Технические ссылки для Cisco Cisco IOS Software Release 12.2(27)SBC
Cisco SSG-to-ISG DSL Broadband Migration Guide
ISG-SESM Broadband Migration Concepts
4
Cisco SSG-to-ISG DSL Broadband Migration Guide
The dynamic policy enforcement inherent in the ISG software allows consistent, tailored, and secure
user services to be deployed in the network, triggered by a service or by a user—concepts referred to in
the ISG as push and pull.
user services to be deployed in the network, triggered by a service or by a user—concepts referred to in
the ISG as push and pull.
The ISG has the ability to initiate and manage sessions consistently, regardless of the access protocol
type, network service, or session traffic policies configured. The ISG software provides seamless
integration with existing Cisco IOS IP services such as Domain Name System (DNS), quality of service
(QoS), ACLs, Dynamic Host Configuration Protocol (DHCP), VPN routing and forwarding (VRF)
instances , and Multiprotocol Label Switching (MPLS).
type, network service, or session traffic policies configured. The ISG software provides seamless
integration with existing Cisco IOS IP services such as Domain Name System (DNS), quality of service
(QoS), ACLs, Dynamic Host Configuration Protocol (DHCP), VPN routing and forwarding (VRF)
instances , and Multiprotocol Label Switching (MPLS).
The ISG software also provides better accounting of services for both use and application, and for
advanced accounting for services such as prepaid. You will also find enhanced distributed conditional
debugging that provides the ability to monitor and debug sessions and services based on identity.
advanced accounting for services such as prepaid. You will also find enhanced distributed conditional
debugging that provides the ability to monitor and debug sessions and services based on identity.
ISG-SESM Broadband Migration Concepts
When migrating a network from SSG to ISG, the process is not a one-to-one mapping of commands but,
rather, involves implementing the right policies to emulate the behavior on the Cisco SSG.
rather, involves implementing the right policies to emulate the behavior on the Cisco SSG.
The following sections are provided to compare SSG-to-ISG functionality, identify similarities and
differences, and introduce new concepts and commands that will help you move to the ISG architecture.
differences, and introduce new concepts and commands that will help you move to the ISG architecture.
•
•
•
•
•
ISG Features
An ISG feature is a functional component that performs a specific operation on a session’s data stream.
A feature may or may not be associated with a classifier. However, once associated with a classifier, a
feature can be applied only to the packets that match that classifier. Otherwise, the feature is applied to
all packets for that session. Features are divided into data-path and nondatapath-related functionality.
Datapath-related features include Port-Bundle Host Key (PBHK), Layer 4 (L4) Redirect, Subscriber
ACLs, Idle Timer, Session Timer, QoS, Session and Service Accounting, and Prepaid.
Nondatapath-related features include IP configurations (address pool, VRF, IP address), and network
service types or groups.
A feature may or may not be associated with a classifier. However, once associated with a classifier, a
feature can be applied only to the packets that match that classifier. Otherwise, the feature is applied to
all packets for that session. Features are divided into data-path and nondatapath-related functionality.
Datapath-related features include Port-Bundle Host Key (PBHK), Layer 4 (L4) Redirect, Subscriber
ACLs, Idle Timer, Session Timer, QoS, Session and Service Accounting, and Prepaid.
Nondatapath-related features include IP configurations (address pool, VRF, IP address), and network
service types or groups.
Dynamic Feature Updates
The ISG software supports dynamic updating of features for an existing ISG session. This update can be
triggered by the actions of either a subscriber or an administrator. Once a session has been updated in
this way, any existing configuration for the given feature is overridden, and the updated configuration
can be altered only by another dynamic feature update.
triggered by the actions of either a subscriber or an administrator. Once a session has been updated in
this way, any existing configuration for the given feature is overridden, and the updated configuration
can be altered only by another dynamic feature update.