Cisco Systems OL-4344-01 manual Distributed Load Balancing, NBI Benefits, API Approach

Page 29

Chapter 1 About Cisco IP Solution Center

Security Requirements for MPLS VPNs

Layer 2 VPN Service

MPLS VPN Service

Inventory

IPsec VPN Service

FireWall Service

NAT Service

SLA

Deployment Flow Engine

Discovery

Workflow

NBI Benefits

The benefits of the north-bound interface are as follows:

Supports ISC services and inventory

XML-based management interface

Web-based

Human-readable encoding

Initial transport support is HTTP/SOAP

API based on domain manager convergence API

API Approach

The API approach is as follows:

Standards based encoding of management operations and payload.

Layered approach combines need for rigor with flexibility (HTTP, SOAP, CIM Operations, Data Model).

Leverages XML technology and adds a management framework.

Allows for polling-based management, event-based management, and synchronous, as well as asynchronous services.

Facilities for reliability: event numbering, tagging of requests.

Facilities for security/RBAC.

Standardized error semantics.

Transport protocol agnostic.

Distributed Load Balancing

The major aspects of distributed load balancing in ISC are as follows:

The Master server (which can be considered to be identical to the ISC Solaris workstation) distributes jobs to processing servers via a sophisticated load-balancing algorithm.

Cisco IP Solution Center, 3.0: MPLS VPN Management User Guide, 3.0

 

OL-4344-01

1-29

 

 

 

Image 29
Contents About Cisco IP Solution Center ISC Network Management Subnet Overview of ISCISC Features Service Provider Network for Vlan ID Management Resource Pools Access Domain AssignedVPN Service Profile-Based Provisioning Features and Functions Provided in Provisioning with ISCRole-Based Access Control Rbac CPE Customer’s View of the Network Customer’s and Provider’s View of the NetworkAbout Multi-VRF CEs About Provider Edge Routers PEsA Multi-VRF CE Providing Layer 3 Aggregation Mapping IPsec Tunnels to Mpls VPNs Using Templates to Customize Configuration FilesUses for the Template Function Auditing Service RequestsVPNs Sharing Sites About Mpls VPNsIntranets and Extranets Characteristics of Mpls VPNsVPN Routing and Forwarding Tables VRFs Ip vrf site2 rd VRF Implementation ConsiderationsRoute Distinguishers and Route Targets Creating a VRF InstanceCE Routing Communities Route Target CommunitiesHub and Spoke Considerations Address Space and Routing Separation Security Requirements for Mpls VPNsAddress Space Separation Routing SeparationHiding the Mpls Core Structure Securing the Routing Protocol Resistance to AttacksLabel Spoofing Securing the Mpls Core Routing AuthenticationTrusted Devices PE-CE InterfaceConnectivity Between VPNs LDP AuthenticationSeparation of CE-PE Links Security Through IP Address Resolution MP-BGP Security FeaturesAPI Functionality Supported North Bound Interface NBIEnsuring VPN Isolation API Approach Distributed Load BalancingNBI Benefits 11 Simple Flat-Based Server Load Balancing Configuration Client tier Four-Tier System ArchitectureControl tier