Use Juniper BNG CUPS for Subscriber Steering and Load Balancing
SUMMARY This section describes how Juniper BNG CUPS uses subscriber steering and load balancing. This includes a description of the standards for broadband access network, a description of Juniper's subscriber session steering and load balancing, and configuration requirements for both subscriber session steering and load balancing.
Standards Overview
In a traditional broadband access network, the access nodes connect customers to the network. Service gateways (such as the broadband network gateways) connect customers to network services. Today, the connectivity between the access node and the broadband network gateway (BNG) is generally very static. The subscribers on a particular access node usually connect to the same BNG (also referred to as the service gateway). Typically, subscribers make changes to configurations only when deploying or upgrading the network.
However, the requirements and the architecture of the broadband access network are changing. The world is becoming more dependent upon broadband, with home working placing more demands on the broadband network. Video streaming is no longer just about entertainment; it is an important part of how we learn and work.
Edge compute services and user needs require connectivity to service gateways that are closer to the user. This connectivity reduces the latency between the user and the service.
Service gateway nodes such as the BNG are evolving to become disaggregated. This separation of the control functions from the user plane (or data plane) functions allows for more scalability and flexibility. With services moving further to the edge, scalability requirements change. Requiring more BNGs or smaller BNGs drives the need for disaggregation and scale-out.
You need to perform maintenance activities and upgrades more often to react to customer needs. Virtualization enables new network functions including service gateway creation, upgrades, and removal on demand.
Broadband Forum WT-474 Subscriber Session Steering (WT-474) requirements standardizes a more flexible and dynamic broadband access network to meet these new requirements.
From the WT-474 requirements, “WT474 is an architecture to enable dynamic real time decisions about the placement of subscribers in the network.”
Figure 1 shows the WT-474 subscriber session steering architecture as defined by the WT-474 requirements.
The figure shows a disaggregated broadband network gateway as defined by the Broadband Forum's TR-459 Control and User Plane Separation for a disaggregated BNG (TR-459) technical report.
The lighter colors denote the existing elements of the access network. The service gateway identifies any gateways that connect subscribers to their services.
The dark green items denote the new key functions listed below:
-
The access session detection function—Used to identify when a new subscriber is connecting to the network.
-
The user plane selection function—Responsible for making the real-time decisions as to which service gateway and to which Juniper BNG User Planes (BNG User Planes) to connect the subscriber to.
-
The traffic steering function control lane—Responsible for the configuration of the Traffic Steering Functions.
-
The traffic steering function—Forwards the traffic of the subscribers to and from the identified BNG User Plane.
As described in the WT474 architecture, "There is no requirement in the architecture for these new functions to be implemented in dedicated boxes – for example, the Traffic Steering Function is expected simply to be an integral part of the existing Access Node, or aggregation switches, and the traffic steering function control plane and user plane selection function might be implemented as dedicated software, or as part of an SDN controller. The purpose of this architecture is to standardize the approach, interfaces and data models for session steering such that it can become a standard capability of an access network.”
Key Benefits of Subscriber Steering and Load Balancing
Juniper BNG CUPS provides key operational and service-differentiating benefits.
Following are the operational benefits:
-
Active load balancing of subscribers on BNG User Planes across the network
-
Seamlessly moving subscribers away from BNG User Planes that require maintenance
-
Enabling a Continuous Deployment approach to software upgrades
-
Optimizing power consumption by moving subscribers onto a smaller number of BNG User Planes
Following are the service-differentiating benefits:
-
Customer on-demand connecting to edge-service locations that can then deliver the required end user experience (for example, low latency)
-
Mapping of specific service types to dedicated slices of the network
-
Flexibility of trying new capabilities without requiring entire network upgrades
Juniper BNG CUPS Subscriber Session Steering Overview
As described in the WT-474 architecture, the user plane selection function together with the traffic steering function on the Juniper BNG CUPS Controller (BNG CUPS Controller) place subscriber sessions based on specific operator defined characteristics.
Subscriber session steering aggregates the user plane selection function and the traffic steering function control plane into the user plane selection function module. The user plane selection function module triggers the subscriber BNG User Plane placements based on the specific operator-defined characteristics.
Juniper BNG CUPS subscriber steering provides a one-touch mechanism for steering a subscriber’s traffic through the access network to the selected BNG User Plane (service application point).
The steering works per subscriber and service using a RADIUS policy.
How Subscriber Session Steering Works
The user plane selection function module starts when a subscriber logs in. This module validates that the Juniper BNG User Plane supports the subscriber's services. If it cannot support the subscriber's services, the subscriber's login ends. The steering function then directs the subscriber to an appropriate BNG User Plane.
The user plane selection function selection uses the subscriber's service group vendor-specific attribute (VSA).
Service group VSA is a new RADIUS VSA added to the subscriber for use with the user plane selection function.
The user plane selection function module chooses the BNG User Plane that hosts the subscriber based on the RADIUS service group VSA. (See Figure 2.)
The default BNG User Plane is the ingress BNG User Plane for the subscriber login control packets. The target BNG User Plane is where user plane selection function places the subscriber. Depending on the network architecture, the default BNG User Plane and the target BNG User Plane might be the same physical BNG User Plane.
For example, the residential gateways can connect to the access network using known C-TAG and S-TAG VLANs. The user plane selection function module implements traffic steering through the access network to the proper BNG User Plane. It does this by mapping the residential gateway's VLAN tags to the correct access node's connected link (for example, pseudowire) that ends at the desired BNG User Plane.
Subscriber session steering assumes that the access node manager can communicate with the access node. Also, that it can change the mapping between the residential gateway's VLANs and the access node to the BNG User Plane connected link.
A cluster is a set of BNG User Planes that can service an access node. A subscriber that an access node services ends at the cluster. Each BNG User Plane sends the user plane capabilities to the Juniper BNG CUPS Controller. The capabilities include the name of the cluster to which the BNG User Plane to belongs and the name of the service group that the BNG User Plane supports.
The BNG CUPS Controller stores the BNG User Plane capabilities and sends an event to the user plane selection function module. Upon receiving this event the user plane selection function module writes this BNG User Plane data into the user plane selection function placement database.
The subscriber login sequence proceeds through the following steps:
-
You configure a BNG User Plane with a list of the service groups that it can support and the name of the cluster to which it belongs.
-
When connecting to the BNG CUPS Controller, the BNG User Plane provides a list of service groups and the cluster to the BNG CUPS Controller as capabilities.
-
The placement application takes the BNG User Plane service group capabilities and cluster from the BNG CUPS Controller. It then enters the BNG User Planes into its local database.
-
RADIUS creates a new service group VSA for the subscriber that contains the service group name.
-
The AAA Service Framework provides the subscriber’s service group name and the BNG User Plane identifier as part of the subscriber's login.
-
The user plane selection function module looks up whether the default BNG User Plane that the subscriber arrived on can support the service group.
-
A. Yes—The user plane selection function module sends an ACK login request to AAA.
-
B. No—The decision goes out to the user plane selection function module.
-
The user plane selection function module looks for a BNG User Plane in the cluster that supports the required service group.
-
The user plane selection function module tells the access node manager to connect the access node to the correct BNG User Plane to route the subscriber to.
-
The user plane selection function module sends a NACK login request to AAA.
-
-
After the above sequence is completed, the following occurs: If a subscriber requires a service that is not supported on the default BNG User Plane, the subscriber reconnects and is placed on a BNG User Plane that does support the required service group.
Configuring Subscriber Session Steering
Consider the following use case: A BNG CUPS Controller manages two BNG User Planes (UP-example-1and UP-example-2). They both are part of the same cluster. The UP-example-1 BNG User Plane can provide only Internet service. The UP-example-2 BNG User Plane can provide premium services with low latency, such as gaming. Therefore, subscribers connecting to UP-example-1 can get only Internet services, whereas subscribers connecting to UP-example-2 can get gaming services.
You perform the subscriber session steering configuration on the BNG User Plane. RADIUS users must have the new service group VSA set to the desired service group.
On the BNG User Planes, define the clusters and service groups supported on the BNG User Planes. The service group names that you configured on the BNG User Planes must match the RADIUS service group VSA for the users.
To configure subscriber session steering, perform the following procedure on the BNG User Planes:
Subscriber Session Steering Operational Behavior
Using the previous example, assume that a user subscribes to a gaming service. Also, use a subscriber VLAN-Tag of 100. The links between the access node and the BNG User Planes are pseudowires.
For example, the link from the access node to UP-example-1 is ps0.25. The link from the access node to UP-example-2 is ps0.35.
When a subscriber logs in to UP-example-1 over ps0.25, the BNG CUPS Controller receives the subscriber packet and notifies the user plane selection function module. The user plane selection function module looks up whether UP-example-1 can support the service-gaming service group. Because UP-example-1 can support only the service-internet service group, the user plane selection function module looks up which other BNG User Planes in the cluster can support the service-gaming service group.
The user plane selection function module finds the BNG User Plane UP-example-2, which supports the service-gaming service group. The user plane selection function module then tells the access node manager to cross-connect the subscriber's VLAN-Tag 100 to this link (pseudowire ps0.35). The access node manager communicates the steering information to the access node. So, during the subscriber's next login attempt, the subscriber is redirected to the correct BNG User Plane (UP-example-2).
Last, the user plane selection function module sends a NACK to the AAA Service Framework on the BNG CUPS Controller, which causes the subscriber to log in again. The second login attempt is redirected to the desired BNG User Plane.
Subscriber Session Load Balancing Overview
Subscriber Session Load Balancing gives the operator the capability to distribute subscriber loads across the BNG User Plane in the network by moving subscribers from one BNG User Plane to another.
The use cases for steering with load balancing fall into the following network access models:
-
Layer 2 (L2) broadcast domain
-
Non-broadcast domain (for example, when the underlying L2 technology uses pseudowire)
Subscriber Session Load Balancing at the BNG CUPS Controller supports single-family; DHCPv4 and DHCPv6 over PPPoE, and dual-stack; DHCPv4 and DHCPv6 over PPPoE.
How Subscriber Session Load Balancing Works
Subscriber Session Load Balancing assumes that multiple BNG User Planes can receive the same residential gateway's first sign-of-life packet. First sign-of-life packets can be either DHCP discover packets or PPPoE Active Discovery Initiation (PADI) packets.
Subscriber Session Load Balancing is based on the following two mutually exclusive criteria:
-
BNG User Plane reported load. The load balancing at the BNG CUPS Controller is based on the live load reported by the BNG User Plane. The BNG User Plane reports the live load as a percentage.
-
Weight in the dynamic-profile, which can be logical interface set weight or subscriber weight.
Report-based Subscriber Session Load Balancing
Report-based load balancing is achieved using the Logical-Port Packet Forwarding Control Protocol Information Element or IE (as described in the TR-459 technical report).
This mechanism depends on the BNG User Plane sending Packet Forwarding Control Protocol logical port usage reports to the BNG CUPS Controller. The load balancing occurs in-line in the control packet I/O processing by allowing or denying the first sign-of-life packet. The load balancing mechanism compares the BNG User Plane logical port candidates and chooses the one with less usage (least percentage utilization). The logical port utilization for the logical port candidates is stored in the load-balancing database.
Weight-based Subscriber Session Load Balancing
Weight can be defined in different ways, based on your needs: Weight can be subscriber bandwidth, logical interface set bandwidth, or an even number of subscribers per logical interface set.
Weight-based load balancing compares the configured logical port maximum weight to computed weight.
Computed weight is dynamic and does the following:
-
Increases when each weighted item (subscriber or logical interface set) is being instantiated.
-
Decreases when each weighted item (subscriber or logical interface set) is being de-instantiated.
-
Compares the logical port configured maximum weight to allow or deny a subscriber on this logical port.
Weight-based load balancing can work with hierarchical class of service (HCoS) or independently.
Weight-based load balancing is part of the dynamic profile instantiation. Weight-based load balancing has a tolerance of one element above the maximum weight configured.
Weight-based load balancing does not use the BNG User Plane logical port reported load. You can still examine the reported load from the BNG User Plane logical port. Use the show system subscriber load balancing group commands to examine the reported load.
When you configure weight-based load balancing, the BNG User Plane reported load is used only for monitoring purposes and troubleshooting.
Configure Subscriber Session Load Balancing
Consider the use case in Figure 3, where a BNG CUPS Controller manages two BNG User Planes (UP-example-1 and UP-example-3). They both can receive the same residential gateway’s PADI by being configured each with an active pseudowire that carry the same PADI to both BNG User Planes.
For weight-based load balancing, you use the dynamic profile configuration to specify subscriber weight or logical interface set weight.
To configure subscriber weight, perform the following configuration on the BNG CUPS Controller:
Report-based Load Balancing Operational Behavior
Consider the example of a PPPoE subscriber login using BNG User Plane load reports for load balancing. In this example, the same PADI that the residential gateway sends arrives at both BNG User Plane UP-example-1 and BNG User Plane UP-example-3.
Also, you define the load balancing group to contain UP-example-1 and UP-example-3 logical-ports to the pseudowires that carry the subscriber PADI.
[edit system services subscriber-management mode control-plane] user@host# set system services subscriber-management mode control-plane load-balancing group group-name user-plane UP-example-1 port UP-example-1:ps0.30
[edit system services subscriber-management mode control-plane] user@host# set system services subscriber-management mode control-plane load-balancing group group-name user-plane UP-example-3 port UP-example-3:ps0.25
Suppose that UP-example-1 exceeds an incremental threshold for which an upper limit exists, resulting in UP-example-1 reporting a load percentage that doesn’t allow any more subscribers.
As was mentioned earlier, the same PADI that the residential gateway sends arrives at both UP-example-1 and UP-example-3. Both UP-example-1 and UP-example-3 forward the PADI to the BNG CUPS Controller. The BNG CUPS Controller discards the UP-example-1 PADI and allow the PPPoE subscriber to log in to UP-example-3.
You can use the following load-balancing
show
command to examine the percentage load reported by the BNG User Planes for their
logical ports.
user@host#> show system subscriber-management load-balancing group group-name Group Name UP Name Logical-Port Usage Computed weight Max weight mygroup UP-example-1 UP-example-1:ps0.30 80 0 0 UP-example-3 UP-example-3:ps0.25 5 0 0
Weight-based Load Balancing Operational Behavior
Consider the example of a PPPoE subscriber login using BNG User Plane load reports for load balancing. In this example, the same PADI that the residential gateway sends arrives at both BNG User Plane UP-example-1 and BNG User Plane UP-example-3.
Consider the example of a PPPoE subscriber login using weight for load balancing. In this example, the PADI that the residential gateway sends arrives at both BNG User Plane UP-example-1 and BNG User Plane UP-example-3.
In this example, you configure the logical-port maximum weight on the BNG CUPS Controller. Define the load-balancing group to contain UP-example-1 and UP-example-3 logical-ports.
[edit system services subscriber-management mode control-plane] user@host# set system services subscriber-management mode control-plane load-balancing group group-name user-plane UP-example-1 port UP-example-1:ps0.30 max-weight 10
[edit system services subscriber-management mode control-plane] user@host# set system services subscriber-management mode control-plane load-balancing group group-name user-plane UP-example-3 port UP-example-3:ps0.25 max-weight 10
After you configure the weight, you then configure the logical interface set in the dynamic profile.
[edit] user@host# set dynamic-profiles profile-name interfaces interface-set interface-set-name load-balance weight 2.5
The first PPPoE subscriber that logs in creates the logical interface set on BNG User Plane UP-example-1. Each logical interface set weight is added up to a computed weight that must be less than 10 (the max logical port weight).
After the subscriber's log in creates the logical interface set and places the logical interface set on a BNG User Plane, it doesn’t move. All subscribers belonging to that logical interface set follow the logical interface set (placed on the same BNG User Plane as their corresponding logical interface set).
After that, every new PADI coming in for this logical interface set is placed on BNG User Plane UP-example-1 and dropped from BNG User Plane UP-example-3.
As subscribers for a new logical interface set login, the new logical interface set weight is added to the computed weight and compared to the maximum weight. When the computed weight is greater than the maximum weight, the new logical interface set is no longer placed on BNG User Plane UP-example-1. Instead, the logical interface set is placed on BNG User Plane UP-example-3.
Operational Behavior of Subscriber Session Steering and Load Balancing Combined
The most flexible and powerful use case is when you get all the benefits of network load balancing and service differentiation together in one topology.
In Figure 3, you learn about this use case: If the BNG User Planes belong to the same cluster, you can steer subscribers based on different service requirements between VLAN A and VLAN B (for example, internet on BNG User Plane UP-example-1 or gaming on BNG User Plane UP-example-2). You can also load balance subscribers on VLAN A between BNG User Plane UP-example-1 and User Plane UP-example-3.