APPLIC ATION NOTE Site Management for Ethernet Backhaul Kentrox monitoring and management products have been deployed globally for many years. This application note will discuss how the Kentrox Remote product is being used for site management in several locations in conjunction with Cisco and AlcatelLucent cell site routers (CSRs). It will also discuss the Kentrox solution for in-band and secure out-of-band remote management, alarming, and connectivity requirements. Kentrox Remote is a monitoring and control device that provides IP management connectivity to remote sites and equipment, such as microwave only sites, BTS shelters and cabinets, unmanned switching centers, critical hub locations, and Cisco and Alcatel-Lucent CSRs. All management-related traffic can be backhauled via IP over Ethernet or secure wireless access. Whether utilizing a secure wireless backhaul technology or a specific VLAN/VRF directly from the CSR, a technician can remotely troubleshoot, diagnose, and ultimately repair problems when they occur without the need for a truck roll to the remote site. If an existing microwave system needs upgrading or additional bandwidth, a technician can connect to the microwave units at the site and access the hardware immediately. The Kentrox site management solution can also connect to CSRs and deliver all related alarm information via out-of-band remote access to primary and ancillary site equipment, battery plant, generator systems, IP cameras, and other key administrative tools. This out-of-band connection provides troubleshooting and repair capabilities which complement other management tools that may already be in place. The flexible Kentrox platform will support IP access, alarm contact points that do not go through BTS systems, and terminal server applications for local management port access directly into the CSR. This allows technicians to execute special terminal-only commands and tests that would typically be blocked over a standard Telnet session. Using the Remote’s secure wireless connectivity enables service providers to leverage the benefits of cell site adjacency. For example, if a cell site were to lose connectivity, the wireless EVDO/ GSM/Node B access interface within Remote allows a signal from a neighboring site to provide a remote management session to the dropped site for diagnostic and repair purposes. Remote uses SNMP to report site-related alarm conditions. Cell site technicians have remote access to the cell site router’s console port, including the primary and standby console ports, if equipped. Monitoring and remote access functions are available using either in-band communication (via the Ethernet backhaul) or out-of-band communication (using secure wireless backhaul). Customers have the flexibility of selecting inband or out-of-band communication based on their network design. Data has been collected from sites using both the Alcatel-Lucent 7705 SAR and the Cisco ASR 1002. Figure 1 shows a high-level depiction of the Kentrox solution within a typical Ethernet backhaul environment. Remotely manage the network with the Kentrox site management solution. www.kentrox.com Page 1 APPLIC ATION NOTE Performance management • Gather device measurements and alarms generated by the CSR and other subsystems using the Kentrox Remote • Collect Remote SNMP performance data using the Optima management system • Trend and report site performance details using Optima Transport alternatives In-band and out-of-band transport alternatives are available using the Kentrox site management solution which extend EDN access to Kentrox Remotes deployed at cell sites. Figure 1: Kentrox solution in a typical Ethernet backhaul environment Kentrox site management solutions capabilities Fault management • Monitor and report CSRs and subsystem contact alarms • Prioritize dispatches by increasing alarm visibility • Monitor cell site alarm subsystem and alarm levels • Translate and deliver CSR SNMP messages and traps, including SNMP management for all other cell site subsystems • Maintain NOC visibility and facilitate trouble ticket generation Operations management • Directly access CSR console and other subsystem management interfaces from any EDN location to reduce Mean Time To Repair (MTTR) and truck rolls • Observe the CSR boot process and remotely execute special console key sequences to minimize router downtime • Offload CSR service affecting changes to Remote to avoid accidental outages • Remotely access a primary cell site that is unavailable using neighboring sites to troubleshoot errors caused by backhaul path failures Risk management • Deploy detection and deterrent devices to reduce expenses from equipment loss • Use security cameras to manage site security using the Remote RMX-3200 Power over Ethernet (PoE) enabled port • Monitor copper bus bars and straps using Remote RMX3200 discrete inputs • Capture images of offenders using Kentrox SecureSite Server image storage solutions www.kentrox.com Page 2 In-band case example: Cisco CSR The Kentrox Remote RMX-3200 architecture uses the in-band Ethernet backhaul transport path to the EDN. The transport path is in-band because it traverses a managed device, the Cisco ASR 1002 in this example. The Remote is LAN connected to the ASR 1002 using a 100BaseT Ethernet connection, and the Remote IP gateway is the ASR 1002. Static routes are configured on the ASR 1002 and fault-tolerant Cisco 9000 series (Viking) routers to route between the cell site and MSC. These routes are associated with the MGMT Virtual Routing Forwarding (VRF) table to separate operations management traffic from customer traffic. The Viking routers summarize subtending cell site MGMT networks and provide Ethernet VLAN 50 connections to the fault tolerant EDN access routers at the MSC. The EDN access routers redistribute the summarized routes onto the EDN using OSPF. The EDN access routers also contain the VLAN 50 access policy, restricting IP traffic flow between the cell site and EDN. Out-of-band case example: AlcatelLucent 7705 Service Aggregation Router The out-of-band architecture provides a seamless migration path throughout the Ethernet backhaul deployment process and provides fault tolerant access via an adjacent cell site during backhaulrelated outages. The architecture also supports the deployment of security camera image collection at a single Home Agent (HA) site as opposed to deploying servers at each MSC. The Remote utilizes a wireless EVDO modem for communication to the EDN. The integrated modem maintains a constant connection with APPLIC ATION NOTE a secure VPN server, a Kentrox Connect SCS installed at an HA site that functions as a VPN concentrator and manages the VPN secure tunnels across a public WDN (wireless data network). If communication to the site fails, coverage from adjacent cell sites allow the Kentrox Remote to remain connected to the EDN, providing alarm reporting and remote access to the CSR. Cell site router site management solution Remote access is available from any PC, typically a field technician’s laptop running a secure VPN over AirCard into the EDN. Standard third-party terminal emulator software is used to access the router’s command line and the software resides on the technician’s PC. When the router experiences an alarm, an SNMP trap is reported to the NOC. The trap identifies the CSR which reported the problem. This information, typically in the form of a trouble ticket, is delivered to the field technician who then establishes remote access to the relevant CSR to investigate. The technician establishes a TCP connection over the network through a the serial port of a Remote that is directly connected to the CSR’s console port. When a TCP connection is established, a virtual serial port is created and launches the terminal emulation software. The technician is then presented with a CSR login prompt. In addition to sending traps to the NOC, SNMP traps can also be sent to a regional management system, such as Optima. These systems display associated alarms and simplify the process of establishing remote access so a technician can quickly investigate the problem. When combining the Kentrox Remote with the Optima management system, the entire process of establishing remote access is accomplished with a few mouse clicks using the Optima user interface. Alcatel-Lucent 7705 SNMP alarms The Kentrox Remote is used to monitor the CSR Critical, Major, and Minor alarm contacts. Alarm conditions are reported to the NOC and regional SNMP management systems (such as Optima). Cisco ASR 1002 SNMP alarms The Kentrox Remote can proxy SNMP traps issued by the ASR 1002. Remote will report the alarm conditions to the NOC and regional management systems (such as Optima) using SNMP. Kentrox cell site equipment list Kentrox provides two site management solutions for a typical Ethernet backhaul network. Tables 1 and 2 outline the bill of materials for the Alcatel-Lucent 7705 out-of-band solution and the Cisco in-band solution. www.kentrox.com Page 3 Table 1: ALU 7705 Out-of-Band Part number Part description RMX-3221 Kentrox RMX-3221 (one) required per site, providing: • Integral EVDO modem with indoor antenna • 64 bi-state alarm inputs • 12 analog alarm inputs • Four control relay outputs • Eight RS232/RS422/RS485 serial ports • Eight 10/100 Ethernet ports (two supporting PoE) RMX-INSTKIT Installation kit containing a console cable and various fuses and components for mounting and powering the RMX-3221 LIC-REM-SCS Secure VPN license BLOCKB64WET Wire-wrap block for RMX-3221 bistate, analog, and control points CAB479-25 Alarm/Control cable for connecting RMX-3221 to BLOCKB64WET, where length in feet is indicated by the suffix (in this case, 25 feet). Two cables are required per RMX-3221. LTGPRO-1TNC Lightning/surge protector for outdoor antenna 110-00523-00 35’ RF cable (SMA-M to TNC-F) for connecting outdoor antenna to surge protector 36-486-001 Dual-band magnetic mount outdoor antenna (TNC-M) APPLIC ATION NOTE Part number 22-064-002 Part description RJ45-DB9F adapter for connection to cell site router’s console port. Two cables are recommended for each ALU 7705 for connection to the console port on each Control and Switching Module (CSM). Table 2: Cisco ASR 1002 In-Band Part number Part description RMX-3200 Kentrox RMX-3200 (one) required per site, providing: • 64 bi-state alarm inputs • 12 analog alarm inputs • Four control relay outputs • Eight RS232/RS422/RS485 serial ports • Eight 10/100 Ethernet ports (two supporting PoE) RMX-INSTKIT Installation kit containing a console cable and various fuses and components for mounting and powering the RMX-3200 Installation overview: out-of-band solution with ALU 7705 The Alcatel-Lucent 7705 router may be equipped with redundant control and switching modules (see Figure 2). One CSM will be active at a time, and the standby CSM does not allow login. Connection to both console ports is recommended to ensure remote access to the CSM that is active. 1. Confirm Kentrox secure wireless backhaul solution is operational 2. Install RMX-3221 (refer to Kentrox Remote installation guide) 3. Install BLOCKB64WET (refer to Kentrox Remote installation guide) 4. Install cable between cell site router’s alarm outputs (if equipped) and existing 66 Block Note: The Alcatel-Lucent 7705 router www.kentrox.com Page 4 requires a DB15M connector for alarm output connections. 5. Install cross-connect wiring between 66 Block and BLOCKB64WET 6. Install one serial cable between each CSR Console port and a serial port on the RMX3221 7. Specific installation details can be obtained from the market specific MOP procedure Installation overview: in-band solution with Cisco ASR 1002 The Kentrox Remote RMX-3200 is connected to the EDN in-band (see Figure 3). The RMX-3200 is cabled to the ASR 1002 using Ethernet and serial cables. The Ethernet connection provides EDN access through the MGMT VRF/VLAN 50 and the serial connection provides remote access to the ASR 1002 Console (CON) port. Cell site subsystems, such as power, site security, microwave, and HVAC, are managed using RMX-3200 port translation. Environmental conditions are monitored using RMX-3200 analog inputs. 1. Obtain assignments from Network Engineering a. MGMT LAN network/29 assignment b. RMX-3200 IP address and gateway c. ASR 1002 MGMT LAN Ethernet port assignment for RMX-3200 2. Install RMX-3200 (refer to Kentrox Remote installation guide) 3. Install one Ethernet cable between the assigned CSR port and Ethernet 3 on the RMX-3200 4. Refer to Figure 5 for the cable configuration. Shielded CAT5 twisted pair cable Kentrox P/N CAB542 or equivalent is recommended. Complimentary signals (TX+/TX-, RX+/RX-) must be twisted. 5. Install one serial cable between the cell site router Console (CON) port and a serial port on the RMX-3200 a. Refer to Figure 3 for the cable configu- Application Note APPLIC ATION NOTE Figure 2: Kentrox out-of-band solution Figure 3: Kentrox in-band solution For more information visit www.kentrox.com, email info@kentrox.com or call 800-733-5511. 04-18-003 02/10 Copyright © 2010 by Kentrox, Inc. All Rights Reserved. Kentrox is a registered trademarks of Kentrox, Inc. All other product names are trademarks or registered trademarks of their respective owners. Information published here is current as of this document’s date of publication, but is subject to change without notice. You may verify product information by contacting our headquarters. Kentrox is an Equal Opportunity/Aļ¬rmative Action employer.