You are on page 1of 10

White Paper

HX System Virtual Network Operator Capabilities

Introduction
The HX Virtual Network Operator (VNO) feature has been developed so that a single HX System can be used by multiple
independent Virtual Network Operators (VNOs). With these VNO capabilities, a Host Network Operator (HNO) can set up
the infrastructure to configure multiple Virtual Networks (VNs), each with its own unique allocation of resources. As part
of the VN configuration a set of resources is allocated to a VN, and the HNO is able to set up different user classification
types for VNO users. Each of these user classifications will contain a full set of access rights (both functional and modular
capabilities), which can be assigned to that user type.
Through this virtual network arrangement, the VNO does not need to make significant investments into infrastructure or
space segment, but instead, relies on the service provider to make these investments. The HNO, in turn, is able to resell
network services to multiple VNOs, thereby gaining economies of scale.
The key features of the HX VNO functionality include:
QQ Effectively partition the network into contained subsets
QQ Provide a clear delineation between HNO and VNO roles
QQ Provide a rich and extensible VNO capability set
QQ Provide a rich interface that is easy to use and provides a large set of functionality
This paper discusses how the HX System supports VNO services through the partitioning of various elements.

HNO and VNO Roles


The HNO generally have the following roles and responsibilities:
QQ Maintain RF and satellite connectivity
QQ Distribution of satellite capacity across VNOs
QQ Assign contained bandwidth (outroute/inroute) to VNO
QQ Establish access control/configuration separation between VNOs
Each of the VNOs generally has the following roles and responsibilities:
QQ Ability to create service plans and set up predefined SLAs
QQ Define their own service levels (within allocated spectrum)
QQ Configure terminal devices
QQ Monitor dedicated equipment
QQ Manage/troubleshoot network without involvement from HNO
QQ Allow oversubscription (within allocated range)

MAR 2012

www.hughes.com

White Paper

Figure 1 illustrates the relationship between the HNO and the various VNOs supported by the HNO.

HNO

VNO

NOC
VNO 1
Access and control
partitioned segments

Routers

VNO 2

Access and control


partitioned segments

Routers

Figure 1. Relationship Between HNO and VNO


The key functionality provided to the VNOs includes the following:
QQ Network Administration
QQ Access control
QQ Monitoring
QQ Real time network status/performance
QQ Remote status
QQ Configuration
QQ Hub configuration
QQ Service plan configuration
QQ Troubleshooting/Diagnostics
QQ VNO alarm manager
QQ Full-featured troubleshooting
QQ Context-sensitive help

HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES

www.hughes.com

White Paper

HX System Architecture
The building blocks of the HX System are shown in Figure 2.

IP P rocessing S ubsyste m
VLAN 1
VLAN 2

H IG H-S
H S P E E D IN T E R N A L LA N

IP W AN

R eturn C hannel S ubsystem

IP G atew a y #1

VLAN 16
VLAN 1
VLAN 2

IP G atew a y #2
VLAN 16

VLAN 1
VLAN 2

IP G atew a y #N

D N C C #1
(return channel bandw idth m anager)

C D S #1
D e m o du lato r
fo r u p to 2 .5 M sp s
ove r 9 C h a n ne ls

Shared

C h a n ne l 9

D N C C #X
(return channel bandw idth m anager)

C D S #N
D e m o du lato r
fo r u p to 2 .5 M sp s
ove r 9 C h a n ne ls

C h a n ne l 1
C h a n ne l 2

C h a n ne l 9

F orw a rd C hannel S ubsyste m


S atellite G atew a y
D V B-S 2 M od u lato r

VLAN 16

Dedicated

C h a n ne l 1
C h a n ne l 2

HX ExpertNMS

Figure 2. HX System Building Blocks


These hub system building blocks include the following;
QQ Forward Channel Subsystem. This consists of the satellite gateway (which does the generic stream encapsulation (GSE)
of IP into the DVB format) and the DVB-S2 Adaptive Coding and Modulation (ACM) modulator. The forward channel is
capable of operating up to 45 Msps, which translates to an information rate of up to 121 Mbps.
QQ Return Channel Subsystem. The primary components are the Dynamic Network Control Cluster (DNCC) and the
Configurable Demodulator Subsystem (CDS) units. Each DNCC supports the dynamic bandwidth allocation for up to
32 return channels. Additional DNCC units are added as needed, based on the number of return channels. Each CDS
nominally supports the demodulation of up to 2.5 Msps over up to 9 return channels (a 10 Msps CDS is also available).
Additional CDS units are added as needed.
QQ IQoS. For the inbound bandwidth, the remote terminals belonging to a particular VNO are assigned to a particular
Inbound Quality of Service (IQoS) plan. The IQoS plan defines how bandwidth is assigned to a remote terminal or group
of remote terminals and ensures that inbound bandwidth is guaranteed not only on a per-remote level but also at the
overall group level. The service provider is free to oversubscribe on the inroute by using multiple IQOS plans. Unused
IQOS bandwidth within an inroute group (pool of inroutes) may be shared by other IQOS plans within the same inroute
group.
QQ IP Gateway (IPGW) units. The IPGW is the primary component for maintaining the IP connectivity between the hub and
remote satellite routers. Each IPGW is capable of supporting up to 20 Mbps of combined outbound/inbound throughput.
An IPGW can be used to support a virtual private network with private IP addressing or using the VLAN feature; a
single IPGW can support up to 16 private virtual networks. Additional IPGWs are added as needed, based on traffic
requirements.
QQ HX ExpertNMS. This is the Network Management System (NMS) portion of the HX systems.
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES

www.hughes.com

White Paper

Network Partitioning
The starting points in partitioning a network are the IPGW and the IQoS associated with the VNO. For each VNO, a wholesale
operator can either dedicate an IPGW or use the VLAN tagging capability of the HX System to provide a virtual IPGW (that is,
a single IPGW can support multiple VLANs). At the most basic level, a partition would consist of the IPGW and the remote
terminals connected to the IPGW as illustrated in Figure 3.

IP P rocessing S ubsyste m
VLAN 1
VLAN 2

IP G atew a y #1

VLAN 16
VLAN 1
VLAN 2

IP G atew a y #2
VLAN 16

VLAN 1
VLAN 2

H IG H-S
H S P E E D IN T E R N A L LA N

IP W AN

R eturn C hannel S ubsystem

IP G atew a y #N

D N C C #1
(return channel bandw idth m anager)

C D S #1
D e m o du lato r
fo r u p to 2 .5 M sp s
ove r 9 C h a n ne ls

C D S #N
D e m o du lato r
fo r u p to 2 .5 M sp s
ove r 9 C h a n ne ls

Shared

C h a n ne l 9

C h a n ne l 1
C h a n ne l 2

C h a n ne l 9

F orw a rd C hannel S ubsyste m


S atellite G atew a y
D V B-S 2 M od u lato r

VLAN 16

Dedicated

C h a n ne l 1
C h a n ne l 2

HX ExpertNMS

Figure 3. Network Partition Using IP Gateway


The IPGW and the remote terminals are shaded blue in Figure 3 to show that these items belong to the VNO and are entirely
within the control of the VNO. The yellow shaded areas are the common equipment shared among the various VNOs within
the network.
For the outbound bandwidth, the IPGW can be configured with a Maximum Committed Information Rate (Max CIR), which
limits the maximum throughput the IPGW is allowed to transmit data. This Max CIR is configured by the service provider
based on the overall bandwidth subscription agreement with the VNO.
The service provider is free to oversubscribe his outbound bandwidth based on precalculated contention ratios. During
peak load periods where the amount of traffic being offered by all the IPGWs is greater than the outroute capacity, the
satellite gateway provides flow control feedback to the IPGWs, allowing them to slowly reduce how much outbound traffic
they are forwarding. When the offered load goes down, the IPGWs increase their rate back toward their individual maximum
configured value. In addition to oversubscribing the total configured traffic CIR from all of the IPGWs, it is also possible (and
typical) to oversubscribe the total bandwidth available to the individual users within an IPGW.

HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES

www.hughes.com

White Paper

Network Management Domain


One of the critical elements for a successful VNO offering by a wholesale operator is the capability to provide the various
VNOs a partitioned access to the NMS. The key is that the VNO should be able to control its own network elements
(IPGWs, remote terminals, and if applicable, return channel DNCC and CDS elements) but be prevented from accessing or
viewing other VNO components. In addition, the VNO should be able to see the state and status of the common network
equipment but should not be able to control the common equipment as it is the responsibility of the HNO to maintain the
common equipment. The HX Systems utilize a Network Management Domain (NMD) approach to supporting each of these
requirements.
The HX ExpertNMS supports multiple NMDs so that each VNO
can perform network operations (such as monitoring network
status and statistics) and overall network management activities
(such as configuration and control) on only the network
components controlled by that VNO. Figure 4 illustrates how
the HX systems support NMD for different VNOs. VNOs are
provided remote access into the NMS using a Web client.
The VN user classification system enables an HNO to allocate
specific user types for a set of VN template types. Users (which
can be the VNO or the end user) can then be created for these
types.
An HNO can enable an NMD for a VNO so that the VNO
is able to access only its IPGW, IQoS, and the remote
terminals connected to the IPGW.

VNO #2 Operator

VNO #1 Operator
Browser Client

NMD for VNO #1

NMD for VNO #2

IP Gateway #1
IQoS Plan #1
Remote Terminals

IP Gateway #2
IQoS Plan #2
Remote Terminals

Configure/Control Access

Configure/Control Access

Common Equipment View Only Access

Figure 4. Network Management Domain per VNO

Specific network management functions provided by the HX ExpertNMS include:


QQ Administration (HNO)
QQ Maintains the access control database, which contains operator and NMD information
QQ Authenticates operators by user ID/password login
QQ Logically separates network devices (satellite routers and hub components) into user-defined domains
QQ Implements operator access restrictions (monitor, acknowledge, control, configure, and configure override)
QQ Controls NMS resource usage by disconnecting idle sessions and freeing resources
QQ Monitoring
QQ Monitors the status of satellite routers by polling them for status information
QQ Manages the hierarchical groupings of VSAT by NMD and other sort criteria
QQ Provides incremental status and topology change information to connected clients
QQ Configuration
QQ Allows privileged operators to add and delete VSAT and hub components in the database
QQ Manages the configuration of VSAT and hub components in the database
QQ Organizes common sets of configuration parameters into profiles and manages the distribution of profiles to VSAT
QQ Manages software file versions and the distribution of software files to VSAT and hub components
QQ Generates individual parameter files and parameter profile files for VSAT and hub components based on parameter
information in the database
QQ Maintains a log of configuration changes made by operators
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES

www.hughes.com

White Paper

All elements of the Hughes solution are SNMP manageable including the hub and satellite routers. The HX ExpertNMS
supports SNMP-based north bound interface to an external SNMP-based management system, such as SMARTS, HPOV,
NetCool, etc. The SNMP traps generated by hub and remote VSAT components can be forwarded by the NMS to a configured
external SNMP manager used by the VNO.
The HX ExpertNMS also incorporates a unique Conditional Access Control (CAC) subsystem, which allows traffic to be
carefully controlled. The CAC subsystem ensures that traffic for one client is encrypted and protected from view by other
clients or VNOs.

Setting up a Virtual Network


An HNO can set up a VN through the following sequence of steps:
QQ HNO creates NMD for the corresponding service provider
QQ HNO creates logical and physical components that will be associated with the VN. These components include such
items as IPGWs, inroute groups, and IQoS plans.
QQ HNO creates VN:
1. Selects NMD
2. Associates the relevant physical and logical components with the VN
3. Defines user classifications/capabilities for this VN
4. HNO creates VNO users
QQ HNO optionally configures Profiles/Service Plans

HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES

www.hughes.com

White Paper

Figure 5 shows the HX ExpertNMS VN Management screen, which is the interface used to define a VN. Once defined, the
VN Manager is able to log in and see its network partition as illustrated in Figure 6. Within its assigned capabilities the VN
Manager can:
QQ Monitor VN and set thresholds
QQ Configure VN (add new VSATs/create Service Plans, etc.)
QQ Add new operators to the VN

Figure 5. VN Management

HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES

www.hughes.com

White Paper

Content

Figure 6. VNO Network Dashboard


The HNO Network dashboard shown in Figure 7 is used by the HNO to manage the allocation of resources to the various
VNOs. The HNO will use this dashboard as a means to visualize the configured VNOs. Clicking any of the VNO modules will
display a detailed configuration dashboard for that specific VNO.

Figure 7. Virtual Network Dashboard

HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES

www.hughes.com

White Paper

Figure 8 shows the various element management interfaces available to the VNO to conduct the following actions:
QQ Create profiles
QQ Create service plans
QQ Create VSATs

Figure 8. VNO Element Management

HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES

www.hughes.com

White Paper

Figure 9 illustrates the various configuration interfaces for the VNO components. These interfaces enable the VNO to perform
the following actions:
QQ Tweak limited IPGW settings
QQ Tweak IQoS plans

Figure 9. VNO Configuration Management

Conclusion
As the worlds leading provider of satellite broadband products and services, Hughes has been enabling and supporting VNO
services for many years. Hughes was one of the first companies to commercialize Shared Hub Services and developed the
key features that enable the provision of VNO-based services. Through the extensive capabilities and features of the Hughes
satellite broadband platforms, Service Providers can be confident that the Hughes solution enables superior VNO services.

Proprietary Statement
All rights reserved. This publication and its contents are proprietary to Hughes Network Systems, LLC. No part of this publication may
be reproduced in any form or by any means without the written permission of Hughes Network Systems, LLC, 11717 Exploration Lane,
Germantown, Maryland 20876.
HUGHES and HX ExpertNMS are trademarks of Hughes Network Systems, LLC. All other trademarks are the property of their respective
owners.

2012 Hughes Network Systems. LLC. All information is subject to change. All rights reserved.
HX SYSTEM VIRTUAL NETWORK OPERATOR CAPABILITIES
HUGHES PROPRIETARY
H47215 MAR 12

www.hughes.com
10

11717 Exploration Lane Germantown, MD 20876 USA

You might also like