Post on 03-Mar-2016
description
transcript
White Paper
www.hughes.comMAR 2012
HX System Virtual Network Operator Capabilities
Introduction
The HX Virtual Network Operator (VNO) feature has been developed so that a single HX System can be used by multiple independent Virtual Network Operators (VNOs). With these VNO capabilities, a Host Network Operator (HNO) can set up the infrastructure to configure multiple Virtual Networks (VNs), each with its own unique allocation of resources. As part of the VN configuration a set of resources is allocated to a VN, and the HNO is able to set up different user classification types for VNO users. Each of these user classifications will contain a full set of access rights (both functional and modular capabilities), which can be assigned to that user type.
Through this virtual network arrangement, the VNO does not need to make significant investments into infrastructure or space segment, but instead, relies on the service provider to make these investments. The HNO, in turn, is able to resell network services to multiple VNOs, thereby gaining economies of scale.
The key features of the HX VNO functionality include:
QQ Effectively partition the network into contained subsets
QQ Provide a clear delineation between HNO and VNO roles
QQ Provide a rich and extensible VNO capability set
QQ Provide a rich interface that is easy to use and provides a large set of functionality
This paper discusses how the HX System supports VNO services through the partitioning of various elements.
HNO and VNO Roles
The HNO generally have the following roles and responsibilities:
QQ Maintain RF and satellite connectivity
QQ Distribution of satellite capacity across VNOs
QQ Assign contained bandwidth (outroute/inroute) to VNO
QQ Establish access control/configuration separation between VNOs
Each of the VNOs generally has the following roles and responsibilities:
QQ Ability to create service plans and set up predefined SLAs
QQ Define their own service levels (within allocated spectrum)
QQ Configure terminal devices
QQ Monitor dedicated equipment
QQ Manage/troubleshoot network without involvement from HNO
QQ Allow oversubscription (within allocated range)
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES 2
White Paper
www.hughes.com
Figure 1 illustrates the relationship between the HNO and the various VNOs supported by the HNO.
Figure 1. Relationship Between HNO and VNO
The key functionality provided to the VNOs includes the following:
QQ Network Administration
QQ Access control
QQ Monitoring
QQ Real time network status/performance
QQ Remote status
QQ Configuration
QQ Hub configuration
QQ Service plan configuration
QQ Troubleshooting/Diagnostics
QQ VNO alarm manager
QQ Full-featured troubleshooting
QQ Context-sensitive help
Routers
Routers
VNO 1
NOC
Access and controlpartitioned segments
Access and controlpartitioned segments
VNO 2
HNO VNO
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES 3
White Paper
www.hughes.com
HX System Architecture
The building blocks of the HX System are shown in Figure 2.
Figure 2. HX System Building Blocks
These hub system building blocks include the following;
QQ Forward Channel Subsystem. This consists of the satellite gateway (which does the generic stream encapsulation (GSE) of IP into the DVB format) and the DVB-S2 Adaptive Coding and Modulation (ACM) modulator. The forward channel is capable of operating up to 45 Msps, which translates to an information rate of up to 121 Mbps.
QQ Return Channel Subsystem. The primary components are the Dynamic Network Control Cluster (DNCC) and the Configurable Demodulator Subsystem (CDS) units. Each DNCC supports the dynamic bandwidth allocation for up to 32 return channels. Additional DNCC units are added as needed, based on the number of return channels. Each CDS nominally supports the demodulation of up to 2.5 Msps over up to 9 return channels (a 10 Msps CDS is also available). Additional CDS units are added as needed.
QQ IQoS. For the inbound bandwidth, the remote terminals belonging to a particular VNO are assigned to a particular Inbound Quality of Service (IQoS) plan. The IQoS plan defines how bandwidth is assigned to a remote terminal or group of remote terminals and ensures that inbound bandwidth is guaranteed not only on a per-remote level but also at the overall group level. The service provider is free to oversubscribe on the inroute by using multiple IQOS plans. Unused IQOS bandwidth within an inroute group (pool of inroutes) may be shared by other IQOS plans within the same inroute group.
QQ IP Gateway (IPGW) units. The IPGW is the primary component for maintaining the IP connectivity between the hub and remote satellite routers. Each IPGW is capable of supporting up to 20 Mbps of combined outbound/inbound throughput. An IPGW can be used to support a virtual private network with private IP addressing or using the VLAN feature; a single IPGW can support up to 16 private virtual networks. Additional IPGWs are added as needed, based on traffic requirements.
QQ HX ExpertNMS. This is the Network Management System (NMS) portion of the HX systems.
IP Gateway #1
IP Gateway #2
IP Gateway #N
VLAN 1
VLAN 16
VLAN 1
VLAN 16
VLAN 1
VLAN 16
IP W AN DNCC #1(return channel bandwidth m anager)
DNCC #X(return channel bandwidth m anager)
CDS #1
Demodulatorfor up to 2 .5 Mspsover 9 Channels
Demodulatorfor up to 2 .5 Mspsover 9 Channels
Channel 1Channel 2
Channel 9
CDS #N Channel 1Channel 2
Channel 9
Satellite Gateway DVB-S2 Modulator
HX ExpertNMSDedicated Shared
Return Channel Subsystem
Forward Channel Subsystem
IP Processing Subsystem
HIG
H SPEED IN
TERNAL LA
N
V LAN 1
VLAN 2
VLAN 16
VLAN 1
VLAN 2
VLAN 16
VLAN 1
VLAN 2
VLAN 16
HIG
H-SPEED IN
TERNAL LA
N
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES 4
White Paper
www.hughes.com
Network Partitioning
The starting points in partitioning a network are the IPGW and the IQoS associated with the VNO. For each VNO, a wholesale operator can either dedicate an IPGW or use the VLAN tagging capability of the HX System to provide a virtual IPGW (that is, a single IPGW can support multiple VLANs). At the most basic level, a partition would consist of the IPGW and the remote terminals connected to the IPGW as illustrated in Figure 3.
Figure 3. Network Partition Using IP Gateway
The IPGW and the remote terminals are shaded blue in Figure 3 to show that these items belong to the VNO and are entirely within the control of the VNO. The yellow shaded areas are the common equipment shared among the various VNOs within the network.
For the outbound bandwidth, the IPGW can be configured with a Maximum Committed Information Rate (Max CIR), which limits the maximum throughput the IPGW is allowed to transmit data. This Max CIR is configured by the service provider based on the overall bandwidth subscription agreement with the VNO.
The service provider is free to oversubscribe his outbound bandwidth based on precalculated contention ratios. During peak load periods where the amount of traffic being offered by all the IPGWs is greater than the outroute capacity, the satellite gateway provides flow control feedback to the IPGWs, allowing them to slowly reduce how much outbound traffic they are forwarding. When the offered load goes down, the IPGWs increase their rate back toward their individual maximum configured value. In addition to oversubscribing the total configured traffic CIR from all of the IPGWs, it is also possible (and typical) to oversubscribe the total bandwidth available to the individual users within an IPGW.
IP Gateway #1
IP Gateway #2
IP Gateway #N
VLAN 1
VLAN 16
VLAN 1
VLAN 16
VLAN 1
VLAN 16
IP W AN DNCC #1(return channel bandwidth m anager)
CDS #1
Demodulatorfor up to 2 .5 Mspsover 9 Channels
Demodulatorfor up to 2 .5 Mspsover 9 Channels
Channel 1Channel 2
Channel 9
CDS #N Channel 1Channel 2
Channel 9
Satellite Gateway DVB-S2 Modulator
HX ExpertNMSDedicated Shared
Return Channel Subsystem
Forward Channel Subsystem
IP Processing Subsystem
HIG
H SPEED IN
TERNAL LA
N
V LAN 1
VLAN 2
VLAN 16
VLAN 1
VLAN 2
VLAN 16
VLAN 1
VLAN 2
VLAN 16
HIG
H-SPEED IN
TERNAL LA
N
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES 5
White Paper
www.hughes.com
Network Management Domain
One of the critical elements for a successful VNO offering by a wholesale operator is the capability to provide the various VNOs a partitioned access to the NMS. The key is that the VNO should be able to control its own network elements (IPGWs, remote terminals, and if applicable, return channel DNCC and CDS elements) but be prevented from accessing or viewing other VNO components. In addition, the VNO should be able to see the state and status of the common network equipment but should not be able to control the common equipment as it is the responsibility of the HNO to maintain the common equipment. The HX Systems utilize a Network Management Domain (NMD) approach to supporting each of these requirements.
The HX ExpertNMS supports multiple NMDs so that each VNO can perform network operations (such as monitoring network status and statistics) and overall network management activities (such as configuration and control) on only the network components controlled by that VNO. Figure 4 illustrates how the HX systems support NMD for different VNOs. VNOs are provided remote access into the NMS using a Web client.
The VN user classification system enables an HNO to allocate specific user types for a set of VN template types. Users (which can be the VNO or the end user) can then be created for these types.
An HNO can enable an NMD for a VNO so that the VNO is able to access only its IPGW, IQoS, and the remote terminals connected to the IPGW.
Specific network management functions provided by the HX ExpertNMS include:
QQ Administration (HNO)
QQ Maintains the access control database, which contains operator and NMD information
QQ Authenticates operators by user ID/password login
QQ Logically separates network devices (satellite routers and hub components) into user-defined domains
QQ Implements operator access restrictions (monitor, acknowledge, control, configure, and configure override)
QQ Controls NMS resource usage by disconnecting idle sessions and freeing resources
QQ Monitoring
QQ Monitors the status of satellite routers by polling them for status information
QQ Manages the hierarchical groupings of VSAT by NMD and other sort criteria
QQ Provides incremental status and topology change information to connected clients
QQ Configuration
QQ Allows privileged operators to add and delete VSAT and hub components in the database
QQ Manages the configuration of VSAT and hub components in the database
QQ Organizes common sets of configuration parameters into profiles and manages the distribution of profiles to VSAT
QQ Manages software file versions and the distribution of software files to VSAT and hub components
QQ Generates individual parameter files and parameter profile files for VSAT and hub components based on parameter information in the database
QQ Maintains a log of configuration changes made by operators
NMD for VNO #1
Common Equipment View Only Access
IP Gateway #1IQoS Plan #1Remote Terminals
Congure/Control Access
NMD for VNO #2
IP Gateway #2IQoS Plan #2Remote Terminals
Congure/Control Access
Browser Client
VNO #1 Operator VNO #2 Operator
Figure 4. Network Management Domain per VNO
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES 6
White Paper
www.hughes.com
All elements of the Hughes solution are SNMP manageable including the hub and satellite routers. The HX ExpertNMS supports SNMP-based north bound interface to an external SNMP-based management system, such as SMARTS, HPOV, NetCool, etc. The SNMP traps generated by hub and remote VSAT components can be forwarded by the NMS to a configured external SNMP manager used by the VNO.
The HX ExpertNMS also incorporates a unique Conditional Access Control (CAC) subsystem, which allows traffic to be carefully controlled. The CAC subsystem ensures that traffic for one client is encrypted and protected from view by other clients or VNOs.
Setting up a Virtual Network
An HNO can set up a VN through the following sequence of steps:
QQ HNO creates NMD for the corresponding service provider
QQ HNO creates logical and physical components that will be associated with the VN. These components include such items as IPGWs, inroute groups, and IQoS plans.
QQ HNO creates VN:
1. Selects NMD
2. Associates the relevant physical and logical components with the VN
3. Defines user classifications/capabilities for this VN
4. HNO creates VNO users
QQ HNO optionally configures Profiles/Service Plans
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES 7
White Paper
www.hughes.com
Figure 5 shows the HX ExpertNMS VN Management screen, which is the interface used to define a VN. Once defined, the VN Manager is able to log in and see its network partition as illustrated in Figure 6. Within its assigned capabilities the VN Manager can:
QQ Monitor VN and set thresholds
QQ Configure VN (add new VSATs/create Service Plans, etc.)
QQ Add new operators to the VN
Figure 5. VN Management
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES
Content
8
White Paper
www.hughes.com
Figure 6. VNO Network Dashboard
The HNO Network dashboard shown in Figure 7 is used by the HNO to manage the allocation of resources to the various VNOs. The HNO will use this dashboard as a means to visualize the configured VNOs. Clicking any of the VNO modules will display a detailed configuration dashboard for that specific VNO.
Figure 7. Virtual Network Dashboard
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES 9
White Paper
www.hughes.com
Figure 8 shows the various element management interfaces available to the VNO to conduct the following actions:
QQ Create profiles
QQ Create service plans
QQ Create VSATs
Figure 8. VNO Element Management
11717 Exploration Lane Germantown, MD 20876 USA
2012 Hughes Network Systems. LLC. All information is subject to change. All rights reserved.
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES
HUGHES PROPRIETARY H47215 MAR 12
www.hughes.com
Proprietary Statement
All rights reserved. This publication and its contents are proprietary to Hughes Network Systems, LLC. No part of this publication may be reproduced in any form or by any means without the written permission of Hughes Network Systems, LLC, 11717 Exploration Lane, Germantown, Maryland 20876.
HUGHES and HX ExpertNMS are trademarks of Hughes Network Systems, LLC. All other trademarks are the property of their respective owners.
White Paper
10
Figure 9 illustrates the various configuration interfaces for the VNO components. These interfaces enable the VNO to perform the following actions:
QQ Tweak limited IPGW settings
QQ Tweak IQoS plans
Figure 9. VNO Configuration Management
Conclusion
As the worlds leading provider of satellite broadband products and services, Hughes has been enabling and supporting VNO services for many years. Hughes was one of the first companies to commercialize Shared Hub Services and developed the key features that enable the provision of VNO-based services. Through the extensive capabilities and features of the Hughes satellite broadband platforms, Service Providers can be confident that the Hughes solution enables superior VNO services.