The Service Engine 2 (SE-2) is a high-performance aggregation router... advanced service enforcement. In a compact form factor, the SE-2...

Transcription

The Service Engine 2 (SE-2) is a high-performance aggregation router... advanced service enforcement. In a compact form factor, the SE-2...
The Service Engine 2 (SE-2) is a high-performance aggregation router for
advanced service enforcement. In a compact form factor, the SE-2 offers up to
24Gbit/s packet processing through its powerful 16-core network processor
(NPU). The system offers a full Layer 2 bridging and Layer 3 routing featureset, allowing it to be used in all common broadband network architectures in
deployment today. The service enforcement features, including shaping,
policing, Quality of Service(QoS) and deep packet inspection can be applied on
both bridged and routed traffic.
 Cost efficient aggregation of multiple access technologies
 NPU-based for full feature flexibility
 Enables advanced service differentiation and customization
 Treats each service individually for separation at service level
F.net
F.net
The SE-2 provides cost effective
aggregation of all common access
technologies, such as ADSL2+,
xDSL, PON, Ethernet over COAX,
Wireless technology and more. Even
in a network with a mix of different
access technologies, the same
services can be provided on top of
all technologies – a homogenous
service portfolio for the network.
Using the SE-2 the network
operator can deliver a complete mix
of broadband services including
Internet, IP telephony and IPTV.
Service policies defined in the SE-2
are applied to users connected
through the access technology. The
SE-2 allows centralized expensive
BRAS solutions to be replaced by a
much more scalable and distributed
solution.
The SE-2 offers an expansion slot
that can hold an additional port
module to either increase the
number of Gigabit interfaces or to
provide 10Gbit/s uplinks to the
router.
The SE-2 can treat each service
individually, allowing multiple
services to the same end-user at
the same time. Each service can
have individual parameters for
packet filtering, bandwidth shaping
per host, per subnet, per VLAN or
per interface, parameters for QoS,
security and priority. Services can
be bridged or routed, even in
combination, and the same client
host can have multiple services
simultaneously where each service
can have a specific bandwidth and
a customized policy for routing or
bridging.
Using weighted fair queuing (WFQ),
clients receive optimal traffic
distribution between different
destinations.
The SE-2 provides a complete
feature set for network security.
Built in DHCP snooping and server
capabilities are used to enforce
network security and prevent users
from injecting malicious traffic. The
system prevents ARP, MAC and IP
spoofing and ensures Layer 2 traffic
separation between end-users.
The SE-2 also deploys the realtime
protocol monitoring of IPTV, a vital
tool to provide insight into the
quality of multicast IPTV streams in
the broadband network.
The programmable script motor
allows customized and
autonomous service control.
Service conditions and behavior
can be adapted to fit any type of
existing service deployment
structure used by operators.
Existing RADIUS based
mechanisms, used for xDSL,
can be reused by the SE2 which
reduces investment costs in the
OSS system for service providers
when new services are deployed
in the network.
802.1x or DHCP messages
activate a script in the
ASR6000. The script uses
programming logic to determine
what actions to take.
Examples of script actions are:


An authentication request
may be sent to a RADIUS
server, which can respond
with attributes that the
script converts into
configuration para-meters,
such as bandwidth control.
Content of DHCP server
responses can be analysed –
for example if an IPv6 prefix
delegation option is present,
a static route for the prefix
can be installed by the
script.
The SE2 supports the concept of
service templates. A service
template consist of the
configuration commands to activate
for a particular service. When a
trigger packet is received, the SE2
can interact with a central server to
determine which service to activate
for a client and then perform self
activation of configuration
commands. This allows per client
defined service parameters such as
bandwidth and QoS
Particularly in fibre-to-the-home
networks, TV distribution using IP
multicast is increasing. Networks
are deploying hundreds of TV
channels. Typical access switches
have relatively modest packet
buffers and operate at high speeds.
If the multicast source (TV playout)
generates a bursty media stream,
then the combined traffic of unicast
and multicast may cause buffer
exhaustion and packet drop. This is
experienced by the end user as
freezing pictures or even loss of
video.
The SE-2 is able to shape bursty
multicast traffic using the network
processor which will benefit any
switch-based access network
downstream of the ASR because
the traffic pattern of the multicast
stream is evenly distributed.
The SE-2 can also inspect
multicast MPEG streams using the
Realtime Protocol Monitoring
(RPM) feature to measure the
MPEG quality. The RPM feature
supports MPEG over RTP as well as
UDP, and collects and analyzes
metrics at RTP level, Transport
Stream level and Packetized
Elementary Stream level. The errors
detected include:

sequence-error per RTP
multicast group

jitter per RTP multicast
group

missing-sync-byte per TS
multicast group

misaligned per TS multicast
group
Any detected errors can be logged,
read using SNMP, or shown by the
ASR CLI. Each ASR that runs RPM
becomes a probe, capable of
monitoring up to 50 TV channels at
the same time. If an end user
reports a problem with the TV
service, the RPM data provides an
immediate notification if a problem
is seen in the network, and if it
affected the entire network or only
a part of the network. The RPM
data may even help network
engineers to pinpoint the location
of the problem in seconds, instead
of the usual hours, or even days, of
manual troubleshooting.
When used in Layer 3 mode, each
port on the SE-2 can connect to a
different end user. Layer 3 ports
towards a large population normally
require heavy IPv4 subnetting
which rapidly consumes crucial
IPv4 address space.
iBOS contains a set of features
that allows an IPv4 subnet to
be shared among end user
clients connected on different
Layer 3 ports – even across
ASRs! Clients are made to
believe they share a larger
subnet, but any traffic between
clients within the subnet is routed
through and between ASRs. The
result is secure Layer 3 separation
between end users, a routed
topology for easy network
management, and maximum use of
scarce IPv4 address space..
The exhaustion of IPv4 address
space means that IPv6 deployment
is now mandatory in most networks.
The SE2 supports unicast IPv6
forwarding. Policies for traffic
management and QoS also support
IPv6 which means that a client can
use either IPv4 and IPv6, or both.
The following table lists the main order items in the SE2 family.
Order items
Article
Description
SE2-AC
Service Engine 2, AC power, iBOS included
SE2-DC
Service Engine 2, DC power, iBOS included
SE2-XMP-10GE2
2 10000base-X (XFP) ports
SE2-XMP-GE12
12 1000base-X (SFP) ports
SE2 accessories include various types of SFP optical modules.
Performance
Virtual Private Networking
Ethernet and Bridging
Routing protocol support
500 tunnels, transparent ethernet bridging over L2TPv3, Port forwarding over
L2TPv3,
IP over GRE, Ethernet over GRE (for mirroring only), wirespeed IP reassembly
and fragmentation
IEEE 802.3z – Gigabit Ethernet, IEEE 802.1p and 802.1Q with full VLAN range,
IEEE 802.1 D Spanning-tree, IEEE 802.1w Rapid spanning-tree, 16384 MAC
addresses,
Per VLAN learning
Unicast: OSPFv2
Multicast: PIM-SM/SSM, IGMPv2, v3
Quality of Service
Packet queueing
Policing
Weighted round robin (WRR), Weighted Fair queueing scheduling (WFQ
scheduling),
16k Single/Dual Token Bucket.Policer, with packet drop or recolor
(64kbps - 100Mbps)
Shaping
16k Shapers with packet drop or recolor (64kbps - 1000Mbps)
Queuing
8 priority queues per port, L1-L4 packet classification
Management
Security
SNMPv1, v2 and v3, TELNET, Industry standard CLI, PFDP – PacketFront
Device Protocol, NTP , SYSLOG, RS232 console serial port, DHCP, Realtime
Protocol Monitoring MPEG-2, NetFlow v9
IP spoofing protection, wirespeed IP fragment inspection, per Layer 3- nterface
packet shaper
for packets destined to CPU, Restrictable multicast access, interface mirroring
to local or remote interface, UNI isolated ports, DHCP snooping
IP Forwarding
Interfaces
Classification
3000 Layer 3 interfaces
Layer 2-4 packet classification with filtering
Per service packets and bytes accounting
Access list entry hit logging and packet counting
Multicast
2048 S, G IPv4 multicast forwarding entries, replication per port and VLAN
Unicast
15000 IPv4 routes, up to 4 paths using ECMP, 15000 IPv4 routes
Multicast
2048 S, G IPv4 multicast forwarding entries, replication per port and VLAN
Physical
Ports
10 Combo 1000 Base-T/1000 base-X (SFP) ports, 1000 Base-T ports, 2 out of
band, 10/100/1000 BaseT management interface, 1 RS-232 serial console port,
2 USB host port
Port module options
2 10000base-X (XFP) ports or 12 1000base-X (SFP) ports
Dimensions
87 (H) x 431 (W) x 500 (D) mm, (3.43” x 16.9”x 19.7”)
Weight
12 kgs (26.4 lbs)
Indicators
Link indicators for all ports
Power ON LED (Green)
System Status LED (Green and Amber)
Cooling
4 fans with speed control.
Environmental
Operating temperature
0 to 40°C, 32 to 104°F
Operating humidity
10% to 90%, non condensing
Storage temperature
-20 to 70°C, -4 to 158°F
Storage humidity
10% to 95%, non condensing
Rack mounting
Standard 19” rack mountable
Power and Safety
AC model
DC model
Redundant 1+1 hot swappable power input 90-264V, 50-60 Hz, compliant with
ETSI EN 300132 V2.1.1 Part1
Redundant 1+1 hot swappable power input 48V, compliant with ETSI EN300132
V2.1.1 Part2
LED indicators
Power LED and A and B for power indication/power failure:
Power consumption
Typical 150W, maximum 170W
BTU/hr
Typical 512, maximum 581
Regulatory Compliance
EN
IEC
EN 61000-3-2:2006
EN 61000-3-3:1995/A1:2001/A2:2005
EN 55024:1998/A1:2001/A2:2003
IEC 61000-4-2:1995/A2:2000
IEC 61000-4-3:2002,
IEC 61000-4-4:2004
IEC 61000-4-5:1995/A1:2000
IEC 61000-4-6:1996/A1:2000
IEC 61000-4-8:1993/A1:2000
IEC 61000-4-11:1994/A1:2000
PacketFront provides several different support packages with a clearly defined
Service Level Agreement (SLA) to give you the mix of technical support and
hardware replacement services that best suits your needs.
PacketFront is committed to help you protect your investment and our
Technical Assistance Center team, or approved Partners, are ready to handle
all your support issues.
Through our support web site, PacketFront provides software updates and
upgrades, and has an extensive Knowledge Base for both general network
topics and product specific questions. You will also find documentation,
release notes, product specifications and other useful information to help you
achieve the best results with your PacketFront products.
With over 10 years’ experience in the FTTH industry, PacketFront offers
individual pricing and purchasing terms. Our experienced sales team will
assist you in making the best buy possible, based on your specific needs and
current situation. To find out how you can join the growing number of Gigabit
To The Home networks using the SE2, contact sales@packetfront.net.