SmartEdge OS Release 11.1.1.1
for SmartEdge Routers

Contents

1Introduction
1.1Purpose
1.2Revision Information

2

General Impact
2.1Capacity and Performance
2.2Hardware
2.3Implementation
2.4Interface
2.5Memory
2.6Operation
2.7Obsolete Features
2.8Other Network Elements

3

Summary of Impacts Per Feature
3.1Broadband Remote Access Server
3.2Deep Packet Inspection
3.3Platform

4

Additional Information
4.1New Documentation

Glossary

Reference List
Copyright

© Ericsson AB 2011. All rights reserved. No part of this document may be reproduced in any form without the written permission of the copyright owner.

Disclaimer

The contents of this document are subject to revision without notice due to continued progress in methodology, design and manufacturing. Ericsson shall have no liability for any error or damage of any kind resulting from the use of this document.

Trademark List
SmartEdge is a registered trademark of Telefonaktiebolaget LM Ericsson.

1   Introduction

The Network Impact Report (NIR) describes how the current release of the SmartEdge® OS, with new and changed features, differs from the previous release of the SmartEdge OS and how this affects the operator's overall network, including all affected products and functions.

1.1   Purpose

The purpose of this document is to provide sufficient information at an early stage to Ericsson system operators to help them plan the introduction of new products and upgrades to their networks.

This document is a living document and is subject to change during the development of the new release. Therefore, part of the information may be incomplete or unavailable until General Availability (GA) of the new SmartEdge OS release.

1.2   Revision Information

Other than editorial changes, this document has been revised as follows:

Table 1    Revision Information

Rev

Date

Description

A

June 20, 2011

First edition.

2   General Impact

2.1   Capacity and Performance

This section provides information about capacity and performance.

2.1.1   Subscriber Capacity

No changes to subscriber capacity occurred in this release.

2.1.2   Network Performance

This information is not available at this time.

2.2   Hardware

This section describes changes in hardware that have occurred with this release of the SmartEdge OS.

The following hardware is new or changed in this release.

2.2.1   New Cards

2.2.1.1   Channelized OC-3/STM-1 or OC-12/STM-4 Line Card

The Channelized OC-3/STM-1 or OC-12/STM-4 card can be used with either 8/2 or 4/1 ports. By default, this card is licensed for use with the first four ports – ports 1-4 (ROA1283420/2); and requires a different license (ROA1283420/1) to enable the additional four ports – ports 5-8. It supports software licenses applied per slot. A per-slot software license is applied to an individual slot, not to the entire chassis.

The Channelized 8/4-port OC-3/STM-1 or 2/1-port OC-12/STM-4 card is a multiservice card for the SmartEdge router with channelization capabilities down to fractional E1/T1. The Channelized OC-3/STM-1 card supports eight or four SONET SMF ports; each operates at 155.52 Mbps. The Channelized OC-12/STM-4 card supports two or one SONET SMF ports; each operates at 622.08 Mbps. Both OC-3/12 and STM-1/4 ports can be channelized to DS0.

This card does not support concatenated STN-n/STM-n signals, such as STS-3c and OC-3c.

All ports on a Channelized OC-3/STM-1 or OC-12/STM-4 line card must be configured for either SONET framing (OC-3/OC-12) or SDH framing (STM-1/STM-4). That is, all ports on a card must be SONET or SDH; combination of SONET and SDH is not supported. The first port configured on the card limits the configuration of the remaining ports to the same framing type.

For more information on how to configure channelized ports, seeConfiguring Channelized Ports .

There are two 4-port groups on this channelized card:

When ports 1 and 5 are in use as OC-12/SMT-4, the other six ports are not available.

A total of 1000 unchannelized channels of Packet Over SONET (POS) are supported on each 4-port group.

2.3   Implementation

This section describes the minimum software requirements for implementing a new revision of the SmartEdge OS and provides release-specific upgrade information.

For detailed software installation and upgrade instructions, see Reference [7].

2.3.1   Upgrade Paths

SmartEdge systems can up be upgraded to the SmartEdge OS Release 11.1.1.1 from any previous release.

However, keep the following in mind:

If your system does not include this deprecated hardware, you can upgrade directly to this release. For systems running the deprecated hardware, do the following to upgrade to this release:

2.3.2   Required System Components

The following system components are required in this release.

2.3.2.1   Required Boot ROM Versions

This release requires the boot ROM versions listed in in the following table:.

Table 2    Required Boot ROM Versions

Card Type

Version

Filename

XCRP4

2.0.2.45

OFW-XC4-2.0.2.45.fallback.md5

SmartEdge 100 controller

2.0.1.4

OFW-se100-2.0.1.4.primary.bin

ASE

2.0.2.45

OFW-ASE-2.0.2.45.fallback.md5

SSE

2.0.2.56

OFW-FSSB-2.0.2.56.ofwbin.md5

2.3.2.2   Required Minikernel Versions

This release requires the minikernel versions listed in the following table:

Table 3    Required Minikernel Versions

Card Type

Version

Filename

XCRP4

11.7

MINIKERN_RBN64-xc4.p11.v7

SmartEdge 100 controller

2.7

se100-minikernel.p2.v7.bin

ASE

13.10

MINIKERN_ASE64-ase.p13.v10

SSE

N/A

N/A

2.3.3   Upgrade Alerts

This section identifies situations that require additional steps or may affect your system before you upgrade to this release.

In addition, before you upgrade, check for any relevant security notifications on the Ericsson E-business portal at https://ebusiness.ericsson.net.


 Stop! 
The Advanced Services Engine (ASE) card must be running the correct version of the boot ROM and so must the SmartEdge OS system. To avoid a serious equipment outage in the field, if you are running SmartEdge OS Release 6.2.1.5 or later on either the ASE or the SmartEdge OS system, DO NOT DOWNGRADE to 6.2.1.4 or earlier. If you must downgrade, contact your support representative for an equipment-safe procedure. Downgrading from these releases can cause permanent damage to the ASE.

2.3.3.1   Preserve Link Group and Bridge Profile Behavior

In Release 6.1.4.1 and subsequent, a port or circuit can be associated with either a bridge profile or a link group, but not both. If you are upgrading from an earlier release in which you have one or more ports or circuits associated with both a bridge profile and a link group and you want to preserve existing behavior after the upgrade, perform the following steps:

  1. If you have bridge profiles configured directly under any of the physical ports belonging to a link group, remove them. Change bridge profile configuration so that the bridge profile is configured for the link group—not the port or circuit.
  2. Use the show configuration command to display the link-group configuration.
  3. Copy the link-group configuration to a text file.
  4. Upgrade the SmartEdge router to this release.
  5. Use the text file you created with link group configuration information to reconfigure the bridge profiles under the dot1q pvc mode under the link group. This must be done manually.
  6. Verify that the link group configuration and bridge profile configuration is correct.

2.3.3.2   Remove IS-IS Graceful Restart

If you are upgrading from a release earlier than Release 6.1.4.3, you must perform extra steps to handle changes to IS-IS graceful restart.

The implementation of IS-IS graceful restart in Release 6.1.4.3 and subsequent releases does not interoperate with the previous implementations of the feature. As a result, for IS-IS graceful restart, systems running earlier releases of the SmartEdge OS do not interoperate with those running Release 6.1.4.3 and later. All SmartEdge IS-IS systems in your network must be running the same version of graceful restart; different versions do not interoperate.

In addition, in Release 6.1.4.3, the command [no] graceful-restart replaced the [no] restart graceful-time command.

To upgrade from a release earlier than Release 6.1.4.3:

  1. Disable IS-IS graceful restart by using the no restart graceful-time command (pre-Release 6.1.4.3 version of the command).
  2. Upgrade all adjacent IS-IS routers.
  3. Re-enable IS-IS graceful restart by using the graceful-restart command (Release 6.1.4.3 and later version of the command).

If you need to downgrade to a release earlier than 6.1.4.3:

  1. Disable IS-IS graceful restart by using the no graceful-restart command (Release 6.1.4.3 and later version of the command) on all adjacent routers.
  2. For each adjacent IS-IS router:
    1. Downgrade the SmartEdge OS.
    2. Use the no restart graceful-time command (pre-Release 6.1.4.3 version of the command) to disable IS-IS graceful on that router until all other IS-IS routers have been downgraded.
  3. Re-enable IS-IS graceful restart by using the restart graceful-time command (pre-Release 6.1.4.3 version of the command) on all adjacent routers.

2.4   Interface

This section describes interface changes between the existing and new revisions of the SmartEdge OS that may require changes to the operators' systems, technical plans, training of network operator personnel, and so on.

2.4.1   Inter-Node Interface

No changes to inter-node interfaces occurred in this release.

2.4.2   Man-Machine Interface

2.4.2.1   Changes to SNMP Walk Operation Results on RBN-QOS-MIB Tables

In previous releases, an SNMP walk operation on these RBN-QOS-MIB interface tables returned MIB objects only when statistics counters were detected:

In this release, an SNMP walk operation returns these MIB objects only if Quality of Service (QoS) is configured, even if no statistics counter is supported. If no statistics counter is detected, a zero (0) value is returned in the results.

Note:  
The interface MIB tables include MIB objects only if the corresponding QoS configurations exist.

Table 4 describes the parallelism between MIB tables and objects for non-subscriber (bind interface) and subscriber (bind subscriber or auth subscriber) circuits.

Table 4    RBN-QOS-MIB Circuits

Non-subscriber circuits

Subscriber circuits

IF-MIB::


ifTable / ifXTable

RBN-SUBSCRIBER-ACTIVE-MIB::


rbnSubsActiveTable/rbnSubsStatsTable

RBN-QOS-MIB::


rbnQosInterfaceTable

N/A

RBN-QOS-MIB::


rbnQosInterfaceQueueStatsTable

RBN-QOS-MIB::


rbnQosSubscriberQueueStatsTable

RBN-QOS-MIB::


rbnQosIntfRLClassStatsTable

RBN-QOS-MIB::


rbnQosSubscriberRLClassStatsTable

RBN-QOS-MIB::


rbnQosHierarchicalPolicyStatsTable

N/A

RBN-QOSMIB::


rbnQosHierarchicalPClassStatsTable

N/A

For information on using the RBN-QoS-MIB tables, see Reference [11].

2.5   Memory

In general, memory usage in the base system, increases slightly from release to release due to changes for new software and hardware features.

From image to image, higher memory usage may occur across applications such as BRAS, Layer 2 to Layer 3 operation, DPI, and IPsec. This is typically due to support for new features or infrastructural changes in the release. Memory increase may also vary based on configuration and which features are enabled.

2.6   Operation

This section describes major changes between the existing and new revision of the SmartEdge OS that affect the daily operations of the network operator.

2.6.1   BRAS Operation

This section describes impacts to the Broadband Remote Access Server (BRAS) Market Application.

2.6.1.1   Enhanced Carrier Grade NAT

In this release, Carrier Grade NAT (CGN) has been enhanced to support:

For more information about configuring enhanced CGNAT, see Configuring NAT Policies.

2.6.1.1.1   New Commands
2.6.1.1.2   Enhanced Commands

2.6.1.1.3   Restrictions and Limitations

Licensing

To configure enhanced carrier grade NAT features on the SmartEdge router, you must have enabled the NAT enhanced license with the nat enhanced password nat_password command. For information about enabling NAT licensed features, see Enabling Licensed Features.

Pools and Policies Limitations

With enhanced NAT, the SmartEdge router does not support configuration changes to pools and policies that are already bound. In some cases, the CLI restricts you from making these changes. As a result, you must completely unbound policies and then bind them for the changes to take full effect.

Circuit Limitations

CGN is supported on the following subscriber circuits:

The following are not supported:

Paired Mode Limitations

Logging Limitations

Exclude Limitations

2.6.1.1.4   Change in Behavior for Endpoint-Independent Filtering

Previously, when endpoint-independent filtering was not applied, packets in the class were filtered only in the inbound direction; all packets sent from the local endpoint reached their destinations, but incoming packets were dropped. Now, when no endpoint-independent filtering is configured, UDP and TCP packets in both the outbound and inbound directions are filtered. Previously, endpoint-independent filtering configuration was only available for UDP transport, but with enhanced Network Address Translation (NAT), TCP configuration is also allowed.

Note:  
When endpoint-independent filtering is applied, NAT is not filtering. For example, allowing P2MP traffic.

2.6.1.1.5   Change in Behavior for Port Assignment

By default, when an assignment of a port is denied by NAT due to any reason, ICMP messages are now generated to the private endpoint. To revert to the previous default behavior, enable the no icmp-notification command at the class level.

2.6.1.2   Dynamic CLIPS on 802.1Q On-Demand PVCs

This release supports dynamic CLIPS on 802.1Q on-demand PVCs. For more information about configuring this feature, see Configuring CLIPS and service clips dhcp.

2.6.1.2.1   Enhanced Commands
2.6.1.2.2   Restrictions and Limitations

Regular and on-demand PVCs with the same 802.1Q PVC ID are supported. However, regular 802.1Q PVC configuration takes precedence over on-demand PVC configuration. For example:

[local]Redback(config-port)#dot1q pvc on-demand 1 
[local]Redback(config-port)#dot1q pvc 1 

[local]Redback#show configuration port 2/1
!
port ethernet 2/1
 no shutdown
 encapsulation dot1q
 dot1q pvc on-demand 1 
 dot1q pvc 1          <= Overrides the on-demand configuration
!

The following are not supported:

The following CLI commands, which are supported on static PVCs, are not supported on CCOD circuits:


The following table illustrates the change of CLIPS behavior when the configuration is changed from the initial configuration to the final configuration when both regular and on-demand configuration exists on the same PVC.

Table 5    Behavior of CLIPS when both Regular and On-Demand Configuration Exists on the Same PVC

Case

Result of Initial Configuration

Result of Final Configuration

Expected Behavior

1

port ethernet 2/1
 no shutdown
 encapsulation dot1q
 dot1q pvc on-demand 1 
    service clips &mldr;              

port ethernet 2/1
 no shutdown
 encapsulation dot1q
 dot1q pvc on-demand 1 
    service clips &mldr; 
 dot1q pvc 1
    service clips &mldr;             

CLIPS subscriber sessions (if any) on on-demand pvc 1 session are torn down. Recovery over pvc 1, depends on configuration and lease times.


Packets are dropped during the transition from on-demand configuration of the session to static configuration.

2

port ethernet 2/1
 no shutdown
 encapsulation dot1q
 dot1q pvc 1 
    service clips &mldr;              

port ethernet 2/1
 no shutdown
 encapsulation dot1q
 dot1q pvc on-demand 1 
    service clips &mldr; 
 dot1q pvc 1
    service clips &mldr;             

No impact on CLIPS subscribers.

3

port ethernet 2/1
 no shutdown
 encapsulation dot1q
 dot1q pvc on-demand 1 
    service clips &mldr; 
 dot1q pvc 1
    service clips 

port ethernet 2/1
 no shutdown
 encapsulation dot1q
 dot1q pvc on-demand 1 
    service clips &mldr; 

CLIPS subscribers (if any) on pvc 1 session are torn down. Recovery depends on the configuration, lease times, and when on-demand pvc 1 is created based on packet activity.


Packets are dropped during the transition from static PVC configuration of the session to on-demand circuit configuration.

4

port ethernet 2/1
 no shutdown
 encapsulation dot1q
 dot1q pvc on-demand 1 
    service clips &mldr; 
 dot1q pvc 1
    service clips &mldr;             

port ethernet 2/1
 no shutdown
 encapsulation dot1q
 dot1q pvc 1
    service clips &mldr;             

No impact on CLIPS subscribers.


2.6.1.2.3   QoS Guidelines for dot1q On-Demand Circuits

The QoS policy on the parent CCOD circuit is inherited by the subscriber, or you apply the QoS policy directly under the subscriber record by using the CLI or RADIUS.

The following guidelines apply to QoS support for 802.1Q on-demand circuits:

Note:  
When a new QoS policy binding configuration under the on-demand 802.1Q PVC or range is applied, the configuration is applied only to new CCOD circuits and subscribers. . Existing CCOD circuits and subscribers are not impacted.

When you remove the QoS configuration from the 802.1Q on-demand PVC configuration, existing CCOD circuits and CLIPS subscriber circuits are not impacted. New CCOD circuits or CLIPS subscriber circuits use the existing QoS bindings on the parent CCOD circuit.


The following access control list (ACL) features are supported:

2.6.1.3   Single-Session BFD over LAG for IPv4 and IPv6

The SmartEdge OS now supports single-session Bidirectional Forwarding Detection (BFD) on link aggregation groups (LAGs). Previously, the SmartEdge OS supported only multiple-session BFD over LAGs. Support is as follows:

Single- and multiple-session BFD are supported on inter- and intracard IPv6 and IPv4 LAGs. Single-session BFD packets can be transmitted and received on any link within a LAG.

Note:  
BFD is not supported on access LAGs.

Single-session BFD is preferable to multiple-session BFD when:

Note:  
When a link fails, the router (or any intermediate switch) must switch over to an active link if available. If a switchover does not happen, nondeterministic BFD states can occur (for example, the BFD session may go down or flap).

The following commands support this feature:

2.6.1.4   New Match Criteria for IPv6 ACLs

IPv6 ACLs now includes match criteria to classify a packet based on:

The new match criteria are supported for IPv6 filter and policy ACLs and for IPv4 policy ACLs.

Table 1 describes the new keywords for the permit and deny commands.

Table 6    New IPv6 ACL Match Criteria

fragments

Allows packet to be permitted or denied based on whether the packet is fragmented.

setup

Specifies that TCP packets with SYN set and ACK not set in the Flags field are a match.

invalid-tcp-flags

Specifies that TCP packets with particular flag combinations are a match.

The new keywords of invalid-tcp-flags, setup, and fragments are now also reflected in the following show commands:

2.6.1.5   Change in Processing for "redistribute" (IS-IS) Command

Previously, when no metric was configured in the redistribute (IS-IS) command, and the route-map command option either specified a metric or not, the original route metric was not used in the Intermediate System-to-Intermediate System (IS-IS) domain. As a result, no (0) prefix metric was used in the IS-IS domain. In this release, the metric that is configured by the route-map command option is used as the internal prefix in the IS-IS domain, when no metric is configured by the redistribute (IS-IS) command. In addition, if no metric is configured in the route-map command option, the original route metric is used as the internal prefix in the IS-IS domain.

PPA2 and PPA3

2.6.1.6   Event Accounting for PD Prefix Events for Dual- and Single-Stack IPv6 Subscribers

This release supports inclusion of Prefix Delegation (PD) prefix transition events in event accounting messages sent for single- and dual-stack subscriber sessions in cases where dynamic assignment or release of IPv6 host addresses occurs through DHCPv6.

2.6.1.6.1   Enhanced Commands

The following commands have been enhanced to include the new keyword dhcpv6, which enables event accounting for PD prefix events:

2.6.1.6.2   New Reason Codes

Vendor-Specific Attribute (VSA) 144 (Acct_Reason) describes the reason for sending subscriber accounting packets to the RADIUS server. This VSA has been enhanced to include two new reason codes, one each for the assignment and release of a delegated PD prefix.

2.6.1.7   IPv6 LAG - QoS and ACL Support

This release supports quality of service (QoS) and access control list (ACL) functionality on IPv6 traffic on an access link aggregation group (LAG).

2.6.1.7.1   Restrictions and Limitations

2.6.1.8   LNS Support for IPv6 Subscribers

In previous releases, the SmartEdge router provided L2TP access concentrator (LAC) support for dual-stack (IPv4, IPv6, or both) subscriber services. With this release, the SmartEdge router also provides L2TP network server (LNS) support for dual-stack subscriber services. Dual-stack Point-to-Point Protocol (PPP) sessions can be terminated on a SmartEdge LNS. The L2TP tunnel endpoint is over an IPv4(/MPLS) cloud; however the L2TP tunnel carries PPP frames that encapsulate both IPv4 and IPv6 subscriber traffic. IPv6 packets are not fragmented on the LNS. The IPV6 packet is encapsulated in the IPv4 tunnel, and the IPv4 tunnel packets are fragmented. No new CLI commands support this feature.

2.6.1.9   Channelized OC-3/STM-1 or OC-12/STM-4 Line Card Configuration

The system now supports the Channelized OC-3/STM-1 or OC-12/STM-4 line card. This line card is an 8-port dual-services card for SmartEdge systems, with channelization capabilities down to fractional E1/T1. Both SONET (Synchronous Optical Networking) and SDH (Synchronous Digital Hierarchy) mappings are supported. Circuit Emulation, PPP (Point to Point Protocol), and MLPPP (Multilink Point to Point Protocol) services are all supported on the same card, with service types configured independently down to the physical port level. The card hardware supports DS3, DS1, DS0 group (nx64K), and channelization for all Packet over SONET (POS) services. It also supports channelization for Circuit Emulation Services (CES). CES uses CESoPSN (Circuit Emulation Services over Packet Switched Networks) supporting up to 16 timing domains with adaptive clock recovery.

2.6.1.9.1   Channelized OC-3/STM-1 or OC-12/STM-4 Line Card Ports

The Channelized OC-3/STM-1 or OC-12/STM-4 line card has eight ports divided into two 4-port groups:

Restrictions and Limitations

2.6.1.9.2   APS Port Protection

Automatic Protection Switching (APS) is described in detail in the Configuring APS MSP document.

You can configure POS and CES ports as part of a 1+1 APS group. APS commands and functionality include:

APS is not configurable on a per-channel basis.

The ports in an APS group can be on the same card, or on different cards, with the following restrictions:

When unbinding the port from an APS group, the following occurs:

2.6.1.9.3   Port and Channel Loopback

Loopback can be applied to ports, channels, and subchannels on a Channelized OC-3/STM-1 or OC-12/STM-4 line card. Loopback support is identical for CES ports and POS ports. Refer to the following table for the port and channel loopback types supported.

Table 7    Port and Channel Loopback Support

Port/Channel Type

Loopback

Comments

Line

Local/Internal

Remote

OC-n/STM-n Port

Yes

Yes

No

Requires C-Bit Framing

DS3 Channel

Yes

Yes

Yes

 

DS1 Channel

Yes

Yes

Yes

  • local

  • network -> line

  • network -> payload

  • remote -> line -> fdl -> ansi

  • remote -> line -> fdl -> bellcore

  • remote -> line -> inband

  • remote -> payload

E1 Channel

Yes

Yes

No

No protocol for E1 remote loopback

DS0 Group

Yes

No

No

Devices are not capable of internal loopbacks

2.6.1.9.4   Traffic Management

Policing

Policing policies are supported per channel and per Multilink Point to Point Protocol (MLPPP) bundle.

Metering

Metering policies are supported per channel and per MLPPP bundle.

Queuing

A Priority Weighted Fair Queuing (PWFQ) policy can be applied to PPP channels and MLPPP bundles. Up to 8 priority groups are supported. PWFQ operates as it does for other PPA2 cards. PWFQ is the only queuing policy supported.

The Channelized OC-3/STM-1 or OC-12/STM-4 line card supports flow control between the EPPA and a Winpath device. As a result, all congestion drops occur in the EPPA, and not the Winpath device.

2.6.1.9.5   Showing Software Licenses

Use the show licenses command with the detail keyword to display per-slot software license information.

2.6.1.9.6   Install All Ports Software License

Before you can use ports 5-8 of the Channelized OC-3/STM-1 or OC-12/STM-4 line card, you must obtain an all-ports software license, one for line card using these ports.

After obtaining the license, you must install it in the slot housing the Channelized OC-3/STM-1 or OC-12/STM-4 line card. See the all-ports command for details.

Note:  
If this software license is not in place, the system rejects attempts to configure ports 5-8 (for CES or POS service) and displays an error message.

2.6.1.9.7   Configure the Channelized Line Card

The card ch-oc3oc12-8or2-port command provisions a specified slot for the Channelized OC-3/STM-1 or OC-12/STM-4 line card.

See the card command reference for details.

2.6.1.9.8   Configure the Card Clock Source

You can configure the clock source for the Channelized OC-3/STM-1 or OC-12/STM-4 line card to be either the system clock on an XCRP (the global-reference) or the 20 ppm SONET Minimum Clock oscillator on the Channelized OC-3/STM-1 or OC-12/STM-4 line card.

See the clock-source (card configuration mode) for details.

2.6.1.9.9   Configure the Ports for Channelized SONET/SDH

Use the port <port-type> command to configure any port as a SONET Channelized OC-3 or SDH Channelized STM-1 port. In addition, you can configure ports 1 and 5 as SONET Channelized OC-12 or SDH Channelized STM-4.

2.6.1.9.10   Configure SONET Mapping

Port SONET mapping specifies the mapping used by all facilities on an OC-3 and OC-12 port. The mapping selected must match that of the far-end SONET interface, and must support the types of channels required to carry the POS or CES service.

See the channel-mapping command for details.

2.6.1.9.11   Configure SDH AUG Mapping

The port SDH mapping specifies the AUG mapping used by all facilities on a STM-1 or STM-4 port. The AUG mapping selected must match that of the far-end SDH interface, and must support the types of channels required to carry the POS or CES service.

See the aug-mapping command for details.

2.6.1.9.12   Configure Ports for DS3, DS1, or E1 Channels

In the context of the Channelized OC-3/STM-1 or OC-12/STM-4 line card, a channel refers to the Plesiochronous Digital Hierarchy (PDH) structure that is mapped into the SONET or SDH frame. This contrasts to a subchannel, which is a PDH structure that is multiplexed into the DS3 channel.

The CLI commands that create channels directly from the SONET or SDH port map the channels to the SONET or SDH frame. These channels can be DS3, DS1, and E1. The CLI commands that create channels from PDH DS3, DS1, and E1 channels create subchannels, which are time slots multiplexed into the DS3, DS1, and E1. The term subchannel is used because in these CLI commands, you specify both the parent channel ID and the child subchannel ID.

  1. The port {ds3 | channelized-ds3} command configures PDH DS3 channels in the OC-3, OC-12, STM-1, and STM-4 ports.

    You can bind services only to DS0 channels and unchannelized DS1, E1, and DS3 channels . You can multiplex subchannels only in channelized DS1, E1, and DS3 channels.

  2. The port {ds1 | channelized-ds1} and port {e1 | channelized-e1) commands enter the configuration mode for the PDH DS1 and E1 channels; either multiplexed in channelized OC-3, OC-12, STM-1, or STM-4 port or multiplexed in DS3 channels.

    You can bind services only to DS0 channels and unchannelized DS1, E1, and DS3 channels . You can multiplex subchannels only in channelized DS1, E1, and DS3 channels.

2.6.1.9.13   Configure Ports for NxDS0 Subchannels

The port ds0s command configures DS0 subchannels or sub-subchannels.

NxDS0 channels can be multiplexed as subchannels in a channelized DS1 or channelized E1 channel or as a sub-subchannel in a channelized DS1 or channelized E1 subchannel within a DS3 channel. For details, see the port ds0s command.

2.6.1.9.14   Configure NxDS0 Channel Timeslots

The timeslot command defines one or more groups of NxDS0 subchannels added to the first NxDS0 subchannel (also known as a timeslot) within the parent DS1 or E1 (fractional T1/E1).

Note:  
The first NxDS0 timeslot is the subchannel set by the port ds0s command in its nxds0-channel-id argument.

2.6.1.9.15   Configure Port Transmit Timing Clock Source

Use the clock-source (port) command to select whether the port and channel transmit timing is loop-timed or timed by the card-reference clock. (See the clock-source (card configuration mode) command for the card-reference clock options.)

2.6.1.9.16   DS3, POS DS1/E1 Channel and Subchannel Clock Sources

Use the clock-source (port) command to select whether the transmit timing for DS3 and POS DS1/E1 channels and subchannels is loop-timed or timed by the card-reference clock.

2.6.1.9.17   Configure Layer 2 Encapsulation

Use the encapsulation (channel) command to specify the type of encapsulation for the channels you configure, Currently only PPP is supported on the Channelized OC-3/STM-1 or OC-12/STM-4 line card.

2.6.1.10   MLPPP Support on Channelized OC-3/STM-1 or OC-12/STM-4 Line Card

You can configure an MLPPP (MP bundle) on a Channelized OC-3/STM-1 or OC-12/STM-4 line card with all the links of the bundle within a card. The links can span ports on a card but cannot span cards. Each link can be an E1, DS1, DS3, or DS0 group.

Note:  
The difference in speed between the slowest and fastest links in an MLPPP bundle cannot exceed the speed of a single DS0 channel.

All packets going out on an MLPPP bundle from a PPA2 POS card that supports MLPPP are always encapsulated with MLPPP.

2.6.1.11   PWFQ Support on Channelized OC-3/STM-1 or OC-12/STM-4 Line Card

2.6.1.12   APS Support on Channelized OC-3/STM-1 or OC-12/STM-4 Line Card

2.6.1.13   Control Packet Rate Limiting Support for 8-port ATM OC-3c/STM-1c and 2-port ATM OC-12c/STM-4c Line Cards

In previous releases, control packet rate limiting configuration was not supported for the 8-port ATM OC-3c/STM-1c and 2-port ATM OC-12c/STM-4c line cards. In this release, the control packet rate limiting configuration options are supported for these line cards to improve the subscriber bringup rate during Point-to-Point Protocol (PPP) over Asynchronous Transfer Mode (PPPoA) and PPP over Ethernet over Asynchronous Transfer Mode (PPPoEoA) packet processing at the SmartEdge router during circuit creation on demand (CCOD) of Asynchronous Transfer Mode (ATM) permanent virtual circuits (PVCs). Additionally, this feature prevents loss of Cross-Connect Route Processor (XCRP) card resources, such as the pppd process, when many subscribers attempt to connect simultaneously.

For information on using the rate-limit ccod and rate-limit ppp-lcp-confreq commands, see Reference [10].

2.6.1.14   Multihop Route Advertisement For Inter-AS L3VPNs

You can now configure Layer 3 Virtual Private Networks (L3VPNs) that span different autonomous systems (ASs) using LDP to redistribute routes from one AS to the other. Previously, you could only configure the SmartEdge OS to redistribute routes between ASs using eBGP for this topology.

For more information, see the Multi-AS Backbones-option C from RFC 4364, BGP/MPLS IP Virtual Private Networks (VPNs).

With the new configuration, Label Distribution Protocol (LDP) redistributes the internal Border Gateway Protocol (iBGP) routes from one AS to the other, using only two MPLS labels instead of three. Use this method to interoperate with Cisco routers in this topology.

When it is not enabled, external Border Gateway Protocol (eBGP) redistributes the routes between ASs, requiring three labels (the default method of using Option C).

Use the new [no] redistribute bgp [route-map map-name] command in router ldp configuration mode to enable LDP to redistribute the route.

The set ip next-hop command, required for this feature, has been enhanced with the new prefix-address keyword.

For a full description, configuration tasks and examples, see Configuring BGP/MPLS VPN.

With this feature enabled, you can use the ping command between a provider edge (PE) router in one AS and a PE router in another AS to verify connectivity. However, the ping command is not supported from one autonomous system border router (ASBR) to another.

Use the following commands to verify route redistribution and labels:

This feature is supported with IPv4, IPv6, and dual-stack addressing on PPA2 and PPA3 line cards.

2.6.1.15   PPA Feature Support

Note:  
For information about which traffic cards support each PPA version, see the device hardware guides.

Table 8 describes PPA support for features described in this section.

Table 8    PPA Feature Support

Feature

PPA2

PPA3

Notes

Enhanced Carrier Grade NAT

Yes

Yes

PPA2 ATM cards; PPA2 and PPA3 Ethernet cards

Dynamic CLIPS on 802.1Q On-Demand PVCs

Yes

Yes

PPA2 and PPA3 Ethernet cards

Single-session BFD over LAG for IPv4 and IPv6

Yes

Yes

 

New Match Criteria for IPv6 ACLs

Yes

Yes

 

Change in Processing for "redistribute" (IS-IS) Command

Yes

Yes

 

Event Accounting for Prefix Delegation (PD) Prefix Events for Dual- and Single-Stack IPv6 Subscribers

Yes

Yes

 

IPv6 LAG - QoS and ACL Support

Yes

Yes

 

LNS Support for IPv6 Subscribers

Yes

Yes

 

Channelized OC-3/STM-1 or OC-12/STM-4 Line Card Configuration

Yes

No

 

MLPPP (MP bundle) Support on Channelized OC-3/STM-1 or OC-12/STM-4 Line Card

Yes

No

 

PWFQ Support on Channelized OC-3/STM-1 or OC-12/STM-4 Line Card

Yes

No

 

APS Support on Channelized OC-3/STM-1 or OC-12/STM-4 Line Card

Yes

No

 

Control Packet Rate Limiting Support for 8-port ATM OC-3c/STM-1c and 2-port ATM OC-12c/STM-4c Line Cards

Yes

No

 

Multihop Route Advertisement For Inter-AS L3VPNs

Yes

Yes

 

2.6.2   DPI Operation

This section describes impacts to the Deep Packet Inspection (DPI) Market Application.

2.6.2.1   Enhanced Subscriber-Based Balancing

Subscribers can now be allocated dynamically to Deep Packet Inspection (DPI) instances with the lightest load. Previously, only round-robin distribution was supported, and subscribers were automatically assigned to the instance with the lowest subscriber count, regardless of load. The new adaptive distribution of subscribers optimizes performance and helps avoid overloading a single DPI instance. When no traffic flow is detected for the subscriber, the subscriber is considered idle and deallocated from the DPI instance.

Use the following new command to enable adaptive subscriber allocation:

(config)#dpi traffic-management subscriber load-balancing intra-asp adaptive

You can display load metrics and subscriber counts for a single DPI instance, or all DPI instances across the ASP using the following commands:

For more information, see the Configuring Subscriber Allocation section in Application Traffic Management Configuration and Operation.

2.6.2.2   PPA Feature Support

Note:  
For information about which traffic cards support each PPA version, see the device hardware guides.

Table 8 describes PPA support for features described in this section.

Table 9    PPA Feature Support

Feature

PPA2

PPA3

Notes

Enhanced Subscriber-Based Balancing

Yes

Yes

 

2.6.3   Platform Operation

This section describes impacts to Layer 2/Layer 3 and Infrastructure functionality.

2.6.3.1   IPsec Tunnel State Change and RSA Certification Alarms

New alarms are generated for IPsec tunnel failures and RSA certification incidents. IPsec tunnel failures include loss of a route to the peer, an ASP, or line card. Alarms are generated for both static and dynamic tunnels.

Use the following command to enable alarms for tunnels:

(config-tunnel)#[no] alarms

RSA certification alarms are generated when an RSA certificate is missing or invalid. An RSA certification warning alarm can also alert you when a certificate is due to expire.

[local]Redback(config)#[no] pki alarms certificate self|trusted missing

You can configure the interval between the alarm generation and the certificate expiration dates.

[local]Redback(config)#pki alarms certificate self|trusted expiry interval

For more information, see the Alarms section in Advanced Services Fault Management Guide.

2.6.3.2   PPA Feature Support

Note:  
For information about which traffic cards support each PPA version, see the device hardware guides.

Table 8 describes PPA support for features described in this section.

Table 10    PPA Feature Support

Feature

PPA2

PPA3

Notes

IPsec Tunnel State Change and RSA Certification Alarms

Yes

Yes

 

2.7   Obsolete Features

No features were removed, replaced by others, or were renamed in this release.

2.8   Other Network Elements

No changes to other network elements occurred in this release.

3   Summary of Impacts Per Feature

This section summarizes the impact of each feature on the system. It is organized by the Market Applications supported by the SEOS.

If a feature is classified as “major,” then new HW is required to be able to use the feature. “Major” can also refer to the impact of new features upon existing features, or to the numerous minor impacts of new features across the system. For details on feature impact, see each feature.

S&T provides this information for each section.

3.1   Broadband Remote Access Server

Table 11    Summary of Impacts

Feature

Major Impact

Minor Impact

No Impact

Feature Change

Other nodes

Enhanced Carrier Grade NAT

     

Feature Enhancement

 

Dynamic CLIPS on 802.1Q On-Demand PVCs

     

Feature Enhancement

 

Single-session BFD over LAG for IPv4 and IPv6

     

Feature Enhancement

 

New Match Criteria for IPv6 ACLs

     

Feature Enhancement

 

Change in Processing for "redistribute" (IS-IS) Command

     

Feature Enhancement

 

Event Accounting for Prefix Delegation (PD) Prefix Events for Dual- and Single-Stack IPv6 Subscribers

     

Feature Enhancement

 

IPv6 LAG - QoS and ACL Support

     

Feature Enhancement

 

LNS Support for IPv6 Subscribers

     

New Feature

 

Channelized OC-3/STM-1 or OC-12/STM-4 Line Card Configuration

     

New Hardware

 

MLPPP (MP bundle) Support on Channelized OC-3/STM-1 or OC-12/STM-4 Line Card

New Hardware Required for This Feature

       

PWFQ Support on Channelized OC-3/STM-1 or OC-12/STM-4 Line Card

New Hardware Required for This Feature

       

APS Support on Channelized OC-3/STM-1 or OC-12/STM-4 Line Card

New Hardware Required for This Feature

       

Control Packet Rate Limiting Support for 8-port ATM OC-3c/STM-1c and 2-port ATM OC-12c/STM-4c Line Cards

     

Feature Enhancement

 

Multihop Route Advertisement For Inter-AS L3VPNs

     

New Feature

 

3.2   Deep Packet Inspection

Table 12    Summary of Impacts

Feature

Major Impact

Minor Impact

No Impact

Other nodes

Enhanced Subscriber-Based Balancing

   

Feature Enhancement

 

3.3   Platform

Table 13    Summary of Impacts

Feature

Major Impact

Minor Impact

No Impact

Other nodes

IPsec Tunnel State Change and RSA Certification Alarms

   

Feature Enhancement

 

4   Additional Information

This section describes additional information, including new or changed documentation.

4.1   New Documentation

4.1.1   New Software Documentation

With this release, the following documents have been added to the SmartEdge library:


Glossary

6PE
IPv6 address on the provider edge
 
ASE
Advanced Services Engine
 
AAA
Authentication, Authorization, and Accounting
 
ACL
Access Control List
 
ANCP
Access Node Control Protocol
 
APS
Automatic Protection Switching
 
ASE
Advanced Services Engine
 
ASP
Advanced Services Processor
 
ATM
Asynchronous Transfer Mode
 
BFD
Bidirectional Forwarding Detection
 
BGP
Border Gateway Protocol
 
CCOD
circuit creation on demand
 
CGN
Carrier Grade NAT
 
CLI
command-line interface
 
CLIPS
Clientless IP Service Selection
 
CoS
Class of Service
 
CSR
Customer Service Request
 
CVLAN
Customer Virtual Local Area Network
 
DHCP
Dynamic Host Configuration Protocol
 
DHCPv6
Dynamic Host Configuration Protocol Version 6
 
DHCPv6-PD
Dynamic Host Configuration Protocol for IPv6-Prefix Delegation
 
DoS
Denial of Service
 
DPI
Deep Packet Inspection
 
DS0
 
DSCP
Differentiated Services Code Point
 
eBGP
external Border Gateway Protocol
 
ETSI
European Telecommunication Standards Institute
 
FQDN
fully qualified domain name
 
FSSB
File System Server Blade
 
GRE
Generic Routing Encapsulation
 
HTTP
Hypertext Transfer Protocol
 
iBGP
internal Border Gateway Protocol
 
ICMP
Internet Control Message Protocol
 
IETF
Internet Engineering Task Force
 
IGMP
Internet Group Management Protocol
 
IGP
Inter Gateway Protocol
 
IKEv1
Internet Key Exchange Version 1
 
IKEv2
Internet Key Exchange Version 2
 
IP
Internet Protocol
 
IPoE
IP over Ethernet
 
IPsec
Internet Protocol Security
 
IPv4
Internet Protocol Version 4
 
IPv6
Internet Protocol Version 6
 
IS-IS
Intermediate System-to-Intermediate System
 
L2
Layer 2
 
L2TP
Layer 2 Tunneling Protocol
 
L2TPv3
Layer 2 Tunneling Protocol version 3
 
L2VPN
Layer 2 Virtual Private Network
 
L3
Layer 3
 
L3VPN
Layer3 Virtual Private Network
 
LAC
L2TP access concentrator
 
LAG
Link Aggregation Group
 
LDP
Label Distribution Protocol
 
LNS
L2TP network server
 
LSP
label-switched path
 
MAC
Medium Access Control
 
MG
Media Gateway
 
MIB
Management Information Base
 
MID
Message ID
 
MLPPP
Multilink Point to Point Protocol
 
MPLS
(BGP)/Multiprotocol Label Switching
 
MPLS
Multiprotocol Label Switching
 
NAT
Network Address Translation
 
ND
Neighbor Discovery
 
ORF
Outbound Route Filter
 
OSPF
Open Shortest Path First
 
OSPFv3
Open Shortest Path First version 3
 
P2P
Point-to-Point
 
P2MP
point-to-multipoint
 
PD
Prefix Delegation
 
PE
Provider Edge
 
PE1
PE router
 
PFE
Packet Forwarding Engine
 
PIM
Protocol Independent Multicast
 
POS
Packet over Synchronous Optical Network (SONET)/Synchronous Digital Hierarchy (SDH)
 
PPA
Packet Processing ASIC
 
PPP
Point to Point Protocol
 
PPPoA
Point-to-Point Protocol over Asynchronous Transfer Mode
 
PPPoE
Point-to-Point Protocol over Ethernet
 
PVC
Permanent Virtual Circuit
 
PW
pseudowire
 
PWFQ
Priority Weighted Fair Queuing
 
PWs
MPLS port pseudowires
 
QoS
quality of service
 
RADIUS
Remote Authentication Dial-In User Service
 
RFC
Request for Comments
 
RIPng
Routing Information Protocol next generation
 
RMR
Remote Multicast Replication
 
RPF
Reverse Path Forwarding
 
RSA
Rivest-Shamir-Adelman
 
RSE
RADIUS Service Engine
 
SDH
Synchronous Digital Hierarchy
 
SNMP
Simple Network Management Protocol
 
SONET
Synchronous Optical Networking
 
SVLAN
Service Virtual Local Area Network
 
TCP
Transmission Control Protocol
 
TM
Traffic Management
 
ToS
Type of Service
 
TR-101
Technical Report 101
 
UDP
User Datagram Protocol
 
UTC
Coordinated Universal Time
 
VCCV
Virtual Circuit Connectivity Verification
 
VLAN
Virtual LAN
 
VMG
Virtual Media Gateway
 
VPLS
Virtual Private LAN Services
 
VPN
Virtual Private Network
 
VSA
Vendor Specific Attribute
 
XCRP
Cross-Connect Route Processor

Reference List

SmartEdge OS (EN/LZN 783 0011/1)
[1] Configuring Bridging (7/1543-CRA 119 1170/1-V1)
[2] Configuring CLIPS (63/1543-CRA 119 1170/1-V1)
[3] Configuring Ethernet CFM (52/1543-CRA 119 1170/1-V1)
[4] Configuring ATM, Ethernet, and POS Ports (9/1543-CRA 119 1170/1-V1)
[5] Configuring IPv6 Subscriber Services (85/1543-CRA 119 1170/1-V1)
[6] Configuring Rate-Limiting and Class-Limiting (55/1543-CRA 119 1170/1-V1)
[7] Installing the SmartEdge OS (1/190 47-CRA 119 1170/1-V1)
[8] Configuring NTP (34/1543-CRA 119 1170/1-V1)
[9] Configuring Channelized Ports (93/1543-CRA 119 1170/1-V1)
[10] CLI Commands Command List (1/190 77-CRA 119 1170/1-V1)
[11] Enterprise MIBs (2/198 18-CRA 119 1170/1)
Other CPI
Standards and Recommendations
[12] WAN Interface Sublayer, IEEE 802.3ae
[13] Link Aggregation, IEEE 802.3ad
[14] ETHERLIKE-MIB, RFC 2665
[15] ETHER-WIS-MIB, RFC 3637
[16] IF-INVERTED-STACK-MIB, RFC 2864