to different
MSTP Spanning Trees
 better utilization of links
SA
330
Configure NT protection
EML-USM
Configuration
NT Redundancy
Configure
Protection
331
Enable LPS/EPS coupling – CLI only!
 Create uplink group at SHUB:
• configure interface shub group 1 port 2
• configure interface shub group 1 threshold 1

 threshold = min. number of links that must be up
 Default threshold = 0 (means no coupled LPS/EPS)
Link & NT combined
“hot standby” LAG RSTP
332
Show status commands
 AWS
• icons on NT
active chain
service hub
 CLI:
• show equipment protection-group
• show equipment protection-element
 shows you which NT is in service and which one is in standby.
333
RSTP – test configuration
 Disable STP on port 1
 Connect 2 ISAMs with 1 link

• via port 2 only
• which one is root?
• can you change that?
 Connect 2 ISAMs with 2 links

• via port 2 and port 3
• which port will be blocked?
• can you change that?
336
Subscription management
339
Two main evolutions in subscriber management
Increased role in the subscrIBer

management (DHCP relay, PPP
relay & termination …)
Increasing role Network Management

of DHCP as the end-game
1
for subscriber 2 Video
management Business BAS Session

xDSL
BAS Management
3
xDSL ISP1
BAS Aggregation IP Edge/PoP
Network
Distribution of some BRAS IP Core
Residential
DSLAM
functions in the access IP Edge
xDSL Routing
node to scale Multi-Service
ISPn
Business
Internet
Corporate
340
DHCP vs. PPP
 PPPoE access to centralised BRAS is the main HSI access scenario today.
• Requirement: support PPPoE access scenario (with the features that are
commonly used in a HSI/PPPoE context)
 PPPoA is still around (mainly ILEC context)
• Due to legacy CPE equipment, due to existing contracts between access
providers and ISPs, …
• And PPPoE/PPPoA is autodiscovered in BRAS, hence operators do now know
which end-users are using PPPoA or PPPoE.
• Requirement: support a PPPoA access scenario (with no impact on BRAS),
auto-detect PPPoE/PPPoA.
 DHCP required for multimedia-services
• Emerging, but still a long way to go before PPP has been reinvented
• Some CLECs consider it for HSIA (no legacy)
341
DHCP vs. PPP
“username/password”
setup PPP – IP-address

BAS
7302
ISAM
www
 PPP (Point-to-point protocol ) mode accept/IP-address
• User authentication (LCP: PAP/CHAP)
• Session concept
AAA
• Not supported by all terminals server
• Requires BAS
7302
ISAM
DHCP discover + opt 82 www

DHCP
IP-address server
DHCP (Dynamic Host Control Protocol ) mode add user identification

MAC-address authentication - DHCP option 82 possible
No session concept
Supported by most terminals (e.g. STB, IP phone)
Requires DHCP server (less
342expensive than BAS)
DHCP
DHCP
 DHCP allows you to define “pools” of TCP/ IP addresses, which

are then allocated to client PCs by the server (scopes in DHCP
terminology).
 Also all the related configuration settings like the subnet mask,
default router, DNS server, …
Client DHCP DHCP
• IP address Server 1 Server 2
• subnet mask DHCP Discover (broadcast)
Wait 1 sec
• default Gateway address
DHCP Offer 1 (IP1, DNS,…)
• DNS server addresses
• NetBIOS Name Server
(NBNS) addresses
• Lease period in hours Accept first Offer DHCP Offer 2 (IP2, DNS,…)
• IP address of DHCP server.

DHCP Request 1 (IP1, …) (broadcast)
DHCP Ack
344
DHCP in the 7302 ISAM with CC-mode
 DHCP relay is disabled for VLAN in cross-connect mode

 DHCP packets transparently forwarded
• Due to hardware, DHCP packets first filtered in the Service
Hub/NT, and then inserted again in the traffic stream.
DHCP relay in Edge

Router
E-MAN
Network CC CC
Transparent bitpipe
Service LT
Hub/NT
DHCP DHCP
UDP UDP
IP IP
ETH ETH ETH ETH ETH ETH
Lower Lower Lower Lower Lower Lower
layers layers layers layers layers layers
345
DHCP in the 7302 ISAM with IB-mode
 DHCP relay is implemented in a distributed way

• LT provides option 82
Configurable  option 82 when enabled
• Service Hub/NT relays the DHCP packets Option 82
DHCP relay
IB IB
IP E-MAN
Network Network Service LT
Hub/NT
DHCP Edge
Server Router
DHCP DHCP DHCP DHCP DHCP DHCP

UDP UDP UDP UDP UDP UDP
IP IP IP IP IP IP IP IP
ETH ETH ETH ETH ETH ETH ETH ETH ETH ETH
Lower Lower Lower Lower Lower Lower Lower Lower Lower Lower
layers layers layers layers layers layers layers layers layers layers
346
DHCP relay network setup
Function : Add/remove option 82

Configuration per VLAN
Enable / Disable (from R2.0 onwards)
Independent of configuration of DHCP
relay features.
IP E-MAN IB IB
Hub/NT
DHCP Edge
Server Router
Function : IP routing Function: DHCP relaying

Configuration per DHCP server Configuration per VLAN
(Routers business) Enable / Disable
Route towards the DHCP server If enabled (per VLAN)
Route toward Relay agent IP-address of the relay agent = Giaddr
IP-address of DHCP servers (min 1/max
4)
Static route per DHCP server:
347 * Per DHCP server the IP Next hop
DHCP on the LT
 Add/Remove option 82
• Configurable  option 82 when enabled
 LT will process packets US/DS if packets are not relayed by a
downstream relay agent – Gi-addr = 0
 Upstream
• Add option 82
If option 82 already exists in packet then packet is dropped
If packet size exceeds maximum packet size (= MTU) after adding option 82,
option 82 is not added .
 Downstream
• Remove option 82
• Change destination address (MAC-address and IP-address) to broadcast
if BC flag is set
• Forward packet to correct PVC
348
DHCP in the Service Hub
 DHCP relay is configurable

• Irrespective of configuration, DHCP messages always filtered to
the Service Hub due to HW limitation
 DHCP enabled
• Downstream
Service Hub-OBC will relay if Gi-addr = one of Gi-addr in VLAN(s) of
Service Hub otherwise inserted in forwarding path of Service Hub
• Upstream
Service Hub-OBC relays packet if Gi@=0 and configuration is present
for respective VLAN
 DHCP disabled
• Service Hub-OBC will insert DHCP message again to forwarding
path in the stream
349
DHCP relay disabled and BC flag not set
Broadcast flag NOT set by client
IB IB
E-MAN
Network Service LT
Hub/NT
IPER IP=?
MacER MacA
Selflearning Selflearning
MACA port x L3: null  IPBC
DHCP relay in MACA port y
Edge Router Option 82*** L2: MACA  MACBC
DHCP Discover : BROADCAST
L3: IPS  IPA Selflearning IPA

L2: MACER  MACA MACER port z MacA
DHCP Offer : UNICAST

Yi@= IPA and Si@=IPS
L3: null  IPBC

L2: MACA  MACBC
DHCP Request : BROADCAST

Selflearning Si@=IPS / option 50 = IPA
L3: IPS  IPA MACA port x
L2: MACER  MACA Option 82***
DHCP Offer : UNICAST

350
*** if enabled – option 82 implemented irrespective of
DHCP configuration in Service Hub

DHCP Relay disabled
Broadcast flag set by client
IB IB
E-MAN
Network Service LT
Hub/NT
IP=?
MacA
Selflearning Selflearning
MACA port x L3: null  IPBC
DHCP relay in MACA port y
Edge Router Option 82 *** L2: MACA  MACBC
Flooding
DHCP Discover : BROADCAST
L3: IPS  IPBC Broadcast blocked when

L2: MACER  MACBC 1 BC for VLAN is disabled
DHCP Offer : BROADCAST
Self-learning
MACER  port
z`
Flooding 2
No Flooding
*** if enabled – option 82 implemented irrespective if option 82
of DHCP configuration in Service Hub enabled
351
DHCP relay enabled
DHCP RELAY
IPR , IPS and Next
hop IPER configured
DHCP Edge
Server Router
IB IB
IP E-MAN
Hub/NT
IPS IPER IP=?
MacS MacER Add option 82 MacA
Self-learning
L3: null  IPBC
MACA port x
L3: IPRELAY  IPS L2: MACA  MACBC
L2: MACRELAY  MACER
DHCP Discover :
L3: IPRELAY  IPS Broadcast – Gi@= Nul
L2: MACER  MACS DHCP Discover : Relay message
UNICAST – Gi@=IPR Self-learning
MACA port x
Extract option 82
Change IP@DA &
L3: IPS  IPRELAY Relay message MAC@DA i.f.o BC flag
L2: MACS MACER L3: IPS  IPRELAY Forwarded to Forwarded to correct
L2: MACER MACRELAY correct port port
DHCP offer:
UNICAST – Gi@=IPR
Yi@= IPA / Si@=IPS
L3: IPRELAY  IPA
L2: MACRELAY  MACA
DHCP offer : ALWAYS UNICAST L3: IPRELAY  IPBC or IPA

irrespective of BC flag Gi@= Null L2: MACRELAY  MACBC or
*** if enabled – option 82 implemented irrespective
of DHCP configuration in Service Hub
MACA
DHCP offer : UNICAST or Broadcast (flag set)

In case of BC , Terminal recognises his answer
352 via the Transaction ID - Gi@= Null
PPPoE Relay
Setting up a PPPoE session
BRAS ADSL Modem with Ethernet/ PC

PPPoE Server DSLAM ATMF Interfaces
“bridge configuration”
PPPoE client
 Discovery stage
• the PPPoE client (host) discovers the
PPPoE-server (access server) PC
• the PPPoE session is uniquely defined once the
Ethernet MAC address and the PPPoE session-id PC
are known by both peers
 Session stage
• defining the peer to peer relationship
• build the point-to-point connection over Ethernet.
354
Scenario – Single server environment
Unicast – unique session ID

 Unicast
 PPPoE Client
Unicast


broadcast
PC
“bridge configuration”
PPPoE Server
PC
PADI PPPoE Active Discovery Initiation packet
PADO PPPoE Active Discovery Offer packet PC
PADR PPPoE Active Discovery Request packet
PADS PPPoE Active Discovery Session-confirmation packet
355
PPPoE in the 7302 ISAM with CC-mode
 PPPoE relay is disabled for VLAN in cross-connect mode

 PPPoE packets transparently forwarded
PPPoE relay in
Edge Router
E-MAN
Network CC CC
Transparent bitpipe
Service LT
Hub/NT
IP
PPP
PPPoE PPPoE
ETH
ETH ETH ETH ETH ETH ETH
ETH
Lower Lower Lower Lower Lower Lower
356
PPPoE relay in the 7302 ISAM with IB-mode
 Make subscriber management easier at the PPP server

 Relay functionality implemented on the LT boards
• addition of unique line Id to the PPPoE discovery messages
• MAC SA and DA remain unchanged
PPPoE relay
 The Service Hub/NT remains a pure layer 2 switch.
IP IB IB
Network E-MAN
Service LT
ISP/Internet Network
Hub/NT
PPPoE
server
HTTP HTTP
TCP TCP
Layer 2
IP IP IP forwarding IP
Lower Lower PPP PPP
layers layers
PPPoE PPPoE PPPoE PPPoE
ETH ETH ETH ETH ETH ETH ETH ETH

ETH
Lower Lower Lower Lower Lower Lower Lower Lower
layers layers layers layers layers layers layers layers
357
PPPoE Relay in 7302 ISAM with IB-mode
Layer 2
PPPoE relay
IPS forwarding
MacS Add relay ID
IP
E-MAN IB IB
Network
ISP/Internet Network Service LT
Hub/NT IP=?
PPPoE MacA
server
L2: MACA  MACBC L2: MACA  MACBC
PADI : Broadcast with agent circuit ID and agent remote ID PADI : Broadcast
Add relay id
L2: MACS  MACA L2: MACS  MACA
PPPoE PADO : Unicast PADO : unicast
control
frames L2: MACA  MACS L2: MACA  MACS
PADR : Unicast with agent circuit ID and agent remote ID PADR : unicast
L2: MACS  MACA L2: MACS  MACA
PADS : Unicast with session ID PADS : unicast with

session ID
PPPoE IP=IPA
data PPP session - LCP – PAP/CHAP-IPCP
frames
358
PPPoE Termination
PPP/PPPoE termination in the ISAM 7302
 PPP/PPPoE termination is implemented on the LT boards

• Handles all PPPoE, LCP,PAP/CHAP and IPCP control messages
• Interaction with NT board
Internal communication
 Data packets received over PPP/PPPoE session are pure

IP packets
• IP forwarding needed on the LT
 The Service hub/NT remains a pure layer 2 switch
360
PPP/PPPoE termination
RADIUS RADIUS Client

Server Local IP-address Management
Local Authentication pool
(not supported yet )
ISP/Internet
PPP/PPPoE
IB CTR Server
FW
IP E-MAN LT
Aggr
Network Network IC-VLAN
Edge
Router
HTTP HTTP
TCP TCP
IP IP IP IP IP IP
Lower Lower ETH ETH ETH ETH ETH ETH PPP PPP
layers layers
Lower Lower Lower Lower Lower Lower PPPoE PPPoE
ETH ETH
ETH
Lower Lower
layers layers
361
PPP/PPPoE termination- with PAP
RADIUS RADIUS PPP/PPPoE

Edge Server client Server
Router
IB CTR
E-MAN FW
Aggr
Network
LT
IP=?
MacA
PPPoE Discovery phase:

P
P
LCP phase P
o
PAP authentication request E
Access Request S
Authentication Internal comm
Phase e
Access Accept
Internal comm s
s
i
PAP authentication request o
n
Enable IP forwarding in PPP IPCP phase -
the data - plane IP=IPA
I
D
362
PPP/PPPoE termination – with CHAP
RADIUS RADIUS PPP/PPPoE

Edge Server client Server
Router
IB CTR
E-MAN FW
Network Aggr
LT
IP=?
MacA
PPPoE Discovery phase:

P
LCP phase P
P
CHAP Challenge o
E
CHAP Response
Access Request
Authentication Internal comm
Phase S
Access Accept e
Internal comm
s
s
CHAP Succes i
o
n
Enable IP forwarding in PPP IPCP phase
the data - plane IP=IPA -
I
D
363
Exercises
ISAM backup & restore
7302/5523 operator
368
Database locations
ISAM 1
NT ISAM 2
NT
AWS
DB 1
DB 2
ISAM 3
NT
DB 3
ISAM x
NT
DB 1
DB 1
DB 3
BACKUP DB x
DB x
RESTORE
 Backup and/or restore can be triggered manually and

automatically!
369
Backup Parts: ASAM Core & Service Hub
 A backup of 7302 ISAM has the following 2 main blocks:
• Backup of the ASAM-part

Equipment information
ASAM Core
Profiles
NT DB VP/VC parameters
Alarm- and trap settings
System data
• Backup of the Service Hub

Service Hub
VLAN parameters
DB
Profiles
DHCP, IGMP parameters
System data
370
General Backup/Restore configuration
 Backup/Restore features can be

ANEL EML-USM
configured via ANEL and/or EML view
 Configurable options
Configuration • Periodic automatic backup each “set”
Supervision
time
Configured via administration
Backup/Restore Backup/Restore
• Automatic restore after erase
persistency
Configuration •Configure
Erase persistency = empty MIB on NT
• After x number of changes
Related to SNMP set commands
371
Manual backup/restore
 Performing a manual backup/restore

ANEL can be done via the ANEL or EML view EML-USM
 The backup file name exists out of

following items:
• File name
Configuration Supervision
For Autobackup, filename prefix is
“Autobackup” and suffix is “AUTO”
Backup/Restore For manual backup, name given by Backup/Restore
operator
•Backup • ASAM release & software information •Backup
• Date and time of backup
•Restore •Restore
•List Backup •List Backup
Files Files
•Delete Backup •Delete Backup
Files Files
372
List Backup Files
Backup files
• manual
• automatic
backup files on unix

level
373
7302/5523 Hands-on
Backup / Restore of ASAM-CORE and service

hub
Hands-on

 Exercises
• Backup / Restore of ASAM-CORE and service hub
375
Hands-on

 Exercises
• Backup / Restore of ASAM-CORE and service hub
376
o
Fault Management
7302/5523 Operator
377
Objectives

• Describe how alarms are handled by the AWS
• retrieve a list of all the current alarms (NE or object level) Perform
actions on a alarm (acknowledge, …)
• describe the different actions that can be performed on an alarm
• retrieve detailed information of a specific alarm
• overrule the alarm reporting mode on the ISAM for a specific port
378
Alarm Management - General (1/2)
 Current Alarms Management

AS Current USM (CAL) AS Historical USM (HAL)
• real-time treatment
• overall alarm status of NE
• dynamically updated
Archive
CURRENT HISTORICAL
 Historical Alarms Management ALARMS ALARMS
(Current AS-IM) (Historical AS-IM)
• consultation of:
– historical alarms
– alarms that haven’t been in CAL
EML-IM
379
Alarm Management – General (2/2)
 AS USM (CAL USM or HAL USM): AS-USM
• sublists
• counters
Counter
Summary
Window
 Obtain detailed information
• Alarm Sublist Window
• More Information Window Alarm
Sublist
Window
 Perform action on current alarm:
• e.g acknowledge, purge
More
Information
Window
380
Launch CAL (1/2)
 Main menu  Alarms

• CAL counter summary window opens
up
Main menu  Administration 

AWS
 APL. MGR
Application  Alarms
• CAL counter summary window opens
up Application
Alarms
381
Launch CAL (2/2) – Create sublists on the fly
 Via ANEL
ANEL EML-USM
• sublist for the selected NE
 Via EML-USM
View View
• sublists for:
Show – NE Show
– selected object:
Rack Alarms
Alarms
Subrack
Board
Physical port •On NE
Logical port (ATM TP) •On object
382
Counter Summary Window
 Display statistics on alarms.

• Sublists (filter criteria)
– pre-defined (CAL)
– or created by operator
• Alarm counters
– severity level
– status
new alarm(s) occured

since the last selection Pre-defined
of the sublist sublists
Additional sublists
created by operator
Information box
Indicator field
383
Alarm Sublist
 Groups alarms according to filtering criteria

• pre-defined sublists
• sublists defined by user
 Allows you to work on a subset of alarms
 Rightclick on alarm  perform action on alarm
Sublist Alarm
summary
Alarm
details
384
More information window
 Double click on alarm  more alarm information

• helpful for locating and diagnosing the problem
385
Incoming Alarm Routing
• When the alarm is CLEARED and

ACKed (Auto-ACK is possible)
• When the alarm is PURGED
(Auto-purge is possible)
HAL USM
ALARM CAL USM
Curr.
AS IM
Sublists Sublists
(USM) (USM)
ALARM
Alarm
If the alarm severity > ASAM severity

NE1
386

ISAM

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

ISAM

Încărcat de

Drepturi de autor:

Formate disponibile

7302-7330/5523 Operator

Getting started & Administration

 Access to AWS Front Panel

 Allows to select the application

 information about software elements of 5523 AWS

 Launch AWS Application Manager

 Launch CAL USM

 Launch Events and Log Management

 Via Process monitoring

 Start/Stop AWS core processes: Process Monitoring

RED: At least GREEN: Process(es)

This process has been stopped

 Status Icon or DPC Icon

• button to launch Process Monitoring

 Possibility to configure and show license

 Show license rights

 button ‘list logged in users’

Navigation and indicators

 Main menu APL. MGR

 Tree Area: hierarchical view.

 Supervision State  Alarm Synthesis tag

 Scoped Command tag

• Filter icon in the lower right corner

 Find (in selected ASAM-CORE)

 Find (in selected service hub)

• NE configuration • Definition • Deployment • Utilities

Navigation and indicators

 From ANEL ANEL-USM

 Four different views in EML-USM

• One level up:

Alarm overview area

Permanent menu items Context-specific menu items

 Menu Bar - Permanent menu items

 Per-severity alarm subpanel

• Number of alarms of that severity

 Per-domain alarm subpanel

 S Alarms Per-severity alarm subpanel = S Alarms Per-domain alarm subpanel

 Operational state: Reachability of the NE

 Protection mode: NT redundancy mode.

 Synchronization mode : NT database synchronization

NSY yellow (Square): No synchronization

 Backup/restore mode: ongoing B/R operation on NE

 Persistency status: persistent data loss

 Alarm Synthesis tag = summary of

 All alarms cleared:

 At least one alarm present: …

• Color of the tag is the color of the most severe alarm.

 Alarm Status tag: summary of alarms of the object itself only.

All alarms on object cleared At least one alarm present on object

 If the Alarm Status tag is selected, then the alarm overview

 RED indicates a critical alarm!  CRI

 ORANGE indicates a major alarm!  MAJ

 YELLOW indicates a minor alarm!  MIN

 BLUE indicates a warning alarm!  WNG

 WHITE indicates an indeterminate alarm!  IND

Navigation and indicators

 Alarm status tag in Icon Container: ASAM related alarms

 Alarm synthesis tag on subrack summarizes alarms of:

 No display of operational state and administrative state tags for

• Protection enabled (Standby) 

• Protection enabled (Active) 

Navigation and indicators

 Alarm status tag in Icon Container: status of the shelf

Navigation and indicators