Presentations - 2 - LGfL Network 2012
Download
Report
Transcript Presentations - 2 - LGfL Network 2012
Technician Conference –
Network overview and proposed enhancement
2008 - 2012
17th March 2008
Presented by :Stuart Tilley - Network & Systems
Overview
• Introduction
• Current Network Overview
• Proposed Technology Refresh
–
–
–
–
–
Core Network
Access Network
Access bandwidth
URL filtering
Edge CPE
• Summary
Introduction
• Current Network Implemented in April 2002
• Designed and Built by Synetrix a key LGfL service
provider
• Emerging Technology (MPLS) and vendor choice has
provided a platform for;
–
–
–
–
Delivery of High availability and scalable Broadband services
Secure and safe educational environment
New service development and delivery
Shared community network (LPSN)
• Network Refresh - keeping pace with technology to and
beyond 2012
The London Network – Physical Topology
Enfield
Barnet
Haringey
Harrow
Waltham
Forest
Romford
Newham
Camden
Park
Royal
Tele
House
Hayes
Earls
Court
Welling
Lambeth
Bexley
Heath
Richmond
Lewisham
Core
Core Network Node
Merton
AP
Aggregation Point
Croydon
Core 10Gbps Links
Bromley
Nodal Loop 1Gbps
Nodal Loop 100Mbps
Purley
The London Network
Physical Network Topology
• 3 Core locations and 21 Aggregation Points serving 33
London Authorities
• Resilient dark fibre connecting core locations (10Gb/sec
– OC192 SDH)
• AP’s connected to core by resilient nodal loops currently
1Gb or 100Mb capacity
• Resilient Service Hosting – SLB
• Resilient Tier 1 ISP’s (Thus, Abovenet, UKERNA, BBC)
– Total Internet Capacity 6Gbps
• All Broadband services delivered over fibre (scalable
bandwidth)
The London Network – Logical
Waltham Forest
Camden
6Bone
VPN1
VPN1
Native IPv6 peering
VPN2
VPN2
BGP4
VPN3
AP
AP
Edge sites connected
at 2, 5, 10 & 100Mbps Ethernet
BBC
BGP4
Edge sites configured
Into appropriate VPN at
any AP
100Mb
160Gbps Router
1Gbps
UKERNA
2Gbps
BGP4
2Gbps
VPN
3
VPN
1
VPN
2
VPN1
Edge sites access core
services via resilient
MPLS core/access
network with QoS applied
dependant on application
VPN2
VPN3
Internet
or
BGP4
10
Gb
c
ps
e
MPLS VPN's
10
Gb
p
AP
sc
or
Newham
e
Telehouse
Participate in same L2
broadcast domains as Earls
Court
SLB
1Gbps
160Gbps Router
VPN
3
VPN
1
VPN
3
VPN
2
URL URL
Participate in same L2
broadcast domains as Park
Royal
160Gbps Router
VPN
1
Virus Virus
email email
&
&
Web Web
Virtual Firewalls
Dark Fibre - 0C192 MPLS (10Gbps)
SHDS or Dark Fibre - 100M-2.4Gbps MPLS
SHDS - WES 100Mbps
URL URL
Virus Virus
Gigabit
Firewall
SHDS - WES 1000 (1Gbps)
SLB
MPLS VPN's
10Gbps core
MPLS VPN's
VPN
2
Virtual Firewalls
Park Royal
Earls Court
MPLS IP VPN's
LEA1
LEA2
LEA3
vpn
1 vpn
2 vpn
3
Gigabit
Firewall
Author Stuart Tilley
Date
25/01/2006
email email
&
&
Web Web
The London Network
Logical Network
• MPLS core network
• Dedicated RFC2547bis Layer3 VPN’s
– Provides fully routed Virtual WANs per ‘customer’
(LEA or LA)
– Totally autonomous routing policy and access control
per Virtual WAN – WMSv1 & v2
– Virtual WANs distributed across complete physical
network
• QoS Support
Network Statistics
•
•
•
•
•
Total of edge bandwidth purchased 23Gbps
Total traffic transiting network 3Gbps (average)
Total capacity of Juniper access layer 228Gbps
Total Capacity of Juniper core 480Gbps
Total Internet Bandwidth - (Sept 2002) 30Mbps
today averaging over 2Gbps
• HTTP traffic via URL service 1.5GMbps
• Requests served from Cache 400Mbps
Proposed Core Technology upgrade
• Upgrade existing Juniper M160 with Next Generation
MX960
• Fully resilient chassis (redundant HW) such as;
–
–
–
–
Power Supplies
Cooling fans
Routing Engines (RE)
Switch Control Board
• Fully resilient design/configuration
– Dual Dense Port Concentrators (DPC’s) 10G + 1G
– Support resilient backbone and core switching
• JUNOS code – leading standards development
• Low risk migration
Proposed Core Technology Upgrade
Proposed MX960 core build
Telehouse Core
MX960
Juniper
1
PEM
0
1
2
3
YELLOW ALARM
MASTER
0
®
NETWO RKS
FAIL
OK
FAIL
OK
FAIL
OK
OK
FAIL
NC
C
NO
NC
C
MX960
NO
OFFLINE
OK
FAIL
RED ALARM
ACO/LT
ONLINE
FAN
RE 0
OK
OK
FAIL
RE 1
OK
FAIL
OK
FAIL
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
0
1
2
3
4
5
0
1
2 6
7
8
9
10
11
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
OK/FAIL
OK/FAIL
OK/FAIL
OK/FAIL
2/0 2/5
FABRIC
ONLY
FABRIC
ACTIVE
OK/FAIL
0/0 0/5
2/0 2/5
1/0 1/5
3/0 3/5
FABRIC
ONLY
FABRIC
ACTIVE
0/0
0/0
TUNNEL
TUNNEL
LINK
LINK
RE-S-1300
RE-S-2000
0/0
1/0 1/5
DPC 40xGE
DPC 4x10GE
DPC 40xGE
DPC 4x10GE
SCB
SCB
OK/FAIL
0/0 0/5
0/0
1/0
1/0
TUNNEL
TUNNEL
TUNNEL
LINK
LINK
LINK
TUNNEL
LINK
3/0 3/5
0/0
0/0
TUNNEL
TUNNEL
LINK
LINK
0/0
0/0
TUNNEL
TUNNEL
LINK
LINK
s
p
Gb
10
1G
bp
s
Earls Court Core
Park Royal Core
MX960
MX960
Juniper
®
NETWO RKS
PEM
0
1
2
3
0
MASTER
1
ONLINE
YELLOW ALARM
NC
FAN
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
C
NO
NC
C
OK
FAIL
Juniper
MX960
NO
OFFLINE
RE 0
OK
RED ALARM
ACO/LT
®
NETWO RKS
PEM
0
1
2
3
0
MASTER
1
ONLINE
NC
FAN
RE 0
OK
FAIL
FAIL
OK
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
RED ALARM
C
NO
NC
C
MX960
NO
OFFLINE
RE 1
OK
FAIL
YELLOW ALARM
ACO/LT
OK
FAIL
RE 1
OK
FAIL
OK
FAIL
FAIL
OK
OK
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
FAIL
0
1
2
3
4
5
0
1
2 6
7
8
9
10
11
0
1
2
3
4
5
0
1
2 6
7
8
9
10
11
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
ONLINE
OK/FAIL
OK/FAIL
DPC 40xGE
DPC 4x10GE
0/0 0/5
SCB
OK/FAIL
2/0 2/5
OK/FAIL
FABRIC
ONLY
FABRIC
ACTIVE
FABRIC
ACTIVE
0/0
TUNNEL
TUNNEL
LINK
LINK
LINK
RE-S-1300
TUNNEL
TUNNEL
LINK
LINK
LINK
0/0
TUNNEL
LINK
1/0 1/5
3/0 3/5
1/0 1/5
3/0 3/5
0/0
1/0
1/0
TUNNEL
TUNNEL
TUNNEL
LINK
LINK
LINK
TUNNEL
LINK
3/0 3/5
0/0
1/0 1/5
RE-S-2000
RE-S-1300
RE-S-2000
0/0
1/0
1/0
TUNNEL
0/0
2/0 2/5
0/0
TUNNEL
LINK
0/0
0/0 0/5
FABRIC
ONLY
FABRIC
ACTIVE
0/0
TUNNEL
3/0 3/5
OK/FAIL
OK/FAIL
2/0 2/5
FABRIC
ONLY
FABRIC
ACTIVE
0/0
1/0 1/5
DPC 40xGE
OK/FAIL
OK/FAIL
0/0 0/5
FABRIC
ONLY
DPC 4x10GE
OK/FAIL
2/0 2/5
SCB
OK/FAIL
OK/FAIL
DPC 40xGE
DPC 4x10GE
DPC 40xGE
DPC 4x10GE
SCB
SCB
OK/FAIL
0/0 0/5
0/0
0/0
TUNNEL
TUNNEL
TUNNEL
LINK
LINK
LINK
TUNNEL
LINK
10Gbps
0/0
0/0
0/0
0/0
TUNNEL
TUNNEL
TUNNEL
TUNNEL
LINK
LINK
LINK
LINK
Aggregated 10Gbps
uplinks supporting L2
& L3 services
Stack 10G
1
1
2
MGMT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
41
42
43
44
45
46
47
48
45x
46x
47x
48x
Solid ON = Link
Blinking = Activity
45x
46x
47x
48x
Solid ON = Link
Blinking = Activity
2
MGMT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
41
42
43
44
45
46
47
48
45x
46x
47x
48x
Solid ON = Link
Blinking = Activity
45x
46x
47x
48x
Solid ON = Link
Blinking = Activity
2
STACK NO.
FAN
PSU-I
PSU-I
PSU-E
TM
2
36
37
38
39
40
CONSOLE
Shared Ports
Summit X450e-48p
Stack 10G
1
1
MGMT
Stack 10G
1
1
2
STACK NO.
FAN
PSU-E
48
TM
2
MGMT
36
37
38
39
40
CONSOLE
Shared Ports
Summit X450e-48p
Stack 10G
1
1
2
STACK NO.
FAN
48
2
STACK NO.
FAN
PSU-I
PSU-I
PSU-E
PSU-E
Summit X450e-48p
TM
Extreme Virtual Switch
providing server
aggregation
Shared Ports
CONSOLE
Summit X450e-48p
TM
Shared Ports
Extreme Virtual Switch
providing server
aggregation
CONSOLE
Proposed Access Technology Upgrade
• Replace Existing M10 with Juniper M10i
• Fully resilient chassis (redundant HW) such as;
–
–
–
–
Power Supplies
Cooling fans
Routing Engine (RE)
Forwarding Engine Board (FEB)
• Fully resilient Design/Configuration
– 2 x 1Gbps Nodal loop Interfaces
– 2 x 1Gbps Virtual switch uplinks (initial deployment)
Proposed Access Technology Upgrade
• Replace Existing Extreme S48i aggregation
switch with Juniper EX4200.
• Redundant Power supply
• Virtual Chassis Configuration (max 10)
• 48 port 10/100/1000 capability
• Architecture design based high end core routing
products
– Packet Forwarding Engine
– Routing Engine
Proposed Access Technology Upgrade
•
Fully resilient design\configuration
– Virtual chassis deployment
– Multiple 1Gbps uplinks (resilience)
Existing Design
Proposed Design
Aggregation Point (AP)
Aggregation Point (AP)
1Gbps Nodal Loops
1Gbps Nodal Loop
Fully resilient M10i
(redundant PSU, routing and
forwarding engines)
100Mbps Nodal Loop
Juniper
NETWORKS
3
2
1
0
Ethernet 1000BASE-X SFP
ETHERNET 1000 BASE LX/SX/LH
LINE
STATUS
RX ACTI V ITY
ACTIVITY
LINK
STATUS
0/
TX
RX
ETHERNET 100BASE-TX
Ethernet 1000BASE-X SFP
LINE
STATUS
RX ACTI V ITY
ACTIVITY
LINK
1/
LT
TX
RX
Internet
ETHERNET 1000 BASE LX/SX/LH
STATUS
STATUS
PORT 0
RX
LINK
STAT
US
M10
TM
PORT 1
RX
LINK
NETWORKS
PORT 2
RX
LINK
PORT 3
RX
LINK
Juniper
ETHERNET 1000
BASE-TX
R
P rocessor
ETHERNET 1000
BASE-TX
ETHERNET 100BASE-TX
3
STATUS
PORT 0
RX
LINK
PORT 1
RX
LINK
STAT
US
PORT 2
RX
LINK
PORT 3
RX
LINK
MGMT
LINK
ACT
LINK
ACT
LINK
PIC 0/3
PIC 0/2
PIC 0/1
PIC 0/0
PIC 1/3
PIC 1/2
PIC 1/1
PIC 1/0
2
PICS ON/OFF
0/2
0/1
1
PC CARD
0/0
0/1
AUX/MODEM
MGMT
AUX/MODEM
MGMT
HDD MASTER
RESET
MINOR ALARM
CONSOLE
OFFLINE
PC CARD
0/0
FAIL
JUNIPER NETWORKS LABEL THIS SIDE
PORT 0
CONSOLE
ONLINE
RE-400
MAJOR ALARM
0/2
FAIL
JUNIPER NETWORKS LABEL THIS SIDE
PICS ON/OFF
ACT
0/3
PORT 1
HDD MASTER
RESET
MINOR ALARM
PORT 0
1/
0
RE-400
MAJOR ALARM
0/3
PORT 1
LINK
AUX/MODEM
ACT
0/
CONSOLE
ONLINE
OFFLINE
Resilient 200Mbps Capacity Links
1
50
RT
49
RT
PO MT
MG
PO
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
41
40
42
43
44
45
46
47
48
2Gbps Aggregated
Uplink
CONSOLE
49
EX4200 48 port 10/100/1000
switches (max 10 per stack)
Extreme Networks Summit48si
50
R
1
50
RT
49
RT
PO MT
MG
PO
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
41
40
42
43
44
45
46
47
48
CONSOLE
49
Extreme Networks Summit48si
50
R
2, 5, 10, 100 Service delivery
BT LES service Active Equipment (A end)
Virtual Switch
Point to Point fibre delivered via ‘A’ end and ‘B’
end BT serving exchange
2, 5, 10, 100 & 1000Mbps Service delivery
Sample AP Configuration
BT LES service Active Equipment (A end)
BT LES service Active Equipment (B end)
BT LES service Active Equipment (B end)
Edge Site
Edge Site
1
50
RT
49
RT
PO MT
MG
PO
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
1
POR MT
MG
50
T
POR 49
T
CONSOLE
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
CONSOLE
49
50
Extreme Networks Summit48si
R
49
50
Extreme Networks Summit48si
R
Access Bandwidth Upgrade
• All current 100Mbps nodal loops upgraded to 1Gbps
–
–
–
–
–
–
–
–
–
–
–
–
Merton – Croydon
Merton – Earls Court
Bromley - Croydon
Bromley – Welling
Lewisham - Welling
Welling – Bexleyheath
Romford – Bexleyheath
Romford – Telehouse
Waltham Forest – Camden
Haringey – Camden
Haringey – Barnet
Hayes - Harrow
• Prevent degradation of service in the event of primary loop failure
• Enhanced Traffic Engineering capability
Access Bandwidth Upgrade
Enfield
Barnet
Haringey
Harrow
Waltham
Forest
Romford
Newham
Camden
Park Royal
Tele
House
Hayes
Earls
Court
Welling
Lambeth
Bexley
Heath
Richmond
Lewisham
Merton
Croydon
Core
AP
Bromley
Core Network Node
Aggregation Point
Core 10Gb Links
Nodal Loop 1Gbps
Purley
URL Filtering Platform Enhancements
• Evaluation exercise underway “Squid MkII” vs
Bluecoat 8100.
• Scaled to 2.5Gbps (N+1 resilience total 5Gbps)
• Additional Active/passive F5’s deployed to scale
beyond 2.5Gbps
• Current total filtered traffic 1.5Gbps
• Expect 500Mbps year on year increase
URL Filtering Platform Enhancements
32GB RAM for super fast access to the most frequently accessed cached-objects. Represents a 16x performance benefit over current hardware
2x 1Gbps copper ethernet interfaces.
One facing the internet, the other
facing the user, representing a 10x
performance improvement over
current hardware
2x 4-Core CPU allowing 8
concurrent execution threads/
process to handle users
requests, cache-lookups and
drive the high-performance
XFS file system
4-Core CPU
SQUID
Represents a minimum of 8x
performance benefit over
current hardware
XFS Allocation Groups allow
concurrent (multi-threaded) access to
stored objects.
4-Core CPU
XFS Filesystem
Supports stripe-aligned storage blocks for better RAID performance
Balanced-Trees for fast i-node lookups
Ideal for many small files (typically 25KB)
EXT3 Filesystem for operating
system
Disk 1
Disk 2
Operating System (RAID1)
Mirrrored Disks
Hot-Swappable
Disk 3
Disk 4
Disk 5
Disk 6
Disk 7
Cached Objects (RAID5)
Hot-Swappable
Represents a 4x performance benefit over current hardware
Disk 8
Replacement CPE
•
•
Extreme 24e3/S200 replaced with Juniper J2320
Features
–
–
–
–
•
Forwarding performance IMIX 400Mbps
3DES performance 170Mbps
4 onboard 10/100 ports
3 Physical Interface Card (PIM) slots
ES code
– Combines session state information/next hop forwarding
•
MPLS support fast reroute (resilient fibre services)
Summary
•
•
•
High availability, scalable future proof infrastructure
Low risk implementation/migration
Continued delivery of existing Network Centric services such as;
–
–
–
–
–
–
•
Securestore
Desktop Content Control (DCC)
Campus Monitoring Protection (CMP)
High Definition Video Conferencing (HDVC)
Secure Remote Access (SRA)
Broadband Resilience Service (BRS)
Enhanced distributed functionality – enabling new service developments
such as:
–
–
–
–
Virtual Private LAN Services (VPLS)
Broadcast video
High capacity Resilient Broadband Services
Security Services