Juniper BNG Solutions

Prepared by: İsa Gök – Sekom – Senior Network Technologies Engineer

BNG (Broadband Network Gateway)

BNG is a service point that provides subscriber access to broadband services offered by an ISP (Internet Service Provider). The access request is sent by the user equipment (CPE – Customer Premises Equipment), and based on the BNG operating mode, it either terminates the incoming request and manages it itself or redirects it to another BNG for management.

Subscriber Access Methods

• PPPoE (Point to Point Protocol Over Ethernet):
  PPPoE is a protocol used for authentication and IP assignment over Ethernet using the PPP protocol. Access methods such as OLT, DSLAM, and CMTS utilize PPPoE for broadband service access. PPPoE carries the subscriber’s identity (username/password) information, and BNG manages this information through the AAA (Authentication, Authorization & Accounting) service.
• DHCP (Dynamic Host Configuration Protocol):
  BNG can terminate and manage users requesting IP addresses via DHCP as subscribers on its platform. AAA integration can be used for this termination process. DHCP is typically used for devices/services that do not have or do not require PPPoE authentication capabilities.

BNG Operating Modes

• PTA (PPP Termination Aggregation):
  In this operating mode, BNG directly terminates incoming PPPoE and DHCP requests on its platform. DHCP and AAA integrations are used for this termination process.
• LAC (L2TP Access Concentrator) and LNS (L2TP Network Server):
  The service provider may want to redirect the traffic of users whose physical connection terminates within its own network to another BNG. This BNG can be either a BNG within its own network or a BNG belonging to another operator. In this case, the first BNG receiving the traffic functions as the LAC, and the BNG terminating the PPP traffic directed by the LAC operates as the LNS.
• Traffic between LAC and LNS is carried through L2TP (Layer 2 Tunneling Protocol) tunnels.
• In some cases, the LNS may be required to forward the traffic received via the L2TP tunnel to another LNS. This operating mode is called LTS (L2TP Tunnel Switch).

The support status of these operating modes may vary depending on the manufacturer’s solutions.

AAA (Authentication, Authorization & Accounting)

BNG communicates with the AAA service via the Radius protocol for subscriber management. AAA holds a critical position in the BNG architecture. In addition to user authentication, it is also used to send/receive parameters related to the user’s services and to assign additional services.

BNG can send information related to the user session through periodic accounting messages. This information can be used for calculations related to the user account (e.g., billing). Active user services on the BNG can be managed via CoA (Change of Authorization) Radius packets.

IPv4 & IPv6 Dual Stack

BNG can terminate an IPv6 session for subscribers in addition to the IPv4 session. This allows subscribers to access broadband services in a dual stack architecture. Dual stack operation not only enables more efficient use of IPv4 resources for service providers but also reduces the use of CGNAT resources.

CGNAT

BNG solutions can support the provision of CGNAT services without requiring an external solution. For ISPs, the critical issue here is that CGNAT logs must contain the necessary records in the format required by the regulator. This situation may vary depending on the BNG manufacturer.

Juniper BNG Platform: MX Routers

The Juniper MX family consists of virtual, fixed, and modular platforms, powered by the Junos operating system and Juniper’s proprietary Trio chipset, offering a wide range of features.

Juniper MX routers support BNG features. It is possible to use PTA, LAC, and LNS operating modes on separate hardware or combined on a single hardware platform. In terms of subscriber termination, it offers suitable solutions for both small/medium-sized and very large-scale networks.

With PWHT (Pseudowire Headend Termination) support, it can terminate users coming through VPN.
With HCoS (Hierarchical Class-of-Service) support, it can apply separate QoS to individual user sessions.
For uninterrupted operation of subscriber services in case of hardware failures, it provides line card and chassis redundancy solutions.
The MX series offers 100G support even in the smallest platform and supports 400G connections on other platforms.

In addition to the BNG function, the MX series, with its high capacity and extensive feature set, can also be used for purposes such as MPLS VPN services, Internet/Peering Gateway, DCI Router, and Mobile Backhaul.

Modular platforms, with service card support, provide additional services such as CGNAT, Stateful Firewall, Intrusion Detection Services (IDS), Traffic Load Balancer, DNS Request Filtering, URL Filtering, and IPsec services.

Juniper MX series routers enrich full-functional BNG support with high capacity, extensive feature set, and the reliable Junos operating system.

For more information on how we can best serve your organization and to learn more about our Network Communications expertise, visit our page and fill out the contact form to get detailed information from our experts.