Scribd
Upload
77 views

Content Services Gateway 2nd Generation (CSG2) : Technical Overview

Uploaded by

Anonymous SmYjg7g
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
77 views

Content Services Gateway 2nd Generation (CSG2) : Technical Overview

Uploaded by

Anonymous SmYjg7g
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 55

Content Services Gateway 2nd Generation

(CSG2)
Technical Overview
EDCS-495880

Mobility, Signaling and Control Business Unit (MSCBU)

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 1
Agenda

 Overview
 Comparison
 Architecture
 Life of a Packet
 Deltas CSG2 vs. CSG1
 CSG1 Challenges Addressed
 Selected Flow Examples

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 2
Overview

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 3
CSG2 Requirements

 High capacity blade


 300,000 subscribers
 1.8 million flows
 4-5x performance increase over CSG1
 Functional parity and/or equivalency with R7 of CSG1
 7600 chassis integration with Sup720-3BXL
 Directly compatible with existing CSG1 external
interfaces
 Maintain existing load balancing strategy
 Hardware IPv6-ready, future software update to enable
IPv6

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 4
Major CSG2 Similarities & Differences
Directly migratable interfaces:
 Meet current CSG1 (R7) external interfaces
GTP’ (BMA, QS)
Radius (Proxy, GGSN, Radius servers) – only latest levels of RADIUS Proxy, Monitor, and
Endpoint are supported.
Network Management
Service configuration (although there will be some keyword changes)
 Can insert in same chassis/Sup720 with CSG1 R7.
 Maintain existing load balancing strategy
Known (to date) differences:
 Session-level stateful failover will use new heartbeat msgs. Cannot mix CSG1 and
CSG2 in the same stateful pair.
 Configuration changes:
Configuration is segmented by card (no longer uses shared config). Some configuration
format changes.
Data path configuration and routing changes
 Sup720-3BXL, new IOS level will be required. No Sup2 and no Hybrid support.
 HTTP/WAP2 half-proxy scheme is not carried forward. Therefore packets leading
to URL-based or Header-based classification may be forwarded prior to policy
binding.

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 5
System Overview
Balance quota servers
AAAs
Billing Mediation Agents

Protocol change not


Strategy change allowed.
Config Messages
and
not allowed, protocolestablished
follow change
software update compatibility
not allowed.rules.
may be needed.

Config and
Change
protocolallowed
change in
RLB

redundancy
not allowed.
Config & routing scheme
changes allowed

HSRP

Content
GGSN Servers

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 6
New Features in CSG2
 Support for IP Fragmentation for all protocols
 Support for out-of-order TCP segments for all protocols
 Configuration of "LOW QUOTA MAX" per service via new "reauth" command
 Exclusion of RFC2822 headers in SMTP billing records
 Tune queue size for BMA, PSD, QS separately
 Complete online diagnostics at reload
 Upgraded CSG2 MIB, now CISCO-CONTENT-SERVICES-MIB
 SNMPv3
 More current values for usage in reports to Quota Server and BMA
–sending intermediate transaction CDRs
–sending intermediate service level CDRs
–sending reauthorization requests
 Support for PAUSE on interleaved RTSP connections

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 7
New Features in CSG2 – cont.
 Support for TCP Selective ACK
 Protocol transparency
 Remote Command and Logging from Supervisor (RCAL)
 Field upgradable ROMMON
 ROMMON recovery
 Notification if configured PSD not present at startup
 New CLI replaces CSG1 environmental variables
 Multiple accounting types per service
 Correlate start and stop for user session
 RTSP stream reporting and re-use enhancements
 Support for '+' operator in maps
 Quota reporting in Service Reauthorization message
 RTSP and FTP content configurable for any port

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 8
New Features in CSG2 – cont.
MIB Support
– CISCO-CONTENT-SERVICES-MIB – TCP-MIB
– MIB II – UDP-MIB
– IF MIB – CISCO-PING-MIB
– ENTITY-MIB – CISCO-ENHANCED-MEMPOOL-MIB
– CISCO-SYSLOG-MIB – CISCO-PROCESS-MIB
– CISCO-IMAGE-MIB – CISCO-PRODUCTS-MIB
– RMON2-MIB – CISCO-ENTITY-VENDORTYPE-OID-MIB
– CISCO-TCP-MIB – SNMPv3-MIB
– SNMP-FRAMEWORK-MIB – SNMPv2-MIB
– SNMP-NOTIFICATION-MIB
– SNMP-TARGET-MIB

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 9
CSG2 Product Overview
Feature Benefit

Built on proven CSG1 product No loss of features


Operational familiarity

Service configuration concepts from CSG1 Configuration simplification without significant re-
education

Interface consistency with CSG1 Protect investment in RADIUS AAA and billing
mediation partner architectures

Protocol consistency Less deviation in billing and forwarding policies

Protocol transparency Provides greater isolation from handset


inconsistencies

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 10
CSG2 Product Overview
Feature Benefit

Integral management on CSG2 blade (SAMI) No supervisor development required for additional
CSG2 features

Parallel processing (vs. pipelined in CSG1) and Parallel processing, at least doubled throughput
increased memory
Increased memory for more URL maps
Built on Cisco IOS Utilizes time-tested networking features, familiar
CLI, troubleshooting capabilities, etc.

IPv6-ready hardware Road-mapped upgrade to IPv6 via software


development in 2008

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 11
Scaling & Performance Targets

 Scaling per CSG2


300,000 active subscribers
1.8M concurrent sessions
up to 200 flows per subscriber, targeted average of six concurrent flows
per sub
16,384 policies
4096 maps
1024 services
4096 content/policy pairs

 Performance per CSG2


Up to 5 Gbps throughput initially, target 8 Gbps
5000 transactions per second across all bearer plane protocols

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 12
CSG Available Releases
CSG R6.0 CSG R7.0
Functionality Additional Functionality

•SMTP prepaid charging •Threshold pipelining support All CSG R6.0 Plus:
•Prepaid server initiated •Fragmentation support •RTSP pause support
service term •Chunking support •WAP performance Imp.
•RTSP billing (prepaid and •URL redirect for service •WAP1 service-level CDRs
postpaid) authorization •KUT entry timeout
•AoC and token stripping •Bearer disconnect •RADIUS VSA subattribute parsing
support •SMTP content authorization •HTTP IP byte count reporting
•Duration-based charging •Connection time billing •Enhanced quota reconciliation
•Prepaid error reimbursement •Default quota (limited) •Blank-out X-FORWARDED-FOR
•HTTP 1.1 pipeline request •Consolidated CDR (Service value
support Level) •Out-of-order packet
•WAP 2.0 support—volume- •CDR format change HTTP, •Drop non-WAP packets delivered to
based prepaid billing for MMS RTSP; POP3; SMTP, IMAP a WAP content/policy
over WAP 2.0 (option) •Services - 1024
•Report RADIUS attrbs. to QS •Overlapping IP address support •Services rules - 4096
•Retrieve user profile on (SUP 720)
RADIUS access accept •L2 enhancements
•Email (POP3 and IMAP4- •SUP32
•Billing Plan ID in CDRs header exclusion) post and
•RADIUS interim accounting prepaid support •Quota reporting
•Secure tunnel volume acct. •Tariff switch support •HTTP URL match - sequential
HTTPS slashes & sequential dots
•Cisco eGGSN
•Config quota BMA/QS support
Quota push
•Ack enhancements

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 13
CSG2 - Roadmap
CSG2 R1 CSG2 R2 CSG2 R3
Execution Committed Concept Committed Planning Priorities

•SAMI service module •Support for TCP selective •3GPP compliance •CSG_basis bytes reserved
•S-Ack support ACK •Gx QoS policies max per service
•Protocol transparency •GX charging policies •Increased subscribers - 800K
•P2P both party pay support
•MMS Send/Receive billing •2 GByte Memory for SAMI
•TCP reset on no quota •Remote Command And •Wild card ―KEY‖ •Active – Active
•Multi-protocols per service Logging from Supervisor enhancements •Support for PSD-CLIENT-
(RCAL) •Key Performance Indicator
•SNMPv3 support MIB
•Field upgradeable •RTSP teardown delay •Performance improvement
•MIB enhancements
ROMMON •SSH console support program to achieve 8Gbps
•GTP’ queue tuning •Time based billing
•ROMMON recovery target from R1
•IP Fragmentation for all consistency •IPv6
•Notification if configured
protocols
PSD not present at startup •SAMI MIB •Secondary PDP support
•Start-up diagnostics •RTSP enhancements •Parking meter
•New CLI replaces CSG1 •In-service maintenance
•Configuration of "LOW environmental variables •WAP1.0 connect correlation
QUOTA MAX" per service enhancement upgrades
•Multiple accounting types •DCCA v1 / v2 compliance
via new "reauth" command
per service •Sandwich TPO support
•Exclusion of RFC2822 •Time precision improvement
•Correlate start and stop for
headers in SMTP billing •Concurrent charging and
user session
records filtering from single module
•RTSP stream reporting and
•RSTP pause support •Enhanced I-Mode Email
re-use enhancements charging
•More current values for
•Support for '+' operator in •Jumbo frame support
usage in reports to quota
maps
server and BMA
•Quota reporting in service
reauthorization message

Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul
2007 2007 2007 2007 2007 2007 2007 2007 2007 2007 2007 2007 2008 2008 2008 2008 2008 2008 2008

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 14
Comparison

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 15
CSG1/CSG2 Architecture Comparison
CSG1 CSG2
Pipelined Architecture Parallel Architecture

Optimized for fast Optimized for newer (faster)


processors with limited processors with expanded
memory space. memory space.
Control
CPU
Inspection Path SC8548
WAP 1.0, email, RTSP
control, FTP control Control Traffic
CPU Processor
PPC405GP SC8548

Traffic
Processor
Traffic SC8548
distribution
Traffic Traffic Traffic Traffic Traffic
Processor Processor Processor Processor Processor
IXP1200 IXP1200 IXP1200 IXP1200 IXP1200 Traffic Traffic
Processor Processor
IXP2800 SC8548
Fast Path
HTTP, L4, WAP 2.0, RTSP
(RTP) data, FTP data
Traffic
Processor
SC8548

Traffic
Processor
SC8548

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 16
CSG1 and CSG2 Comparison
Subsystem CSG1 CSG2

Classic Line Card – Supports Constellation Bus Only CEF256 Line Card – Supports Switch Fabric and Constellation Bus
4Gbps Full-Duplex Backplane Interconnect Bandwidth 20Gbps Full-Duplex Redundant Switch Fabric Interconnect Bandwidth
Interconnect
Constellation Bus Aggregate Bandwidth 8Gbps Full-Duplex Switch Fabric Aggregate Bandwidth 360Gbps Full-Duplex
Internal Interconnect Aggregate Bandwidth 4Gbps Internal Interconnect Aggregate Bandwidth 50Gbps+

Six PowerPC SC8548 @ 1.25GHz (5 for traffic classification)


One PowerPC 405GP @ 166MHz
Embedded 1GB DDR2 SDRAM per PowerPC @ 250MHz
256MB SDRAM PowerPC Memory
Processors Daughtercard Data Path – 32-bit FIFO @ 125MHz DDR (8Gbps)
PowerPC Data Path – PCI Bus 32-bit @ 33MHz (1Gbps)
PowerPC Data Path - 16-bit FIFO @ 125MHz SDR (2Gbps)

Five IXP1200 @ 166MHz Two IXP2800 @ 1.4GHz

Network Six Micro Engines per IXP1200 Sixteen Micro Engines per IXP2800
Processors Single Channel 256MB SDRAM per IXP1200 Three RDRAM Channels 256MB each per IXP2800
Single Channel 8MB SRAM per IXP1200 Four QDRAM Channels 8MB each per IXP2800

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 17
IXP1200 and IXP2800 Comparison

IXP1200 IXP2800

6 Micro Engines per IXP1200 @ 166 MHz 16 Micro Engines per IXP2800 @ 1.4 GHz
30 Micro Engines Total 32 Micro Engines Total
1 G-Operations/Sec Total 20 G-Operations/Sec Total
2K 32-bit Instructions per Microengine 8K 40-bit Instruction per Microengine
12K 32-bit Instructions per IXP1200 128K 40-bit Instruction per IXP2800
60K 32-bit Instructions Total 256K 40-bit Instructions Total
4 Threads per Micro Engine 8 Threads per Micro Engine
120 Thread Total 256 Threads Total
1 SDRAM 64-bit Channel per IXP2800 3 64-bit DDR RDRAM Channels per IXP2800 @ 533MHz
256MB/7.4Gbps/Channel 256MB/16.8Gbps/Channel
1280MB SDRAM Total 1536MB RDRAM Total
SDRAM Bandwidth 37Gbps Total RDRAM Bandwidth 100.8Gbps
1 32-bit SRAM Channel per IXP1200 4 QDR 32-bit Channels per IXP2800
8MB/3.7Gbps/Channel 8MB/16Gbps/Channel
40MB SRAM Total 64MB QDR SRAM Total
SRAM Bandwidth 18.5Gbps Total QDRAM Bandwidth 128Gbps Total

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 18
Architecture

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 19
Software

Software effort is a combination of porting, adaptation,


and re-implementation.

Port CSG1 to IOS, new CPU


• Inspection-path protocols port most easily,
– maximizing code reuse
• HTTP requires new software

Adapt CSG1 to parallel-processor environment

Adopt consistent processing model to all protocols

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 20
Hardware

 CSG2 builds on the next-generation CSM hardware for the 7600


Adds two Daughter cards using 3 Freescale 8548 PPC processors each to
greatly expand the processing capabilities and memory.
The baseboard hardware is used ―as-is‖ with no modification, leveraging CSM
field experiences.

 Daughter card design leverages additional internal work within Cisco to


accelerate maturity of the design
– PowerPC 8548 complex on the daughter card is based on the MCP-RP
design with some modifications
– Daughter card interface is modeled after other internal development
– FPGA and PLD logic share design with other similar implementations in Cisco

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 21
SAMI Block Diagram
Base Board
BCM 1250 DDR2 Flash
SC8548H
Complex 1GB 32MB

Flash
DC DDR2 Local
SC8548H 32MB
FPGA 1GB Bus
CPLD
Flash
32MB
DDR2
LCP SC8548H
1GB
FPGA

PLX
Bridge
Daughter Card
7600
Backplane
Classification DDR2
SC8548H Flash
Super And 1GB 32MB
Santa Distribution
Ana Engine
50+ Gbps Local Flash
IXP2800 DC DDR2
SC8548H Bus 32MB
Complex 1 FPGA 1GB
CPLD
Flash
IXP2800
32MB
Complex 2 DDR2
SC8548H
(unused) 1GB

Hyperion
PLX
Bridge
Daughter Card

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 22
Base Board Block Diagram
Classification BCM1250
I/O Bus And Complex
Distribution 2Gbps 16-bit FIFO Bus 125MHz EOBC
Engine
PCI
LCP 10 Gbps Bridge
FPGA 16-bit x 350MHz x 2 (DDR)

IXP2800
LCP 50+ Gbps SPI 4.2 Complex
Bus switching
Dual capability
16 Gbps PCI
IXP2800 I/O Bus
Super SPI 4.2 32-bit
Santa Complex 33 MHZ
Fabric Ana
10 Gbps
7600
16-bit x 350MHz x 2 (DDR)
Backplane LCP Dual
Bus 20 Gbps

16 Gbps 16 Gbps
8 Gbps FIFO
Hyperion 32-bit x 125MHz x 2 (DDR) Daughter
Bus Card 1
Local Connector
DDR
Bus

8 Gbps FIFO
32-bit x 125MHz x 2 (DDR) Daughter
Card 2
Connector

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 23
Daughter Card Block Diagram
Control Status Register
Local Bus Local Bus

Master DDR2
DC
CPU MiniDIMM
FPGA 250MHz DDR
16-bit FIFO @
SC8548H 1GB
125MHz SDR 64-bit
2Gbps FDX x3

Data path
Local Bus
Motherboard Connector

Flash
Slave DDR2 32MB
32-bit CPU MiniDIMM CPLD
FIFO SC8548H 250MHz DDR 1GB
Interface 64-bit
8Gbps Flash
8-bit FIFO
Full Duplex 125MHz SDR 32MB
1Gbps FDX
x3 Local Bus
Inter-CPU Flash
Slave DDR2 32MB
CPU MiniDIMM
SC8548H 250MHz DDR 1GB
64-bit
PLX
32-bit PCI Bridge
32-bit PCI
33MHz 33MHz

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 24
Improvements

 Daughter Card PPC CPUs use IOS


Allows CSG2 to leverage time-tested IOS features in control and data plane. Example:
Layer2 support

 Increased memory and instruction space in addition to the obvious processor speed
improvements.

 Second Generation Process


Designing and architecting the complete system based on lessons learned from existing
solution. Examples:
• Complexity of existing HTTP half-proxy
• Existing Supervisor and CSG1 co-dependence for new-feature enablement
• Initial CSG1 focus was on HTTP and L4 for fastest processing. Marketplace has
demanded increased inspection of more protocols, and at deeper levels than initially
expected. This protocol inspection has shown itself to require storage of more state
than expected per connection. CSG2 introduces a shift of memory-intensive functions
from IXP to PPC processing.

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 25
Life of a Packet

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 26
CSG2 Architecture

Linecard Processor
(LCP) IXP 2800 IXP 2800
FUTURE USE
Traffic DDR2
1.5GB RAM 1.5GB RAM
SC8548H 1GB
SiByte
1250
2x700MHz MIPS
1 GB Mem DC Traffic DDR2
10 Gb Connector FPGA SC8548H 1GB
10 Gb
100 Mb

2 Gb
8 Gb Traffic DDR2
SC8548H 1GB
CDE
Daughter Card 1
Supervisor
Connection Switch
Traffic DDR2
16 Gb SC8548H 1GB
Fabric
Interface 8 Gb

DC Traffic DDR2
FPGA SC8548H 1GB
Connector
Catalyst
Backplane
Interface
Control DDR2
SC8548H 1GB

Daughter Card 0

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 27
Traffic Flow Through CSG2 - RADIUS

Linecard Processor
(LCP) IXP 2800 IXP 2800
FUTURE USE
Traffic DDR2
1.5GB RAM 1.5GB RAM
SC8548H 1GB
SiByte
1250
2x700MHz MIPS
1 GB Mem DC Traffic DDR2
10 Gb Connector FPGA SC8548H 1GB
10 Gb
100 Mb

2 Gb
8 Gb Traffic DDR2
SC8548H 1GB
CDE
Daughter Card 1
Supervisor
Connection Switch
Traffic DDR2
16 Gb SC8548H 1GB
Fabric
Interface RADIUS 8 Gb

DC Traffic DDR2
FPGA SC8548H 1GB
Connector
Catalyst
Backplane
Interface
Control DDR2
SC8548H Shadow
1GB
KUT
RADIUS
Daughter Card 0

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 28
Traffic Flow Through CSG2 - User Setup

Linecard Processor
(LCP) IXP 2800 IXP 2800
FUTURE USE
Traffic DDR2
1.5GB RAM 1.5GB RAM
SC8548H 1GB
SiByte
1250
2x700MHz MIPS
1 GB Mem DC Traffic DDR2
SC8548H KUT
1GB
10 Gb 10 Gb Connector FPGA Entry
100 Mb

2 Gb
8 Gb Traffic DDR2
SC8548H 1GB
CDE
Daughter Card 1
Supervisor
Connection Switch
Traffic DDR2
16 Gb SC8548H 1GB
Fabric
Interface 8 Gb

DC Traffic DDR2
FPGA SC8548H 1GB
Connector
Catalyst
Backplane
Interface
Control DDR2
SC8548H Shadow
1GB
KUT

Daughter Card 0

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 29
Traffic Flow Through CSG2 - Ingress

Linecard Processor
(LCP) IXP 2800 IXP 2800
FUTURE USE
Traffic DDR2
1.5GB RAM 1.5GB RAM
SC8548H 1GB
SiByte
1250
2x700MHz MIPS
1 GB Mem DC Traffic DDR2
SC8548H KUT
1GB
10 Gb 10 Gb Connector FPGA Entry
100 Mb

2 Gb
8 Gb Traffic DDR2
SC8548H 1GB
CDE
Daughter Card 1
Supervisor
Connection Switch
Traffic DDR2
16 Gb SC8548H 1GB
Fabric
Interface IP Flow 8 Gb

DC Traffic DDR2
FPGA SC8548H 1GB
Connector
Catalyst
Backplane
Interface
Control DDR2
SC8548H Shadow
1GB
KUT
IP Flow
Daughter Card 0

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 30
Traffic Flow Through CSG2 - Egress

Linecard Processor
(LCP) IXP 2800 IXP 2800
FUTURE USE
Traffic DDR2
1.5GB RAM 1.5GB RAM
SC8548H 1GB
SiByte
1250
2x700MHz MIPS
1 GB Mem DC Traffic DDR2
SC8548H KUT
1GB
10 Gb 10 Gb Connector FPGA Entry
100 Mb

2 Gb
8 Gb Traffic DDR2
SC8548H 1GB
CDE
Daughter Card 1
Supervisor
Connection Switch
Traffic DDR2
16 Gb SC8548H 1GB
Fabric
Interface 8 Gb

DC Traffic DDR2
FPGA SC8548H 1GB
Connector
Catalyst
Backplane
Interface
Control DDR2
SC8548H Shadow
1GB
KUT

Daughter Card 0

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 31
Traffic Flow Through CSG2 - Billing
Record Generation

Linecard Processor
(LCP) IXP 2800 IXP 2800
FUTURE USE
Traffic DDR2
1.5GB RAM 1.5GB RAM
SC8548H 1GB
SiByte
1250
2x700MHz MIPS
1 GB Mem DC Traffic DDR2
SC8548H KUT
1GB
10 Gb 10 Gb Connector FPGA Entry
100 Mb

2 Gb
8 Gb Traffic DDR2
SC8548H 1GB
CDE
Daughter Card 1
Supervisor
Connection Switch
Traffic DDR2
16 Gb SC8548H 1GB
Fabric
Interface 8 Gb

DC Traffic DDR2
FPGA SC8548H 1GB
Connector
Catalyst
Backplane
Interface
Control DDR2
SC8548H Shadow
1GB
KUT

Daughter Card 0

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 32
CSG1 Challenges Addressed

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 33
IXP Environment Challenge Addressed
 CSG1 IXP1200 network processor performing L4-L7
functions
Constrained by instruction space
Microcode software development
Slower time-to-market and problem resolution

 CSG2 L4-L7 logic


Built on general purpose processor cores
Built on top of IOS
Developed in C
Many more serviceability features (memory management,
debugger, logging facilities, etc)

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 34
Distributed DB Challenge Addressed

 CSG1 maintained session databases in IXP1200 and


―mirror‖ table in PPC which is susceptible to ―out of
sync‖ issues
 CSG2 maintains a single session table, partitioned
across 5 high-end PPC traffic processors

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 35
L2 Anomaly Challenge Addressed

 CSG1 maintained per session caching of L2 rewrite


information, which complicated network insertion (ex.
no VRRP, or HSRP use-bia command)
 CSG2 leverages proven routing and redundancy
software in CEF and HSRP with no per session L2
rewrite caching

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 36
Network Processor / PPC split-logic
Challenge Addressed

 CSG1’s complex, pipelined network processor


architecture on the ingress path was susceptible to
hang conditions under high load
 CSG2’s architecture reduces load on the ingress path:
– The ingress network processor performs minimal stateless
packet filtering and hash based packet distribution (does not
track sessions, quota, TCP state, timers, etc.)
– A single network processor handles the entire distribution
transaction

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 37
Performance Challenges Addressed

 CSG1 scaling, particularly with L7 inspection and/or


prepaid enabled is challenged by 3G data-rates
 CSG2’s 5Gbps network processor, 5G DRAM, and 5
TP’s at 1.2 Ghz PPC offer substantial capacity and
throughput increases

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 38
TCP Half-proxy Challenge Addressed

 CSG1 inherited the half-proxy from original Content


Switching Module (CSM) architecture
Did not allow forwarding of packets until policy determined
Created interaction issues with handsets, servers
Required buffering, complex ACK logic, delayed reflection of
server response to subscriber

 CSG2 will not implement half-proxy


More transparency to protocols
Fewer handset/server side-effects
Some pre-policy transmission to network

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 39
CSG2 Data Flows

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 40
TCP Packets Received Out-of-Order
client CSG2 server
pkt 1 pkt 1 FWD

pkt 2 pkt 2 FWD

pkt 4

pkt 3 pkt 3 FWD

pkt 4 FWD
pkt 4 is
buffered

pkt 5 pkt 5 FWD

pkt 6 pkt 6 FWD

pkt 7 pkt 7 FWD

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 41
IP Fragments: In-Order, Out-of-Order
client CSG2 server
pkt 1 frag 1 fragments
buffered
pkt 1 frag 2

pkt 1 frag 3
pkt 1 frag 1 FWD

pkt 1 frag 2 FWD

pkt 1 frag 3 FWD


pkt 1 frag 1

pkt 1 frag 3 fragments


buffered
pkt 1 frag 2
pkt 1 frag 1 FWD

pkt 1 frag 2 FWD

pkt 1 frag 3 FWD

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 42
TCP Selective ACK (SACK)
No SACK, No CSG2
src dst
pkt 1

pkt 2
X
pkt 3

pkt 4

pkt 2

pkt 3

pkt 4

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 43
TCP Selective ACK (SACK)
With SACK, No CSG2
src dst
pkt 1

pkt 2
X
pkt 3

pkt 4

sack 1, 3, 4

pkt 2

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 44
TCP Selective ACK (SACK)
With CSG2, Drop Before CSG2
src CSG2 dst
pkt 1 pkt 1 FWD

pkt 2
pkt 3
X
pkt 3, pkt 4 buffered for
in-order parsing
pkt 4

pkt 2 pkt 2 FWD

buffered pkt 3 FWD

buffered pkt 4 FWD

pkt 3 pkt 3 RETX

pkt 4 pkt 4 RETX

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 45
TCP Selective ACK
With CSG2, Drop After CSG2
src CSG2 dst
pkt 1 pkt 1 FWD

pkt 2

pkt 3
pkt 2
X FWD

pkt 3 FWD

pkt 4 pkt 4 FWD

sack 1, 3, 4 sack 1, 3, 4

pkt 2 pkt 2 RETX

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 46
HTTP No Half Proxy
Policy Match One Packet, Quota Allowed
client CSG2 server
SYN SYN FWD

FWD SYN/ACK SYN/ACK

ACK ACK FWD

GET QS

GET is svc auth, grant > 0


buffered
FWD

GET FWD

resp resp

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 47
HTTP No Half Proxy
Policy Match One Packet, Quota Denied
client CSG2 server
SYN SYN FWD

FWD SYN/ACK SYN/ACK

ACK ACK FWD

GET QS

GET is svc auth, grant=0


buffered

RST RST

QS

usage = 0

BMA

setup bytes count

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 48
HTTP No Half-Proxy
Pre-Policy Forwarding, Quota Allowed
client CSG2 server
SYN SYN FWD

FWD SYN/ACK SYN/ACK

ACK ACK FWD

GET "url…" GET "url…" FWD

"…url…hdrs…" "…url…hdrs…" FWD

"…hdrs end" QS
"…hdrs end" svc auth, grant > 0
is buffered

"…hdrs end" FWD

rest of GET rest of GET FWD

FWD resp resp

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 49
HTTP No Half-Proxy
Pre-Policy Forwarding, Quota Denied
client CSG2 server
SYN SYN FWD

FWD SYN/ACK SYN/ACK

ACK ACK FWD

GET "url…" GET "url…" FWD

"…url…hdrs…" "…url…hdrs…" FWD

"…hdrs end" QS
"…hdrs end" svc auth, grant=0
is buffered

RST RST

QS
usage = 0
BMA

pre-policy + setup bytes count

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 50
HTTP No Half-Proxy
Redirect to Top-up Server
client CSG2 server
SYN SYN FWD

FWD SYN/ACK SYN/ACK

ACK ACK FWD

GET "url…" GET "url…" FWD

"…url…hdrs…" "…url…hdrs…" FWD

"…hdrs end" QS

"…hdrs end" svc auth, grant=0, redir


is buffered

FWD 302 Redir/FIN RST FWD

FIN/ACK
QS
ACK
usage = 0
BMA

pre-policy + setup bytes count

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 51
HTTP No Half-Proxy
Content Auth w/ AoC - Redirect Step
client CSG2 server
SYN SYN FWD

FWD SYN/ACK SYN/ACK

ACK ACK FWD

GET "url…" GET "url…" FWD

"…url…hdrs…" "…url…hdrs…" FWD

"…hdrs end" QS

"…hdrs end" cont auth=REDIR


is buffered

FWD 302 Redir/FIN RST FWD

FIN/ACK
QS
ACK
usage = 0
BMA

pre-policy + setup bytes count

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 52
HTTP No Half-Proxy
Content Auth w/ AoC - AoC Token Received
client CSG2 server
SYN SYN FWD

FWD SYN/ACK SYN/ACK

ACK ACK FWD

GET, token, hdrs

GET QS
is buffered URL with token
cont auth=FWD

GET, " ", hdrs FWD

FWD resp resp

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 53
HTTP No Half-Proxy
Content Auth w/ AoC - AoC Token Received
client CSG2 server
SYN SYN FWD

FWD SYN/ACK SYN/ACK

ACK ACK FWD

GET URL, token GET URL, token FWD

headers - end FWD

"headers-end" QS
is buffered URL with token
cont auth=FWD

headers - end FWD

rest of GET rest of GET FWD

FWD resp resp

CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 54
CSG2 Tech © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential, NDA Disclosure Only 55

You might also like