Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - LINK LAYER CONFIGURATION GUIDE 2010-10-13 Configuration Manual page 415

Chapter 12: Configuring Point-to-Point Protocol over Ethernet
application running on routers. This functionality was defined to enable DSL access
infrastructure in networks worldwide to migrate from ATM to Ethernet-based connections.
IWF is a set of mechanisms required to interlink two networks of different technologies.
IWF is used to describe the PPPoA conversion to PPPoE sessions at the DSLAM. These
mechanisms include conversion of PDU framing, addressing policies, priority mapping,
security mechanisms, and OAM flows. In ATM-to-Ethernet interworking circuits, the
PPPoA session that arrives at the DSLAM over ATM from a customer premises equipment
(CPE) or access loop is converted to a PPPoE session at the DSLAM. This PPPoE session
is then continued to be transmitted to the PPPoE access concentrator to B-RAS as a
PPPoE session. Every PPPoA session is associated with a corresponding PPPoE session.
A PPPoE session from the DSLAM to the B-RAS that is actually a PPPoA session from
the end user to the DSLAM is referred to as an IWF PPPoE session. The B-RAS application
is configured to limit PPPoE sessions that originate from the same MAC address to protect
itself from a denial of service (DoS) attack. This restriction on maximum number of
PPPoE client sessions poses a problem for IWF PPPoE sessions because all PPPoE
sessions contain the same MAC address of the DSLAM.
To avoid this problem, the PPPoE client inserts the IWF PPPoE tag in the PADR packet
to the PPPoE access concentrator to which it wants to connect. The B-RAS application
uses the IWF PPPoE tag to distinguish between an IWF PPPoE session and a regular,
non-IWF PPPoE session during the PPPoE discovery stage. The IWF PPPoE tag enables
the B-RAS application running on E Series routers to distinguish the IWF PPPoE session
from the regular PPPoE sessions to overcome the limit on the B-RAS the maximum
number of PPPoE sessions per MAC address as a protection from DoS attacks sourced
from the same MAC address. For more information about ATM-to-Ethernet interworking
functions, see the DSL Forum Technical Report 101: Migration to Ethernet-Based DSL
Aggregation.
These ATM-to-Ethernet interworking circuits can be mapped to individual logical
interfaces configured on an ATM, Gigabit Ethernet, or 10-Gigabit Ethernet physical
interface. The ATM-to-Ethernet interworking cross-connect essentially provides Layer
2 switching, and statistics are reported at the logical interface level.
During the conversion from ATM to Ethernet, the least significant 12 bits of the ATM cell
VCI are copied to the Ethernet frame inner VLAN tag. Cells received on an ATM logical
interface configured with the ATM-to-Ethernet interworking encapsulation type and
falling within the configured VCI range are reassembled into packets. These packets are
forwarded to a designated Ethernet logical interface that is configured with the
ATM-to-Ethernet interworking encapsulation type.
During the conversion from Ethernet to ATM, the Ethernet frame inner VLAN tags that
fall within the configured range are copied to the least significant 12 bits of the ATM cell
VCI. The ATM logical interface uses its configured VPI when segmenting the Ethernet
packets into cells. ATM-to-Ethernet interworking is supported on E Series routers with
aggregated Ethernet, Gigabit Ethernet, and 10-Gigabit Ethernet interfaces.
Copyright © 2010, Juniper Networks, Inc. 383