EntryPoint Developers – Developer Docs for Entrypoint Systems

8/20/2019 – v1.3

Definitions

Network Operator: the party responsible for the maintenance and operations of the physical infrastructure that constitutes the subscriber network.
Service Provider: the party responsible for delivering services across the network that are desired by the subscriber.
Subscriber: the owners of the network and the party subscribing to unique services on the network
Virtual Broadband Gateway (VBG): a physical device installed at the subscriber premise that serves as a demarcation point for the network at the premise
OpenEdge system: the suite of software tools and systems deployed by EntryPoint networks into the network operators network.

Introduction

As a provider on an EntryPoint Dynamic Open Access network it’s important to understand how you as a stakeholder interact and relate with the other stakeholders on the network. The figure below illustrates from a logical perspective how the network operator, the subscriber, and you, the service provider, are connected.

The following will describe the role of each stakeholder on the network and how they relate to and interact with the service provider.

Operator

The network operator will act as the gatekeeper between the service provider and the subscriber. The operator will be responsible for the physical on-boarding process for the provider as well as configuring and provisioning the necessary software components to all the service provider to offer services on the network.

The first task for the operator is to establish a physical network interconnect between your service network and their network. The operator will have a provider edge switch in their network in which you will terminate the connection to your network.

Once a physical connection has been established, the operator will assign a tag or label to your interconnect port. All traffic specific to your service will be logically isolated on the network based on your assigned tag or label. Records will also be created in the operator OpenEdge management system to represent your organization and the tag or label that has been associated to your service. With these minimum requirements completed you can begin the process of setting up the required components and services within your network to utilize the EntryPoint OpenEdge system and leverage the power of automation, software defined networking, and dynamic open access networks.

Provider

In your network there are several required components that must be setup and configured in order for the operator’s network and system to interact properly with yours. The EntryPoint OpenEdge provider software must be hosted on a VM system or installed on dedicated hardware in your network. EntryPoint will work with you to determine hardware specifications as required. Additionally, there will be a dedicated router that will act as a gateway been your bridged network and the operators bridged network. This will be used to isolate network traffic between the two systems. The router can also be used to isolate subscriber traffic on your network.

After the hardware and software have been installed and configured there are several networks that must be provisioned. The first is called a “walled garden” network. This network acts as a captive portal for all subscribers as they come on to your network. If accessing your network through a browser the subscriber will be redirected to a webpage in your network that can act as a payment gateway or account creation page. Once new subscribers have completed your sign-up process, software commands can be issued that will move the subscriber from your walled garden network into your production service network. There can also be a compliance network setup that will act as a captive network that can be used to manage non-compliant users or users who are delinquent on payment.

Subscriber

The connection between you and the subscriber is established when the subscriber selects your service in the OpenEdge subscriber portal and subscribes to it. This creates a relationship between the subscriber and you that is represented in the operator’s system as a database record and a logical connection is established across the operator network from the subscriber premise VBG directly to the port assigned to your service on the provider edge switch in the operator network.

Below are listed connection types that can be established from your service to a subscriber.

OPTION 1: Simple Connection

Description: The service provider will see the subscriber’s computer or router as an edge device on their network

Need to be Provided: Nothing is needed as this is the default behavior of the system

Explanation: The system provisions a layer 2 network between the selected port on the VBG and the port associated on the service provider switch. The traffic from the subscriber will be delivered to the provider network as untagged and unlabeled ethernet packets.

OPTION 2: Custom tag/label provided by Service Provider for Subscriber

Description: Network traffic from the subscriber to the provider network can have a custom / unique tag or label applied to it. This will give the provider greater control and flexibility in how traffic is managed and controlled.

Need to be Provided: A webhook location (API url) that EntryPoint software has access to from the operator network will return a compatible response with a provided tag/label that can be applied to network equipment at the subscriber premise. (See http://dev.entpnt.com/index.php/webhooks/ for more details.)

Explanation: During the provisioning process the EntryPoint software will communicate with the provided webhook for the provider service. Upon receiving a network tag/label, the layer 2 network information will be applied to all traffic sent from the subscriber to the service provider.

OPTION 3: Virtual System deployed to the subscribers Virtual Broadband Gateway

Description: The VBG has the ability to host a virtual system (VM). The VM image file is copied to the VBG and can act as a virtual point of presence at the premise for the provider.

Need to be Provided: A generic virtual system image that can be uploaded to the VBG at the time of service provisioning.

NOTE 1: Currently the virtual system needs to be compatible with a qemu32 or qemu64 cpu and e1000, virtio-net, or pcnet compatible network driver. The virtual machine will need to have two ethernet adaptors. The flow of traffic will come in one adapter and go out the other. This allows for additional monitoring or services that can be managed by or through the virtual system.

NOTE 2: Deployed VM’s require that all traffic go through a hypervisor. Because of this using a VM in your solution will decrease the maximum throughput that the subscriber will be able to achieve.

OPTION 4: Customized Virtual System deployed to Virtual Broadband Gateway

Description: The VBG has the ability to host a virtual system (VM). The VM image file is copied to VBG and can act as a virtual point of presence at the premise for the provider. Based on predetermined actions in the OpenEdge system and interactions with the provider system, custom configurations and actions can be pushed into the VM before it is loaded onto the VBG.

Need to be Provided: A generic virtual system image that can be uploaded to the VBG at the time of service provisioning. Additionally, the provider may provide a webhook url that the OpenEdge system can communicate with. OpenEdge will put a file at a specified location on the VM before it is uploaded to the VM. (See http://dev.entpnt.com/index.php/webhooks/ for more details.) Because this process adds communication between the network operator and the service provider, in the event of any failed communication the the generic virtual system image should still be able to function. A possible solution is that when the generic virtual system image is deployed without the custom provided file that the user is directed some place that allows them to complete the sign up process and have the VM customized after it is deployed and running on the VBG.

Explanation: During the service provisioning process the OpenEdge system will move the virtual system to the VBG and plumb the network so that the VM sits “on the wire” between the subscriber and the service provider. Any custom information that was put into the VM will be available to the VM as it boots and operates.

NOTE 1: see Option 3 NOTE 1 for virtual system compatibility settings

NOTE 2: see Option 3 NOTE 2 for virtual system throughput limitations