| Oracle® Communications IP Service Activator User's Guide Release 7.2 E35290-01 |
|
|
PDF · Mobi · ePub |
| Oracle® Communications IP Service Activator User's Guide Release 7.2 E35290-01 |
|
|
PDF · Mobi · ePub |
This chapter introduces the concept of roles in Oracle Communications IP Service Activator and describes their function in applying policy and measurement to the network. The chapter:
Provides an overview of roles
Describes the role types that feature in IP Service Activator – system and user-defined roles
Explains how to associate a role with a policy target
A role is a means of grouping a set of policy targets that should ’attract' the same policy-based configuration, as shown in Figure 3-1.
You can associate roles with:
Some policy targets: a device, interface, sub-interface or VC endpoint
Policy elements: a rule, PHB group, driver script or measurement policy element (measurement or collector parameters)
IP Service Activator applies QoS and measurement policy elements to policy targets only where their roles match.
This means that you can target QoS or measurement policy to specific points in the network. Figure 3-2 shows this concept using a policing rule.
The ability to associate a role with any policy target down to the VC endpoint level provides a fine degree of control. For example, you can tag a group of sub-interfaces with a role to apply policy at the sub-interface level, independent of their parent interfaces.
IP Service Activator provides a set of system-defined roles that follow the DiffServ model but you can create additional user-defined roles. For example, it is possible to create roles that group interfaces according to their bandwidth and apply different policy to each set of interfaces in accordance with their bandwidth capacity.
Roles must be assigned to policy targets manually. You must assign a role manually for each device.
For information on associating roles with policy elements, see IP Service Activator QoS User's Guide. For information on associating roles with collector and measurement parameters, see IP Service Activator Network and SLA Monitoring Guide.
Both system and user-defined roles are further subdivided into device and interface roles:
A device role can be assigned to devices.
An interface role can be assigned to interfaces, sub-interfaces or VC endpoints.
IP Service Activator recognizes two types of role:
System-defined: a set of device and interface roles that support the DiffServ policy model.
User-defined: a role that has been created by a user.
Both system and user-defined roles are available across all domains.
You can list the device and interface roles that are currently defined in IP Service Activator on the Policy tab beneath the Roles folder. Figure 3-3 indicates which role each role icon represents.
System-defined roles follow the DiffServ model. See IP Service Activator Concepts for details of the policy model.
You can assign one system-defined role and multiple user-defined roles to a policy target. Policy elements can be associated with only one system-defined role and one user-defined role.
Note:
If you are implementing MPLS VPNs or measurement-only VPNs with IP Service Activator you must use system-defined roles. For information about how roles are used within MPLS VPNs, see IP Service Activator VPN User's Guide.The following system-defined roles are provided in IP Service Activator. The roles are divided into two types: Device and Interface.
Device roles:
Access: Devices that provide access to the core network or WAN from an external subnet or customer LAN. Equivalent to the Customer Edge (CE) role in MPLS VPNs.
Gateway: Devices on the edge of the core network or WAN that directly connect to the local or customer access device. Equivalent to the Provider Edge (PE) role in MPLS VPNs.
Core: Devices within the core network. Equivalent to the Provider (P) role in MPLS VPNs.
Shadow: Devices dedicated to Service Assurance Agent (SAA) measurements in a Service Provider's Points of Presence (POP).
Interface roles:
Local: An inbound interface from a customer site.
Access: An interface that connects Gateway and Access devices.
Core: An interface that connects two Core devices, or a Core and a Gateway devices.
Disabled: A non-managed interface.
The points in the network at which these roles apply in the DiffServ model are shown in Figure 3-4.
For information about the Shadow role and SAA measurement, see IP Service Activator Network and SLA Monitoring Guide.
Note:
You cannot delete system-defined roles.You can create user-defined device and interface roles and assign any number of user-defined roles to a policy target. By assigning multiple roles to a policy target, it becomes a member of several role groups.
You can assign user-defined roles to policy targets in combination with system-defined roles.
The number of roles you need to create depends on the network set-up and the number of variables that affect policy. For example, you may need to create roles that classify policy targets by link capacity, device function, customer and service package. For an example based on user-defined roles, see IP Service Activator QoS User's Guide.
Note:
The ability to create roles depends on your user security level. See "User Access Levels and the Client" for more information.To create a role:
On the Policy tab, select the Roles folder.
Select Add Device Role or Add Interface Role from the context menu.
The Device or Interface Role dialog box appears.
Enter details including Name and Remarks.
You cannot delete a role that is linked to a policy element or to a policy target – unlink the role before deleting it. You cannot delete system-defined roles.To delete a role:
On the Policy tab, select the Roles folder.
Select the device or interface role that you want to delete.
From the context menu for the role, select Delete.
You must assign one or more roles to each device and interface, sub-interface or VC endpoint to be managed in order to define the points in the network at which services will be configured and policy applied.
You can assign one system-defined role to a device, interface, sub-interface or VC endpoint, and any number of user-defined roles.
You can apply a role by:
Manually assigning the role to an object
When you apply a role manually, the role applies to the selected policy target only.
Assigning roles to the devices and interfaces in the domain is an essential part of setting up IP Service Activator.
You can apply a role to a policy target manually using the object's properties dialog box.
Caution:
If role assignment rules are subsequently applied, where a policy target matches the parameters specified by a role assignment rule, a manually-assigned role is overridden (and configuration associated with the previous role is removed). The exception to this is the system-defined interface role Disabled, which is never overridden. Role assignment rules are not recommended.To assign and unassign a role manually
Open the Topology tab and select the device, interface, sub-interface, or VC endpoint to which you want to assign a role.
From the device or interface's context menu, select Properties and select the Role property page.
The property page lists the currently-defined device or interface roles.
If you want to assign a role, select the check box associated with the role name.
Note:
You can only assign one system-defined role. Selecting another pre-defined role to the list replaces the previously-assigned role. You can assign any number of user-defined roles.If you want to unassign a role, deselect the check box associated with the role name.
|
 Copyright © 2011, 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
