Introduction of TEIN2 NOCIntroduction of TEIN2 NOC

JilongJilong WangWang<2005<2005--0909--10>10>

OutlineOutline

1.1. NRCTNRCT————Network Research Center of Network Research Center of TsinghuaTsinghua UniversityUniversity

Structure Structure TUNET NOC ServiceTUNET NOC ServiceCERNET NOC ServiceCERNET NOC ServiceCERNET2 NOC ServiceCERNET2 NOC ServiceOther NOC ServicesOther NOC Services

2.2. TEIN2 NOC ServiceTEIN2 NOC Service

11�� NRCTNRCT————Network Network Research Center of Research Center of TsinghuaTsinghua UniversityUniversity

MOEMOE Tsinghua UniversityTsinghua University

College of Information Technology

College of Information Technology

Graduate School at Shenzhen

Graduate School at Shenzhen

Network Research Centerof MOENetwork Research Center

of MOECERNET Operation CenterCERNET Operation Center

Network Research Center of Tsinghua University

Network Research Center of Tsinghua University

Network Research Centerat Shenzhen

WisdomNetwork

TechnologyCo.

NetworkOperation

andServiceCenter

Network Operation

andManagementTechnology

Lab.

Networkand

Information Security

TechnologyLab.

Networkand

InformationApplicationTechnology

Lab.

NetworkArchitecture

and IPv6Lab.

Wirelessand

MobileNetwork

TechnologyLab.

Videoand

Virtual Reality

TechnologyLab.

NetworkDevelopment

andProgramming

Lab.

Administration

Office

ProjectOffice

CNGI-CERNET2Backbone

TsinghuaCompus Network

TUNET

CERNET2Backbone Cernet Network Co.

NSFCNET

IPv6-CJ863-IPv6

Operation Division of NRCTOperation Division of NRCT

1.1. Network Operation GroupNetwork Operation Group��IP managementIP management2.2. Network Information CenterNetwork Information Center��IP address and IP address and

Domain name management, Domain name management, directorydirectory serviceservice3.3. Connection Management GroupConnection Management Group4.4. Custom Service CenterCustom Service Center��helphelp--desk, ondesk, on--site site

serviceservice5.5. System Operation GroupSystem Operation Group��AAA, NMS, DHCP, AAA, NMS, DHCP,

Email, DialEmail, Dial--up, Websiteup, Website6.6. Operation Operation CommitteCommitte��Decision MakingDecision Making

TUNET NOC ServiceTUNET NOC Service

TUNETTUNET

StatusStatus

PerformancePerformance

loglog

StatisticsStatistics

Li nk rout er i f Avg t raf f i c( i / o) Max t raf f i c( i / o) Mi n t raf f i c( i / o) Sum( i / o) Bandwi t h( i / o)

± ±¾ ©- - Ì ì½ ò_2. 5G 202. 38. 120. 192 36 39. 07Mbps/ 3. 21Mbps 294. 51Mbps/ 23. 21Mbps 0. 20Mbps/ 0. 27Mbps 12658910. 85MByt es/ 1040270. 13MByt es 99. 96Mbps/ 7. 60Mbps

± ±¾ ©- - É òÑ ô_2. 5G 202. 38. 120. 192 37 7. 04Mbps/ 17. 03Mbps 512. 46Mbps/ 205. 13Mbps 0. 00Mbps/ 0. 00Mbps 2280353. 35MByt es/ 5517825. 39MByt es 4. 12Mbps/ 49. 71Mbps

± ±¾ ©- - Ö £Ö Ý_2. 5G 202. 38. 120. 192 46 2. 94Mbps/ 14. 82Mbps 40. 07Mbps/ 64. 17Mbps 0. 00Mbps/ 0. 00Mbps 952323. 37MByt es/ 4801406. 88MByt es 5. 38Mbps/ 37. 09Mbps

Service Monitoring SystemService Monitoring System

TrafficTraffic

Ticket SystemTicket System

Network Information SystemNetwork Information System

securitysecurity

WarningWarning

CERNET NOC ServiceCERNET NOC Service

CERNET NOCCERNET NOC

StatusStatus

PerformancePerformance

RoutingRouting

TrafficTraffic

FlowFlow

EquipmentEquipment

CERNET2 NOC ServiceCERNET2 NOC Service

CERNET2CERNET2

StatusStatus

Aladdin Network Management SystemAladdin Network Management System

Weather MapWeather Map

TrafficTraffic

Routing Routing

Trouble Ticket SystemTrouble Ticket System

Other NOC ServicesOther NOC Services

� �

� �GSR12012GSR12008

POS OC-48

GE

DPT Ring

� �

GSR12008

� �

GSR12008

� ��

GSR12008

� � �

GSR12008

CERNET

CSTNET

APAN/STAR�����������

NSFCNET

����

����

������

863863������������������������

——����

——����

CJ IPv6CJ IPv6

CoreRouter

CoreRouter

CoreRouter

CoreRouter

CoreRouter

CoreRouter

borderRouter

EdgeRouter

EdgeRouter

EdgeRouterEdge

Router

EdgeRouter

2.5G POS

WAN

Guangzhou

Shanghai

Beijing

GELAN

GELAN

GELAN

GELAN

GELAN

GEMAN

To Japan

User Network (IPv6)

MAN/LAN

MAN/LAN

CERNET/CERNET2/DRAGONTAPCERNET/CERNET2/DRAGONTAP

CERNET

JANET

STARLIGHT

HARNET

TANET

DRAGONLIGHT CNGI-BJIX

DRAGONTAP

CERNET 2Internet

DomesticPeering

CNGIPeering

APAN KOREN

1.4G

10G

155M

100M 1G 155M 45M 45M

10G

22��TEIN2 NOC ServiceTEIN2 NOC Service

Task Task definationdefination

Connectivity managementConnectivity managementimplementationimplementationincident and problem managementincident and problem management

IP managementIP managementProPro--active and reactive monitoringactive and reactive monitoringProblem managementProblem management

Inventory ControlInventory ControlHardware, software and configurationHardware, software and configuration

Provide online informationProvide online informationtrouble ticket and statisticstrouble ticket and statistics

Collaboration with other Collaboration with other NOCsNOCsAPANAPAN--JP, ...JP, ...

TeamTeam

5Help DeskTechnician/operator

2daily operationIP Engineer

2daily operationConnectivity Engineer

1technical supportDirector of NOC

NumbersWorking levelsCategories

FacilityFacility

Operation CenterOperation CenterCall CenterCall CenterVideo Conferencing Facilities Video Conferencing Facilities Out of Band Network Management Out of Band Network Management Monitoring WallMonitoring WallTesting ToolsTesting Tools

Management SystemsManagement SystemsTTTTNISNISFault (Ping)Fault (Ping)Traffic (Traffic (snmpsnmp))Accounting (Accounting (netflownetflow))websitewebsiteRouting (Zebra)Routing (Zebra)Trap and LogTrap and LogReporting systemReporting systemConnectivity (telnet)Connectivity (telnet)Advanced Service managementAdvanced Service management

WebsiteWebsite

ProceduresProcedures

ConfigurationConfiguration

Performance monitoringPerformance monitoring

Problem handlingProblem handling

SecuritySecurity

Online access of the operation informationOnline access of the operation information

Fault Management ProcedureFault Management Procedure

Problem alert Problem alert TrackingTrackingProblem identification and isolationProblem identification and isolationTrouble ticket assignment and engineer contactTrouble ticket assignment and engineer contactTrouble shootingTrouble shootingProblem notificationProblem notification

initial status reportinitial status reportidentificationidentificationupdatesupdatesclosure closure

IP Monitoring ProcedureIP Monitoring Procedure

ProPro--active monitoringactive monitoring

link statisticslink statistics

packet statisticspacket statistics

routing statisticsrouting statistics

loss and delay statisticsloss and delay statistics

network equipment statisticsnetwork equipment statistics

advanced application monitoringadvanced application monitoring

Reactive monitoringReactive monitoring

taking fault reports around the clocktaking fault reports around the clock

Advanced ManagementAdvanced ManagementIPv6IPv6

fault monitoring fault monitoring traffic and performance monitoringtraffic and performance monitoring

IP MulticastIP Multicastmulticast beaconmulticast beacontraffic monitoringtraffic monitoring

VPN managementVPN managementEthernet over MPLS managementEthernet over MPLS management

QoSQoSCoSCoS statistics statistics flow rankingflow ranking

SecuritySecurityIDSIDShost flaw scanner and the databasehost flaw scanner and the database

ServicesServicesQoSQoSVoIPVoIPVConfVConfIPTVIPTVSecuritySecurity

ChallengesChallenges

Connectivity problem managementConnectivity problem management

BGP policyBGP policy

Open access of the NOC informationOpen access of the NOC information

Shared trouble systemShared trouble system

Security Security

Level 2 services Level 2 services

Advanced servicesAdvanced services

Possible PathsPossible Paths

policy based routing and politics based routing

The Real World RoutingThe Real World Routing

Meet requirement by user AS networkMeet requirement by user AS networkPolicyPolicy

Under the framework of TEIN2 Under the framework of TEIN2

DatabaseDatabaseIRR (who)IRR (who)

ConfigurationConfigurationASAS--path path prependprependPredefined communityPredefined community

Fine tuneFine tuneTraffic and flow monitoringTraffic and flow monitoringEndEnd--toto--end performance toolsend performance tools

AS A AS B AS C

AS D

BGP RoutingBGP Routing

Under the framework of TEIN2Under the framework of TEIN2

Try to provide the BGP routing as more Try to provide the BGP routing as more

flexible as possible to the connected networksflexible as possible to the connected networks

Provide the online access to the routing, Provide the online access to the routing,

traffic and flow informationtraffic and flow information

BGP Implementation (draft)BGP Implementation (draft)Implement BOGON filtersImplement prefix length filteringImplement authenticated BGP sessionsImplement maximum prefixesImplement route dampeningImplement route filtering (prefix-list or access-list or/and filter-list)Accept community tagAccept MEDAccept aggregated prefixes, except for the policy based routing

Open Access of the NOC InformationOpen Access of the NOC Information

Access policyAccess policyUnder the framework of TEIN2Under the framework of TEIN2

Tools and user interfaceTools and user interfaceOpen software toolsOpen software tools•• APAN NOCAPAN NOC•• Abilene ObservatoryAbilene Observatory•• etc.etc.

InIn--house developed toolshouse developed tools•• status/performance/routing/traffic/flow/equipmentstatus/performance/routing/traffic/flow/equipment

RemarksRemarks

RemarksRemarks

Under the framework of the TEIN2, we welcome Under the framework of the TEIN2, we welcome

suggestions and comments for the TEIN2 NOC suggestions and comments for the TEIN2 NOC

operationoperation

SLASLA

BGP routingBGP routing

Monitoring and measurementMonitoring and measurement

ThoughtsThoughts

Global Academic NOC meetingGlobal Academic NOC meetingNANOG, APRICOT, RIPENANOG, APRICOT, RIPE

Video phone Video phone no time zone problemno time zone problem

Shared trouble ticket systemShared trouble ticket systemtrouble shootingtrouble shooting

Shared endShared end--toto--end measurement dataend measurement dataoptimize routingoptimize routing

On Network OperationOn Network Operation

Be PatientBe PatientKnowable, Controllable Knowable, Controllable LogingLogingRedundanceRedundance, Backup, BackupPolicy and ProceduresPolicy and ProceduresOne time one thingOne time one thingLoose CouplingLoose CouplingMake AllowanceMake Allowance

Trouble Ticket SystemTrouble Ticket System

Measurement DIYMeasurement DIY