Cisco Systems 10000 manual Radius/Aaa, Layer 2 Tunneling Protocol Architectures

Figure 3

PTA

Service providers that wish to terminate the ATM and PPP access protocols and route subscribers’ IP packets into the core network can choose either the PPPoA or PPPoEoA protocols in the PTA architecture. The PPPoE protocol uses a PPP client on the subscriber PC and offers the ability to run multiple PCs (or sessions) over a single ATM virtual circuit. Conversely, the PPPoA protocol offloads the client to the customer premises equipment (CPE). This makes the configuration of the PC much simpler, but only a single PPP session is supported per DSL connection.

PPPoX protocols are synonymous with the residential broadband market. This popular protocol provides a well-understood method for subscriber authentication and IP address management. It has a strong legacy in the dial market; consequently, many service providers are comfortable with its deployment. It also offers many features that enhance scalability and flexibility of service offerings. The Cisco 10000 Series supports a comprehensive PPPoX application suite, including extensive AAA/RADIUS attributes to allow flexible and scalable provisioning of services.

One advantage of PPPoX with authentication is service selection. Here, a subscriber can choose a destination network or service attributes by selecting different logons or using a Web-based application. This capability is known as Service Selection Gateway.

Layer 2 Tunneling Protocol Architectures

Many service providers offer access to DSL-connected subscribers for the purposes of wholesale services. In other words, they give subscriber connections to the Internet service provider (ISP) for a percentage of the subscriber’s monthly subscription. In some cases, a provider will offer both retail and wholesale services. Retail services are usually reserved for a service provider’s own ISP and will use a PTA architecture, while wholesale services are offered for alternative ISPs and use tunneling technologies such as Layer 2 Tunneling Protocol (L2TP).

L2TP technology allows the carrier to present subscriber PPP sessions in bulk to the alternative ISP at a given remote location, and offloads authentication and IP address management services to the destination ISP. In the L2TP model, there are two main devices: the L2TP access concentrator (LAC) and the L2TP network server (LNS). The Cisco 10000 Series is usually configured as an LAC.

The LAC is situated in the carrier’s POP and provides aggregation for the Layer 2 access medium (such as ATM). It also provides a PPP switching service for subscriber sessions into the appropriate ISP’s L2TP tunnel (Figure 4). After the session arrives at the destination ISP’s LNS, the PPP session is fully authenticated and IP services are started.

Subscriber IP packets from the LNS are routed to the Internet.

The wholesale provider has little to do with subscriber connections. The main purpose of this architecture is for mass transportation of sessions from the POP to the ISP LNS.

Cisco Systems, Inc.

All contents are Copyright © 1992–2003 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.

Page 5 of 12