In this solution, VOD, access authentication, and other services are generally handled in the unicast mode according to the IPTV Business characteristics. For businesses such as BTV and nVOD, multicast is used. To meet the needs of refined management of Internet services, users can use pupv vlan division. For IPTV users, you can use PUPV (one user and one VLAN) based on the actual situation) or PSPV (one service and one VLAN. For VOD, authentication, and other unicast Data Stream-based services, data forwarding is relatively simple and will not be repeated here. The difficulty of IPTV access networks lies in the processing of BTV business multicast streams. In combination with IPTV in the initial development stage in China, most devices in the current network cannot directly support IPTV services, two solutions are proposed: centralized multicast replication and edge multicast replication. In the early stage of IPTV development, centralized replication was adopted when the number of users was small. Edge replication is used for business scale development. In this way, the stress of multicast replication is dispersed on corridor switches, which can meet the access requirements of a large number of IPTV users.
The solution supports PPPOE and DHCP + authentication. You can avoid the impact between users by Using VLAN or port isolation. Meanwhile, flexible QINQ can be used to precisely locate users and VLAN resources. In addition, the use of BRAS and home gateway to set the user's traffic and priority can effectively control the traffic in the access network, with QOS queue scheduling mechanism to ensure the video quality of IPTV services.
Pay attention to the following issues in the solution:
Business Separation
Differentiate different services by VLAN
Access authentication Problems
PPPOE or DHCP + Authentication
Multicast Replication
Centralized Replication
Edge Replication
QOS and security
Queue Scheduling
Dhcp snooping OPT82
User isolation
Fast Channel Switching
Access Switch unknown multicast discard
Technical Features
Business Separation
User Services are mainly HSI (Internet Services), IPTV services, and VOIP services. Each Service has different network requirements. To facilitate the deployment of QOS and security policies, therefore, we must differentiate the business. The simplest way is to mark different services through different VLANs.
Considering the business characteristics, Internet services usually require refined management of users, while IPTV services usually adopt a rough management mode. Therefore, we recommend that you use the following methods for VLAN planning: for Internet services, PUPV (one VLAN for each user) is used. For IPTV/VOIP services, PSPV (one VLAN for each service) is used. That is, IPTV users in the same campus use the same VLAN, IPTV/VOIP users in different campuses use different service VLANs. At the local end, flexible QINQ is used to create outer labels for the VLAN of the Internet Service, and no outer labels for the VLAN of the IPTV service.
As shown in, VLAN21 and VLAN22 are Internet services, and an outer layer tag 100 is mounted on the local terminal to the BRAS, while VLAN3 and VLAN4 are service VLANs of IPTV and VOIP respectively, VLAN5 is a multicast VLAN (which is a VLAN dedicated for multicast services to save bandwidth and is invisible to IPTV users). VLAN3/4/5 is not processed on the local terminal, directly passthrough to the BRAS or SR.
VLAN division for different services is implemented through the home gateway.
It should be emphasized that if the corridor switch is old and only supports VLAN division, but cannot support multicast features such as igmp snoopign and edge replication, you cannot use the above method to divide IPTV users into one VLAN (because multicast streams will be broadcast in the VLAN ), instead, you need to divide IPTV users into different VLANs (namely, the PUPV mode). At this time, you need to perform centralized Replication through the campus switch to carry out IPTV services. This will be detailed later.
Access authentication
In this solution, the Internet Service adopts the PPPOE authentication method, and the IPTV service can adopt PPPOE or DHCP + authentication. PPPOE authentication methods have been widely used and will not be described here.
DHCP + authentication is implemented by using some OPTION fields defined by DHCP. For example, OPTION60 is used to identify the terminal type and OPTION82 is used to identify the user location (actually marking the user ).
When the network device receives the stb dhcp request packet, it needs to add the OPTION82 field after the packet. In this case, there are two modes for DHCP + authentication, one is to directly send the DHCP packet to the DHCP server, the DHCP server determines whether the user is a valid user based on the OPT82 field and determines whether to assign an IP address to the user. The other is that DHCP packets are first sent to BRAS, where BRAS places the OPT82 field in a subdomain of RADIUS and authenticates the user validity through the RADIUS server. If the user is valid, then, the DHCP server allocates an IP address.
Multicast Replication
Based on the capabilities supported by corridor switches, edge replication or centralized replication can be used for multicast replication.
If the corridor switch is earlier, you cannot use the VLAN division method of PSPV. Instead, you need to allocate IPTV users to different VLANs. In this case, the centralized multicast replication method is used. Otherwise, you can use multicast edge replication.
Generally, when a user is in a different VLAN, each VLAN has a multicast stream, even if the user is on the same channel, there will also be multiple identical multicast streams on the link, which wastes a lot of bandwidth. Therefore, the concept of multicast VLAN is introduced to allow users to share a VLAN for multicast services. multicast streams are transmitted only in this VLAN, replication is not performed until the end user is oriented to save bandwidth. Whether it is centralized replication or edge replication, there will be a VLAN that uses the multicast service, but this multicast VLAN is on the campus switch (centralized replication point) during centralized replication, edge replication is performed on the corridor switch (edge replication point.