2 Property of Airspan Networks Inc. All Rights Reserved
- 3 - S.R 6.0 Property of Airspan Networks Inc. Dvir Salomon Draft All Rights Reserved Contents Introduction................................................................................................................................... 4 VLAN Design Alternatives ............................................................................................................ 5 Customers VLAN model................................................................................................................ 7 Service VLAN model ..................................................................................................................... 8 Configuration example................................................................................................................ 10 Traffic flow.................................................................................................................................... 11 Configuration requirments.............................................................................................................. 11 Step 1 General configuration....................................................................................................... 12 Step 2 BS configuration .............................................................................................................. 13 Step 3 SS VLAN profile configuration ....................................................................................... 14 Step 4 VLAN classifier configuration......................................................................................... 15 Configuration overview.................................................................................................................. 16
4 Property of Airspan Networks Inc. All Rights Reserved Introduction
This document provides step by step VLAN configuration in MicroMAX using netspan management. To avoid or minimize potential service interruption, please ensure that you have read and understood the contents of this document.
Virtual LANs (VLANs) are broadcast domains which are uses for: Logical separation of networks; logical segmentation Creation of de facto Virtual Private Networks (VPNs) Traffic Engineering o MicroMAX and AS.MAX SS units are used to tag packets with certain VLAN IDs. o These VLAN IDs can be mapped by other devices, for example: MPLS switch mapping VLAN IDs into MPLS labels ATM switch mapping VLAN IDs into Virtual Circuits (VCs) Frame Relay switch mapping VLAN IDs into Virtual Circuits (VCs) VLAN tagging helps to differentiate between subscribers with different levels of service (such as Platinum, Gold, Silver and Bronze) VLAN tagging helps to differentiate between different services such as VoIP and standard data Reduction of broadcast packets Increasing the security level in the network Separating (and securing) management traffic from other traffic
Full VLAN package support via both Web and Netspan, including: o VLAN Management o VLAN transparent mode - transparent of both Tagged & Untagged frames o VLAN Tag/Untag - Acceptance of Tagged / Untagged frames and strip/tagged them support direction is based on configuration o VLAN tagged only - Acceptance only Tagged packets complies configuration o VLAN untagged only - Acceptance only Untagged packets o Advanced tagging mode - identify different untagged streams coming from LAN, classify and tag the data with a unique VLAN ID 5 VLAN Design Alternatives Netspan Property of Airspan Networks Inc. Dvir Salomon Draft All Rights Reserved VLAN Design Alternatives There are two fundamental VLAN design options:
Customers VLAN in this model, there is a dedicated VLAN for each subscriber. This is also called 1:1 model since there is only one VLAN per subscriber.
6 Property of Airspan Networks Inc. All Rights Reserved Service VLAN in this model, there is a dedicated VLAN for each service. This is also called N:1 model since multiple subscribers share each VLAN, currently in release 6.0 this design can be achieved in two modes
o If the end user equipment is able to tag traffic. There may be a topology where some of the tagging is done by third part equipment (such as IP phones, VoIP Gateways, LAN switches) and some of the tagging is done by MicroMAX and AS.MAX SS units.
B S R
o Using VLAN classifier option if more than one PVID is needed (as is implemented in SR 5.0) per SS Ethernet port in order to tag the untagged traffic with more than one default VLAN ID per port. PVID + Classifier were implemented. The system identify different untagged streams coming from the user side (from SS local LAN), classify the data and tag it with a unique VLAN ID in order to differentiate the various traffic types towards the operators backbone. Downlink traffic tagged with this unique VLAN ID is untagged. Mostly used for: VoIP Data VPN
Data traffic Voice traffic VPN traffic Data classifier VLAN 200 Voice classifier VLAN 300 VPN classifier VLAN 400 Data traffic, VLAN 200 Voice traffic, VLAN 300 VPN traffic, VLAN 400 SS manipulations WiMAX traffic MicroMAX manipulations B S R ISP backbone VPN Voice Data Traffic pass through
7 Customers VLAN model Netspan Property of Airspan Networks Inc. Dvir Salomon Draft All Rights Reserved Customers VLAN model In the Customer VLAN model, there is a dedicated VLAN for each subscriber. The VLAN is created between the SS RF port and the BS Ethernet port, and carries all traffic for all services to and from an individual subscriber.
Figure 1 shows typical Customer VLAN scenario. The figure displays three subscribers A, B and C that are separated using three different VLANS 10, 20 & 30. Additional Management VLAN 100 is also applicable. Figure 1 VLAN 10 VLAN 20 VLAN 30 VLAN 100 Management Core Network Customer A Customer B Customer C Untagged traffic
8 Property of Airspan Networks Inc. All Rights Reserved Service VLAN model In the service VLAN model, there is shared VLAN used to deliver services to subscribers. A separate VLAN is used for each service. This architecture is frequently used when VoIP service is introduced onto existing WiMAX network. Putting new service into a different VLAN lowers the risk of disrupting the existing service. Figure 2 shows typical service VLAN scenario. The figure displays three subscribers A, B and C. The operator in this example handles three separated networks for standard data, VoIP and management - using VLANs 10 (for standard data), 20 (for VoIP) and additional management VLAN 100. Customers A and B are receiving VLANS 10, 20 and 100 while customer C that didnt subscribe to the VoIP service and therefore will not receive VLAN 20 (VoIP VLAN).
Figure 2
NOTE: In this example, the end user devices (e.g. Laptop and IP pones) should be able to tag the traffic with the expected VLAN tag. In case that the end users devices cant tag there own traffic users can use VLAN classifier option . Displayed in Figure 3 . 9 Service VLAN model Netspan Property of Airspan Networks Inc. Dvir Salomon Draft All Rights Reserved
Figure 3
10 Property of Airspan Networks Inc. All Rights Reserved Configuration example
Figure 4 Figure 4 shows typical Customer VLAN scenario. The figure subscriber the handle five VLANS:
o VLAN 10 Used for Data o VLAN 20 - Used for VPN traffic o VLAN 99 - Used for VoIP o VLAN 100 - Used for management o VLAN 200 internal use
The following step by step configuration will instruct you how to configure the above VLAN topology.
11 Configuration example Netspan Property of Airspan Networks Inc. Dvir Salomon Draft All Rights Reserved Traffic flow UL Traffic to Rx by SS as SS will BS will Tx by BS as 192.168.0.0/24 Untagged Tag ID 200 Untag Untagged 192.168.10.0/24 Untagged Tag ID 10 Pass as is Tagged ID 10 192.168.20.0/24 Untagged Tag ID 20 Pass as is Tagged ID 20 172.16.1.0/24 Tagged ID 99 Pass as is Pass as is Tagged ID 99
UL Traffic from Rx by BS as BS will SS will Tx by SS as 192.168.0.0/24 Untagged Tag ID 200 Untag Untagged 192.168.10.0/24 Tagged ID 10 Pass as is Untag Untagged 192.168.20.0/24 Tagged ID 20 Pass as is Untag Untagged 172.16.1.0/24 Tagged ID 99 Pass as is Pass as is Tagged ID 99
Configuration requirments VLAN manipulation requires that both Bridge & Port mode will be configured to VLAN. When configuring Bridge mode as VLAN management must be set.
Acceptable Frame Types Requirement Passing untagged traffic "Untagged" & PVID Passing tagged traffic "tagged" and specification of VLAN ID to pass Member Set) Passing both tagged and untagged requires "Tagged and Untagged", PVID & Member Set Multiple VLAN tagging by SS VLAN tag by classifier *
*only for UL, untagging on the DL & adding to SS Member set is done automatically
12 Property of Airspan Networks Inc. All Rights Reserved Step 1 General configuration In order to begin the VLAN setup all required VLAN should be defined and added to the Netspan DB: o VLAN 10 Used for Data o VLAN 20 - Used for VPN traffic o VLAN 99 - Used for VoIP o VLAN 100 - Used for management o VLAN 200 internal use Below you will find step by step guide that will lead you throw the VLAN definition process please repeat this procure for all VLANs
<Netspan> Service Profiles -> VLAN Configuration -> Add
13 Configuration example Netspan Property of Airspan Networks Inc. Dvir Salomon Draft All Rights Reserved Step 2 BS configuration <Netspan> Configuration Management -> BS TRx -> BS xxxxxx:xxxxxx -> Provisioning -> Edit -> Allow Edit 1. Define the BS sector Bridge configuration to operate as VLAN Bridge Mode = VLAN, the Management on VLAN will became gray out. 2. Configure the management VLAN (select the management VLAN from the dropdown menu all the VLAN that were difined on step 1 should be available) 3. Define the BS Port mode to operate as VLAN Port Mode = VLAN 4. Configure the Acceptable frame types to accept Tagged and Untagged frames 5. Port VLAN ID should be configured 6. If needed the default priority bits can be assigned 7. Define the VLANs that should be member in the BS member set list
14 Property of Airspan Networks Inc. All Rights Reserved Step 3 SS VLAN profile configuration Defining SS VALN Port (profile) that later will be assigned to the SS <Netspan> Service Profiles -> SS VLAN Port -> Add 1. Define the subscriber station VLAN port profile 2. Define the SS Port mode to operate as VLAN Port Mode = VLAN 3. Configure the Acceptable frame types to accept Tagged and Untagged frames 4. Port VLAN ID should be configured (should be such as BS PVID) 5. If needed the default priority bits can be assigned 6. Define the VLANs that should be member in the BS member set list in our example only 99 since the 10 20 will be add automatically as consequence of step 4
<Netspan> Configuration Management -> Subscriber Station -> SS xxxxxx:xxxxxx - Provisioning -> Edit -> Allow Edit
7. Assign the VLAN port profile to the chosen SS (port VLAN profile) 15 Configuration example Netspan Property of Airspan Networks Inc. Dvir Salomon Draft All Rights Reserved Step 4 VLAN classifier configuration <Netspan> Service Profiles -> Packet Classifier -> Add Classifier VLAN should be defined and added to the Netspan DB this procedure should be accomplished only for VLANs 10 and 20: VLAN Classifier VLAN 10 Destinition IP addr = 192.168.10.0 Destinition IP addr Mask = 255.255.255.0 VLAN 20 Destinition IP addr = 192.168.20.0 Destinition IP addr Mask = 255.255.255.0 1. Define a meaningful name 2. Configure the Action to Forward 3. Define the classifier, refer to the table above. 4. on the VLAN Tagging section: a. Tagging Behavior = Enabled b. Tag VLAN ID = 10 or 20 (according to the classifier) c. If needed the default priority bits can be assigned
16 Property of Airspan Networks Inc. All Rights Reserved Configuration overview