MPLS VPN

Data Network - Do it all by yourself

Call Center

Leased Lines
VSAT
Internet
IP-VPN

Internet

Data
Center

A Network you can plug into - to

bring your biz entities on-line with
your IT apps
Call Center

Terabit MPLS
Network with All
India Reach

Own/
3rd Party
Data Center
ERP
CRM
E-mail
Supply Chain Mgt
Intranet Portal

Wired
Wireless

VPN

A Virtual Private Network constructed over shared

infrastructure
Virtual Not a separate physical network, but
appears to be one
Private - Separate addressing and routing
Network
Supplier
Factory

Shared
Infrastructure
Corporate
HQ

Branch
Mobile User

A partitioned private network over common shared IP backbone

using technologies to ensure privacy of data either self-provided or
provided by Service Provider

VPN Requirements

Extend Corporate Network

Reduce Hardware costs by decreasing termination ports
Prioritization of applications like voice/video
Integrate Suppliers and Customers to Corporate Network
Remote Access from anywhere, anytime

Business

Supplier
Shared
Infrastructure
Corporate
HQ

Factory

Branch

Mobile User
Scalable and Flexible
Predictable performance and pro-active management
Highly secure in conformation to world standards
Ability to support Private Addressing
Ability to support Convergence

Technical

MPLS Building Blocks

LSP

PE

CE

CE Customer Edge router

Metro Ethernet, Leased
Line

P Provider router
Forward packet based on
label
Swaps label
(label-in, label-out)

PE Provider Edge router

Assigns Labels
Associates CE with
customers VPN

Label switched path (LSP)

LDP/RSVP
Path between ingress and
egress PE

MPLS Packet Forwarding

Forward based on
destination IP

192.168.2.0

192.168.1.0

192.168.1.1
IP Packet

Forward based on
Label

Add Label and

forward based on
Label

Forward based on
Label

Forward based on
Label

Forward based on
Label

192.168.1.1
192.168.1.1

192.168.1.1

PE1

192.168.2.0

192.168.1.1

VPN

VPN

1.0

2.0

Remote Labels learnt

through Route learning.
Black Label for
192.168.1.0 is stored at
PE1

191.168.1.1

PE2

Remote Labels learnt

through Route learning.
Blue Label for
192.168.2.0 is stored at
PE2

Repeat

192.168.1.0

MPLS Packet Forwarding

(Repeat)
Forward based on
destination IP

192.168.2.0

192.168.1.0

192.168.1.1
IP Packet

Forward based on
Label

Add Label and

forward based on
Label

Forward based on
Label

Forward based on
Label

Forward based on
Label

192.168.1.1
192.168.1.1
PE1
VPN

192.168.2.0

192.168.1.1

192.168.1.1

191.168.1.1

PE2
VPN

192.168.1.0

Packet Forwarding in
MPLS
192.168.2.0

192.168.1.0
192.168.1.1
IP Packet

192.168.1.1
192.168.1.1

192.168.1.1

PE1

191.168.1.1

PE2

IP

LSP VPN

LSP

192.168.1.1

Swapped after every hop

Used for forwarding in MPLS core
Identifies the Label Switched Path

192.168.2.0

192.168.1.0
VPN

Identifies VPN and customer destination address

Used to separate customer VPN
Added when packets enter and removed when packets leave

Packet Forwarding in IP
Network
192.168.2.0

192.168.1.0

Forward based on
destination IP

IP Packet

Forward based on
destination IP
Forward based on
destination IP
IP Packet

IP Packet
Forward based on
Destination IP

Forward based on
destination IP

IP Packet

IP Packet
IP Packet

192.168.2.0

192.168.1.0

MPLS Delivers
As a technology

Packet switched technology

Supports Layer2 and Layer3
VPNs
Supports Traffic Engineering

As IP VPN

Network based VPN

CEs need to exchange Layer3 information
only with connected PEs; No need to
exhanage routing informatioin with other
CEs
Overcomes overlapping private IP
Address issues
Routing Protocols establish reachability
Routing at Edge and Swicthing at Core
Delivers CoS/QoS
Platform to address convergence
Without IPSec, Security is as good as
FR/ATM

Reliance MPLS VPN Solution

XYZ
Franchisee

T
PS
N

IS
DN

Remote Users
LMDS
Hub
BA
Ring
BN
BA
Ring
Head
Office

BN

MA Ring

BAN

RAS

PSTN
Network

MA Ring

BAN

Internet

Reliance Core
Network
MA Ring

Regional
Office

BN

Mobile
Worker
Reliance
Wireless
Network

BA
Ring
BAN
MA Ring

BA
Ring

BAN

BN
Extranet
(Dealers / Suppliers)

Wireless
Users

Access Technology Matrix

Port Bandwidth
64 Kbps to 512 Kbps

Interface

Access
Technology*

CPE Provided

Ethernet

ADSL

ADSL Modem

DLC

G.703 Modem

G.703

LMDS

LMDS RT

DLC

V.35 Converter

LMDS3

LMDS RT

LMDS3

LMDS RT

Metro Ethernet

None

Ethernet

Metro Ethernet

None

32 Mbps (E3) /
42 Mbps (DS3)

G.703

SDH

TN1C (SDH Mux)

126 Mbps (STM 1)

G.703 /
optical

SDH

TN1X (SDH Mux)

64 Kbps to 2 Mbps

V.35
Ethernet

>2Mbps to 100 Mbps

*Tulip Wireless Access solution option is also available on a case-to-case basis

SLA Parameters

SLA Parameter
SLA Measurement period
Port Uptime Assurance
Percentage
MTTR *

Standard

Premium

Annually

Annually

Up to 98.5%

Up to 99.5%

Up to 10 hours

Up to 6 hours

<= 80 msec

<= 80 msec

Packet Loss (PE to PE)

<= 1%

<= 1%

Usage Credit against SLA

default

100%

300%

Network Latency (PE to PE)

Customized

To be proposed
only after DAKC
approvals for values
to be committed

Disaster
Recovery
Disasters have no preferences

7/26 Mumbai Floods

The enterprise Biz would however prefer to stay

unaffected

Reliance IDCs : Integral part of

the MPLS Network

A ready-to-move-in DR / Primary site

4 Level-3 certified IDCs
2 in Mumbai,
2 in Bangalore

DR-site ready MPLS Network

Reliance
IDC as
DR site

Primary
Data
center
Terabit MPLS
Network

Reliance Network Overview

Reliance Data Network (RDN)

7 Primary Locations
Heavily Physically Meshed
STM 16 (64) connectivity between primary
core locations
14 Secondary Locations

Fully Logically Meshed

STM 4 connectivity to
two or more primary locations

172 Collector Locations

Connected to a core location

STM 1 / n * E1 to core locations

Largest MPLS enabled Core Data Network already

Access Methodology: Wireline

FTTB
BAN : Building Aggregation Node
BN : Building Node

Data Centre

MCN : Media Convergence Node

BA Ring:Building Aggregation Ring

Customers
Router

MA Ring:Main Aggregation Ring

MCN,
DAKC
City
4
MCN,
City 32

MCN,
DAKC

Reliances Core
Network

MCN,
City 1

MCN,
City
2
Hyderabad
Customers
Routers

M A Ring

Customers
Location
B A Ring

BN

Access Methodology: Wireline FTTB

MCN
MCN

Core Backbone

MCN

MCN
BAN

Main Access Ring

12-fiber direct
building cable

BAN

MAN

BA Ring

BOI (BN location)

MCN- Media Convergence Node
MAN- Media Access Node
BAN- Building Access Node
BA- Building Access Ring
BOI- Building Of Interest
BN- Building Node

Connects major nodes within a

city (Metro) act as aggregation
points for customer traffic within
city
Interconnects to all telecom
service providers
End-to-end (customer premise
to core) self healing ring
topology
Optical Fiber based network to
support high bandwidths
Cable based on ITU G.652
standard

End-to-end optical fiber based

self healing topology

Remote Access MPLS

VPN

RA MPLS VPN

Provides a secure, high availability, dial-up solution that connects employees,

customers, and business partners to corporate intranets, extranets, and the
Internet.

Scalable to support organizations of all sizes, RA MPLS VPN offers PSTN / ISDN
access from 22 locations in India

The service offers corporate customers the facility to allow their employees and
staff to access their Intranet and central resources securely.

Other companies such as partners, supplies, major customers or consultants

(Extranet) also can have limited access to this organizations Intranet.

To gain Remote Access, customer dials in to a network access server at the

nearest Reliance POP, which enables the dial traffic to be placed into the
customers VPN

RA MPLS VPN
Mode of Access
PSTN Dial-up
ISDN Dial-up

The customer can get a dial up access to his IP VPN through any PSTN / ISDN
line from any BSO.

Though the customer can dial into the VPN from any PSTN / ISDN line, the data
access rate to the VPN will depend on the customers local loop as well as the
public infrastructure over which the call will travel to the VPN service.

The customer will be provided with a unique login id

(UserName@CompanyName.com) that will identify the particular user.

The User Name will be system auto-generated and alias can be created by the
customer at the CNM portal

In case of PSTN dial-up, multiple users of the same organization can also be
allowed to use the same login id

RA MPLS VPN
Availability

The service is available at 22 identified potential locations in India where local

dialing would be possible

Mumbai, Pune, Panjim, Delhi, Chandigarh, Jaipur, Chennai, Bangalore, Mysore,

Hyderabad, Ernakulam, Vizag, Coimbatore, Kolkata, Bhubhaneshwar,
Ahmedabad, Vadodara, Bhopal, Indore, Raipur, Lucknow, Rachi

All the locations other than these 22 locations would be dialing a STD call to any
of these 22 locations close to the location today

Additional locations would be added where local dialing would be possible as

when required depending upon the business potential at those locations

Type of Remote
Access
PC / Laptop based remote access

Individual Login ID for Single User Login

Unique Login ID for each individual user. This Login IDs will allow only one
user to Login.

The customer can specify a Static IP to be provided for a particular user from
the defined WAN IP Pool. If not specified, the IP will be dynamically allocated
from the WAN IP Pool

Common Login ID with Multiple Login Users

(Applicable for PSTN remote access only)

Multiple Users can use same Login ID for Remote Access. The number of
simultaneous users using the same Login ID has to be specified by the
customer as No. of Login Users

Type of Remote
Access

LAN based remote access

Unique Login ID for each LAN based access.

The customer may specify a Static IP to be provided for a particular user

from the defined WAN IP Pool. If not specified, the IP will be dynamically
allocated from the WAN IP Address Pool

The customer must specify the LAN IP Address to enable the PCs on the
LAN to access the VPN. The customer may specify more than one LAN IP
Address.

The Router used by the customer must be capable for dial-up access and
should allow configuring the Login ID on the router.

Charging
Basis

The customer will be charged a FLAT FEES per annum for each login user for
remote access to MPLS VPN.

The FLAT FEES would vary with the type of access technology

The charges remain the same irrespective of whether the customer chooses a single
login id or multiple login IDs.

The charges will be based on number of users and not number of login IDs.

For Reliance provided ISDN/PSTN lines, the charges for installation of ISDN line or
POTS will be charged separately as per the product provisioning.

Reliance RA MPLS VPN

Solution

Remote Users

Head
Office

BN

IS
DN

BA
Ring
MA Ring

BAN

Reliance PSTN
Network

R
A
S
Reliance Core
Network

PS

MA Ring

Regional
Office

BN

BA
Ring

AAA

BAN
MA Ring

BA
Ring
BN
Extranet
(Dealers / Suppliers)

BAN

Other BSOs
PSTN Network

TN

Access Methodology: Wireless CDMA

Reliances IDC,DAKC,Navi Mumbai

AAA

Switch

Secure L2TP Tunnel

Per PC
LNS
LNS

PDSN

Firewall
Firewall

Ac
ces
s

Reliance CDMA
Network

Rin
g

10/100
Ethernet
PE
PE

P
PE
P

PE

PE

Reliance MPLS Network

Reliance
MPLS
Network
P

PE

PE

PC

FWT

Reliance India
Mobile (RIM)

PE
PE

PC

New Features

Multicast

Unicast is one to one delivery of information, which requires more then one time
transmission of similar data from the source device, if receivers are more then one.

Broadcast is transmission of information to all sites of VPN irrespective of their

need.

Multicast allows the efficient distribution of information within one VPN, from one
site (as a Source) to other sites (multiple receivers). For this it allows one time
transformation of information from the source device regardless of the number of
receivers.

Multicasting reduces the flooding and gives the information to specific sites only
and thus overcomes the disadvantage of Broadcast.

Multicast

Multicasting is the useful feature for the customer who transmits data/audio/video
informations within their VPN to the selected sites.

Multicasting feature is a tradeoff between Unicast and Broadcast. As in Multicasting all the
respective sites of VPN are connected, source can transmit the information to receivers in
one time transmission, which not only reduces the transmission effort but also reduces the
chargeable bandwidth and thus overcomes the disadvantage of Unicast.

Applications:

Stock tickers

Financial information

Audio streams

Video streams

Multicast
Business Rules

This feature will be offered as a product feature to the customer

Any existing / new VPN customer can opt for this service

Existing VPN Customer can opt for Multicast feature through a MACD

New Customer has to select Multicast feature in MPLS VPN CAF

Multicast
Limitations

Number of RDN PEs involved in the customer VPN should be < or = 35.

Case1: If customer has 60 sites in his VPN, 10 at each of the location Mumbai, Delhi, Chennai, Bangalore, Pune and
Calcutta and wants the multicasting service then customer is eligible for the service as in Reliance network each of
the above location constitute a single PE which means customer is asking for the service between 6 PE which is
allowed.

Case 2 : If customer has 60 sites in his VPN, each involving a different PE, we will not be able to offer this feature.

Multicast stream size support per customer is up to 256 Kbps.

Customer cant have more then one source for each VPN. It should be permanent source so that
source location remains same within customer VPN. In case, the source needs to be changed a
MACD needs to be initiated accordingly

Transmission of multicasting information between two VPN (whether of same customer or different
customer) is NOT allowed.

Sites connecting through RAMPLS VPN (ISDN access) CANNOT be a part of multicast session

Time of the Day bandwidth (ToD)

Requirement

Customer requires higher bandwidth at a particular site and during particular time of
the day, everyday

For that particular time bandwidth should be upgraded automatically.

After the particular time, the bandwidth available should be same as that of
contracted one.

CIR

Time

Time of the Day bandwidth (ToD)

Time of Day (ToD) is a feature where in customer can choose to allocate a higher
bandwidth at a particular Time of Day on a periodic basis

Customer can upgrade the bandwidth in the off-peak hours of Reliance (22:00 hrs.
to 08:00 hrs.)

Customers who have peak usage during the Reliance off-peak hours can drive
down their internetworking costs

The bandwidth offered at the off-peak hours would be double the bandwidth
subscribed for

Any new / existing customer can subscribe to ToD Feature.

Time of the Day bandwidth (ToD)

Business Rules

Time of Day (ToD) feature will be offered only to the sites with Metro Ethernet
as the last mile

ToD feature will be offered to customers subscribing for at least 1 Mbps

bandwidth

Customer can upgrade only to twice the subscribed CIR bandwidth for the offpeak time

Flat Annual Charges will be charged for ToD Feature based on the subscribed
CIR

Time of the Day bandwidth (ToD)

Value Proposition

Customers having maximum bandwidth utilization at night time can reduce the
bandwidth costs significantly

In absence of ToD feature customer would have subscribed for a higher CIR
bandwidth which would be hardly utilized in the day time

Its a one time activity for provisioning higher bandwidth at the night time. No need
to request for the same every day.

Customer can upgrade to twice the subscribed CIR bandwidth for his peak
utilization time

This feature can be subscribed by any one or few sites of the VPN based on the
requirement.

It is perfectly suitable for those customers having a periodic pattern of need of

higher bandwidth at night time

Key Differentiators Quick

Recap

Ethernet apart from Leased Line and LMDS

Ring architecture in Access and Core to deliver high uptimes

National NOC to monitor and manage network on 24X7 basis

Online Performance Reports

End to End managed network backed up SLA

All flavours of Remote Access Integration

International VPN

Internet

World class IDC

Integrated approach for complete range of Enterprise networking needs

VPN Customers - A Partial List

CNM Portal
Customer Network Management [CNM] Portal

High-level capacity planning and advanced trend analysis have never been easier,
with web-based online CNM Portal providing detailed information on the bandwidth
you are using.

At the CNM Portal customer can also monitor all the SLA parameters
- Service Availability, Network Latency and Network Packet Loss.

In the event of any problem with the network, customer can raise a trouble ticket
(TT) online

The monthly SLA Reports would also be available at the portal

CNM Portal
Summary Report

CNM Portal
Summary Report

CNM Portal
Bandwidth Utilization (IN)

CNM Portal
Bandwidth Utilization (OUT)

CNM Portal
Latency

CNM Portal
Packet Loss

CNM Portal
Trouble Ticket Module

VPN_Ntwrk-Srvcs_Connectivity
Packet Loss

CNM Portal RA MPLS VPN

CNM Portal
1.

The system will generate unique Usernames & a default Password per user name and
provide it to the customer

2.

The customer will have a CAN, which would be used to access CNM portal.

3.

In case of RAMPLS VPN CAF entered in the system, the CNM portal of that customer
would have a link at the portal to get into RAMPLS VPN Service page.

4.

At the RAMPLS VPN Service page the administrator of the customer would have the List of
configured Unique Usernames & default Passwords with corresponding attributes viz. No.
of Users, Access Technology, LAN IP address (if applicable), Static WAN IP address (if
applicable)

5.

The administrator should be able to create aliases of each User Name which he could enter
against each User Name and also to change the respective default password

6.

The aliases & passwords will be updated at the CNM portal and the customer will be able to
login with the aliases

7.

The administrator at any time can change either the aliases or passwords or both, at the
CNM portal.

CNM Portal

CNM Portal

CNM Portal