Enterprise GPON / Zhone Questions

Hello fellow NANOG members

Let me start with a little bit of background, my day job is a Network Engineer for a local university where we have primarily a Cisco environment from phones to switching to routing, etc. Before my time, we hired a contractor to design a GPON LAN system for a new building as a cost saving measure (though I am not sure how successful that was).

Either way, the contractor is about to hand the system off to us, and we have gone through the training and such, and I feel confident in my ability to manage the system, but we have a few questions that the manufacturer of our equipment and our contractor didn’t really want to answer. We are currently using a Dasan Zhone MXK-F1419 with several different downstream ONT models (all Zhone).

-We would like to consider use of 3rd party GPON B+ Optics on the linecards to add redundancy to the splitter (as the cost of 1st party are too high). Does anyone have experience with 3rd party vendors/compatibility/stability issues? We were told they theoretically should work and just throw a log event, but it hasn’t been tested. If so, what vendors would you recommend? So far all we’ve really seen are Ubiquiti and Fiberstore optics.

-As GPON is a standard itself, I’m aware interoperability between OLT and ONT vendors is heavily limited… Does anyone have any experience using say, Zhone ONT’s with a different model OLT, or Zhone ONT’s with a different model OLT? I’ve heard word that Zhone ONT’s may be able to work with Nokia OLT’s but it’s technically not supported.

-We’ve already experienced some pretty big stability issues (have replaced 1 line card 5 times…), our contractor is saying it’s just because we were a pretty early adopter of this line and that they’ve fixed it and fixed internal policies to add additional QA and testing before shipping to customers. Does anyone have any experience with working with Zhone and their overall stability of components?

• Any other thoughts/gotchas/advice for deploying a GPON environment in a corporate LAN? (or about deploying a Zhone solution) It’s pretty service provider oriented, and is incredible noticeable in the CLI.

-Is anyone familiar with Zhone CLI? The apparent lack of any “show” configuration commands is infuriating.

Feel free to contact me offlist if you have any pertinent info that you don’t want on the list.

Thanks,

Nick Bogle
nick@bogle.se

I don’t really have any advice to offer here (sorry), but I am curious how setting up a GPON LAN would save money vs just getting cheaper switches…and also what a GPON LAN even looks like. Does every office or classroom have an ONT?

Hi Ross

Every room will have a small switch style ONT. These devices can have a small battery for power outages and provide PoE to voice over IP phones. Typically the ONT switch has from 4 to 24 copper ethernet ports.

The building will have a tree like structure of splitters. For example if there are four floors, you might have a 1:4 splitter at the entrance to the building, then on each floor you could have another 1:4 splitter to four sections and then in each section you might have a 1:8 splitter to provide network to 8 rooms. Of course this could be designed in many different configurations depending on the needs and layout of the building. The maximum combined splits is 128. In my example we had 448 = 128 splits. If you need more, you will deploy additional OLT ports with new splitter trees.

As to cheaper I can not say. I am not selling any of this stuff. I can say that the price for a small 4 port ONT switch is about USD 50 to 100. The battery is extra but not very expensive. It is just a small cell phone style battery that plugs directly into the ONT, not a full UPS system.

It is possible to build this with redundancy. I suspect it is rarely done. The redundancy works in the way, that the 1:8 splitter can be replaced with a 2:8 splitter. This has the same power budget, but you get two input ports to the splitter. Only one can be active at a time. The GPON OLT switch needs to coordinate which of the input ports is used. How that is done is vendor specific. You would build an independent backbone tree for the second input port to the splitter.

It is possible one should not choose this system over a traditional approach, but the people screaming “rip it out” are out of line IMHO. It would be a huge expense to rewire a building with copper and they already got a working fiber system. Much can be said about GPON but it is actually quite stable and easy to manage.

Compared to the traditional approach, you will only have one centralized GPON switch to manage. All the small ONT switches are managed through this. Complaints about the interface is vendor specific. Because there is only one centralized switch, it would be fairly cheap to switch vendor. Much cheaper than to rewire with copper in any case.

Regards,

Baldur

I don't think anyone is saying replace the existing fibre with copper,
but instead to run cheap SFP-equipped switches in basically the same
topology as the GPON you described.

For a new build, less splitting and more copper in-building would be
cheaper and easier.

Aled

It is possible one should not choose this system over a traditional approach, but the people screaming “rip it out” are out of line IMHO. It would be a huge expense to rewire a building with copper and they already got a working fiber system. Much can be said about GPON but it is actually quite stable and easy to manage.

I don’t think anyone is saying replace the existing fibre with copper,
but instead to run cheap SFP-equipped switches in basically the same
topology as the GPON you described.

That would still be costly in time and money with no obvious gain. You would get some downsides however. Now you have many single point of failures, a lot of small switches at the splitting points that need power backup and be managed. And exactly the same issue with PoE that someone raised. Only you will find more GPON ONT switches that already have the PoE with a battery build in, because those devices where made to answer that.

Again not saying that you would make a new build in any particular way, but to rip anything out of a brand new build requires justification. The original poster might indeed have justifications, but the people recommending to “rip it out” does not appear to have anything, but that this is GPON technology. If your justification is that you only want to work with technology known to you, then it is maybe you that needs to be replaced.

It is certainly possible to build something close to the GPON system using WDM instead. It is going to be more expensive. GPON splitters are very cheap, WDM splitters less so and the DWDM SFP modules way more expensive than the typical ONT. CWDM modules can be the same price as the ONT but you need to add a switch to that. You will also have a problem with the multi level tree approach.

For a new build, less splitting and more copper in-building would be
cheaper and easier.

Maybe. Those big fat copper runs get unwieldy and take up a lot of space. That GPON system might have a 12 fiber, 3 mm cable as the backbone and a maximum of 8 drop cables (2-3 mm) from the splitter. The drop cables are much smaller than cat 6 cabling.

Regards,

Baldur

Except you won't have one central GPON switch because LANs change
incrementally.

That throwback in office 412 with the fax machine? Can't simply buy
him a pots line. You get to futz with fax over the converged phone
system.

Speaking of the converged phone system, you're now committed to VoIP
on a VLAN. When you decide you want to switch to a physically
separated network for the phones, well, that's too bad because your
cabling infrastructure doesn't make that possible.

The AV lab gets screwed. You're running the coax they need through the
noisy electrical riser because you didn't build dedicated comms risers
and closets. Naturally nobody checked with them so you don't yet
realize they can't do what they need to do with video over IP
equipment.

And what will you do in 5 years when they want the computer lab in 204
upgraded to 100Gig? Maybe run some fiber all the way back to the
campus head end because as expensive as that is, it's still cheaper
than replacing the OLT with 100-gig capable equipment and then
replacing all the ONTs in the building because oops, there's no 100
gig OLT compatible with the old ONTs and you'd have to take the
building down for a week to forklift-upgrade the whole mess.

Folks have advised Nick rip it out now because they foresee the
slow-motion train wreck on its way. That may be extreme, but certainly
he should take immediate action to preserve his options. For example,
I would demand the creation of comms closets and risers before the
building opened and I'd threaten to quit if they weren't. At least
then the inevitable modifications can be structured and planned
instead of turning in to an ad-hoc mess.

Regards,
Bill Herrin

Compared to the traditional approach, you will only have one centralized
GPON switch to manage. All the small ONT switches are managed through
this. Complaints about the interface is vendor specific. Because there is only
one centralized switch, it would be fairly cheap to switch vendor. Much cheaper
than to rewire with copper in any case.

Except you won’t have one central GPON switch because LANs change
incrementally.

In my experience, a PON network is extremely flexible. Our FTTH network is ever expanding and there is no master plan. Whenever people in existing areas decide to buy our product or whenever people in a new area decides to take a vote to get us in their area, the network will expand as needed. Often we will discover that we could not make a planed crossing because of something in the ground, but we can just change plans and do it another place. We have a competitor that decided to use p2p (point to point ethernet over fiber) instead and I have watched how they are struggling because they had to plan everything from the outset, and we didn’t. The reason being that we use very little fiber for our backbone and can afford to change plans constantly. They need to backhaul hundreds or thousands of fiber strands to the central point, where they have the switches.

That throwback in office 412 with the fax machine? Can’t simply buy
him a pots line. You get to futz with fax over the converged phone
system.

GPON is actually ATM and will provide hard realtime bandwidth guarantees. ISDN delivery over GPON is part of the standard. You will reserve 2x64 Kbit/s channels and GPON guarantees that will always be 100% available with no dropped frames and no jitter. You can do fax, modems, anything that the public phone service will carry over ATM.

I have not personally tried this out as fax and modems are completely dead in my part of the world and nobody cares. But I have had a ONT (from Zhone no less) with ISDN ports (not POTS) and thought they are crazy.

Speaking of the converged phone system, you’re now committed to VoIP
on a VLAN. When you decide you want to switch to a physically
separated network for the phones, well, that’s too bad because your
cabling infrastructure doesn’t make that possible.

Nothing stops you from deploying two independent GPON networks, one for ISDN service and the other for data service. Typically the drop cables will be at least 2 fibers (GPON runs on a single fiber) so you would not need to change anything. In my example the backbone would need a maximum of 7 fibers. With a duplicated GPON network, that would be 14 fibers in the backbone.

Personally I think duplicated networks are silly. But who am I to decide?

The AV lab gets screwed. You’re running the coax they need through the
noisy electrical riser because you didn’t build dedicated comms risers
and closets. Naturally nobody checked with them so you don’t yet
realize they can’t do what they need to do with video over IP
equipment.

Fiber will transmit anything that goes on coax as analog signals. Typically on 1550 nm. The converters are dead cheap and are purely analog devices.

This is how we deliver TV on a FTTH GPON network. GPON uses 1310 nm for upstream data, 1490 for downstream data and 1550 nm for analog TV. When I say analog TV that is really DVB digital signal these days, but the equipment does not know any of that and just transmits it as an analog signal. Many GPON ONT for residential use come with a coax TV out port that can be turned on and off remotely, so the ISP can control TV delivery. Some also have build in filters that can be remote controlled, so you can have multiple TV packages using the usual system of filtering frequencies on the coax.

And what will you do in 5 years when they want the computer lab in 204
upgraded to 100Gig? Maybe run some fiber all the way back to the
campus head end because as expensive as that is, it’s still cheaper
than replacing the OLT with 100-gig capable equipment and then
replacing all the ONTs in the building because oops, there’s no 100
gig OLT compatible with the old ONTs and you’d have to take the
building down for a week to forklift-upgrade the whole mess.

One advantage of a fiber to the desktop solution is that you have fiber to every room. You just move a drop cable from the splitter and to a pair of backbone fibers. With this you can get a dedicated connection from any room to any other room including back to your data center. Yes you will have extra dark fibers available, anything else would be stupid.

Folks have advised Nick rip it out now because they foresee the
slow-motion train wreck on its way. That may be extreme, but certainly
he should take immediate action to preserve his options. For example,
I would demand the creation of comms closets and risers before the
building opened and I’d threaten to quit if they weren’t. At least
then the inevitable modifications can be structured and planned
instead of turning in to an ad-hoc mess.

This is out of line IMHO. Hopefully they did add in extra conduits so you could do some special cable runs (including some copper and coax), if needed. But if they did not, it would be the responsibility of management, not yours. It also has nothing to do with fiber nor GPON. Plenty of copper builds have a severe lack of space for future proving.

If they did the fiber build in the recommended way, there will be ducts prepared for fiber blowing, so one quickly can add more fiber cabling.

I find it silly to threaten to quit if they wont make closets, that are then going to be empty.

Regards,

Baldur

There are double-shield coax solutions for noisy risers. The outer
shield is grounded to the conduit, while the inner shield is grounded at
the source equipment. One has to be sure that the voltage differential
between shields is kept as low as practical, which means paying
attention to grounding for the conduit AND equipment.

The discussion was regarding an in-building LAN - residential access networks/WANs are a wholly different beast and GPON is fantastically suitable for that particular problem.

There is, however, a reason that a lot of new mixed-use (business && residential) WAN fibre deployments end up building a home-run dark fibre network for business use and overbuilding with GPON for residential use - the 1-1 mapping of end users to patch points/flexibility points makes for a vastly more future-proof network.

I think we often underestimate just how long the networks we install stick around. I ordered a 10Gbit/s service not too long ago over the very same fibre that was used to serve 2Mbit/s connections in the mid 90s: I’m not kidding, the fibre was physically disconnected from an old, derelict 2Mbit/s SDH network termination and plugged into a brand new 10Gbit/s EDD.

GPON is cool, definitely - I’ve worked on very large scale GPON deployments before, and it is definitely a very useful technology that allows us to affordably deploy high-bandwidth consumer and small-business connectivity.

However - it is a compromise, and I don’t think you’re gaining anything by running GPON versus the tried-and-tested method of active, switch-based aggregation, especially compared to the sacrifices you make deploying a passively-aggregated network.

As I said before - I wouldn’t stake my reputation on it.

~A

Lower power consumption of electronics and the fact that most (not all) deployments don’t need more than 10 megs committed to them, so share a big pipe and burst away. 1U can have 256 endpoints easily and consume less power than a regular switch.

> Compared to the traditional approach, you will only have one centralized
> GPON switch to manage. All the small ONT switches are managed through
> this. Complaints about the interface is vendor specific. Because there is only
> one centralized switch, it would be fairly cheap to switch vendor. Much cheaper
> than to rewire with copper in any case.

Except you won't have one central GPON switch because LANs change
incrementally.

In my experience, a PON network is extremely flexible. Our FTTH network [...]

Exactly, your FTTH network. PON wouldn't exist if it didn't have
valuable use scenarios. Like an FTTH network. I was discussing Nick's
scenario which is NOT an FTTH network. It's an in-building LAN with
fiber runs measuring in tens or hundreds of feet (not miles) behind
walls (not up on accessible utilities poles or down in accessible
conduits) with screwy in-wall ONTs (not the user's responsibility to
power) stuffed in a space that doesn't dissipate heat well.

YOUR use of PON makes reasonably good sense.

One advantage of a fiber to the desktop solution is that you have
fiber to every room. You just move a drop cable from the splitter
and to a pair of backbone fibers.

Did it read to you like Nick's installation had drop cables of
non-trivial length from easily accessed splitters? It didn't read that
way to me.

I would demand the creation of comms closets and risers before the
building opened and I'd threaten to quit if they weren't. At least
then the inevitable modifications can be structured and planned
instead of turning in to an ad-hoc mess.

This is out of line IMHO. Hopefully they did add in extra conduits so
you could do some special cable runs (including some copper and
coax), if needed.

Nick said they did not create comms closets or a comms riser.

But if they did not, it would be the responsibility
of management, not yours. It also has nothing to do with fiber
nor GPON. Plenty of copper builds have a severe lack of space
for future proving.

To an internal user, internal IT *is* part of the management complex.
They're the ones who get to choose your password length and VPN rules.
They make choices which are enforced on you, hence management.

If they did the fiber build in the recommended way, there will
be ducts prepared for fiber blowing, so one quickly can add more fiber cabling.

If they did the fiber build in anything reasonably close to the
recommended way there would be ducts connected to comms closets
holding the splitters. He's already told us there are no comms
closets.

Regards,
Bill Herrin

Many 1U GPON OLT switches have 16 OLT ports and each port can have up to 128 ONT. This gives you 2048 ONT in one unit for the OLT. Typical power is less than 200 watt.

Each ONT has 4 or more ethernet ports. So multiply with that. You could have a small campus on just one unit of OLT. On the other hand, I am not sure you will actually save any power as the ONTs also need power and they are many.

Regards
Baldur

ons. 12. dec. 2018 22.56 skrev Mike Hammett <nanog@ics-il.net>:

I'd say that any carrier grade GPON gear is way overkill for a LAN and
you're going to have to run single mode fiber to use the consumer grade
ONTs which is a big extra expense as few structured wiring companies do
single mode. Second, Dasan Zhone is one of the vendors I'd absolutely
avoid and I've worked on numerous GPON OLTs (Adtran TA5000/3000, Calix C7,
E7, E3, and others). Their configuration is problematic as you've found
out and they have a poor track record in security.

https://www.securityweek.com/over-million-dasan-routers-vulnerable-remote-hacking

Using third party optics is (with all the GPON vendors) a complete crap
shoot. Sometimes they will work and suddenly a firmware update from the
OLT vendor comes along and they no longer work. Other times they don't
work at all or are very unreliable.

GPON is a standard, but in North America the vendors have largely not been
forced to do interoperability and it's very lacking. Compare that to
Europe where the Fritzbox is one of the most popular ONTs.

Finally, as many have said I cannot see any scenario where building GPON
will be as cost effective, reliable, or performant as simply building out a
switched Ethernet network over fiber.

YOUR use of PON makes reasonably good sense.

Features such as battery backup and ISDN is made for the explicit purpose of office buildings, not residential use. The flexibility that we enjoy will also work for office buildings. I do not disagree that in a office building the distances are short and you can get enough flexibility just by adding sufficient amount of dark fiber, and therefore a point to point network would work just as well. But what he got is a GPON network, so what else would also work is moot. Nobody has yet to come forth with a real problem with the GPON network, that would require to start all over with another approach.

One advantage of a fiber to the desktop solution is that you have
fiber to every room. You just move a drop cable from the splitter
and to a pair of backbone fibers.

Did it read to you like Nick’s installation had drop cables of
non-trivial length from easily accessed splitters? It didn’t read that
way to me.

The length of the drop cables is irrelevant. You are not going to move the cables physically. You will unplug the drop cable from the splitter and connect it to the backbone cable. Both splitter and backbone cables will have APC/LC connectors in a small cabinet somewhere. You can literally convert a drop cable from being part of the GPON system, to being a point to point anywhere within a few minutes just by moving a few connectors.

I would demand the creation of comms closets and risers before the
building opened and I’d threaten to quit if they weren’t. At least
then the inevitable modifications can be structured and planned
instead of turning in to an ad-hoc mess.

This is out of line IMHO. Hopefully they did add in extra conduits so
you could do some special cable runs (including some copper and
coax), if needed.

Nick said they did not create comms closets or a comms riser.

He did not say there was zero space to run any cables at all. Fiber does need very little space. And if all you need is that coax for the AV group, that also would not need much space. If you wanted to rewire the whole thing for copper, that would require a lot of space. Rewiring for point to point fiber would require very little space, if any at all (we do not know how much dark fiber they already have).

If they did the fiber build in anything reasonably close to the
recommended way there would be ducts connected to comms closets
holding the splitters. He’s already told us there are no comms
closets.

No in a fiber build you would not bother with comms closets. For copper you need to ensure no run is longer than 100 meters, and therefore you have risers and comm closets relatively close spaced. In a fiber roll out there is no point. Even with point to point ethernet over fiber, you would just have one closet for the whole building in the basement somewhere. Or even in a different building. The architect is going to want that space for something else in a heartbeat. This more than the saved cost could be the real reason for why they did it.

This does not mean there will be zero space for running cables. You still have lots of stuff that needs to cross floors (power, water, sewer, fiber etc).

Regards,

Baldur