Ciena’s virtual Broadband Network Gateway (vBNG)

Ciena’s virtual Broadband Network Gateway (vBNG) is transforming the network edge with the ability to deliver network functions in software through its cloud-native, fully virtualized architecture. It provides operators with the agility, reliability, and scalability required to deliver high-value broadband services to residential and enterprise customers.

Why the Ciena vBNG?

Ciena’s vBNG is architected as a software-defined, virtualized, cloud-native BNG from its inception. Unlike other solutions, which carry the historical baggage of older architectures, Ciena’s vBNG brings the flexibility and agility operators need to quickly address opportunities in today’s changing market—defined by an ever-increasing demand for bandwidth and a growing complexity of application handling.

Transforming the network edge

Ciena’s vBNG is open architected and built to the Broadband Forum’s TR-459 Standard (Control and User Plane Separation (CUPS) for a disaggregated BNG). The CUPS model enables user planes from a single BNG system to be distributed anywhere in the network and elastically scale to meet application performance requirements and diverse and changing traffic needs. The CUPS architecture has a superior resiliency model to ensure service protection.

Being software-defined enables the vBNG to provide integrated functions such as a DHCP server or CGNAT without the need for extra hardware. Applications can be brought to life faster with greater efficiency and more agility than other solutions.

Being architecturally open and software-defined goes hand in hand with the ability to develop and deploy future applications as they arise.


No. 1

Software-defined with open APIs to speed addition of new features

No. 2

User planes scale independently and can be pushed to the network edge to meet application performance requirements

No. 3

Supports user-plane ‘slices’ for specific use cases with functionality to accommodate different application requirements

No. 4

Control planes and user planes are independently resilient (control plane 1:1, and user plane 1:1, N:1, and M:N high-availability)

No. 5

Cloud-native automation for rapid system deployment and service initiation

No. 6

Control planes can support deployments as small as a single user plane up to 256 user planes in a large vBNG system


  • + Access
    • IPoE
    • PPPoE
    • QinQ (1:1, N:1 VLAN modes)
    • MPLS pseudowire
    • VLANs
    • L2TPv2
  • + Authentication and accounting
    • DHCP v4/v6 server
    • DHCP v4/v6 relay
    • IPv6 SLAAC
    • Static IP
    • DNS
    • RADIUS
    • VSA support in RADIUS access-accept
    • Diameter Gx/Gy
    • HTTP redirect
    • Walled garden
    • Access loop identification
    • Rest APIs
    • Usage-based billing
    • AAA load balancing
    • Analytics and flow logging: Syslog, SORMv3
  • + Security and protection
    • DoS protection
    • Control-plane protection
    • Access Control Lists (ACLs)
    • User and session security
  • + Routing
    • Dual stack IPv4/v6 BGP, OSPF, ISIS, RIP
    • Route redistribution
    • FIB/RIB scaling
    • Static routing
    • OSPF v2/v3
    • OSPF, ISIS, BGP graceful restart
    • BFD – IPv4, IPv6
    • LDP
    • MPLS
    • ECMP
    • Policy-based routing
  • + Traffic management and QoS
    • ACL
    • Per-subscriber QoS
    • Hierarchical QoS (H-QoS)
    • 802.1p, DSCP, IP TOS, MPLS EXP
    • QoS marking
      • Dual rate policer
      • Egress scheduling: assured and expedited forwarding (SP, CBWFQ, WRR)
      • Traffic shaping
    • WRED congestion control
    • IPv4/v6 fragmentation and reassembly
    • Application-based policies (policy-based routing)
    • Configurable MTU size
    • Jumbo frames
  • + Provider Edge (PE) services
    • MPLS Layer 3 VPNs
    • Virtual Routing and Forwarding (VRF)
    • MPLS pseudowires
    • L2 access to MPLS L3 VPN
  • + Multicast
    • IGMP
    • PIM – Sparse Mode (SM)
    • Multicast scalability
    • Multicast replication per subscriber and PPPoE
  • + Reliability and redundancy
    • In-Service Software Upgrades (ISSU)
    • CP and UP individually stateful redundant
    • vBNG UPs 1:1, N:1, or M:N redundancy
    • vBNG CP 1:1 redundancy
    • Bi-directional Forwarding Detection (BFD)
    • PW redundancy
    • Failed process isolation and restart without impact
    • Link Aggregation (LAG) and LACP
  • + Management
    • CLI interface
    • Web-based GUI
    • Remote access – SSHv2
    • RADIUS or TACACS+ authentication
    • 15 levels of admin authorization
    • Custom-defined admin levels
    • Multiple alarm handling and logging
    • Remote management over IP protocols
    • SNMP v1/v2c/v3
    • IETF-compliant MIBs for UP and CP
    • SNMP traps
    • Syslog
    • NTP
    • IPv6 MIB support
    • Multiple alarms with logging
    • Extensive set of packet counters
    • All IPv4, IPv6 management features
    • Flow logging and telemetry: Syslog, SORMv3
    • Telemetry and analytics
    • Deployment and orchestration: Kubernetes, third-party VNFMs and VIMs
    • In-band and out-of-band management
    • Subscriber traffic mirroring
    • PFCP for CUPS
  • + Lawful intercept
    • RADIUS-based intercept triggers
    • Data security and encryption
    • X1, X2, X3 interfaces
  • + Other network functions and mobile integration
    • CGNAT
    • L2TP Access Concentrator (LAC)
    • L2TP Network Server (LNS)
    • Stateful packet inspection
  • + Deployment options
    • Bare-metal server
      • KVM
      • VMware
      • OpenStack
        Containerized (cloud-native)
      • CNF-based Kubernetes
      • VMware TCP
      • Red Hat OpenShift
        Private and public cloud

Questions? Ask the community.


Want to know more about the Ciena’s Virtual Broadband Network Gateway (vBNG)? Let's talk.

Contact us