Routers equipped to deliver Layer 2 and Layer 3 private data networking services will help service providers maintain their competitive edge.
By KEVIN MACALUSO, TiMetra Networks--Recent protocol and technology advances are expanding the router's role in service providers' networks, as migrating to an Internet protocol/ multi-protocol label-switching (IP/MPLS)-based infrastructure becomes a primary goal for many operators. These changes are resulting in separate evolution paths for core and edge routers. The core router is evolving to support optical integration and terabit throughput, while the edge device is developing into a service router that can provide a diverse range of services beyond Internet access.
Traditionally, edge routers were little more than retired core routers, which were relocated to the edge of the network, with support added for specialized interfaces (usually copper and channelized). These modified core routers worked well enough when best-effort Internet access was the only service delivered. But today, new demands on the edge of the network must be met as service providers add MPLS to their IP backbones to enable data services such as virtual private networks (VPNs).
To meet these demands, a new category of products called service routers is emerging. Service routers are designed to deliver service level agreement (SLA)-based Layer 2 and Layer 3 private data services as well as Internet access.
Next-generation edge routing
Traditional Internet service has a very simple definition: Internet connectivity and some fixed amount of bandwidth. Accordingly, traditional edge routers were tuned to deliver this basic, best-effort service. What service providers need today, however, are edge routers that deliver a full set of IP and MPLS routing protocols and the control plane scalability required to offer Internet service.
Service routers address the IP/MPLS private data services market with new strides in network processing and queuing. Traditional hard-coded ASICs achieve speed, but only for a limited set of capabilities such as basic routing, switching, or filtering, for example. Through advances in both silicon process technology and product architecture, service routers can deliver the performance and density of the fastest switches or routers while also providing high-touch features and full flexibility in the forwarding plane.
The service router architecture supports point-to-point and multi-point Layer 2 and Layer 3 VPNs, implemented in the fast-path with tremendous scale--tens of thousands of individual customers or services per shelf. Tunneling is abstracted and logically separate from the service, so any service can run over any combination of tunnel technologies, for example IP (e.g. generic routing encapsulation) or MPLS (e.g. draft-Martini).
Today's routers and Layer 3 switches typically offer up to eight quality-of-service (QoS) levels per physical port with either strict priority or weighted fair queuing. Service routers support "service-based queuing" where a service is delimited by a "logical port" such as a channel on a SONET/SDH interface, a data link connection identifier on a Frame Relay interface, a virtual path identifier/virtual circuit identifier on an ATM interface or an 802.1Q tag on an Ethernet interface. Service routers implement packet-data buffering for each service and then rate-shape the individual service data to an SLA with committed information rate and peak information rate type guarantees.
Most Layer 3 switches and routers offer support for statistics per port but for new private data services, providers need more granularity. Thus, service routers deliver statistics per billable service and maintain statistics per flow depending on the service provider's requirements. Through dynamic assignment of services (or flows within services) to unique queues, service routers associate a set of counters with each queue to enable a variety of per-service statistics. In addition, unlike today's edge routers, service routers can support the collection of these statistics for tens of thousands of services.
To support multiple new data services, service routers must implement service-based filtering, with access control lists (ACLs) on a per-service and per-port basis, scaling to tens of thousands of line-rate ACLs at 10-Gbit/sec speeds on the ingress or egress fast-path.
Service providers need to verify proper operation on a per-service basis and troubleshoot services should an issue arise. Therefore, service routers must incorporate operations, administration and management (OA&M) protocols that enable service assurance and diagnostic troubleshooting. For example, a service assurance protocol that can verify end-to-end connectivity of a VPN-that is, provider edge (PE) access-port to PE access-port, not just the PE to PE tunnel. This is the type of advanced management and diagnostics that providers require to support SLA-based data services beyond simple Internet access.
Service router applications
Internet service providers, inter-exchange carriers, and local-exchange carriers are evaluating how to better compete in the long haul and metro data services markets. One of the most interesting new applications for the emerging category of service routers is providing both point-to-point (virtual leased line) and multi-point (virtual private LAN service) long haul and metro Ethernet services. These services enable enterprise customers to obtain the high-bandwidth, private Layer 2 connections they require, together with fast service-activation and granular bandwidth on-demand. Service routers and an IP/MPLS core can also provide Layer 3 multi-point VPNs (RFC2547bis) and transport other protocols such as Frame Relay and ATM via MPLS encapsulations.
In service providers' hosting or data centers, where the handoff to customers is almost always Ethernet, service routers can add new capabilities and services. For example, service routers can accommodate sub-rate services and per-port and destination-based billing, as well as deliver accounting per service or per flow in both the ingress and egress path. Unlike traditional switches or routers, service routers can be easily upgraded with new fast-path features without a major disruption to the network and without substantial capital equipment expenditures. Another key feature for data center environments is complex ACL filtering at 10-Gbit/sec line-rates, preventing denial of service attacks from disabling business-critical hosted applications.
An edge on services
Demand from service providers to use their IP/MPLS backbones for more than just Internet access service has led to the emergence of a fundamentally new set of requirements. Service routers, designed to meet these requirements, can enable new, carrier-grade services such as multi-point Ethernet VPNs or point-to-point VPNs based on traditional access methods such as Frame Relay and ATM, giving carriers new inroads to profitability in these trying economic times.
Kevin Macaluso is vice president of product management and marketing at TiMetra Networks (Mountain View, CA).