Getting started

About this guide

This guide describes details pertaining to Integrated Services Adapters (ISAs) and Extended Services Appliances (ESAs) and the services they provide. ISA may refer to ISA2 or an ESA-VM unless otherwise specified.

This guide is organized into functional chapters and provides concepts and descriptions of the implementation flow, as well as Command Line Interface (CLI) syntax and command usage.

Note: Unless otherwise indicated, this guide uses classic CLI command syntax and configuration examples.

The topics and commands described in this document apply to the:

  • 7450 ESS

  • 7750 SR

  • Virtualized Service Router

For a list of unsupported features by platform and chassis, and for services supported by ISAs and ESAs, see the SR OS R23.x.Rx Software Release Notes, part number 3HE 19269 000 x TQZZA.

Command outputs shown in this guide are examples only; actual displays may differ depending on supported functionality and user configuration.

Note: The SR OS CLI trees and command descriptions can be found in the following guides:
  • 7450 ESS, 7750 SR, 7950 XRS, and VSR Classic CLI Command Reference Guide

  • 7450 ESS, 7750 SR, 7950 XRS, and VSR Clear, Monitor, Show, and Tools Command Reference Guide (for both MD-CLI and Classic CLI)

  • 7450 ESS, 7750 SR, 7950 XRS, and VSR MD-CLI Command Reference Guide

Note: This guide generically covers Release 23.x.Rx content and may contain some content that will be released in later maintenance loads. See the SR OS R23.x.Rx Software Release Notes, part number 3HE 19269 000 x TQZZA for information about features supported in each load of the Release 23.x.Rx software.

ISA and ESA configuration process

The ESA is specialized hardware that hosts ESA Virtual Machines (ESA-VMs). Each ESA-VM is configured as an integrated service type. ESA extends the proven Integrated Services Adapter (ISA) system implementation architecture and related control processing module (CPM) functions on the 7750 SR systems to include ESA-VM-based virtual ISA (v-ISA) functionality.

ISA and ESA configurations and supported features lists the ISA and ESA configurations with descriptions and their supported functionalities.

Table 1. ISA and ESA configurations and supported features
Configuration Description Supported features

mda type: isa2-aa

esa vm-type: aa

Application Assurance

  • Per-flow stateful deep packet inspection on OSI Layers 3 to 7

  • Release-independent protocol signatures, applications, application groups, and charging groups

  • Flow attribute classification using deterministic and heuristic machine-learning algorithms

  • Per-application and per-attribute policy enforcement and charging

  • Layer 7 stateful firewall to block unsolicited traffic, with full application-level gateway (ALG)

  • URL filtering and web classification based filtering

  • Access network congestion detection and control using Dynamic Experience Management

  • Application and protocol based volume and performance reporting

mda type: isa2-bb

esa vm-type: bb

Broadband

  • CGN: LSN44, DS-Lite and NAT64

  • L2-Aware NAT for tight integration between BNG subscribers and NAT44

  • LNS

  • WLAN-GW

  • vRGW

  • Generic re-assembly and TCP MSS-adjust

mda type: isa2-tunnel

esa vm-type: tunnel

IP tunnels

  • IPsec tunnel: Secure network traffic on IP level for site-to-site, remote-access, mobile backhaul

  • GRE/IP-in-IP tunnel: Overlay IP interface with transport as GRE/IP-in-IP tunnel

  • L2TPv3 tunnel: Pseudowire for VPLS and Routed VPLS

mda type: isa2-video

Video

  • Fast Channel Change (FCC)

  • Video Packet Retransmission (RET)

  • Video Quality Monitoring (VQM)

  • Perfect Stream

  • Multicast (S,G) NAT

Configuration details is a summary of the ISA and ESA virtual machines (ESA-VMs) guide structure by task. Specific configuration details for a software area, CLI syntax and command usage to configure parameters for each function are contained within each section.

Table 2. Configuration details
Area Task Section

Application Assurance

Configure Application Assurance entities

Configuring AA with CLI

IP tunnels

Determine IPsec deployment requirements

IPsec deployment requirements

Configure IPsec

Configuring IPsec with CLI

L2TPV3 tunnels

Configure the L2TPV3 control plane

Control plane

Configure public SAP

Public SAP

Configure private SAP

Private SAP

Video services

Configure video services components

Configuring video service components with CLI

Configure REF/FCC video components

Configuring RET/FCC video components with CLI

Network Address Translation

Configure NAT on SR

Configuring NAT

Configure NAT on VSR

Configuring VSR-NAT

Residential firewall

Configure the residential firewall

Residential firewall provisioning

TCP MSS adjustment

Configure TCP MSS adjustments for BB

TCP MSS adjustment

Configure TCP MSS adjustments for tunnel-ISA

TCP MSS adjustment

Configure AA TCP MSS adjustments

AQP

L2TP network server

Configure subscriber aggregate rate limit on LNS

Subscriber agg-rate-limit on LNS

Configure LNS reassembly

LNS reassembly

Configure MLPPPoE and MLPPP(oE)oA with LFI on LNS

MLPPPoE, MLPPP(oE)oA with LFI on LNS

Conventions

This section describes the general conventions used in this guide.

Precautionary and information messages

The following information symbols are used in the documentation.

DANGER: Danger warns that the described activity or situation may result in serious personal injury or death. An electric shock hazard could exist. Before you begin work on this equipment, be aware of hazards involving electrical circuitry, be familiar with networking environments, and implement accident prevention procedures.
WARNING: Warning indicates that the described activity or situation may, or will, cause equipment damage, serious performance problems, or loss of data.
Caution: Caution indicates that the described activity or situation may reduce your component or system performance.
Note: Note provides additional operational information.
Tip: Tip provides suggestions for use or best practices.

Options or substeps in procedures and sequential workflows

Options in a procedure or a sequential workflow are indicated by a bulleted list. In the following example, at step 1, the user must perform the described action. At step 2, the user must perform one of the listed options to complete the step.

Options in a procedure

  1. User must perform this step.
  2. This step offers three options. User must perform one option to complete this step.
    • This is one option.
    • This is another option.
    • This is yet another option.

Substeps in a procedure or a sequential workflow are indicated by letters. In the following example, at step 1, the user must perform the described action. At step 2, the user must perform two substeps (a. and b.) to complete the step.

Substeps in a procedure

  1. User must perform this step.
  2. User must perform all substeps to complete this action.
    1. This is one substep.
    2. This is another substep.