This use case solves the problem of “equipment bloat” at the edge between an educational institution and its National Research Network (NREN). In order to properly manage the connection between provider and client, it is common for an NREN to deploy routers at the client site. This allows the NREN to separate the two networks in a clean way, manage the connection all the way down to the CPE device and to accommodate the client’s specific requirements without impacting on other clients’ networks.
However, over the last decade, as the services deployed have become more sophisticated and reliability has become crucial, the amount of equipment deployed at this network edge has increased considerably. By virtualizing the Client Premises Equipment (CPE) routing function, the goal is to reduce the amount of equipment deployed by the NREN, while simultaneously increasing the amount of control the customer has over this device that forms a part of their network edge.
On a CPE device, the interface toward the provider is well known and generally standardized, with an IP connection over an interface, which is routed using static routes or BGP. The interface toward the client institution is much more flexible; it’s effectively a part of the client’s network and in some way has to conform to that network. However, since both interfaces are provided on a single device, inevitably either the provider or the customer must manage an interface that the other is responsible for. So while reducing the amount of physical equipment, we also take the opportunity to make a better way to manage this separation between client and provider.
The first goal is to reduce the equipment deployed at the customer-provider edge. A common layout (per Figure 1) is:
- one or two firewalls or routers (operated by customer)
- one or two client LAN switches (operated by customer)
- one or two CPE routers (may be operated by the NREN or by the customer)
- one or two provider service switches (operated by NREN)
- possible transmission equipment (operated by NREN or third part telecoms provider)
Figure 1. Traditional topology for a CPE
This use case scenario removes the CPE routers at each client, implementing this function on separate aggregating routers closer to the core. Routing separation is carried out on the aggregating routers, and management is performed toward both the aggregating routers and the provider service switch which remains on site. See Figure 2.
Figure 2. Virtual CPE