Professional Documents
Culture Documents
BNG With PPPoE Subscriber - Part I - Network Walk
BNG With PPPoE Subscriber - Part I - Network Walk
BNG With PPPoE Subscriber - Part I - Network Walk
Advertisements
Network Walk
JOURNEY FROM BITS TO B YTE S
Let me start with the little history of Dial up Internet access before starting the discussion
on BNG:
Typically the dial up Internet Architecture, the modem at the residential users home
connects to the service provider modem pool through the Telephone line.
A session is established between the end user and the Service provider RAS (Remote Access
Server) using session based protocol PPP.
All the data from End User and Internet will flow through the RAS, where accounting and
session time can be maintained for each user.
Note : RAS is responsible for routing between the Residential user and the Internet.
This type of access was available typically through the existing telephone and Cable TV infra
The service provider utilized DSL technology to give users increased bandwidth.
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 1/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
The residential user connect to an ATM DSL (DSL Access Multiplexer) that resides in Service
Provider Central Office CO. The ATM DSLAM is connected to an ATM or Ethernet network
which in turn connects to a BRAS (Broadband Remote Access Server).
HOME NETWORK +——-+ ATM DSLAM +——-+ ATM AGG +——-+ BRAS+———+INTERNET
The Modem at the residential user home to the service provider model pool through the
telephone line.
A session is established between the end user and the Service Provider BRAS using session
based protocol PPP.
All data flow between the residential user PC and the Internet will flow through the BRAS
where accounting and session time can be maintained for each users. BRAS also used to
route between End User and Internet.
Terminate PPP sessions and routing between end user and provider backbone.
Aggregation subscriber connections from the DSLAM.
Provide interface to DHCP, AAA, and other services
QoS Policy
A new component called BSAN (Broadband Service Access Network) is also indicated, BSAN is
used to connect RG to the aggregation network.
Centralized Broadband Remote Access Server (BRAS) architecture lack the scale, performance
and service flexibility to thrive new VOD-dominated era.
Convergence also simplifies provisioning by removing the need for multiple service overlays
in the access and aggregation networks.
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 2/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
HOME NETWORK :
ACCESS NETWORK :
The primary function of the Access Network is to support different physical access
technology towards the network. BSAN (Broadband Service Access Network) connected the
RG.
The access network consists of BSAN devices. The BSAN devices consists of Line Terminating
(LT) Card and network terminating (NT) card.
The LT Card faced towards the End User and the NT card faced towards the upstream
Aggregation Network.
Each access port on a BSAN LT card can connect to a single RG in the home network.
Therefore a 48 port LT card can connect to 48 end user RG.
AGGREGATION NETWORK :
Bridge CO
Routed CO
Bridge CO :
Aggregation Network contains both BSA and BNG Devices. BSA devices are used in Bridge
Network mode to aggregate BSAN devices into BNG device.
Note : Aggregation Nodes could be fully meshed to take advantage of resiliency options
such as MPLS fast reroute.
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 3/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
ROUTED CO :
In the routed CO model the aggregation network contains only the BNG devices. BNG
devices connect directly to the BSAN devices in the Access Network.
APPLICATION NETWORK :
The application Network consists of the Internet, Video Server, DHCP Server and other
Network Device used to provide triple play Services to the end user.
Based on the current subscriber trends, Tier 1 and Tier 2 CO will requires dozens of new 100
Gig ports to handle unicast video growth over the next few years.
Third Generation Network Processor (NP) for the Nokia 7750 SR the FP3, supporting packet
throughput of 400Gb/s, the FP3 provides the high performance and high bandwidth port
density to accommodate this video surge.
Converge legacy PPPoE access with IPoE to enable video and other new Service
capabilities.
Multivendor support RADIUS authentication, with built-in DHCP RADIUS proxy function to
leverage existing authentication infra.
Flexible IP address management by DHCP relay or integration DHCP server.
PPPoE based retail and wholesale support with Layer 2 Tunneling Protocol location area
code support.
Support for time- and volume- based accounting with RADIUS- or Diameter based control
to support pre-paid and other new services.
Automated provisioning of logical access interface through a manage service access point
concept to minimize operational costs and reduce time to market.
8 ingress and 8 egress queue using high speed media dependent adapter
Flexible use of network infra can act as a BNG or an Ethernet Aggeration Node (EAN)
High level of BGP redundancy in the market to ensure a high quality, always on service
experience (through Subscriber router redundancy protocol, MC Lag, pseudowire, VPLS
link redundancy.
HOME NETWORK
In home network component of the TPS network, there are at least three types of devices.
VOIP
Set top Box device to view HD
Standard Definition TV channel
The challenge for the TPS ISP is to provide all these services to the home with SLA gaurantee.
While it was acceptable to limit the bandwidth and offer best effort services to the home for
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 4/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
a typical H.S.I service in the past, the ISP now needs to be able to provide real time
bandwidth for VOIP and video application. Broadcast require 10 Mbps at any time (1 HD + 1
SD) at any time and this demand can double or triple with the number of set top boxes in
the Home Network.
RESIDENTIAL GATEWAY
The residential gateway device or the home gateway device is typically a single device that
interface the home device on one side and the wide area network or the internet on the
other side.
The RG comprises home devices connected to a gateway device, which was connected to a
modem. The modem simply allow ethernet traffic over phone and cable line, optical lines or
wireless. The RG device in the todays TSP network is a single device that combines the
modem and a router functionality.
It also provide a web server type functionality to the home user so that the home user can
login and monitor all devices, setup security, MAC address filters and wireless encryption.
This means that all the traffic marked for upstream QoS will be classsified based on
marking.
Triple play ISP also offer servcies to home user where RG is not managed by the provider.
This case the RG is not considered a trusted boundary and all upstream traffic generated
from the RG will be re marked at the BSAN or BSA/BNG devices upstream.
Bridge Mode
Routed Mode
Hybrid Mode
Bridge Mode : In this mode the RG provides a transparent layer 2 connection. The RG is
the access layer termination point and forward layer 2 datagram. Example : If a host
sends a DHCP Discover message, it just relayed transparently to the Access Layer. The RG
does not have any IP address of its own. Bridge Mode RG can be used in situation where
every host needs its own global routable IPV4 and IPV6 address or when a host does not
want to use NAT.
Routed Mode : In this RG act as a Layer 3 gateway for all the hosts in the home network.
RG has its own IP address. Routed mode commonly deployed. It also conserves the SP IP
address space. Because only one address is needed per subscriber rather than an address
for each host device. RG act as a DHCP server and performs NAT for its internal hosts.
HYBRID MODE : These RG are combination of both bridge and routed mode. For some
services RG acts like bridge mode e.g Voice/Phone services and for rest of the services its
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 5/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
act like a routed RG. Note : RG is a bridge between the home network and the access
network.
RG connectivity media :
Wired
Ethernet
Wireless
802.11 a/b/g
802.11 n
RG — DSL
ADSL : Asymmetric Digital Subscriber Line (Downstream Speed 8 Mbps and Upstream
speeds upto 1 Mbps) upto 6000ft
ADSL 2+ : (Upstream 1 Mbps and 24 Mbps downstream at 3000 ft)
VDSL : Very high bit-rate Digital Subscriber Line (VDSL2 ability to encapsulate native
ethernet on the local loop, eleminating ATM encapsulation. VDSL2 provides theoretical bit
rate of 100 Mbps upstream and 100 Mbps Downstream with loop length less than 1600
feet )
VDSL2
RG — PON/GPON
Fiber to the user (FTTU) solution. Packet optical Line Terminal (P-OLT) is placed in service
provider CO and uses Gigabit Passive Optical Network (GPON) to the home network. Optical
Network Terminal (ONT) is needed at the Home Network to connect to the RG via Ethernet
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 6/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
Fiber to the user (FTTU) provides triple play services (Voice, Video and Data) over one fiber
strand. PON/GPON can span up to several KM with multiple gb/s in both upstream and
downstream bandwidth availability is usually more than upstream availability.
RG— FTTN
Fiber to the node is a hybrid solution. It uses copper infra towards subscriber and fiber
connectivity to the CO. FTTN device places between service provider CO and Home Network
to shorten DSL loop length. Advantage to using VDSL which offers high bandwidth but
limited to short loop lengths.
RG — Microwave
The RG operated in the routed mode and makes the home network visible to the provider
network by a only Single MAC address. It act as a client towards the ISP and request an IP
address to connect to the ISP.
Functions as a DHCP server for the devices on the home network, assigning IP address
from the private range of IP addresses.
Maintain Layer 2 MAC table, where the MAC address for each home device may be known
Perform NAT
Routed Unicast packet between the home network and the provider network
Forwards Multicast packet into the home network from the provider network and vice
versa
Performs DNS query to the provider DNS servers as a proxy for the internal home device.
RG as a Routed Mode :
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 7/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
DHCPv4
DISCOVER : Broadcasting a datagram that is destined for UDP port 67. This is the first
packet .DHCP Discovery contains the MAC address of the client.
OFFER : A DHCP, which is configured to lease addresses for the network that the clinet
computer resides on, constructs a response datagram know as DHCP Offer, destination Port
Number UDP 68
DHCPv6
REPLY : A Server sends a reply message containing assigned addresses and configuration
parameters in response to a Solicit, Request, Renew, Rebind Message receive from a client. A
Server also sends a Reply message to ACK receipt of a Release or Decline Message.
FF02::1:2 Link local Scope Multicast address used by a client to communicate with the
neighboring Device. All Server and relay agents are the member of this multicast group.
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 8/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
FF05::1:3 Site scope multicast address used by a relay agent to communicate with servers,
either the relay agent send the message to all servers or because it does not know the
Unicast address of the servers. Note that in order for a relay agent to use this address, it
must have an address of sufficient scope to be reachable to the server.
PPP Protocol :
The P2P provides a standard method for transporting multiprotocol datagram over point to
point links. Three main components comprise of PPP :
PPP is an encapsulation protocol that transport higher level protocol data over a serial links
or other point to point links.
PPPoE is a protocol that encapsulate PPP packets in a Ethernet frame and by doing so, allows
many users to communicate to their respective destinations using the same underlying
multipoint bridge technology.
By using PPPoE ISP can leverage their existing Ethernet Infra and provide indivisual services
such as per customer access control and billing.
Discovery stage
Client discover PPPoE Access Concentrator Router
Session Stage
Link Establishment Stage
Authentication Phase
Network Layer Protocol Phase
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 9/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
While PPP is between two peers, PPPoE discovery is a stateless protocol where clients
discover their server (end-point) much like the DHCP protocol.
During the discovery stage, the customers/client discover their access concentrators/server
or router to which they establish a PPP session. Every session over ethernet is identified by a
unique session ID and a peer MAC address.
A client can connect to many router or access concentrators via a discovery initiation (PADI)
message. Client receive a discovery offer message from many AC and picks one of them to
specifically issues a discovery request (PADR). The AC grants a unique session ID to the client
via a session confirmation message (PADS). The cliet now proceeds to the session stage.
During the session stage, the client device establishes a session with the desired AC. The
session stage begins with a link establishment stage (LCP where link options are compared
and negotiated. The LCP stage is followed by the authentication phase when the client device
has to authenticate with the access concentrator (AC) or BNG.
R1 : Subscriber (Access)
7750 SR2 : BNG (Aggregation)
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 10/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
PACKET FLOW :
PCAP:
PADI Message:
PADO Message:
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 11/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
PADR Message:
PADS Message:
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 12/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
Debug Results :
Access-Request :
Access-Accept :
What is BNG ?
BNG router aggregates subscriber sessions to provide network access. Also casually refer as
BRAS or NAS.
A subscriber is simply a network host that connects to and receives access/Server from an
aggregate router across a shared interface with other hosts.
BNG manages subscriber identification, authorization, address, allocation and applying any
per-user services/policies.
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 13/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
BNG located between the transport network facing subscriber and a network we want to
provide and influence access to Common deployment in DSL-based broadband aggregation
or mobile wireless session aggregation.
PTA Sessions :
PTA – PPP termination/ Aggregation- Simply refers to terminating PPP subscriber sessions
locally. Two formal stages of PPPoE session establishment – PPPoE Discovery and PPP
negotiation [ LCP, Auth, IPCP]
PPPoE session initiation begins [FSOL – First Sign of Life] when PPPoE discovery phase begins
with a PADI received from a client.
PPPoE Discovery – Prior to formal PPP negotiation, PPPoE discovery is how client learn the
MAC address of the BNG and how the BNG offers a session ID.
PADI : Client initiate a session, broadcast looking for a BNG to offer a session.
PADO : BNG responds back with an offer a session, l2-unicast to the client.
PADR : Client responds back unicast confirming session request, now that it learned the
BNG’s MAC address
PADS : BNG completes PPPoE discovery phase and sends back session id.
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 14/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
PPPoE Messages :
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 15/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
PADI MESSAGE :
PADO MESSAGE :
PADR MESSAGE :
PADS MESSAGE :
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 16/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
LCP CONFIGURATION :
Following PPPoE Discovery, LCP negotiation will take place – negotiates L2 parameters,
mostly like MRU. After the link layer parameters are negotiated, authentication information
is sent form the client to the BNG. The BNG sends the authentication info to RADIUS and
receives back a Reject or an Accept with other attributes.
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 17/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 18/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
Accounting-Request :
Accounting-Close :
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 19/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
The term AAA attribute is not identical to the RADIUS attribute. AAA attribute has been
defined internally in the BNG implementation essentially, for the purpose of session
identity or configuration.
The information of identity / credential AAA attributes are normally extracted from other
source and may be translated to radius attribute which are included in the radius access-
request or accounting-request message to report to external RADIUS server.
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 20/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 21/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 22/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 23/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 24/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 25/26
10/10/2018 BNG with PPPoE Subscriber – Part I – Network Walk
https://networkwalk.blog/2018/08/24/bng-with-pppoe-subscriber-part-i/ 26/26