SuperJANET 5 Router Procurement Strategy

Document Sample
SuperJANET 5 Router Procurement Strategy Powered By Docstoc
					SuperJANET5 Router Test Plan
1 Introduction
A number of router manufacturers have agreed to provide examples of their routers for testing by the Senior Engineering Team at ULCC. Testing needs to be performed with the router in three configuration modes. 1.1 Stand alone The router will be installed, configured and tests performed in the ULCC test area. DC power of sufficient capacity will need to be installed prior to the delivery of any test routers. 1.2 Connecting to the development network Connecting the test router to the Development router at ULCC will allow us to test the interoperability between the test subject and Cisco GSRs. 1.3 Insertion into a production path It would be beneficial to insert the test router between the London BAR and the SJ4 core router at UK-5, during an at-risk session, in order to put real traffic through the test router. In particular, it will enable a comparison to be made between the Netflow stats from the BAR and the flow based statistics from the test system.


Test Schedule
Training It is likely that each supplier will offer a training course which at least one member of the testing team should attend. This will provide an opportunity to evaluate the quality of the training and it will enable the attendee to take the lead in the evaluation of the individual router.


Delivery of equipment Determine what form is the equipment delivered in to site (i.e. kit form, pre-assembled units on pallets etc). Determine issues involved in moving equipment from unpacking position to installation position (i.e. issues with weight and size for door widths/ceiling heights etc).


Installation Determine amount of preparation work and effort needed to fit equipment into rack/tile position: The position of rails, power strips, cable management etc How easy/awkward it is to lift unit into position Determine if the equipment have to be partially dismantled for installation Where the equipment is supplied in a rack or racks, what sort of footprint does it or do they have.


Determine if there are any access, cabling or environment issues after the equipment is in position in our choice of rack (if applicable). 2.4 Initial power-up Determine accessibility, coverage and usability of hardware and software documentation. Determine initial equipment power-up state and any issues involved with connecting up the console. Determine if an initial OS install is needed and what issues are involved in obtaining the software distribution and installing it. Determine what is involved in putting an initial configuration on the equipment to allow basic management access via console and across the net. 2.5 Configuring for service Determine issues involved in securing the equipment and enabling general management access for ops staff. Determine issues involved in creating/modifying and loading in initial service configuration. Determine accuracy of hardware and software documentation. Enable Nagle slow TCP packet avoidance algorithm. Disable packet assembler/disassembler (PAD) commands. Enable keepalives for TCP sessions. Define router hostname. Define all necessary boot parameters. Disable logging to console. Enable use of subnet zero. Disable IP source routing. Disable acceptance of Finger protocol requests. Configure TFTP for uploading of images and configuration files. Disable BOOTP services. Define name server information. Configure SSH parameters. Configure Telnet parameters. Configuration of Loopback interfaces: interface description ip address disable forwarding of directed broadcasts ISIS Configuration of Null interfaces Configuration of POS interfaces: interface description ip address disable forwarding of directed broadcasts ISIS NTP POS reporting Other POS parameters


Configuration of Gigabit interfaces: interface description ip address disable forwarding of directed broadcasts disable sending of ICMP redirect messages disable auto-negotiation ISIS NTP Configure router-wide ISIS parameters. Configure BGP: ASN confederations router ID enable MED comparison reject updates from EBGP neighbours whose ASN does not appear as first in the AS path logging of neighbour resets enforce deterministic MED comparison between all paths from same ASN enable MED comparison within confederation peers neighbour statements peer group statements enable automatic summarisation of subnet routes disable synchronization between BGP and IGP prefix lists route maps other BGP parameters Enable forwarding of packets to best supernet route. Configure SNMP access. Define login/MOTD messages. Define command aliases for frequently used commands. Configure router-wide NTP parameters. 2.6 Logging Enable timestamps of log and debug messages. Define buffers available to logging subsystem. Disable logging to console. Define logging source. Define logging destination hostname. Define other logging parameters.



Diagnostics Determine availability of diagnostic commands for: BGP Packet forwarding CLNS NVRAM and other file systems Router and line card resets and crashes Interface controllers Debugging Chassis status Line card status Environmental status (power and temperature) Login and command history IP ISIS TTY access VTY access Logging information Memory allocation and performance Management BUS performance NTP Active process allocation and performance Queuing Redundancy SNMP SSH and Telnet TCP connections Software versions


Service operation. Determine how well OIR/hot-swap works for all hot-swappable parts and its impact on traffic flow, routing protocol operation and NMS view. Determine issues involved in obtaining and installing software upgrades for part/whole of OS and the impact on traffic flow, routing protocol operation and NMS view. Determine issues involved in adding/deleting logical routers to production configuration. Determine issues involved in remote 'disaster recovery' of equipment OS and configuration. Determine accessibility and usefulness of manufacturers technical support. Determine if there are any interoperability issues with current production equipment. Determine level of diagnostics that can be extracted from equipment and by what method. Determine the ability to support Multicast Determine the ability to support Ipv6 Determine the ability to support IP QoS



Security and integrity, filtering and access controls, statistics and “Netflow” support Examine the security features Examine the support for filtering and access control Determine format of filtering rules and how they are administered on the router. Determine if filtering is state-full or state-less. Are there any limitations to where and how they can be applied? Determine capabilities of filtering i.e. to TCP/UDP port number level, can other IP transport protocols be filtered. Determine what sort of filter statistics and logging is available and its format for permitted/denied traffic. Determine how to access and record this information. Determine facilities available to protect main CPUs from unwanted connections, traffic or DoS attacks i.e. login ACLs, rate-limiting and/or filtering of packets for the CPUs etc. Determine facilities and their capabilities to mitigate the effects of DoS attacks and traffic with spoofed source addresses i.e. uRPF, rate limiting. Determine if there are any facilities available to aid tracking source of packets i.e. when the source address is spoofed. Insert equipment into production network to determine how much information on traffic flows/statistics can be extracted and by what method. Compare information with equivalent from production equipment. Determine availability and coverage of interface statistics. Determine how this information can be viewed and recorded. Determine capabilities of flow based statistics. What sort of information about flows is available and how it can be accessed and recorded. Are there any tunable options i.e. sampling rate, cache size etc.


Provisional Test timetable
Procket router delivered July 2004 Cisco router delivered September 2004 Chiaro router delivered November 2004 Juniper router delivered January 2005



Test personnel
It is important that testing is performed in a uniform manner for each router platform. For this reason, the testing will be broken down into a number of areas and each area will be assigned to an individual engineer, for testing across all the routers. All Quality of documentation, support resources, interoperability issues, training (where courses attended) Delivery and installation, Multicast Compliance IPv6 compliance, interoperability Initial power up, logical router support Configure for service, diagnostics, logging Security and integrity, filtering and access controls, statistics and “Netflow” support QoS compliance Hot swapping, OS upgrades and graceful fail over

Jonathan Couzens

Rob Evans Jon Francis Tony Hacche Robert Stone

Duncan Rogerson Dave Tinkler


Shared By: