Introduction
A Broadband Remote Access Server or Broadband Network Gateway (BRAS/BNG) is a key component of an Internet Service Provider’s network. Let’s take a look at what exactly a BRAS/BNG is and how it works.
BRAS vs BNG Terminology
First, let’s clarify the differences between these two terms. The term BRAS is older and was generally used in DSL service. BNG is the newer term for the same concept in the context of Fiber To The Home (FTTH) deployments. Both terms mean the same thing but BRAS is somewhat outdated.
What Does a BRAS/BNG Do?
A BRAS/BNG serves as an aggregation point for customer traffic before it reaches the provider core. It serves as the default gateway for the customer routers. The BRAS/BNG is also responsible for Authentication, Authorization and Accounting (AAA) of subscriber sessions. Finally, it is responsible for assigning IP addresses to customers and performing NAT if necessary. Let’s look at each function in further detail.
Aggregation
When we talk about aggregation in networking we mean funneling of traffic to a centralized point. Aggregation is usually done so that we can apply policy and manage traffic at the aggregator. This is why we aggregate traffic at the BRAS/BNG. Customer traffic needs to reach the BRAS/BNG first so that we can apply AAA, NAT, and IP Assignment.
Authentication, Authorization, and Accounting (AAA)
The BRAS/BNG will communicate with RADIUS servers to authenticate the subscriber. Authentication was classically done using either credentials given to the customer or port/circuit based authentication. In modern times there are more sophisticated methods that differ depending on the provider.
The RADIUS servers will also tell the BRAS/BNG what bandwidth/service the customer is paying for. This allows the BRAS/BNG to apply the appropriate QoS settings for that customer. This is the authorization component of AAA.
For Accounting, the BRAS/BNG can keep logs of network activity or performance. Things like which IP Address was assigned to a customer are tracked as part of accounting. This does not mean that the BRAS is tracking your browser history. Only information required for troubleshooting and guaranteeing QoS as well as any legally required information is collected.
IP Address Assignment (PPP, DHCP)
IP Addressing can be done using point-to-point protocol (PPP) or DHCP. PPP also performed credential based authentication so it was more popular in the DSL era. In most modern ISP networks, credential based authentication is no longer used so DHCP is preferred.
Carrier Grade Network Address Translation (CGNAT)
In providers that use CGNAT, the BRAS/BNG will perform that function as well. CGNAT is simply NAT done by the carrier to limit IPv4 address exhaustion by allowing multiple customers to share public IPv4 addresses.
How a BRAS Works In DSL
In DSL, the BRAS is the first layer 3 hop for customer traffic. There are a few layer 2 devices in between though. Let’s look at the path to the BRAS.
When a DSL customer router wants to send traffic to the internet, it will first send the packet to the DSL Modem. The DSL modem will modulate the signal onto the copper phone line and send it to a port on the local DSLAM. DSLAM stands for Digital Subscriber Line Access Multiplexer.
The DSLAM was a multiplexer that aggregated traffic from hundreds of DSL subscribers onto higher bandwidth T-3 or OC-3 lines. From there, the customer traffic would travel through the DSL access network to the BRAS. Traditionally for DSL aggregation ATM switches were used. Each subscriber was assigned a dedicated ATM PVC to keep traffic separate.
Asynchronous Transfer Mode (ATM) was a layer two networking protocol that became the standard for DSL. A Permanent Virtual Circuit (PVC) in ATM functions similarly to a VLAN in Ethernet. In DSL, the PVC would run from the BRAS to the Modem. It acted like a leased line, creating a layer 2 adjacency between them.
Over the PVC, the DSL modem would authenticate with the BRAS and forward layer 3 traffic to it. The BRAS would then direct the layer 3 traffic through the provider’s core network towards the appropriate internet edge router.
To clarify, a BRAS is not actually a “server”. Instead it is a router with subscriber management capabilities. Examples would be the Cisco ASR and Juniper MX series.
How a BNG Works in FTTH
The FTTH traffic flow model is similar to its DSL predecessor. However, it uses optical devices instead of phone lines and it uses Ethernet for aggregation instead of ATM.
Instead of a modem, the customer router sends its traffic through an Optical Network Terminal (ONT). The ONT sends the traffic through a Passive Optical Network (PON) to an OLT. An OLT (Optical Line Terminal) uses Wavelength Division Multiplexing as well as Time Division Multiplexing. Thanks to multiplexing, the OLT can service over 100 ONTs on a single port.
Once customer traffic reaches the OLT it is placed onto a VLAN. The OLT then trunks those VLANs over either optical transport or a layer 2 tunnel to the BNG. This creates a layer 2 adjacency between the BNG and the customer router. The customer router can now authenticate with the BNG and forward internet traffic to it.
Some more modern OLTs can perform BNG functions themselves. They will then forward the customer traffic directly to the provider’s core which simplifies the process.
Conclusion
We have covered the definitions of BRAS/BNG and explained their use cases. We have also looked at traffic flow in DSL and FTTH deployments to see how traffic reaches the BRAS/BNG. I hope this article helps you understand what a BRAS or BNG is and the role it plays in a service provider network