Cisco Systems OL-4344-01 manual ISC Features

Page 3

Chapter 1 About Cisco IP Solution Center

Overview of ISC

It is not required that the set of IPv4 addresses used in any two VPNs be mutually exclusive because the PEs translate IPv4 addresses into IPv4 VPN entities by using MP-BGP with extended community attributes.

The set of IP addresses used in a VPN, however, must be exclusive of the set of addresses used in the provider network. Every CE must be able to address the PEs to which it is directly attached. Thus, the IP addresses of the PEs must not be duplicated in any VPN.

ISC Features

ISC offers the following features:

High Availability and Distributed Architecture

Various protocols supported for the PE-CE link

Multicast VPN support

VRF Lite/Multi-VRF support

Site of Origin support

ATM/IMA interface support

Unmanaged CPE with no CPE definition required

Single service request for multiple MPLS VPN links

MPLS VPN Service Policy support

Service workflow for customizing MPLS VPN service activation

Layer 2 Ethernet Access into MPLS VPNs

One of ISC key features is to hide much of the complexity in dealing with the deployment of Metro services.

Autodiscovery: ISC supports Autodiscovery of network elements, of network topology, and MPLS VPN services. This feature greatly reduces the initial effort needed to insert ISC in the service provider’s operation. For details, refer to Chapter 3, “Discovering the Network.”

Managed CLE: ISC offers the capability of managing the Customer Located Equipment (CLE), which gives the service provider the possibility of offering a managed Metro Service to their customer (configuration, monitoring, and auditing of the managed CLE).

Plug and Play: As the network and customer base grow, network elements can be added to the network. ISC, working in collaboration with CNS Intelligent Agents, is able to detect newly added Network Elements.

This gives the service provider the ability to rapidly deploy services and network elements.

End-To-End Service Management: ISC manages the entire end-to-end provisioning of MPLS VPN services. Assuming that the network operator defined MPLS VPN service policy and the parameters that are to be editable by the service operator during the provisioning process, ISC translates these service requirements into IOS configurations. ISC does a just-in-time Cisco IOS configuration download, which consist of always validating the configuration of the real devices before applying the needed configuration.

Once a service is configured, ISC makes sure that the service configuration is the intended one by checking the configuration and verifying that VPN routing is operational.

Cisco IP Solution Center, 3.0: MPLS VPN Management User Guide, 3.0

 

OL-4344-01

1-3

 

 

 

Page 2 Page 4
Image 3
Page 2 Page 4
Contents About Cisco IP Solution Center ISC Network Management Subnet Overview of ISCISC Features Service Provider Network for Vlan ID Management Resource Pools Access Domain AssignedVPN Service Profile-Based Provisioning Features and Functions Provided in Provisioning with ISCRole-Based Access Control Rbac CPE Customer’s View of the Network Customer’s and Provider’s View of the NetworkAbout Multi-VRF CEs About Provider Edge Routers PEsA Multi-VRF CE Providing Layer 3 Aggregation Mapping IPsec Tunnels to Mpls VPNs Using Templates to Customize Configuration FilesUses for the Template Function Auditing Service RequestsVPNs Sharing Sites About Mpls VPNsIntranets and Extranets Characteristics of Mpls VPNsVPN Routing and Forwarding Tables VRFs Ip vrf site2 rd VRF Implementation ConsiderationsRoute Distinguishers and Route Targets Creating a VRF InstanceCE Routing Communities Route Target CommunitiesHub and Spoke Considerations Routing Separation Security Requirements for Mpls VPNsAddress Space and Routing Separation Address Space SeparationHiding the Mpls Core Structure Securing the Routing Protocol Resistance to AttacksLabel Spoofing PE-CE Interface Routing AuthenticationSecuring the Mpls Core Trusted DevicesLDP Authentication Separation of CE-PE LinksConnectivity Between VPNs Security Through IP Address Resolution MP-BGP Security FeaturesNorth Bound Interface NBI Ensuring VPN IsolationAPI Functionality Supported Distributed Load Balancing NBI BenefitsAPI Approach 11 Simple Flat-Based Server Load Balancing Configuration Client tier Four-Tier System ArchitectureControl tier
Top Page Image Contents