PowerPoint 演示文稿

Download Report

Transcript PowerPoint 演示文稿

Philosophy of Building CN2
Xu Jianfeng
China Telecom Corporation
http://www.chinatelecom.com.cn
Background
Challenges
Total voice traffic and revenue decreases by the end of 2005. The mobile
phone and IP phone calls have cannibalized part of the voice traffic
businesses
Traditional communication network is unable to support China Telecom’s
strategy to become a Comprehensive Information Service Provider. This is
due to its lack of capability in offering value-added service and service
awareness on a unified network.
High OPEX (Operating Expenses) is required for operating separate
networks in a tradition way
The existing ChinaNet is not best choice for NGN, 3G, VPN and other
strict SLA demanding services
Opportunities
Acceleration of the Information and Communications Technology (ICT)
adoption in government and enterprises would drives the demand for
telecom services
Adoption of the SIP-based soft-switch technology
The impending releases of 3G license
Rapid development of the broadband service
Fix and Mobile Convergence ( FMC )
Solutions
Migration of voice service from PSTN network to IP-based network
Preparation for 3G-based mobile services
Accelerate the development and deployment of the broadband
services base on xDSL access technology
Drive managed service and system integration service
Triple play services and future IP NGN convergence including
network convergence, service convergence and application
convergence
Built an Integrated IP/MPLS-based multi-service platform — CN2
CN2:China telecom Next Carrier Network
Philosophy of Building CN2
Simple network topology
Scalable routing architecture
Highest level of redundancy
Highest level of security
Different class service
Day one support for voice , video and data
End to end control and management
CN2 Strength
Homogeneous Global Architecture
Single Global ASN(AS4809)
ISIS level2-only with sub-second convergence
MPLS FRR with sub-50ms reroute
Robust Architecture Allows for Unsurpassed Stability
Diffserv-based QOS、MPLS and multicast enabled network
6PE-based IPV6 network
Offer Layer-2/3 public/private flexible connectivity over IP or MPLS
Leading SLAs via Zero Loss & Speed of Light Delays
Fast automated end to end service provision and fault management
utilizing industry leading IP service management solutions, help to greatly
reduced OPEX and accelerate service deployment
End to end IP SLA monitoring tool make CN2 a true carrier class network
Simple Network Topology
CN2 comprises of two functional planes and four structural layers to offer a
seamless connectivity for customers.
The two functional planes are high speed data forwarding plane and service provisioning
plane
The four structural layers are core layer, aggregation layer, edge layer and services
connecting layer
The high speed data forwarding plane and service offering plane is supported by 4 and 1
vendors respectively. This is to ensure minimum service disruption and better edge
services control.
SR/PE
Service
Edge
Aggregation
SR/PE
Core
高速转发层
业务接入层
SR/PE
Simple Network Topology(cont)
IP/MPLS Network
All-Optical,Dense Wave Division
Multiplexing (DWDM)
SONET/SDH framing
Per flow load-sharing and failover load-sharing with ISIS
MPLS is enabled on all network with
VPN traffic encapsulated in MPLS and
others transported in native IP
IP
IP
MPLS
SONET
FRAMING
DWDM
Scalable route architecture
To ensure network’s scalability and security, only infrastructure address blocks are
redistributed into the IS-IS (IGP) routing table. Non-infrastructure addresses are
redistributed in BGP. Keeping the IS-IS routing table to a minimum would greatly
enhance the network stability.
Single Global ASN (AS4809)
BGP Communities are deployed for routes control and netflow-based traffic
monitor
CN2 have two type Route reflector
VPN RR for RFC2547-based VPN service,(VRR)
Global RR for global internet routing(GRR)
VPN RR is independent of global RR, both use one level Route Reflector(RR)
Global iBGP: Scaling the Global Internet Routing Table involve the increase in the
number of GRR group,each group handles a part of global routes.
VPN iBGP: Likewise, scaling the VPN routing Table involve the increase of VRR
group. Example, VPN1-500 is handled by VRR-G1 while VPN501-1000 can be
handled by VRR-G2
Scalable routing architecture (Cont)
Scaling the Global Internet Routing Table
Group 1 for part1 routes
Group 2 for Part2 routes
Full mesh Peers
GRR1
GRR2
Full mesh Peers
GRR3
Send Part 1
routes to G1
Send Part 2
routes to G2
Client
Client
EBGP
Internet
GRR4
Client
Receive Part 1
routes from G1
Client
Receive Part 2
routes from G2
EBGP
Internet
Scalable route architecture (Cont)
scaling the VPN routing Table
Group 1 for VPN
1-500 routes
Group 2 for VPN
501-1000 routes
Full mesh Peers
Full mesh Peers
VRR1
VRR2
VRR3
VRR4
Send/ receive
VPN1 routes
to/from G1
Send/ receive
VPN501 routes
to/from G2
Client
Client
PE
Client
Client
PE
PE
PE
Highest Level of redundancy
All network links are deployed in pairs over diverse facilities
Only POS interface are used on backbone link to do faster link failures
detection
All network links are active (NOT working and protect)
Each PoP’s router pair is connected by multiple routers. Link failure protection is
done through IS-IS (layer 3 control) and not dependent on transport layer (layer 2
control)
IS-IS routing protocol
Per flow load sharing between dual pairs
Fail-over load sharing
Sub-second fast convergence for gold service
Three priority LSP flooding and FIB update
MPLS FRR
1:1 mode FRR is deployed in core layer for 50 links
Sub-50ms reroute time
Built to maintain utilization not to exceed 50% during normal running
As a congestion-free network, CN2 ensures premium priority for delivery
of all packets in the core
Higher Level of security
Strict uRPF is deployed on all customer access interfaces
Loose uRPF is deployed on interconnected interface
Infrastructure ACLs (iACL) deny external traffic to ALL routers interfaces
address. iACL are deployed on edges and borders of the network. No one
outside network can reach routers
Infrastructure routes are not distributed to internet or customer
All router access control is managed by AAA servers and syslog
QOS technology would be deployed accordingly to reduce the impact of an
attack or worm traffic.
All customer facing routers interfaces do not have IGP turn on. When
EBGP are deployed on these interfaces, BGP MD5 hash must be
configured
Differentiated class service capability
CN2 QoS positioning
QoS is used to allocate limited network resources to different services.
Unlike traditional networks of ATM, Frame Relay, and lease circuit
services, CN2 provides an uniform network for all these services. To
differentiate the services based on the class of importance or contract,
QdS is the mechanism in place to segregate and allocate network
resources to different class of services.
Example of a QoS policy: 3G and soft-switch traffic can be allocated with
at least 50% of the available bandwidth while Vnet can only consume a
maximum of 15% of the total bandwidth
QoS are also positioned for traffic congestion management. Under the
accidental circumstances of equipment or circuit failures, QoS helps to
manage the limited usable network resources to different classes of
services.
Better resource utilization is expected from deploying QoS. Having
elastic policy to re-allocate the under-utilized resources results in
efficient resources utilization.
Differentiated class service capability (Cont)
QoS design philosophy
CN2 adhere to DiffServ framework based on IP precedence and MPLS
EXP Bit classification. Thus offering 8 classes of service
Initial CN2 service classification is base on 5 basic classes of services.
1 class for network control traffic
1 class for CT internal service
3 classes for service offering
All services are classified, remarked, shaped and rate-limited on the
edge of the network to ensure a consistent QOS policy enforcement
within the CN2 network
Service resource allocation is based on class of service. GOLD class of
service would be allocated with 2 times more redundant resources than
BRONZE class of service
Convergence of prefix varies on the traffic class. Prefixes of a GOLD
class of traffic would converge faster than prefixes of BRONZE class
of traffic
Different class service capability
CN2 SLA
QOS标记
丢包率(%) MTU(b
yte)
平均延时
(ms)
最大延时
(ms)
抖动(ms)
金业务
5
0.05
1500
30
45
<2
银业务
3
0.1
1500
35
60
<5
铜业务
2
1
1500
40
75
<10
平均故障
切换时间
(s)
最大故障
切换时间
(s)
中断总时 中断时
长(分钟/ 长(分
月)
钟/次)
故障次
数(次/
月)
月可用
性(%)
金业务
<3
<8
5
<5
<1
99.99
银业务
<15
<20
10
<5
<2
99.98
铜业务
<25
<45
15
<5
<3
99.95
All services are Edge Functions
Services are enforced and policed on the edges of the network via the SR/PE device.
Service comprises of soft-switch, video conference, VPN, Internet, ATM/FR/DDN etc.
To ensure core network’s stability and security, service provisioning, new service
deployment and security control are performed on the edge of the network..
The SOLE responsibility of the Core Network is packet switching and forwarding
QOS edge
Corporate Dial
PE
PE
broadband
access
PE
PE
PE
MPLS
L3 VPN
P
PE
IPSec
VPN
PE
P
P
P
IP/MPLS
platform
P
P
PE
P
PE
ATM/FR
PE
SDH/DD
P
PE
Integrated
VPN
MPLS
L2 VPN
PE
PE
AoMPLS
Network Capacity and Coverage
Network Capacity and Coverage (by the end of 2005):
CN2 will provide coverage for 208 cities including Hong Kong, Tokyo,
Singapore, London, New York, San Jose, Washington etc. with service
offering MPLS/VPN and Internet Services.
671 routers in total,including 439 P routers,208 PE/SR routers,12
Public RR,and 12 VPN RR
1267 relay links with a total link bandwidth of 4.231T
Over 800 external interlinkage with a total bandwidth of 2.8T
A total customer access link bandwidth of 650.62G
CN2 uses Cisco 12416 with E3&SIP line cards as PE routers
exclusively to ensure a consistent connectivity and configuration
management. This would reduce equipment interoperation issue as well
as the speed of problem resolution.
CN2 service capability
Support MPLS layer 2/3 VPN
L3 VPN(RFC2547)
Ethernet point to point service(Draft-martini)
Ethernet multi point service (Vkompella VPLS)
ATM/FR over MPLS
Support 3 classes of service. GOLD, SILVER and BRONZE.
Support internet & VPN services with SDH、Ethernet/VLAN、
ATM/FR/DDN、 L2TPv3, pseudo-wired access
Support network wide multicasts of 600 groups,1.2Gbps end to end
multicast traffic
Support network wide 6PE-based IPv6 with wire speed
CN2 uses Cisco 12416 with E3&SIP line cards as PE routers exclusively
to ensure a consistent connectivity and configuration management. This
would reduce equipment interoperation issue as well as the time of
problem resolution, thus be more agile in time to market.
再见