INTERNET DRAFT Cleve Mickles Document: draft-mickles-v6ops-isp-cases-01.txt AOL Time Warner Expires: December 2002 Sept 2002 Transition Scenarios for ISP Networks Status of this Memo This document is an Internet-Draft and is subject to all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document describes the different types of Internet Service Provider (ISP) networks in existence today. It will provide design and operational considerations in delivering network services to customers for five specific areas in an effort to better identify specific issues which may arise during a transition to IPv6. Mickles, et al. Expires - December 2002 [Page 1] Transition Scenarios for ISP Networks Sept 2002 Table of Contents 1. Introduction...................................................2 2. Scope of the document..........................................2 3. Transition scenarios...........................................3 3.1 CORE/Backbone Networks ....................................4 3.2 Broadband HFC/Coax........................................5 3.3 Broadband DSL Networks.....................................5 3.3.1 DSL physical architecture .............................5 3.3.2 Logical architectures used today for IPv4 access.......7 3.3.2.1 ATM POINT-TO-POINT MODEL.............................8 3.3.2.2 PPP TERMINATED AGGREGATION (PTA) MODEL...............9 3.3.2.2.1 Connection using PPPoA.....................10 3.3.2.2.2 Connection using PPPoE.....................11 3.3.2.3 L2TP ACCESS AGGREGATION (LAA) MODEL..................12 3.3.2.3.1 Connection via PPPoA.......................13 3.3.2.3.2 Connection via PPPoE.......................14 3.3.3 ADDRESSING FOR TODAY'S IPv4 ACCESS.....................15 3.3.4 ROUTING................................................15 3.3.5 DNS....................................................15 3.3.6 Network Management.....................................15 3.4 Narrowband Dialup Networks.................................16 3.5 Ethernet to the Home/Home Networking.......................17 4. Security Considerations........................................18 5. Network Management Considerations..............................19 Acknowledgements..................................................19 References........................................................19 Author's Addresses................................................20 Copyright (C) The Internet Society (2002). All Rights Reserved. 1. Introduction This document will describe the basic design of ISP networks today. It will be used to provide direction on what must be considered to transition today's networks to IPv6. The main purpose of this document is to identify, and document the issues that must be considered before transitioning a network to IPv6. This document is not meant to determine exactly how the transition will occur for the various ISP networks. This document will not describe what is or is not a "Tier 1" or "Tier 2"..."Tier N" ISP. The document focuses on IP capable network devices and may reference non-IP related devices for clarification purposes only. At this point much of this document provides a template for the scenarios. Content is present only in the Core/Backbone and Narrowband Dialup sections below. Mickles, et al. Expires - December 2002 [Page 2] Transition Scenarios for ISP Networks Sept 2002 Comments to this draft may be sent to the primary author. 2. Scope of the document The scope of this document is to cover the major topics ISPs must consider in building and running their IP networks. The document will include sections on Core backbone networks, Broadband DSL networks, Broadband HFC Cable networks, Narrowband Dialup networks, and Ethernet to the home networking. The document will also identify Security and Network Management concerns which in some cases will be common to all as well some areas that may be unique to the particular service. Although the Optical core is important in today's networks, that layer is generally transparent to the IP layer except in a few special cases where ISPs have allowed the IP core to be aware of the optical layer underneath. Hence, this draft does not include further optical considerations. Each scenario will discuss issues related to network topology, network hardware, routing, policing, security, network management, configuration and host gear. 3. Transition Scenarios This section provides the description and design considerations for the different types of ISP networks in existence today. In some cases a single ISP may provide services in more than one of the areas mentioned below. 3.1 Core/Backbone Networks This section describes the general topologies of and characteristics of today's CORE networks. Although there are numerous large scale networks out there today, most employ the same basic set of principles when designing and building their networks. In terms of physical equipment, today's backbone networks consist mainly of high speed routers which are configured in a basic core and edge configuration. In most configurations, for redundancy, there are two or more core routers as well as two or more border routers. The border routers provide any local connectivity and peering. Generally filtering, routing policy and policing type functions are done on the border routers. The core routers provide aggregation of border router traffic as well as aggregation of long haul circuits to remote sites. Mickles, et al. Expires - December 2002 [Page 3] Transition Scenarios for ISP Networks Sept 2002 BGP4 is the standard gateway routing protocol. In the core, the IGP choices are generally OSPF or ISIS. Most networks employ some type of traffic engineering mechanism to steer traffic around potentially congestive areas. There are also networks that employ an over provisioning model to limit packet loss. In terms of host gear, the CORE networks maintain hosts for supporting and managing the network, but not necessarily the end user. The standard set of hosts include DNS servers, mail gateways, authentication( radius or tacacs), and network management servers. Trunks to remote sites ^ ^ | | / / / / /\/ / / /\/ / / ____/____ ____/____ | | | | | CORE1 | | CORE2 | |_________| |_________| ____________/ | \ | | | / | \ | | | / +===========|===\=========+ | | | / | +=\==========+ | ___|_/_ ___|_/_ \ _____|_ | | | | \____| | | BDR1 | | BDR2 | | BDR(n)| |_______| |_______| |_______|\ | | | \ | | | \ | | | \_Peering( Direct & IX ) | | | ___|___ ___|__ ___|___ | | | | | | | CPE1 | | CPE2 | | CPE(n)| |_______| |______| |_______| Mickles, et al. Expires - December 2002 [Page 4] Transition Scenarios for ISP Networks Sept 2002 3.2 Broadband HFC/Coax Networks This section describes the infrastructure that exists in today's HFC cable networks that support cable modem services to the home. Since many cable providers are regional they generally have used the backbone ISP networks for transit IP services beyond their region. 3.3 Broadband DSL Networks This section describes the infrastructure that exists in today's High Speed DSL Networks. 3.3.1 DSL physical architecture Digital Subscriber Line (DSL) technology is a modem technology that allows subscribers to perform access from the home or office to broadband network services by using existing twisted-pair copper wire telephone lines. The term xDSL is the generic name that has been given to the family of digital subscriber line technologies, including ADSL, SDSL, HDSL, VDSL, and IDSL. The POTS (Plain Old Telephone Service) takes only the frequency range 0-3000 Hz but there is considerably more bandwidth on these copper lines; DSL gets more from them by using sophisticated digital coding and splitting the line (reserving the higher frequencies for data, the lower for voice and fax) to achieve high-speed data transmission over the local loop from the customer site to a service provider's switching center. But the bandwidth a subscriber can receive depends on the quality of the line and on the distance to the service provider's center. The following chart provides examples of the maximum speed that can be reached with DSL technologies on a production network: +------------+-------------------+---------------+------------------+ | Technology | Downstream bearer | Duplex Bearer | Maximum Distance | | | | | for maximum rate | +------------+-------------------+---------------+------------------+ | ADSL | 8 Mbps | 640 kbps | 9,000 feets | +------------+-------------------+---------------+------------------+ | HDSL | 2 Mbps | 2 Mbps | 12,000 feets | +------------+-------------------+---------------+------------------+ | IDSL | 144 kbps | 144 kbps | 18,000 feets | +------------+-------------------+---------------+------------------+ | SDSL | 2 Mbps | 2 Mbps | 12,000 feets | +------------+-------------------+---------------+------------------+ | VDSL | 53 Mbps | 2.3 Mbps | 1,000 feets | +------------+-------------------+---------------+------------------+ Mickles, et al. Expires - December 2002 [Page 5] Transition Scenarios for ISP Networks Sept 2002 Distance can be increased, but then speed is reduced. For instance, it is possible to use ADSL up to 18,000 feets, but the maximum downstream speed is then reduced to 1544 kbps. Several models are used to deploy IP over DSL services, but all use the same components: Customer Premises | Network Access Provider | Network Service Provider CP NAP NSP +-----+ +-----+ +-----+ |Hosts|--| DSL +-------+DSLAM| +-----+ |Modem| | +----+ +-----+ +-----+ | | +-----+ +------+ | +-----+ +-------+ |Hosts|--|Router| +--+ BAS +----+ ISP | ISP +-----+ +--+---+ +--+ | | Edge +======> Network | | +-----+ | Router| +--+--+ | +-------+ | DSL +---+ | |Modem| | | +-----+ | | | +-----+ | +-----+ +------+ +---+DSLAM+----+ |Hosts|--|Router| +---+ | +-----+ +--+---+ | +-----+ | | +--+--+ | | DSL +---+ |Modem| +-----+ The hosts are connected to the DSL network either directly through a modem, either through a router and a modem. The modems may be included in the hosts or in the routers. When it is not the case, the DSL modems may be accessed through ATM, Ethernet or USB. It must be noted that when a router is used in customer premises, it often has only very limited resources in terms of memory or processing power. Mickles, et al. Expires - December 2002 [Page 6] Transition Scenarios for ISP Networks Sept 2002 IP packets are then transported on twisted-pair telephone lines to the NAP's DSLAM (DSL Access Multiplexer), thanks to DSL technology. The DSLAM terminates and multiplexes several DSL accesses to the NAP's backbone. It forwards data to the BAS (Broadband Access Server = DSLAM aggregator), which is in charge of directing them to the POP (Point Of Presence = the ISP Edge Router) of the NSP that the client has subscribed to. Note that NAP and NSP can be the same organization. The technology used in the NAP network is usually ATM, but other types of layer 2 technologies may be used. This model enables the local operator to make its local copper available to other companies. Operators are then able to offer DSL technology for broadband Internet access. As the access network puts service users in communication with their NSPs, security and access control are required. 3.3.2 Logical architectures used today for IPv4 access Data transport between the CPE and the service provider's point of presence (POP) generally relies on an ATM based infrastructure. Two types of use of this infrastructure are common: * ATM point-to-point model: one PVC connects each subscriber to its NSP. From the Broadband Access Server (BAS), there are exactly as many PVCs across the NAP network as the number of subscribers (i.e. one PVC per subscriber). This model is detailed in section 3.3.2.1. * Aggregation model: the BAS aggregates multiple subscriber PVCs into trunk PVCs to reduce the number of PVC connections across the NAP core network (one PVC provisioned for many subscribers to the same destination NSP, or if the NSP offers multiple service levels, more than one PVC could be established across the core). There are two usual ways to aggregate connections: - PPP Terminated Aggregation (PTA): PPP sessions are opened between each subscriber and the BAS. The BAS terminates PPP sessions and transfers subscriber's traffic up to the POP. This model is detailed in section 3.3.2.2. - L2TP Access Aggregation (LAA): PPP sessions are opened between each subscriber and the POP. The BAS dispatches PPP sessions up to the POP, by encapsulating them into L2TP tunnels. This model is detailed in section 3.3.2.3. Mickles, et al. Expires - December 2002 [Page 7] Transition Scenarios for ISP Networks Sept 2002 3.3.2.1 ATM POINT-TO-POINT MODEL This model is adapted to networks with few subscribers and static configuration. It is simple to deploy but it cannot be used in large networks. In this model, each subscriber is connected to its NSP via one PVC. The user network IP packets are transmitted frames from the CPE to the DSL modem or router. There, RFC 2684 bridging occurs: The LAN frames are forwarded into an ATM PVC (segmenting them into ATM cells through AAL5). The following figure describes the protocol architecture of this model. Customer Premises NAP NSP <-------------------------> <---------------> <---------------------> +-----+ +-------+ +-----+ +--------+ +-----------+ |Hosts|--+Router +--+ DSL +--+ DSLAM +--------+ ISP | ISP +-----+ +-------+ |Modem| +--------+ | Edge +===> Network +-----+ | Router | +-----------+ <----------------------------> ATM +-----+ +-------+ +-----------+ | IP | | IP | | IP | +-----+ +---+---+ +-+----+ +-----------+ | X | | X | Y | | | Y | | Y | | | | | | | | +----+ +-----+ | | | | | | | |AAL5| |AAL5 | | | | | | | |Y+----+ +--------+ +-----+ V | | | | | | | |ATM | | ATM | | ATM | | | | | | | | +----+ +----+---+ +-----+ | | | | | | | | DSL| | DSL| U | | U | | +-----+ +---+---+ +-+----+ +----+---+ +-----+-----+ X and Y are LAN technologies (usually Ethernet). U and V are WAN technologies (SONET/SDH...) Since the CPE is in bridging mode, this model is layer 3-independent and the NAP is free of addressing and routing concerns. The NSP edge router sees all subscribers as attached to the same Ethernet link. Very complex controls and restrictions must thus be performed to avoid spoofing and broadcast storms. Last, subscribers do not have access to multiple ISPs over a single DSL line. Mickles, et al. Expires - December 2002 [Page 8] Transition Scenarios for ISP Networks Sept 2002 3.3.2.2 PPP TERMINATED AGGREGATION (PTA) MODEL The PTA architecture relies on PPP-based technologies (PPPoA and PPPoE), terminated at the BAS. The BAS has at least one PVC opened to each NSP, but several PVCs are sometimes used when the NSP offers differentiated services (QoS...). In this architecture, the aggregator BAS provides PPP session termination and the subscriber data is then forwarded to the NSP's edge router using IP over ATM. Since the PPP session is terminated at the BAS, the BAS must perform per session authentication, authorization and accounting on behalf of the NSP, and perform layer 3 routing. The PTA architecture has several advantages. First, it reduces the number of PVCs used in the NAP core network. Second, it offers the subscribers the capability to choose between several NSPs. However, it is not as flexible as the LAA model from this point of view: it requires strong coordination between the NSP and the NAP. This model is often used when the NSP is also the NAP. Mickles, et al. Expires - December 2002 [Page 9] Transition Scenarios for ISP Networks Sept 2002 3.3.2.2.1 Connection using PPPoA The following figure describes the protocol architecture of this model. Customer Premises NAP NSP <--------------------> <----------------------> <-----------------> +-----------+ | AAA | +-------+ Radius | | | TACACS | | +-----------+ | +-----+ +-------+ +--------+ +----+-----+ +-----------+ |Hosts|--+Router +------+ DSLAM +-+ BAS +-+ ISP | +-----+ +-------+ +--------+ +----------+ | Edge +=>Core | Router | +-----------+ <--------------------------> PPP +-----+ +-------+ +----------+ +-----------+ | IP | | IP | | IP | | IP | +-----+ +-+-----+ +-----+----+ +-----+-----+ | | | | PPP | | PPP | | | | | | | | +-----+ +-----+ | | | | | X | |X|AAL5 | |AAL5 | | | | | | | | +-----+ +--------+ +-----+ V | | V | T | | | | | ATM | | ATM | | ATM | | | | | | | | +-----+ +----+---+ +-----+ | | | | | | | | DSL | | DSL| U | | U | | | | | +-----+ +-+-----+ +----+---+ +-----+----+ +-----+-----+ X is a LAN technology (usually Ethernet). U, V and T are WAN technologies (ATM, SONET/SDH...) The PPP sessions initiated by the CPEs are terminated at the aggregation device (BAS), which authenticates users either by using a local database or by sending a request to a remote server located at the NSP (a RADIUS server for instance). When RADIUS is used, a user can be authenticated based on a username or based on the VPI/VCI used. There is only one PPP session per ATM PVC. Upon successful authentication, the customer premises equipment may then be configured dynamically. Of course, static configuration is also possible. When dynamic configuration is used, the BAS obtains the address of a DNS server and an IPv4 address or prefix for the customer, usually through a DHCP server or a RADIUS server. The BAS then sends this information to the CPE via IPCP, and establishes a new route between the CPE and the BAS. Mickles, et al. Expires - December 2002 [Page 10] Transition Scenarios for ISP Networks Sept 2002 3.3.2.2.2 Connection using PPPoE The following figure describes the protocol architecture of this model. Customer Premises NAP NSP <--------------------> <----------------------> <-----------------> +-----------+ | AAA | +-------+ Radius | | | TACACS | | +-----------+ | +-----+ +-------+ +--------+ +--------+ +----+-----+ +-----------+ |Hosts|--+Router +-+ Modem +-+ DSLAM +-+ BAS +-+ ISP | C +-----+ +-------+ +--------+ +--------+ +----------+ | Edge +=>O | Router | R +-----------+ E <--------------------------------> PPP +-----+ +-------+ +----------+ +-----------+ | IP | | IP | | IP | | IP | +-----+ +-+-----+ +----------+ +-----+-----+ | X | | | PPP | | PPP | | | V | T | +-----+ |X+-----+ +-----+ | +-----+-----+ | |PPPoE| |PPPOE| | | +-----+ +--------+ +-----+ | | | Eth | | Eth | | Eth | | +-+-----+ +-+------+ +-----+ V | | | AAL5 | | AAL5| | |E+------+ +--------+ +-----+ | |t| ATM | | ATM | | ATM | | |h+------+ +----+---+ +-----+ | | | DSL | | DSL| U | | U | | +-+------+ +----+---+ +-----+----+ X is a LAN technology (usually Ethernet). U, V and T are WAN technologies (ATM, SONET/SDH...) The PPPoE-based PTA model is more flexible than the PPPoA based one: several PPP sessions may be opened with the BAS at the same time, over as many PPPoE sessions. This allows subscriber to access several services at the same time, on the same VC. The authentication process is the same as the PPPoA one except that VPI/VCI-based authentication cannot be used. Mickles, et al. Expires - December 2002 [Page 11] Transition Scenarios for ISP Networks Sept 2002 It must be noted that the extra PPPoE encapsulation reduces the IP MTU and MRU, because two PPP and PPPoE headers (2+6 bytes) are inserted between the IP packet and the Ethernet header. This also results in a decrease of the MSS of TCP that applications should use. 3.3.2.3 L2TP ACCESS AGGREGATION (LAA) MODEL While PTA model terminates PPP sessions at the aggregation device and then forwards IP traffic to its destination, LAA model allows forwarding PPP sessions from subscribers to the NSP's point of presence, via a L2TP tunnel. When a CPE initiates a session with its NSP, the BAS intercepts the PPP connection request. It reads the PPP identities of the subscriber and of the NSP, and sends a request to the NSP's RADIUS server, asking for the address of the device to which the PPP connection should be forwarded. If not opened yet, a L2TP tunnel is established between the BAS and the NSP's server. The PPP connection is then encapsulated and forwarded into this tunnel. User authentication and dynamic configuration are performed by the NSP itself. Mickles, et al. Expires - December 2002 [Page 12] Transition Scenarios for ISP Networks Sept 2002 3.3.2.3.1 Connection via PPPoA The following figure describes the protocol architecture of this model. Customer Premises NAP NSP <--------------------> <----------------------> <-----------------> +-----------+ | AAA | + Radius | | TACACS | +-----+-----+ | +-----+ +-------+ +--------+ +----+-----+ +-----+-----+ |Hosts|--+Router +------+ DSLAM +-+ BAS +-+ ISP | +-----+ +-------+ +--------+ +----------+ | Edge +=>Core | Router | +-----------+ <----------------------------------------> PPP <------------> L2TP +-----+ +-------+ +-----------+ | IP | | IP | | IP | +-----+ +-+-----+ +----------+ +-----+-----+ | X | | | PPP | | PPP | | PPP | | +-----+ | +-----+ +----------+ +-----+ | |X|AAL5 | | AAL5|L2TP| | L2TP| T | | +-----+ +--------+ +-----+----+ +-----+ | | | ATM | | ATM | | ATM | UDP| | UDP | | | +-----+ +----+---+ +-----+----+ +-----+ | | | DSL | | DSL| U | | U | IP | | IP | | +-+-----+ +----+---+ +-----+----+ +-----+ | | V | | V | | +----+ +-----+-----+ X is a LAN technology (usually Ethernet). U, V and T are WAN technologies (ATM, SONET/SDH...) Mickles, et al. Expires - December 2002 [Page 13] Transition Scenarios for ISP Networks Sept 2002 3.3.2.3.2 Connection via PPPoE The following figure describes the protocol architecture of this model. Customer Premises NAP NSP <--------------------> <----------------------> <-----------------> +-----------+ | AAA | | Radius | | TACACS | +-----+-----+ | +-----+ +-------+ +--------+ +--------+ +----+-----+ +----+------+ |Hosts|--+Router +-+ Modem +-+ DSLAM +-+ BAS +-+ ISP | C +-----+ +-------+ +--------+ +--------+ +----------+ | Edge +=>O | Router | R +-----------+ E <-----------------------------------------------> PPP <--------------> L2TP +-----+ +-------+ +-----------+ | IP | | IP | | IP | +-----+ +-+-----+ +----------+ +-----+-----+ | X | | | PPP | | PPP | | PPP | | +-----+ |X+-----+ +----------+ +-----+ | | |PPPoE| |PPPOE|L2TP| | L2TP| T | | +-----+ +--------+ +-----+----+ +-----+ | | | Eth | | Eth | | Eth | UDP| | UDP | | +-+-----+ +-+------+ +-----+----+ +-----+ | | | AAL5 | | AAL5| IP | | IP | | |E+------+ +--------+ +-----+----+ +-----+ | |t| ATM | | ATM | | ATM | V | | V | | |h+------+ +----+---+ +-----+----+ +-----+-----+ | | DSL | | DSL| U | | U | +-+------+ +----+---+ +-----+ X is a LAN technology (usually Ethernet). U, V and T are WAN technologies (ATM, SONET/SDH...) 3.3.2.4 OPTIMAL MTU CONFIGURATION FOR DSL CONNECTIONS USING PPPOE While PPPoA does not impact the default MTU on an LAN environment (1500 bytes), PPPoE induces a smaller MTU (1492 bytes, 1500 bytes minus 2 bytes for PPP header and 6 bytes for PPPoE header). Mickles, et al. Expires - December 2002 [Page 14] Transition Scenarios for ISP Networks Sept 2002 This causes some problems, especially when ICMP error messages such as "Packet Too Big' are filtered by intermediate nodes. 3.3.3 ADDRESSING FOR TODAY'S IPv4 ACCESS One of the benefits of DSL for the customer is the capability to enjoy a permanent connection to the Internet on the telephone line. This allows the customers to use peer-to-peer applications and to set up servers when they are given stable global IP addresses. However, some service providers do not supply static addresses by default, and a lot of customers are using dynamic addresses today. Customers are usually disconnected every day and are given a new address each time they reconnect. Most of the times, customers use private addressing on their LAN and the access routers then perform NAT for Internet access. Some small ISPs do not even provide global addresses to their customers. These ISPs then operates NATs on their backbones. 3.3.4 ROUTING Customers of DSL services may run routing protocols on their LAN (usually RIP or OSPF), but these LANs are usually small and do not require the use of a routing protocol. When a router is used in the customer premises, it is usually configured with a default route to the NSP's edge router. In case of multi-homing, the customer's router may use BGP. The NAP may have to run an IGP (OSPF or IS-IS). Usually, the NSP uses an IGP (OSPF or IS-IS) on its core network. 3.3.5 DNS Very often, the domain name of the customer is managed by the NSP and the domain name server is also hosted by the NSP. In fewer cases, the customer hosts the server on its own LAN. 3.3.6 Network management Usually, NSPs manage the edge routers by SNMP. The management stations are located on the core network. Very few service providers manage equipment located on customers LANs. The use of NAT on the customer edge router forbids this type of service. Mickles, et al. Expires - December 2002 [Page 15] Transition Scenarios for ISP Networks Sept 2002 3.4 Narrowband Dialup Networks This section describes Narrowband dialup networks that the majority of internet users use today to get online. The scenarios will include solutions where the dial infrastructure is controlled by one entity as well as solutions where ISPs lease modems from a wholesale modem providers. There are multiple types of dialup services from plain/no frills access to the Internet, to wholesale dialup networks which can purchased by an organization wanting to resell internet services, and then there are the full service dialup providers that provide a long list of features to the end user. The infrastructure used in the foundation of these various offerings is somewhat similar although the deployments vary depending on the level of service offered. The basic dialup service provider model that includes modem access to the Internet can be built from a terminal server (generally a digital modem bank), a Layer 2 switch and routers. For global reachability the dialup provider must connect to a backbone provider. The basic design calls for the terminal server to be attached to a layer 2 switch that would in turn have connections to a router. For redundancy, a dialup provider can spread multiple shelves of terminal servers across individual routers and manually shift traffic if a router becomes disabled. A more robust redundant solution would be to deploy pairs of routers and use VRRP functionality to maintain traffic in the event of a failure of one router. Mickles, et al. Expires - December 2002 [Page 16] Transition Scenarios for ISP Networks Sept 2002 Generally smaller dialup ISPs purchase a T1 or greater facility from a Local Exchange Carrier(LEC) to the facility where modem equipment is housed. The choice in terms of the number of T1s (or other) is made dependent on how many simultaneous users are supported in the ISPs business model. Depending on the coverage area multiple phone numbers may be provided for the end-user to dial and the LEC may choose to route all calls to a common termination point or provide the traffic across multiple T1 facilities. When an end-user dials an access number, the LEC routes the call to the modem server location and is generally mapped by the LEC into a T1 facility that terminates on the modem server. The modem server attempts to verify the user credentials by querying the authentication server via an IP interface on the modem server. The modem server is present on a LAN network segment along with any relevant hosts as well as the default gateway router. Some services that are common to all dialup providers include the ability to provide DNS service either primary or secondary and an authentication server. The wholesale dial provider builds out the dial network just as the small dialup provider does. Differences include the ability of the wholesale provider to hand off aggregated traffic to the organization purchasing wholesale access or to allow the aggregated traffic to reach the Internet at large without the purchasing organization needing major internet access facilities. Each case has different implications. 3.5 Ethernet to the Home / Home Networking This section describes the Home Networking arena which is basically in it's infancy. The home of the future will possibly include a gateway device that will control access to the home, which will have numerous IP, enabled devices. Mickles, et al. Expires - December 2002 [Page 17] Transition Scenarios for ISP Networks Sept 2002 4. SECURITY CONSIDERATIONS Security concerns will be described within the context of each scenario. After the various scenarios are documented, a summarized section including all of the security considerations may be provided. 5. NETWORK MANAGEMENT CONSIDERATIONS Network Management concerns will be described within the context of each scenario. After the various scenarios are documented, a summarized section including all of the Network Management considerations may be provided. Mickles, et al. Expires - December 2002 [Page 18] Transition Scenarios for ISP Networks Sept 2002 ACKNOWLEDGEMENTS [1] The author would like to thank Margaret Wasserman and Randy Bush for comments on this initial draft document. REFERENCES [1] TR-025 Core Network Architecture for Access to Legacy Data Networks over ADSL, TR-025 - ADSL Forum, September 1999 [2] RFC 1661 The Point-to-Point Protocol (PPP) [3] RFC 2684 Multiprotocol Encapsulation over ATM Adaptation Layer 5 [4] RFC 2364 PPP Over AAL5 [5] RFC 2516 A Method for Transmitting PPP Over Ethernet (PPPoE) [6] RFC 2661 Layer Two Tunneling Protocol "L2TP" [7] RFC 2138 Remote Authentication Dial In User Service (RADIUS) [8] RFC 3162 RADIUS and IPv6 TERMS AND ACRONYMS AAL5 ATM Adaptation Layer 5 ADSL Asymmetric Digital Subscriber Line BAS Broadband Access Server CPE Customer Premises Equipment DSL Digital Subscriber Line DSLAM DSL Access Multiplexer L2TP Layer Two Tunneling Protocol LAA L2TP Access Aggregation (model) LAC L2TP Access Concentrator LNS L2TP Network Server MSS Maximum Segment Size (MTU - 40 bytes for IP and TCP headers) MTU Maximum Transmission Unit NAP Network Access Provider NAT Network Address and Port Translation NSP Network Service Provider POP Point Of Presence POTS Plain Old Telephone Service PPP Point-to-Point Protocol PPPoA PPP over ATM PPPoE PPP over Ethernet PSTN Public Switched Telephone Network PTA PPP Terminated Aggregation (model) PVC Permanent Virtual Circuit RADIUS Remote Authentication Dial In User Service USB Universal Serial Bus VPI/VCI Virtual Path Identifier with Virtual Channel Identifier VPN Virtual Private Network Mickles, et al. Expires - December 2002 [Page 19] Transition Scenarios for ISP Networks Sept 2002 Author's Addresses Cleveland Mickles AOL Time Warner 12100 Sunrise Valley Drive. Phone: +1 703-265-5618 Reston, VA 20191, USA Email: micklesc@aol.net Vladimir Ksinant 6Wind 1 place Charles de Gaulle - 78180 Phone: +33139309236 Montigny Le Bretonneux - France Email: vladimir.ksinant@6wind.com Mickles, et al. Expires - December 2002 [Page 20]