Time for users to consider splitting L2 services from IP ? Christian de Larrinaga
> On 6 Feb 2014, at 08:01, Mark Tinka <[email protected]> wrote: > > On Thursday, February 06, 2014 09:19:59 AM Måns Nilsson > wrote: > >> Or, one could make sure everything has a globally unique >> IP address and is using reasonably secured >> communications. The downside is that one then can't >> defend the existence of those empire-building >> middleboxes. It is not the telco way, so is of course >> unthinkable. Like anything beyond WAP was on cell phones >> a decade ago. > > There are, typically, three topology models for modern FTTH > (wireline, really) networks that a service provider could > deploy: > > 1. SVLAN N:1 model > 2. CVLAN 1:1 model > 3. Hybrid of both > > The SVLAN (N:1) model is simple; just have a single VLAN for > each service (VLAN 10 for Internet/Unicast, VLAN 20 for > VoIP, VLAN 30 for IPTv/Multicast). This is simple and easy > to scale, but if one is using relatively "dumb" AN's (like > GPON's or MSAN's), it can be difficult to control how much > bandwidth customers need, and how they can roam between > services in the home (given CPE ties services to ports). > > The CVLAN (1:1) model is good for identifying services and > bandwidth requirements on a per-customer basis. The main > problem with this model is that Multicast traffic gets > treated like Unicast, because each customer has a unique > VLAN for themselves, and as such, the upstream PE router > ends up having to replicate the same linear video stream as > many times as there are customers down the line. > > The Hybrid model, where CVLAN's are used for all Unicast > traffic (Internet, VoIP and VoD, typically), and a single > SVLAN is used for all customers to handle Multicast traffic > (so-called MVLAN). The challenge here is if you're the type > of operator that likes to have a consistent set of address > per VLAN, it can become a little tricky if your VoIP service > is a walled-garden running on private IP space, given it > shares the same VLAN as Internet and VoD which would > normally run on public IP space. > > The N:1 SVLAN model is quite simple and scalable for > wholesale FTTH services. > > There is product from some vendors, now, that is built with > FTTH in mind. 1U, dense switches (Active-E) that support > (reasonably) proper QoS and bandwidth management controls on > customer- and core-facing ports, at Layer 2. So that offers > you a lot more capability at the AN, and you can manage > bandwidth as close to the customer as possible, unlike > typical GPON deployments which may not have these features, > leaving you to apply bandwidth policy at the PE router - > much too far up the line. > > These new products can also support split horizons across > bridge domains (which GPON's and DSLAM's do today), meaning > that customers can use the same SVLAN's, but can only > communicate via the upstream router (Layer 3), eliminating > risk associated with Layer 2 visibility between customers > connected to the same bridge domain. > > Cheers, > > Mark.
