6 - Access Layer Intro

 Access Layer DSLAM
 ACCESS Layer cabin

 Point To Point Protocol over Ethernet (PPPOE)
 AAA Servers
 MSAN centralized Solution
 Bit Stream Solution
 Access Layer DSLAM
 DSLAM Types:
o IP DSLAM:
 ALCATEL ISAM 7200.
 Huawei 5600 series (5600 &5603).
o ATM DSLAM:
 ALCATEL AZAM.
 Huawei 5100 series (5100 & 5103 ).
 Huawei DSLAM Mapping:

o IP Technology
 Service port for ADSL customers at child: we use tagging VLAN outer#233, inner#557
service-port vlan 233 adsl 0/4/0 vpi 0 vci 35 single-service rx-cttr 6 upc off tx-cttr 6 upc off
stacking label 0/4/0 vpi 0 vci 35 single-service 557
 Service port at parent : we use tagging VLAN outer#250, inner#557

service-port vlan 250 atm 0/15/1 vpi 233 vci 557 single-service rx-cttr 6 upc off tx-cttr 6 upc off
stacking label 0/15/1 vpi 0 vci 35 single-service 557
o ATM Technology
 PVC for IP DSLAM at child:
pvc adsl 0/9/15 vpi 0 vci 35 ima 0/7 groupindex 0 vpi 31 vci 262 rx-cttr 6 upc off tx-cttr 6 upc off
pvc adsl 0/5/16 vpi 0 vci 35 e3 0/7/0 vpi 30 vci 209 rx-cttr 6 upc off tx-cttr 6 upc off
pvc adsl 0/5/16 vpi 0 vci 35 atm 0/7/0 vpi 30 vci 209 rx-cttr 6 upc off tx-cttr 6 upc off
 PVC for IP DSLAM at parent:

pvc ima 0/15 groupindex 1 vpi 252 vci 677 atm 0/15/0 vpi 252 vci 677 cast-type p2p rx-cttr 6 upc off tx-cttr 6 upc off
pvc e3 0/15/1 vpi 252 vci 677 atm 0/15/0 vpi 252 vci 677 cast-type p2p rx-cttr 6 upc off tx-cttr 6 upc off
pvc atm 0/15/1 vpi 252 vci 677 atm 0/15/0 vpi 252 vci 677 cast-type p2p rx-cttr 6 upc off tx-cttr 6 upc off
pvc ima 0/4 groupindex 1 vpi 252 vci 677 ima 0/7 groupindex 0 vpi 252 vci 677 cast-type p2p rx-cttr 6 upc off tx-cttr 6 upc off
 PVC for ATM at child:

pvc adsl 0/9/5 vpi 0 vci 35 ima 0/13 groupindex 0 vpi 31 vci 262 rx-cttr 2 upc off tx-cttr 2 upc off
pvc adsl 0/9/29 vpi 0 vci 35 e3 0/7/0 vpi 19 vci 286 rx-cttr 2 upc off tx-cttr 2 upc off
pvc adsl 0/4/6 vpi 0 vci 35 atm 0/7/0 vpi 175 vci 185 rx-cttr 2 upc off tx-cttr 2 upc off
 PVC for ATM at child:

pvc e3 0/4/6 vpi 0 vci 35 atm 0/7/0 vpi 175 vci 185 rx-cttr 2 upc off tx-cttr 2 upc off
 ACCESS Layer cabin

 Cabin Type
o Huawei
o Ericson
o ZTE
o Nokia Siemens
 Point To Point Protocol over Ethernet (PPPOE)
 Point To Point Protocol (PPP) and Point To Point Protocol over Ethernet (PPPoE) are network protocols that allow
data communication between two points (Computers, or hosts).
 PPPoE is encapsulated in Ethernet frames.
 PPP uses Link Control Protocol (LCP) to establish a session between a user's computer and an ISP.
 PPP supports three types of user authentication protocols that provide varying levels of security
o PAP (Password Authentication Protocol)
o CHAP (Challenge Handshake Authentication Protocol)
o EAP (Extensible Authentication Protocol)
 Also known as PPPoE discovery, involves the following steps:

o Initiation - The client software sends a PPPoE Active Discovery Initiation (PADI) packet to the server to initiate the session.
o Offer - The server responds with a PPPoE Active Discovery Offer (PADO) packet.
o Request - Upon receipt of the PADO packet, the client responds by sending a PPPoE Active Discovery Request (PADR) packet
to the server.
o Confirmation - Upon receipt of the PADR packet, the server responds by generating a unique ID for the PPP session and sends
it in a PPPoE Active Discovery Session (PADS) confirmation packet to the client.
o Confirmation - generating a unique ID for the PPP session and sends it (PADS) confirmation packet.
PPPOE or PPPOA
Authentication
Authorization
Accounting
TE Cloud Ethernet
DSLAM BRAS
Initiation - The client software sends a (PADI)
packet to the server to intitiate the session.
Offer - The server responds with (PADO) packet.
Request -the client responds by sending (PADR)

packet to the server.
Confirmation - generating a unique ID for the

PPP session and sends it (PADS) confirmation
packet
 AAA Servers
 Authentication:
o provides a way of identifying a user, typically by having the user enter a valid (user name, password and NAS port ID
associated with user&pass)
o Determining access is granted or denied.
 Authorization:
o After logging into a system, determining what types of services a user is permitted.
 Accounting:
o Measures the resources a user consumes during access.
o The calculation may be for the amount of system time or the amount of data a user has sent and/or received during a session.
 AAA services are often provided by a dedicated AAA server.

 Standard AAA server is the Remote Authentication Dial-In User Service (RADIUS).
 ADSL over PPPoE configuration

 Service ADSL interface
RAMSIS-R17C-C-EG#show run inter GigabitEthernet0/2/4.113
Building configuration...
interface GigabitEthernet0/2/4.113
description AIAT-D02H-GZ-EG GLBL L2
encapsulation dot1Q 113 second-dot1q any
pppoe enable group global
pppoe max-sessions 20000
end
 Broadband Aggregation group

bba-group pppoe global
virtual-template 500
vendor-tag circuit-id service …… NAS port ID commands
nas-port format d 2/3/3
sessions per-vc limit 5000
 Virtual Template
RAMSIS-R17C-C-EG#show run interface virtual-template 500
interface Virtual-Template500
description "GLOBAL"
ip vrf forwarding RMS.BB
ip unnumbered Loopback0
ip mtu 1492
ip tcp adjust-mss 1432
no logging event link-status
peer default ip address pool TEDATA
ppp lcp delay 5 random 20
ppp authentication pap SBR-SERVER
ppp authorization SBR-SERVER
ppp accounting SM
service-policy type control tedata-parent-1
 MSAN centralized Solution

 All MX104 (PE) boxes are mostly physically connected to Aggregator Router where BRAS are connected
 MPLS L2VPN toward the aggregation side to interface facing BRAS .
 VLAN range are allowed for using for BB (401-480) will be used per location and can be reused on different location
 We will do vlan re-write at Aggregator node to support reusing of the vlan range.
 MX104 (PE) Termination:
o Option1
 MX104 (PE) is linked to the aggregator though MPLS cloud
 MX104 (PE) will be activated as normal PE
o Option 2
 MX104 (PE) will be linked directly to pop Gateway (ASR9K/MX960)
 MX104 (PE) will be activated as normal PE
o Option 3
 MX104 (PE) will be linked directly to the BRAS located on the same pop.
 MX104 (PE) will be activated as normal layer 2 switch for BNG
 MSAN MX104 (PE) Termination:

o For Option 1&2 we can use l2VPN or VPLS
o For Option 3 we use termination router as L2 switch.
 MSAN Cabin Termination:

As there is different solution to configured cabin interface and way to target BNG:
1. Type1: MPLS L2VPN.
2. Type2: MPLS VPLS – MPLS L2VPN.
3. Type3: Bridge – MPLS L2VPN.
 Bit Stream Solution
 The same as MSAN centralized solution except that the termination or service routers (BRAS or BNG) are the
responsibility of other ISP’s.
 TE Data connect to other bit steam ISP at Auto or RAMSIS only.
 Each ISP use specific outer VLAN for all cabins and we do vlan re-wright at aggregator.
 Option1 is the most used solution; MX104 (PE) is linked to the aggregator though MPLS cloud.
 Centralized Solution Configuration

1. MSAN Cabin Termination type1: MPLS L2VPN
 REMAYAH cabin connections:
o Main (MPLS L2VPN option1).
o Backup (MPLS L2VPN option1).
o Bit stream (MPLS L2VPN option1).
 BIEGAM cabin connections:

o Main (MPLS L2VPN option2).
o Backup (MPLS L2VPN option2) the same as REMAYAH-RAMSIS.
o Bit stream (MPLS L2VPN) the same as REMAYAH-RAMSIS.
 REMAYAH cabin configuration:-
o REMAYAH-R02J Configuration:
 Interfaces configuration:
 Main (physical) interface
ahmed.dakrory@REMAYAH-R02J-GZ-EG> show configuration interfaces ge-0/2/7 | display set
set interfaces ge-0/2/7 description 04-4-25-35-L1-GIG
set interfaces ge-0/2/7 flexible-vlan-tagging
set interfaces ge-0/2/7 encapsulation flexible-ethernet-services
 TE Data management interface

set interfaces ge-0/2/7 unit 400 description 04-4-25-35-TED-MGMT
set interfaces ge-0/2/7 unit 400 vlan-id 400
set interfaces ge-0/2/7 unit 400 family inet address 10.40.198.105/29
 TE Data global interface

set interfaces ge-0/2/7 unit 447 description 04-4-25-35-GLBL
set interfaces ge-0/2/7 unit 447 encapsulation vlan-ccc
 TE management interface
set interfaces ge-0/2/7 unit 942 description "04-4-25-35-TE-MGMT "
 TE voice traffic interface

set interfaces ge-0/2/7 unit 943 description "04-4-25-35-TE-SIP "
set interfaces ge-0/2/7 unit 943 family inet filter input VOICE-PRIMUM
 Bit stream Vodafone interface

set interfaces ge-0/2/7 unit 1701 description " 04-4-25-35 VODA-UNLMT4 "
 Bit stream Link.net interface

set interfaces ge-0/2/7 unit 1705 description " 04-4-25-35 LINK-UNLMT4 "
 Bit stream Etisalat interface

set interfaces ge-0/2/7 unit 1709 description " 04-4-25-35 ETSLT-UNLMT4 "
 Bit stream Noor interface

set interfaces ge-0/2/7 unit 1713 description " 04-4-25-35 NOOR-UNLMT4 "
 MPLS L2VPN configuration:
 MPLS L2VPN
ahmed.dakrory@REMAYAH-R02J-GZ-EG>
show configuration protocols l2circuit neighbor 10.45.0.208 interface ge-0/2/7.447 | display set
 Main (MPLS L2VPN option1).

set protocols l2circuit neighbor 10.45.0.208 interface ge-0/2/7.447 virtual-circuit-id 103
set protocols l2circuit neighbor 10.45.0.208 interface ge-0/2/7.447 mtu 1600
set protocols l2circuit neighbor 10.45.0.208 interface ge-0/2/7.447 revert-time 5
 Backup (MPLS L2VPN option1)

set protocols l2circuit neighbor 10.45.0.208 interface ge-0/2/7.447 backup-neighbor 163.121.171.54 virtual-circuit-id 107
set protocols l2circuit neighbor 10.45.0.208 interface ge-0/2/7.447 backup-neighbor 163.121.171.54 standby
 Bit stream Vodafone (MPLS L2VPN option1)

ahmed.dakrory@REMAYAH-R02J-GZ-EG> show configuration protocols l2circuit | match ge-0/2/7| display set
 Main (physical) interface

 Bit stream Etisalat (MPLS L2VPN option1).

 Bit stream Noor (MPLS L2VPN option1).

 L2circuit status
ahmed.dakrory@REMAYAH-R02J-GZ-EG> show l2circuit connections interface ge-0/2/7.447
Neighbor: 10.45.0.208
Interface Type St Time last up # Up trans
ge-0/2/7.447(vc 103) rmt Up May 18 12:30:34 2016 1
Remote PE: 10.45.0.208, Negotiated control-word: No
Incoming label: 732480, Outgoing label: 31236
Negotiated PW status TLV: No
Local interface: ge-0/2/7.447, Status: Up, Encapsulation: VLAN
Neighbor: 163.121.171.54
ge-0/2/7.447(vc 107) rmt ST
o RODA-R31C aggregator Configuration for main L2VPN (REMAYAH-RODA)

 TE Data global interface for one cabin
RP/0/RSP0/CPU0:RODA-R31C-C-EG#show run interface Te0/5/0/3.103
Wed May 18 15:39:25.766 EGY
interface TenGigE0/5/0/3.103 l2transport
description 04-4-25-35 GLBL
encapsulation dot1q 103
rewrite ingress tag translate 1-to-1 dot1q 447 symmetric ……. VLAN re-write
mtu 1614
 L2VPN is connected to interface facing BNG.
RP/0/RSP0/CPU0:RODA-R31C-C-EG#show run interface Te0/5/0/3
Wed May 18 15:39:28.911 EGY
interface TenGigE0/5/0/3
description RODA-R34C-C-EG L4 10GIG
cdp
mtu 9192
service-policy output Qos-TenGig
carrier-delay up 1000 down 0
load-interval 30
dampening
 Main (MPLS L2VPN) REMAYAH-RODA

RP/0/RSP0/CPU0:RODA-R31C-C-EG#show running-config l2vpn xconnect group REMAYAH
Wed Jun 1 06:01:26.252 EGY
l2vpn
xconnect group REMAYAH
p2p 04-4-25-35
interface TenGigE0/5/0/3.103
neighbor ipv4 10.45.0.165 pw-id 103
pw-class Ethernet
 Main (MPLS L2VPN) REMAYAH-RODA syntax

RP/0/RSP0/CPU0:RODA-R31C-C-EG(config)#
l2vpn xconnect group REMAYAH p2p 04-4-25-35 interface TenGigE0/5/0/3.103
l2vpn xconnect group REMAYAH p2p 04-4-25-35 neighbor ipv4 10.45.0.165 pw-id 104 pw-class Ethernet
 L2VPN Status
RP/0/RSP0/CPU0:RODA-R31C-C-EG#show l2vpn xconnect interface TenGigE0/5/0/3.103
Wed Jun 1 06:33:01.833 EGY
Legend: ST = State, UP = Up, DN = Down, AD = Admin Down, UR = Unresolved,
SB = Standby, SR = Standby Ready, (PP) = Partially Programmed
XConnect Segment 1 Segment 2

Group Name ST Description ST Description ST
------------------------ ----------------------------- -----------------------------
REMAYAH 04-4-25-35 UP Te0/5/0/3.103 UP 10.45.0.165 103 UP
----------------------------------------------------------------------------------------
o RODA-R34C BNG configuration

 Global service interface
RP/0/RSP0/CPU0:RODA-R34C-C-EG#show run interface Te0/1/1/0.103
Wed May 18 15:47:21.141 EGY
description 04-4-25-35
ipv4 point-to-point
ipv4 unnumbered Loopback0
service-policy type control subscriber STARTING_POLICY
pppoe enable bba-group tedata
encapsulation ambiguous dot1q 103 second-dot1q any
 Show session for specific interface
RP/0/RSP0/CPU0:RODA-R34C-C-EG#show subscriber session filter access-interface Te0/0/1/0.365
Wed May 18 16:05:37.671 EGY
Codes: IN - Initialize, CN - Connecting, CD - Connected, AC - Activated,
ID - Idle, DN - Disconnecting, ED - End
Type Interface State Subscriber IP Addr / Prefix

LNS Address (Vrf)
--------------------------------------------------------------------------------
PPPoE:PTA Te0/0/1/0.365.pppoe45003 AC 156.208.39.79 (GZA-BB)
o RAMSIS-R31C aggregator Configuration for backup L2VPN (REMAYAH-RAMSIS)

RP/0/RSP0/CPU0:RAMSIS-R31C-C-EG#show run interface Te0/3/0/3.107
Wed May 18 16:34:59.155 EGY
description 04-4-25-35 GLBL
rewrite ingress tag translate 1-to-1 dot1q 447 symmetric
mtu 1614
 L2VPN is connected to interface facing backup BNG.

RP/0/RSP0/CPU0:RAMSIS-R31C-C-EG#show run interface Te0/3/0/3
Wed May 18 16:34:53.210 EGY
description RAMSIS-R34C-C-EG L4 10GIG
cdp
mtu 9192
service-policy output Qos-TenGig
carrier-delay up 1000 down 0
load-interval 30
dampening
 Backup (MPLS L2VPN) REMAYAH-RAMSIS

RP/0/RSP0/CPU0:RAMSIS-R31C-C-EG# RP/0/RSP0/CPU0:RAMSIS-R31C-C-EG#show running-config l2vpn xconnect group
REMAY$
Wed Jun 1 06:15:42.467 EGY
l2vpn
xconnect group REMAYAH
p2p 04-4-25-35
pw-class Ethernet
 RAMSIS-R34C backup BNG configuration
All sub interfaces for the main interface Te0/1/1/0 are served by interface (Te0/1/1/0.4000) only one as it is backup
, Global interface is configured with any/any VLAN for outer/inner VLAN
RP/0/RSP0/CPU0:RAMSIS-R34C-C-EG#show running-config interface Te0/1/1/0.4000
Wed May 18 16:41:00.960 EGY
description "GLOBAL"
ipv4 point-to-point
ipv4 unnumbered Loopback0
service-policy type control subscriber STARTING_POLICY_BK
pppoe enable bba-group bba-0-1-1-0
encapsulation ambiguous dot1q any second-dot1q any ……… outer/inner allow any/any
o MPLS L2VPN (BIEGAM-GIZA) The aggregator is a juniper router:

 MX104 (PE) configuration is the same as REMAYAH but the aggregator is configured as the below.
 BNG also configured the same.
ahmed.dakrory@GIZA-R31J-GZ-EG> show configuration interfaces xe-4/1/6.105 | display set
set interfaces xe-4/1/6 unit 105 description 02-1-03-D-01-S6
set interfaces xe-4/1/6 unit 105 encapsulation vlan-ccc
set interfaces xe-4/1/6 unit 105 vlan-id 105
set interfaces xe-4/1/6 unit 105 input-vlan-map swap
set interfaces xe-4/1/6 unit 105 input-vlan-map vlan-id 420
set interfaces xe-4/1/6 unit 105 output-vlan-map swap
 Main MPLS L2VPN (BIEGAM-GIZA):

ahmed.dakrory@GIZA-R31J-GZ-EG>
show configuration protocols l2circuit neighbor 10.45.0.15 interface xe-4/1/6.105 | display set
set protocols l2circuit neighbor 10.45.0.15 interface xe-4/1/6.105 virtual-circuit-id 41105
set protocols l2circuit neighbor 10.45.0.15 interface xe-4/1/6.105 mtu 1600
 Bit Stream Configuration

 VODAFONE
o REMAYAH-R02J Configuration (PE):
 Vodafone global interface
ahmed.dakrory@REMAYAH-R02J-GZ-EG> show configuration interfaces ge-0/0/2.1701 | display set
set interfaces ge-0/0/2 unit 1701 description "04-2-53-01 suncity VODA-UNLMT"
 MPLS L2VPN (REMAYAH-RAMSIS).

ahmed.dakrory@REMAYAH-R02J-GZ-EG> show configuration protocols l2circuit neighbor 163.121.171.54 interface ge-
0/0/2.1701 | display set
 MPLS L2VPN Status
ahmed.dakrory@REMAYAH-R02J-GZ-EG> show l2circuit connections interface ge-0/0/2.1701
Neighbor: 163.121.171.54
ge-0/0/2.1701(vc 314) rmt Up May 9 11:05:10 2016 1
Local interface: ge-0/0/2.1701, Status: Up, Encapsulation: VLAN
o RAMSIS-R31C configuration (Aggregator):

 Global interface for one cabin
RP/0/RSP0/CPU0:RAMSIS-R31C-C-EG#show running-config interface Te0/0/0/32.314
Wed May 18 16:54:35.964 EGY
description 04-2-53-01 VODA-UNLMT
rewrite ingress tag translate 1-to-1 dot1q 1701 symmetric
mtu 1614
 L2VPN is connected to interface facing other ISP BNG or BRAS

RP/0/RSP0/CPU0:RAMSIS-R31C-C-EG#show running-config interface Te0/0/0/32
Wed May 18 16:54:45.094 EGY
description VODAFONE-BITSTREAM-L1-10G
mtu 4470
load-interval 30
 MPLS L2VPN (REMAYAH-RAMSIS)

RP/0/RSP0/CPU0:RAMSIS-R31C-C-EG#
show running-config l2vpn xconnect group Bitstream_VODA p2p 04-2-53-01 interface TenGigE0/0/0/32.314
Wed May 18 16:54:05.650 EGY
l2vpn
xconnect group Bitstream_VODA
p2p 04-2-53-01
pw-class Ethernet
 MPLS L2VPN (REMAYAH-RAMSIS) Status

RP/0/RSP0/CPU0:RAMSIS-R31C-C-EG#show l2vpn xconnect neighbor 10.45.0.165 pw-id 314
Wed May 18 16:52:27.564 EGY
Legend: ST = State, UP = Up, DN = Down, AD = Admin Down, UR = Unresolved,
SB = Standby, SR = Standby Ready, (PP) = Partially Programmed
XConnect Segment 1 Segment 2

Group Name ST Description ST Description ST
------------------------ ----------------------------- -----------------------------
Bitstream_VODA
04-2-53-01 UP Te0/0/0/32.314 UP 10.45.0.165 314 UP
2. MSAN Cabin Termination type2: MPLS VPLS - MPLS L2VPN
 There is VPLS for each cabin in ring, if we have 3 cabins so we need to configure 3 VPLS
o Global
 How to configure logical tunnel (lt) interface.
ahmed.dakrory@KOBBA-R02J-C-EG> show configuration | display set | match fpc
set chassis fpc 0 pic 0 tunnel-services ….. lt-0/0/0.xx
 Ring interface configuration:

 Rings interfaces configuration for first (west) interface
ahmed.dakrory@KOBBA-R02J-C-EG> show configuration | display set | match ge-0/0/1
set interfaces ge-0/0/1 description "KOBAC6_2-M01H-C-EG L1 GIG"
 Management interface for all cabins using vlan#400 with encapsulation vlan-bridge and management IP configured under IRB.400
set interfaces ge-0/0/1 unit 400 description TE-DATA
set interfaces ge-0/0/1 unit 400 encapsulation vlan-bridge
 Global interface for a cabin in ring using global vlan#401 also notes encapsulation vlan-vpls
set interfaces ge-0/0/1 unit 401 encapsulation vlan-vpls
 Global interface for a cabin in ring using global vlan#402

set interfaces ge-0/0/1 unit 402 description ONU6-02
 Global interface for a cabin in ring using global vlan#403

 Global interface for n cabin in ring using global vlan#404

 Interface is configured with control vlan#480 , using for ERP.

set interfaces ge-0/0/1 unit 480 description controlVLAN
set interfaces ge-0/0/1 unit 480 family bridge interface-mode trunk
set interfaces ge-0/0/1 unit 480 family bridge vlan-id-list 480
 East interface configuration is the same as west one.

ahmed.dakrory@KOBBA-R02J-C-EG> show configuration | display set | match ge-0/1/1
set interfaces ge-0/1/1 description "EAST L1 GIG "
set interfaces ge-0/1/1 unit 400 description TE-DATA




set interfaces ge-0/1/1 unit 480 description controlVLAN

set interfaces ge-0/1/1 unit 480 family bridge interface-mode trunk
set interfaces ge-0/1/1 unit 480 family bridge vlan-id-list 480
 As example we can discuss configuration for cabin using vlan#402:

 Both east and west interfaces are configured under routing instance MSAN2-RING1 , physical interfaces are site 1
ahmed.dakrory@KOBBA-R02J-C-EG> show configuration | display set | match ge-0/0/1.402
set routing-instances MSAN2-RING1 interface ge-0/0/1.402
set routing-instances MSAN2-RING1 protocols vpls site 1 interface ge-0/0/1.402
 MPLS VPLS configuration for cabin using VLAN#402

ahmed.dakrory@KOBBA-R02J-C-EG> show configuration routing-instances MSAN2-RING1 | display set
set routing-instances MSAN2-RING1 instance-type vpls
set routing-instances MSAN2-RING1 interface lt-0/0/0.402
set routing-instances MSAN2-RING1 route-distinguisher 8452:2

set routing-instances MSAN2-RING1 vrf-target target:8452:2
set routing-instances MSAN2-RING1 protocols vpls site-range 10

set routing-instances MSAN2-RING1 protocols vpls site 1 site-identifier 1
set routing-instances MSAN2-RING1 protocols vpls site 2 site-identifier 2
set routing-instances MSAN2-RING1 protocols vpls site 2 interface lt-0/0/0.402
o Ethernet Ring Protection Protocol (ERP)
 Ring topology will be depend on Ethernet ring protection protocol to grantee diversity paths over the ring in case of fail in
any part of the ring , it’s supposed that ERPs provide recovery time around 50ms for the traffic running on the ring.
 ERP protocol has two Node type

1-RPL Owner Node:
Control the state of RPL.
Initiate ring automatic protection switching message (R-APS).
2-Normal node:
All other nodes in the ring.
Configured to listen and forward the R-APS.
Generate R-APS message when local link failure occur.
 In case of failure in the ring the blocked interface will change to forwarding state the traffic flow normal over the ring.
 IP Gateway should handle traffic coming from one side of the ring or both sides of the ring
 There are two interfaces are eligible to forward data in some cases so we cannot assign the layer 3 termination IP for
any of the physical interface so we configure IRB interfaces for each to act as gateway to specific vlan where the vlan
could represent a customer of services .
 Configure a bridge domain using vlan#480
ahmed.dakrory@KOBBA-R02J-C-EG> show configuration bridge-domains vlan_480 | display set
set bridge-domains vlan_480 vlan-id 480
 PE is RPL owner and interfaces is configured under ERP

ahmed.dakrory@KOBBA-R02J-C-EG> show configuration protocols protection-group ethernet-ring MSAN | display set
set protocols protection-group ethernet-ring MSAN ring-protection-link-owner
set protocols protection-group ethernet-ring MSAN east-interface control-channel vlan 480
set protocols protection-group ethernet-ring MSAN east-interface control-channel ge-0/1/1.480
set protocols protection-group ethernet-ring MSAN east-interface ring-protection-link-end
set protocols protection-group ethernet-ring MSAN west-interface control-channel vlan 480
set protocols protection-group ethernet-ring MSAN west-interface control-channel ge-0/0/1.480
 Stitching between lt-0/0/0.402 (encapsulation vlan-vlps) and lt-0/0/0.420 (encapsulation vlan-ccc)

ahmed.dakrory@KOBBA-R02J-C-EG> show configuration interfaces lt-0/0/0.402 | display set
set interfaces lt-0/0/0 unit 402 encapsulation vlan-vpls
set interfaces lt-0/0/0 unit 402 vlan-id 402
set interfaces lt-0/0/0 unit 402 peer-unit 420
ahmed.dakrory@KOBBA-R02J-C-EG> show configuration interfaces lt-0/0/0.420 | display set

set interfaces lt-0/0/0 unit 420 encapsulation vlan-ccc
 We use MPLS L2VPN to aggregator by using local lt-0/0/0.420

ahmed.dakrory@KOBBA-R02J-C-EG> show configuration | display set | match lt-0/0/0.420
set protocols l2circuit neighbor 10.45.2.100 interface lt-0/0/0.420 virtual-circuit-id 11
set protocols l2circuit neighbor 10.45.2.100 interface lt-0/0/0.420 mtu 1600
set protocols l2circuit neighbor 10.45.2.100 interface lt-0/0/0.420 revert-time 5
set protocols l2circuit neighbor 10.45.2.100 interface lt-0/0/0.420 backup-neighbor 163.121.171.54 virtual-circuit-id
210301
set protocols l2circuit neighbor 10.45.2.100 interface lt-0/0/0.420 backup-neighbor 163.121.171.54 standby
 MPLS L2VPN status

ahmed.dakrory@KOBBA-R02J-C-EG> show l2circuit connections interface lt-0/0/0.420
Neighbor: 10.45.2.100
lt-0/0/0.420(vc 11) rmt Up Mar 25 23:08:20 2016 1
Local interface: lt-0/0/0.420, Status: Up, Encapsulation: VLAN
Flow Label Transmit: No, Flow Label Receive: No
Neighbor: 163.121.171.54
lt-0/0/0.420(vc 210301) rmt ST
o Management
 IRB interface (Management interface)
 There is only one TE Data management interface IRB.400 per device for all VPLS and Bridge.
 Integrated routing and bridging (IRB) provides simultaneous support for Layer 2 bridging and Layer 3 routing on the same
interface.
 IRB enables you to route packets to another routed interface or to another bridge domain that has an IRB interface
configured.
 When you configure IRB interfaces in more than one logical system on a device, all of the IRB logical interfaces share the
same MAC address so we use IRB only for management not for global to avoid flooding.
 Then bridge domain is configured for all interfaces ex (ge-0/0/1.400, ge-0/0/2.400, ..) also for IRB interface.
 Interface IRB.400 configuration, it is routing interface (Layer 3 routing)

ahmed.dakrory@KOBBA-R02J-C-EG> show configuration interfaces irb unit 400 | display set
set interfaces irb unit 400 family inet address 10.40.92.1/29
 Bridge domain vlan_400 configuration, irb.400 support l2 bridging
ahmed.dakrory@KOBBA-R02J-C-EG> show configuration | display set | match vlan_400
Bridge domain for vlan#400
Configure bridge interfaces under bridge-domains vlan_400.

set bridge-domains vlan_400 interface ge-0/0/1.400
 Configure irb.400 as routing interface under bridge-domains vlan_400.

set bridge-domains vlan_400 routing-interface irb.400
3. MSAN Cabin Termination type3: Bridge - MPLS L2VPN

 KOBBA-RAMSIS NOOR
o Aggregator router RAMSIS-R30C.
 The configuration is the same as mentioned earlier in ex (REMAYA-RAMSIS).
 As we only need to configure (sub interface for global traffic, MPLS L2VPN)
o BNG router configuration is the same.

o KOBBA-R02J MX104 (PE).
 Configure PE as virtual switch (bridge domain) to connect more than one interface (multiple cabins) with single virtual inteface.
 All interfaces facing cabin is configured with encapsulation vlan-bridge with the same VLAN as only one VLAN per bridge.
 Also configure virtual interface ex:lt-0/0/0.1713 with encapsulation vlan-bridge.
 All interface (facing cabin and logical one ) are configured under the same bridge domain (virtual switch).
 Establishing targeted MPLS L2VPN to the Aggregator so it will be configured over logical interface but with
encapsulation (vlan-ccc or vlan-tcc)
 So another virtual interface is configured with encapsulation vlan-ccc ex:lt-0/0/0.226
 Stitching is configured between two virtual interfaces (lt-0/0/0.1713 and lt-0/0/0.226) also be noted both interfaces
must be configured for the same VLAN ex:1713
 The targeted MPLS L2VPN to the Aggregator is configured over local virtual interface ex:lt-0/0/0.226 so all traffic
incoming for lt-0/0/0.226 the same as lt-0/0/0.1713 and vice versa then traffic is flooded for all cabin interfaces.
 Configure bridge domain and allowing vlan#1713

 configure interfaces under the same bridge domain
set bridge-domains vlan_1713 interface lt-0/0/0.1713
 Cabins Interfaces configuration

set interfaces ge-0/0/1 unit 1713 description "RING 01-2-06-02&03&04 NOOR-UNLMT"
set interfaces ge-0/0/2 unit 1713 description "RING 01-2-06-05&06&07&08 NOOR-UNLMT"
 Virtual interface configuration, this interface configured also under bridge domain and used for stitching
set interfaces lt-0/0/0 unit 1713 encapsulation vlan-bridge
 Virtual interface configuration, stitching

set interfaces lt-0/0/0 unit 226 encapsulation vlan-ccc
 KOBBA-RAMSIS NOOR MPLS L2VPN over lt-0/0/0.226

set protocols l2circuit neighbor 163.121.171.240 interface lt-0/0/0.226 virtual-circuit-id 226
set protocols l2circuit neighbor 163.121.171.240 interface lt-0/0/0.226 mtu 1600
 MPLS L2VPN status

ahmed.dakrory@KOBBA-R02J-C-EG> show l2circuit connections interface lt-0/0/0.226
Neighbor: 163.121.171.240
lt-0/0/0.226(vc 226) rmt Up Jun 2 13:09:40 2016 1
Local interface: lt-0/0/0.226, Status: Up, Encapsulation: VLAN
Flow Label Transmit: No, Flow Label Receive: No

6 - Access Layer Intro

Uploaded by

Copyright:

Available Formats

You might also like

6 - Access Layer Intro

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

6 - Access Layer Intro

Uploaded by

Copyright:

Available Formats

 Access Layer DSLAM

 ACCESS Layer cabin

 Huawei DSLAM Mapping:

 Service port at parent : we use tagging VLAN outer#250, inner#557

 PVC for IP DSLAM at parent:

 PVC for ATM at child:

 PVC for ATM at child:

 ACCESS Layer cabin

 Also known as PPPoE discovery, involves the following steps:

Offer - The server responds with (PADO) packet.

Request -the client responds by sending (PADR)

Confirmation - generating a unique ID for the

 AAA services are often provided by a dedicated AAA server.

 ADSL over PPPoE configuration

 Broadband Aggregation group

 MSAN centralized Solution

 MSAN MX104 (PE) Termination:

 MSAN Cabin Termination:

 Centralized Solution Configuration

 BIEGAM cabin connections:

 TE Data management interface

 TE Data global interface

 TE voice traffic interface

 Bit stream Vodafone interface

 Bit stream Link.net interface

 Bit stream Etisalat interface

 Bit stream Noor interface

 Main (MPLS L2VPN option1).

 Backup (MPLS L2VPN option1)

 Bit stream Vodafone (MPLS L2VPN option1)

 Main (physical) interface

 Bit stream Etisalat (MPLS L2VPN option1).

 Bit stream Noor (MPLS L2VPN option1).

o RODA-R31C aggregator Configuration for main L2VPN (REMAYAH-RODA)

 Main (MPLS L2VPN) REMAYAH-RODA

 Main (MPLS L2VPN) REMAYAH-RODA syntax

XConnect Segment 1 Segment 2

o RODA-R34C BNG configuration

Type Interface State Subscriber IP Addr / Prefix

o RAMSIS-R31C aggregator Configuration for backup L2VPN (REMAYAH-RAMSIS)

 L2VPN is connected to interface facing backup BNG.

 Backup (MPLS L2VPN) REMAYAH-RAMSIS

o MPLS L2VPN (BIEGAM-GIZA) The aggregator is a juniper router:

 Main MPLS L2VPN (BIEGAM-GIZA):

 Bit Stream Configuration

 MPLS L2VPN (REMAYAH-RAMSIS).

o RAMSIS-R31C configuration (Aggregator):

 L2VPN is connected to interface facing other ISP BNG or BRAS

 MPLS L2VPN (REMAYAH-RAMSIS)

 MPLS L2VPN (REMAYAH-RAMSIS) Status

XConnect Segment 1 Segment 2

 Ring interface configuration:

 Global interface for a cabin in ring using global vlan#402

 Global interface for a cabin in ring using global vlan#403

 Global interface for n cabin in ring using global vlan#404

 Interface is configured with control vlan#480 , using for ERP.

 East interface configuration is the same as west one.