WiMax Operator's Manual
WiMax Operator's Manual
WiMax Operator's Manual
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
160 CHAPTER 7 ■ SERVICE DEPLOYMENTS OVER PUBLIC WIRELESS MANS<br />
Switched Packet VPNs<br />
Packet streams can be either switched or routed, and the distinction is important, both generally<br />
and in regard to VPNs. Routers direct packet traffic one packet at a time and thus can send<br />
individual packets within the same transmission over diverse routes according to momentary<br />
fluctuations in network congestion and availability. Switches, on the other hand, establish a<br />
single physical path for the stream, and each packet follows that path regardless of network<br />
conditions. Thus, switches are relatively dumb compared to routers.<br />
Discussions of circuit switching of packet traffic tend to give rise to some confusion, so I<br />
will attempt to clarify the issues.<br />
In a pure circuit connection, such as that afforded by SONET, only one transmission will<br />
occupy any particular path. In a circuit-switched packet network, all packets in the same transmission<br />
will follow the same path as well, but they will not have that path for their exclusive<br />
use, as is the case with a switched circuit network. In a sense, the circuit-switched path<br />
approach may be seen as a kind of compromise between packet routing and pure circuit<br />
switching. Because multiple streams are contending for bandwidth within a single path, the<br />
efficiency of the network is higher than is case for circuit; however, network availability is<br />
lower. At the same time, the intelligence required of the network node is less than for a routed<br />
packet network.<br />
Two particular switching protocols are employed within VPNs, Ethernet switching and<br />
MPLS, and sometimes both are used together. In both cases, and in routed VPNs as well, a<br />
technique known as tunneling is used to set up the VPN.<br />
A tunnel is a means of transmitting data across a network from one point to another as<br />
though the two points were directly connected. The tunnel is established simply by providing<br />
the packets with an extra address header that is attached to the front of the packet. Any intermediate<br />
node in the network that has been enabled to support a VPN will pass the packet based<br />
on the forwarding instructions in the extra header without examining anything else in the<br />
packet. Incidentally, tunnels need not be restricted to one user. In certain tunneling protocols,<br />
several VPNs may be multiplexed within a single tunnel, though the privacy of the different<br />
users will be maintained.<br />
In simple tunneling only the address is being used to ensure privacy. Each device attached<br />
to the network is being asked in effect not to read the packet and to pass it on. Thus, the privacy<br />
within such a virtual private network is conditional, and for subscribers whose transmissions<br />
are highly confidential—and that includes most subscribers to business-class data services—<br />
something more is needed, namely, encryption of the data stream.<br />
Several methods exist for actually executing a packet-switched VPN across a network.<br />
Those methods fall into two subsets, one utilizing an Ethernet switch and the other an MPLS<br />
switch, both located at the service provider’s central office.<br />
The first of the switched Ethernet approaches you shall consider is a virtual private LAN<br />
service (VPLS). Here the enterprise LAN extends to the edge of the service provider network,<br />
and the provider network assumes the function of an Ethernet switch to connect all the individual<br />
remote locations into a single logical-switched Ethernet. Customer premise equipment<br />
performs no traffic direction function in regard to the VPN. The service provider handles<br />
all that.<br />
Closely related to the VPLS is the IPLS (which stands for IP-only LAN-like service). Here<br />
IP rather than Ethernet traffic emanates from the subscriber premises, but that traffic is<br />
switched rather than routed by the service provider. Inasmuch as 802.16 is based on an IP