Document Sample
Jian_Feng-cn2-en-last0208 Powered By Docstoc
					Philosophy of Building CN2

         Xu Jianfeng

   China Telecom Corporation
    Total voice traffic and revenue decreases by the end of 2005. The mobile
  phone and IP phone calls have cannibalized part of the voice traffic
    Traditional communication network is unable to support China
  Telecom’s strategy to become a Comprehensive Information Service
  Provider. This is due to its lack of capability in offering value-added
  service and service awareness on a unified network.
    High OPEX (Operating Expenses) is required for operating separate
  networks in a tradition way
    The existing ChinaNet is not best choice for NGN, 3G, VPN and other
  strict SLA demanding services
    Acceleration of the Information and Communications Technology (ICT)
  adoption in government and enterprises would drives the demand for
  telecom services
    Adoption of the SIP-based soft-switch technology
    The impending releases of 3G license
    Rapid development of the broadband service
    Fix and Mobile Convergence ( FMC )
Migration of voice service from PSTN network to IP-based network
Preparation for 3G-based mobile services
Accelerate the development and deployment of the broadband
services base on xDSL access technology
Drive managed service and system integration service
Triple play services and future IP NGN convergence including
network convergence, service convergence and application

Built an Integrated IP/MPLS-based multi-service platform — CN2
   CN2:China telecom Next Carrier Network
                Philosophy of Building CN2

Simple network topology

Scalable routing architecture

Highest level of redundancy

Highest level of security

Different class service

Day one support for voice , video and data

End to end control and management
                                 CN2 Strength
Homogeneous Global Architecture
Single Global ASN(AS4809)
ISIS level2-only with sub-second convergence
MPLS FRR with sub-50ms reroute
Robust Architecture Allows for Unsurpassed Stability
Diffserv-based QOS、MPLS and multicast enabled network
6PE-based IPV6 network
Offer Layer-2/3 public/private flexible connectivity over IP or MPLS
Leading SLAs via Zero Loss & Speed of Light Delays
Fast automated end to end service provision and fault management
utilizing industry leading IP service management solutions, help to greatly
reduced OPEX and accelerate service deployment
End to end IP SLA monitoring tool make CN2 a true carrier class network
                               Simple Network Topology
CN2 comprises of two functional planes and four structural layers to offer a
seamless connectivity for customers.
    The two functional planes are high speed data forwarding plane and service provisioning
    The four structural layers are core layer, aggregation layer, edge layer and services
    connecting layer
    The high speed data forwarding plane and service offering plane is supported by 4 and 1
    vendors respectively. This is to ensure minimum service disruption and better edge
    services control.

                    Simple Network Topology(cont)

IP/MPLS Network
   All-Optical,Dense Wave Division
   Multiplexing (DWDM)
   SONET/SDH framing
   Per flow load-sharing and fail-
   over load-sharing with ISIS
   MPLS is enabled on all network with                   IP
   VPN traffic encapsulated in MPLS and
   others transported in native IP        IP       MPLS

                           Scalable route architecture
To ensure network’s scalability and security, only infrastructure address blocks are
redistributed into the IS-IS (IGP) routing table. Non-infrastructure addresses are
redistributed in BGP. Keeping the IS-IS routing table to a minimum would greatly
enhance the network stability.
Single Global ASN (AS4809)
BGP Communities are deployed for routes control and netflow-based traffic
CN2 have two type Route reflector
     VPN RR for RFC2547-based VPN service,(VRR)
     Global RR for global internet routing(GRR)
VPN RR is independent of global RR, both use one level Route Reflector(RR)
Global iBGP: Scaling the Global Internet Routing Table involve the increase in the
number of GRR group,each group handles a part of global routes.
VPN iBGP: Likewise, scaling the VPN routing Table involve the increase of VRR
group. Example, VPN1-500 is handled by VRR-G1 while VPN501-1000 can be
handled by VRR-G2
                        Scalable routing architecture (Cont)
   Scaling the Global Internet Routing Table
               Group 1 for part1 routes     Group 2 for Part2 routes

                  Full mesh Peers                  Full mesh Peers
       GRR1                      GRR2     GRR3                 GRR4

Send Part 1                                                          Send Part 2
routes to G1                                                         routes to G2

     Client                                                          Client

      EBGP                                                           EBGP
                                 Client   Client
          Internet      Receive Part 1     Receive Part 2    Internet
                        routes from G1     routes from G2
                         Scalable route architecture (Cont)
   scaling the VPN routing Table

                Group 1 for VPN             Group 2 for VPN
                 1-500 routes               501-1000 routes

                  Full mesh Peers                Full mesh Peers

       VRR1                    VRR2      VRR3                VRR4

Send/ receive                                                      Send/ receive
VPN1 routes                                                        VPN501 routes
to/from G1                                                         to/from G2

    Client                                                         Client
             PE           Client                Client        PE
                                    PE    PE
                         Highest Level of redundancy
All network links are deployed in pairs over diverse facilities
Only POS interface are used on backbone link to do faster link failures
All network links are active (NOT working and protect)
Each PoP’s router pair is connected by multiple routers. Link failure protection is
done through IS-IS (layer 3 control) and not dependent on transport layer (layer 2
IS-IS routing protocol
    Per flow load sharing between dual pairs
    Fail-over load sharing
    Sub-second fast convergence for gold service
    Three priority LSP flooding and FIB update
    1:1 mode FRR is deployed in core layer for 50 links
    Sub-50ms reroute time
Built to maintain utilization not to exceed 50% during normal running
As a congestion-free network, CN2 ensures premium priority for delivery
of all packets in the core
                          Higher Level of security

Strict uRPF is deployed on all customer access interfaces
Loose uRPF is deployed on interconnected interface
Infrastructure ACLs (iACL) deny external traffic to ALL routers interfaces
address. iACL are deployed on edges and borders of the network. No one
outside network can reach routers
Infrastructure routes are not distributed to internet or customer
All router access control is managed by AAA servers and syslog
QOS technology would be deployed accordingly to reduce the impact of an
attack or worm traffic.
All customer facing routers interfaces do not have IGP turn on. When
EBGP are deployed on these interfaces, BGP MD5 hash must be
              Differentiated class service capability

CN2 QoS positioning
   QoS is used to allocate limited network resources to different services.
  Unlike traditional networks of ATM, Frame Relay, and lease circuit
  services, CN2 provides an uniform network for all these services. To
  differentiate the services based on the class of importance or contract,
  QdS is the mechanism in place to segregate and allocate network
  resources to different class of services.
      Example of a QoS policy: 3G and soft-switch traffic can be allocated with
      at least 50% of the available bandwidth while Vnet can only consume a
      maximum of 15% of the total bandwidth
  QoS are also positioned for traffic congestion management. Under the
  accidental circumstances of equipment or circuit failures, QoS helps to
  manage the limited usable network resources to different classes of
  Better resource utilization is expected from deploying QoS. Having
  elastic policy to re-allocate the under-utilized resources results in
  efficient resources utilization.
              Differentiated class service capability (Cont)

QoS design philosophy
  CN2 adhere to DiffServ framework based on IP precedence and MPLS
  EXP Bit classification. Thus offering 8 classes of service
  Initial CN2 service classification is base on 5 basic classes of services.
      1 class for network control traffic
      1 class for CT internal service
      3 classes for service offering
  All services are classified, remarked, shaped and rate-limited on the
  edge of the network to ensure a consistent QOS policy enforcement
  within the CN2 network
  Service resource allocation is based on class of service. GOLD class of
  service would be allocated with 2 times more redundant resources than
  BRONZE class of service
  Convergence of prefix varies on the traffic class. Prefixes of a GOLD
  class of traffic would converge faster than prefixes of BRONZE class
  of traffic
              Different class service capability

      QOS标记   丢包率(%) MTU(b   平均延时      最大延时      抖动(ms)
                     yte)    (ms)      (ms)

金业务   5       0.05   1500    30        45        <2
银业务   3       0.1    1500    35        60        <5
铜业务   2       1      1500    40        75        <10

      平均故障    最大故障    中断总时 中断时              故障次       月可用
      切换时间    切换时间    长(分钟/ 长(分             数(次/      性(%)
      (s)     (s)     月)    钟/次)            月)
金业务   <3      <8      5           <5        <1        99.99
银业务   <15     <20     10          <5        <2        99.98
铜业务   <25     <45     15          <5        <3        99.95
                        All services are Edge Functions
Services are enforced and policed on the edges of the network via the SR/PE device.
Service comprises of soft-switch, video conference, VPN, Internet, ATM/FR/DDN etc.
To ensure core network’s stability and security, service provisioning, new service
deployment and security control are performed on the edge of the network..
The SOLE responsibility of the Core Network is packet switching and forwarding

              QOS edge                    PE                Corporate Dial

                         PE                                PE
      access                                                               Integrated
                                                                 PE           VPN
                                  P            P
             PE                                        P
 MPLS                        P     IP/MPLS                            PE
L3 VPN                             platform                                     SDH/DD
             PE               P                        P
                                                   P               PE
    IPSec         PE                  P
     VPN                                                                    MPLS
                        PE                                 PE              L2 VPN
         ATM/FR                                PE
                   Network Capacity and Coverage

Network Capacity and Coverage (by the end of 2005):

   CN2 will provide coverage for 208 cities including Hong Kong, Tokyo,
   Singapore, London, New York, San Jose, Washington etc. with service
   offering MPLS/VPN and Internet Services.
   671 routers in total,including 439 P routers,208 PE/SR routers,12
   Public RR,and 12 VPN RR
   1267 relay links with a total link bandwidth of 4.231T
   Over 800 external interlinkage with a total bandwidth of 2.8T
   A total customer access link bandwidth of 650.62G
   CN2 uses Cisco 12416 with E3&SIP line cards as PE routers
   exclusively to ensure a consistent connectivity and configuration
   management. This would reduce equipment interoperation issue as well
   as the speed of problem resolution.
                           CN2 service capability
Support MPLS layer 2/3 VPN
   L3 VPN(RFC2547)
   Ethernet point to point service(Draft-martini)
   Ethernet multi point service (Vkompella VPLS)
   ATM/FR over MPLS
Support 3 classes of service. GOLD, SILVER and BRONZE.
Support internet & VPN services with SDH、Ethernet/VLAN、
ATM/FR/DDN、 L2TPv3, pseudo-wired access
Support network wide multicasts of 600 groups,1.2Gbps end to end
multicast traffic
Support network wide 6PE-based IPv6 with wire speed
CN2 uses Cisco 12416 with E3&SIP line cards as PE routers exclusively
to ensure a consistent connectivity and configuration management. This
would reduce equipment interoperation issue as well as the time of
problem resolution, thus be more agile in time to market.

Shared By: