8733 Ethernet SLA App Guide

Application Guide

Carrier Ethernet Service Level Agreement Support Tools

The Access Company

Abstract The growth in popularity of Business Ethernet services is closely linked to the level of maturity Ethernet technology has reached, enabling carriers to deliver and audit hard service level agreement (SLA)

guarantees

that

satisfy

exacting

requirements

from

enterprise users. Carriers and service providers deploying Business Ethernet VPNs must be prepared to ensure measurable and enforceable SLAs that detail commitments for user traffic handling, availability and performance guarantees, among others. Focusing on a Layer 2 VPN use case, this application guide reviews the various service delivery and service assurance support mechanisms that carriers and telecom providers can utilize to ensure service reliability, measurable KPIs (key performance indicators) and SLA commitments.

Application Guide: Ethernet SLA Support Tools

Contents 1

Business Ethernet Services and the Evolution of Carrier SLAs .................................................. 2 1.1

2

Business Ethernet SLA support tools ............................................................................... 4

SLA and Service Description .................................................................................................... 5 2.1

Layer 2 VPN use case...................................................................................................... 5

2.2

Service description ......................................................................................................... 6

2.3

Traffic Mapping .............................................................................................................. 8

2.4

Bandwidth Commitments .............................................................................................. 10

2.4.1

3

4

Effective Throughput ............................................................................................ 13

2.5

Performance Guarantees .............................................................................................. 15

2.6

Layer 2 Control Protocol Processing .............................................................................. 17

2.7

Service Availability, Response and Repair Time .............................................................. 17

Service Delivery .................................................................................................................... 19 3.1

Classification ................................................................................................................ 20

3.2

Metering and Policing ................................................................................................... 21

3.3

Hierarchical Scheduling Level 0 ..................................................................................... 23

3.4

Shaping ........................................................................................................................ 26

3.5

Hierarchical Scheduling Level 1 ..................................................................................... 27

3.6

Packet Editing and Marking ........................................................................................... 29

Service Assurance................................................................................................................. 31 4.1

Critical Service Test Points ............................................................................................ 31

4.2

Service Validation Tests ................................................................................................ 33

4.2.1 4.2.2 4.2.3 4.2.4

Connectivity verification........................................................................................ 36 Fault detection and diagnostic loopbacks .............................................................. 36 Performance monitoring ....................................................................................... 39 Throughput measurements (RFC 2544) ................................................................. 40

Conclusion ................................................................................................................................... 41

© 2009 RAD Data Communications Ltd

1

Application Guide: Ethernet SLA Support Tools

1 Business Ethernet Services and the Evolution of Carrier SLAs Ethernet services for enterprises are booming: The global business Ethernet services market is forecasted to reach nearly US$ 39 Billion by 2013, while 2008 saw a 43% increase in demand for business Ethernet service ports in the United States alone1. Enterprise customers are embracing Layer 2 VPN services as these offer higher bandwidth rates, competitive pricing, flexibility, and scalability. From their end, carriers and service providers see an opportunity to enhance their business networking solutions portfolio with next-generation services that are cheaper to operate and which combine added user value with quick return on investment and sustainable revenue potential. Even in the midst of the current global economic turmoil, more and more business Ethernet services are becoming available from incumbents, as well as from Tier 2 and 3 providers, covering an expending footprint not only on a metro level, but also on a national and international scale. The growth in popularity of business Ethernet services is closely linked to the level of maturity Ethernet technology has reached, enabling carriers to deliver and audit hard service level agreement (SLA) guarantees that satisfy exacting requirements from enterprise users, as illustrated in Figure 1.

Figure 1: Evolution of SLA parameters for Ethernet services

1

2

Source: Vertical Systems Group, 2009

© 2009 RAD Data Communications Ltd

Application Guide: Ethernet SLA Support Tools

Naturally, service quality and assurance are pre-requisites for the enterprise market – a fact that is clearly recognized by telecom providers, who consider service level agreements important to their strategy for winning corporate business2. Before they migrate all their corporate traffic to new Ethernet services, organizations need to be assured that they’ll receive appropriate quality of service (QoS) and performance guarantees to support critical applications. In a Heavy Reading 2008 survey, over 87% of polled enterprise users indicated that service reliability was a key factor in choosing their provider. Enterprise users are expecting the same service consistency and reach that have been offered by legacy TDM, ATM and Frame Relay – a requirement that “best effort” Ethernet services were unable to fulfill. They also demand service differentiation to facilitate efficient operations and to meet their particular business needs, both current and future. Table 1 summarizes the “must-have” carrier-class service attributes of business Ethernet offerings.

9 Resilient, “always-on” connections featuring four nines or five nines availability

Reliable

9 Automatic fault isolation and quick troubleshooting; 24x7x365 support 9 Minimal service disruptions due to link failures 9 Quality of service priority guarantees per class of service (CoS) 9 VPN and data security

Economical

9

Low expenditures on customer located equipment and multi-site connectivity

9

High throughput without heavy investments in infrastructure and equipment

9

Scalable data rates, provisioned remotely, for “pay as you grow” flexibility

9

Minimal down-time for servicing and repair

9 Differentiated SLA-based performance commitments for voice, video and data

Accountable

9 Clear network visibility, proactive service monitoring 9 Real-time, on-demand reporting linked to OSS and billing systems 9 SLA-defined penalties and credits based on performance targets 9 Data rates from 1 Mbps to 1 Gbps and beyond

Limitless

9 Consistent service over any infrastructure (fiber, PDH, SDH/SONET, xDSL) 9 Versatile connectivity options (point-to-point, any-to-any) Table 1: Business-grade attributes of Carrier Ethernet services

2

Source: The 2007 IBM Institute for Business Value and Economist Intelligence Telecom Industry Executive Survey

© 2009 RAD Data Communications Ltd

3

Application Guide: Ethernet SLA Support Tools

1.1

Business Ethernet SLA support tools

Carriers and service providers deploying business Ethernet VPNs must also be prepared to deliver measurable and enforceable SLAs that detail commitments for user traffic handling, bandwidth and performance guarantees, user control protocols processing and availability, as well as for response and repair times. This requires the installation of intelligent demarcation devices, or network termination units (NTUs), at the customer premises, to ensure end-to-end service control and efficient service provisioning from the service hand-off points. Such Ethernet demarcation devices are ideally equipped with Ethernet SLA support tools, including advanced service delivery and service assurance capabilities, as shown in Figure 2.

Figure 2: Ethernet demarcation with SLA support tools

4

© 2009 RAD Data Communications Ltd

Application Guide: Ethernet SLA Support Tools

2 SLA and Service Description 2.1

Layer 2 VPN use case

The following chapters explain the various functionalities and support mechanisms available to telecom providers for delivering business Ethernet SLAs, using a specific service scenario as an example. In this scenario, a service provider is delivering a managed Layer 2 VPN service to its business customer over a native Ethernet network with fiber, PDH and DSL access. The enterprise uses Ethernet virtual connections (EVCs) to transport various types of traffic between remote branches and company headquarters, as illustrated in Figure 3 below. Table 2 provides examples of services and applications matching the different traffic types. The L2 VPN conforms to a service level agreement, which specifies performance commitments for different QoS levels, depending on traffic type and application.

Figure 3: Managed Layer 2 VPN service over fiber, PDH and DSL access

© 2009 RAD Data Communications Ltd

5

Application Guide: Ethernet SLA Support Tools

Traffic Type

Typical Application Examples

Real Time

IP telephony (VoIP), IP video

Priority Data

Critical data applications, storage and LAN-to-LAN connectivity between local enterprise routers

Best Effort

Business Internet access

Table 2: Common applications and services for various traffic classes

2.2

Service description

The managed Layer 2 VPN in this example is delivered between corporate headquarters and two branches, which are not only located in remote sites, but are also connected to the service provider’s network by different technologies. Network access for Headquarters is fiber-based, whereas Branch A is connected over multiple bonded copper PDH circuits and Branch B – over SHDSL.bis lines. To meet the particular networking needs of the enterprise, the L2 VPN service is deployed in a point-to-point EVPL (Ethernet Virtual Private Line) topology between Headquarters and the branches, using a different EVC for each branch-to-HQ connection. The service provider installs intelligent Ethernet NTUs at the customer premises. These demarcation devices feature the service hand-off points (UNI: User-Network Interfaces) and support the particular capabilities required at each location, as well as the available access: At Headquarters: A RAD ETX-202A Ethernet over fiber demarcation device provides a service multiplexed UNI, whereby all the EVCs share the same UNI for efficient utilization of available interfaces. The network connection rate is 100 Mbps via two redundant Fast Ethernet/Gigabit Ethernet ports, enabling future upgrades up to 1 Gbps to accommodate an anticipated increase in traffic volumes to and from this location. At Branch A: A RICi Ethernet over bonded PDH demarcation device with a non-multiplexed UNI that is dedicated to a single EVC and supporting a network access rate of 32 Mbps. At Branch B: An LA-210 Ethernet over DSL demarcation device with a non-multiplexed UNI, supporting a line rate of up to 22.8 Mbps over four bonded pairs of SHDSL.bis links.

6

© 2009 RAD Data Communications Ltd

Application Guide: Ethernet SLA Support Tools

The NTUs perform traffic processing and SLA management to ensure consistent user experience and to maintain SLA metrics end-to-end, despite the difference in transport technologies and devices. Tables 3 and 4 summarize the different service parameters of the various UNIs and EVCs.

UNI Service Attributes

Headquarters

Speed (Mbps)

Branches

10-1,000

A

B

1-32

1-22.8

Transmission Mode

Full Duplex

Full Duplex

MAC Layer

IEEE 802.3

IEEE 802.3

Yes (2)

No (1)

Service Multiplexing (Max number of EVCs/UNI)

Table 3: UNI service attributes

EVC Service Attributes

Values

EVC Type

Point-to-point

CE-VLAN ID Preservation – IEEE 802.1Q3

EVC1

EVC2

Yes

No

CE-CoS Preservation – IEEE 802.1p

No

Unicast Frame Delivery

Unconditionally

Multicast Frame Delivery

Unconditionally

Broadcast Frame Delivery

Unconditionally

Max Frame Size (bytes)4

1,580

Table 4: EVC service attributes

3 4

See section 2.3: Traffic Mapping Maximum frame size should correspond with the relevant burst size values (CBS and EBS). For further details, see section 2.4: Bandwidth Commitments

© 2009 RAD Data Communications Ltd

7

Application Guide: Ethernet SLA Support Tools

2.3

Traffic Mapping

There are two EVCs connecting HQ to the branches: EVC1 links Headquarters to Branch A, while EVC2 connects it to Branch B. Within the network, these EVCs are identified by service provider VLAN tags (SP-VLANs), which are added to customer frames by the local demarcation device upon entering the network and then stripped off at network egress (“push and pop operations”). Inband management traffic is allocated a dedicated SP-VLAN to separate it from user traffic. The EVCs deliver real-time (RT), priority data (PD) and best effort (BE) traffic between locations, with each traffic type representing a different class of service within the EVCs (EVC.CoS). As each class of service requires its own QoS guarantees, it is marked differently so it can be distinguished by the Enterprise’s equipment and, more importantly, by the network: In EVC1, this is done by the three-bit priority field (P-bits) of a customer-assigned VLAN tag (CE-VLAN), while in EVC2 traffic classes are identified by different customer VLAN IDs (CE-VID). Since both EVCs are associated with multiple traffic types, a mapping plan of CE-VLANs and CE-P bits to EVCs is defined in advance to ensure efficient traffic delivery. Tables 5 and 6 detail the correlation between VLAN IDs (VIDs) and EVCs.

Service Point

UNI H (Headquarters)

UNI A (Branch A)

EVC

Network

EVC1

ID Tags

CE-VLAN

RT Traffic

CE-P bit

CE-VLAN

6 17

PD Traffic BE Traffic

SP-VLAN

6 17

4 1

Management Traffic

CE-P bit

4

6 2,000

1 N/A

SP-P bit

5 2

5

7

Table 5: Mapping CE-VLANs to EVC1, services are separated by priority bits

8

© 2009 RAD Data Communications Ltd

Application Guide: Ethernet SLA Support Tools

Service Point

UNI H (Headquarters)

UNI B (Branch B)

EVC

Network

EVC2

ID Tags

CE-VLAN

CE-P bit

CE-VLAN

CE-P bit

RT Traffic

42

x

2

x

PD Traffic

43

y

3

y

BE Traffic

44

z

4

z

Management Traffic

N/A

SP-VLAN

SP-P bit 6

2,001

4 2

6

7

Table 6: Mapping CE-VLANs to EVC2, services are separated by customer VLAN tags

Because the customer’s equipment in Branch A is capable of traffic differentiation based on P-bit values, all traffic is assigned a single VID with a separate P-bit per service. User equipment and IT considerations in Branch B, however, require that each class of service receive its own CE-VLAN tag. In this case, packets carrying the same CE-VID will be treated similarly by the network, regardless of their specific CE-P bit value. All traffic assigned to EVC1 carry an outer SP-VID 2,000, while traffic associated with EVC2 is double-tagged with SP-VID 2,001. The different classes of service within each EVC are marked with different SP-P bit values. As can be seen in Tables 5 and 6, the classes of service in each EVC are tagged differently at the associated UNIs. In EVC1, both locations use CE-VLAN 17.6 (CE-VID 17, CE-P bit 6) to mark RT, 17.4 for PD and 17.1 for BE and therefore ingress/egress CE-VLAN ID preservation is required between locations. This is not in the case in EVC2, where the various service types are assigned different CEVIDs at each location and the local demarcation devices must swap CE-VLAN tags in egress frames when the SP-VLAN tags are popped, for example, replacing CE-VID 42 with CE-VID 2 for RT traffic arriving at Branch B from Headquarters.

© 2009 RAD Data Communications Ltd

9

Application Guide: Ethernet SLA Support Tools

2.4

Bandwidth Commitments

The EVPL SLA contains throughput commitments, divided into the following bandwidth profile categories: Committed Information Rate (CIR): The bandwidth that the service provider guarantees the enterprise, regardless of network conditions. Excess Information Rate (EIR): The bandwidth allowance for “best effort” delivery, for which service performance is not guaranteed and traffic may be dropped if the network is congested. The combination of CIR and EIR rates is typically referred to as PIR, or Peak Information Rate, which represents the total burstable bandwidth sold to the enterprise. Committed Burst Size (CBS): The maximum size, expressed in bytes, of a burst of back-to-back Ethernet frames for guaranteed delivery. Excess Burst Size (EBS): The maximum size of a burst of back-to-back Ethernet frames permitted into the network without performance guarantees. EBS frames may be queued or discarded if bandwidth is not available. According to MEF (Metro Ethernet Forum) specifications, the “bandwidth profile” service attribute, which includes some or all of the above categories, can be defined per UNI, per EVC or per CoS identifier (CoS ID; EVC.CoS). For any given frame, however, only one such model can apply. The service provider meets the bandwidth guarantees by reserving appropriate network resources and employing a two-rate/three-color (trTCM) rate-limitation methodology as part of its traffic engineering policy to ensure compliance by user traffic. For the service discussed in this paper, the policing function is performed by EVC.CoS granularity, as described in further detail in Chapter 3: Service Delivery.

10

© 2009 RAD Data Communications Ltd

Application Guide: Ethernet SLA Support Tools

Tip: EIR as a Revenue Generator EIR offerings enable carriers to generate more revenues from a given network capacity without compromising the quality of premium or real-time CIR services. As bandwidth consumption fluctuates throughout the day and the week, carriers and service providers can oversubscribe the network and monetize unused portions of it by selling “best effort” services, provided that the customer-located demarcation devices are equipped with reliable traffic management capabilities. This allows total bandwidth charges to exceed actual infrastructure rates. However, because EIR bandwidth is shared among users and applications, not all users are able to take advantage of the entire excess bandwidth simultaneously.

Figure 4: CIR and EIR bandwidth profiles

© 2009 RAD Data Communications Ltd

11

Application Guide: Ethernet SLA Support Tools

Table 7 lists the bandwidth commitments for each class of service within EVC1 and EVC2, which are applicable to all UNIs even though these support different access rates. To avoid delays in traffic delivery, the bandwidth profiles in each EVC should not exceed the lowest UNI speed in the service points connected by that EVC i.e., 32 Mbps for EVC1 (UNI A) and 22.8 Mbps for EVC2 (UNI B). As can be seen in Table 7, the total CIR allowance for all classes of service in EVC1 is 25 Mbps, permitting a maximum of 7 Mbps EIR to meet UNI A’s access connection speed limit. To better serve corporate operations, the enterprise purchases higher EIR rates for PD and BE traffic, allowing up to 10 Mbps for each of these classes of service if no other traffic is transmitted at the time. In EVC2, the total PIR bandwidth is 30 Mbps, of which 20 Mbps are CIR and 10 Mbps of EIR are divided between PD and BE traffic, allowing up to 5 Mbps for each, provided that no other traffic is transmitted simultaneously. RT applications are typically allocated CIR bandwidth only, BE – EIR only and PD’s bandwidth profiles are divided between CIR and EIR commitments.

EVC

1

EVC.CoS CIR (Mbps)

EIR (Mbps)

CBS (Bytes)

EBS (Bytes)

Real-Time

5

0

150

0

Priority Data

20

10

5,000

5,000

Best Effort

0

10

0

2,500

25

20

--

--

Real-Time

5

0

150

0

Priority Data

15

5

3,500

3,000

Best Effort

0

5

0

2,500

20

10

--

--

Total

2

Bandwidth Profile

Total

Table 7: Effective bandwidth commitments per EVC.CoS The CBS and EBS values should correspond with the frame sizes that typically make up each class of service, as well as with the maximum frame size allowed at the UNI. Here, for example, a CBS value of 5,000 bytes for PD traffic in EVC1 permits up to three frames of 1,522 bytes in each burst. A general rule of thumb correlates between CBS value, frame size and their effect on network delay: Large frames transmitted in a service that receives a low CBS value are more prone to delays, since the burst allowance is exhausted quickly by a relatively low number of frames. In such cases, new frames must await subsequent bursts.

12

© 2009 RAD Data Communications Ltd

Application Guide: Ethernet SLA Support Tools

Figures 5 and 6 illustrate CIR and EIR values in UNI A and UNI B, respectively.

Figure 5: CIR and EIR values in UNI A

Figure 6: CIR and EIR values in UNI B

2.4.1 Effective Throughput When planning bandwidth commitments, the difference between line rate and effective throughput should be taken into account, as frame header VLAN tags and other overhead may potentially consume significant portions of available bandwidth. For SLA rate measurement purposes, user data usually includes IEEE 802.3 Ethernet frames from the destination MAC address (DA) to the Frame Check Sequence/Cyclic Redundancy Check (FCS/CRC) field, including the CE-VLAN tag. Service provider data in IEEE 802.1ad (Q-in-Q) networks include four bytes of the SP-VLAN tag, while the Ethernet protocol itself typically adds the following overhead5: •

Preamble + Start Frame Delimiter (7 bytes + 1 byte): Synchronizes receiving network elements with incoming signals and indicates the start of the frame

•

IFG – Inter-frame Gap (12 bytes): Provides a brief recovery time between frames for the receiving element (96 bit times/8 bits = 12 bytes)

5

Also exists in LAN traffic on the user side

© 2009 RAD Data Communications Ltd

13

Application Guide: Ethernet SLA Support Tools

Figure 7: User, network and protocol data in 802.3 Ethernet frames

Obviously, the effective throughput is directly impacted by the frame size. For large Ethernet frames carrying, for example, 1,500 bytes of data payload at a line rate of 10 Mbps, the calculation will be as follows: 1. Total frame size = 8B (Preamble + SFD) + 6B (DA) + 6B (SA) + 4B (SP-VLAN) + 4B (CE-VLAN) + 2B (T/L) + 1,500B (data payload) + 4B (FCS/CRC) + 12B (IFG) = 1,546 bytes 2. User data = 6B (DA) + 6B (SA) + 4B (CE-VLAN) + 2B (T/L) + 1,500B (data payload) + 4B (FCS/CRC) = 1,522 bytes 3. Ethernet overhead = {[8B (Preamble + SFD) + 4B (SP-VLAN) + 12B (IFG)] / 1,546 bytes (total frame size)} x 100% = 1.55% 4. Effective throughput = [1,522 bytes (user data) / 1,546 bytes (total frame size)] x 10 Mbps (line rate) = 9.84 Mbps However, smaller frames using the same line rate are characterized by a lower effective throughput due to higher overhead relative to their size, as demonstrated by the following calculation for a 46byte payload data frame: 1. Total frame size = 8B (Preamble + SFD) + 6B (DA) + 6B (SA) + 4B (SP-VLAN) + 4B (CE-VLAN) + 2B (T/L) + 46B (data payload) + 4B (FCS/CRC) + 12B (IFG) = 92 bytes 2. User data = 6B (DA) + 6B (SA) + 4B (CE-VLAN) + 2B (T/L) + 46B (data payload) + 4B (FCS/CRC) = 68 bytes

14

© 2009 RAD Data Communications Ltd

Application Guide: Ethernet SLA Support Tools

3. Ethernet overhead = {[8B (Preamble + SFD) + 4B (SP-VLAN) + 12B (IFG)] / 92 bytes (total frame size)} x 100% = 26% 4. Effective throughput = [68 bytes (user data) / 92 bytes (total frame size)] x 10 Mbps (line rate) = 7.39 Mbps The actual throughput experienced by the enterprise is therefore dependent on the relative proportions of various applications in the traffic mix. A higher share of 68-byte user data packets, such as being used for most VoIP traffic, will result in lower throughput efficiency. In addition to the Ethernet-related bandwidth penalties, the physical media used for transmission may require further overhead for framing and encapsulation. For example, Ethernet over DSL throughput is affected by the particular transport protocol being used: The traditional DSL protocol stack includes an ATM sub-layer, which presents heavy bandwidth fines (“cell tax”) of up to 20%-50%; the more recent EFM (Ethernet in the First Mile) encoding, such as used by the LA-210 demarcation device at UNI B, enables improved line utilization and a 5% overhead. Likewise, multi-circuit copper access that is powered by Ethernet over NG-PDH capabilities, as is the case for the RICi demarcation device at UNI A, can rely on constant, predictable and lower overhead with GFP (generic framing protocol), VCAT (virtual concatenation) and LCAS (link capacity adjustment scheme) encapsulation and bonding tools, compared to the less-efficient HDLC, MLPPP and IMA methods.

2.5

Performance Guarantees

A key element in the SLA defines the performance and QoS guarantees that the service provider commits to the enterprise, specifically, frame delay, delay variation and frame loss. Frame Delay (“Latency”) is the time a transmitted frame travels across the network until it is delivered. VoIP and real-time services require extremely low latency, as even the smallest delay has a dramatic effect on service quality. TCP applications are also impacted from increased network delay, taxing the network resources with re-transmissions when session timeouts occur. Frame Delay Variation (“Jitter”) is the difference in delay between consecutive frames, causing them to arrive at their destination at inconsistent intervals. Jitter is a critical performance parameter for real-time services.

© 2009 RAD Data Communications Ltd

15

Application Guide: Ethernet SLA Support Tools

Frame Loss Ratio is the percentage of undelivered frames out of all the frames that were transmitted within a certain time interval. Packet loss might lead to service degradation and can have a negative effect on throughput when dropped frames are re-transmitted, as is the case with TCP/IP applications. The nominal values for the above performance commitments are specified in the SLA, together with qualifying parameters, such as the service direction (one-way or round-trip), the percentage of traffic and the time interval for which these commitments are valid. Table 8 details the performance metrics guaranteed by the service provider for the enterprise. These are presented per class of service and refer to both EVCs, in all locations.

Performance Attribute

Real-Time (VoIP)

Priority (LAN-to-LAN)

Best Effort (Internet Access)

Frame Delay •

Value (ms)