Show Menu

AVPN cheat sheet Design

This is a draft cheat sheet. It is a work in progress and is not finished yet.

Service Overview

Service Overview
A. AT&T VPN Service Options & Value Propos­ition:
(a) AVPN is a single MPLS VPN service with multiple CPE management options:
AVPN Transport (Customer manages premises CPE)
AVPN Transport & Lite Managed Router
AVPN Transport & Managed Router
Support for hybrid networks (mix of managed and unmanaged options in a single contract)
• Enables customer to select management option they desire on a site-b­y-site basis
• Enables the customer to move up and down the management continuum as their requir­ements dictate

B. Bandwidth / Protocol Options:
IP Ports (PPP, MLPPP, FR Encap): up to 622M
a. Fractional T1, only in case of E2A migration
b. NxT1 (up to 8)
c. Sub-rate T3, Full T3, sub-rate OC3 / STM12
d. Ethernet (Shared and Dedica­ted): up to 1G

C. Managed Router Options AT&T owned, Third party supplier owned: if the pricing is ICB, follow the process in the Sales One Intern­ational Countries job aid to get approval and router / router feature pricing, Customer “must” own -no longer available but may be ordered through custom to support Customers
D. Lite Managed Routers: For customers who do not need the full management option and are looking for a lower price point, Lite Managed Routers have 8 hours a day, 5 days a week, Next Business Day parts only support, where Managed Routers have 24 hours a day, 7 days a week, 4 hour onsite parts and AT&T tech support, Customer needs to have a person on site that can receipt replac­ement hardware and install same; which might include opening the router chassis and installing a replac­ement card or memory stick
Service Overview

COS Package Profile - 4CoS

CoS Packag­es/­Pro­files for AVPN :

Customer can also select ‘Standard Data’ – No CoS (no additional charge)
• Based on CoS package selected, Customer is entitled to select from various CoS profiles (or CoS bandwidth %’s)
o Profiles available vary based on whether customer choses 4CoS or 6CoS model
• 6CoS model provides for use of two additional data classes (CoS 2v and CoS5) and more granular bandwidth
• 6CoS Classes
o CoS1: Designed for jitter- and latenc­y-s­ens­itive applic­ations like voice and video.
o CoS2v: designed to carry very high priority business applic­ations (e.g., Citrix) or jitter­-se­nsitive applic­ations like video when CoS1 is already in use.
o CoS2: Designed to carry high priority business applic­ations (e.g., Sap, Oracle)
o CoS3: Designed to carry medium priority business applic­ations (e.g., http)
o CoS4: Designed to carry low priority business applic­ations (e.g., email, ftp) and is used as the default setting if no CoS is chosen.
o CoS5: Designed to carry low priority background business applic­ations or it can be used as Scavenger (only competes with other classes for unused bandwidth)
Bandwidth is then allocated per logical channel based on CoS profil­e/b­and­width allocation selected
CoS Packag­es/­Pro­files for AVPN :

Port Level Cos on the PE and CE side

Port Level Cos on the PE and CE side

Logical Level CoS – CE side

Logical Level CoS – CE side

Resiliency Options:-

Single CE, Dual Access lines, Primar­y/B­ackup
Single CE Dual Access lines, Load Sharing
Dual CE, Dual Access, Primar­y/B­ackup
Dual CE, Dual Access, Load Sharing
Resiliency Options – ANIRA / AVTS Service Interw­orking (SIW)

Load sharing links must be same port type, speed, and CoS
Primary and backup links can be different port speed and CoS. Backup PORT speed must be at least 50% of the PORT bandwidth of the primary link.
Resiliency Options

Diversity (POP and Switch):

(1) MPLS Port Switch Diversity Option (custom in MOW)
A. Ports are provis­ioned on diverse switches within the same POP
B. Customer defines diversity groups – places ports in those Groups.
C. AT&T ensures diversity.
(2) MPLS Port POP Diversity
A. Ports are provis­ioned on diverse switch­es/PE’s in diverse POP’s
B. Customer defines PoP Diversity groups – places ports in those Groups. AT&T ensures diversity.
C. See FAQ on OIL for a complete descri­ption of Diversity:
Diversity (POP and Switch):

Unlink :

A. Unilink is supported on all FR IP ports T3 & above supported with FR encaps­ulation format only
B. Up to 12 Logical Channels for POS/Fr­Enc­ap/­ATM­/Et­hernet Ports
C. Note: In case of ASE Ethernet access with 1000BT (Elect­ric­al/­Copper interface) only a MAX of 8 Logical channels are supported.
D. All routes terminate on single routing table in customer CE
E. VRF-Lite (aka MPLS in a box) support with Unilink is available
Unlink :

Other Supported Features:

a) MD5
b) BGP-R
d) Flat-Rate Billing and Usage Based Billing (UBB) options
e) Hub and Spoke
f) Cascaded Router Support
g) Routing Restri­ction
Other Supported Features:

Handling Disco/­Return IP address task:

Return IP address is before TTU and Disco IP address if after TTU so only Disco you need to create Adhoc task for IP provider and US ip Provider since lot of stuff to validate before we release the IP address.
Handling Disco/­Return IP address task:

Technical Notes

1. First ask customer if you’re migrating from existing service or if this is LAN activation for brand new site.
2. IP addresses and masks with customer. Compare LAN IPs, LAN helper IPs, standby IPs (will get to this later), DUPLEX­/SPEED.
3. Routing protocol parameters (OSPF, EIGRP,BGP)
4. Monitoring protocols (SNMP, Netflow)
5. Standby protocol and standby parame­ters. check if you have correct standby protocol configured for your backup solution. You can have one of 3 types of standby protocols – depends on your backup solution.
6. VRRP – Virtual Router Redundancy Protocol – used when your backup solution is ANIRA (NETGATE).
7. HSRP – Hot Standby Router Protocol – used for any other backup solution – dual AVPN/EVPN routers, AVTS router as a backup, ANIRA (CISCO)
8. For HSRP you can check standby IP address, standby version, standby group and priori­ties.
9. If the Data and Voice Migration (BVoIP) need to migrate at the same time (single LAN Migration Window), then inform to OM to get BVOIP team engaged accord­ingly
Technical Notes

LE to PE notes:-

Customer: DSPA / ABC
Order: ISR200­507­39350
Site: Singapore, Singapore
Resili­ency: No resiliency

Reassign 'Build CER Enhanced Config' task to LE? NO

Traffic Classi­fic­ation: DSPA_TC702

BFD Required? NO


SAA Probe Required? YES

Responder Site ID: EIDNASHVA
Responder Hostna­me/­Loo­pback: TBD
Probe Type: SAA_1J­_2U­_2V­J_3­U_4U_5U

Responder Site ID: EIDNASHVA
Responder Hostna­me/­Loo­pback: TBD 32.245.18­0.154
Probe Type: SAA_1J­_2U­_2V­J_3­U_4U_5U

Additional instru­ctions:
- Order features: Dual Stack IPv4/IPv6

Create technical notes :-
LE to PE notes:-

Tools Used

Follow the descri­ption of all the systems and tools required to an Engineer in order to perform LE activi­ties.
- EFMS – workflow system with tasks & tracking order progress
- GIOM-For technical order entry into systems
- Pollers – jumpse­rvers that allow access CE Router
- Action – operations tool to get all inform­ation about routers and customer
- IPSA and PAL – to configure QOS.( For QOS config­uration design)
- Rapido – to create basic and enhanced configs + lan migration
- NC3 – a complete database of the site, inventory tool for validation and updating
- ICORE– backbone tools
- IGLOO – access and telco inform­ation for circuits
- GRDB – Global Resource Database (For verifying existing customer network)
- PCS Homer – Post Customer Signature (PCS) / Custom Contract Status Tool
- One-Off Lists – BET (EVPN/AVPN Availa­bility Matrix)
- ETG- For equipment ordering & servic­e/f­eature implem­ent­ations
Tools Used



RDS Valida­tion:

C) Order Types (AVPN , VVBE, VVB, PMAC)
E) Parameters to validate
RDS Valida­tion:

AVPN Managed Out Of Band (OOB) Connection Options:

A. POTS (AT&T provides POTS modem & Customer provides POTS Line connec­tion)
B. WOOB (AT&T provides Wireless Modem & provides Wireless connec­tion, Available in 55+ countries)
AVPN Managed Out Of Band (OOB) Connection Options:

Router packages are supported

Router Package Size and config­ura­tions depend on Access Type, Access Speed, Port Speed, Class of Service 1% (Real Time Traffic perfor­mance Need) and the physical interface type at the instal­lation location. Use ASAP/A­DOP­T/ROME tool to select the correct router model for a given location. System Rules guide you and select the default router. You can go to the next higher available router, if needed.
• AVPN Equipment spread­sheet
A. Very Basic
B. Basic
C. Small
D. Medium
E. Large
F. XLarge
G. Xlarge+
Router packages are supported

Service Intero­per­ability (SIO) Options:

Provides site intero­per­ability between PNT sites (managed and unmanaged) and AVPN sites (managed and unmanaged)
Service Intero­per­ability (SIO) Options:


BFD sends small, periodic heartbeat messages used to detect forwarding issues between the AVPN service edge (PE) and the customer router across either an IP or Ethernet circuit. It allows for fast detection of a circuit problem, so that the traffic can be re-routed over a backup link quickly. BFD is supported on Ethernet and IP ports on IPv4

Routes Groups

Provides ability to share routing policies amongst a group of customer sites, e.g., selection of different internal Internet Gateway sites for specific subsets of remote sites.
Routes Groups


Multicast Feature Support –Depends on Transport availa­bility

PAL TC: (Ip handling, BVOIP, MC, COS model)

1. TC is not in PAL database
2. TC mismatch in PAL for Address mode; Catch-all; Fragments; Service; GRUA; TC number; Domain­/Region
3. TC mismatch in PAL for COS model (if COS4 or COS 6)
4. TC excludes Multicast
5. TC excludes BVOIP
PAL TC: (Ip handling, BVOIP, MC, COS model)

General Gaps:

1. TC`s are faulty, missing, not complete (see more details above)
2. AVPN LM (E2A)  the existing setup is not reviewed before the migration (EVPN, PNT or AVPN sites) = should not be reviewed prior to the TTU or during the RDS valida­tion??,
i. Therefore, features are incorrect as: BGP AS, routing, IP addresses, COS profile, incorrect VPN is assigned etc.
ii. or we are missing components on the new instal­lation due to this: an additional lan port, Voice card, NBFW, PNT SIO etc.
3. VPN Name , GRUA mismatch
4. IP addresses are assigned from an incorrect region.
5. SAA HUB and SPOKE are in a different VPN , reporting won’t work.
6. MIAB config is missing before the TTU.
7. Often customer expects a DATA+VOICE migration, however only our DATA team is on the call 
i. If we migrate from an old/ex­isting service where DATA+VOICE migration is needed in the same time how this is coordi­nated? Is LE respon­sible to provide info to MSIM about the solution?
General Gaps:

Best Practices: -

8. Ensure to Provide correct TC for the site in LE to PE notes.
9. Ensure to review the existing setup for Upgrade and Migrating sites (E2A or PNT to AVPN sites) for No. of LAN Ports used on old router and Services like BVOIP and NBFW.
10. Review the VPN Name, GRUA and notify the requester upfront where necessary to avoid correction MACD’s.
11. Review that SAA HUB and SPOKE are in same VPN, to ensure reacha­bility.
12. Ensure to add note to the PE for creating ad-hoc task for providing MIAB config before the TTU schedule and on receiving the task, upload VRF Lite configs ASAP.
13. Ensure to Review and provide note to OM/DTAC whether it is VOICE only or DATA+VOICE migration
Best Practices: -

Questions to ask yourself

1) Do I know why I am doing the work?
2) Have I identified and notified everybody (customers and internal groups Domestic and MOW) who will be directly involved or affected by this work?
3) Can I prevent or control service interr­uption?
4) When is the right time to do the work?
5) Am I trained and qualified to do this work?
6) Are the work request orders and supporting docume­ntation current and error free?
7) Do I have an implem­ent­ation plan? Have I walked through the procedure with the customer?
8) Do I have a test plan to verify my changes?
9) Do I have a back out plan? Do I have everything I need to quickly restore service if something goes wrong?
Questions to ask yourself