|
The Cisco 6510 Service Selection Gateway is a hardware and software solution that allows users with high-speed fixed network connections, such as Asynchronous Digital Subscriber Line (ADSL) equipment and cable modems, to gain access to intranet and Internet services through an interface similar to Dial-Up networking.
The Cisco 6510 allows users to connect to and disconnect from multiple services, without having to log off. This offers flexibility and convenience to users and enables service providers to bill users based on connect time and services used, rather than charging a flat rate.
The Cisco 6510 is installed in a network to provide access to services such as:
The Cisco 6510 contains three Ethernet cards that interface with:
Figure 1-1 shows a diagram of a typical network topology including the Cisco 6510. Users at remote sites access the network using an ADSL modem (ADSL Termination Unit - Remote, or ATU-R) and telephone lines. At the service provider's Network Operations Center (NOC), incoming connections are processed by an ADSL System Management Unit (ATU-M) that controls an array of ADSL central office terminal units (ATU-C). This equipment converts the ADSL connections into 10BaseT connections.
The 10BaseT connections are fed into a Cisco Catalyst 5000 with dedicated 10BaseT switched ports. Each 10BaseT port is a unique virtual local area network (VLAN) that is transmitted to a Route Switching Module (RSM) in the Catalyst 5000. The Catalyst 5000 is connected through a 100BaseT connector to the first Ethernet port on the Cisco 6510.
The second Ethernet port on the Cisco 6510 is connected to send and receive RADIUS, Dynamic Host Configuration Protocol (DHCP), and Domain Name System (DNS) packets to and from a system running the UCP software (or an AAA server from another vendor).
The third Ethernet port is connected to the Cisco 7513 router, which is connected to the Internet and the corporate home gateway.
Using a client application called the Dashboard, remote users connect to the Cisco 6510. The Cisco 6510 forwards their login information to the AAA server. If they are not a valid user of the network, the AAA server sends an Access-Reject message. If they are a valid user, the AAA server sends an Access-Accept message with information on which services the user is authorized to use.
The Dashboard application presents the user with a menu of services that they are authorized to use, and the user selects one or more of the services. The Cisco 6510 then creates an appropriate connection for the user and starts RADIUS accounting for the connection. If the user wants to connect to the Internet, an Internet connection is established. If the user wants to connect to one of the service provider's services, a tunnelled L2F connection is created to the service provider's home gateway. Using network address translation (NAT) the Cisco 6510 ensures that packets sent by the Cisco 6510 are sent back to the correct host.
The Cisco 6510 provides these features:
The Cisco 6510 ships with the following:
The Cisco 6510 provides a failover mechanism that, in the event of system failure, allows itself to be replaced by a standby Cisco 6510. To implement failover, connect the failover ports of two Cisco 6510s using a Cisco failover cable and configure the active unit as required. This unit is considered the "primary" unit and the second unit is considered the "standby" unit.
The primary unit performs its normal network functions while the standby unit only monitors, ready to take control in case the primary unit fails. To ensure that both units are configured exactly the same, configuration replication occurs over the failover cable from the primary unit to the standby unit:
Each unit has a presence on the network. The primary unit uses its own IP and Media Access Control (MAC) addresses (the primary unit is determined by the unit that has the end of the failover cable labeled "Primary" or "Unit 0" plugged into it) and the standby unit uses its own IP and MAC addresses. If a switchover occurs, the units swap the IP and MAC addresses they are using and transparently replace each other's presence on the network. Because this action is invisible to the network, the IP to MAC address relationships remain exactly the same. No Address Resolution Protocol (ARP) tables in the network will time out or need to be changed. No other piece of network equipment needs to know about the redundancy or that a switchover occurred.
Fault detection is based on the following:
If the primary unit fails, a switchover will occur. To restore the units to a normal state, do one of the following:
If a failure still exists, the unit will fail again within the normal time required to detect the failure.
If a network interface card (NIC) is not plugged in to an operational network, the unit will fail. If, at a later time, the NIC is plugged in and detects a valid network, the unit will clear its failed state and resume normally. This is the only condition in which a failed unit will automatically clear its own failure.
|