ATM-to-Ethernet Interworking Overview

In the ATM-to-Ethernet IWF topology, each ATM virtual path identifier (VPI) or virtual circuit identifier (VCI) is mapped to a corresponding stacked Ethernet Virtual Local Area Network (VLAN). When this feature is used, the ATM packets are translated into Ethernet packets through mapping between an ATM link and an Ethernet link. The VPI of ATM packets is mapped to the external stacked VLAN (S-VLAN) tag, and the VCI of ATM packets is mapped to the internal customer VLAN (C-VLAN) tag, thereby enabling the transmission of ATM packets over Ethernet links. VPI and VCI are mapped to double tags. The inner and outer SVLAN tags identify ATM digital subscriber line access multiplexer (DSLAM) device information and user information, respectively. After the PPPoE authentication packet reaches B-RAS, B-RAS can authenticate based on user account, device information (the outer tag), and user information (the inner tag). In this way, account hacking can be avoided in terms of security.

The DSL Forum defined the IWF to devise the process for conversion of PPP over ATM (PPPoA) and PPPoE over ATM sessions to PPPoE sessions at the DSLAM to the B-RAS application running on routers. This functionality was defined to enable DSL access infrastructure in networks worldwide to migrate from ATM to Ethernet-based connections.

IWF is a set of mechanisms required to interlink two networks of different technologies. IWF is used to describe the PPPoA conversion to PPPoE sessions at the DSLAM. These mechanisms include conversion of PDU framing, addressing policies, priority mapping, security mechanisms, and OAM flows. In ATM-to-Ethernet interworking circuits, the PPPoA session that arrives at the DSLAM over ATM from a customer premises equipment (CPE) or access loop is converted to a PPPoE session at the DSLAM. This PPPoE session is then continued to be transmitted to the PPPoE access concentrator to B-RAS as a PPPoE session. Every PPPoA session is associated with a corresponding PPPoE session.

A PPPoE session from the DSLAM to the B-RAS that is actually a PPPoA session from the end user to the DSLAM is referred to as an IWF PPPoE session. The B-RAS application is configured to limit PPPoE sessions that originate from the same MAC address to protect itself from a denial of service (DoS) attack. This restriction on maximum number of PPPoE client sessions poses a problem for IWF PPPoE sessions because all PPPoE sessions contain the same MAC address of the DSLAM.

To avoid this problem, the PPPoE client inserts the IWF PPPoE tag in the PADR packet to the PPPoE access concentrator to which it wants to connect. The B-RAS application uses the IWF PPPoE tag to distinguish between an IWF PPPoE session and a regular, non-IWF PPPoE session during the PPPoE discovery stage. The IWF PPPoE tag enables the B-RAS application running on E Series routers to distinguish the IWF PPPoE session from the regular PPPoE sessions to overcome the limit on the B-RAS the maximum number of PPPoE sessions per MAC address as a protection from DoS attacks sourced from the same MAC address. For more information about ATM-to-Ethernet interworking functions, see the DSL Forum Technical Report 101: Migration to Ethernet-Based DSL Aggregation.

These ATM-to-Ethernet interworking circuits can be mapped to individual logical interfaces configured on an ATM, Gigabit Ethernet, or 10-Gigabit Ethernet physical interface. The ATM-to-Ethernet interworking cross-connect essentially provides Layer 2 switching, and statistics are reported at the logical interface level.

During the conversion from ATM to Ethernet, the least significant 12 bits of the ATM cell VCI are copied to the Ethernet frame inner VLAN tag. Cells received on an ATM logical interface configured with the ATM-to-Ethernet interworking encapsulation type and falling within the configured VCI range are reassembled into packets. These packets are forwarded to a designated Ethernet logical interface that is configured with the ATM-to-Ethernet interworking encapsulation type.

During the conversion from Ethernet to ATM, the Ethernet frame inner VLAN tags that fall within the configured range are copied to the least significant 12 bits of the ATM cell VCI. The ATM logical interface uses its configured VPI when segmenting the Ethernet packets into cells. ATM-to-Ethernet interworking is supported on E Series routers with aggregated Ethernet, Gigabit Ethernet, and 10-Gigabit Ethernet interfaces.

Related Documentation