Product Bulletin No. 815

Cisco IOS Software Release 12.0T

New Features Overview

The Cisco IOS^® Software Relase 12.0T is an early deployment release delivering the latest Cisco IOS Software functionality and platform support. Cisco IOS Software Release 12.0T, unlike the parallel 12.0 release, will integreate new capabilities with each maintenance release. This Technology (T) release will reach End of Engineering when the next Cisco IOS Software major release becomes available. Ongoing support for the functionality introduced in Release 12.0T will be carried forward into the next release.

Use the matrix below to quickly locate a feature of interest.

Connectivity and Scalability

Layer 2 Tunneling Protocol (L2TP)

Description

L2TP is a key building block for access virtual private networks (VPNs). Access VPN support includes virtual private dialup networks (VPDNs) for modem and ISDN users, as well as VPNs for cable and digital subscriber line (DSL) users. L2TP is an extension to the Point-to-Point Protocol (PPP). L2TP merges the best features of two other tunneling protocols: Layer 2 Forwarding (L2F) from Cisco Systems and Point-to-Point Tunneling Protocol (PPTP) from Microsoft. L2TP is an Internet Engineering Task Force (IETF) emerging standard, currently under codevelopment and endorsed by Cisco Systems, Microsoft, Ascend, 3Com, and other networking industry leaders.

Figure 1: L2TP Operation

Benefits

Because L2TP is a standard protocol, all customers—service providers and corporate network managers alike—can enjoy a wide range of service offerings available from multiple vendors. Interoperability among the vendors will help ensure rapid global deployment of a standard access VPN service.

Cisco L2TP solution brings a long list of benefits to enterprise users:

• Security and guaranteed priority for their most mission-critical applications
  
  
• Improved connectivity, reduced costs, and freedom to refocus resources on core competencies
  
  
• Flexible, scalable remote network access environment without compromising corporate security or endangering mission-critical applications
  
  

Service providers derive the following benefits from access VPNs built on a foundation of the following Cisco IOS Software L2TP features:

• Ability to provision, bill, and manage access VPNs that provide a competitive advantage, minimize customer turnover, and increase profitability
  
  
• Flexibility to offer a wide range of VPN services across many different architectures, using Cisco's L2TP in concert with robust Cisco IOS Software features
  
  
• Capability to provide differentiated services for secure, enterprise-wide remote access using access VPNs over the public Internet or service providers' backbone
  
  

Platforms/Considerations

L2TP is supported on the Cisco 1600, 160x, 25xx, 26xx, 36xx, 4000/m, 4x00/m, UAC 64xx, 72xx, and 75xx, routers, the AS52xx, AS5300 assay servers, and platform AS5800 in Cisco IOS Software 12.0(1)T.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

April Chou

PPP over Frame Relay

Description

This feature is an IETF standardized method for transporting multiprotocol datagrams over point-to-point links using Frame Relay framing. Implementation will allow end-to-end PPP sessions to be established in networks where the underlying transport infrastructure is Frame Relay. This is especially pertinent to the Cisco ISDN DSL (IDSL) service architecture, which uses PPP from a customer premier equipment (CPE) device running leased-line ISDN (IDSL) into a Cisco 90i card in a D4 channel bank. This PPP session is then encapsulated in Frame Relay (RFC 1973) and passed out on a T1 link, over a Frame Relay network (note that this is done by the 90i and not a Cisco IOS device). Termination of RFC 1973 and the PPP session transported is done at a headend device, which in most instances will be a corporate customer who has purchased an IDSL service from a regional Bell operating company. Standard PPP facilities such as authentication will be supported transparently.

Platforms/Considerations

PPP over Frame Relay is supported on the Cisco 1600, 25xx, 36xx, 4000/m, 4x00/m, 72xx, and 75xx platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Kevin Dickson

Internet Engineering Task Force

Description

The IETF-compliant PPP over ATM scalability feature provides the interface description blocks (IDB) scaling capacity required to support high-density symmetric DSL (ADSL)/PPP over ATM deployments, compliance to IETF draft, mux encapsulation, and PPP over ATM support on the Cisco 7200. This feature also supports the ADSL implementations currently under way in a numerous Cisco lead Internet service providers.

Platforms/Considerations

This feature provides support for high-density ADSL/PPP over ATM deployments.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T

Product Marketing Contact

Kevin Dickson

Multilink Inverse Multiplexor Enhancements

Description

Inverse multiplexing is desirable when N x T1 bandwidth is needed. N x T1 bundling using multilink is currently supported in Cisco IOS Software versions 11.2 and later releases, but with the following restrictions:

• The bundle interface is created dynamically when the first link comes up
  
  
• The bundle interface disappears when the last link goes down
  
  
• Fastswitching of N x T1 bundling is not supported on all platforms
  
  

The new enhancements remove these restrictions.

Benefits

• Improved performance and configuration
  
  

Platforms/Considerations

No impact on performance, nor any new considerations required.

This feature first appeared in Cisco IOS Software release 12.0(3)T.

Marketing Contact

Bernadette Bohanon

Eight-port Channelized T1 and E1 port adaptors

Description

This features offers support for new eight-port Channelized T1 and E1 port adaptors (PAs) for the Cisco 7200 and 7500 series routers.

Benefits

• High-density Channelized T1 or E1—maximum of 176 ports per Cisco 7513, for example
  
  
• 128 usable N x 64K channels can be allocated among the eight T1 or E1 ports
  
  
• Service providers will have the flexibility to provision DS1 and DS0 from the same port adapter
  
  
• Integrated channel service unit (CSU) eliminates the cost of a separate CSU device in enterprise WANs
  
  

Platforms/Considerations

Cisco 7200 and 7500 series routers.

This feature first appeared in Cisco IOS Software release 12.0(3)T.

Marketing Contact

Bernadette Bohanon

One-port Channelized E3 port adaptor

Description

This feature offers support for the Channelized E3 PA for the Cisco 7200 and 7500 series routers. The Channelized E3 PA divides the E3 channel into four channelized E2 data channels and further into 16 E1 channels, all of which comply with the Cousulative Committee for International Telegraph and Telephone (CCITT)/ITU G.703 physical layer standard.

Benefits

• High-speed, high-density Channelized E3 connectivity, such as in service provider aggregation and dedicated access for customers
  
  

Platforms/Considerations

Cisco 7200 and 7500 series routers.

This feature first appeared in Cisco IOS Software release 12.0(3)T.

Marketing Contact

Bernadette Bohanon

One-port Channelized T3 port adaptor

Description

This feature offers support for the Channelized T3 PA for the Cisco 7200 and 7500 series routers. The CT3 PA divides DS3 channel into 28 individual T1 data channels. Each of the T1 channels can use the whole T1 bandwidth, a portion of the T1 bandwidth (fractional T1) or the T1 in channelized form for data transmission. Usable bandwidths for each fractional T1 are (N x 56K) OR (N x 64K), where n is a number from 1 to 24. Channelized T1 allows up to 24 time slots (64 or 56 kbps) per T1.

Benefits

• High-speed, high-density Channelized DS3 connectivity, such as in service provider aggregation and dedicated access for customers
  
  

Platforms/Considerations

Cisco 7200 and 7500 series routers.

This feature first appeared in Cisco IOS Software release 12.0(3)T.

Marketing Contact

Bernadette Bohanon

Modem over ISDN Basic Rate Interface (BRI)

Description

This feature offers support for analog modems dialing into an ISDN BRI interface.

Benefits

• Allows high-speed connectivity for a numerous modem users
  
  

Platforms/Considerations

Cisco 3640 only.

This feature first appeared in Cisco IOS Software release 12.0(3)T.

Marketing Contact

Brian Ryder

AS5300 eight Primary Rate Interface (PRI) feature cards with integrated serial ports

AS5300 DMM modem cards

AS5300 redundant power supply

Description

Cisco has introduced double density to the AS5300 universal access server. The AS5300 now has the ability to support up to 192 or 240 ports (T1/E1) plus four 2-MB serial backhauls on the same server. In addition, the AS5300 is now available with an internal redundant power supply, giving it unparalleled reliability in a two-rack-unit platform.

Benefits

• Can terminate up to eight PRI worth of calls on one server
  
  
• Can also use the serial ports to backhaul traffic in a distributed environment instead of using a switch and router
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Scott Boynton

X.25 Hunt Group

Description

As the numbers of users accessing the same host increased, competition for these application resources became a problem. On the host side, each line to the host is assigned a maximum limit of X.25 users or virtual circuits (VCs) supported on each line. These lines are typically 56-kb links. Network implementers increase the number of users they can support at the data center by increasing the number of X.25 lines to the X.25 host. Each line has its own unique X.121 address and receives calls that are routed to it by the X.25 switch. In 1984, the then CCITT, now known as the ITU-T, created an optional facility known as Hunt Group to allow the switch to view a pool of X.25 lines going to the same host as one address assigning VCs on an "idle logical channel" basis. This was a win/win for network users because applications became readily available and solved the network implementers the nightmare of providing easy access.

Support of the CCITT/ITU-T specification for Hunt Groups or load balancing across X.25 when multiple lines connect to the same destination addresses this issue.

Cisco has implemented this feature to enable the Hunt Group to act as a rotary or to look at the group and choose the interface with the least number of active virtual connections.

Benefits

Several benefits are realized as a result of Cisco's implementation of this CCITT/ITU-T standard.

• All users place a call to one master hunt group number that has multiple X.25 interfaces associated with it
  
  
• Scaling is the real benefit
  
  
• The ability to replace older technology vendors without loss of functionality benefits users
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Ruben Rios

Annex G

Description

Worldwide issues regarding migration strategies that enable network implementers to move X.25 backbones to Frame Relay infrastructures cause equipment manufacturers to think creatively based on their core competence and strengths. The basic issue is how to transport X.25 traffic through a Frame Relay network as shown in Figure 1.

Figure 2: X.25 Transport over Frame Relay

Cisco now offers its customers two approaches to solving this problem:

• Annex G of ANSI T1.617a—1994 or Frame Relay /X.25 interworking function
  
  
• The few users who do not embrace IP view Annex G as a more elegant solution since Annex G does not require the XOT framing overhead with the frame
  
  

The ANSI T1.617 standard, known as Annex G, details the method of direct X.25 encapsulation over Frame Relay. This amendment contains no end-to-end signaling mechanisms to inform the destination user that the originator is using an X.25 encapsulation method. The X.25 packet level and Link Access Procedure Balanced (LAPB) are end-to-end. LAPB treats the Frame Relay network as an X.25 network link and passes all the data and control messages (RR, RNR, REJ, and so on) across the Frame network. The "internetworking" function resides in every Cisco router that performs the framing and frame removal functions specified in the ANSI standard Annex G.

Benefits

Several benefits are realized as a result of the Cisco implementation of this ANSI standard.

• Annex G is a standard and, by definition, has been shown to be interoperable with other users
  
  
• The few users who do not embrace IP view this as a more elegant solution and decreases the XOT framing overhead within the frame
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Ruben Rios

Gigabit Ethernet Interface Processor (GEIP)

Description

GEIP provides seamless connectivity for the multitude of WAN links in Cisco 7500 series routers to Gigabit Ethernet backbone network. The GEIP occupies one router slot in the Cisco 7500 series router chassis and provides support for hot-swappable short- and long-wavelength laser gigabit interface converters (GBICs). The GEIP fully complies with IEEE 802.3z and 802.3x standards.

Benefits

The GEIP provides easy migration to the Gigabit Ethernet backbone network for the existing Cisco 7500 series routers and thereby provides significant investment protection.

Platforms/Considerations

Cisco 7500 series routers.

This feature first appeared in Cisco IOS Software release 11.1(22)CC.

Marketing Contact

Pradeep Shenoy

Router-Based NetFlow Aggregation

Description

This feature is an enhancement to Cisco IOS NetFlow functionality, an IP traffic accounting function built into Cisco IOS routing platforms. This feature enhancement enables limited router-based aggregation of NetFlow Export data. The five provided aggregation schemes enable the user to summarize NetFlow Export data on the router before the data is exported to a NetFlow data collection device such as the Cisco NetFlow FlowCollector v2.0. With this feature enabled, summarized NetFlow Export data is exported to a collection device, resulting in lower bandwidth requirements for NetFlow Export data, and reduced platform requirements for NetFlow data collection devices. In addition, this feature introduces NetFlow Export Version 8 (v8), a new export datagram format designed to optimize NetFlow Export performance and bandwidth utilization. Router-based NetFlow aggregation is designed to significantly reduce NetFlow Export data volume and improve NetFlow scalability.

Five router-based NetFlow aggregation schemes will be included in Cisco IOS Software Releases 12.0(3)T and 12.0(3)S:

Table 1 summarizes these aggregation schemes.

All aggregated records are exported using NetFlow Export Version 8 (V8) datagrams. The primary difference between V8 and V5/V1 datagrams is that V8 records export only those fields relevant to the aggregation scheme, rather than exporting all fields. This setup improves NetFlow Export performance and decreases the bandwidth necessary to transport NetFlow Export datagrams.

Benefits

• Router-based NetFlow aggregation enables the user to significantly reduce NetFlow Export data volume by exporting aggregated summary records instead of raw flow records to NetFlow Export data collector devices
  
  
• Use of this feature enhancement improves NetFlow Export performance, scales NetFlow Export performance to the Cisco 12000 platform, decreases hardware platform requirements for NetFlow data collection devices, and saves valuable network bandwidth
  
  

Availability and Platform Support

Beginning with Cisco IOS Software Release 12.0(3)T, router-based NetFlow aggregation will be available on the Cisco 12000, 7500, 7500, RSM AS5800, 4000, 3600, and 2600 series routers in all NetFlow-enabled software images, as follows:

• Cisco 120007200/7500/RSM—Although NetFlow functionality is physically included in all software images for these platforms, customers must purchase a NetFlow Feature license in order to be licensed for its use. NetFlow licenses are sold on a per-node basis
  
  
• Cisco 2600/3600/4000 AS5800 series—NetFlow functionality is supported only in Plus images for these platforms. Customers are required to purchase an appropriate Plus image in order to utilize NetFlow functionality on these platforms
  
  

Considerations

Use of router-based NetFlow aggregation does not preclude the use of traditional NetFlow services utilizing NetFlow Export V1/V5. Router-based NetFlow aggregation (utilizing V8 NetFlow Export datagrams) and traditional NetFlow services (utilizing V1/V5 NetFlow Export datagrams) may be enabled simultaneously. Although these features can be used together, only the router-based NetFlow aggregation feature uses the V8 export datagram format.

Marketing Contact

Charles Goldberg

Large-Scale Dialout

Description

Large-Scale Dialout is a Cisco IOS Software feature that enables scalable dialout service to many remote sites across one or more Cisco network access servers (NASs) or Cisco routers. Dialout profiles are stored centrally on an authentication, authorization and accounting (AAA) server (Remote Access Dial-In User Service [RADIUS] or TACACS+) and downloaded on demand by the dialout NAS(s). Large-Scale dialout service may be used by a single NAS, or by a group of NASs that communicate using the Stack Group Bidding Protocol (SGBP). Large-Scale dialout supports the IP protocol.

Benefits

• This feature allows dialout attributes to be centrally stored on an AAA server (RADIUS or TACACS+), instead of having to be manually configured on each NAS. This setup eliminates the need to configure dialer maps on every NAS for every destination. In fact, it eliminates the need for dialer maps altogether. Instead, remote site "profiles" are created on the AAA server. These profiles contain all the necessary dialout attributes to place a call to the remote site (such as phone number, service type, maximum number of links, and many others). A profile is dynamically downloaded by the NAS when packet traffic requires a call to be placed to a remote site
  
  
• In addition, the AAA server may store routing information used to attract packets that are destined for the dialout remote site. The dialout NASs may download this routing information at boot time, and periodically afterward. So instead of having to manually configure many static routes on each dialout NAS, the static routes may reside on the AAA server and be dynamically downloaded by the NAS. When using a stack group of NASs, only the primary NAS needs to download these routes. SGBP takes care of choosing the least congested router to actually place the call
  
  

  AAA server support for both RADIUS and TACACS+ is available using the CiscoSecure access control server (ACS). All Large-Scale Dialout features are supported in the CiscoSecure ACS.

  Optional reverse Domain Name System (DNS) support is included to minimize the configuration task for remote-site routing information. A single AAA server may support multiple Dialout NASs or dialout NAS stack groups. In this way, Large-Scale Dialout scales to arbitrarily large numbers of NASs (no fixed limit).

Platforms/Considerations

This feature is supported on most midrange to high-end Cisco NASs and routers that support synchronous serial interfaces, asynchronous interfaces, or BRI/PRI/CT1/E1/R2, including the Cisco 25xx, 36xx, 4x00, 5x00, 7200, and 7500 series.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Kevin Dickson

3600 Series 155Mbps ATM OC-3 Network Module

Description

Three new ATM network modules will be available on the Cisco 3600 series with Cisco IOS Release 12.0(3)T. (See Table 2.) These three network modules support STS-3c and STM-1 framing standards over multimode, single-mode intermediate-reach, and single-mode long-reach fiber-optic interfaces.

These new ATM OC-3 network modules are designed for the Cisco 3600 series to provide a full-functioned, 155-Mbps ATM interface. They will be supported on the Cisco 3620 and 3640 only at FCS. All three versions consist of a single-port network module, with SC connector types that are capable of supporting data only and data/voice integrated applications.

ATM adaptation layer 5 (AAL5) for data-only traffic is available in Phase 1, and AAL1 using structured and unstructured circuit emulation services (CES) will be available in Phase II later this year, with the use of a voice processing deck (VPD) expansion card (not field upgradable).

For ATM connectivity, the ATM OC-3 network modules provide PVC and SVC support for the following ATM traffic classes: unspecified bit rate (UBR), UBR+, real-time variable bit rate (RT-VBR), non-real-time VBR (NRT-VBR), constant bit rate (CBR), and available bit rate (ABR). They will also support up to three multiservice permanent virtual paths (PVPs) with UBR, UBR+, RT-VBR, NRT-VBR, and ABR ATM classes of service. Protocols supported include the ATM Forum LAN Emulation (server and client), RFCs 1483 and 1577.

ATM Supported features include:

• ATM service classes UBR, UBR+, RT-VBR, NRT-VBR, ABR, and CBR
  
  
• User-Network Interface (UNI) 3.x and 4.0
  
  
• RFCs 1483 and 1577
  
  
• Per-VC queuing and hardware/driver traffic shaping
  
  
• Up to 1024 simultaneous VCs
  
  
• F4 and F5 Operation, Administration and Maintenance (OAM) cell support
  
  
• PVCs and SVCs
  
  
• LANE 2.0
  
  
• Frame Relay UNI (FUNI)
  
  
• Tag Switching
  
  
• Internet Engineering Task Force (IETF) Point-to-Point Protocol (PPP) over ATM
  
  
• Multiprotocol over ATM (MPOA) client and server
  
  
• Integrated Local Management Interface (ILMI)
  
  
• ABR SVCs
  
  
• ATM bandwidth manager
  
  
• ATM UNI 4.0 traffic management
  
  
• VP tunnels (permanent virtual paths, PVPs)
  
  
• Next-Hop Resolution Protocol (NHRP)
  
  

Benefits

• These new ATM network modules are designed to connect to an ATM WAN switch, allowing branch offices to utilize the high speeds available with a 155-Mbps ATM connection. Although full wire-rate speeds are not supported, speeds of up to 80 Mbps are supported on the Cisco 3640. Based on ATM Forum standards, using AAL5, these network modules can connect to all Cisco ATM OC-3 supported platforms, including the Cisco 4500/4700, 7200, 7500, the LightStream 1010, the IGX^™ 8400, BPX 8600, and Catalyst 5x00
  
  
• The benefits of a high-speed ATM connection from branch office to regional or corporate headquarters include high-speed data transfer and support for new multimedia applications including voice, video, and distance-learning applications. Using an ATM transport allows the use of application-specific QoS, especially important for the next generation of delay-sensitive multimedia traffic. The integration of data and voice applications over ATM is ideal because of ATM's support for high transmission speeds, multiservice integration, and built-in QoS features
  
  
• With the many advanced ATM capabilities (including traffic shaping and bandwidth management), the ATM OC-3 network modules are ideal for connecting the Cisco 3600 series routers at remote branch office sites to Cisco 7200/7500 or LightStream 1010 switches at central sites via ATM. The ATM OC-3 network modules can also be connected to any ATM Forum AAL5 standards-based ATM WAN switch, including the Cisco LightStream 1010 and a BPX 860, IGX 8400, or Cisco router with ATM in the backbone
  
  

The new ATM OC-3 network modules address the growing demand for high-speed ATM access, combined with router functionality. Users now have the ability with the Cisco 3600 series to provide access from legacy and high-speed LANs through an ATM network. These new network modules allow the Cisco 3600 series to enter the high-speed ATM access market by providing solutions that enable ATM broadband services to fit into many company communications budgets, not just the very large corporations.

The OC-3 network modules are designed to replace the prevalent ATM access concentrator that currently requires a router connection for many of its applications. These network modules provide a very cost-effective customer premises equipment (CPE) solution in both the enterprise and service provider environments. Managers can now cost-effectively terminate high-speed ATM on the Cisco 3600, allowing for support of applications at the branch office LAN such as videoconferencing, distance learning, video broadcast, and voice/fax over IP over ATM applications.

Platforms/Considerations

• Supported only on the Cisco 3600 series, not on the Cisco 2600 series
  
  
• Maximum of one supported per Cisco 3640 or 3620
  
  
• Cisco IOS "Plus" feature sets required
  
  
• First appearance in a Cisco IOS Software "T" release: 12.0(3)T.
  
  

Marketing Contact

Bill Massung

Single Port Gigabit Ethernet Line Card for the Cisco 12000 Series Gigabit Switch Router

Description

The Gigabit Ethernet line card is the first Ethernet-based product for the GSR12000 series, providing a cost-effective, high-bandwidth solution between colocated GSRs or between GSRs and IP-related equipment such as edge routers, Gigabit Ethernet switches, or network servers. The new line card can be configured with one of two interface types: a 1000BaseSX multimode fiber interface with a 550-meter reach or a 1000BaseLH single-mode fiber interface for up to a 10-km reach.

Benefits

• IEEE 802.3z and IEEE 802.3x standards compliant—Can be used to connect to Cisco Gigabit Ethernet switches or GEIP port adapter of the Cisco 7500 router
  
  
• Standardized on GBIC module interfaces (1000BaseSX, multimode and 1000BaseLH, single mode)—Provides flexibility in network design, with reach capability up to 10 km; hot-swappable GBIC unit enables change/replacement without the need to power down the line card
  
  
• Supports IEEE 802.1q VLAN tagging—The Gigabit Ethernet link can be used as a VLAN trunk
  
  
• Support for IP QoS/CoS, including WRED, committed access rate (CAR), access control list (ACL) and Tag Switching—Enables traffic engineering solutions to increase network utilization and provide basis for offering differentiated CoS models
  
  
• 256MB packet buffer memory—Maximizes TCP/IP throughput and smoothes out all traffic bursts
  
  
• Forwarding table with up to one million forwarding entries—Allows for phenomenal growth well beyond today's Internet with 60,000 route entries
  
  

Platforms/Considerations

This line card is for the GSR12000 series platform.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Frank Jimenez

Channelized OC-12/STS-3 Line Card Cisco 12000 Series Gigabit Switch Router

Description

The CHOC-12/STS3 line card for the GSR12000 series builds on the SONET/SDH channelization capability. This new line card provides four STS-3c/VC-4 packet-over-SONET channels within a single OC-12 port. IP packet data in the transmit buffer is encapsulated by means of PPP. Based on the routing information contained in the IP packet, the line card routes the packet to one of four virtual STS-3c/VC-4 ports. The four STS-3c/VC-4 containers are multiplexed into a single STS-12/STM-4 frame. This line card takes advantage of the fail-safe features provided by SONET/SDH networks by supporting APS.

Benefits

• STM-4 optical channelization—Removes the need for an SDH terminal for multiplexing four VC-4 frames into an STM-4 payload
  
  
• Loadsharing between active STS-3c and using cost mechanisms—Enables bandwidth management control through software
  
  
• SONET/SDH-compliant APS—Ensures maximum uptime and minimum disruption of user traffic
  
  
• Support for IP QoS/CoS—Enables traffic engineering solutions to increase network utilization and provide basis for offering differentiated CoS models
  
  
• 16 MB packet buffer memory expandable to 128 MB—Maximizes TCP/IP throughput and smoothes out all traffic bursts
  
  
• Forwarding table with up to one million forwarding entries—Allows for phenomenal growth well beyond today's Internet with 60,000 route entries
  
  

Platforms/Considerations

This line card is for the GSR12000 series platform.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Gsr-marketing@cisco.com

ISDN LAPB-TA

Description

In Germany, Australia and Switzerland, some terminal adapters encapsulate asynchronous traffic in LAPB frames (as defined in ITU-T X.75, link layer, single-link procedure) for transport over ISDN B-channels, in much the same way as V.120 is used elsewhere. This feature is known in Europe as X.75 and should not be confused with the internetworking function between two public X.25 networks. The LAPB-TA project supports the acceptance of incoming calls from these terminal adapters, and, when the traffic being carried is asynchronous PPP, establishing the appropriate PPP session. Alternative interpretations of the contents of the LAPB I-frame, such as ITU-T T.70, are not supported and no longer used. CAPI 1.1 specified T.70 as the default for the network layer; CAPI 2.0 specifies that the network layer is transparent by default.

Benefits

Cisco IOS Software now supports the European requirement for this type of terminal adapter over ISDN.

Platforms/Considerations

Cisco recommends supporting LAPB-TA (X.75) on a Cisco 3600 or 5300 class router.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Ruben Rios, IOS Product Manager

rurios@cisco.com

Dynamic Multiple Encapsulations for Dial-in over ISDN

Description

X25, FR, ISDN LAPB-TA, PPP, and so on, are subsets of the multiple encapsulations over multiple B channels on a PRI or BRI. X25 and Frame Relay (FR) over ISDN are a common practice in Europe where ISDN is relatively inexpensive. X25 and FR over ISDN are cost-saving features because these services are tariffed to cost much less than the traditional public X25 or FR offerings.

The current Cisco implementation allows only one B channel on either a Basic Rate Interface (BRI) or a Primary Rate Interface (PRI) to support X25 or FR. This means that only one out of 30 B channels (Europe) are usable for X.25 or Frame Relay. The current implementation does not allow configuring encapsulations on a per-user profile, dialer profile, or virtual profile. Today's implementation supports multiple virtual circuits over the ISDN B channel only if the virtual circuits ingress and egress B channel are the same. They all originate and then terminate on the same B channel on the other side of in the network. Customer connectivity has been limited by X.25 or Frame Relay connections that originate from diverse geographical parts of the network converging on the same ISDN PRI by simultaneously allowing multiple B channel support for these two protocols. Additionally, a location with a BRI may require simultaneous X.25 or Frame Relay B channel connections with PRI A and one to PRI Y.

Allowing maximal use of all B channels on the same ISDN link, especially for large scale dial-in is desirable. This capability allows various encapsulation types, as well as user-specific configuration, on the same B channel at different times according to the type of incoming calls identified by the user-identification or caller identification (CLID).

This implementation has four phases:

• Phase I—Released in 12.0(4)T, supports multiple B channel support of inbound X.25 call support using static user configurations in the router, dialer profiles, and CLID.
  
  
• Phase II —Scheduled for 12.0(5)T, which supports multiple B channel outbound X.25 connections using a feature called "outbound circuit-switched X.25 support over dialer interfaces."
  
  

Benefits

Benefits include a reduction in channel assignment and management effort and flexibility. Further, this capability removes the need to statically dedicate channels to a particular encapsulation and configuration type and further improves channel use. For large-scale dial-in, storing the user-specific configuration on a remote server becomes necessary for enhancing expandability and local memory efficiency. The result is a need for the dynamic multiple encapsulations for the dial-in-over-ISDN feature.

Figure 3:

Platforms/Considerations

This feature is not platform specific and is available on all platforms that support ISDN BRI or PRI interfaces.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Ruben Rios, IOS Product Manager

rurios@cisco.com

Voice over Frame Relay (FRF.11)

Description

FRF.11-based voice over Frame Relay (VoFR) allows for vendor interoperability by specifying the frame format and coder types to used when transmitting voice traffic through a Frame Relay network. Because FRF.11 does not include specifications for end-to-end negotiation or any other form of communication between the Frame Relay nodes, static VoFR trunks must be set up by manually configuring each router within the voice path. Once configured, a static VoFR trunk will remain up until the voice port or serial port is shut down or a until a network disruption occurs.

FRF.11 allows up to 255 subchannels to be multiplexed onto a single Frame Relay DLCI. Currently, all subchannels on a DLCI must carry either voice or data; the interleaving of voice and data on a single DLCI is not supported. Although FRF.11 specifies that a device may pack multiple FRF.11 subframes within a single Frame Relay frame, the current implementation of FRF.11 does not support multiple subframes within a frame.

Benefits

• Enables real-time, delay-sensitive voice traffic to be carried over Frame Relay links
  
  
• Allows dedicated voice lines to be replaced by more economical Frame Relay PVCs
  
  
• Uses voice compression technology that complies with ITU-T G.728, G.729, and G.723.1
  
  
• Allows Cisco routers to interoperate with other vendors equipment that is FRF.11 compliant
  
  

Platforms/Considerations

This feature is supported by 2600, 3600, MC3810, and 7200 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Sanjay Bhardwaj

sbhardwa@cisco.com.

Frame Relay Fragmentation (FRF.12)

Description

Frame Relay Fragmentation based upon FRF.12 was developed in conjunction with FRF.11 (voice over Frame Relay) to allow long data frames to be fragmented into smaller pieces and interleaved with real-time voice frames or other delay-sensitive traffic. In this way, real-time traffic, such as voice, and nonreal-time data traffic can be carried together on shared PVC connections without causing excessive delay to the real-time traffic. FRF.12 can be used in conjunction with FRF.11 or it can be used independently. It enables end-to-end fragmentation on a per-PVC basis and allows fragment size to be configurable on a per-PVC basis. FRF.12 currently uses Weighted Fair Queuing (WFQ). Voice over Frame Relay frames cannot be fragmented but voice-over-IP frames may be fragmented because they are treated as data frames at the Frame Relay level.

Benefits

• Allows real time and nonreal-time traffic to be interleaved together on any PVC
  
  
• Allows vendor interoperability with other FRF.12 compliant devices
  
  
• Enables per-PVC fragmentation with configurable fragment sizes
  
  

Platforms/Considerations

This feature is supported on 2600, 3600, MC3810, and 7200 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Sanjay Bhardwaj

sbhardwa@cisco.com

Airline Product Set Enhancements

Description

The Airline Product Set (ALPS) enhancements supports the Networking requirements of the air transport industry by enabling the convergence of older ALC and UTS networks with standards-based IP networks. ALPS provides support for Airline Control (ALC) (P1024B) and Unisys Terminal System (UTS) (P1024C) protocols within the Plus feature set in the Cisco IOS Software, meaning that existing agent set control units (ASCUs) can be connected directly to the serial ports of Cisco 2520-2523, 2600, 3600, and 4xxx routers. The ALC and UTS protocols can be serially tunneled between two Cisco routers, or can be translated into the Mapping of Airline Traffic to IP (MATIP) standard protocol for direct delivery to the mainframe, via TCP/IP.

For customers who wish to minimize changes to the front-end processor (FEP) and mainframe environment, as part of a phased transition to an IP backbone, ALPS creates a serial tunnel across the Cisco IOS backbone for the P1024B/C data. Because this tunnel is TCP/IP based, it is media independent and can be used over any WAN media that supports the Cisco IOS Software. TCP/IP is used as the reliable transport mechanism for the tunnel across the WAN. The use of Cisco IOS Software from end to end means that the QoS, security, and network-management features of the software can be employed. As part of this approach, ALPS has added support for the older Airline X.25 (AX.25) and Extended Mixed Traffic over X.25 (EMTOX) protocols to Cisco IOS Software, so that no changes are required to existing FEPs or mainframe applications.

Customers who wish to enjoy the benefits of an end-to-end TCP/IP connection to their mainframe, and who wish to remove their reliance on expensive FEPs can utilize Cisco support of the MATIP protocol. This proposed standard (RFC xxxx) describes the protocol translation of the ALC (P1024B) and UTS (P1024C) to TCP/IP. Cisco support of the MATIP standard, coupled with its ability to channel attach Cisco routers to the mainframe through the Channel Interface Processor (CIP) and Channel Port Adapter (CPA), allows the ALC and UTS data to be sent directly to the mainframe via TCP/IP.

Figure 4: ALC and UTS transport over legacy network

Figure 5: ALC and UTS transport over IP network, X.25-attached reservation system

Figure 6: ALC and UTS transport over IP network, IP-attached


reservation system

Benefits

Reduced costs can be achieved by:

• Consolidating legacy serial protocols into a switched backbone WAN, eliminating many point-to-point serial connections
  
  
• Replacing proprietary transport solutions with standards-based solutions
  
  
• Consolidating and standardizing management platforms
  
  
• Replacing single-function terminal packet assembler/disassemblers (TPADs) at the remote site by multifunction routers, which support LAN and IBM legacy devices (Synchronous Data Link Control [SDLC] and bisync) in addition to the ALC devices
  
  
• Improving performance and reliability with the Cisco scalable data-center products and multiple-host access path network design
  
  
• Establishing and enforcing QoS, security, and network-management policies from the remote device, through the WAN, and into the data center
  
  
• Upgrading the entire network without disturbing the existing remote site or data-center hardware, software, and business processes
  
  
• Developing intranet/extranet connectivity with the resulting upgraded network
  
  

Platforms/Considerations

Remote ALC (P1024B) and UTS (P1024C) tunneling and conversion to IP is supported across the Cisco IOS Software-based C2520, C2521, C2522, C2523, C2600, C3x00, and C4x00 platforms. Data-center ALC (P1024B) and UTS (P1024C) tunneling and conversion to AX.25 or EMTOX is supported across the Cisco IOS Software-based C2x00, C3x00, C4x00, and C7x00 platforms. (Remote routers require the Cirrus chipset in the supported interface cards to support the encapsulation or conversion of the byte-oriented ALC and UTS protocols. Data-center routers do not require this support.

MATIP implementations do not require the ALPS feature set in the data-center routers.

ALPS support for ALC (P10248), AX.25, and EMTOX first appeared in Cisco IOS Software release 11.3(6.1)T. ALPS support for UTS (P1024C) first appeared in Cisco IOS Software release 12.0(1.1)T. ALPS support for MATIP encapsulation first appeared in the Cisco IOS Software Release 12.0(5)T.

Marketing Contact

ibd-pm-team@cisco.com

Resource Pool Management

Description

Cisco Resource Pool Management (RPM) allows service providers to share dial resources for wholesale and retail dial network services in a single network access server (NAS) or across multiple NAS stacks. The Cisco RPM enables telcos and Internet service providers (ISPs) to count, control, and manage their dial resources and provides accounting for shared resources when implementing different service-level agreements (SLAs). Resource pool management can be configured in Cisco NASs or, optionally, using one or more external Cisco Resource Pool Manager Servers (RPMSs).

The Cisco RPM is ideal for combining retail and wholesale dial services using Cisco AS5200, AS5300, and AS5800 network access servers. Call management and call discrimination can be configured to occur before the call is answered. The Cisco RPM differentiates dial customers by using configurable customer profiles that are based on the dialed number ID service (DNIS) and call type determined at the time of an incoming call. When management by virtual private dialup network (VPDN) is configured, a VPDN group includes the information to set up or reject a VPDN session. VPDN setup can be based on the DNIS received during call setup, or the domain name after the call is answered. Load balancing is used to achieve full utilization of VPDN tunnels. The VPDN group can also serve as the "customer profile" when all calls are answered and sessions are identified and limited by domain name instead of DNIS.

To support data over voice bearer service (DOVBS), the service providers will use DNIS to direct a call to the appropriate resource. When a digital call arrives at the NAS through the voice network, it will need to terminate on a High-Level Data Link Control (HDLC) controller rather than a modem. In this case, the customer profile that the DNIS group is assigned will have the associated call type of speech and the resource group will direct the call to the HDLC controller. Resource pool management offers a call-discrimination feature that enables rejection of calls based on a DNIS group and call-type filter. When a call arrives at the NAS, the DNIS and call-type are matched against a table of disallowed calls. If the DNIS and call type match entries in this table, the call is rejected. Call discrimination may be used by customers to manage billing of calls to different types of resources. If the service provider has a different billing structure for modem calls and digital calls, each call type will be assigned a different DNIS. When a user calls the DNIS, the call type must match or the call is rejected.

Figure 7: Resource Pool Management

Benefits

• Cisco RPM manages customers' use of shared resources such as modems or HDLC controllers for data calls.
  
  
• RPM offers advanced wholesale dialup services using VPDN to enterprise accounts and ISPs.
  
  
• RPM efficiently uses resource groups such as modems to offer differing oversubscription rates and dial SLAs.
  
  
• RPM maintains the flexibility to include local retail dial services in the same NAS stack with the wholesale dial customers.
  
  
• RPM deploys DOVBS.
  
  
• RPM accepts or rejects a call based on the incoming DNIS prior to answering the call.
  http://www.cisco.com/warp/public/779/servpro/services/resourcepool/index.html.
  
  

Platforms/Considerations

The RPM feature is supported on C5200, C5300, and C5800 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Anita Freeman

anfreema@cisco.com

L2TP Dialout

Description

Layer 2 Tunneling Protocol (L2TP) dialout support allows an administrator to configure a L2TP Network Service (LNS) for dialout capability. In this way, applications or users at the central site can place calls to remote sites through an L2TP infrastructure.

A secondary benefit of this feature is that it enables Point-to-Point Protocol (PPP) callback support for L2TP dial-in users, adding a level of security and allowing for centralized billing.

Benefits

• Dial flexibility
  
  
• Centralized billing
  
  
• Callback support
  
  

Platforms/Considerations

L2TP dialout is available on all platforms with L2TP support, including the C1600, C1700, C2x00, C36x0, C4x00, C5x00, and C7x00.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

David W. Phillips

dphillip@cisco.com

Telco Return

Description

The telco return feature is based on the Data-over-Cable Service Interface Specification (DOCSIS) standard for cable television networks. It enables cable operators to offer data services over cable networks that do not yet have two-way capabilities. In this configuration, the cable network is used to transmit high-speed data for the forward path (headend to CPE equipment), while the telephone network is used for the return path in order to close the loop. The return path can be terminated by any PPP dialup system, as long as there is IP connectivity between the Cisco uBR7200 router universal broadband and the dial server (for example, AS5x00 access server or Catalyst 3600 families).

With modern DOCSIS dual-mode cable modems, a cable operator can deploy cable modems today using the telco return mode and then automatically switches to two-way cable communication as soon as his plant becomes two-way. Since neither truck roll nor expensive cable modem swap-out is necessary for two-way operation migration, a cable operator can save money and increase customer satisfaction.

Benefits

• Telco Return enables cable operators to deploy high-speed data services today, even if their cable plant is not yet two-way capable.
  
  
• Telco Return supports telco-return and two-way cable modems on the same downstream channel, thus saving downstream channels, as well as equipment cost.
  
  
• It is a software-only upgrade to the uBR7200 series products.
  
  
• Telco Return supports flexible provisioning for the telco dialup service. The operator can choose to implement it using in-house dialup modems or to outsource it using third-party dialup services.
  
  

Platforms/Considerations

This feature is supported on the Cisco uBR7200 platform.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Nicos Achilleoudis

nachille@cisco.com

Enhanced Spectrum Management

Description

Enhanced spectrum management extends the spectrum management capabilities of a Cable Modem Termination System (CMTS) to support a "dense" upstream cable plant configuration, such as one where more than one upstream port share the same group of homes.

In order to enable this feature, the CLI command is used to define so-called "shared spectrum groups". The return paths of several fiber nodes are often combined together at a single point to form a single RF frequency called a "combiner group". As a mitigation procedure for ingress noise, the uBR7246 router allows a frequency hop table to be associated with a combiner group, called a "spectrum group". When multiple upstream ports share the same RF domain, the group is called a "shared spectrum group".

Spectrum group commands and configuration options can be found at: /en/US/docs/ios/11_3/feature/guide/uBR7246E.html#xtocid14750104

Benefits

Enhanced Spectrum Management improves system-wide throughput and increases efficiency of bandwidth utilization:

• Enhanced reliability and performance of two-way HFC cable plants.
  
  
• Flexibility in the IOS frequency-hopping implementation to support multiple upstream ports that share the same RF domain (dense mode).
  
  
• Support for five separate channel-widths when used with the ubr-MC16 line card.
  
  

Platforms/Considerations

The shared spectrum group command is only applicable where multiple upstream ports share the same RF domain. This is referred to as "dense mode". These upstream ports can be on one card, or across multiple cards.

This feature is supported across Cisco IOS-based uBR7246 and uBR7223 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Nicos Achilleoudis

nachille@cisco.com

Maribea Berry

mberry@cisco.com

DNS-Based X.25 Routing

Description

This feature, offered only by Cisco, addresses one of the major problems that the network administrator faces in maintaining an X.25 access network over an IP backbone. The feature utilizes a centralized Domain Name System (DNS) database for X.121-to-IP address query and resolution. The problem being addressed is that managing a large TCP/IP network requires maintaining accurate and up-to-date IP addresses and static X.121 address mapping information. Most organizations currently manage this data by manually modifying the databases in every router of the network by means of static routes, a time-consuming and error-prone task. For larger users, this task can involve thousands of remote X.25 data terminal equipment (DTE) locations that require maintenance of thousands of static-route statements in thousands of routers.

Benefits

• Ease of configuration
  
  
• Ease of routing-table management
  
  
• Reduced human errors
  
  
• Minimal X.25 static routes to be maintained
  
  
• X.121 to IP address relationships centralized
  
  

Platforms/Considerations

This feature should not be implemented over the public Internet; it should be implemented only in a private enterprise network. X.121 addresses are not Internet DNS-naming-convention compliant.

This feature is not platform dependent; it is available in all Cisco IOS images with X.25.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Ruben Rios

rurios@cisco.com

Multiport T1/E1 ATM Network Modules with Inverse Multiplexing over ATM

Description

Four new multiport T1/E1 ATM network modules are now available on all Cisco 2600 and 3600 series multiservice access routers. The Multiport T1/E1 ATM network modules support ATM Forum standard Inverse Multiplexing over ATM version 1.0 on both for and eight port versions. Multiport IMA provides fractional T3/E3 bandwidth of up to 16Mbps available on the eight-port E1 versions.

Multiport T1/E1 ATM with IMA addresses the demands for higher bandwidth requirements that are driven by growing multiservice requirements for the branch office. IMA provides a cost-effective way to incremently add bandwidth in situations where T3/E3 or fiber is too expensive or not available to the customer premise. Multiport IMA on the Cisco 2600 and 3600 Series provides a wide range of price/performance choices for the most cost-efficient solution, and allows both Service Providers and Enterprise to offer a single WAN access solution for branch office multiservice applications.

With support for ATM Forum compliant IMA version 1.0 the multiport T1/E1 IMA module provides a standards-based solution that is compatible across a wide range of Cisco and other vendors standards-based IMA products. IMA provides an efficient method of prioritization for voice, video, and data over ATM with support for UBR, VBR-rt, VBR-nrt, and ABR classes of service.

Benefits

Multiport T1/E1 ATM Features

• Support for 4 or 8-port T1/E1 ATM with RJ-45 ports
  
  
• Support for ATM Forum IMA Version 1.0 compliance
  
  
• Up to 16Mbps full-duplex bandwidth with 8 port IMA network module
  
  
• Supports UBR, VBR-rt, VBR-nrt, and ABR ATM Classes of Service
  
  
• Supports up to 4 IMA groups with maximum delay tolerance of 200ms
  
  
• Integrated CSU on T1 versions
  
  
• Integrated DSU for E1 versions
  
  
• ATM Forum UNI 3.0, UNI 3.1, and UNI 4.0 signaling
  
  
• ATM Adaptation layer 5 (AAL5)
  
  
• PVC's and SVC's
  
  
• RFC 1483 support for Multiple Encapsulations over ATM
  
  
• RFC 1577 support for Routing over ATM
  
  
• 256 VC's per interface with up to 1024 simultaneous reassemblies per card
  
  
• LANE 2.0 Client and Server
  
  
• F4 and F5 OAM cell support
  
  
• CRC32 error checking of AAL5 and CRC10 checking of OAM cells
  
  
• IETF PPP over ATM
  
  
• MPOA Client and Server
  
  
• Tag Switching (MPLS when approved)
  
  
• ILMI
  
  
• ATM Bandwidth (Resource) Manager
  
  

Mulitport IMA

• Multiport T1/E1 with Inverse Multiplexing over ATM (IMA) provides inexpensive ATM access
  
  
• T3/E3 and OC-3 fiber are often cost-prohibitive and unavailable in many areas
  
  
• Multiport T1/E1 IMA provides a migration path to higher bandwidth without the need to change transport facilities
  
  
• ATM Forum version 1.0 standards compliant for multi-vendor interoperability
  
  
• Integrated CSU/DSU on T1 versions and integrated DSU on E1 versions
  
  
• Multiport T1/E1 IMA allows the addition and/or deletion of links without service disruption
  
  
• IMA supports link failures and automatic link recovery without loss of data
  
  
• Provides greater internetworking design flexibility and scalability for LAN-to-WAN connectivity
  
  
• Efficient prioritization of mission critical data provided by ATM's
  
  

Quality of Service (QoS) features

• Simplifies network management and eliminates 3rd party Inverse Multiplexing devices
  
  

Platforms/Considerations

Cisco IOS Plus feature sets are required for ATM network modules support.

Supported on all 2600 and 3600 series modular access routers.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Bill Massung

massung@cisco.com

rurios@cisco.com

Direct Remote Services

Description

The Direct Remote Services feature is an enhancement to Cisco IOS Resource Pool Management (RPM). Cisco IOS RPM differentiates wholesale dial customers through configured customer profiles selected by the Dialed Number Information Services (DNIS) and call type at the time of the incoming call. The Direct Remote Services feature specifies PPP features per customer profile and enables the outgoing session to directly access authentication, authorization and accounting (AAA) and domain name servers (DNS) located in the wholesale dial customer's local network.

PPP Common Configuration Architecture (CCA) is the new component of the RPM customer profile that enables Direct Remote Services. The full PPP command set available in Cisco IOS Software is now configurable per customer profile and for wholesale dial applications. The PPP highlights are DNS Primary and Secondary server addresses, local or named IP pools, MLPPP links per bundle limit, and authentication type (PAP, CHAP, MS-CHAP).

The AAA session information is selected by the incoming DNIS. AAA server lists provide the IP addresses of AAA servers for authentication, authorization and accounting in the wholesale customer's local network. The server lists for authentication and authorization contain the list of server addresses, AAA server type (RADIUS), timeout, retransmission, and keys per server. The server lists for accounting contain the list of server addresses, AAA server type (RADIUS), timeout, retransmission, and keys per server.

A single IP addresses with multiple User Datagram Protocol (UDP) port numbers has been implemented to allow accessing multiple AAA server applications within a single UNIX machine.

Benefits

• Wholesale dial services may be provided directly to customers—because the PPP and AAA feature sets are selected by the incoming DNIS, the service provider no longer needs tunneling technology to provide unique service level agreements to wholesale dial customers.
  
  
• Server lists—an incoming DNIS number may be used to point to a list of AAA RADIUS authentication and authorization server addresses with timeout, retransmission, and keys per server. The incoming DNIS is also used to point to a different list of AAA RADIUS accounting servers with timeout, retransmission, and keys per server.
  
  
• Single IP address with multiple UDP port numbers—this feature provides the ability to access multiple AAA server applications within a single UNIX machine.
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Anita Freeman

anfreema@cisco.com

X.25 Switch Local Acknowledgment

Description

Cisco IOS Software has an X.25 switch function that creates virtual connections (VC) by connecting channels between X.25 class services. The X.25 class services supported are X.25, Connection-Mode Network Service (CMNS), and X.25 over TCP (XOT). Switched Virtual Circuits (SVC) and Permanent Virtual Circuits (PVC) are both supported and can be switched to each other (converted). Today, the Cisco implementation is end-to-end acknowledgment, which means that flow control or window and packet size acknowledgment is between the originating and terminating data terminal equipments (DTE). Acknowledgment is not local to the DTE and data communications equipment (DCE) and the overall effect is lower throughput.

Cisco IOS Software also requires that the flow control values (packet and window sizes) be identical at each end of the network. Yet, in many cases, the VCs on each side of the network do not have matching flow control values and can not negotiate (end to end) on a mutually agreeable set of values. Therefore, there is no connectivity. Today, some vendors enable connectivity by spoofing each end of the connection by locally (DTE-DCE) agreeing on flow control values and combining or dissecting packets to conform to the agreed-upon packet size and window values.

Cisco IOS Software has now created this functionality and permits X.25 local acknowledgment. Additionally, we provide this "spoofing" functionality by switching between channels that have unmatched window and packet sizes. This will therefore allow one DTE to have a transmit/receive packet and window size that is different than the other DTE's flow control values. Flow control will now be local to the DCE and DTE.

Benefits

• Improved customer data throughput because window and packet acknowledgment is local to the sending and receiving DTE devices.
  
  
• Enables connectivity where dissimilar flow control values exist in old world networks.
  
  
• Requires only the implementation of at least one Cisco router to mediate flow control and acknowledgment functions at one end of the network.
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Ruben Rios

rurios@cisco.com

X.25 Closed User Groups

Description

The X.25 specification for Closed User Groups (CUG) has been used as an application access security mechanism by restricting users who do not have subscribed access to the host location. This facility is a privacy feature that is used to create private subnets or virtual networks out of a public data network. Previously, Cisco supported only the ability to specify the CUG value but did not enforce restriction. Today, Cisco enforces this security facility.

Benefits

• The ability to implement and enforce the CUG security mechanism by blocking unauthorized users
  
  
• Interoperability with other vendors who adhere to the standard
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Ruben Rios

rurios@cisco.com

IBM

DLSw+ Enhanced Load Balancing

Description

Data Link Switching Plus (DLSw+) offers a new, more powerful mode of load balancing called circuit-count load balancing, that allows allocation of DLSw circuits in a precisely deterministic manner. New circuits are given to the most lightly loaded path at that moment in time.

Benefits

Load balancing is a fundamental part of the repertoire of redundant network designs that provide access to mission-critical applications. With circuit-count load balancing, Cisco's DLSw+ reaches a new height in allowing customers to design for high availability.

In fact circuit-count load balancing offers all that the existing schemes (fault-tolerant and round-robin schemes) had to offer—practically a superset—and more:

• Faster rebalancing on path failure and return
  
  
• Circuits can be prorated using explicit circuit ratios rather than forced to be equal- allows asymmetrical load balancing corresponding to mix of platforms used
  
  
• Path cost is respected simultaneously, allowing load balancing between equal cost peers to be combined with fault tolerance using a higher-cost peer
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

ibd-pm-team@cisco.com

DLSw+ Peer Clusters

Description

Where multiple member peers or border peers in a peer group structure need to be connected to the same LAN, peer clustering avoids unwanted duplication of explorers and roundabout circuits.

Benefits

DLSw+ Peer Clusters increases the scalability of peer group configurations. While designing DLSw+ peer group networks, you may sometimes need to accommodate large-sized branches. Rather than be constrained by a single peer's memory/CPU resources, you may wish to install multiple DLSw+ member peers to service the same LAN.

In regular (nonpeer group) networks, you can have multiple routers in the data center and peer a set of branch routers matched to each of them. With peer groups however, explorers being inserted into the border peer network by one data center router are relayed to other routers also connecting to the same data center LAN. Therefore, explorers are duplicated.

DLSw+ Peer Clusters avoids this duplication of explorers. In addition, it avoids roundabout circuits—rare situations where the circuit winds in a roundabout way through the WAN instead of directly over the LAN. In the diagram below, member peers A and B are defined to be in the same Peer Cluster. The border peer ensures that explorers don't get forwarded to members within the same Peer Cluster—explorers from A don't get forwarded to B and vice-versa.

Figure 8: DLSw+ Peer Clusters

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

ibd-pm-team@cisco.com

DLSw+ RSVP Bandwidth Reservation

Description

DLSw+ RSVP Bandwidth Reservation allows Systems Network Architecture (SNA) to automatically reserve bandwidth end to end across an IP internetwork. DLSw+ uses RSVPas the QoS signaling mechanism that is fulfilled automatically by intermediate IP routers through QoS congestion methods such as Weighted Fair Queuing (WFQ) and WRED.

Benefits

Voice and video applications typically use RSVP to obtain guaranteed services over IP. This scenario places mission-critical SNA in danger of being relegated to best-effort service. DLSw+ RSVP secures guaranteed service for SNA, thereby helping the move to converged data/voice/video networks.

Figure 9: DLSw+ RSVP Bandwidth Reservation

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

ibd-pm-team@cisco.com

CMPC+ (Cisco Multipath Channel +)

Description

CMPC+ implements IBM's MPC HPDT (MPC+) channel protocol for IP. CMPC+ runs on Cisco's Channel Interface Processor (CIP) and Channel Port Adapter (CPA) products.

Benefits

• CMPC+ complements Cisco's IBM channel attachment products
  
  
• CMPC+ enables 64K channel block size
  
  
• CMPC+ supports IBM's high-speed bulk data transfer
  
  
• CMPC+ reduces mainframe cycles
  
  
• CMPC+ enables IBM's Enterprise Extender technology which supports HPR over IP and Connection Networks
  
  

Platforms/Considerations

CMPC+ is available in Cisco IOS 12.03(T) in the CIP, which runs in the Cisco 7500 chassis and the CPA, which runs in the Cisco 7200 chassis.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

ibd-pm-team@cisco.com

DLSw+ Ethernet Redundancy

Description

DLSw+ Ethernet redundancy provides redundancy and load balancing between multiple DLSw+ peers on Ethernet.

Because Ethernet has no Route Information Field (RIF) connectivity problems can occur if multiple DLSw+ peers are connected to the same LAN. DLSw+ Ethernet Redundancy uses patent-pending techniques and algorithms to solve this problem.

Figure 10: Redundancy and load-balancing between peers RTRA and RTRB on the same Ethernet LAN, using DSLw+ Ethernet Redundancy

Benefits

• This redundancy is ideal for use in large remote offices or campuses that run SNA, and are migrating from Token Ring to Ethernet media.
  
  
• Redundancy provides dynamic backup with no manual intervention in case of failure.
  
  
• It does not depend on the transparent bridging spanning-tree algorithm. Recovery is fast, without the need to wait for spanning tree to reconverge.
  
  
• Load balancing allows the load to be shared between DLSw+ peers; it also diminishes the number of sessions that need to be reestablished in case of failure.
  
  
• Redundancy provides support for both shared and switched Ethernet media.
  
  

Platforms/Considerations

This feature is supported on Cisco IOS Software-based C16xx, C17xx, C25xx, C26xx, C36xx, C38xx, C4xxx, C72xx, and C75xx family of routers, and on the RSM and RSFC onboard the 5xxx family of switches.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

ibd-pm-team@cisco.com

LU Pooling (ASSOCIATE) and Response-Time MIB

Description

The LU pooling (ASSOCIATE) feature and Response-Time Management Information Base (MIB) of Cisco IOS Software offers additional TN3270 Server features that provide ease in configuration, management, and usability for Cisco TN3270 users. These new features:

• Provide LU pooling capability to support ASSOCIATE command functions and ease configuration scenarios
  
  
• Provide capability to collect response-time information for TN3270 Server sessions and clients
  
  
• Offer additional capability to use virtual telecommunications access method (VTAM) enhancements to aid in LU deletion and termination
  
  

LU Pooling (ASSOCIATE) and Command Support

In many SNA environments, applications were written such that they expected both a screen and printer definition to be known by the application. From the Internet Engineering Task Force (IETF), RFC 1647 defined the ASSOCIATE command as the vehicle by which screen and printer relationships were preserved and extended into the TN3270 environment. The Cisco TN3270 Server enhancements support the ASSOCIATE request through LU pooling. This LU pooling feature enables the TN3270 Server to know the relationships between screen and printer LUs.

The LU pool configuration allows clients to be nailed (or specified) to LUs. It allows you to configure clients in the router and nail clients into groups of LUs, allowing logically related clients to connect to LUs that have the same logical relationship with the host. Because a cluster (a group of LUs) can contain screen LUs and their associated printer LUs, this function provides the capability to "associate" a screen LU with a printer LU.

Response-Time Support

The TN3270 Server Response-Time MIB (TN3270E-RT-MIB) provides the end-to-end, TN3270 Server-to-client response time, and the mainframe-to-TN3270 Server time.

LU Deletion and Termination

• LU Deletion—With the latest release of VTAM (4.4.1), a capability has been added to allow VTAM to better manage control block space and LU usage. VTAM allocates control blocks based on LU model types defined, and these control blocks are never deleted. If an environment contains client access with many different model types, it is necessary to create additional control blocks, increasing the total number of LUs defined to the system. The LU deletion command specifies whether the TN2370 Server sends a REPLY-PSID power-down request to VTAM when a client disconnects, providing a capability for VTAM to return the unused LUs to the pool. This command is recommended in host environments running VTAM Version 4.4.1. Previous versions of VTAM are not compatible with NMVT REPLY-PSID.
  
  
• LU Termination—With some applications (such as Customer Information Control System [CICS]), customers have reported that users could acquire the session of a previous user, a situation called "tail-gating." This activity occurred when some applications were not relinquishing, or terminating, the LU properly. For environments exhibiting this security problem, a feature has been added to allow the TN3270 Server to support SNA TERMSELF RU. This feature forces the termination of the session and session requests associated with an LU when a user turns off his device or disconnects, avoiding the previous scenario.
  
  

Benefits

• By providing the LU pooling configuration in the router, the configuration of the clients is simplified. It enables the network engineer to identify one or several configurations to manage, rather than thousands of client configurations.
  
  
• Detailed response-time support in the TN3270 Server is vital for network-management diagnostic and problem determination.
  
  
• LU termination and deletion provide better security and memory management in VTAM.
  
  

Platforms/Considerations

This feature is supported on the Cisco TN3270 Server software on the Channel Interface Processor (CIP) on the C7x00 platforms, and on the Channel Port Adapter (CPA) on the C720x platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

ibd-pm-team@cisco.com

IP and Routing

Easy IP Phase 2-DHCP Server

Description

Cisco IOS Software Easy IP is a combination of the Port Address Translation (PAT), a subset of Network Address Translation (NAT), Dynamic PPP/ IP Control Protocol (IPCP) WAN interface IP address negotiation, and Cisco IOS Dynamic Host Configuration Protocol (DHCP) server functionality.

With Cisco IOS Software Easy IP Phase 2, a Cisco router can automatically assign local IP addresses to small office/home office (SOHO) hosts via DHCP with the Cisco IOS DHCP server, automatically negotiate its own registered WAN interface IP address from a central server via PPP/IPCP, and use PAT functionality to enable all SOHO hosts to access the global Internet using a single registered IP address. Because Cisco IOS Software Easy IP utilizes existing port-level multiplexed NAT functionality within Cisco IOS Software, IP addresses on the remote LAN are invisible to the Internet, the remote LAN more secure.

Benefits

Cisco IOS Easy IP Phase 2 is a scalable and standards-based solution that:

• Minimizes Internet access costs for remote offices
  
  
• Minimizes configuration requirements on remote access routers
  
  
• Enables transparent and dynamic IP address allocation for hosts in remote environments
  
  
• Improves network security capabilities at each remote site
  
  
• Conserves registered IP addresses
  
  
• Maximizes IP address manageability
  
  

Platforms/Considerations

Cisco IOS Easy IP Phase 2, including the Cisco IOS DHCP server, is supported in all 12.0T images on the following router platforms: Cisco 1000, 1600, 2500, 2600, 3620, 3640, 4000, 4500, and 4700 routers, AS5200, and AS5300 access servers, the Catalyst^® 5000 route switch module (RSM), the Cisco 7200, the RSP7000, and the Cisco 7500. Note that each component of Easy IP Phase 2 may be used separately if desired.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Kevin Delgadillo

Triggered RIP

Description

This feature enhances the IOS support for the Routing Information Protocol (RIP) and is designed to enable efficient dynamic routing over demand-circuit links such as ISDN. Defined in RFC 2091, Triggered RIP avoids the bandwidth overhead (associated with distance-vector protocols that periodically announce full reachability information) by sending Flash updates only for those routes whose metrics have changed. As such, Triggered RIP also incorporates a reliable delivery mechanism to ensure consistent topology information.

Benefits

Triggered RIP offers efficient bandwidth and CPU utilization.

Platforms/Considerations

This feature is supported for IP RIP Versions 1 and 2, but not IPX RIP. Both ends of the link should be configured for this mode of operation.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Martin McNealis

Mobile IP

Description

Mobile IP support (RFC2002) enables a host to be identified by a single IP address even while the device physically moves its point of attachment from one network to another. Cisco routers function as home agents and foreign agents allowing devices to register their current location and receive tunneled packets from their home network. This functionality provides the unique ability for users to maintain sessions, regardless of movement between locations on different networks without address changes.

Figure 11: Mobility beyond the Enterprise—Mobile IP

Benefits

Mobility becomes an issue that the mobile IP protocol transparently negotiates to enable the user new freedoms. Movement from one point of attachment to another is seamlessly achieved without the intervention or the knowledge of the user. Mobile IP offers mobility transparently to applications. Roaming from a wired network onto a wireless or wide-area network can also be achieved with ease. Therefore, mobile IP provides ubiquitous connectivity for users whether they are within their enterprise networks or anywhere in the Internet.

Platforms/Considerations

Mobile IP is supported on the Cisco 25xx, 36xx, 4000/m, 4x00/m, 72xx, 75xx and 2600 routers, and generic IOS platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Martin McNealis

OSPF Packet Pacing

Description

Extensive and time-proven Cisco IOS Software deployment experience allows Cisco to continuously improve and enhance functionality. This is often reflected in performance and scalability enhancements to the Cisco IOS implementation of IP Routing Protocols, and release 12.0T introduces an OSPF optimization called "Packet Pacing". This feature controls the rate of transmission of OSPF updates and is designed to accommodate slow links and mismatches in buffering and CPU capabilities between adjacent routers. It functions by using a spacing interval per interface (of 33 milliseconds by default) between OSPF packet transmissions which can significantly improve overall stability, reduce convergence times and minimize retransmissions during intervals of topology change or database flooding.

Benefits

Routing design flexibility and greater OSPF platform compatibility. Increased network robustness.

Platforms/Considerations

OSPF packet pacing can be used in conjunction with other protocol scalability and robustness features such as LSA Grouping and Selective Packet Discard. This feature is supported on all IOS based platforms which offer OSPF support.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Martin McNealis

NetFlow Policy Routing (NPR)

Description

NetFlow^™ Policy Routing integrates Policy Routing —a powerful Cisco IOS Software capability that enables traffic engineering and traffic classification, with NetFlow ^™ Services—a suite of functionality that provides billing, capacity planning and monitoring information on real-time traffic flows. This brings the unique, high-performance, flow-based acceleration mechanisms of Netflow to Policy Routing and as this is also supported in conjunction with the Cisco Express Forwarding architecture, NPR's performance can be scaled since the functionality can be distributed onto intelligent linecards supporting dCEF, such as the C7500 series. This is represented in the following diagram where Netflow Policy Routing is used to override the normal, dynamic forwarding path as determined by the routing protocols and in this case, the policy stipulates a different "next-hop" for designated traffic, which then forms the basis of a CEF forwarding decision.

Figure 12: NPR Switching Path

Therefore as the overall network performance and cost benefits of traffic engineering become increasingly compelling, organizations are leveraging NPR's ability to allow administratively defined paths to be assigned for certain IP traffic types. Recognizing that traffic policies vary significantly, this feature provides the flexibility to define match criteria that allow packet flows to be policy routed based upon traffic source, destination, application, class-of-service or packet length. Additionally NetFlow Policy Routing's classification mechanism can subsequently set the IP Precedence field which is used to drive Cisco IOS Quality-of-Service techniques for expedited queuing and congestion management.

Figure 13: Traffic Engineering with NetFow Policy Routing

Platforms/Considerations

Beginning with Cisco IOS Software release 12.0(3)T, this functionality is available on the following Cisco IOS Software-based platforms: C26xx, C36xx, C4x00, RSM5000, C5800 and C7x00.

When NetFlow Policy Routing is used to specify the output interface through which certain traffic should flow or to define a next-hop IP interface, NPR will defer to the available routing information for packet forwarding if the interface or next-hop is unavailable. In order for NPR to incorporate a next-hop interface verification mechanism based on the Cisco Discovery Protocol (CDP), designated next-hops must be directly connected (or connected via a tunnel interface).

Marketing Contact

Charles Goldberg

MPLS Virtual Private Networks

Description

MPLS VPNs represent a new paradigm for building highly scalable, connectionless, IP VPNs using MPLS. IP VPNs allow a service provider to deliver private IP services over a public IP infrastructure, bringing low-cost managed IP WAN connectivity to enterprise customers. IP VPNs have become essential as more companies are placing business applications on their intranets with employees needing access to these applications, wherever they may be, to conduct their daily responsibilities. Companies are also using the Web to conduct business with their suppliers, partners, and customers and, as such, require the ability to support extranets (VPN between companies) as well as intranets (VPN within a company). Finally companies are looking to outsource their IP VPN requirements to their service provider, given the complexity and expertise required to build and manage intranets and extranets across the WAN.

MPLS VPNs differ from today's VPNs in that they are created at the network layer, maintaining privacy within a connectionless IP network, without the need for tunnels or overlays. This setup greatly enhances the scalability of MPLS VPNs over all today's VPNs (for example, Frame Relay, ATM, IPsec, and generic routing encapsulation [GRE]) while matching the level of privacy offered by VPNs built in Layer 2 with permanent virtual circuits (PVCs). With MPLS VPNs, the CPE router at the customer site (customer edge, or CE router) must peer with the access router, only at the service provider's point of presence (POP) (provider edge, or PE router). There is no requirement for the CE to peer with any other router, or even to implement MPLS. Thus in the simplest case, if the CE router cannot reach an address locally, it defaults to the PE router to get the packet to the proper destination. Reachability and privacy within a VPN are achieved by constraining the distribution of routes (using the Border Gateway Protocol [BGP] extend-communities-of-interest attribute) to only those PE routers belonging to the VPN. MPLS assigns labels to define VPNs and to forward packets between PE routers.

Benefits

• Connectionless service—A significant technical advantage of MPLS VPNs are they are built into Layer 3 and, therefore, are connectionless. To establish privacy in a connectionless IP environment, current VPN solutions impose a connection-oriented, point-to-point overlay on the network. By creating a connectionless VPN, tunnels and encryption are not required for network privacy, thus eliminating significant complexity and increasing scalability.
  
  
• Centralized service—Building VPNs in Layer 3 has the additional advantage of allowing delivery of targeted services (for example, Web or content hosting) to a group of users represented by a VPN. Furthermore, because each MPLS VPN is seen as a private IP network, it's easy to leverage IP services such as multicast, QoS, and telephony support within a VPN.
  
  
• Scalability—MPLS VPNs are highly scalable because of their connectionless architecture, the partitioning of VPN routes between PE routers, and because routers in the service provider's core (provider, or P routers) carry no VPN-specific routing information. Thus no one device in a service provider's network is required to know all the routes for all VPNs.
  
  
• Security—MPLS VPNs offer the same level of security as connection-oriented VPNs; packets from one VPN will not inadvertently go to another VPN. Malicious spoofing of a provider edge (PE) router is nearly impossible because the packets received from customers are IP packets and must be received on a specific interface or subinterface to be uniquely defined with a VPN.
  
  
• Easy to create—To take full advantage of VPNs, it must be easy to create new VPNs and user communities. MPLS VPNs meet this requirement because they are built using Layer 3 protocol—BGP and Routing Information Protocol (RIP)—updates and require configuration only at the ingress PE. Current VPNs require service providers to engineer separate networks (specific routing design mapped to specific Layer 2 connections) for each customer.
  
  
• Flexible addressing—MPLS VPNs allow customers to continue to use their present address spaces without Network Address Translation (NAT), enabling customers to use their own unregistered private addresses, and communicate freely across a public IP network. Note, however, that if two VPNs want to communicate and both have overlapping addresses, that communication requires NAT at one endpoint.
  
  
• Integrated CoS support—MPLS VPNs support up to eight classes of service within each VPN.
  
  
• Straightforward migration—MPLS VPNs place no special requirements on the end customer. The (CE) router needs to support only IP, with no modifications required of customer's IP applications.
  
  

Platforms/Considerations

MPLS VPN code is implemented only on the PE routers. P routers need to support only basic MPLS (TDP/LDP, label forwarding, and label disposition).

Supported PE platforms include:

• Cisco 3600, 4500, 7200, and 7500
  
  

Supported P platforms include:

• Cisco LightStream 1010 ATM switch
  
  
• Cisco 7200 an