Juniper BNG CUPS Overview
In an integrated Broadband Network Gateway (BNG), such as a Juniper MX Series router configured with subscriber management services, one control plane is paired with one user plane running on the same hardware platform. The control plane handles functions including, subscriber session state management, AAA, IP address assignment, and policy enforcement. The user plane handles functions including routing and traffic management and collection of subscriber statistics.
A new architecture, called Control and User Plane Separation (CUPS) separates the control plane and user plane functions into different network elements. The control plane and user planes are tethered through a set of defined open interfaces. These interfaces are used for exchanging states and for relaying control packets between the planes. The control plane together with one or more user planes forms a disaggregated BNG.
Juniper BNG CUPS Controller (BNG CUPS Controller) is a cloud-native application that realizes the control plane component of a disaggregated BNG. You install and run BNG CUPS Controller on a Kubernetes clusters created by the Juniper BBE Cloudsetup utility (see BBE Cloudsetup). The BNG CUPS Controller forms a disaggregated BNG with Juniper routing devices that are configured to operate as BNG User Planes.
Figure 1 shows the Juniper BNG CUPS architecture.
- Benefits of Juniper BNG CUPS
- Why Migrate from an Integrated Broadband Network Gateway to a Disaggregated Broadband Network Gateway
- Required Configuration Changes
- Operational Changes
- Juniper BNG CUPS Feature Support
- Additional Information
Benefits of Juniper BNG CUPS
A BNG CUPS Controller enables you to use network resources more efficiently through:
-
Centralized address allocation.
-
User plane load balancing.
-
Centralized management and control.
-
Increased scale. The cloud environment that Juniper BNG CUPS utilizes enables you to increase the number of subscribers supported.
-
Locational independence and separate life-cycle management and maintenance.
-
Throughput and latency optimization, because the BNG User Planes are closer to the subscribers.
-
Resiliency in responding to network failure events such as a BNG User Plane failure or failure of a transport connection between an access node and the BNG User Plane.
-
Live subscriber placement when changes in performance occur or when network congestion occurs.
Why Migrate from an Integrated Broadband Network Gateway to a Disaggregated Broadband Network Gateway
Rising operational costs with declining or flattening revenues have driven telco service providers to rethink the way they plan, design, and operate their networks. Telcos are following the lead of cloud operators looking to apply cloud and data center design principles to their next-generation network architectures as a way to save costs. Further, decoupling the operating system software from the hardware allows you to manage hardware and software life cycles separately.
Juniper BNG CUPS use cases:
-
Centralized Address Pool Management
IP addresses have become a precious resource. If you don’t have enough available, subscribers can’t access the network. Yet purchasing new addresses has become enormously expensive. Service providers do everything in their power to optimize and efficiently utilize their limited IP address space, but traditional networks with integrated BNGs make it challenging. Operators are required to perform BNG planning and manually distribute (and redistribute) IP address prefixes among the BNGs that are based on expected and changing scale of each BNG.
Automating IP prefix assignment to adapt to BNG scaling demands and dynamically reclaiming unused IP address prefixes for redeployment to a different BNG as scaling needs decreases, alleviates the need for operators to perform intensive and potentially error-prone IP prefix configurations on each BNG. The need is reinforced by Juniper BNG CUPS resiliency subscriber groups that would otherwise increase operator complexity to manually configure and assign IP address pools on a Subscriber Group basis
Juniper makes it possible to manage IP address pools as a shared resource, and automatically allocate IP addresses to any user plane across the network. With the cloud-native Address Pool Manager, service providers can do the following:
-
Improve operational efficiency by automatically adding IP addresses when needed—APM proactively monitors IP address pools across all BNG entities in the network. If a user plane crosses a predefined threshold, APM automatically links it to a new address pool. You get the IP address resources you need, where and when you need them, without having to manage address pools manually or build and maintain homegrown tools.
-
Lower costs by maximizing IP address utilization—By monitoring all downstream user planes centrally, APM can identify any BNG nodes with large, underutilized address pools. In a traditional network, those unused addresses would sit idle. APM automatically reclaims and redistributes them across the network where needed, optimizing operational costs for public IPv4 address management.
For more information about APM, see Address Pool Manager User Guide
-
-
Subscriber Stateful Resiliency
One of the primary use cases of Juniper BNG CUPS is resiliency to support hitless failover in the event of a an unplanned BNG User Plane failure. You define a resiliency subscriber group where one BNG User Plane operates as the active BNG User Plane and another BNG User Plane serves as a backup. The backup BNG User Plane assume control of the subscriber sessions in the event of a failure. The cloud-hosted BNG CUPS Controller then pre-stages the BNG User Planes and, depending on the redundancy option used, continually programs backup BNG User Planes with the relevant state information. In the event the active BNG User Plane plane fails, the BNG CUPS Controller automatically activates the pre-staged backup and reroutes traffic accordingly.
You’ll be able to choose from two redundancy options, depending on the level of disruption acceptance for a given service or SLA:
-
Hot standby—The controller continually programs all subscriber session state information on the backup BNG User Planes, enabling hitless failover that’s practically undetectable to the users.
-
Warm oversubscribed standby—A backup BNG User Plane has a limited subscriber forwarding state installed and the full subscriber session state maintained in memory. If an active BNG User Plane fails, the backup assumes forwarding of subscriber sessions and then installs the remaining subscriber state. There is a short time frame until the subscriber session SLA is restored. This approach is typically used to support N:1 redundancy.
Also, there are two ways in which the active BNG User Plane is selected for redundancy. They are described in the following:
-
BNG CUPS Controller controlled—The BNG CUPS Controller determines the active BNG User Plane based on the configuration and logical-port and network instance reports from the BNG User Plane.
-
BNG User Plane controlled—Determined by the access network. The state of the connection to the BNG User Plane determines which BNG User Plane is active.
-
-
-
Hitless BNG User Plane Maintenance
In traditional vertically integrated networks, most maintenance tasks, such as changing line cards, updating software, and so on, require a scheduled maintenance window. Since you’re bringing down the node and all subscribers attached to it, you always risk disrupting services and frustrating subscribers. Additionally, since maintenance windows are typically scheduled late at night, you pay higher overtime costs for that maintenance. A centralized control plane and shared state information make planned maintenance much simpler and less disruptive.
The process is straightforward:
Operators use the controller to orchestrate the transfer of all subscriber state information from the current user plane to a new one.
They configure the transport network to send traffic to the new user plane instead of the old.
Since the new user plane already has state information for all subscribers, it exists in a warm oversubscribed standby stats and quickly brings up those sessions without service disruption.
Operators perform the maintenance and, once complete, reverse the process and orchestrate traffic back to the original user plane.
Furthermore, if the subscribers on the user plane to undergo maintenance are all part of one or more resiliency Subscriber Groups, the process is even more straightforward:
- Technicians use the controller to initiate subscriber group switchover to the backup User Plane for any subscriber groups in which the User Plane is the Active User Plane.
- The User Plane is in Backup mode and can be offlined to perform maintenance. Once complete, the User Plane will resume in a backup role for all subscriber groups and optionally resume the Active role by the technician performing subscriber group switchover.
The whole procedure can be handled in a streamlined, low risk way during normal business hours, with subscribers never noticing a thing. This means you can continually update your network easily and inexpensively, while improving customer satisfaction and supporting more stringent and profitable SLAs.
-
Smart Subscriber Load Sharing
In traditional broadband networks, BNGs act as siloed entities. If you want to distribute BNG User Planes, you’re always at risk of running out of capacity, which means you typically have to over provision. With the centralized control enabled by Juniper BNG CUPS, you can group BNG User Planes together and treat them as a shared pool of resources. In this model, you group together BNG User Planes that are part of the virtual resource pool (called a load-balancing group). The BNG CUPS Controller proactively monitors their subscriber loads for all BNG User Planes that are part of the same load-balancing group. If a BNG User Plane exceeds a given threshold, the BNG CUPS Controller begins shifting sessions to a less-loaded BNG User Plane. This results in you not having to worry about accurately forecasting or overprovisioning subscriber scale for a given market. Instead, you can share BNG User Planes as needed and continually maximize all available resources in the infrastructure.
Required Configuration Changes
Because the BNG CUPS Controller and the BNG User Planes are separated, you must perform configurations on both the BNG CUPS Controller and the BNG User Planes. You will perform the majority of the configurations on the BNG CUPS Controller.
Configure the following features on the BNG CUPS Controller:
-
Subscriber groups
-
Load balancing groups
-
BNG User Plane profiles
-
Dynamic profiles
-
Auto-sensed VLANs
-
DHCP/DHCPv6 local server and relay
-
L2TP
- AAA services
-
RADIUS
-
Access profile
-
Address assignment
-
Domain map
-
-
Subscriber firewall filters
-
Subscriber Class of Service (CoS)
-
Routing instances for L3 aware control plane applications (for example, DHCP and DHCPv6)
-
Subscriber groups for resiliency
-
-
Load balancing groups
Configure the following functions on the BNG User Planes:
-
Subscriber management mode
-
BNG User Planes
-
BNG CUPS Controller reachability
-
-
Resource monitoring
-
Routing instances for forwarding
-
Routing protocols for each routing instance
Most of the control plane commands from the integrated BNG carry over to Juniper BNG CUPS, with minor extensions for Juniper BNG CUPS.
Operational Changes
Juniper BNG CUPS separates the operational commands into BNG CUPS Controller and BNG User Plane commands. The majority of the BNG-related commands run on the BNG CUPS Controller. To help with troubleshooting, some of the operational commands run on the BNG User Planes.
The Juniper BNG CUPS CLI uses a slightly different layout from the traditional commands used for integrated BNG Junos OS CLI. The goal of the Juniper BNG CUPS CLI is to reduce the need for you to understand where information is kept. At a high level, the subscriber management show commands are either subsystem based or object based. Figure 2 shows the Juniper BNG CUPS CLI hierarchy for the show commands.
Below is a summary list of the functional components and where you run their operations.
For a complete set of commands, see the Juniper BNG CUPS User Guide.
You run operational commands for the following functional components on the BNG CUPS Controller:
-
Accounting
-
Agent
-
Broadband device
-
Subscriber groups
-
Load balancing groups
-
Health
-
User Plane
-
Subscriber session state
-
Node management
-
Routing instance
-
Services
-
DHCP/DHCPv6 local server and relay
-
PPPoE and PPP
-
L2TP
-
Dynamic auto-sensed VLANs
-
AAA
You run operational commands for the following functional components on the BNG User Plane:
-
Node management
-
Subscriber management
Juniper BNG CUPS Feature Support
Juniper BNG CUPS supports most of the same subscriber management features from integrated BNG:
Client Protocol Support
-
Dynamic auto-sensed VLANs
-
DHCPv4 and DHCPv6 single and dual stack subscribers for local server
-
DHCPv4 and DHCPv6 single and dual stack subscribers for relay
-
PPP/PPPoE v4/v6 and dual stack subscribers
-
L2TP LAC
-
Interface combinations—Ethernet, aggregated Ethernet, Pseudowire, and Redundant Pseudowire
AAA Services
-
RADIUS based authentication and authorization
-
RADIUS change of authorization and disconnect
-
Address assignment from:
-
RADIUS—Including framed IP address and framed routes
-
Dynamic address pools created by Address Pool Manager or local reserve
-
Statically configured address pools
-
-
RADIUS-based accounting:
-
Subscriber accounting, including interim accounting
-
Subscriber service accounting
-
-
Subscriber idle timeout and session timeout
-
Domain map
-
Service profiles
Class of Service (CoS)
-
You can use dynamically created scheduler maps, schedulers, and traffic control profiles.
-
You can add the following services to dynamic flows:
-
Classifiers
-
Rewrite-rules
-
Output traffic control profiles with scheduler maps
-
-
Hierarchical class of service, including support for interface sets
Firewall Services
-
Parameterized filters and policers through a dynamic service profile
-
Static filters and policers
Multicast Services Features
-
Centralized and distributed multicast services are activated when the subscriber logs in or activated through a RADIUS change of authorization.
Lawful Intercept
-
Activation and deactivation of RADIUS-based lawful intercept for a flow-based subscriber during login and logout, on both the BNG CUPS Controller and the BNG User Plane
-
Activation and deactivation of RADIUS-based lawful intercept for a flow-based subscriber using RADIUS change of authorization (CoA), on both the BNG CUPS Controller and the BNG User Plane
-
Activation and deactivation of Dynamic Tasking Control Protocol (DTCP) based lawful intercept for a flow-based subscriber, on both the BNG CUPS Controller and the BNG User Plane
-
Attaching of lawful intercept drop policy for a flow-based subscriber, on both the BNG CUPS Controller and the BNG User Plane
-
Reporting of intercept-related events using SNMP traps to a mediation device on the BNG CUPS Controller
Management of Multiple BNG User Planes
-
A BNG CUPS Controller can manage up to 16 BNG User Planes. The multiple BNG User Plane architecture defines a BNG User Plane instance per BNG User Plane to encapsulate data and work within a BNG User Plane.
-
BNG User Planes are assigned to a control plane instance. A control plane instance initiates an association with a BNG User Plane upon assignment.
Figure 3 shows a multiple BNG User Plane topology.
Smart Session Load Balancing
Gives the operator the capability to distribute subscriber loads across the BNG User Planes in the network by moving subscribers from one BNG User Plane to another. Fast failover is a use case for subscriber session load balancing. The fast failover use case occurs when a BNG User Plane’s access port goes down and subscribers are rebalanced over to another access port on the same BNG User Plane.
Subscriber Stateful Resiliency
-
Ensures resiliency across BNG User Planes where the BNC CUPS Controller holds the primary state for any subscriber session. The BNG User Plane holds the active forwarding state or backup forwarding state for a particular subscriber session.
-
Subscriber resiliency is achieved through the use of subscriber groups (
subscriber-groups
configuration).
Subscriber Session Steering
Places subscribers in the desired BNG User Plane based on a RADIUS service group vendor-specific attribute (VSA). This VSA specifies the subscriber services level (SLA) that the BNG CUPS Controller communicates to the user plane selection function. It then uses the SLA in selecting the BNG User Plane that meets the subscriber session service requirements
Additional Information
Forwarding Class Handling
The forwarding-class
configuration is a special case. You must
configure the forwarding class names on the BNG User Planes that you configure on
the BNG CUPS Controller.
These matching configurations are required because the number of forwarding classes is limited. Also, other entities in the BNG User Plane use the forwarding class. Thus, the BNG CUPS Controller's forwarding classes must be consistent with the BNG User Plane’s forwarding classes.
You can define additional forwarding classes on the BNG User Plane. You do not need to configure these additional forwarding classes on the BNG CUPS Controller.