Cisco Model D-PCG1000 PowerKEY CAS Gateway Installation Guide
Theory of Operation
OL-28808-01
9
VOD Applications
In a VOD application, the information for addressing of streams at the input and
output of the Netcrypt Bulk Encryptor is exchanged at Exclusive Session (ES) setup
time through DSM-CC-compliant and SSP2.3-compliant session signaling. Note that
in order to properly route traffic through a Netcrypt Bulk Encryptor, the Application
Server provides the GbE port IP address of the Netcrypt Bulk Encryptor to the VOD
server. The VOD server must accept this address and use it in the destination IP
address field of the content for that session. This address is given to the VOD server
in an Ethernet Interface Resource descriptor as part of the AddResourceConfirm
message per the SSP 2.3 standard. For more information, see Summary of Addresses
and Stream Header Information (on page 16).
output of the Netcrypt Bulk Encryptor is exchanged at Exclusive Session (ES) setup
time through DSM-CC-compliant and SSP2.3-compliant session signaling. Note that
in order to properly route traffic through a Netcrypt Bulk Encryptor, the Application
Server provides the GbE port IP address of the Netcrypt Bulk Encryptor to the VOD
server. The VOD server must accept this address and use it in the destination IP
address field of the content for that session. This address is given to the VOD server
in an Ethernet Interface Resource descriptor as part of the AddResourceConfirm
message per the SSP 2.3 standard. For more information, see Summary of Addresses
and Stream Header Information (on page 16).
Note also that only unicast SPTSs are required for VOD. MPTSs are not required for
VOD. Multicasts are not required for VOD.
VOD. Multicasts are not required for VOD.
Network Considerations
The network considerations discussed in this section help operators understand both
the operation of the Netcrypt Bulk Encryptor and the data that operators must enter
in the Application Server when provisioning the unit or setting up sessions and
connections on it.
the operation of the Netcrypt Bulk Encryptor and the data that operators must enter
in the Application Server when provisioning the unit or setting up sessions and
connections on it.
GbE Transport Network Clouds: Specifying Netcrypt Bulk Encryptor-to-QAM Connectivity
It is possible to design a network so that any Netcrypt Bulk Encryptor can reach any
QAM modulator. However, for a variety of reasons, such as the physical or logical
locations of bulk encryptors, the network design, limitations of transport networks,
or load balancing, some networks may require that connectivity be restricted. With
SR 2.6/3.6/4.1 and later, the Application Server uses a “GbE transport” concept and
tool to specify and limit network connectivity.
QAM modulator. However, for a variety of reasons, such as the physical or logical
locations of bulk encryptors, the network design, limitations of transport networks,
or load balancing, some networks may require that connectivity be restricted. With
SR 2.6/3.6/4.1 and later, the Application Server uses a “GbE transport” concept and
tool to specify and limit network connectivity.
As the following illustration shows, network connectivity between each Netcrypt
Bulk Encryptor and other devices in the network is specified by creating one or more
“GbE transport” networks or “clouds” on the Application Server. Note that the GbE
transport cloud is a logical concept, not a physical device. A cloud may be composed
of one or more switches, routers, and transport devices. Any-to-any physical
connectivity may exist, yet the Application Server will not configure a connection
where a GbE transport cloud does not indicate connectivity. In the examples that
follow, all ports on Netcrypt Bulk Encryptors are connected to the same GbE
transport clouds. In reality they may be connected to different clouds. When two or
more ports are connected to the same cloud, the Application Server balances the
session load among the commonly connected ports. In reviewing the following
examples, keep in mind that the methods described in the examples can be
combined in new and different ways not covered in the examples.
Bulk Encryptor and other devices in the network is specified by creating one or more
“GbE transport” networks or “clouds” on the Application Server. Note that the GbE
transport cloud is a logical concept, not a physical device. A cloud may be composed
of one or more switches, routers, and transport devices. Any-to-any physical
connectivity may exist, yet the Application Server will not configure a connection
where a GbE transport cloud does not indicate connectivity. In the examples that
follow, all ports on Netcrypt Bulk Encryptors are connected to the same GbE
transport clouds. In reality they may be connected to different clouds. When two or
more ports are connected to the same cloud, the Application Server balances the
session load among the commonly connected ports. In reviewing the following
examples, keep in mind that the methods described in the examples can be
combined in new and different ways not covered in the examples.