Product Bulletin No. 815

Cisco IOS Software Release 12.0T

New Features Overview

The Cisco IOS^® Software Relase 12.0T is an early deployment release delivering the latest Cisco IOS Software functionality and platform support. Cisco IOS Software Release 12.0T, unlike the parallel 12.0 release, will integreate new capabilities with each maintenance release. This Technology (T) release will reach End of Engineering when the next Cisco IOS Software major release becomes available. Ongoing support for the functionality introduced in Release 12.0T will be carried forward into the next release.

Use the matrix below to quickly locate a feature of interest.

Connectivity and Scalability

Layer 2 Tunneling Protocol (L2TP)

Description

L2TP is a key building block for access virtual private networks (VPNs). Access VPN support includes virtual private dialup networks (VPDNs) for modem and ISDN users, as well as VPNs for cable and digital subscriber line (DSL) users. L2TP is an extension to the Point-to-Point Protocol (PPP). L2TP merges the best features of two other tunneling protocols: Layer 2 Forwarding (L2F) from Cisco Systems and Point-to-Point Tunneling Protocol (PPTP) from Microsoft. L2TP is an Internet Engineering Task Force (IETF) emerging standard, currently under codevelopment and endorsed by Cisco Systems, Microsoft, Ascend, 3Com, and other networking industry leaders.

Figure 1: L2TP Operation

Benefits

Because L2TP is a standard protocol, all customers—service providers and corporate network managers alike—can enjoy a wide range of service offerings available from multiple vendors. Interoperability among the vendors will help ensure rapid global deployment of a standard access VPN service.

Cisco L2TP solution brings a long list of benefits to enterprise users:

• Security and guaranteed priority for their most mission-critical applications
  
  
• Improved connectivity, reduced costs, and freedom to refocus resources on core competencies
  
  
• Flexible, scalable remote network access environment without compromising corporate security or endangering mission-critical applications
  
  

Service providers derive the following benefits from access VPNs built on a foundation of the following Cisco IOS Software L2TP features:

• Ability to provision, bill, and manage access VPNs that provide a competitive advantage, minimize customer turnover, and increase profitability
  
  
• Flexibility to offer a wide range of VPN services across many different architectures, using Cisco's L2TP in concert with robust Cisco IOS Software features
  
  
• Capability to provide differentiated services for secure, enterprise-wide remote access using access VPNs over the public Internet or service providers' backbone
  
  

Platforms/Considerations

L2TP is supported on the Cisco 1600, 160x, 25xx, 26xx, 36xx, 4000/m, 4x00/m, UAC 64xx, 72xx, and 75xx, routers, the AS52xx, AS5300 assay servers, and platform AS5800 in Cisco IOS Software 12.0(1)T.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

April Chou

PPP over Frame Relay

Description

This feature is an IETF standardized method for transporting multiprotocol datagrams over point-to-point links using Frame Relay framing. Implementation will allow end-to-end PPP sessions to be established in networks where the underlying transport infrastructure is Frame Relay. This is especially pertinent to the Cisco ISDN DSL (IDSL) service architecture, which uses PPP from a customer premier equipment (CPE) device running leased-line ISDN (IDSL) into a Cisco 90i card in a D4 channel bank. This PPP session is then encapsulated in Frame Relay (RFC 1973) and passed out on a T1 link, over a Frame Relay network (note that this is done by the 90i and not a Cisco IOS device). Termination of RFC 1973 and the PPP session transported is done at a headend device, which in most instances will be a corporate customer who has purchased an IDSL service from a regional Bell operating company. Standard PPP facilities such as authentication will be supported transparently.

Platforms/Considerations

PPP over Frame Relay is supported on the Cisco 1600, 25xx, 36xx, 4000/m, 4x00/m, 72xx, and 75xx platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Kevin Dickson

Internet Engineering Task Force

Description

The IETF-compliant PPP over ATM scalability feature provides the interface description blocks (IDB) scaling capacity required to support high-density symmetric DSL (ADSL)/PPP over ATM deployments, compliance to IETF draft, mux encapsulation, and PPP over ATM support on the Cisco 7200. This feature also supports the ADSL implementations currently under way in a numerous Cisco lead Internet service providers.

Platforms/Considerations

This feature provides support for high-density ADSL/PPP over ATM deployments.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T

Product Marketing Contact

Kevin Dickson

Multilink Inverse Multiplexor Enhancements

Description

Inverse multiplexing is desirable when N x T1 bandwidth is needed. N x T1 bundling using multilink is currently supported in Cisco IOS Software versions 11.2 and later releases, but with the following restrictions:

• The bundle interface is created dynamically when the first link comes up
  
  
• The bundle interface disappears when the last link goes down
  
  
• Fastswitching of N x T1 bundling is not supported on all platforms
  
  

The new enhancements remove these restrictions.

Benefits

• Improved performance and configuration
  
  

Platforms/Considerations

No impact on performance, nor any new considerations required.

This feature first appeared in Cisco IOS Software release 12.0(3)T.

Marketing Contact

Bernadette Bohanon

Eight-port Channelized T1 and E1 port adaptors

Description

This features offers support for new eight-port Channelized T1 and E1 port adaptors (PAs) for the Cisco 7200 and 7500 series routers.

Benefits

• High-density Channelized T1 or E1—maximum of 176 ports per Cisco 7513, for example
  
  
• 128 usable N x 64K channels can be allocated among the eight T1 or E1 ports
  
  
• Service providers will have the flexibility to provision DS1 and DS0 from the same port adapter
  
  
• Integrated channel service unit (CSU) eliminates the cost of a separate CSU device in enterprise WANs
  
  

Platforms/Considerations

Cisco 7200 and 7500 series routers.

This feature first appeared in Cisco IOS Software release 12.0(3)T.

Marketing Contact

Bernadette Bohanon

One-port Channelized E3 port adaptor

Description

This feature offers support for the Channelized E3 PA for the Cisco 7200 and 7500 series routers. The Channelized E3 PA divides the E3 channel into four channelized E2 data channels and further into 16 E1 channels, all of which comply with the Cousulative Committee for International Telegraph and Telephone (CCITT)/ITU G.703 physical layer standard.

Benefits

• High-speed, high-density Channelized E3 connectivity, such as in service provider aggregation and dedicated access for customers
  
  

Platforms/Considerations

Cisco 7200 and 7500 series routers.

This feature first appeared in Cisco IOS Software release 12.0(3)T.

Marketing Contact

Bernadette Bohanon

One-port Channelized T3 port adaptor

Description

This feature offers support for the Channelized T3 PA for the Cisco 7200 and 7500 series routers. The CT3 PA divides DS3 channel into 28 individual T1 data channels. Each of the T1 channels can use the whole T1 bandwidth, a portion of the T1 bandwidth (fractional T1) or the T1 in channelized form for data transmission. Usable bandwidths for each fractional T1 are (N x 56K) OR (N x 64K), where n is a number from 1 to 24. Channelized T1 allows up to 24 time slots (64 or 56 kbps) per T1.

Benefits

• High-speed, high-density Channelized DS3 connectivity, such as in service provider aggregation and dedicated access for customers
  
  

Platforms/Considerations

Cisco 7200 and 7500 series routers.

This feature first appeared in Cisco IOS Software release 12.0(3)T.

Marketing Contact

Bernadette Bohanon

Modem over ISDN Basic Rate Interface (BRI)

Description

This feature offers support for analog modems dialing into an ISDN BRI interface.

Benefits

• Allows high-speed connectivity for a numerous modem users
  
  

Platforms/Considerations

Cisco 3640 only.

This feature first appeared in Cisco IOS Software release 12.0(3)T.

Marketing Contact

Brian Ryder

AS5300 eight Primary Rate Interface (PRI) feature cards with integrated serial ports

AS5300 DMM modem cards

AS5300 redundant power supply

Description

Cisco has introduced double density to the AS5300 universal access server. The AS5300 now has the ability to support up to 192 or 240 ports (T1/E1) plus four 2-MB serial backhauls on the same server. In addition, the AS5300 is now available with an internal redundant power supply, giving it unparalleled reliability in a two-rack-unit platform.

Benefits

• Can terminate up to eight PRI worth of calls on one server
  
  
• Can also use the serial ports to backhaul traffic in a distributed environment instead of using a switch and router
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Scott Boynton

X.25 Hunt Group

Description

As the numbers of users accessing the same host increased, competition for these application resources became a problem. On the host side, each line to the host is assigned a maximum limit of X.25 users or virtual circuits (VCs) supported on each line. These lines are typically 56-kb links. Network implementers increase the number of users they can support at the data center by increasing the number of X.25 lines to the X.25 host. Each line has its own unique X.121 address and receives calls that are routed to it by the X.25 switch. In 1984, the then CCITT, now known as the ITU-T, created an optional facility known as Hunt Group to allow the switch to view a pool of X.25 lines going to the same host as one address assigning VCs on an "idle logical channel" basis. This was a win/win for network users because applications became readily available and solved the network implementers the nightmare of providing easy access.

Support of the CCITT/ITU-T specification for Hunt Groups or load balancing across X.25 when multiple lines connect to the same destination addresses this issue.

Cisco has implemented this feature to enable the Hunt Group to act as a rotary or to look at the group and choose the interface with the least number of active virtual connections.

Benefits

Several benefits are realized as a result of Cisco's implementation of this CCITT/ITU-T standard.

• All users place a call to one master hunt group number that has multiple X.25 interfaces associated with it
  
  
• Scaling is the real benefit
  
  
• The ability to replace older technology vendors without loss of functionality benefits users
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Ruben Rios

Annex G

Description

Worldwide issues regarding migration strategies that enable network implementers to move X.25 backbones to Frame Relay infrastructures cause equipment manufacturers to think creatively based on their core competence and strengths. The basic issue is how to transport X.25 traffic through a Frame Relay network as shown in Figure 1.

Figure 2: X.25 Transport over Frame Relay

Cisco now offers its customers two approaches to solving this problem:

• Annex G of ANSI T1.617a—1994 or Frame Relay /X.25 interworking function
  
  
• The few users who do not embrace IP view Annex G as a more elegant solution since Annex G does not require the XOT framing overhead with the frame
  
  

The ANSI T1.617 standard, known as Annex G, details the method of direct X.25 encapsulation over Frame Relay. This amendment contains no end-to-end signaling mechanisms to inform the destination user that the originator is using an X.25 encapsulation method. The X.25 packet level and Link Access Procedure Balanced (LAPB) are end-to-end. LAPB treats the Frame Relay network as an X.25 network link and passes all the data and control messages (RR, RNR, REJ, and so on) across the Frame network. The "internetworking" function resides in every Cisco router that performs the framing and frame removal functions specified in the ANSI standard Annex G.

Benefits

Several benefits are realized as a result of the Cisco implementation of this ANSI standard.

• Annex G is a standard and, by definition, has been shown to be interoperable with other users
  
  
• The few users who do not embrace IP view this as a more elegant solution and decreases the XOT framing overhead within the frame
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Ruben Rios

Gigabit Ethernet Interface Processor (GEIP)

Description

GEIP provides seamless connectivity for the multitude of WAN links in Cisco 7500 series routers to Gigabit Ethernet backbone network. The GEIP occupies one router slot in the Cisco 7500 series router chassis and provides support for hot-swappable short- and long-wavelength laser gigabit interface converters (GBICs). The GEIP fully complies with IEEE 802.3z and 802.3x standards.

Benefits

The GEIP provides easy migration to the Gigabit Ethernet backbone network for the existing Cisco 7500 series routers and thereby provides significant investment protection.

Platforms/Considerations

Cisco 7500 series routers.

This feature first appeared in Cisco IOS Software release 11.1(22)CC.

Marketing Contact

Pradeep Shenoy

Router-Based NetFlow Aggregation

Description

This feature is an enhancement to Cisco IOS NetFlow functionality, an IP traffic accounting function built into Cisco IOS routing platforms. This feature enhancement enables limited router-based aggregation of NetFlow Export data. The five provided aggregation schemes enable the user to summarize NetFlow Export data on the router before the data is exported to a NetFlow data collection device such as the Cisco NetFlow FlowCollector v2.0. With this feature enabled, summarized NetFlow Export data is exported to a collection device, resulting in lower bandwidth requirements for NetFlow Export data, and reduced platform requirements for NetFlow data collection devices. In addition, this feature introduces NetFlow Export Version 8 (v8), a new export datagram format designed to optimize NetFlow Export performance and bandwidth utilization. Router-based NetFlow aggregation is designed to significantly reduce NetFlow Export data volume and improve NetFlow scalability.

Five router-based NetFlow aggregation schemes will be included in Cisco IOS Software Releases 12.0(3)T and 12.0(3)S:

Table 1 summarizes these aggregation schemes.

All aggregated records are exported using NetFlow Export Version 8 (V8) datagrams. The primary difference between V8 and V5/V1 datagrams is that V8 records export only those fields relevant to the aggregation scheme, rather than exporting all fields. This setup improves NetFlow Export performance and decreases the bandwidth necessary to transport NetFlow Export datagrams.

Benefits

• Router-based NetFlow aggregation enables the user to significantly reduce NetFlow Export data volume by exporting aggregated summary records instead of raw flow records to NetFlow Export data collector devices
  
  
• Use of this feature enhancement improves NetFlow Export performance, scales NetFlow Export performance to the Cisco 12000 platform, decreases hardware platform requirements for NetFlow data collection devices, and saves valuable network bandwidth
  
  

Availability and Platform Support

Beginning with Cisco IOS Software Release 12.0(3)T, router-based NetFlow aggregation will be available on the Cisco 12000, 7500, 7500, RSM AS5800, 4000, 3600, and 2600 series routers in all NetFlow-enabled software images, as follows:

• Cisco 120007200/7500/RSM—Although NetFlow functionality is physically included in all software images for these platforms, customers must purchase a NetFlow Feature license in order to be licensed for its use. NetFlow licenses are sold on a per-node basis
  
  
• Cisco 2600/3600/4000 AS5800 series—NetFlow functionality is supported only in Plus images for these platforms. Customers are required to purchase an appropriate Plus image in order to utilize NetFlow functionality on these platforms
  
  

Considerations

Use of router-based NetFlow aggregation does not preclude the use of traditional NetFlow services utilizing NetFlow Export V1/V5. Router-based NetFlow aggregation (utilizing V8 NetFlow Export datagrams) and traditional NetFlow services (utilizing V1/V5 NetFlow Export datagrams) may be enabled simultaneously. Although these features can be used together, only the router-based NetFlow aggregation feature uses the V8 export datagram format.

Marketing Contact

Charles Goldberg

Large-Scale Dialout

Description

Large-Scale Dialout is a Cisco IOS Software feature that enables scalable dialout service to many remote sites across one or more Cisco network access servers (NASs) or Cisco routers. Dialout profiles are stored centrally on an authentication, authorization and accounting (AAA) server (Remote Access Dial-In User Service [RADIUS] or TACACS+) and downloaded on demand by the dialout NAS(s). Large-Scale dialout service may be used by a single NAS, or by a group of NASs that communicate using the Stack Group Bidding Protocol (SGBP). Large-Scale dialout supports the IP protocol.

Benefits

• This feature allows dialout attributes to be centrally stored on an AAA server (RADIUS or TACACS+), instead of having to be manually configured on each NAS. This setup eliminates the need to configure dialer maps on every NAS for every destination. In fact, it eliminates the need for dialer maps altogether. Instead, remote site "profiles" are created on the AAA server. These profiles contain all the necessary dialout attributes to place a call to the remote site (such as phone number, service type, maximum number of links, and many others). A profile is dynamically downloaded by the NAS when packet traffic requires a call to be placed to a remote site
  
  
• In addition, the AAA server may store routing information used to attract packets that are destined for the dialout remote site. The dialout NASs may download this routing information at boot time, and periodically afterward. So instead of having to manually configure many static routes on each dialout NAS, the static routes may reside on the AAA server and be dynamically downloaded by the NAS. When using a stack group of NASs, only the primary NAS needs to download these routes. SGBP takes care of choosing the least congested router to actually place the call
  
  

  AAA server support for both RADIUS and TACACS+ is available using the CiscoSecure access control server (ACS). All Large-Scale Dialout features are supported in the CiscoSecure ACS.

  Optional reverse Domain Name System (DNS) support is included to minimize the configuration task for remote-site routing information. A single AAA server may support multiple Dialout NASs or dialout NAS stack groups. In this way, Large-Scale Dialout scales to arbitrarily large numbers of NASs (no fixed limit).

Platforms/Considerations

This feature is supported on most midrange to high-end Cisco NASs and routers that support synchronous serial interfaces, asynchronous interfaces, or BRI/PRI/CT1/E1/R2, including the Cisco 25xx, 36xx, 4x00, 5x00, 7200, and 7500 series.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Kevin Dickson

3600 Series 155Mbps ATM OC-3 Network Module

Description

Three new ATM network modules will be available on the Cisco 3600 series with Cisco IOS Release 12.0(3)T. (See Table 2.) These three network modules support STS-3c and STM-1 framing standards over multimode, single-mode intermediate-reach, and single-mode long-reach fiber-optic interfaces.

These new ATM OC-3 network modules are designed for the Cisco 3600 series to provide a full-functioned, 155-Mbps ATM interface. They will be supported on the Cisco 3620 and 3640 only at FCS. All three versions consist of a single-port network module, with SC connector types that are capable of supporting data only and data/voice integrated applications.

ATM adaptation layer 5 (AAL5) for data-only traffic is available in Phase 1, and AAL1 using structured and unstructured circuit emulation services (CES) will be available in Phase II later this year, with the use of a voice processing deck (VPD) expansion card (not field upgradable).

For ATM connectivity, the ATM OC-3 network modules provide PVC and SVC support for the following ATM traffic classes: unspecified bit rate (UBR), UBR+, real-time variable bit rate (RT-VBR), non-real-time VBR (NRT-VBR), constant bit rate (CBR), and available bit rate (ABR). They will also support up to three multiservice permanent virtual paths (PVPs) with UBR, UBR+, RT-VBR, NRT-VBR, and ABR ATM classes of service. Protocols supported include the ATM Forum LAN Emulation (server and client), RFCs 1483 and 1577.

ATM Supported features include:

• ATM service classes UBR, UBR+, RT-VBR, NRT-VBR, ABR, and CBR
  
  
• User-Network Interface (UNI) 3.x and 4.0
  
  
• RFCs 1483 and 1577
  
  
• Per-VC queuing and hardware/driver traffic shaping
  
  
• Up to 1024 simultaneous VCs
  
  
• F4 and F5 Operation, Administration and Maintenance (OAM) cell support
  
  
• PVCs and SVCs
  
  
• LANE 2.0
  
  
• Frame Relay UNI (FUNI)
  
  
• Tag Switching
  
  
• Internet Engineering Task Force (IETF) Point-to-Point Protocol (PPP) over ATM
  
  
• Multiprotocol over ATM (MPOA) client and server
  
  
• Integrated Local Management Interface (ILMI)
  
  
• ABR SVCs
  
  
• ATM bandwidth manager
  
  
• ATM UNI 4.0 traffic management
  
  
• VP tunnels (permanent virtual paths, PVPs)
  
  
• Next-Hop Resolution Protocol (NHRP)
  
  

Benefits

• These new ATM network modules are designed to connect to an ATM WAN switch, allowing branch offices to utilize the high speeds available with a 155-Mbps ATM connection. Although full wire-rate speeds are not supported, speeds of up to 80 Mbps are supported on the Cisco 3640. Based on ATM Forum standards, using AAL5, these network modules can connect to all Cisco ATM OC-3 supported platforms, including the Cisco 4500/4700, 7200, 7500, the LightStream 1010, the IGX^™ 8400, BPX 8600, and Catalyst 5x00
  
  
• The benefits of a high-speed ATM connection from branch office to regional or corporate headquarters include high-speed data transfer and support for new multimedia applications including voice, video, and distance-learning applications. Using an ATM transport allows the use of application-specific QoS, especially important for the next generation of delay-sensitive multimedia traffic. The integration of data and voice applications over ATM is ideal because of ATM's support for high transmission speeds, multiservice integration, and built-in QoS features
  
  
• With the many advanced ATM capabilities (including traffic shaping and bandwidth management), the ATM OC-3 network modules are ideal for connecting the Cisco 3600 series routers at remote branch office sites to Cisco 7200/7500 or LightStream 1010 switches at central sites via ATM. The ATM OC-3 network modules can also be connected to any ATM Forum AAL5 standards-based ATM WAN switch, including the Cisco LightStream 1010 and a BPX 860, IGX 8400, or Cisco router with ATM in the backbone
  
  

The new ATM OC-3 network modules address the growing demand for high-speed ATM access, combined with router functionality. Users now have the ability with the Cisco 3600 series to provide access from legacy and high-speed LANs through an ATM network. These new network modules allow the Cisco 3600 series to enter the high-speed ATM access market by providing solutions that enable ATM broadband services to fit into many company communications budgets, not just the very large corporations.

The OC-3 network modules are designed to replace the prevalent ATM access concentrator that currently requires a router connection for many of its applications. These network modules provide a very cost-effective customer premises equipment (CPE) solution in both the enterprise and service provider environments. Managers can now cost-effectively terminate high-speed ATM on the Cisco 3600, allowing for support of applications at the branch office LAN such as videoconferencing, distance learning, video broadcast, and voice/fax over IP over ATM applications.

Platforms/Considerations

• Supported only on the Cisco 3600 series, not on the Cisco 2600 series
  
  
• Maximum of one supported per Cisco 3640 or 3620
  
  
• Cisco IOS "Plus" feature sets required
  
  
• First appearance in a Cisco IOS Software "T" release: 12.0(3)T.
  
  

Marketing Contact

Bill Massung

Single Port Gigabit Ethernet Line Card for the Cisco 12000 Series Gigabit Switch Router

Description

The Gigabit Ethernet line card is the first Ethernet-based product for the GSR12000 series, providing a cost-effective, high-bandwidth solution between colocated GSRs or between GSRs and IP-related equipment such as edge routers, Gigabit Ethernet switches, or network servers. The new line card can be configured with one of two interface types: a 1000BaseSX multimode fiber interface with a 550-meter reach or a 1000BaseLH single-mode fiber interface for up to a 10-km reach.

Benefits

• IEEE 802.3z and IEEE 802.3x standards compliant—Can be used to connect to Cisco Gigabit Ethernet switches or GEIP port adapter of the Cisco 7500 router
  
  
• Standardized on GBIC module interfaces (1000BaseSX, multimode and 1000BaseLH, single mode)—Provides flexibility in network design, with reach capability up to 10 km; hot-swappable GBIC unit enables change/replacement without the need to power down the line card
  
  
• Supports IEEE 802.1q VLAN tagging—The Gigabit Ethernet link can be used as a VLAN trunk
  
  
• Support for IP QoS/CoS, including WRED, committed access rate (CAR), access control list (ACL) and Tag Switching—Enables traffic engineering solutions to increase network utilization and provide basis for offering differentiated CoS models
  
  
• 256MB packet buffer memory—Maximizes TCP/IP throughput and smoothes out all traffic bursts
  
  
• Forwarding table with up to one million forwarding entries—Allows for phenomenal growth well beyond today's Internet with 60,000 route entries
  
  

Platforms/Considerations

This line card is for the GSR12000 series platform.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Frank Jimenez

Channelized OC-12/STS-3 Line Card Cisco 12000 Series Gigabit Switch Router

Description

The CHOC-12/STS3 line card for the GSR12000 series builds on the SONET/SDH channelization capability. This new line card provides four STS-3c/VC-4 packet-over-SONET channels within a single OC-12 port. IP packet data in the transmit buffer is encapsulated by means of PPP. Based on the routing information contained in the IP packet, the line card routes the packet to one of four virtual STS-3c/VC-4 ports. The four STS-3c/VC-4 containers are multiplexed into a single STS-12/STM-4 frame. This line card takes advantage of the fail-safe features provided by SONET/SDH networks by supporting APS.

Benefits

• STM-4 optical channelization—Removes the need for an SDH terminal for multiplexing four VC-4 frames into an STM-4 payload
  
  
• Loadsharing between active STS-3c and using cost mechanisms—Enables bandwidth management control through software
  
  
• SONET/SDH-compliant APS—Ensures maximum uptime and minimum disruption of user traffic
  
  
• Support for IP QoS/CoS—Enables traffic engineering solutions to increase network utilization and provide basis for offering differentiated CoS models
  
  
• 16 MB packet buffer memory expandable to 128 MB—Maximizes TCP/IP throughput and smoothes out all traffic bursts
  
  
• Forwarding table with up to one million forwarding entries—Allows for phenomenal growth well beyond today's Internet with 60,000 route entries
  
  

Platforms/Considerations

This line card is for the GSR12000 series platform.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Gsr-marketing@cisco.com

ISDN LAPB-TA

Description

In Germany, Australia and Switzerland, some terminal adapters encapsulate asynchronous traffic in LAPB frames (as defined in ITU-T X.75, link layer, single-link procedure) for transport over ISDN B-channels, in much the same way as V.120 is used elsewhere. This feature is known in Europe as X.75 and should not be confused with the internetworking function between two public X.25 networks. The LAPB-TA project supports the acceptance of incoming calls from these terminal adapters, and, when the traffic being carried is asynchronous PPP, establishing the appropriate PPP session. Alternative interpretations of the contents of the LAPB I-frame, such as ITU-T T.70, are not supported and no longer used. CAPI 1.1 specified T.70 as the default for the network layer; CAPI 2.0 specifies that the network layer is transparent by default.

Benefits

Cisco IOS Software now supports the European requirement for this type of terminal adapter over ISDN.

Platforms/Considerations

Cisco recommends supporting LAPB-TA (X.75) on a Cisco 3600 or 5300 class router.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Ruben Rios, IOS Product Manager

rurios@cisco.com

Dynamic Multiple Encapsulations for Dial-in over ISDN

Description

X25, FR, ISDN LAPB-TA, PPP, and so on, are subsets of the multiple encapsulations over multiple B channels on a PRI or BRI. X25 and Frame Relay (FR) over ISDN are a common practice in Europe where ISDN is relatively inexpensive. X25 and FR over ISDN are cost-saving features because these services are tariffed to cost much less than the traditional public X25 or FR offerings.

The current Cisco implementation allows only one B channel on either a Basic Rate Interface (BRI) or a Primary Rate Interface (PRI) to support X25 or FR. This means that only one out of 30 B channels (Europe) are usable for X.25 or Frame Relay. The current implementation does not allow configuring encapsulations on a per-user profile, dialer profile, or virtual profile. Today's implementation supports multiple virtual circuits over the ISDN B channel only if the virtual circuits ingress and egress B channel are the same. They all originate and then terminate on the same B channel on the other side of in the network. Customer connectivity has been limited by X.25 or Frame Relay connections that originate from diverse geographical parts of the network converging on the same ISDN PRI by simultaneously allowing multiple B channel support for these two protocols. Additionally, a location with a BRI may require simultaneous X.25 or Frame Relay B channel connections with PRI A and one to PRI Y.

Allowing maximal use of all B channels on the same ISDN link, especially for large scale dial-in is desirable. This capability allows various encapsulation types, as well as user-specific configuration, on the same B channel at different times according to the type of incoming calls identified by the user-identification or caller identification (CLID).

This implementation has four phases:

• Phase I—Released in 12.0(4)T, supports multiple B channel support of inbound X.25 call support using static user configurations in the router, dialer profiles, and CLID.
  
  
• Phase II —Scheduled for 12.0(5)T, which supports multiple B channel outbound X.25 connections using a feature called "outbound circuit-switched X.25 support over dialer interfaces."
  
  

Benefits

Benefits include a reduction in channel assignment and management effort and flexibility. Further, this capability removes the need to statically dedicate channels to a particular encapsulation and configuration type and further improves channel use. For large-scale dial-in, storing the user-specific configuration on a remote server becomes necessary for enhancing expandability and local memory efficiency. The result is a need for the dynamic multiple encapsulations for the dial-in-over-ISDN feature.

Figure 3:

Platforms/Considerations

This feature is not platform specific and is available on all platforms that support ISDN BRI or PRI interfaces.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Ruben Rios, IOS Product Manager

rurios@cisco.com

Voice over Frame Relay (FRF.11)

Description

FRF.11-based voice over Frame Relay (VoFR) allows for vendor interoperability by specifying the frame format and coder types to used when transmitting voice traffic through a Frame Relay network. Because FRF.11 does not include specifications for end-to-end negotiation or any other form of communication between the Frame Relay nodes, static VoFR trunks must be set up by manually configuring each router within the voice path. Once configured, a static VoFR trunk will remain up until the voice port or serial port is shut down or a until a network disruption occurs.

FRF.11 allows up to 255 subchannels to be multiplexed onto a single Frame Relay DLCI. Currently, all subchannels on a DLCI must carry either voice or data; the interleaving of voice and data on a single DLCI is not supported. Although FRF.11 specifies that a device may pack multiple FRF.11 subframes within a single Frame Relay frame, the current implementation of FRF.11 does not support multiple subframes within a frame.

Benefits

• Enables real-time, delay-sensitive voice traffic to be carried over Frame Relay links
  
  
• Allows dedicated voice lines to be replaced by more economical Frame Relay PVCs
  
  
• Uses voice compression technology that complies with ITU-T G.728, G.729, and G.723.1
  
  
• Allows Cisco routers to interoperate with other vendors equipment that is FRF.11 compliant
  
  

Platforms/Considerations

This feature is supported by 2600, 3600, MC3810, and 7200 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Sanjay Bhardwaj

sbhardwa@cisco.com.

Frame Relay Fragmentation (FRF.12)

Description

Frame Relay Fragmentation based upon FRF.12 was developed in conjunction with FRF.11 (voice over Frame Relay) to allow long data frames to be fragmented into smaller pieces and interleaved with real-time voice frames or other delay-sensitive traffic. In this way, real-time traffic, such as voice, and nonreal-time data traffic can be carried together on shared PVC connections without causing excessive delay to the real-time traffic. FRF.12 can be used in conjunction with FRF.11 or it can be used independently. It enables end-to-end fragmentation on a per-PVC basis and allows fragment size to be configurable on a per-PVC basis. FRF.12 currently uses Weighted Fair Queuing (WFQ). Voice over Frame Relay frames cannot be fragmented but voice-over-IP frames may be fragmented because they are treated as data frames at the Frame Relay level.

Benefits

• Allows real time and nonreal-time traffic to be interleaved together on any PVC
  
  
• Allows vendor interoperability with other FRF.12 compliant devices
  
  
• Enables per-PVC fragmentation with configurable fragment sizes
  
  

Platforms/Considerations

This feature is supported on 2600, 3600, MC3810, and 7200 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Sanjay Bhardwaj

sbhardwa@cisco.com

Airline Product Set Enhancements

Description

The Airline Product Set (ALPS) enhancements supports the Networking requirements of the air transport industry by enabling the convergence of older ALC and UTS networks with standards-based IP networks. ALPS provides support for Airline Control (ALC) (P1024B) and Unisys Terminal System (UTS) (P1024C) protocols within the Plus feature set in the Cisco IOS Software, meaning that existing agent set control units (ASCUs) can be connected directly to the serial ports of Cisco 2520-2523, 2600, 3600, and 4xxx routers. The ALC and UTS protocols can be serially tunneled between two Cisco routers, or can be translated into the Mapping of Airline Traffic to IP (MATIP) standard protocol for direct delivery to the mainframe, via TCP/IP.

For customers who wish to minimize changes to the front-end processor (FEP) and mainframe environment, as part of a phased transition to an IP backbone, ALPS creates a serial tunnel across the Cisco IOS backbone for the P1024B/C data. Because this tunnel is TCP/IP based, it is media independent and can be used over any WAN media that supports the Cisco IOS Software. TCP/IP is used as the reliable transport mechanism for the tunnel across the WAN. The use of Cisco IOS Software from end to end means that the QoS, security, and network-management features of the software can be employed. As part of this approach, ALPS has added support for the older Airline X.25 (AX.25) and Extended Mixed Traffic over X.25 (EMTOX) protocols to Cisco IOS Software, so that no changes are required to existing FEPs or mainframe applications.

Customers who wish to enjoy the benefits of an end-to-end TCP/IP connection to their mainframe, and who wish to remove their reliance on expensive FEPs can utilize Cisco support of the MATIP protocol. This proposed standard (RFC xxxx) describes the protocol translation of the ALC (P1024B) and UTS (P1024C) to TCP/IP. Cisco support of the MATIP standard, coupled with its ability to channel attach Cisco routers to the mainframe through the Channel Interface Processor (CIP) and Channel Port Adapter (CPA), allows the ALC and UTS data to be sent directly to the mainframe via TCP/IP.

Figure 4: ALC and UTS transport over legacy network

Figure 5: ALC and UTS transport over IP network, X.25-attached reservation system

Figure 6: ALC and UTS transport over IP network, IP-attached


reservation system

Benefits

Reduced costs can be achieved by:

• Consolidating legacy serial protocols into a switched backbone WAN, eliminating many point-to-point serial connections
  
  
• Replacing proprietary transport solutions with standards-based solutions
  
  
• Consolidating and standardizing management platforms
  
  
• Replacing single-function terminal packet assembler/disassemblers (TPADs) at the remote site by multifunction routers, which support LAN and IBM legacy devices (Synchronous Data Link Control [SDLC] and bisync) in addition to the ALC devices
  
  
• Improving performance and reliability with the Cisco scalable data-center products and multiple-host access path network design
  
  
• Establishing and enforcing QoS, security, and network-management policies from the remote device, through the WAN, and into the data center
  
  
• Upgrading the entire network without disturbing the existing remote site or data-center hardware, software, and business processes
  
  
• Developing intranet/extranet connectivity with the resulting upgraded network
  
  

Platforms/Considerations

Remote ALC (P1024B) and UTS (P1024C) tunneling and conversion to IP is supported across the Cisco IOS Software-based C2520, C2521, C2522, C2523, C2600, C3x00, and C4x00 platforms. Data-center ALC (P1024B) and UTS (P1024C) tunneling and conversion to AX.25 or EMTOX is supported across the Cisco IOS Software-based C2x00, C3x00, C4x00, and C7x00 platforms. (Remote routers require the Cirrus chipset in the supported interface cards to support the encapsulation or conversion of the byte-oriented ALC and UTS protocols. Data-center routers do not require this support.

MATIP implementations do not require the ALPS feature set in the data-center routers.

ALPS support for ALC (P10248), AX.25, and EMTOX first appeared in Cisco IOS Software release 11.3(6.1)T. ALPS support for UTS (P1024C) first appeared in Cisco IOS Software release 12.0(1.1)T. ALPS support for MATIP encapsulation first appeared in the Cisco IOS Software Release 12.0(5)T.

Marketing Contact

ibd-pm-team@cisco.com

Resource Pool Management

Description

Cisco Resource Pool Management (RPM) allows service providers to share dial resources for wholesale and retail dial network services in a single network access server (NAS) or across multiple NAS stacks. The Cisco RPM enables telcos and Internet service providers (ISPs) to count, control, and manage their dial resources and provides accounting for shared resources when implementing different service-level agreements (SLAs). Resource pool management can be configured in Cisco NASs or, optionally, using one or more external Cisco Resource Pool Manager Servers (RPMSs).

The Cisco RPM is ideal for combining retail and wholesale dial services using Cisco AS5200, AS5300, and AS5800 network access servers. Call management and call discrimination can be configured to occur before the call is answered. The Cisco RPM differentiates dial customers by using configurable customer profiles that are based on the dialed number ID service (DNIS) and call type determined at the time of an incoming call. When management by virtual private dialup network (VPDN) is configured, a VPDN group includes the information to set up or reject a VPDN session. VPDN setup can be based on the DNIS received during call setup, or the domain name after the call is answered. Load balancing is used to achieve full utilization of VPDN tunnels. The VPDN group can also serve as the "customer profile" when all calls are answered and sessions are identified and limited by domain name instead of DNIS.

To support data over voice bearer service (DOVBS), the service providers will use DNIS to direct a call to the appropriate resource. When a digital call arrives at the NAS through the voice network, it will need to terminate on a High-Level Data Link Control (HDLC) controller rather than a modem. In this case, the customer profile that the DNIS group is assigned will have the associated call type of speech and the resource group will direct the call to the HDLC controller. Resource pool management offers a call-discrimination feature that enables rejection of calls based on a DNIS group and call-type filter. When a call arrives at the NAS, the DNIS and call-type are matched against a table of disallowed calls. If the DNIS and call type match entries in this table, the call is rejected. Call discrimination may be used by customers to manage billing of calls to different types of resources. If the service provider has a different billing structure for modem calls and digital calls, each call type will be assigned a different DNIS. When a user calls the DNIS, the call type must match or the call is rejected.

Figure 7: Resource Pool Management

Benefits

• Cisco RPM manages customers' use of shared resources such as modems or HDLC controllers for data calls.
  
  
• RPM offers advanced wholesale dialup services using VPDN to enterprise accounts and ISPs.
  
  
• RPM efficiently uses resource groups such as modems to offer differing oversubscription rates and dial SLAs.
  
  
• RPM maintains the flexibility to include local retail dial services in the same NAS stack with the wholesale dial customers.
  
  
• RPM deploys DOVBS.
  
  
• RPM accepts or rejects a call based on the incoming DNIS prior to answering the call.
  http://www.cisco.com/warp/public/779/servpro/services/resourcepool/index.html.
  
  

Platforms/Considerations

The RPM feature is supported on C5200, C5300, and C5800 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Anita Freeman

anfreema@cisco.com

L2TP Dialout

Description

Layer 2 Tunneling Protocol (L2TP) dialout support allows an administrator to configure a L2TP Network Service (LNS) for dialout capability. In this way, applications or users at the central site can place calls to remote sites through an L2TP infrastructure.

A secondary benefit of this feature is that it enables Point-to-Point Protocol (PPP) callback support for L2TP dial-in users, adding a level of security and allowing for centralized billing.

Benefits

• Dial flexibility
  
  
• Centralized billing
  
  
• Callback support
  
  

Platforms/Considerations

L2TP dialout is available on all platforms with L2TP support, including the C1600, C1700, C2x00, C36x0, C4x00, C5x00, and C7x00.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

David W. Phillips

dphillip@cisco.com

Telco Return

Description

The telco return feature is based on the Data-over-Cable Service Interface Specification (DOCSIS) standard for cable television networks. It enables cable operators to offer data services over cable networks that do not yet have two-way capabilities. In this configuration, the cable network is used to transmit high-speed data for the forward path (headend to CPE equipment), while the telephone network is used for the return path in order to close the loop. The return path can be terminated by any PPP dialup system, as long as there is IP connectivity between the Cisco uBR7200 router universal broadband and the dial server (for example, AS5x00 access server or Catalyst 3600 families).

With modern DOCSIS dual-mode cable modems, a cable operator can deploy cable modems today using the telco return mode and then automatically switches to two-way cable communication as soon as his plant becomes two-way. Since neither truck roll nor expensive cable modem swap-out is necessary for two-way operation migration, a cable operator can save money and increase customer satisfaction.

Benefits

• Telco Return enables cable operators to deploy high-speed data services today, even if their cable plant is not yet two-way capable.
  
  
• Telco Return supports telco-return and two-way cable modems on the same downstream channel, thus saving downstream channels, as well as equipment cost.
  
  
• It is a software-only upgrade to the uBR7200 series products.
  
  
• Telco Return supports flexible provisioning for the telco dialup service. The operator can choose to implement it using in-house dialup modems or to outsource it using third-party dialup services.
  
  

Platforms/Considerations

This feature is supported on the Cisco uBR7200 platform.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Nicos Achilleoudis

nachille@cisco.com

Enhanced Spectrum Management

Description

Enhanced spectrum management extends the spectrum management capabilities of a Cable Modem Termination System (CMTS) to support a "dense" upstream cable plant configuration, such as one where more than one upstream port share the same group of homes.

In order to enable this feature, the CLI command is used to define so-called "shared spectrum groups". The return paths of several fiber nodes are often combined together at a single point to form a single RF frequency called a "combiner group". As a mitigation procedure for ingress noise, the uBR7246 router allows a frequency hop table to be associated with a combiner group, called a "spectrum group". When multiple upstream ports share the same RF domain, the group is called a "shared spectrum group".

Spectrum group commands and configuration options can be found at: /en/US/docs/ios/11_3/feature/guide/uBR7246E.html#xtocid14750104

Benefits

Enhanced Spectrum Management improves system-wide throughput and increases efficiency of bandwidth utilization:

• Enhanced reliability and performance of two-way HFC cable plants.
  
  
• Flexibility in the IOS frequency-hopping implementation to support multiple upstream ports that share the same RF domain (dense mode).
  
  
• Support for five separate channel-widths when used with the ubr-MC16 line card.
  
  

Platforms/Considerations

The shared spectrum group command is only applicable where multiple upstream ports share the same RF domain. This is referred to as "dense mode". These upstream ports can be on one card, or across multiple cards.

This feature is supported across Cisco IOS-based uBR7246 and uBR7223 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Nicos Achilleoudis

nachille@cisco.com

Maribea Berry

mberry@cisco.com

DNS-Based X.25 Routing

Description

This feature, offered only by Cisco, addresses one of the major problems that the network administrator faces in maintaining an X.25 access network over an IP backbone. The feature utilizes a centralized Domain Name System (DNS) database for X.121-to-IP address query and resolution. The problem being addressed is that managing a large TCP/IP network requires maintaining accurate and up-to-date IP addresses and static X.121 address mapping information. Most organizations currently manage this data by manually modifying the databases in every router of the network by means of static routes, a time-consuming and error-prone task. For larger users, this task can involve thousands of remote X.25 data terminal equipment (DTE) locations that require maintenance of thousands of static-route statements in thousands of routers.

Benefits

• Ease of configuration
  
  
• Ease of routing-table management
  
  
• Reduced human errors
  
  
• Minimal X.25 static routes to be maintained
  
  
• X.121 to IP address relationships centralized
  
  

Platforms/Considerations

This feature should not be implemented over the public Internet; it should be implemented only in a private enterprise network. X.121 addresses are not Internet DNS-naming-convention compliant.

This feature is not platform dependent; it is available in all Cisco IOS images with X.25.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Ruben Rios

rurios@cisco.com

Multiport T1/E1 ATM Network Modules with Inverse Multiplexing over ATM

Description

Four new multiport T1/E1 ATM network modules are now available on all Cisco 2600 and 3600 series multiservice access routers. The Multiport T1/E1 ATM network modules support ATM Forum standard Inverse Multiplexing over ATM version 1.0 on both for and eight port versions. Multiport IMA provides fractional T3/E3 bandwidth of up to 16Mbps available on the eight-port E1 versions.

Multiport T1/E1 ATM with IMA addresses the demands for higher bandwidth requirements that are driven by growing multiservice requirements for the branch office. IMA provides a cost-effective way to incremently add bandwidth in situations where T3/E3 or fiber is too expensive or not available to the customer premise. Multiport IMA on the Cisco 2600 and 3600 Series provides a wide range of price/performance choices for the most cost-efficient solution, and allows both Service Providers and Enterprise to offer a single WAN access solution for branch office multiservice applications.

With support for ATM Forum compliant IMA version 1.0 the multiport T1/E1 IMA module provides a standards-based solution that is compatible across a wide range of Cisco and other vendors standards-based IMA products. IMA provides an efficient method of prioritization for voice, video, and data over ATM with support for UBR, VBR-rt, VBR-nrt, and ABR classes of service.

Benefits

Multiport T1/E1 ATM Features

• Support for 4 or 8-port T1/E1 ATM with RJ-45 ports
  
  
• Support for ATM Forum IMA Version 1.0 compliance
  
  
• Up to 16Mbps full-duplex bandwidth with 8 port IMA network module
  
  
• Supports UBR, VBR-rt, VBR-nrt, and ABR ATM Classes of Service
  
  
• Supports up to 4 IMA groups with maximum delay tolerance of 200ms
  
  
• Integrated CSU on T1 versions
  
  
• Integrated DSU for E1 versions
  
  
• ATM Forum UNI 3.0, UNI 3.1, and UNI 4.0 signaling
  
  
• ATM Adaptation layer 5 (AAL5)
  
  
• PVC's and SVC's
  
  
• RFC 1483 support for Multiple Encapsulations over ATM
  
  
• RFC 1577 support for Routing over ATM
  
  
• 256 VC's per interface with up to 1024 simultaneous reassemblies per card
  
  
• LANE 2.0 Client and Server
  
  
• F4 and F5 OAM cell support
  
  
• CRC32 error checking of AAL5 and CRC10 checking of OAM cells
  
  
• IETF PPP over ATM
  
  
• MPOA Client and Server
  
  
• Tag Switching (MPLS when approved)
  
  
• ILMI
  
  
• ATM Bandwidth (Resource) Manager
  
  

Mulitport IMA

• Multiport T1/E1 with Inverse Multiplexing over ATM (IMA) provides inexpensive ATM access
  
  
• T3/E3 and OC-3 fiber are often cost-prohibitive and unavailable in many areas
  
  
• Multiport T1/E1 IMA provides a migration path to higher bandwidth without the need to change transport facilities
  
  
• ATM Forum version 1.0 standards compliant for multi-vendor interoperability
  
  
• Integrated CSU/DSU on T1 versions and integrated DSU on E1 versions
  
  
• Multiport T1/E1 IMA allows the addition and/or deletion of links without service disruption
  
  
• IMA supports link failures and automatic link recovery without loss of data
  
  
• Provides greater internetworking design flexibility and scalability for LAN-to-WAN connectivity
  
  
• Efficient prioritization of mission critical data provided by ATM's
  
  

Quality of Service (QoS) features

• Simplifies network management and eliminates 3rd party Inverse Multiplexing devices
  
  

Platforms/Considerations

Cisco IOS Plus feature sets are required for ATM network modules support.

Supported on all 2600 and 3600 series modular access routers.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Bill Massung

massung@cisco.com

rurios@cisco.com

Direct Remote Services

Description

The Direct Remote Services feature is an enhancement to Cisco IOS Resource Pool Management (RPM). Cisco IOS RPM differentiates wholesale dial customers through configured customer profiles selected by the Dialed Number Information Services (DNIS) and call type at the time of the incoming call. The Direct Remote Services feature specifies PPP features per customer profile and enables the outgoing session to directly access authentication, authorization and accounting (AAA) and domain name servers (DNS) located in the wholesale dial customer's local network.

PPP Common Configuration Architecture (CCA) is the new component of the RPM customer profile that enables Direct Remote Services. The full PPP command set available in Cisco IOS Software is now configurable per customer profile and for wholesale dial applications. The PPP highlights are DNS Primary and Secondary server addresses, local or named IP pools, MLPPP links per bundle limit, and authentication type (PAP, CHAP, MS-CHAP).

The AAA session information is selected by the incoming DNIS. AAA server lists provide the IP addresses of AAA servers for authentication, authorization and accounting in the wholesale customer's local network. The server lists for authentication and authorization contain the list of server addresses, AAA server type (RADIUS), timeout, retransmission, and keys per server. The server lists for accounting contain the list of server addresses, AAA server type (RADIUS), timeout, retransmission, and keys per server.

A single IP addresses with multiple User Datagram Protocol (UDP) port numbers has been implemented to allow accessing multiple AAA server applications within a single UNIX machine.

Benefits

• Wholesale dial services may be provided directly to customers—because the PPP and AAA feature sets are selected by the incoming DNIS, the service provider no longer needs tunneling technology to provide unique service level agreements to wholesale dial customers.
  
  
• Server lists—an incoming DNIS number may be used to point to a list of AAA RADIUS authentication and authorization server addresses with timeout, retransmission, and keys per server. The incoming DNIS is also used to point to a different list of AAA RADIUS accounting servers with timeout, retransmission, and keys per server.
  
  
• Single IP address with multiple UDP port numbers—this feature provides the ability to access multiple AAA server applications within a single UNIX machine.
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Anita Freeman

anfreema@cisco.com

X.25 Switch Local Acknowledgment

Description

Cisco IOS Software has an X.25 switch function that creates virtual connections (VC) by connecting channels between X.25 class services. The X.25 class services supported are X.25, Connection-Mode Network Service (CMNS), and X.25 over TCP (XOT). Switched Virtual Circuits (SVC) and Permanent Virtual Circuits (PVC) are both supported and can be switched to each other (converted). Today, the Cisco implementation is end-to-end acknowledgment, which means that flow control or window and packet size acknowledgment is between the originating and terminating data terminal equipments (DTE). Acknowledgment is not local to the DTE and data communications equipment (DCE) and the overall effect is lower throughput.

Cisco IOS Software also requires that the flow control values (packet and window sizes) be identical at each end of the network. Yet, in many cases, the VCs on each side of the network do not have matching flow control values and can not negotiate (end to end) on a mutually agreeable set of values. Therefore, there is no connectivity. Today, some vendors enable connectivity by spoofing each end of the connection by locally (DTE-DCE) agreeing on flow control values and combining or dissecting packets to conform to the agreed-upon packet size and window values.

Cisco IOS Software has now created this functionality and permits X.25 local acknowledgment. Additionally, we provide this "spoofing" functionality by switching between channels that have unmatched window and packet sizes. This will therefore allow one DTE to have a transmit/receive packet and window size that is different than the other DTE's flow control values. Flow control will now be local to the DCE and DTE.

Benefits

• Improved customer data throughput because window and packet acknowledgment is local to the sending and receiving DTE devices.
  
  
• Enables connectivity where dissimilar flow control values exist in old world networks.
  
  
• Requires only the implementation of at least one Cisco router to mediate flow control and acknowledgment functions at one end of the network.
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Ruben Rios

rurios@cisco.com

X.25 Closed User Groups

Description

The X.25 specification for Closed User Groups (CUG) has been used as an application access security mechanism by restricting users who do not have subscribed access to the host location. This facility is a privacy feature that is used to create private subnets or virtual networks out of a public data network. Previously, Cisco supported only the ability to specify the CUG value but did not enforce restriction. Today, Cisco enforces this security facility.

Benefits

• The ability to implement and enforce the CUG security mechanism by blocking unauthorized users
  
  
• Interoperability with other vendors who adhere to the standard
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Ruben Rios

rurios@cisco.com

IBM

DLSw+ Enhanced Load Balancing

Description

Data Link Switching Plus (DLSw+) offers a new, more powerful mode of load balancing called circuit-count load balancing, that allows allocation of DLSw circuits in a precisely deterministic manner. New circuits are given to the most lightly loaded path at that moment in time.

Benefits

Load balancing is a fundamental part of the repertoire of redundant network designs that provide access to mission-critical applications. With circuit-count load balancing, Cisco's DLSw+ reaches a new height in allowing customers to design for high availability.

In fact circuit-count load balancing offers all that the existing schemes (fault-tolerant and round-robin schemes) had to offer—practically a superset—and more:

• Faster rebalancing on path failure and return
  
  
• Circuits can be prorated using explicit circuit ratios rather than forced to be equal- allows asymmetrical load balancing corresponding to mix of platforms used
  
  
• Path cost is respected simultaneously, allowing load balancing between equal cost peers to be combined with fault tolerance using a higher-cost peer
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

ibd-pm-team@cisco.com

DLSw+ Peer Clusters

Description

Where multiple member peers or border peers in a peer group structure need to be connected to the same LAN, peer clustering avoids unwanted duplication of explorers and roundabout circuits.

Benefits

DLSw+ Peer Clusters increases the scalability of peer group configurations. While designing DLSw+ peer group networks, you may sometimes need to accommodate large-sized branches. Rather than be constrained by a single peer's memory/CPU resources, you may wish to install multiple DLSw+ member peers to service the same LAN.

In regular (nonpeer group) networks, you can have multiple routers in the data center and peer a set of branch routers matched to each of them. With peer groups however, explorers being inserted into the border peer network by one data center router are relayed to other routers also connecting to the same data center LAN. Therefore, explorers are duplicated.

DLSw+ Peer Clusters avoids this duplication of explorers. In addition, it avoids roundabout circuits—rare situations where the circuit winds in a roundabout way through the WAN instead of directly over the LAN. In the diagram below, member peers A and B are defined to be in the same Peer Cluster. The border peer ensures that explorers don't get forwarded to members within the same Peer Cluster—explorers from A don't get forwarded to B and vice-versa.

Figure 8: DLSw+ Peer Clusters

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

ibd-pm-team@cisco.com

DLSw+ RSVP Bandwidth Reservation

Description

DLSw+ RSVP Bandwidth Reservation allows Systems Network Architecture (SNA) to automatically reserve bandwidth end to end across an IP internetwork. DLSw+ uses RSVPas the QoS signaling mechanism that is fulfilled automatically by intermediate IP routers through QoS congestion methods such as Weighted Fair Queuing (WFQ) and WRED.

Benefits

Voice and video applications typically use RSVP to obtain guaranteed services over IP. This scenario places mission-critical SNA in danger of being relegated to best-effort service. DLSw+ RSVP secures guaranteed service for SNA, thereby helping the move to converged data/voice/video networks.

Figure 9: DLSw+ RSVP Bandwidth Reservation

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

ibd-pm-team@cisco.com

CMPC+ (Cisco Multipath Channel +)

Description

CMPC+ implements IBM's MPC HPDT (MPC+) channel protocol for IP. CMPC+ runs on Cisco's Channel Interface Processor (CIP) and Channel Port Adapter (CPA) products.

Benefits

• CMPC+ complements Cisco's IBM channel attachment products
  
  
• CMPC+ enables 64K channel block size
  
  
• CMPC+ supports IBM's high-speed bulk data transfer
  
  
• CMPC+ reduces mainframe cycles
  
  
• CMPC+ enables IBM's Enterprise Extender technology which supports HPR over IP and Connection Networks
  
  

Platforms/Considerations

CMPC+ is available in Cisco IOS 12.03(T) in the CIP, which runs in the Cisco 7500 chassis and the CPA, which runs in the Cisco 7200 chassis.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

ibd-pm-team@cisco.com

DLSw+ Ethernet Redundancy

Description

DLSw+ Ethernet redundancy provides redundancy and load balancing between multiple DLSw+ peers on Ethernet.

Because Ethernet has no Route Information Field (RIF) connectivity problems can occur if multiple DLSw+ peers are connected to the same LAN. DLSw+ Ethernet Redundancy uses patent-pending techniques and algorithms to solve this problem.

Figure 10: Redundancy and load-balancing between peers RTRA and RTRB on the same Ethernet LAN, using DSLw+ Ethernet Redundancy

Benefits

• This redundancy is ideal for use in large remote offices or campuses that run SNA, and are migrating from Token Ring to Ethernet media.
  
  
• Redundancy provides dynamic backup with no manual intervention in case of failure.
  
  
• It does not depend on the transparent bridging spanning-tree algorithm. Recovery is fast, without the need to wait for spanning tree to reconverge.
  
  
• Load balancing allows the load to be shared between DLSw+ peers; it also diminishes the number of sessions that need to be reestablished in case of failure.
  
  
• Redundancy provides support for both shared and switched Ethernet media.
  
  

Platforms/Considerations

This feature is supported on Cisco IOS Software-based C16xx, C17xx, C25xx, C26xx, C36xx, C38xx, C4xxx, C72xx, and C75xx family of routers, and on the RSM and RSFC onboard the 5xxx family of switches.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

ibd-pm-team@cisco.com

LU Pooling (ASSOCIATE) and Response-Time MIB

Description

The LU pooling (ASSOCIATE) feature and Response-Time Management Information Base (MIB) of Cisco IOS Software offers additional TN3270 Server features that provide ease in configuration, management, and usability for Cisco TN3270 users. These new features:

• Provide LU pooling capability to support ASSOCIATE command functions and ease configuration scenarios
  
  
• Provide capability to collect response-time information for TN3270 Server sessions and clients
  
  
• Offer additional capability to use virtual telecommunications access method (VTAM) enhancements to aid in LU deletion and termination
  
  

LU Pooling (ASSOCIATE) and Command Support

In many SNA environments, applications were written such that they expected both a screen and printer definition to be known by the application. From the Internet Engineering Task Force (IETF), RFC 1647 defined the ASSOCIATE command as the vehicle by which screen and printer relationships were preserved and extended into the TN3270 environment. The Cisco TN3270 Server enhancements support the ASSOCIATE request through LU pooling. This LU pooling feature enables the TN3270 Server to know the relationships between screen and printer LUs.

The LU pool configuration allows clients to be nailed (or specified) to LUs. It allows you to configure clients in the router and nail clients into groups of LUs, allowing logically related clients to connect to LUs that have the same logical relationship with the host. Because a cluster (a group of LUs) can contain screen LUs and their associated printer LUs, this function provides the capability to "associate" a screen LU with a printer LU.

Response-Time Support

The TN3270 Server Response-Time MIB (TN3270E-RT-MIB) provides the end-to-end, TN3270 Server-to-client response time, and the mainframe-to-TN3270 Server time.

LU Deletion and Termination

• LU Deletion—With the latest release of VTAM (4.4.1), a capability has been added to allow VTAM to better manage control block space and LU usage. VTAM allocates control blocks based on LU model types defined, and these control blocks are never deleted. If an environment contains client access with many different model types, it is necessary to create additional control blocks, increasing the total number of LUs defined to the system. The LU deletion command specifies whether the TN2370 Server sends a REPLY-PSID power-down request to VTAM when a client disconnects, providing a capability for VTAM to return the unused LUs to the pool. This command is recommended in host environments running VTAM Version 4.4.1. Previous versions of VTAM are not compatible with NMVT REPLY-PSID.
  
  
• LU Termination—With some applications (such as Customer Information Control System [CICS]), customers have reported that users could acquire the session of a previous user, a situation called "tail-gating." This activity occurred when some applications were not relinquishing, or terminating, the LU properly. For environments exhibiting this security problem, a feature has been added to allow the TN3270 Server to support SNA TERMSELF RU. This feature forces the termination of the session and session requests associated with an LU when a user turns off his device or disconnects, avoiding the previous scenario.
  
  

Benefits

• By providing the LU pooling configuration in the router, the configuration of the clients is simplified. It enables the network engineer to identify one or several configurations to manage, rather than thousands of client configurations.
  
  
• Detailed response-time support in the TN3270 Server is vital for network-management diagnostic and problem determination.
  
  
• LU termination and deletion provide better security and memory management in VTAM.
  
  

Platforms/Considerations

This feature is supported on the Cisco TN3270 Server software on the Channel Interface Processor (CIP) on the C7x00 platforms, and on the Channel Port Adapter (CPA) on the C720x platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

ibd-pm-team@cisco.com

IP and Routing

Easy IP Phase 2-DHCP Server

Description

Cisco IOS Software Easy IP is a combination of the Port Address Translation (PAT), a subset of Network Address Translation (NAT), Dynamic PPP/ IP Control Protocol (IPCP) WAN interface IP address negotiation, and Cisco IOS Dynamic Host Configuration Protocol (DHCP) server functionality.

With Cisco IOS Software Easy IP Phase 2, a Cisco router can automatically assign local IP addresses to small office/home office (SOHO) hosts via DHCP with the Cisco IOS DHCP server, automatically negotiate its own registered WAN interface IP address from a central server via PPP/IPCP, and use PAT functionality to enable all SOHO hosts to access the global Internet using a single registered IP address. Because Cisco IOS Software Easy IP utilizes existing port-level multiplexed NAT functionality within Cisco IOS Software, IP addresses on the remote LAN are invisible to the Internet, the remote LAN more secure.

Benefits

Cisco IOS Easy IP Phase 2 is a scalable and standards-based solution that:

• Minimizes Internet access costs for remote offices
  
  
• Minimizes configuration requirements on remote access routers
  
  
• Enables transparent and dynamic IP address allocation for hosts in remote environments
  
  
• Improves network security capabilities at each remote site
  
  
• Conserves registered IP addresses
  
  
• Maximizes IP address manageability
  
  

Platforms/Considerations

Cisco IOS Easy IP Phase 2, including the Cisco IOS DHCP server, is supported in all 12.0T images on the following router platforms: Cisco 1000, 1600, 2500, 2600, 3620, 3640, 4000, 4500, and 4700 routers, AS5200, and AS5300 access servers, the Catalyst^® 5000 route switch module (RSM), the Cisco 7200, the RSP7000, and the Cisco 7500. Note that each component of Easy IP Phase 2 may be used separately if desired.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Kevin Delgadillo

Triggered RIP

Description

This feature enhances the IOS support for the Routing Information Protocol (RIP) and is designed to enable efficient dynamic routing over demand-circuit links such as ISDN. Defined in RFC 2091, Triggered RIP avoids the bandwidth overhead (associated with distance-vector protocols that periodically announce full reachability information) by sending Flash updates only for those routes whose metrics have changed. As such, Triggered RIP also incorporates a reliable delivery mechanism to ensure consistent topology information.

Benefits

Triggered RIP offers efficient bandwidth and CPU utilization.

Platforms/Considerations

This feature is supported for IP RIP Versions 1 and 2, but not IPX RIP. Both ends of the link should be configured for this mode of operation.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Martin McNealis

Mobile IP

Description

Mobile IP support (RFC2002) enables a host to be identified by a single IP address even while the device physically moves its point of attachment from one network to another. Cisco routers function as home agents and foreign agents allowing devices to register their current location and receive tunneled packets from their home network. This functionality provides the unique ability for users to maintain sessions, regardless of movement between locations on different networks without address changes.

Figure 11: Mobility beyond the Enterprise—Mobile IP

Benefits

Mobility becomes an issue that the mobile IP protocol transparently negotiates to enable the user new freedoms. Movement from one point of attachment to another is seamlessly achieved without the intervention or the knowledge of the user. Mobile IP offers mobility transparently to applications. Roaming from a wired network onto a wireless or wide-area network can also be achieved with ease. Therefore, mobile IP provides ubiquitous connectivity for users whether they are within their enterprise networks or anywhere in the Internet.

Platforms/Considerations

Mobile IP is supported on the Cisco 25xx, 36xx, 4000/m, 4x00/m, 72xx, 75xx and 2600 routers, and generic IOS platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Martin McNealis

OSPF Packet Pacing

Description

Extensive and time-proven Cisco IOS Software deployment experience allows Cisco to continuously improve and enhance functionality. This is often reflected in performance and scalability enhancements to the Cisco IOS implementation of IP Routing Protocols, and release 12.0T introduces an OSPF optimization called "Packet Pacing". This feature controls the rate of transmission of OSPF updates and is designed to accommodate slow links and mismatches in buffering and CPU capabilities between adjacent routers. It functions by using a spacing interval per interface (of 33 milliseconds by default) between OSPF packet transmissions which can significantly improve overall stability, reduce convergence times and minimize retransmissions during intervals of topology change or database flooding.

Benefits

Routing design flexibility and greater OSPF platform compatibility. Increased network robustness.

Platforms/Considerations

OSPF packet pacing can be used in conjunction with other protocol scalability and robustness features such as LSA Grouping and Selective Packet Discard. This feature is supported on all IOS based platforms which offer OSPF support.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Martin McNealis

NetFlow Policy Routing (NPR)

Description

NetFlow^™ Policy Routing integrates Policy Routing —a powerful Cisco IOS Software capability that enables traffic engineering and traffic classification, with NetFlow ^™ Services—a suite of functionality that provides billing, capacity planning and monitoring information on real-time traffic flows. This brings the unique, high-performance, flow-based acceleration mechanisms of Netflow to Policy Routing and as this is also supported in conjunction with the Cisco Express Forwarding architecture, NPR's performance can be scaled since the functionality can be distributed onto intelligent linecards supporting dCEF, such as the C7500 series. This is represented in the following diagram where Netflow Policy Routing is used to override the normal, dynamic forwarding path as determined by the routing protocols and in this case, the policy stipulates a different "next-hop" for designated traffic, which then forms the basis of a CEF forwarding decision.

Figure 12: NPR Switching Path

Therefore as the overall network performance and cost benefits of traffic engineering become increasingly compelling, organizations are leveraging NPR's ability to allow administratively defined paths to be assigned for certain IP traffic types. Recognizing that traffic policies vary significantly, this feature provides the flexibility to define match criteria that allow packet flows to be policy routed based upon traffic source, destination, application, class-of-service or packet length. Additionally NetFlow Policy Routing's classification mechanism can subsequently set the IP Precedence field which is used to drive Cisco IOS Quality-of-Service techniques for expedited queuing and congestion management.

Figure 13: Traffic Engineering with NetFow Policy Routing

Platforms/Considerations

Beginning with Cisco IOS Software release 12.0(3)T, this functionality is available on the following Cisco IOS Software-based platforms: C26xx, C36xx, C4x00, RSM5000, C5800 and C7x00.

When NetFlow Policy Routing is used to specify the output interface through which certain traffic should flow or to define a next-hop IP interface, NPR will defer to the available routing information for packet forwarding if the interface or next-hop is unavailable. In order for NPR to incorporate a next-hop interface verification mechanism based on the Cisco Discovery Protocol (CDP), designated next-hops must be directly connected (or connected via a tunnel interface).

Marketing Contact

Charles Goldberg

MPLS Virtual Private Networks

Description

MPLS VPNs represent a new paradigm for building highly scalable, connectionless, IP VPNs using MPLS. IP VPNs allow a service provider to deliver private IP services over a public IP infrastructure, bringing low-cost managed IP WAN connectivity to enterprise customers. IP VPNs have become essential as more companies are placing business applications on their intranets with employees needing access to these applications, wherever they may be, to conduct their daily responsibilities. Companies are also using the Web to conduct business with their suppliers, partners, and customers and, as such, require the ability to support extranets (VPN between companies) as well as intranets (VPN within a company). Finally companies are looking to outsource their IP VPN requirements to their service provider, given the complexity and expertise required to build and manage intranets and extranets across the WAN.

MPLS VPNs differ from today's VPNs in that they are created at the network layer, maintaining privacy within a connectionless IP network, without the need for tunnels or overlays. This setup greatly enhances the scalability of MPLS VPNs over all today's VPNs (for example, Frame Relay, ATM, IPsec, and generic routing encapsulation [GRE]) while matching the level of privacy offered by VPNs built in Layer 2 with permanent virtual circuits (PVCs). With MPLS VPNs, the CPE router at the customer site (customer edge, or CE router) must peer with the access router, only at the service provider's point of presence (POP) (provider edge, or PE router). There is no requirement for the CE to peer with any other router, or even to implement MPLS. Thus in the simplest case, if the CE router cannot reach an address locally, it defaults to the PE router to get the packet to the proper destination. Reachability and privacy within a VPN are achieved by constraining the distribution of routes (using the Border Gateway Protocol [BGP] extend-communities-of-interest attribute) to only those PE routers belonging to the VPN. MPLS assigns labels to define VPNs and to forward packets between PE routers.

Benefits

• Connectionless service—A significant technical advantage of MPLS VPNs are they are built into Layer 3 and, therefore, are connectionless. To establish privacy in a connectionless IP environment, current VPN solutions impose a connection-oriented, point-to-point overlay on the network. By creating a connectionless VPN, tunnels and encryption are not required for network privacy, thus eliminating significant complexity and increasing scalability.
  
  
• Centralized service—Building VPNs in Layer 3 has the additional advantage of allowing delivery of targeted services (for example, Web or content hosting) to a group of users represented by a VPN. Furthermore, because each MPLS VPN is seen as a private IP network, it's easy to leverage IP services such as multicast, QoS, and telephony support within a VPN.
  
  
• Scalability—MPLS VPNs are highly scalable because of their connectionless architecture, the partitioning of VPN routes between PE routers, and because routers in the service provider's core (provider, or P routers) carry no VPN-specific routing information. Thus no one device in a service provider's network is required to know all the routes for all VPNs.
  
  
• Security—MPLS VPNs offer the same level of security as connection-oriented VPNs; packets from one VPN will not inadvertently go to another VPN. Malicious spoofing of a provider edge (PE) router is nearly impossible because the packets received from customers are IP packets and must be received on a specific interface or subinterface to be uniquely defined with a VPN.
  
  
• Easy to create—To take full advantage of VPNs, it must be easy to create new VPNs and user communities. MPLS VPNs meet this requirement because they are built using Layer 3 protocol—BGP and Routing Information Protocol (RIP)—updates and require configuration only at the ingress PE. Current VPNs require service providers to engineer separate networks (specific routing design mapped to specific Layer 2 connections) for each customer.
  
  
• Flexible addressing—MPLS VPNs allow customers to continue to use their present address spaces without Network Address Translation (NAT), enabling customers to use their own unregistered private addresses, and communicate freely across a public IP network. Note, however, that if two VPNs want to communicate and both have overlapping addresses, that communication requires NAT at one endpoint.
  
  
• Integrated CoS support—MPLS VPNs support up to eight classes of service within each VPN.
  
  
• Straightforward migration—MPLS VPNs place no special requirements on the end customer. The (CE) router needs to support only IP, with no modifications required of customer's IP applications.
  
  

Platforms/Considerations

MPLS VPN code is implemented only on the PE routers. P routers need to support only basic MPLS (TDP/LDP, label forwarding, and label disposition).

Supported PE platforms include:

• Cisco 3600, 4500, 7200, and 7500
  
  

Supported P platforms include:

• Cisco LightStream 1010 ATM switch
  
  
• Cisco 7200 and 7500
  
  
• Catalyst 8540
  
  
• Cisco BPX 8650 wide-area ATM switch
  
  
• Cisco GSR12000
  
  

Additionally, the network must be running the following Cisco IOS services before running the VPN operation:

• MPLS connectivity between PE routers. MPLS enabled on all provider backbone (P) routers, or a direct connection between the PEs, using a physical link, and ATM Forum PVC or a GRE tunnel.
  
  
• MPLS VPN code in all PE routers and basic MPLS enabled in all PE routers
  
  
• BGP in all PE routers
  
  
• CEF switching enabled in every MPLS-enabled router
  
  

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Ranjeet Sudan

rsudan@cisco.com

Integrated IS-IS Multiarea Support

Description

Integrated IS-IS is a hierachical, link-state routing protocol which partitions a routing domain (Autonomous System) into areas—where an area is a group of connected routers (and possibly end-systems). All routers in the domain share topology and adjacency information. Currently IS-IS supports two levels of hierarchy such that Level-1 routers know how to reach all other intraarea system IDs and Level-2 routers know how to reach all other areas in the domain.

Previously each Cisco IOS router could participate in only one area, performing Level-1 (intraarea) routing locally, and Level-2 (interarea) routing to other areas in the network. This means that in certain environments when a network is divided into many small areas in a redundant configuration, a large number of routers were required to route among all areas. Cisco IOS Software now supports the ability to aggregate multiple Level-1 Areas on a single router, thereby significantly reducing the overall number of routers required to support this type of topology.

Benefits

• Fewer routers required to support the same number of areas—This feature makes it possible for one Cisco router to support multiple Level 1 areas, as opposed to the single Level 1 area previously supported by each router.
  
  
• Network scaling—Because a single Cisco router is capable of supporting up to 29 Level 1 areas plus one Level 2 area, expansion of networks using multi-area IS-IS routing is simpler.
  
  
• Connectivity for local Level 1 areas on the same router—This feature also provides connectivity between Level 1 areas local to the router. Previously, Level 1 areas could be connected only by using the Level 2 backbone.
  
  

Platforms/Considerations

This feature supports routing for at most one Level 2 area per router, although up to 29 Level 1 areas can be defined for each Cisco unit.

An interface cannot be part of more than one Level 1 or one Level 2 area per router. However, Cisco IOS Software subinterfaces are supported such that a subinterface can be used to connect to a Level-1 Area.

This feature is supported on the Cisco C25xx, C26xx, C36xx, C4x00, and C7x00 series routers.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Martin Mcnealis

mmcneali@cisco.com

On-Demand Routing Enhancements

Description

On-Demand Routing (ODR) is a highly scalable, simple remote access solution for IP. It is designed to enable "plug and play" connectivity by automatically exchanging routing reachability information such that the configuration overhead of a dynamic routing protocol or the limitations inherent to static routing are avoided.

As shown in Figure 14, On-Demand Routing simplifies installation of IP stub/remote networks in which the hub routers dynamically maintain routes to all stub networks, but do so without requiring the configuration of IP routing on the stub routers. With ODR, the stub router advertises the IP prefixes, including Variable Length Subnet Mask (VLSM) information, corresponding to its directly connected interfaces. This occurs automatically when the Cisco IOS Software detects that no other routing protocol has been configured on the stub router. At the hub aggregation router, ODR is correspondingly enabled, allowing this router to install the stub network routes in the IP Forwarding Table and it can also be configured to summarize and redistribute this reachability information into any dynamic IP routing protocol.

Beginning in Cisco IOS Software release 12.0(5)T, this solution is further enhanced to allow the hub ODR router to generate a default route to the stub ODR sites so that they can automatically install this in their local forwarding table and hence need no local routing configuration information in order to forward off-net traffic.

Benefits

• True "plug and play" IP connectivity.
  
  
• Highly scalable remote access solution.
  
  
• Efficient bandwidth utilization - minimum protocol overhead.
  
  
• Supports redundant configurations and traffic load-balancing.
  
  

Platforms/Considerations

The information exchanged by ODR is propagated between Cisco IOS routers using the Cisco Discovery Protocol (CDP), therefore ODR is partially controlled by the configuration of CDP. Specifically if CDP is disabled then the hub/stub exchange of information will cease. By default, CDP sends updates every 60 seconds. This update interval may not be frequent enough to provide fast topology reconvergence hence a more frequent hello interval may be appropriate. ODR may not work well with dial-on demand (DDR) routing interfaces since CDP packets will not initiate a DDR connection.

This functionality first appeared in Cisco IOS Software release 12.0(5)T and is available on the following Cisco IOS based platforms: C800, C1xxx, C2xxx, C36xx, C4x00, RSM5000, C5x00 and C7x00.

Product Marketing Contact

Martin McNealis

mmcnealis@cisco.com

Figure 14: A Typical ODR Deployment Scenario

MPLS Traffic Engineering

Description

Multiprotocol Label Switching (MPLS) traffic engineering software enables an MPLS backbone to replicate and expand upon the traffic engineering capabilities of Layer 2 ATM and Frame Relay networks.

Traffic engineering is essential for service provider and Internet service provider (ISP) backbones. Such backbones must support a high use of transmission capacity, and the networks must be very resilient, so that they can withstand link or node failures.

MPLS traffic engineering provides an integrated approach to traffic engineering. With MPLS, traffic engineering capabilities are integrated into Layer 3, which optimizes the routing of IP traffic, given the constraints imposed by backbone capacity and topology.

MPLS traffic engineering routes traffic flows across a network based on the resources the traffic flow requires and the resources available in the network.

MPLS traffic engineering employs "constraint-based routing," in which the path for a traffic flow is the shortest path that meets the resource requirements (constraints) of the traffic flow. In MPLS traffic engineering, the flow has bandwidth requirements, media requirements, a priority versus other flows, and so on.

MPLS traffic engineering gracefully recovers to link or node failures that change the topology of the backbone by adapting to the new set of constraints.

Benefits

MPLS traffic engineering offers benefits in two main areas:

• Higher return on network backbone infrastructure investment. Specifically, the best route between a pair of POPs is determined by taking into account the constraints of the backbone network and the total traffic load on the backbone.
  
  
• Reduction in operating costs. Costs are reduced because a number of important processes are automated, including set up, configuration, mapping, and selection of Multiprotocol Label Switching traffic engineered tunnels (MPLS TE) across a Cisco 12000 series backbone.
  
  

Platforms/Considerations

• Multiprotocol Label Switching (formerly known as Tag Switching)
  
  
• IP Cisco Express Forwarding (CEF)
  
  
• RSVP
  
  
• Intermediate System-to-Intermediate System (IS-IS)
  
  

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Ranjeet Sudan

rsudan@cisco.com

Management

Internet Engineering Task Force ISDN Management Information Base

Description

The ISDN MIB RFC 2127 feature provides Single Network Management Protocol (SNMP)-based networking management support for the IETF ISDN MIB (RFC 2127) in Cisco IOS Software. The IETF ISDN MIB (RFC 2127) provides useful information about the physical Basic Rate Interfaces (BRIs), control and statistical information of B (bearer) channels, control and statistical information for D (delta) channels, and data regarding terminal endpoints.

The IETF ISDN MIB (RFC 2127) contains five groups of objects:

• ISDN physical interface group
  
  
• B-channel group
  
  
• ISDN signaling group
  
  
• Terminal endpoint group
  
  
• Directory number group
  
  

ISDN Physical Interface Group

The BRI group is used to provide information regarding the physical BRIs. The objects in this group have been implemented as read-only. For Primary Rate Interfaces (PRIs), the physical interface is managed by the DS1/E1 MIB, which is not a part of this feature.

B-Channel Group

The bearer group is used to control B (bearer) channels. It supports configuration parameters as well as statistical information related to B channels.

ISDN Signaling Group

The signaling group is used to control D channels. This group has three tables.

• The signaling table contains the configuration and operational parameters of the ISDN signaling channels contained on this managed router.
  
  
• The signaling stats table contains statistics information of the ISDN signaling channels on the managed router.
  
  
• The Link-Access Procedure on D channel (LAPD) table contains configuration and statistics information for LAPD interfaces on the managed router.
  
  

Terminal Endpoint Group

The endpoint group contains configuration of the terminal endpoint identifier (TEI) values or service profile identifier (SPID) numbers associated with the signaling channel.

Directory Number Group

The optional directory group can be used to specify a list of directory numbers for each signaling channel. The directory number group is not supported in this implementation.

Benefits

The ISDN MIB (RFC 2127) has been designed to ensure that commercial network management systems implementing RFC 2127 and the agents on the Cisco routers work together to provide important data and statistics regarding the ISDN interfaces.

Platforms/Considerations

The ISDN MIB (RFC 2127) is supported on the following platforms: Cisco 1003/4, 1600, 2500 series, 3600 series, 4000 series, 4500 series, 5200, 5300, 7200 series, and 7500 series.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Anita Freeman

ATM PVC Traps for ATM Subinterfaces

Description

ATM permanent virtual circuit (PVC) transfer ATM subinterfaces provide enhancements to improve the "plug-and-play " capability of platforms running Cisco IOS Software.

Benefits

ATM PVC traps (RFC 2233) for ATM subinterfaces include the following enhancements/features:

• Interface MIB support for ATM subinterfaces—This feature provides the implementation of RFC 2233 (MIB-II) for ATM subinterfaces. ATM subinterfaces will now be visible in the if Table and accessible to the Network Management System (NMS). Two entities in the ifTable correspond to each subinterface—an atmSubif entity and an aal5 entity. The atmSubif entity corresponds to the "atm" layer and the aal5 entity corresponds to the ATM adaption layer 5 (AAL5). The MIB variables supported will be as per RFC1695.
  
  
• ATM PVC traps—This feature adds the capability for an agent to send out traps when PVC leaves the "up" state. Currently there is no mechanism for the management station to be aware of a failing PVC. With this feature added, a management station is notified of a failing PVC via a trap and then the management station can poll the agent for more information. This MIB is an extract from the draft "draft-ietf-atommib-atm2-11.txt" (Section 9). Generation of PVC traps is dampened by a "notification interval" in order to prevent trap storms. In effect, no traps are sent until the interval lapses. The two tables provide information on the failures, such as number of currently failing PVCs, time stamp of failure, total number of PVC failures on the interface, notifical interval value, and trap enable flag.
  
  

Platforms/Considerations

This feature is supported on the Cisco 12000, 4x00/m, 72xx, and 75xx platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Kevin Dickson

CLI String Search

Description

Show commands can be "piped" through a filter that either includes or excludes all lines that match the regexp, or that searches (not displaying skipped lines) for a line that matches regexp, at which point it begins unfiltered output.

Benefits

The command-line interface (CLI) string search feature offers filtering and searching of output from show commands and from the—More—prompt.

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

John Hopprich

RSVP MIB

Description

The RSVP MIB feature provides the SNMP-based networking management support for Cisco's RSVP feature set.

The RSVP MIB includes following groups of objects:

• Objects for managing Resource Reservation Protocol (RSVP) within the interface attributes defined in the Integrated Services Model (RFC 2206)
  
  
• Objects for managing the interface attributes defined in the Integrated Services Model.(RFC 2213).
  
  
• Objects for managing the interface attributes defined in the Guaranteed Service of the Integrated Services Model(RFC2214).
  
  

Benefits

Provides network management for RSVP feature.

Platforms/Considerations

The feature is supported on the Cisco 1600, 2x00, 3x00, 4x00, 5x00, and 7x00 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(2)T.

Production Marketing Contact

Sanjay Kalra

SNMP Version 3

Description

Version 3 of the Simple Network Management Protocol (SNMPv3) is the latest version of the Internet standard protocol for network management. SNMPv3 provides security features such as user authentication, message integrity, encryption, and secure remote configuration. The Cisco implementation is fully compliant with the standard, and is also completely backward compatible with earlier supported versions of the protocol (SNMPv1 and SNMPv2c).

Benefits

• Allows secure configuration of network devices when used with SNMPv3-compliant network management tools
  
  

Platforms/Considerations

The base version of SNMPv3 (including user authentication and message integrity) is available on all platforms and images. The version with message encryption is available only with crypto images.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Dale Francisco

Process MIB

Description

The Cisco Process Management Information Base (MIB) allows customers to access CPU and per-process statistics via SNMP. These statistics include overall CPU utilization for the most recent five-second, one-minute, and five-minute periods, as well as per-process CPU and memory utilization. CPU utilization statistics are provided both for the main CPU and for CPUs on VIP port adapters.

Benefits

• Allows automated network management tools to closely monitor system performance
  
  

Platforms/Considerations

APS is supported on PoS (Packet over SOENT/SDH) interfaces:

GSR 12000 OC-3c/STM-1 PoS, OC-12c/STM-4c PoS and OC-48c/STM-16c PoS 7500/7200 OC-3c/STM-1 PoS.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Marc Roy

Diagnostic/Troubleshooting

Description

Crashinfo is a tool that aids in diagnosing otherwise intractable Route Switch Processor (RSP), VIP2, and Gigabit Route Processor (GRP) crashes.

Crash information is written as a default to Flash: crashinfo in the route processor (RP). The crash information contains up to 20 KB in the RP of errmsg log plus command history, including configuration commands that the user enters. The crash information also contains all the following information:

• Crash stack trace
  
  
• Crash context
  
  
• Stack dump at crash
  
  
• Dump memory for each register containing "valid" RAM address
  
  
• Error message display on invalid length of copy
  
  

Benefits

Important diagnostic information is stored in a Flash card and can be retrieved after reload to help analyze the problem.

Platforms/Considerations

Cisco GSR 12000 and 7500 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Adrian Amelse

SNMP over IPC for RPM

Description

This feature is required to provide CiscoView support for the Route Processor Module (RPM) in the MGX 8800 platform.

Benefits

With the addition of this feature, all service modules, including the RPM in the MGX 8800, can leverage CiscoView for equipment management.

Platforms/Considerations

MGX 8800.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Ian MacDonald

Multicast Routing Monitor

Description

Multicast routing monitor (MRM) facilitates automated fault detection in a large multicast-enabled network. It is designed to warn a network administrator of multicast routing problems in close to real time.

Benefits

• Pre-event testing—running MRM before starting a multicasted event allows the early discovery of major network bottlenecks in the multicast-enabled network. Armed with the knowledge, the IT staff, ISP, or the enterprise network team can fix the multicast connectivity problems in time for the CEO to boast the reliability of the network, over the network, without interruption.
  
  
• Classic fault isolation—assists a network manager in isolating mutlicast routing faults.
  
  
• Session monitoring—provides monitoring of existing, active multicast sessions.
  
  
• Fault logging—provides a range of fault logging functions, including support for alerts, tracking, scalability, and aggregation functions.
  
  

Platforms/Considerations

• Multicast routing monitor is available in Cisco IOS Software 12.0(4)S and12.0(5)T and above.
  
  
• Multicast routing monitor is available across the Cisco IOS Software-based C2500, C2600, C36x0, C4x00, RSM5000, C7x00 C85x0, and C12000 platforms.
  
  

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Christine Falsetti

falsetti@cisco.com

CNS Client

Description

Cisco Networking Services (CNS) client for Cisco IOS Software enables authenticated directory access to a CNS/AD server. CNS client for Cisco IOS Software includes the following components

• Lightweight Directing Access Protocol (LDAP) V.3 API
  
  
• Support to use Kerberos V.5 as security protocol for LDAP V.3 Client
  
  
• CNS Event Services API
  
  
• CNS Locator Services API
  
  
• CNS Global Policy Object API
  
  
• CNS IP Security (IPsec) virtual private network (VPN) Provisioning Agent
  
  
• CNS Configuration Change Notification Agent
  
  
• CNS Provisioning Agent
  
  

LDAP V.3 client functionality enables Cisco IOS Software-based applications to securely authenticate to a CNS for Active Directory (CNS/AD) server using Kerberos V.5 as security protocol to retrieve or store information such as policy, configuration data, and so on.

Cisco IOS Software-based applications publish or subscribe to events using CNS Event Services Client, enabling external applications using the application programming interface (API) features of CNS to receive events or publish events to the Cisco IOS device.

This Cisco IOS Software-based device will use CNS Locator Services Client to locate the nearest directory server using Domain Name System (DNS). The administrator does not have to configure the device to locate the nearest directory server. CNS GPO API enables Cisco IOS Software directory-enabled applications to retrieve IPsec policies stored in the CNS/AD server.

All the above-mentioned functionality is intended for use by internal Cisco IOS Software application developers.

CNS IPsec VPN Provisioning Agent enables the router to retrieve IPsec policies stored in the CNS/AD server and configure itself, automating the provisioning of customer premises equipment (CPE) devices for IPsec VPN.

CNS Provisioning Agent enables Cisco IOS devices to be provisioned using CNS Event Services, providing a programmatic interface for provisioning applications using CNS Event Services.

Benefits

• CNS client for Cisco IOS Software improves overall manageability of devices and reduces the total cost of ownership.
  
  
• CNS IPsec VPN agent enables rapid provisioning of IPsec VPN, reducing the cost of implementing IPsec VPN services.
  
  
• CNS client for Cisco IOS Software enables rapid service provisioning by reducing the time and cost to provision a new service provider.
  
  

Platforms/Considerations

• C2501-2525, C2501CF-2502CF, C2520CF-2523CF, C2520LF-2523LF
  
  
• C2610-2612
  
  
• C3620, 3640
  
  
• C4000, 4000-M, 4500, 4700, 4500-M
  
  
• Catalyst 5000 router switch module
  
  
• AS5200, AS5300 access server
  
  
• C7200, 75xx, Route Switch Processor (RSP) 7000
  
  
• C800
  
  
• C1720
  
  
• CNS Client is available on multiple platforms.
  
  
• • CNS Client for Cisco IOS 12.0(4)T is a set of CNS foundation libraries.
    
    
  • CNS Client for Cisco IOS 12.0(5)T includes three Cisco IOS agents/clients/applications that run in Cisco IOS.
    
    
  • CNS Client for UNIX includes a set of APIs and sample applications running under Solaris and HPUX.
    
    

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Vijay Parthasarathy

vijayp@cisco.com

Service Assurance Agent

Description

The Cisco IOS Software-based service assurance (SA) agent is an application-aware synthetic operations agent, which monitors network performance by measuring key service-level agreement (SLA) metrics such as response time, availability, jitter (interpacket delay variance), connect time, throughput, packet loss, and application performance.

It allows users to monitor network performance between a Cisco router and a remote device (which can be another Cisco router, an IP host or a Multiple Virtual Storage [MVS] host). This feature enables the user to perform troubleshooting, problem analysis, and notification based on the statistics collected by the SA agent.

The SA agent was previously known as the response time reporter (RTR). The response time and availability monitoring capabilities of RTR have been extended to include support for voice over IP (VoIP), quality of service (QoS), and the Web—and thus RTR has evolved into the SA Agent.

Key features include:

• Measures voice over IP performance
  
  
• Measures response time between endpoints for a specific quality of service
  
  
• Measures DNS response time
  
  
• Measures Dynamic Host Configuration Protocol (DHCP) response time
  
  
• Measures data-link switching plus (DLSw+) performance between two DLSw+ peers
  
  
• Measures the time it takes to establish a connection using TCP; the TCP port may be configured
  
  
• Measures User Datagram Protocol (UDP) response time; the UDP port and packet size is configurable
  
  
• Measures Internet Control Message Protocol (ICMP) response time for a specific network path through the use of Loose Source Routing
  
  
• Measures ICMP response time either end to end or for each router in a network path
  
  
• Measures System Network Architecture (SNA) response time to an MVS host using Logical Unit 0 (LU0), LU2, and system service control points (SSCP)
  
  
• Offers proactive notification
  
  
• Evaluates rising and falling thresholds for monitoring SLAs
  
  
• Provides robust threshold definitions for SLAs
  
  
• Generates Simple Network Management Protocol (SNMP) traps when SLAs are violated
  
  
• Generates network management vector transport (NMVT) alarm when SLAs are violated
  
  
• Additional operations may be triggered for SLA violation, enabling more detailed analysis
  
  

The monitored output of Service Assurance Agent can be utilized by CiscoWorks Blue Internetwork Performance Monitor or Concord Communications Inc.'s Network Health.

Benefits

With the increasing importance of mission-critical applications and networks linking global enterprises, customers are demanding SLAs that guarantee minimum acceptable levels of service. The challenge for the network operators is to create a reliable mechanism for accurately monitoring and ensuring contractual levels of service. Measurement features of the service assurance agent built into Cisco IOS Software enable customers to provide assurances for the managed or delivered services.

• Service-level monitoring—the ability to monitor availability, round-trip response time for UDP and TCP connection setup time for application-layer protocols. Applications that may be monitored include voice over IP, Web, file transfer, e-mail, and others. Service levels for response time and availability of these applications may be monitored using RTR.
  
  
• VoIP monitoring—the ability to monitor jitter, packet loss, and availability of synthetic VoIP traffic. This monitoring will enable customers to measure VoIP SLAs.
  
  
• Web monitoring—the ability to monitor the response time and availability of Web applications.
  
  
• QoS and accuracy—the ability to monitor the eight lanes of IP traffic corresponding to settings of the precedence bits of the IP packet header. The response time and availability of the different QoS for each IP Precedence level may be monitored separately using RTR.
  
  
• Application monitoring—the ability to monitor the response time and availability of applications that use any TCP or UDP port.
  
  

Platforms/Considerations

Service assurance agent is available on all platforms running Cisco IOS 12.0(5)T or above.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Jonathan Beck

jbeck@cisco.com

Multimedia

Cisco Store-and-Forward Fax

Description

Cisco store-and-forward fax is an implementation of the IETF Internet fax working group standards and is also known as the ITU T.37 standard. It provides an Internet e-mail-fax gateway capability on Cisco access servers, allowing integration with standards-compliant messaging infrastructures to deliver a total store-and-forward fax solution.

Allegro comprises two major subsystems:

• Onramp
  
  
• Offramp
  
  

The onramp receives faxes from end users and translates them into standard MIME e-mail messages, which are forwarded to the messaging infrastructure. The offramp receives MIME e-mail messages and delivers them as faxes. The messaging infrastructure is either a standard Internet mail MTA (such as UNIX sendmail) or custom store-and-forward fax software. It is not provided by Cisco. The messaging infrastructure performs message routing (for example, least cost routing), message storage, and transport. Cisco provides the onramp and offramp functions in its access servers, which integrate with several messaging software products that provide message routing, storage, and transport.

Benefits

It enables store-and-forward fax functions by treating faxes as messages. The advantages of this approach are:

• Simple integration of fax with Internet e-mail
  
  
• Integration of faxes with electronic documents
  
  
• Improved fax delivery success rate
  
  
• Improved fax delivery control
  
  
• Ability to broadcast faxes
  
  

Store-and-forward fax provides the following additional benefits:

• Incremental service revenue from access server pools
  
  
• Cost reduction by carrying messages over an IP infrastructure
  
  
• Reduced cost of operations compared to dedicated fax servers
  
  

Platforms/Considerations

This feature is supported only by the AS5300 platform.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Mathew Lodge

mlodge@cisco.com

Figure 15:

Multimedia Conference Manager

Cisco Multimedia Conference Manager (MCM) is now supported on the MC3810. This provides H.323 video services for customers with ATM backbone networks. The MC3810 provides a cost-effective T1/ATM access solution. The Cisco H.323 proxy provides mapping of video sessions from IP to ATM, which guarantees QoS over the wide area network. Providing H.323 video over ATM allows customers to integrate H.320 and H.323 video services over a single ATM backbone, and provides a migration path from older H.320 networks to more flexible and standards-based H.323 architecture.

Combining the MC3810 with MCM provides the following features:

• Voice video and data over ATM networks
  
  
• H.320 and H.323 video over ATM
  
  
• H.323 Gatekeeper
  
  
• H.323 Proxy for QoS management
  
  
• Full suite of Cisco IOS Software routing protocols
  
  

Benefits

The combination of Cisco Multimedia Conference Manager and the MC3810 provides customers with the following benefits:

• Provides cost-effective solution for H.323 and H.320 video over T1/ATM in one box
  
  
• Provides the flexibility of H.323 video and the guaranteed Quality of Service of ATM
  
  
• Allows customer a migration path from H.320 to H.323 video without changing the ATM network
  
  

Platforms/Considerations

MC3810.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contacts

Gary Beckstrom

Steve Bode

Quality-of-Service

Flow Random Early Detection

Description

This feature provides a mechanism to penalize the flows that do not respond to Weighted Random Early Detection (WRED) drops. This feature is provided as an extension to the existing WRED functionality and can be turned on after WRED is turned on.

Flow-WRED ensures that no single flow can hog all the buffer resources at the output interface queue. (With just WRED, this can occur in the presence of traffic sources that do not back off during congestion.) Flow-WRED maintains minimal information about the buffer occupancy per flow. Whenever a flow exceeds its share of the output interface buffer resource, the packets of the flow are penalized because the probability of their drop (by WRED) is increased. (See Figure 15.)

Figure 16: Flow Random Early Dection (FRED)

Benefits

• Extension of WRED
  
  
• Penalize flows that do not respond to drops
  
  
• Flow-WRED ensures that no single flow can hog all the buffer resources
  
  
• Adaptive flows get fair share of resources
  
  

Platforms/Considerations

This feature is supported on all platforms that WRED is supported on; that is, the Cisco 72xx, 47xx, 45xx, 26xx, and so on. It is not presently supported on the VIP-based platforms or on platforms that have distributed queuing functionality.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Sanjay Kalra

QoS Mapping of RSVP to ATM SVC Mapping

Description

This feature was developed specifically for network research environments. This implementation supports the establishment of an ATM CoS in response to a RSVP reservation request. The ATM CoS parameters are taken from the RSVP flowspec request. Each RSVP reservation corresponds to an ATM VC with a certain peak cell rate (PCR), sustained cell rate (SCR) and maximum burst size (MBS). The PCR can be set to line rate or configured by the user, but the SCR and MBS should ideally be set from the rate and burst size parameters in the RSVP flowspec. To accomplish this the edge Layer 3 switches or routers should perform TCP/IP shaping and policing at the edge of the network.

The Layer 3 switches or WAN routers form a single logical IP subnet, allowing RFC 1577 ATMARP procedures to resolve IP to ATM addresses or static address mappings with 1483 encapsulation and enable VC set up across this ATM core.

Benefits

In ATM core environments, this experimental technology allows for IP QoS flow reservations via RSVP at the expense of greater ATM VC consumption. When coupled with policing and scheduling mechanisms, IP admission control can be supported for emerging applications such as VoIP, and source based client applications such as video conferencing.

Platforms/Considerations

Will work only on the Cisco 7500 with Cisco IOS 12.0(3)T and a VIP 2-50 interface with an ATM Deluxe (PA-A3-OC3) port adaptor.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Ravi Prakash

Response Time Reporter (RTR) Enhancements

Description

• User Datagram Protocol (UDP) response time operation—RTR provides the ability to monitor round-trip response time using UDP. The UDP port and packet size is configurable, so monitoring applications such as voice over IP may be emulated. RTR may monitor UDP response time either to another router running RTR, or to a server. For example, you can monitor response time to well-known UDPECHO port 7 on a file server
  
  
• TCP connect time operation—RTR provides the ability to monitor the time it takes to establish a connection using TCP. The TCP port may be configured, so RTR may monitor the response time for establishing connections to Web, File Transfer Protocol (FTP), DNS, Dynamic Host Configuration Protocol (DHCP), point of presence 3 (POP3) and Simple Mail Transfer Protocol (SMTP) servers
  
  
• Type-of-service support for the Internet Control Message Protocol (ICMP) Operations—RTR provides the ability to monitor response time for ICMP packets running at different priorities, as set by the three precedence bits of the IP packet header
  
  
• Loose source routing (LSR) in the ICMP path operation—RTR now uses LSR when using the ICMP path operation to measure hop-by-hop response time of a network path
  
  

Benefits

• Service-level monitoring
  
  
• • Ability to monitor availability, round-trip response time for UDP, and TCP connection setup time for application-layer protocols
    
    
  • Applications that may be monitored include voice over IP, Web, file transfer, e-mail, and others
    
    
  • Service levels for response time and availability of these applications may be monitored using RTR
    
    
• Quality of service and accuracy
  
  
• • Ability to monitor the eight lanes of IP traffic corresponding to settings of the precedence bits of the IP packet header
    
    
  • The response time and availability of the different QoS for each IP Precedence level may be monitored separately using RTR
    
    
• Voice over IP (VoIP) traffic
  
  
• • VoIP traffic flows as UDP datagrams to a specific destination port and typically networks implement a policy routing scheme that marks VoIP packets with a high type-of-service (ToS) setting in the IP header; upon entry into "tagged" (Tag Switching, VPN, tunneled) networks, the IP ToS bits are used to chose a route and can be additionally acted upon at any queuing points in intermediate nodes
    
    
  • RTR can be configured to send UDP packets with any source/destination IP addresses and port and with specific ToS bit settings. In addition to active performance monitoring, RTR can be used to validate the policy routing of new networks as they are being deployed or modified
    
    

Platforms/Considerations

These features are available on all platforms running Cisco IOS 12.0(3)T.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Jonathan Beck

IP-ATM Class of Service, Phase II

Description

Extending the capability previously only available for IP networks, IP-ATM CoS is Cisco's network-wide program that lets you create unified "user and traffic classes" across IP and traditional ATM network fabrics. Examples of a "class" include the "first class" or "business class" capabilities found in the airline industry. The Phase II functionality allows the configuration of multiple ATM PVC's between two destinations and allows different traffic classes (with different IP Precedences) to be sorted into these PVC's.

Figure 17: IP-ATM Class of Service, Phase II

Benefits

Key Benefits:

• Ensures effective differential classes over IP and traditional ATM networks
  
  
• Uses existing ATM infrastructures
  
  
• High-performance design using distributed processing
  
  
• Built using Cisco expertise
  
  
• Phase II allows each precedence level to be associated with its own ATM PVC
  
  

See Table 3 for a more thorough description of the benefits of the IP-ATM CoS features.

Platforms/Considerations

• Operates on Cisco 7500 and 7200
  
  
• Requires ATM PA-A3
  
  
• Phase I of the IP to ATM CoS appeared in Cisco IOS software release 11.1(22)CC
  
  
• First appearance in a Cisco IOS Software "T" release: 12.0(3)T.
  
  

Marketing Contacts

Keith Travis

Sanjay Bhardwaj

Class-Based Weighted Fair Queuing

Description

Class-based Weighted Fair Queuing (CBWFQ) allows the user to define traffic classes based on customer-defined match criteria such as access control lists (ACLs), input interfaces, protocol, and QoS label. For example, a class might consist of a team working on a certain project or a class can be created for the important mission-critical applications for example, enterprise resources planning (ERP). When the traffic classes have been defined, they can be assigned a bandwidth, queue limit, or drop policy such as Weighted Random Early Detection (WRED).

Benefits

• Bandwidth allocation—CBWFQ allows you to specify the exact amount of bandwidth to be allocated for a specific class of traffic. Accounting for available bandwidth on the interface, you can configure up to 64 classes.
  
  
• Finer granularity and scalability—CBWFQ allows you total flexibility to define a class based on ACLs as well as protocols or input interfaces, thereby providing finer granularity.
  
  
• Support in the modular command-line interface (CLI) framework—CBWFQ is supported in the new modular CLI framework, which is a new, template-based CLI. This new modular CLI eases the configuration of CBWFQ by introducing the class-map, service-map and policy-map methodology. This "virtual template" eases the constant configuration of policies per interface, and reduces the configuration by allowing the service maps to be assigned to each interface—without reconfiguring the match criteria/ACLs and policies.
  
  
• WRED supported as a drop policy—CBWFQ supports WRED as a drop policy per class, thus allowing you to provide differentiated service within a class.
  
  

Platforms/Considerations

This feature is supported on all platforms that WFQ is supported on, in other words, C72xx, C47xx, C45xx, C36xx, C26xx, and so on.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact:

Sanjay Kalra

Skalra@cisco.com

IP RTP Priority

Description

IP RTP Priority provides a strict Priority Queue for delay-sensitive packets such as those in Voice over IP. Voice traffic can be identified by the RTP port numbers and classified into a priority queue set up by the IP RTP Priority mechanism. This feature can be turned on in conjunction with either Weighted Fair Queuing (WFQ), or Class-Based Weighted Fair Queuing (CBWFQ), on the same outgoing interface. When used in conjunction with CBWFQ, the IP RTP Priority command provides strict priority to Voice. Additionally, CBWFQ can be used to set up classes (for example, gold/silver/bronze) for other types of traffic (for example, SNA or PeopleSoft) that require dedicated bandwidth and better servicing than "best-effort", but not as strict as Priority Queuing. CBWFQ can also support flow-based WFQ within the "Default CBWFQ Class", if so configured.

IP RTP Priority extends, and will obsolete, the functionality offered by the feature IP RTP Reserve. By specifying a range of UDP/RTP ports, the user ensures that voice traffic is guaranteed strict priority service over any other queues or classes using the same output interface. Strict priority means that if packets exist in the priority queue, they are de-queued and transmitted first—before packets in other queues are de-queued.

As voice packets are small in size and the interface may have larger data packets requiring servicing simultaneously, the Link Fragmentation and Interleaving (LFI) feature, also known as Multi-Link PPP Fragmentation, is recommended to be configured for lower speed interfaces. LFI will fragment the larger data packets (for example, ftp at 1500 bytes) so the smaller voice packets can be interleaved among the data fragments, thus ensure that voice traffic is serviced with minimal delay.

Benefits

• Higher Quality Voice: Reduced Latency for VoIP traffic—The strict priority queueing scheme allows delay-sensitive data such as voice to be de-queued and transmitted first—before packets in other queues are de-queued. Delay-sensitive data is given preferential treatment over other traffic.
  
  
• Scalable QoS for Voice Admission Control—IP RTP Priority closely polices use of bandwidth for the priority queue, ensuring the allocated amount is not exceeded. In fact, IP RTP Priority polices the flow every second. IP RTP Priority prohibits the transmission of additional packets once the allocated bandwidth is consumed. If it discovers that the configured amount of bandwidth is exceeded, IP RTP Priority drops packets.
  
  
• Higher Quality Voice over Slow Speed Links—IP RTP Priority is the only recommended solution for VoIP at low speeds links (for example, 56/64Kbps).
  
  

Platforms/Considerations

This feature is supported on all Cisco IOS platforms that WFQ is supported on, i.e. Cisco 26xx, 36xx, 45xx, 47xx, 72xx, etc.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Sanjay Kalra

skalra@cisco.com

Subnetwork Bandwidth Manager

Description

Subnetwork Bandwidth Manager (SBM) is a signaling protocol for Resource Reservation Protocol (RSVP)-based admission control for LANs. It provides a method for mapping a Layer 3 protocol such as RSVP to Ethernet LANs. It describes the operation and mapping of a RSVP-enabled host requesting bandwidth with link-layer devices such as switches and bridges to support reservation of LAN resources for RSVP-enabled data flows.

RSVP is a Layer 3 signaling protocol that allows reservation of bandwidth for a flow in packet-based networks. However, when the RSVP messages have to travel the Layer 2 devices in the LANs, no bandwidth reservation is made in the Layer 2 devices because these devices (switches, bridges) do not understand Layer 3 information. This scenario may result in overbooking of the LAN links and may eventually lead to congestion, especially if the Layer 2 network is a shared subnetwork or a speed-mismatched subnetwork. (a subnetwork in which the server/client connections as well as the backbone connections are of the same speed). SBM is precisely such a protocol to deal with reservations in an IEEE 802-style (Ethernet) shared, switched, or speed-mismatched Layer 2 network. In order to honor the reservations, a designated device acts on behalf of the other Layer 2 devices to handle the flow reservations. This designated device is called the Designated Subnetwork Bandwidth Manager (DSBM). A DSBM is elected based on the assigned priority.

Figure 18: Subnetwork Bandwidth Manager

Benefits

• By extending the reservation of bandwidth from a RSVP-aware application to the Layer 2 LAN or campus infrastructure, SBM is completing the Layer 3 end-to-end QoS for microflow applications such as multimedia, VoIP, and Web call centers from the WAN to the campus to the LAN.
  
  
• SBM allows better resource reservation in shared-media environments or LAN environments where LAN switches/bridges neither understand nor support Layer 3 protocols.
  
  
• Per-flow RSVP reservations can be made the same way as in a Layer 3 network, allowing the extension of QoS to the end system, even if connected to the IEEE 802-style LAN.
  
  
• SBM enables admission control for QoS in Layer 2 LANs.
  
  
• One DSBM can manage the resource reservations or admission control on a LAN segment.
  
  

Platforms/Considerations

SBM is available on all the RSVP-supported Cisco IOS devices: C7500, C7200, C4700, C4500, C3600, C2500, and C1600. All these devices support SBM client as well as DSBM.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Azhar Sayeed

asayeed@cisco.com

MPLS Class of Service

Description

Different methods are available for supporting class of service (CoS) across a Multiprotocol Label Switching (MPLS) backbone, depending on whether the core has label switch routers (LSRs) or ATM LSRs. In both cases, the building blocks to differentiate between the CoSs are committed access rate (CAR), Weighted Random Early Detection (WRED), and Weighted Fair Queuing (WFQ). CAR is used to classify packets at the edge of a MPLS network, WRED is used to differentiate between classes based on drop probability at the edge and core of a MPLS network, and WFQ is used to differentiate between classes based on delay at the edge and core of a MPLS network.

In the case where LSRs reside in the core of the MPLS backbone, the LSRs are either C7200 or C7500 routers running MPLS software. IP packets come into the edge of the MPLS network and the edge LSRs invoke CAR to classify the IP packets and possibly set IP Precedence. Alternatively, IP packets can be received with their IP Precedence already set. A lookup is then done on the IP address to determine the next-hop LSR. The appropriate label is placed on the packet, with the IP Precedence bits copied into the label header. The labeled packet is then forwarded to the appropriate output port for processing. At this point, class based on either drop probability using WRED or delay using WFQ differentiates tagged packets. In the core of the network, LSRs enforce the defined differentiation by continuing to employ either WRED or WFQ on each hop.

In the case where the core of the network uses ATM LSRs, the operation of the edge LSR is exactly as described above except that the output interface is an ATM interface, a separate virtual circuit (VC) is set up for each class, and a separate label is assigned for each service class per destination. Tag Distribution Protocol/Label Distribution Protocol (TDP/LDP) is used to set up the hop-by-hop VCs and to manage which class-based queue corresponds to which VC. WFQ is used to define the amount of link bandwidth available to each service class and thus differentiate between classes based on delay. The edge LSRs then schedule packets by class using WFQ with WRED invoked when congestion occurs. The ATM label switch routers (ATM-LSRs) in the core participate in the differentiation of classes with WFQ and can also intelligently drop packets when congestion occurs in the core via Weighted Early Packet Discard (WEPD).

Benefits

MPLS CoS provides the same benefits and IP CoS when implemented on a backbone built purely of routers. The following benefits are realized when implementing IP CoS on a backbone of ATM switches using MPLS.

• Efficient resource allocation—WFQ is used to allocate bandwidth on a per-class and per-link basis. Classes of traffic are guaranteed a percentage of link bandwidth, thereby maximizing the transport of paid traffic.
  
  
• No connections to configure—Implementing IP CoS with MPLS requires no configuration of end-to-end VCs for each class of service. This advantage is especially beneficial when integrating MPLS CoS support in conjunction with a MPLS VPN service. Traditional methods of configuring IP CoS with ATM would require configuring and provisioning a separate end-to-end VC for each class of service for each VPN.
  
  
• Flexibility without added overhead—MPLS CoS promotes the efficient use of bandwidth, because unused bandwidth allocated to a class is available to all other classes if needed. Furthermore, MPLS CoS requires no call setup procedure, because reachability and resource allocation are established before the initiation of service.
  
  

Platforms/Considerations

MPLS CoS code is supported on the following platforms:

• 36x0 series routers (POS interfaces only)
  
  
• 4x00 series routers (POS interfaces only)
  
  
• 7200 series routers
  
  
• 7500 series routers
  
  
• GSR12000 gigabit switch router (POS interfaces only; per-interface WRED only; Cisco IOS 12.0(5)S or above only)
  
  
• LightStream 1010 ATM switch (core only)
  
  
• Catalyst 8540 MSR ATM switch (core only)
  
  
• BPX 8650 IP+ATM switch and BPX 8600 with Label Switch Controller (core only)
  
  

Additionally, the network must be running the following Cisco IOS Software features in order to use MPLS CoS:

• Basic MPLS with MPLS CoS code in all edge routers and core routers or core ATM switches
  
  
• Cisco Express Forwarding (CEF) switching enabled in every MPLS-enabled router
  
  
• ATM functionality (ATM functionality is not needed if only packet interfaces are used.)
  
  

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Ranjeet Sudan

rsudan@cisco.com

Reliability

AS5800 Dial Shelf Controller Redundancy

Description

AS5800 Dial Shelf Controller (DSC) redundancy improves the reliability and availability of the AS5800 access server platform. It provides 1:1 controller redundancy for the AS5800 access server dial shelf, protecting against failures of the DSC card, the dial shelf interconnect, or the dial shelf interconnect port adapter. This software feature allows a second DSC card to act as a standby for the active or "master" DSC card. If the active DSC, the interconnect cable, or the dial shelf interconnect port adapter fails, the standby DSC card immediately takes control of the dial shelf. AS5800 system operation continues uninterrupted and no calls are lost.

Benefits

• Increases the reliability and availability of the AS5800
  
  

Platforms/Considerations

Applicable to AS5800 only.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Mathew Lodge

GSR APS and Sonetization

Description

The GSR automatic protection switching (APS) adds Synchronous Optical Network (SONET) linear APS and Synchronous Digital Hierarchy (SDH)-equivalent capability. If one of the two links that participates in APS fails, traffic is automatically switched to the second.

SONET/SDH compliance and interoperability are increased through the addition of threshold crossing alerts, improvements to SONET alarms, and performance monitoring.

Benefits

• Increased network reliability through the use of APS on router interfaces that are connected to SONET/SDH add-drop multiplexers
  
  
• Improved manageability of POS interfaces, including early detection of link degradation; improved interoperability with SONET/SDH equipment
  
  

Platforms/Considerations

Cisco GSR 12000 and 7500 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Adrian Amelse

MGX 8800 RPM Connection Resynchronization

Description

The MGX^™ 8800 RPM connection resynchronization feature provides a mechanism two databases can be resynchronized when the RPM and PXM connection databases loose synchronization.

Benefits

This feature increases the reliability of the RPM in the MGX 8800 switch from a connection point of view.

Platforms/Considerations

MGX 8800.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Ian MacDonald

QSIG BRI Voice Signaling Interface

Marketing Description

In addition to the QSIG PRI voice signaling introduced in release 12.0(2), a QSIG BRI is now available. QSIG signaling allows products with BRI interfaces to build voice-over-Frame-Relay calls based on messages received from the PBX. Providing QSIG signaling on both BRI and PRI interfaces allows customers with QSIG-enabled PBXs to use the special features in the PBX such as call forwarding and transfer between large and small PBXs. The QSIG implementation supports generic function calls so that supplementary services can be passed through the network transparently. Also supported is overlap sending.

Standards Support:

• ECMA 142, ECMA 143—Basic Call Services
  
  
• ECMA 141—Data Link Layer
  
  
• ECMA 165—Generic Functions to support Supplementary Services
  
  

Voice-over-Frame-Relay calls that originate on a router with BRI interfaces can terminate calls on a router with any other voice interface such as analog, PRI, or CAS interfaces. This ensures end-to-end voice networking that is transparent to the signaling interface anywhere in the network. QSIG supplementary services will not be available when terminating calls on non-QSIG interfaces.

Other supported features of QSIG BRI include:

• Call-related procedures, connectionless procedures, connection-oriented procedures, call related for notifications are all supported as transport mechanisms for supplementary services (ECMA 165)
  
  
• Segmentation and reassembly (SAR) functionality that supports up to eight segments of 260 bytes each (CSCdj94206); this is specified in ECMA 143, Annex ZA
  
  
• Enbloc signaling
  
  
• Overlap signaling
  
  

Benefits

None provided

Platforms/Considerations

MC3810.

First appearance in a Cisco IOS Software "T" release: 12.0(4)T.

Marketing Contact

Steve Bode

Pragmatic General Multicast

Description

Pragmatic general multicast (PGM) is a reliable multicast transport protocol for applications that require ordered, duplicate-free, multicast data delivery from multiple sources to multiple receivers. PGM guarantees that a receiver in the group either receives all data packets from transmissions and retransmissions, or detects unrecoverable data packet loss. PGM is specifically intended as a workable solution for multicast applications with basic reliability requirements.

Benefits

• PGM provides a reliable point-to-multipoint TCP connection. Data is efficiently transmitted using IP multicast.
  
  

Platforms/Considerations

This feature is available in Cisco IOS 12.0(5)T and above. It is available across the Cisco IOS Software-based C1600, C1700, C2500, C2600, C36x0, C4x00, RSM5000, C7x00, C85x0, and C12000 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Christine Falsetti

falsetti@cisco.com

X.25 Remote Failure Detection

Description

The problem being solved is when transporting RFC 1356 LAN traffic over an X.25 network, the router does not have a mechanism to reroute the traffic to a secondarily defined path when the primary path to the remote X.25 destination has a failed condition because today, the Layer 3 routes are static and no routing protocol is being used. If two destination routers are connected via multiple X.25 links (primary and secondary), the source router is unable to detect a failure of the remote primary path/link.Today, the X.25 routes are flushed from the routing table only when the remote physical interface is marked as physically down. In only such a state would the source router consider routing data to the secondary path.

The solution is as follows. Two static IP routes are defined to the remote destination. The primary has a higher weightage, causing it to be used for interesting traffic. Each of these routes directs traffic to a point-to-point subinterface and a retry mechanism is configured on the primary subinterface. Interesting traffic uses the primary route pointing to the primary subinterface. When the call gets cleared by the remote destination for any reason, the primary subinterface is marked down, causing the routing-table entry that points to this subinterface to disappear, thereby making the secondary route visible. Future traffic flows over the secondary route that points to the secondary subinterface. The retry mechanism configured on the primary attempts to bring the primary subinterface back up. The number of attempts and the duration between successive attempts is configurable. If a retry attempt succeeds or an incoming call is received for the primary subinterface, it is marked up.

Benefits

This solution enables a much smoother detection of a remote failure and enables the routers to choose an alternate secondary path while checking the status of the primary path for availability.

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Ruben Rios

rurios@cisco.com

Frame Relay End-to-End Keepalive

Description

Frame Relay end-to-end keepalive enables the router to keep track of PVC status, independent of the switches in the Frame Relay network. The routers at both ends of a PVC in a Frame Relay network engage in a keepalive session where one router issues keepalive messages and the router at the other end of the PVC connection responds. The time interval for the keepalive is configurable and is enabled on a per-PVC basis. As long as the keepalive-issuing router receives response messages, the PVC status is up. When response messages are not received (because of line failure, a faulty switch in the Frame Relay network, or a router failure), the PVC is down. This mechanism enables bidirectional communication of PVC status to both routers at the ends of a PVC connection.

Benefits

• Enables monitoring of PVC status for network monitoring or backup applications
  
  
• Enables bidirectional communication of PVC status
  
  
• Configurable on a per-PVC basis with configurable timers
  
  

Platforms/Considerations

This feature will be supported on all Cisco router platforms that support Frame Relay.

Because of the added packet traffic of the keepalive messages, this feature will reduce the number of PVCs configurable on an interface. This issue will become significant with densities of more than 25 PVCs per port.

The default timers are 10/15 seconds for sender and receiver, respectively.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Sanjay Bhardwaj

sbhardwa@cisco.com

Security

Time-Based Access Lists

Description

Time-based access lists extend the notion of time to Cisco's access-list facility. Now, network administrators can define when the permit or deny statements in the access lists are in effect, by time of day and week, and on an absolute basis. Prior to this feature, access-list statements were always in effect when or after, but not once they were applied.

Benefits

There are many possible advantages to configuring services and access with time ranges:

• The network administrator has more control over permitting or denying a user access to resources. These resources could be an application, a server, or an on-demand link. This setup permits the network administrator to use access lists to enforce security policy by time.
  
  
• Network administrators can set time-based security policy, including:
  
  
• • Perimeter security using the Cisco IOS Firewall feature set or access lists
    
    
  • Data confidentiality with Cisco encryption technology or IP Security (IPsec)
    
    
• Policy-based routing and queuing functions are also enhanced.
  
  
• When provider access rates vary by time of day, it is possible to automatically reroute traffic as is most cost-effective.
  
  
• Network administrators can control logging of messages by time.
  
  

Platforms/Considerations

This feature is supported by all Cisco IOS platforms that support IP extended, IP named, or IPX access lists, including the following Cisco router platforms: Cisco 160x, 25xx, 26xx, 36xx, 38xx, 4x00, 52xx, 53xx, 72xx, and 75xx, the RSM 5000 and C12000.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Jocelyne Okrent

Baseline Privacy

Description

Link-layer encryption over the hybrid fiber-coax cable network

Benefits

• Prevents users with physical access to the same cable network from eavesdropping on other people's data
  
  

Platforms/Considerations

uBR7246, uBR7223.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Marketing Contact

Nicos Achilleoudis

Cisco IOS Firewall Feature Set

Description

The new release of the Cisco IOS Firewall now identifies 59 of the most common attacks, using special intrusion detection signatures to detect patterns of misuse in network traffic. The Context-Based Access Control (CBAC) engine has been expanded to identify and act upon unauthorized network activities. The Cisco IOS Firewall works as an in-line intrusion-detection sensor, watching packets and sessions as they flow through the router, scanning each to match any of these 59 signatures. The network administrator can configure Cisco IOS Software intrusion detection to alarm, drop, and reset connections for packets that match these signatures.

The Cisco IOS Firewall now includes LAN-based dynamic per-user authentication and authorization via TACACS+ and Remote Access Dial-In User Service (RADIUS) authentication servers (authentication proxy). Users can now log into the network or to the Internet via Hypertext Transfer Protocol (HTTP) and their specific access profile will automatically be downloaded, so that their appropriate access privileges are available as required. Network administrators can tie specific security policy to each user, protecting the network against a more general policy being applied across multiple users. Authentication and authorization can be applied to the router interface in either direction to secure inbound or outbound extranet, intranet, and Internet usage.

The Cisco IOS Firewall also now includes dynamic-port-mapping configurable audit trails and alerts, Simple Mail Transfer Protocol (SMTP)-specific intrusion detection, and CBAC application support for Microsoft Netshow and Microsoft Networking.

Highlights of the Cisco IOS Firewall Feature Set:

• Intrusion detection—Intrusion detection in the critical packet path provides dynamic monitoring, interception, and reporting of network attacks and misuse.
  
  
• Authentication proxy—LAN-based, dynamic, per-user authentication and authorization via TACACS+ and RADIUS authentication servers enables setting individual security policies.
  
  
• Dynamic port mapping—This feature allows CBAC-supported applications to run on nonstandard ports.
  
  
• Configurable audit trail and alerts—The Cisco IOS Firewall alerts and audit trail are now configurable on a per-application basis. Java blocking is also configurable on a modular basis.
  
  
• Improved attack detection and defense for e-mail servers—New intrusion detection is designed specifically for SMTP-oriented attacks.
  
  

Benefits

• Cisco IOS Firewall intrusion-detection technology provides additional visibility into network misuse at intranet, extranet, and branch-office Internet perimeters.
  
  
• Network administrators now enjoy more robust protection against attacks and can automatically respond to threats from internal or external hosts.
  
  
• Network administrators can now dynamically authenticate and authorize usage of extranet, intranet, and Internet resources on a per-user basis and set a more granular, per-user security policy using the Cisco IOS Firewall Feature Set.
  
  
• The Cisco IOS Firewall provides an ideal, one-box solution combining powerful security, intrusion detection, per-user authentication, authorization, VPN functionality, and multiprotocol routing.
  
  

Platforms/Considerations

The Cisco IOS Firewall feature set is available as software image option for the following Cisco router platforms: Cisco 800, 900, 1600, 1700, 2500, 2600, 3600, 7100, 7200 series. The authentication proxy and intrusion detection features are available on the following platforms only: Cisco 1700, 2600, 3600, 7100, 7200 series routers.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Jocelyne Okrent

jokrent@cisco.com

IPsec Mode Configuration

Description:

Mode configuration (mode config) is an extension to the Internet Key Exchange (IKE) Protocol. It allows the definition of a pool of locally administered addresses on the router to be distributed to remote IPsec clients. The addresses in the pool may be private because they are applied as virtual IP addresses on the remote clients. The client will still use its actual interface address as the IPsec tunnel endpoint.

Benefits

Mode config allows a network administrator to define access into the corporate network based on locally defined addresses, as opposed to client tunnel addresses, which are usually assigned randomly by a service provider. This feature is for use with the Cisco Secure VPN Client.

Platforms/Considerations

First Appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Natalie Timms

ntimms@cisco.com

IPsec Wildcard Preshared Key

Description

Allows the use of a preshared key for Internet Key Exchange (IKE) authentication when the IP address of the IPsec peer is not available to be predefined in the router configuration. The user may specify a preshared key to be used during authentication with individual hosts, all devices, or subnets of devices, by defining the address/network and subnet mask.

Benefits

Wildcard preshared key provides ease of deployment of IPsec without the need for a certificate authority (CA). This is especially relevant to supporting remote IPsec clients.

The user should be aware of the security implications of using a wildcard preshared key; particularly a key that is defined for use by any device. This means that any device/user knowing the value of the key will be authenticated. Cisco recommends that you use a strong authentication method in addition to wildcard preshared key.

Platforms and Considerations

First Appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Natalie Timms

ntimms@cisco.com

IPsec Multiple Certificate Authority Roots Support

Description

Previously, a router could only validate other devices using RSA-signatures during Internet Key Exchange (IKE) authentication if both the router and the other device had been enrolled with the same root Certificate Authority (CA). The feature allows a router to request a certificate from multiple root CAs facilitating the authentication of any other device that is enrolled with at least one of the same root CAs as that router.

Benefits

By enrolling the router with multiple root CAs, it is possible to authenticate other devices using public keys certified by different root CAs. This will be important in extranet scenarios.

Platforms and Considerations

First Appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Natalie Timms

ntimms@cisco.com

IP Payload Compression Protocol (IPPCP)

Description

When Layer 3 encryption is used, it is impossible for lower layers (such as PPP at Layer 2) to provide compression. In fact, compression of already encrypted packets usually results in expansion. IPPCP provides stateless compression to be used in conjunction with encryption services such as IPsec.

Benefits

IPPCP provides a suitable compression method to be used in conjunction with IPsec.

Platforms and Considerations

First Appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Natalie Timms

ntimms@cisco.com

Switching

IEEE 802.1Q Virtual LAN

Description

By definition, virtual LANs, (VLANs) perform network partitioning and traffic separation at Layer 2, and communications beyond a single VLAN topology requires a Layer 3 routing function. The Cisco IOS Software offers the industry's most comprehensive VLAN services, supporting multiple VLAN protocols optimized for different media—Cisco's Inter-Switch Link (ISL) for Fast/Gigabit Ethernet, IEEE 802.10 for Fiber Distributed Data Interface (FDDI) backbones, and via LAN Emulation over ATM. Software Release 12.0T adds support for the IEEE 802.1Q VLAN standard such that the IOS software is able to perform full-feature routing of 802.1Q-tagged IP and Novell Internetwork Packet Exchange (IPX) VLAN traffic on Ethernet media.

Benefits

As switched networks evolve to standards-based virtual LANs, the feature-rich Cisco IOS Software is able to provide key inter-VLAN communications for multiple protocols thus allowing the network infrastructure to scale.

Platforms/Considerations

IEEE 802.1Q VLAN routing is available across IOS-based platforms capable of supporting the appropriate media. The Cisco IOS 802.1Q support is designed to perform a VLAN routing function; therefore, it does not participate in the VLAN or Multicast Registration Protocol GARP VLAN Registration Protocol/GARP Multicast Registration Protocol (GVRP/GMRP) aspects of 802.1Q.

First appearance in a Cisco IOS Software "T" release: 12.0(1)T.

Product Marketing Contact

Martin McNealis

Token Ring MPOA

Description

Multiprotocol over ATM (MPOA) is an extension to LANE that allows LANE clients to forward unicast packets between subnets to other LANE clients. Essentially, MPOA is designed to provide inter-VLAN cut-through information from an MPOA server (MPS) to MPOA clients (MPCs) upon request.

Benefits

• MPOA increases the performance of a campus Token Ring LANE network. Traffic originating in one subnet can travel directly to another subnet over the ATM backbone without the intermediate step of going through a router
  
  

Platforms/Considerations

• Cisco 7500 with ATM Interface Processor(AIP)
  
  
• Cisco 7500 with VIP2 + PA-A1 (ATM lite PA)
  
  
• Cisco 7200 with PA-A1 (ATM lite PA)
  
  
• Cisco 4700 with ATM NPM
  
  
• Route switch module (RSM) with VIP2 + PA-A1 (ATM lite PA)
  
  
• First appearance in a Cisco IOS Software "T" release: 12.0(3)T.
  
  

Marketing Contact

ibd-pm-team@cisco.com

Token Ring over RFC 1483

Description

RFC 1483 describes a method of encapsulating multiple protocols and then transmitting them over an ATM cloud.

Benefits

• RFC 1483 can be used in smaller campus or wide-area networks to provide ATM connectivity without the level of complexity required by LANE
  
  

Platforms/Considerations

• Cisco 7500 with AIP
  
  
• Cisco 7500 with VIP2 + PA-A1 (ATM lite PA)
  
  
• Cisco 7200 with PA-A1 (ATM lite PA)
  
  
• Cisco 4700 with ATM network processor module (NPM)
  
  
• RSM with VIP2 + PA-A1 (ATM lite PA)
  
  
• First appearance in a Cisco IOS Software "T" release: 12.0(3)T.
  
  

Marketing Contact

ibd-pm-team@cisco.com

Web Cache Communications Protocol V2 (WCCP V2)

Description

The Web Cache Communications Protocol (WCCP) enables Cisco IOS routing platforms to transparently redirect content requests (such as, Web requests) from clients to a locally connected Cisco Cache Engine (or Cache Cluster) instead of the intended origin server. When a Cache Engine receives such a request, it attempts to service it from its own local cache if the requested information is present. If not, the Cache Engine issues its own request to the originally requested origin server to get the required information. When the Cache Engine retrieves the information, it forwards it to the requesting client and caches it to fulfill future requests, thus maximizing download performance and significantly reducing WAN transmission costs.

WCCP V2 provides enhancements to WCCP V1, including:

• Multihome router support which enables multiple colocated, WCCP-enabled routers to share a cache cluster
  
  
• Improved security which enables Message Digest 5 (MD5) Digital Signature Authentication (RFC 1321) to be used in Cache Engine/WCCP router communications
  
  
• Redirection of nonport 80 traffic, enabling WCCP-enabled routers to transparently redirect traffic based on any TCP port (such as, FTP and NNTP traffic), in addition to HTTP traffic; Cache Engine-side support for nonport 80 traffic will be provided in the future
  
  
• Content bypass support, which enables the router to know not to redirect the request to the Cache Engine when a Cache Engine rejects a request and sends it back to the WCCP-enabled router
  
  
• Flexible content distribution within a cache cluster, which allows various hashing parameters to be used for determining content distribution within a cache cluster
  
  

Benefits

• Multihome router support
  
  
• • Enables WCCP redundancy with the Cisco Hot Standby Router Protocol (HSRP); with this feature, a Cache Engine can be homed to multiple WCCP routers in an HSRP group, maximizing service availability as seen by clients
    
    
  • Enables a single cache cluster to be homed to multiple WCCP-enabled routers, minimizing redundant information caching, and resulting in more efficient caching
    
    
• Improved security
  
  
• • Enables MD5 Digital Signature Authentication to prevent unauthorized Cache Engine/WCCP router registration; prevents unauthorized devices from spoofing Cache Engines
    
    
• Redirection of nonport 80 traffic
  
  
• • Enables the Cache Engine system to be used more efficiently in redirecting multiple traffic types
    
    
• Content bypass support
  
  
• • Enables Cache Engines to reject certain requests and send them to the requested origin servers
    
    
• Flexible content distribution within a cache cluster
  
  
• • Enables reverse proxy applications and hot spot handling
    
    

Platforms/Considerations

2500, 2600, 3600, 4x00/M, 5200, 5300, 7200, uBR72xx, 7500, C5RSM, MC3810, and RPM

Marketing Contact

John Yen

ATM LANE Fast Simple Server Redundancy Protocol

Description

Building upon the Cisco award-winning Simple Server Redundancy Protocol (SSRP) for ATM LANE, ATM LANE Fast SSRP (F-SSRP) provides near-immediate switchover from one set of LANE servers to a backup set without the need to reestablish ATM virtual connections (VCs). Fast SSRP is backwards compatible to all SSRP "classic" clients, including any third-party LANE clients.

With F-SSRP, there is essentially N times the LANE control plane—where Fast SSRP clients essentially set up and keep live N times (where N = 2 or greater, but less than 16) the control plane VCs to N number of LANE Configuration server (LECS) and LANE Server/broadcast and unknown server (LES/BUS) pairs. This setup allows F-SSRP clients to quickly send their packets over to an alternative set of LANE control-plane VCs (hence, to another LES/BUS pair) without having to go through ATM connection setup yet again in the event of a failure or nonreachability of the primary LANE server set. While this switchover takes place, all the LANE data-direct VCs stay live, providing loss-less switchover for the LANE-client-to-LANE-client traffic.

Benefits

• Immediate switchover to backup LANE servers without needing connection setup
  
  
• Loss-less cutover for LANE-client-to-LANE-client traffic
  
  
• Effortless to deploy
  
  
• Backward compatible to Cisco SSRP
  
  
• Compatible with any third-party LANE clients
  
  
• LECS redundancy in SSRP and F-SSRP same as latest ATM Forum LANE standards
  
  

Platforms/Considerations

All LAN Emulation Clients (LECs) on the Catalyst 5000 family or the Cisco routers must run Cisco IOS 12.0(5)T or above to take full advantage of F-SSRP. Any Catalyst 8500 or LightStream 1010 switches that are to host the LANE servers in an F-SSRP network must run Cisco 12.0(5)T or above.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Badri Ramaswamy

rbadri@cisco.com

David Benham

dbenham@cisco.com

IP Multicast Multilayer Switching

Description

MultiLayer switching (MLS) is a Cisco technology that accelerates the routing of packets and reduces the load of a router by learning and establishing flow information on switch hardware and using it to switch packets at wire speed. Specifically, MLS is an interaction between a Cisco router and a Catalyst LAN switch that allows wire-rate hardware switching at Layer 3. This software adds support in the router for MLS of IP multicast packets in conjunction with the Catalyst 5000/5500 series LAN switches running software 5.1 or higher and equipped with the NetFlow feature card II (NFFC-II) supervisor daughter card.

A NFFC-II populates its flow switching cache dynamically by observing/learning the flow of a traditionally routed packet. An IP multicast flow is a unidirectional sequence of packets between a multicast source and the members of a destination multicast group. In order to perform multilayer switching, the NFFC-II must see the original packet destined for the router (a candidate) and the "routed packet" (enabler) returned from the router. When the Catalyst switch with an NFFC-II is switching IP (unicast only) or Internetwork Packet Exchange (IPX) packets, it is performing complete rewrites of the virtual LAN (VLAN) index, Layer 2 source and destination addresses, and Time To Live (TTL) and type of service (ToS) in the IP/IPX packet header, and recalculating and rewriting the IP/IPX header checksum and Layer 2 frame checksum, just as a traditional router would.

Access the following links for more information on the NFFC-II:

http://www.cisco.com/warp/public/cc/cisco/mkt/switch/cat/c5000/prodlit/nffc2_ov.htm

http://www.cisco.com/warp/public/cc/cisco/mkt/switch/cat/c4000/prodlit/909_pb.htm

Benefits

• Reduces load on router—If the router has to replicate many multicast packets to many VLANs, it can be overwhelmed as the input rate and number of outgoing interfaces increase. Having the switch replicate and forward the multicast flow reduces the demand on the router.
  
  
• Provides IP multicast scalability—A Catalyst 5000 series switch running IP Multicast Multilayer Switching provides high throughput of multicast traffic. By reducing the load on the complimentary router, more multicast flows can be accommodated.
  
  
• Provides meaningful flow statistics—IP multicast MLS provides flow statistics that can be used to administer, plan, and troubleshoot networks.
  
  

Platforms/Considerations

IP Multicast Multilayer Switching is supported on the following routers:

• External: C8500, 7500, 7200, 4700, 4500, and 3600 series router
  
  
• Internal: Route Switch Module (RSM) and Route Switch Feature Card (RSFC).
  
  

IP Multicast Multilayer Switching is supported on the following Catalyst LAN switches:

• Any Catalyst 5000 Family chassis (5000, 5002, 5505, 5509, 5500) with a Supervisor Engine II-G or III-G with 32MB or more DRAM.
  
  
• Any Catalyst 5000 Family chassis (5000, 5002, 5505, 5509, 5500) with a Supervisor Engine III, III-FLX, or III-FSX with 32MB or more DRAM and the NFFC-II hardware.
  
  

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Ben Goldman

bgoldman@cisco.com

IPX Multilayer Switching

Description

Multi-layer switching (MLS) is a Cisco technology which accelerates the routing of packets and reduces the load of a router by learning and establishing flow information on switch hardware and using it to switch packets at wire speed. Specifically, MLS is an interaction between a Cisco Router and a Catalyst LAN Switch that allows wire rate hardware switching at Layer 3/Layer 4. This software adds support in the router for Multi-layer switching of IPX packets in conjunction with the Catalyst 5000/5500 series LAN switches running software 5.1 or higher, and equipped with the NetFlow feature card II (NFFC-II) supervisor daughter card.

A NFFC-II populates its Layer 3/Layer 4 switching cache dynamically by observing/learning the flow of a traditionally routed packet. In order to perform multilayer switching, the NFFC-II must see the original packet destined for the router (a candidate) and the "routed packet" (enabler) returned from the router. When the Catalyst switch with an NFFC-II is switching IP or IPX packets, it is performing complete rewrites of the VLAN index, Layer 2 source and destination addresses and TTL and ToS in the IP/IPX packet header, and recalculating and rewriting the IP/IPX header checksum and Layer 2 frame checksum, just as a traditional router would.

Access the following links for more information on the NFFC-II.

http://www.cisco.com/warp/public/cc/cisco/mkt/switch/cat/c5000/prodlit/nffc2_ov.htm

http://www.cisco.com/warp/public/cc/cisco/mkt/switch/cat/c4000/prodlit/909_pb.htm

Benefits

• Reduced router processing for IPX-routed packets—The router is responsible for routing only the first IPX packet within a flow. Thereafter, the Catalyst LAN switch has the ability to perform MLS in hardware.
  
  
• Increased switching performance for IPX routed packets—IPX packets performed by MLS in the Catalyst LAN switch can be switched at over one million packets per second.
  
  
• Seamless integration with IP/IPX access lists—Cisco IOS Software running MLS has the ability to instruct the NFFC-II hardware via a lightweight control protocol called the Multilayer Switching Protocol (MLSP), to flush cache entries in the event of topology change or modification of access control lists. This setup enables the NFFC to enforce access control lists based on IP/IPX addresses as well as transport-layer information.
  
  

Platforms/Considerations

IPX MLS is supported on the following routers:

• External: C8500, 7500, 7200, 4700, 4500, and 3600 series routers
  
  
• Internal: Route switch module (RSM) and route switch feature card (RSFC)
  
  

IPX MLS is supported on the following Catalyst LAN switches:

• Any Catalyst 5000 family chassis (5000, 5002, 5505, 5509, and 5500) with a Supervisor Engine II-G or III-G with 32 MB or more DRAM
  
  
• Any Catalyst 5000 family chassis (5000, 5002, 5505, 5509, and 5500) with a Supervisor Engine III, III-FLX, or III-FSX with 32 MB or more DRAM and the NFFC-II hardware
  
  

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Ben Goldman

bgoldman@cisco.com

Voice

VIC-2BRI-S/T-TE

Description

The VIC-2BRI-S/T-TE connects directly to Public Switched Telephone Networks (PSTNs) and Private Branch Exchanges (PBX) and

Private Access Branch Exchanges (PABX) supporting both on-premise and off-premise connections. The VIC-2BRI-S/T-TE is a two-port ISDN, S/T, terminal side, BRI voice interface card. This voice interface card supports four voice channels in a single voice interface card via two RJ-45 physical ports. This voice interface card installs into either an NM-2V (for support of all four voice channels) or an NM-1V (for support of two voice channels).

Benefits

This new voice interface is popular in many European countries and some Asian countries. Customers with existing BRI network side interfaces on their PBX/PABXs will now be able to connect to Cisco 3600 and 2600 router gateways using this interface. They will then be able to take advantage of toll-bypass and voice-over-packet features. In addition, this new interface provides customers with the ability to connect directly to the PSTN using BRI leased connections, which are widely available throughout countries in Europe and parts of Asia.

Platforms/Considerations

• Supported on all Cisco 2600 and 3600 platforms
  
  
• Requires Cisco IOS Plus image 12.0(3)T or greater
  
  
• First appearance in a Cisco IOS Software "T" release: 12.0(3)T.
  
  

Marketing Contact

Michael Wood

SS7 for Access Servers—Cisco SC2200 Signaling Controller Protocol

Description

Common Channel Signaling #7 (Signaling System 7 [SS7]) is a worldwide standard for switch-to-switch signaling in the PSTN. The Cisco SC2200 signaling controller provides centralized functions for adding SS7 interfaces to remote access POPs. The CiscoSC2200 signaling controller works together with Cisco access servers (AS5800, AS5300, and AS5200) to create a virtual switch, which functions from a signaling perspective as a terminating and originating end-office with SS7. Cisco access servers provide the interface from the circuit-switched network to the data network. The protocol architecture for communication between Cisco's SC2200 signaling controller and access servers provides for reliable signaling over a IP infrastructure. This feature provides the control protocol for Cisco access servers to support the Cisco SS7 dial access solution.

Cisco access servers support Continuity Check (COT) through this feature, which is an automated diagnostic procedure performed in the PSTN between switches to ensure that circuits are in service and not experiencing excessive signal loss. The switch originating the call periodically tells the next switch through signaling to loop back the circuit; then the requesting switch sends a tone down the line and listens for it to return. The loopback form of COT is used on four-wire trunks. A form of COT is also used on two-wire trunks deployed on some Lucent 1AESS switches in the United States. In the two-wire case, when the originating switch sends a tone, the receiving sends a different frequency tone in response. Not all networks use COT, but, the PSTN in the United States does.

Benefits:

• Reduce network costs and interconnect at favorable tariffs by connecting to PSTN in peer-to-peer interconnect
  
  
• Scale cost-effectively to CO-sized POPs, which can be centralized or distributed
  
  
• Enable new services such as wholesale dial and access VPNs
  
  

Platforms/Considerations

The Cisco SC2200 signaling controller is required for this feature to operate. It works with the AS5800, AS5300, AS5200, and AccessPath^™ integrated access system with Cisco IOS and MICA^® software upgrades.

First appearance in a Cisco IOS Software "T" release: 12.0(3)T.

Table 4 shows COT support requirements

Marketing Contact

David LaPier

High-Density VoIP Support for the Cisco AS5300/Voice Gateway

Description

The following Cisco IOS Software 12.0(5)T-based images for the Cisco AS5300/Voice Gateway support the use of the latest AS53-VOXD voice digital signal processor(DSP) modules and voice firmware VC-SWA-4.0x, allowing up to 96 simultaneous voice calls in T1 mode, or 120 voice calls in E1 mode. In other words, with this release, the AS5300/voice system can support four full T1/E1/Primary Rate Interface (PRI) density:

Relevant Cisco IOS 12.0(5)T images:

• S53CVP-12.0.5T Cisco AS5300 series Cisco IOS IP Voice Plus
  
  
• S53BVP-12.0.5T Cisco IOS 5300 series Cisco IOS Desktop Voice Plus
  
  
• S53AVP-12.0.5T Cisco IOS 5300 series Cisco IOS Enterprise Voice Plus
  
  

The above images combined with the required voice feature cards and firmware also provide support for:

• New voice coders, including G.723.1, G.723.1 Annex A, G.726, G.728, and G.729 Annex B
  
  
• 14.4-kbps fax relay
  
  
• H.245 coder-decoder (CODEC) negotiation
  
  
• Programmable voice packet/frame sizing
  
  
• Initial/basic H.323 Version 2 interoperability
  
  
• Basic interoperability with Microsoft Netmeeting and Cisco IP phone applications.
  
  

Benefits

High-density VoIP for the Cisco AS5300/Voice Gateway offers the industry's leading performance and density. It offers excellent value/pricing, at approximately $500 per port U.S. list price. This product offers greater flexibility and important voice-related enhancements including:

• Twice the voice density 96/120 voice calls in two RU (rack-unit) space
  
  
• Even higher voice compression with G.723.1 (5.3 kbps, 6.3 kbps)
  
  
• Out-of-band dual tone multifrequency, (DTMF) which allows accessing interactive voice response (IVR) systems while using high compression
  
  
• Greater QoS manageability with variable voice packet/frame sizing
  
  
• H.323/H.245/RTP enhancements
  
  

Platforms/Considerations

• Additional voice firmware—The use of these latest AS53-VOXD-based voice feature cards also requires ordering voice feature card software, for example VC-SWA-4.0x or higher.
  
  
• Memory requirements—These latest AS53-VOXD DSP modules and Cisco IOS 12.0(5)T require that the AS5300 have 64-MB DRAM as well as 16-MB system Flash.
  
  

If upgrading field systems, use the following memory part numbers:

MEM-64M-AS53= (AS5300 main DRAM upgrade 32 to 64 MB)

MEM-16F-AS53= (AS5300 system flash upgrade 8 to 16 MB)

For more information: http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/5300/iosrn/vcwrn/rnvcw4xx.htm

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact:

Dave Gronner

dgronner@cisco.com

VoIP Enhancements for the Cisco AS5300/Voice Gateway

Description

This release supports an optional, firmware-based, CODEC feature set upgrade package, which includes new voice CODECs such as G.723.1 (5.3 kbps, 6.3 kbps) and G.728, G.726 and G.729 Annex B.

It also adds many key VoIP enhancements, including.:

• Out-of-band DTMF relay
  
  
• Variable, programmable packet sizing
  
  
• Fax 14.4-kbps support
  
  
• CODEC negotiation per H.323/H.245
  
  
• Additional IVR scripts
  
  

Benefits

• In general, this optional release and the associated voice feature card firmware provides greater feature parity between the latest high-density voice feature set for the AS5300/Voice Gateway introduced in June.
  
  
• Out-of-band DTMF relay allows the AS5300/Voice Gateway to pass DTMF digits while using high compression CODECs that may normally corrupt DTMF digits. This feature is relevant when voice-mail or IVR systems need to be accessed and controlled via user-originated DTMF digits.
  
  
• Variable packet sizing allows customers additional flexibility when weighing the benefits of network bandwidth utilization versus lowest latency (for highest quality).
  
  
• 14.4-kbps Fax-relay support provides higher-speed transfer than the previous 9.6-kbps Fax-relay CODEC supported in the previous release.
  
  
• New IVR scripts provide greater flexibility to service providers supporting two-stage calling applications.
  
  

Platforms/Considerations

This optional feature set is available for the AS5300 as a software-only upgrade, but it requires the purchase of new voice feature card firmware, p/n VC-SWA-4.0x. This firmware is relevant only to AS5300/Voice Gateways with AS53-6VOX-based voice feature cards. It requires no hardware change to existing AS5300/voice systems with AS53-6VOX-based feature cards.

For more information: http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/5300/iosrn/vcwrn/rnvcw4xx.htm

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Dave Gronner

dgronner@cisco.com

H.323 Version 2 Support

Description

H.323 Version 2 supports gatekeeper, gateway, and proxy compliance with H.323 V.2. In addition to basic H.323 v2 compliance, Gatekeeper/Proxy enhancements include:

• Support for lightweight registration
  
  
• Improved gateway selection process
  
  
• Support for single proxy scenarios
  
  

Gateway enhancements include:

• Lightweight registration
  
  
• Resource availability reporting
  
  
• Registration of E.164 addresses for FXS interfaces
  
  
• Tunneling of the Redirecting Number Information Element
  
  
• Out-of-band DTMF relay
  
  
• Out-of-band hookflash relay from IP to FXO interfaces
  
  
• CODEC negotiation
  
  

Benefits

• Interoperability with H.323V.2-compliant network elements
  
  
• Voice over IP enabler
  
  
• Lightweight registration provides a more efficient registration procedure, that requires fewer network and device resources than the reregistration process used for H.323 version 1.
  
  
• Gateway resource availability reporting allows the AS5300 gateway to inform the gatekeeper regarding the availability of its DSP and DSO channels.
  
  
• The gatekeeper selects a gateway for a call using an improved  algorithm that takes into account the resource availability and configured priority of the gateways.
  
  
• Support for single proxy configurations. Previously only two-proxy and no-proxy scenarios were supported.
  
  
• Gateway support for out-of-band DTMF relay allows the gateway to pass DTMF digits while using high compression CODECs that may normally corrupt DTMF digits. This feature is relevant when voice-mail or IVR systems need to be accessed and controlled via user-originated DTMF digits.
  
  
• Gateway support for out-of-band hookflash relay allows the gateway to pass an H.245-encoded hookflash indication from the IP network to the PTSN telephony leg of a call, if the PSTN telephony interface is FXO.  This feature is useful when a PBX or switch allows a user to access supplementary services such as call waiting by sending a hookflash indication.
  
  
• Gateway registration of E.164 addresses provides automatic registration for the addresses of devices such as handsets that are directly connected to FXS interfaces.
  
  

Platforms/Considerations

This feature is supported on C2500, 2600, 3600, 3810, 5300, and 5800 platforms.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Sandeep Chawla

schawla@cisco.com

Settlement for Packet Telephony

Description

Open Settlement Protocol (OSP) Clearinghouse solution for Cisco Packet Telephony Gateway allows smaller service providers to exchange traffic with other service providers without establishing multiple bilateral peering agreements.

The Cisco Open Settlement Protocol (OSP), a protocol approved by the European Telecommunications Standards Institute (ETSI) Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON), allows service providers with Cisco packet telephony gateways to join an OSP-compliant clearinghouse such as Gric Communications and allows the clearinghouse providers to provide services such as call authorizations, call routing, and call accounting and settlement.

Network providers with multiple partners can acquire system and services from TransNexus to provide OSP-compliant clearinghouse and settlement services to their partners.

Benefits

• End-to-end VoIP support
  
  
• Cost-effective worldwide calling coverage
  
  
• Guaranteed settlement of authorized calls by the clearinghouse service provider
  
  
• Incremental revenue increase by terminating calls from other service providers
  
  
• Simplified business and credit relationships
  
  
• Outsourced complex rating and routing tables
  
  
• Flexibility in selecting appropriate termination points
  
  
• Secure transmission using widely accepted encryption protocols for sensitive data
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Yong Lee

yonglee@cisco.com

Prepaid Calling Card via Packet Telephony

Description

Prepaid Calling Card enables Internet telephony service providers (ITSPs) to provide distributed prepaid calling card service from the voice over IP (VoIP) gateways. This feature and RADIUS-specific enhancements also support vendor specific attributes (VSA).

The feature works in tandem with the Cisco interactive voice response (IVR) feature. The IVR voice scripts have been modified to use tool command language (TCL) scripts.

The feature components consist of IVR functionality in Cisco IOS Software that works in connection with an integrated third-party billing system. This includes the ability to maintain per-user credit balance information via a RADIUS interface to the Cisco IOS Software. When these features are implemented, the billing system and IOS software functions enable a carrier to authorize voice calls and to debit individual user accounts in real time at the edges of a VoIP network, without requiring external service nodes.

A general interactive voice response software infrastructure allows combining prerecorded audio files to play the dollar amount of credit remaining, the time and date, and other prerecorded audio files. This features a command-line interface to support the audio files and TCL scripts to use this infrastructure. The dynamic creation of the audio files by combining prerecorded audio pieces is limited to playing out dollar, time, and day information.

The prepaid calling card feature interfaces with VSAs that are programmed to interoperate with the RADIUS server. Cisco has VSA support from most major RADIUS server vendors.

Benefits

• The Cisco prepaid calling card application makes deployment of a prepaid calling card economically feasible in a network that includes a small point of presence (POP).
  
  
• It enables service providers to receive revenue from prepaid calling cards sold to quickly subsidize cost of operation.
  
  
• The addition of Toolkit Command Language (TCL), a programmable scripting language, allows the separation of the Cisco IOS Software and the IVR feature software. This allows a quicker turnaround for additional TCL scripts development and a vast reduction in memory requirements.
  
  
• It works with standard RFC 2138 and 2139 for RADIUS protocol, a widely adopted protocol to communicate with billing server.
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Yong Lee

yonglee@cisco.com

Voice over IP QSIG Network Transparency for Cisco AS5300

Description

QSIG Private Network Transparency provides the Cisco AS5300 the capability to relay QSIG messages transparently across H.323 VoIP networks for inter-PBX/KTS signaling. The feature also provides the ability for interworking between non-QSIG signaling (for example, E&M, R2, Q.931) and QSIG signaling for basic calls.

QSIG Transparency provides support for ISDN supplementary features such as call waiting and caller identification delivery. The feature supports ISDN supplementary services defined by ECMA-141, QSIG Data Link Layer and Standard-142, and QSIG Basic Call Control by providing network feature transparency.

PBXs supported by QSIG Transparency are Siemens Hicom, Ericson MD110, NorTel Meridian 1 and SL-1, Lucent Definity, Matra 6501R, and Bosch I33. The feature provides message and parameter configuration flexibility to support all of the above-mentioned PBX vendors, as well as other vendors (nontested configurations).

Benefits

• Enhances the inherent advantages of VoIP by providing access to the rich ISDN supplementary feature set.
  
  
• Provides ISPs the capability of supporting Private Network (PN) services over VoIP for Enterprise customers.
  
  
• Eliminates the need for dedicated signaling links by providing a virtual signaling network (essentially toll bypass).
  
  
• Interconnect with Siemens Hicom, Ericson MD110, NorTel Meridian 1 and SL-1, Lucent Definity, Matra 6501R and Bosch I33 PBXs.
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Domenic Costanzino

dcostanz@cisco.com

AS5800/Voice Gateway

Description

The AS5800/Voice Gateway converts and routes voice and fax calls between traditional circuit switched networks and packet switched networks. When equipped with AS5800 Voice Feature Cards (TI C549 DSP-based Voice Feature Card) and H.323 voice enabled Cisco IOS feature license, the AS5800 serves as a high-performance, carrier-class, H.323 compliant voice gateway. In other words, it provides the conversion and routing of voice and fax calls between central office (CO) switches/PBXs and IP networks for service provider and enterprise applications. Although Cisco offers a variety of voice gateway solutions for carrying voice over IP, ATM, and Frame Relay networks, the AS5x00 are specifically designed and optimized for IP applications.

Major features include:

• Up to 1344 VoIP calls, in a split dial shelf configuration with voice activity detection (VAD)/silence suppression turned on
  
  
• Multiple voice coders-including G.723.1, G.729a, G.726, G.728 and the existing G.711 and G.729
  
  
• Fax relay up to 14.4 Kbps
  
  
• Codec negotiation
  
  
• Configurable packet/Frame sizing
  
  

For more information, please access the Cisco AS5800 data sheet located at: http://www.cisco.com/warp/public/cc/cisco/mkt/access/accserv/5800/prodlit/a58vg_ds.htm

Benefits

• Carrier-Class Scalability and Reliability—The AS5800/Voice Gateway is a carrier-class packet telephony system that supports from 192 to 1344 VoIP ports while offering high availability of service (99.999 percent). The system also supports hot-swap for any card, power supplies and the blower system, redundant power supplies, redundant blowers, and redundant digital signal processors (DSPs).
  
  
• Toll-Quality Voice—Toll quality voice offers service providers a transparent migration from PSTN to packet telephony services.
  
  
• New Packet Telephony Features and Services—Variety of coding algorithms, including G.711, G.729, G.729a, and G.723.1, on any port and at any time, coupled with comprehensive packet telephony features, facilitate services such as toll bypass, universally accessible voice-mail and fax-mail, PSTN voice- and fax-traffic offload, aggregation for intracompany phone calling and faxing, phone to phone through PBXs and key systems, real-time fax to fax, computer-phone to PSTN, computer-phone to computer-phone, and many other features.
  
  
• Interoperability with H.323 GateKeepers—Provides increased system reliability and scalability through gateway selection and dynamic routing capabilities, simplifies dial map and system configurations, enables effective billing.
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Michael Segal

msegal@cisco.com

Digital T1 Packet Voice Trunk Network Module

Description

The Digital T1 Packet Voice Trunk Network Module provides a flexible and scalable T1 voice solution for Cisco 2600 and 3600 series multiservice modular access routers and supports up to 60 voice channels in a single network module. A single packet voice trunk network module supports both on-premise and off-premise connections to both private branch exchanges (PBXs) and Public Switched Telephone Networks (PSTNs).

For enterprise branches and large businesses wanting to migrate to packet-based multiservice infrastructures, the Digital T1 Packet Voice Trunk Network Module leverages investments in existing legacy telephony equipment and enables the deployment of new packet voice applications while reducing recurring telephony charges.

The Digital T1 Packet Voice Trunk Network Module uses a real-time CPU and powerful DSPs which support all functions needed to provide the highest levels of voice fidelity and quality, eliminating the processing burden from the Cisco 2600 or 3600s main CPU. These DSPs can be scaled to support from six to 60 voice channels in a single network module using a number of different voice compression algorithms. The packet voice trunk network module uses MultiFlex Voice/WAN interface cards (VWICs), which offer single- and dual- port T1 and E1 interfaces for additional versatility and scalability. This flexibility allows voice and fax traffic to travel cost-efficiently across a user's WAN or directly over the PSTN.

The Digital T1 Packet Voice Trunk network module combined with the Cisco 2600/3600 series multiservice access routers makes an ideal single-box solution for packetized voice in branches and regional offices. Up to six packet voice trunk network modules can be configured in a single modular access router, supporting from six to 288 voice channels. Now, enterprise offices of several hundred users can deploy multiservice networking using a single-box solution. Service providers providing data and telephony managed services can connect a single platform to their central offices or points of presence (POPs) with a single high-speed data connection. The packet voice trunk network modules seamlessly interoperate with smaller and larger multiservice platforms from Cisco.

The Digital T1 Packet Voice Trunk Network Module provides an ideal migration path to a multiservice network. Customers can gradually shift voice traffic from traditional circuit-switched networks to a single infrastructure carrying data, voice, and video over packet networks without replacing any legacy PBX and key communication system equipment. The network module can also provide the gateway or portal to the PSTN for Cisco IP phones, which can be used in conjunction with legacy equipment.

The Digital T1 Packet Voice Trunk Network Module provides:

• A gateway interface to PBXs to route voice along with data and video over a single data infrastructure
  
  
• A gateway to the PSTN, allowing users to gain access to the public telephone network to and from legacy PBX, phone, fax, key communication systems, and Cisco IP phones.
  
  

For additional details on this product refer to the following URL: http://www.cisco.com/warp/public/cc/cisco/mkt/access/2600/prodlit/st1e1_ds.htm

Benefits

• Circuit Switched Leased Line Replacement—businesses incur significant recurring monthly costs for leased lines purely for the interconnection of telecom PBXs and switches. This product allows enterprises to remove costly rigid-bandwidth leased lines and replace them with flexible bandwidth lines for carrying data, voice, and video.
  
  
• Open Settlement Protocol Support (OSP)—provides the ability to settle account billing between service providers who are sharing resources to expand geographical coverage using third-party tools and standards-based OSP.
  
  
• Gateway for legacy PBXs, Phones, Fax Machines, and Key Communication Systems to PSTN—enables a connection for incoming and outgoing calls to and from the PSTN originating from and destined for legacy PBXs, phones, fax machines, and key communication systems connected to a data, voice, and video infrastructure.
  
  
• Any Call to Any Call with End-to-End Interoperability—interoperates with Cisco IP phones, analog phones, fax machine connections, and PBX connections to and from any other Cisco voice-enabled product.
  
  
• Toll Bypass—reduces or eliminates toll charges assessed by long distance and local carriers by transporting voice and fax traffic across the enterprise intranet, LAN, metropolitan-area network (MAN), or WAN.
  
  
• Authentication, Authorization, and Accounting (AAA)—supports debit and credit card (prepaid and postpaid calling card) applications.
  
  
• Scalable from six to 60 Voice Channels—the network module scales using from one to five 12-channel packet voice DSP module (PVDM-12) upgrade SIMMs to support from six to 60 voice channels.
  
  
• Platform Voice Scalability to 288 Voice Channels—enables Cisco 2600 or 3600 series modular access routers to scale from six to 288 voice channels in a single multiservice router solution.
  
  
• Voice over IP—transmit data, voice, and video across a single Frame Relay, ATM, ISDN, channelized, or multilink point-to-point protocol (MLPPP) network (voice over Frame Relay will be supported at the end of Q4 CY'99).
  
  
• Connection Trunk—creates a tie-line replacement structure and only consumes bandwidth during a call (digital-to-digital, digital-to-analog, or analog-to-analog capabilities).
  
  
• Off-Premise Extension (OPX)—extends the capability of legacy PBX to off-premise phones.
  
  
• Voice Activity Detection (VAD)—consumes bandwidth during a call only when there is voice traffic to send (silence suppression).
  
  
• Interactive Voice Response Support (IVR)—provides automated-attendant, voice-mail support, and call routing based on desired service.
  
  
• Drop and Insert—performs add/drop multiplexing for voice within a dual-port voice network module. Eliminates the need, maintenance, support, and expense found when using an external add/drop multiplexer.
  
  
• Fax Support—transmit group III fax over any voice channel without sacrificing voice processing resources regardless of compression type.
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Michael Wood

mikewood@cisco.com

One- and Two-Port T1/E1 Multiflex Voice/WAN Interface Cards

Description

The Cisco one- and two-port T1/E1 Multiflex Voice/WAN interface cards (Multiflex VWICs) support voice and data applications in Cisco 2600 and 3600 multiservice routers. The Multiflex VWIC combines WAN interface card and voice interface card (VIC) functionality to provide unparalleled flexibility, versatility and investment protection from its many uses. Customers who choose to integrate voice and data in multiple steps preserve their investments in T1/E1 WAN interfaces because the Multiflex VWIC can be reused in packet voice applications.

The T1/E1 Multiflex Voice/WAN Interface Cards are offered in single and dual port versions, which can be used and then redeployed as network requirements change, thereby addressing several applications:

• Data—as a WAN interface card for T1/fractional T1, and E1/fractional E1 applications. To simplify remote management issues, the T1 version integrates a fully managed data service unit/channel service unit (DSU/CSU), and the E1 version includes a fully managed DSU.
  
  
• Packet Voice—as a VIC for the Digital T1/E1 Packet Voice Trunk Network Module to provide T1 connections to PBXs and central offices (COs) enabling new services and reducing voice/fax toll charges. Similarly, E1 versions of the Multiflex VWIC will provide the PBX and CO connectivity to address E1 packet voice applications.
  
  
• Multiplexed Voice/Data—as a dual port T1 or E1 Drop and Insert Multiplexer with integrated DSU/CSUs, reducing the complexity and number of network components and facilitating a graceful migration to bandwidth-efficient packet voice.
  
  

Benefits

Reduces networking lifecycle costs

• Enables graceful migration from data-only to multiplexed voice and data to packetized voice applications
  
  
• Reduces training, deployment, management and sparing inventory over single purpose interfaces
  
  

Maximizes investment protection

• Multifunction support for LAN to LAN routing, multiplexed voice and data, and packetized voice
  
  
• Modules shared between Cisco 2600 and Cisco 3600 series
  
  
• E1 versions support both balanced and unbalanced modes
  
  

Improves branch-office network manageability and reliability

• Eliminates costly external third-party CSU/DSUs and drop and insert multiplexers
  
  
• Simplifies remote network management by allowing a single management tool such as CiscoView or CiscoWorks to support router and CSU/DSU
  
  
• Drop and insert multiplexer
  
  

Maximizes system resources

• Increases T1/E1 port density supported on Cisco 2600
  
  
• Enables new Cisco 2600 configuration possibilities by permitting two T1/E1 connections to be supported in a single WAN interface card slot
  
  
• Easy migration to bandwidth-efficient packet voice, enabling new services
  
  

Customers who choose to integrate voice and data in stages preserve their investments in WAN interfaces. For example, the Multiflex VWIC can support data-only applications as a WAN interface on the Cisco 2600, then be reused to integrate voice and data with the Drop and Insert multiplexer functionality and/or configured to support packetized voice (voice over IP [VoIP] or voice over Frame Relay [VoFR]) when in the Digital T1/E1 Packet Voice Trunk network module.

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact:

Kip Sides

ksides@cisco.com

WAN Optimization

Frame Relay ATM Services Interworking—FRF.8

Description

FRF.8, commonly referred to as service interworking, is new to the Cisco MC3810 as of the Cisco IOS release 12.0(7)T. The complete suite of FRF.5 and FRF.8 features, including bit mapping functionality in FRF.5, is platform-specific and currently available only on the MC3810. A nonplatform-specific implementation of FRF.5 and FRF.8 is under development for future Cisco IOS releases.

Service interworking connects a Frame Relay network to an ATM network while the networks function independently, allows bidirectional PVC protocol conversion functions, and provides a standards-based solution for service providers, enterprises, and end users.

Benefits

• Allows service providers to seamlessly offer managed services across disparate network environments.
  
  
• By providing FRF.8 at the edge, service providers can maintain a homogenous ATM core and eliminate delay introduced by encapsulation and protocol translation at the core.
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact

Teresa Newell

tnewell@cisco.com

WAN Services

ATM Switched Virtual Circuits (SVC) for Data, Voice and Video

Description

The ATM Switched Virtual Circuits (SVCs) for data, voice, and video is now supported on the Cisco MC3810. The voice capability of the ATM SVC set up a new SVC on the WAN every time a voice or data connection requests a call setup. When the connection is terminated, the WAN SVC is torn down. Prior to IOS 12.0(7)T release, the MC3810 supported H.320 (synchronous) video by using a V.35 synchronous connection to the video codec from the serial port, taking the video stream and encapsulating it in ATM AAL1 structured-CES cells, then queuing and transmitting it from the T1/E1 Multiflex trunk on an ATM PVC. The new features add signaling (on a separate physical path) to allow call setup and tear-down. Note that the video traffic follows the same path and the same encapsulation as before.

Benefits

• ATM SVCs provide a cost-effective way to improve bandwidth efficiency. Network bandwidth is used and reserved as needed, and does not require a large number of permanent virtual circuit reservations.
  
  
• ATM SVCs allow each call to be directly connected to its destination, eliminating tandems through intermediate routers, as would be required in large PVC-based networks.
  
  
• The ATM SVC feature saves time and money by simplifying network configuration.
  
  
• The feature also improves permanent virtual circuit (PVC) support by permitting PVC connections with automatic connection through a serial port.
  
  

Platforms/Considerations

First appearance in a Cisco IOS Software "T" release: 12.0(7)T

Marketing Contact:

Teresa Newell

tnewell@cisco.com

Web Scaling and Reliability

DistributedDirector

Description

Cisco DistributedDirector provides dynamic, transparent, and scalable Internet traffic load distribution between multiple topologically dispersed servers. DistributedDirector is the only global Internet service scaling solution that utilizes Cisco IOS Software and leverages routing table information in the network infrastructure to make "network-intelligent" load-distribution decisions.

Using routing table intelligence in the network infrastructure, DistributedDirector transparently redirects end-user service requests to the closest responsive server, as determined by client-to-server topological proximity or client-to-server response times, resulting in increased access performance seen by the end user and reduced transmission costs.

Benefits

DistributedDirector provides increased access performance seen by the end user and reduced transmission costs. Users need only a single subdomain name or Universal Resource Locator (URL)-embedded host name for accessing a distributed set of servers, thus providing the appearance of a single virtual server. This scenario eliminates the need for end users to choose a server from a list of possible sites. Because DistributedDirector localizes traffic to Internet servers, end users benefit from improved access performance and reduced transmissions costs, especially in dial-on-demand routing (DDR) environments.

DistributedDirector:

• Provides scalable, transparent, and cost-effective IP service distribution across globally dispersed servers
  
  
• Makes "network intelligent" Internet traffic load distribution decisions
  
  
• Improves end-to-end access performance
  
  
• Enables transparent distribution of all common TCP and UDP network services, including Hypertext Transfer Protocol (HTTP), FTP, Telnet, TN3270 server, and so on
  
  
• Reduces transmission costs by localizing Internet traffic
  
  
• Minimizes time and cost associated with providing global mirroring services
  
  
• Enables many distributed servers to be transparently accessed with a single virtual DNS hostname, thus maximizing ease of accessing globally distributed network services
  
  
• Eliminates the need for end users to choose a server from a list of possible sites
  
  
• Maximizes IP service availability by directing client traffic away from offline servers to online servers. Offline or otherwise nonresponsive servers are automatically identified as unavailable and are automatically reinstated as available when they again become online
  
  
• Enables servers to be added and removed transparently
  
  
• Serves multiple domains seamlessly from a single DistributedDirector
  
  
• Is not a proxy server; does not require special client or server software
  
  

New Features in 12.0(3)T

• Support for DNS mail exchange (MX) resource records (RRs) enables load distribution of SMTP-based e-mail services
  
  
• The "eight IP addresses per virtual host name" limitation has been lifted. An unlimited number of servers can now be associated with a given virtual host name
  
  
• The "policy redirection" feature enables the DistributedDirector to direct IP service requests to a single server or distribute load across a subset of servers based on client IP address and mask
  
  

Platforms/Considerations

DistributedDirector is available only as a hardware+software bundle on the Cisco 2501, 2502, and 4700M routing platforms. DistributedDirector is not available as a software-only upgrade to existing Cisco router platforms.

DistributedDirector is not a router. DistributedDirector's Cisco IOS system software does not support routing functionality. DistributedDirector is a device dedicated for DNS query processing or HTTP redirection; it is not a router.

Marketing Contact

Kevin Delgadillo

Network Director Forwarding Agent

Description

Network Director (ND) is the newest member of the Cisco family of load-balancing products. DistributedDirector delivers geographical load balancing based on network topology and traffic patterns, LocalDirector performs IP server load balancing for small to medium-sized Web sites, and Network Director fits the needs of the large enterprise Web site and IBM Parallel Sysplex data center.

ND is an IP server load-balancing solution that distributes load-balancing capabilities across any number of routers, enabling the highest levels of availability, scalability, and performance for server applications. ND consists of software running on Cisco routers and switches, the Cisco LocalDirector, and application server platforms. ND is designed to fit the needs of the large Web site and IBM Parallel Sysplex data center, which requires high availability and scalability for new e-commerce and Internet business applications.

Benefits

• Availability—Using ND there is no single point of failure for application platforms or load-balancing devices. Multiple servers running application peers can provide continuous application availability, and the distributed balancing architecture feature of ND (MNLB or multinode load-balancing architecture) spreads the load-balancing function across multiple Cisco IOS platforms.
  
  
• Scalability—As traffic grows, MNLB allows the network designer to add Cisco IOS load-balancing devices without any network redesign. New virtual addresses are not required with the addition of new load-balancing capacity, enabling much simpler network growth.
  
  
• Application Awareness—Using dynamic server feedback, Network Director can select the optimum server. Given feedback on server work capacity and application awareness, the ND chooses the server that is most capable of satisfying the client request and delivers the best response times.
  
  
• Efficient Use of Server Resources—Network Director makes load-balancing decisions based on either dynamic server feedback or internal algorithms. The flexibility and scope of the decision methods of ND enable the most efficient use of server resources, delaying server upgrades and outages.
  
  

Platforms/Considerations:

The Forwarding Agent runs on the following: C7100, C7500, C7200, C4x00, andC3600. Cat5000 RSM is only supported if it does not have a Netflow Feature Card.

First appearance in a Cisco IOS Software "T" release: 12.0(5)T.

Marketing Contact

Rod Starrett

rstarret@cisco.com

Bret Cunningham

Bretc@cisco.com

Hardware

Cisco 7576

Description

The Cisco 7576, an extension of the industry-leading Cisco 7500 series router, is designed to meet the price and performance, requirements of service provider and enterprise customers. It features greater density, performance, and system availability, while maintaining compatibility with the existing set of Cisco 7500 router interface processors.

Both routers within the Cisco 7576 are fully autonomous, and function as independent routers. This separation is achieved through a split backplane design, with each half supporting a separate set of independent Route Switch Processors (RSP-4), interface processors, port adapters, and Cisco IOS Software images. The arbiter of the chassis is logically separated, and the Cisco 7576 power-supply-system load share across both backplanes is a fully redundant configuration.

Because both routers within the Cisco 7576 are totally independent, there is no software dependency between them, allowing customers to install and test updated versions of Cisco IOS Software on one router before deployment.

All existing Cisco 7500 series Interface Processor modules, VIP modules, and their PAs are fully compatible with the Cisco 7576 router.

Benefits

• Maximizes usable router slots in high-density, high-performance configurations
  
  
• Provides more high-speed ports within a single Cisco 7513 router chassis footprint
  
  
• Highly efficient backplane bandwidth utilization
  
  
• Maximizes port density, while minimizing closet and rack space
  
  
• Maximizes system performance and allows router to scale up
  
  
• Increases availability for fast cutover to a backup router in the event of a system or link failure
  
  
• Assures compatibility with existing Cisco 7500 series modules
  
  
• Increases available connectivity for ports and router without compromising performance
  
  
• High reliability with redundant system (AC or DC)
  
  
• Extends individual power-supply life through load sharing
  
  
• Independent router design minimizes effects of router downtime
  
  
• Allows seamless upgrades to higher density and new interface processors without rebooting or taking the system off line
  
  

Platforms/Considerations

Software for this platform first appeared in the Cisco IOS Software Release 12.0T.

Marketing Contacts

Bob Berlin

Mark Jansen

Cisco 800 Series Router

Description

The Cisco 800 series router, the entry-level platform containing Cisco IOS technology, extends the industry-leading capabilities of Cisco IOS Software into small offices (up to 20 employees) and corporate telecommuter sites. Cisco 800 series routers link small offices and corporate telecommuters with Ethernet LANs to the Internet or a corporate LAN using ISDN connections. With this new router series, Cisco Systems provides new and enhanced capabilities in a cost-effective, compact access router, including security, easy setup, low cost of ownership, safe investment, and all-in-one functionality.

The Cisco 800 series includes four router models and a choice of software feature sets. The Cisco 801 model provides an ISDN BRI S/T interface for use worldwide, and the Cisco 802 adds an integrated NT1 network termination device for use in North America. The Cisco 803 and 804 models add a four-port Ethernet hub and two RJ-11 interfaces for telephone devices such as phones, fax machines, and modems.

Benefits

The Cisco 800 series router provides small offices and corporate telecommuters essential benefits such as end-to-end security, enhanced Internet access, and reduced cost of ownership. Together, these benefits enable small offices to easily connect to the Internet and allow corporate telecommuters to access a corporate LAN. Ease-of-use and "plug-and-play" features (such as color-coded cabling) make it possible for nontechnical personnel to quickly install and configure Cisco 800 series routers.

Platforms/Considerations

Software for this platform first appeared in the Cisco IOS Software Release 12.0(3)T.

Marketing Contact

Kathy Small

Cisco 2620 and 2621

Description

10/100-Mbps autosensing Ethernet modular access router (Cisco 2620)

Dual 10/100-Mbps autosensing Ethernet modular access router (Cisco 2621)

Benefits

• Cisco Systems extends enterprise-class versatility, integration, and power to branch offices with the Cisco 2600 series modular access router series
  
  

  The Cisco 2600 series shares modular interfaces with the Cisco 1600, 1700, and 3600 series, providing a cost-effective solution to meet today's branch office needs for applications such as:

• Secure Internet/intranet access with firewall options
  
  
• Multiservice voice/data integration
  
  
• Analog and digital dial access services
  
  
• VPN access
  
  

  Additionally, the Cisco 2620 and 2621 deliver higher performance, delivering up to 25-kpps LAN-to-LAN routing and supporting Inter-Switch Link (ISL) and 801.q virtual LANs(VLANs).

Platforms/Considerations

Each platform has one or two (Cisco 2620 and 2621) 10/100-Mbps autosensing Ethernet ports, two WAN interface card slots, one network module slot, and one advanced integration module (AIM) slot.

Software for this platform first appeared in the Cisco IOS Software Release 12.0(3)T.

Marketing Contact

Bob Beliles

Cisco 3660 Series

Description

The Cisco 3660 provides unprecedented versatility for integration of data, voice, and dial within the same infrastructure. The built-in components on the motherboard, including a LAN port, two advanced integration module (AIM) slots, and hardware-based encryption/compression, free all six module slots to enable higher densities of LAN/WAN or multiservice capabilities. The network modules, common across Cisco branch-office router products, protect customers' existing investment and provide room for expansion with future applications.

Benefits

The Cisco 3600 series uses a single device to provide multiservice (data, voice, and dial) applications and services. The Cisco 3660 series family of integrated, modular communication platforms protects existing equipment investment and permits scalability to higher densities as a result of integrated components and additional port slots.

Platforms/Considerations

Software for this platform first appeared in the Cisco IOS Software Release 12.0(5)T.

Marketing Contact

Sanjay Pol

spol@cisco.com

Cisco 3662-DC-CO

Description

The Cisco 3662-DC-CO is a versatile, Data Communications Network (DCN) access platform that is a fully Network Equipment Building Systems (NEBS) Level 3-compliant device for service providers. Cisco 3662-DC-CO bridges the gap between the old world of legacy X.25 and asynch connectivity in their central offices to the new world of Ethernet-based IP in a single DCN platform. This access platform is specifically designed to scale with the rapid growth of Synchronous Optical Network/Synchronous Digital Hierarchy (SONET/SDH) network elements (NEs) in service-provider networks and provide the connectivity of the NEs to the DCN for their central Operation Support Systems (OSSs).

Benefits

Cisco 3662-DC-CO, enables one to cost-effectively implement a NEBS Level 3-compliant DCN solution that connects legacy X.25 and async networks to open Ethernet-based IP networks, to scale the SONET/SDH Open System Interconnection (OSI) telco equipment, and reduce the complexity of managing the networks.

Platforms/Considerations

Information on the Cisco IOS feature sets required to run the Cisco IOS Telco DCN solution is available at http://www.cisco.com/warp/public/cc/cisco/mkt/ios/tech1/telcs_ds.htm

Software for this platform first appeared in the Cisco IOS Software Release 12.0(5)T.

Marketing Contact

Sanjay Pol

spol@cisco.com

Catalyst 2900 Series XL ATM Module

Description

The Catalyst 2900 series XL ATM module provides software support for the new OC-3 ATM modules for the Catalyst 2900 series XL desktop switches.

Benefits

• OC-3 signaling compatibility
  
  
• ATM Forum LAN Emulation (LANE) 1.0 support
  
  
• Support for RFC 1483
  
  

Platforms/Considerations

Software for this platform first appeared in the Cisco IOS Software Release 12.0(5)T.

Marketing Contact

Ishmael Limkakeng

ilimkake@cisco.com

Cisco 805 Router

Description

The Cisco 805 provides small offices with secure and reliable Internet access via Frame Relay, leased line, X.25, or asynchronous dialup.

The Cisco 805 serial router is ideally suited for small offices of up to 20 employees needing to connect multiple PCs to the Internet via a single serial line such as Frame Relay, leased line, X.25, or asynchronous dialup. The new router features an Ethernet port and one serial port that supports synchronous serial up to 512 kbps or asynchronous serial dialup with an external modem. The Cisco 805 is a fixed configuration, single WAN connection and single Ethernet connection, with one console port.

Benefits

• Enhanced Security—Cisco IOS security features provide small offices with a complete range of security options. Basic security features include access control lists (ACLs), Lock and Key, route and router authentication and generic route encapsulation (GRE) tunneling. The Cisco 805 also has enhanced security features such as the Cisco IOS Firewall Feature Set and industry-standard IPsec, which will be available on the 805 in Cisco IOS Release 12.0(7)T and later.
  
  
• Superior Reliability—Based on the same proven Cisco IOS technology that powers 80 percent of the Internet, the Cisco 805 is a router that small offices can depend on day after day, year after year.
  
  
• Safe Investment—Field-expandable DRAM and Flash memory allows small offices to take advantage of new Cisco IOS feature enhancements. In addition, the Cisco 805 has an advanced hardware architecture, allowing support for processor intensive applications.
  
  

Platforms/Considerations

Software for this platform first appeared in the Cisco IOS Software Release 12.0(7)T.

Marketing Contact

Kathy Small

ksmall@cisco.com

Route Switch Processor 8

Description

The next-generation route switch processor (RSP8) provides improved performance for Cisco 7500 series routers, providing more than 30 percent increase in switching performance, along with increased packet memory, configuration, and boot Flash memory sizes. Ideally suited for nondistributed switched (xIP-based) Cisco 7500 systems, the RSP8 also features single-error correction, double-error detection (SECDED), and ECC support for DRAM accesses.

Based on the MIPS RM7000 series RISC processor and custom ASICs, the RSP8 is responsible for performing several tasks associated with system maintenance, routing, and switching. System maintenance tasks include environmental monitoring and maintaining configuration registers and packet memory. The route server functionality of the RSP8 includes tasks such as determining internetwork topology, creating and maintaining routing tables, responding to routing update requests, controlling configuration, and maintaining network interface statistics.

Benefits

• System acceleration for legacy, xIP-based systems
  
  
• Increased capacity to service large, complex networks
  
  
• Error-correction control on memory paths
  
  

Platforms/Considerations

Software for this platform first appeared in the Cisco IOS Software Release 12.0(7)T.

Marketing Contact

Robert Berlin

bberlin@cisco.com