The Service Engine 2 (SE-2) is a high-performance aggregation router... advanced service enforcement. In a compact form factor, the SE-2...
Transcription
The Service Engine 2 (SE-2) is a high-performance aggregation router... advanced service enforcement. In a compact form factor, the SE-2...
The Service Engine 2 (SE-2) is a high-performance aggregation router for advanced service enforcement. In a compact form factor, the SE-2 offers up to 24Gbit/s packet processing through its powerful 16-core network processor (NPU). The system offers a full Layer 2 bridging and Layer 3 routing featureset, allowing it to be used in all common broadband network architectures in deployment today. The service enforcement features, including shaping, policing, Quality of Service(QoS) and deep packet inspection can be applied on both bridged and routed traffic. Cost efficient aggregation of multiple access technologies NPU-based for full feature flexibility Enables advanced service differentiation and customization Treats each service individually for separation at service level F.net F.net The SE-2 provides cost effective aggregation of all common access technologies, such as ADSL2+, xDSL, PON, Ethernet over COAX, Wireless technology and more. Even in a network with a mix of different access technologies, the same services can be provided on top of all technologies – a homogenous service portfolio for the network. Using the SE-2 the network operator can deliver a complete mix of broadband services including Internet, IP telephony and IPTV. Service policies defined in the SE-2 are applied to users connected through the access technology. The SE-2 allows centralized expensive BRAS solutions to be replaced by a much more scalable and distributed solution. The SE-2 offers an expansion slot that can hold an additional port module to either increase the number of Gigabit interfaces or to provide 10Gbit/s uplinks to the router. The SE-2 can treat each service individually, allowing multiple services to the same end-user at the same time. Each service can have individual parameters for packet filtering, bandwidth shaping per host, per subnet, per VLAN or per interface, parameters for QoS, security and priority. Services can be bridged or routed, even in combination, and the same client host can have multiple services simultaneously where each service can have a specific bandwidth and a customized policy for routing or bridging. Using weighted fair queuing (WFQ), clients receive optimal traffic distribution between different destinations. The SE-2 provides a complete feature set for network security. Built in DHCP snooping and server capabilities are used to enforce network security and prevent users from injecting malicious traffic. The system prevents ARP, MAC and IP spoofing and ensures Layer 2 traffic separation between end-users. The SE-2 also deploys the realtime protocol monitoring of IPTV, a vital tool to provide insight into the quality of multicast IPTV streams in the broadband network. The programmable script motor allows customized and autonomous service control. Service conditions and behavior can be adapted to fit any type of existing service deployment structure used by operators. Existing RADIUS based mechanisms, used for xDSL, can be reused by the SE2 which reduces investment costs in the OSS system for service providers when new services are deployed in the network. 802.1x or DHCP messages activate a script in the ASR6000. The script uses programming logic to determine what actions to take. Examples of script actions are: An authentication request may be sent to a RADIUS server, which can respond with attributes that the script converts into configuration para-meters, such as bandwidth control. Content of DHCP server responses can be analysed – for example if an IPv6 prefix delegation option is present, a static route for the prefix can be installed by the script. The SE2 supports the concept of service templates. A service template consist of the configuration commands to activate for a particular service. When a trigger packet is received, the SE2 can interact with a central server to determine which service to activate for a client and then perform self activation of configuration commands. This allows per client defined service parameters such as bandwidth and QoS Particularly in fibre-to-the-home networks, TV distribution using IP multicast is increasing. Networks are deploying hundreds of TV channels. Typical access switches have relatively modest packet buffers and operate at high speeds. If the multicast source (TV playout) generates a bursty media stream, then the combined traffic of unicast and multicast may cause buffer exhaustion and packet drop. This is experienced by the end user as freezing pictures or even loss of video. The SE-2 is able to shape bursty multicast traffic using the network processor which will benefit any switch-based access network downstream of the ASR because the traffic pattern of the multicast stream is evenly distributed. The SE-2 can also inspect multicast MPEG streams using the Realtime Protocol Monitoring (RPM) feature to measure the MPEG quality. The RPM feature supports MPEG over RTP as well as UDP, and collects and analyzes metrics at RTP level, Transport Stream level and Packetized Elementary Stream level. The errors detected include: sequence-error per RTP multicast group jitter per RTP multicast group missing-sync-byte per TS multicast group misaligned per TS multicast group Any detected errors can be logged, read using SNMP, or shown by the ASR CLI. Each ASR that runs RPM becomes a probe, capable of monitoring up to 50 TV channels at the same time. If an end user reports a problem with the TV service, the RPM data provides an immediate notification if a problem is seen in the network, and if it affected the entire network or only a part of the network. The RPM data may even help network engineers to pinpoint the location of the problem in seconds, instead of the usual hours, or even days, of manual troubleshooting. When used in Layer 3 mode, each port on the SE-2 can connect to a different end user. Layer 3 ports towards a large population normally require heavy IPv4 subnetting which rapidly consumes crucial IPv4 address space. iBOS contains a set of features that allows an IPv4 subnet to be shared among end user clients connected on different Layer 3 ports – even across ASRs! Clients are made to believe they share a larger subnet, but any traffic between clients within the subnet is routed through and between ASRs. The result is secure Layer 3 separation between end users, a routed topology for easy network management, and maximum use of scarce IPv4 address space.. The exhaustion of IPv4 address space means that IPv6 deployment is now mandatory in most networks. The SE2 supports unicast IPv6 forwarding. Policies for traffic management and QoS also support IPv6 which means that a client can use either IPv4 and IPv6, or both. The following table lists the main order items in the SE2 family. Order items Article Description SE2-AC Service Engine 2, AC power, iBOS included SE2-DC Service Engine 2, DC power, iBOS included SE2-XMP-10GE2 2 10000base-X (XFP) ports SE2-XMP-GE12 12 1000base-X (SFP) ports SE2 accessories include various types of SFP optical modules. Performance Virtual Private Networking Ethernet and Bridging Routing protocol support 500 tunnels, transparent ethernet bridging over L2TPv3, Port forwarding over L2TPv3, IP over GRE, Ethernet over GRE (for mirroring only), wirespeed IP reassembly and fragmentation IEEE 802.3z – Gigabit Ethernet, IEEE 802.1p and 802.1Q with full VLAN range, IEEE 802.1 D Spanning-tree, IEEE 802.1w Rapid spanning-tree, 16384 MAC addresses, Per VLAN learning Unicast: OSPFv2 Multicast: PIM-SM/SSM, IGMPv2, v3 Quality of Service Packet queueing Policing Weighted round robin (WRR), Weighted Fair queueing scheduling (WFQ scheduling), 16k Single/Dual Token Bucket.Policer, with packet drop or recolor (64kbps - 100Mbps) Shaping 16k Shapers with packet drop or recolor (64kbps - 1000Mbps) Queuing 8 priority queues per port, L1-L4 packet classification Management Security SNMPv1, v2 and v3, TELNET, Industry standard CLI, PFDP – PacketFront Device Protocol, NTP , SYSLOG, RS232 console serial port, DHCP, Realtime Protocol Monitoring MPEG-2, NetFlow v9 IP spoofing protection, wirespeed IP fragment inspection, per Layer 3- nterface packet shaper for packets destined to CPU, Restrictable multicast access, interface mirroring to local or remote interface, UNI isolated ports, DHCP snooping IP Forwarding Interfaces Classification 3000 Layer 3 interfaces Layer 2-4 packet classification with filtering Per service packets and bytes accounting Access list entry hit logging and packet counting Multicast 2048 S, G IPv4 multicast forwarding entries, replication per port and VLAN Unicast 15000 IPv4 routes, up to 4 paths using ECMP, 15000 IPv4 routes Multicast 2048 S, G IPv4 multicast forwarding entries, replication per port and VLAN Physical Ports 10 Combo 1000 Base-T/1000 base-X (SFP) ports, 1000 Base-T ports, 2 out of band, 10/100/1000 BaseT management interface, 1 RS-232 serial console port, 2 USB host port Port module options 2 10000base-X (XFP) ports or 12 1000base-X (SFP) ports Dimensions 87 (H) x 431 (W) x 500 (D) mm, (3.43” x 16.9”x 19.7”) Weight 12 kgs (26.4 lbs) Indicators Link indicators for all ports Power ON LED (Green) System Status LED (Green and Amber) Cooling 4 fans with speed control. Environmental Operating temperature 0 to 40°C, 32 to 104°F Operating humidity 10% to 90%, non condensing Storage temperature -20 to 70°C, -4 to 158°F Storage humidity 10% to 95%, non condensing Rack mounting Standard 19” rack mountable Power and Safety AC model DC model Redundant 1+1 hot swappable power input 90-264V, 50-60 Hz, compliant with ETSI EN 300132 V2.1.1 Part1 Redundant 1+1 hot swappable power input 48V, compliant with ETSI EN300132 V2.1.1 Part2 LED indicators Power LED and A and B for power indication/power failure: Power consumption Typical 150W, maximum 170W BTU/hr Typical 512, maximum 581 Regulatory Compliance EN IEC EN 61000-3-2:2006 EN 61000-3-3:1995/A1:2001/A2:2005 EN 55024:1998/A1:2001/A2:2003 IEC 61000-4-2:1995/A2:2000 IEC 61000-4-3:2002, IEC 61000-4-4:2004 IEC 61000-4-5:1995/A1:2000 IEC 61000-4-6:1996/A1:2000 IEC 61000-4-8:1993/A1:2000 IEC 61000-4-11:1994/A1:2000 PacketFront provides several different support packages with a clearly defined Service Level Agreement (SLA) to give you the mix of technical support and hardware replacement services that best suits your needs. PacketFront is committed to help you protect your investment and our Technical Assistance Center team, or approved Partners, are ready to handle all your support issues. Through our support web site, PacketFront provides software updates and upgrades, and has an extensive Knowledge Base for both general network topics and product specific questions. You will also find documentation, release notes, product specifications and other useful information to help you achieve the best results with your PacketFront products. With over 10 years’ experience in the FTTH industry, PacketFront offers individual pricing and purchasing terms. Our experienced sales team will assist you in making the best buy possible, based on your specific needs and current situation. To find out how you can join the growing number of Gigabit To The Home networks using the SE2, contact sales@packetfront.net.