Specifications
10-25
Cisco IGX 8400 Series Provisioning Guide, Release 9.3.3 and Later Releases
OL-1166-04
Chapter 10 Cisco IGX 8400 Series IP Service
IP Service—Functional Overview
MPLS-enabled IP VPN networks provide the foundation for delivering value-added IP services, such as
multimedia application support, packet voice, and application hosting, all of which require specific
service quality and privacy. Because QoS and privacy are an integral part of MPLS, they no longer
require separate network engineering.
Cisco’s comprehensive set of QoS capabilities enables providers to prioritize service classes, allocate
bandwidth, avoid congestion, and link Layer 2 and Layer 3 QoS mechanisms:
• Committed Access Rate (CAR)
Classifies packets by application and protocol, and specifies bandwidth allocation
• Low Latency Queuing (LLQ)
Implement efficient bandwidth usage by always delivering mission-critical application traffic and
deferring noncritical application traffic when necessary
• Weighted Random Early Detection (WRED)
Provides congestion avoidance to slow transmission rates before congestion occurs, and ensures
predictable service for mission-critical applications that require specific delivery guarantees
MPLS makes it possible to apply scalable QoS across very large routed networks and Layer 3 IP QoS in
ATM networks, because providers can designate sets of labels that correspond to service classes. In
routed networks, MPLS-enabled QoS substantially reduces processing throughout the core for optimal
performance. In ATM networks, MPLS makes end-to-end Layer 3-type services possible.
Traditional ATM and Frame Relay networks implement CoS with point-to-point virtual circuits, but this
is not scalable because of high provisioning and management overhead. Placing traffic into service
classes at the edge enables providers to engineer and manage classes throughout the network. If service
providers manage networks based on service classes, rather than point-to-point connections, they can
substantially reduce the amount of detail they must track, and increase efficiency without losing
functionality.
Compared to per-circuit management, MPLS-enabled CoS in ATM networks provides virtually all the
benefits of point-to-point meshes with far less complexity. Using MPLS to establish IP CoS in ATM
networks eliminates per-VC configuration. The entire network is easier to provision and engineer.
VPN Security
Subscribers want assurance that their VPNs, applications, and communications are private and secure.
Cisco offers many robust security measures to keep information confidential:
• Encrypted data
• Access restricted to authorized users
• User tracking after they are connected to the network
• Real-time intrusion auditing
In intranet and extranet VPNs based on Cisco MPLS, packets are forwarded using a unique route
distinguisher (RD). RDs are unknown to end users and uniquely assigned automatically when the VPN
is provisioned. To participate in a VPN, a user must be attached to its associated logical port and have
the correct RD. The RD is placed in packet headers to isolate traffic to specific VPN communities.
MPLS packets are forwarded using labels attached in front of the IP header. Because the MPLS network
does not read IP addresses in the packet header, it allows the same IP address space to be shared among
different customers, simplifying IP address management.
Service providers can deliver fully managed, MPLS-based VPNs with the same level of security that
users are accustomed to in Frame Relay/ATM services, without the complex provisioning associated
with manually establishing PVCs and performing per-VPN customer premises equipment (CPE) router
configuration.