Home » Network Design » Making sense of Broadband networks – VLAN Model

Making sense of Broadband networks – VLAN Model

In the previous post we discussed the major considerations of a broadband network architecture. Now I want to discuss each of those points one by one adding some details. I will do this quick and might not be able to provide illustrations or configuration examples all the time due to time limits, so if anything is not so clear please let me know and I can reiterate this.

Qouting from previous post, I was mentioing that a provider has to make a choice between two major VLAN models or combine both:

“Which VLAN model? Customer VLAN (know as C-VLAN) or service VLAN (S-VLAN) or hybrid which combines both models.”

Lets start by outlining and describing each of them:

Service VLAN model:

Service VLAN model is usually referred to as S-VLAN model and it might be obvious from the name that VLAN separations are based on services. Simply each service is given it’s own VLAN and for every new service a VLAN is needed.

For example if a carrier provides internet, VoIP and IPTV services and is using S-VLAN model you would typically find three VLANs in such implementation, one for Internet traffic, one for Video services and one for VoIP services all the way from the CPE to the BNG. Then the three VLANs might be then terminated on a single or multiple BNGs (single or Multi-edge topologies).

One of the main benefits for deploying this model along with the multi-edge topology is that it provides great services redundancy and separation.  I have seen Internet outages at my home without having phone or IPTV services affected multiple times.This model  also allows  service providers to manage complexity of service delivery and  complexity of configuration if the VLANs are kept to minimum. It also gives providers the freedom to multi-vendor and deploy different types of equipment that best fit the service provided.

There are 3 implementations for the service VLAN model:

  • The first one is one VLAN per service. As an example let’s suppose that the customer is subscribed to triple play services and he has internet, telephone and IPTV at home. In such case typically the subscriber will have three different PVCs/VLANs on his CPE and three different IP addresses on the CPE. In most of the cases the CPE will also have 3 separate ports on the LAN side one per service and then each type of traffic will be routed to the appropriate VLAN on the CPE broadband side then the DSLAM and aggregation network to the assigned BNG.
  • The second  is to assign each DSLAM a VLAN and all services provisioned will be using one VLAN per DSLAM in which all subscribers connected to this DSLAM are using. This is one of the easiest models to configure and manage and I have seen it used in small service provider networks successfully.
  • The third delivery model is to assign a one PVC/VLAN per subscriber it’s then the function of the DSLAM/MSAN or aggregation network to do the separation of protocols based on Ethertype to split the traffic to the appropriate service VLAN and BNG. I have not seen this implementation myself or at least I am not aware of as I don’t deal with access networks for the time being.

Service VLAN might help reducing complexity in the provider network if services are kept limited and allow the freedom to manage resources efficiently. However services VLAN model has two major drawbacks. The first is that it makes it harder to account for subscriber usage/volume over different VLANs and the second is the security concerns due to the shared broadcast domain on a single service VLAN between subscribers.

Customer VLAN model or C-VLAN:

In this model each subscriber is given a dedicated path to the BNG and with all his services sharing the same VLAN and broadcast domain. Simple enough ..

But it raises two major questions.

The first is about scalability of this solution, this would highly limit the number of subscribers per port  wouldn’t it?

The key solution to this problem is  stacked VLANs. In this delivery model each subscriber is assigned his own VLAN but then all those subscribers VLANs on a single DSLAM are encapsulated in a second VLAN forming what is known as Q-in-Q traveling the path all the way up to the BNG and this would give us enormous theoretical scaling capacity per BNG port (make the math). But it’s not practically the real case due to other hardware/software considerations :)

The second question is that it would be a configuration nightmare to assign one VLAN per subscriber, wouldn’t it?

The short answer to this is No it isn’t and thanks to dynamic interfaces that made this possible, simply enough all of these interfaces are just created dynamically without the need of any manual provisioning.

Good but then a two more questions might come to your mind.  The first is about box resources in the case of creating this 1:1 VLAN mapping and this one I will not answer here as it’s out of scope and the second is be about Multicast.

Now the same Multicast stream has to traverse all the way down to different subscribers and this would be a poor utilization of resources, wouldn’t it?

Of course it is !

Here comes the beauty of the third model which is called the hybrid model . The hybrid model combines the pros of the two models S-VLAN and the C-VLAN with the cost of requiring extra intelligence or configuration in the access network to separate Multicast traffic from unicast. Briefly in the hybrid model it’s typically only IPTV (Multicast traffic) that is given a separate VLAN to avoid the inefficiency caused by sending the same multicast stream to each single C-VLAN all the way from the BNG to the CPE. The multicast replication job is then given to the MSAN/DSLAM to perform only on the local loop or so but as I mentioned this would require an intelligent access network to efficiently handle this job.

To keep this manageable for both of us, I will end this port here. In the next post, I will add some working examples to give you a good feeling of how things look  like in production. I am not sure if this post  was clear enough but if not just drop me a comment or an email if something is misleading or needs extra elaboration.

Happy networking :)


  1. Thanks Osama!!! Very good information!!!

  2. Very informative, but would be more clearly understood if you made small pictorial representations of the Vlan models.
    Keep up the good work. Cheers

Leave a Reply

Your email address will not be published. Required fields are marked *