As the demand for and availability of a variety of Ethernet services to businesses grows over the next several years, it will become increasingly important to manage the delivery and performance of those services. Defining the boundary line between the service provider’s network and the customer network is a critical element to effective management of the service and that portion of the access network dedicated to it.

This Ethernet demarcation is enabled through devices that draw the line not only between the customer and the provider, but also between enterprise quality Ethernet and Carrier Ethernet. With such a clear separation between customers and the network, carriers can extend their network visibility right to the customer premises.

From the carrier’s viewpoint, the goals are to simplify network management and operations, optimize service delivery over a single, high-throughput access link, minimize the CPE needed, and enable advanced provisioning and traffic management.

X Marks What Spot?
In an Ethernet demarcation architecture, carrier control over the entire service path is achieved by connecting customer premises equipment (CPE) to the network with provider-owned demarcation devices that are deployed at customer locations. These devices go by many names:
• Ethernet Demarcation Devices (EDDs)
• Network Termination Equipment (NTE)
• Network Interface Devices (NIDs)
• Network Demarcation Devices (NDDs)
• Customer Equipment (CE)
• Network Termination Units (NTUs)
• Network Interface Units (NIUs)

Going further, intelligent Ethernet NTUs (E-NTUs) offer advanced functionalities such as service and link OAM (operations, administration, and maintenance); end-to-end traffic management starting at the service hand-off point, the user network interface; fault monitoring and diagnostics software; uplink redundancy; and automated service level agreement (SLA) verification.

Support for operational visibility and control from the customer premises throughout the entire service path is a key role for an Ethernet demarcation device, so that providers can provision and manage their services remotely and guarantee priority per user and per service. Ideally, the device should also permit customers to monitor their own QoS.

Ethernet Services
The Metro Ethernet Forum has defined 4 types of Ethernet services. They are:

1. Ethernet Private Line (EPL) for site-to-site connectivity over dedicated bandwidth, without service multiplexing. The Ethernet Private Line service consists of a point-to-point channel using dedicated bandwidth, which keeps each customer’s Ethernet frames strictly separated from others at the Ethernet level. It is similar to TDM-based private lines, with the added benefit of a native Ethernet interface both to the customer and to the provider’s edge equipment.

2. Ethernet Virtual Private Line (EVPL) for site-to-site connectivity over shared bandwidth with service multiplexing. Ethernet Virtual Private Line service delivers point-to-point connectivity over shared bandwidth, and with features such as CIR and EIR offered by the provider, is similar to Frame Relay and its permanent virtual circuits model. The EVPL supports a shared and multiplexed user network interface.

3. Ethernet Private LAN (EPLAN) for multipoint, any-to-any connectivity between disparate locations over dedicated bandwidth. Ethernet Private LAN service provides multipoint connectivity over dedicated bandwidth, connecting two or more UNIs. Each site is connected to a multipoint-to-multipoint Ethernet virtual connection (EVC) and uses dedicated resources, so Ethernet frames are kept separate. If a new site, with a new UNI, is added, it is connected to the same multipoint EVC, which simplifies providing and service activation.

4. Ethernet Virtual Private LAN (EVPLAN) for multipoint, any-to-any connectivity between disparate locations, over shared and multiplexed bandwidth. Ethernet Virtual Private LAN service provides Layer 2 multipoint connectivity among Ethernet edge devices. It has been designed as the most cost-effective approach for the service provider, by leveraging shared transmission bandwidth; however, it can also mean complex administration.

In a recent move, the Metro Ethernet Forum has also specified Etree as a service. This is a point-to-multipoint service that has applications in hub-and-spoke business network configurations, such as a number of branch offices connected to a headquarters, or for IPTV applications.

Demarcation: Basic to Complex
Demarcation comes in several flavors, from a simple basic handoff to advanced services and MPLS/VPLS (virtual private LAN service) delineation. The basic handoff is a point-to-point Layer 1 connection, with some degree of Layer 2 intelligence. While this is the easiest demarcation from a management standpoint, it also offers less to the business user, because it involves lesser SLA responsibility on the carrier’s part, since the customer is responsible for implementation and management of VPN, VoIP, or other services, as well as class and quality of service.

Moving up the demarcation complexity ladder, the arrangement can involve Layer 2 class and quality of service and virtual LAN capabilities. In this instance, the demarcation device typically offers multiple user access ports and allows for delivery of more sophisticated and differentiated services, with some traffic separation. Here, the customer may be responsible for the infrastructure to provide different types of services, while the provider handles the differentiated delivery of classes of service. In such a scenario, this type of service carries with it an SLA that details the provider’s performance metrics, such as data rate and service availability.

Getting more sophisticated, the next level of demarcation increases the level of service provider commitment. Here the provider offers differentiated classes of service, based on higher layer protocols. The demarcation device’s role in this situation is expanded to include examining the customer’s data stream and protocol data in order to be sure the SLA is met. Security becomes a greater concern, on a sliding scale from Network Address Translation to compre-hensive firewall functionality.

Different service types require different levels of QoS to be provided end-to-end. QoS can be defined per subscriber as well as per service. QoS has three aspects: 1.) rate limitation, 2.) traffic shaping, and 3.) traffic prioritization. Two policers (upstream and downstream) are applied per service. The policers operate according to the dual token bucket mechanism (CIR+CBS, EIR+EBS).

The challenge is to apply sophisticated OAM diagnostics and advanced traffic management techniques to ensure that SLA guarantees are met with respect to network availability and per-service connectivity rates. For instance, by assigning traffic profile parameters to each service, such as committed information rate (CIR) and excess information rate (EIR), the provider can guarantee CIR traffic delivery, while traffic in the EIR range can be admitted to the network on a “best effort” basis.

As service providers prepare to roll out their Layer 2 Carrier Ethernet business services – Private Lines and Private LANs – their customers’ expectations for low-cost services and verifiable performance require providers to deliver, monitor, and enforce SLAs as well as to manage and monitor the service and connections.

In this situation, it is important to combine transport demarcation for Layer 3 services with service demarcation for Layer 2 services. Ethernet demarcation devices that connect to a provider’s aggregation switch can deliver multiple appli-cations over the same link and free up other switch ports to support additional locations.

X = Sweet Spot
Carriers need to be able to manage congestion intelligently while allowing users to benefit
from performance guarantees for customized service packages that fit their needs. For that, they require demarcation devices that deliver Ethernet link OAM and end-to-end OAM, allowing proactive inspection and diagnostics over the entire service path. This allows them to monitor and control key parameters such as traffic per user port, per Ethernet flow, and per class of service.

It is in this way that they can address the diverse needs of their customer base and offer compelling SLAs and a guaranteed QoS.

Eitan Schwartz is vice president of pseudowire and Ethernet access for RAD Data Communications. For more information, visit www.radusa.com.

What is your experience with this? Tell your fellow readers now!