Download - ODD010011 DCN Network Planning ISSUE 1_0
-
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
1/52
HUAWEI TECHNOLOGIES CO., LTD.
2001-12-19
All rights reserved
www.huawei.com
Internal
ODD010011 DCNNetwork Planning
ISSUE1.0
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.huawei.com/http://www.pdffactory.com/http://www.pdffactory.com/http://www.huawei.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
2/52
HUAWEI TECHNOLOGIES CO., LTD. Page 2All rights reserved
With the constantly increased network status ofthe data communication equipment of ourcompany, which widely covers network accesslayer, convergent layer, core layer, and corebackbone layer, we should provide entire networksolutions. DCN is an important network forcarriers. With the wide application of ourequipment in DCN, we should have a betterunderstanding of DCN and master the key points
in DCN design planning to construct better DCNfor clients and increase its expandability.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
3/52
HUAWEI TECHNOLOGIES CO., LTD. Page 3All rights reserved
This course helps you to know:
[ Definition of DCN Typical
[ networking of DCN
[ MPLS VPN in DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
4/52
HUAWEI TECHNOLOGIES CO., LTD. Page 4All rights reserved
Chapter 1 Introduction of DCNChapter 1 Introduction of DCN
Chapter 2 Typical networking of DCNChapter 2 Typical networking of DCN
Chapter 3 Network protocol design of DCNChapter 3 Network protocol design of DCN
Chapter 4 MPLS design of DCNChapter 4 MPLS design of DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
5/52
HUAWEI TECHNOLOGIES CO., LTD. Page 5All rights reserved
Definition of DCN
l The full name of DCN is Data Communication Network:
[ Its initial definition is the network for carriers to carry out out-bandnetwork management.The actual DCN covers various services ofcarriers.For example SPC switch NM, transmission NM, billingsystem, and OA.
l DCN is used to connect Network Elements (NE) and correspondingOperation Support System (OSS), which is an important networkbetween the network providing service and the network operationcenter.
l DCN is the nervous system ! of the carriers, with the characteristics ofphysical entity network, virtual service network ! . Comparing with
service networks of carriers (for example 169 network), DCN does notneed a very high broadband, but has a high demand for networksecurity, reliability, and manageability.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
6/52
HUAWEI TECHNOLOGIES CO., LTD. Page 6All rights reserved
Development of DCNl OSN (Operation Support Network):
[ DCN can be seen as a subset of OSN, or DCN is the main part ofcurrent OSN. Before IP networks are widely used, DCN/OSN hasexisted already, just not through IP. But X.25 protocol has beenwidely used in 1980s, and X.25 once played an important role in
OSN, for the above historical reasons, current DCN is impossible IPOnly.
l DCN has become a comprehensive network with IP service as its mainservice and compatible with X.25, and Async at the same time.
l Standard of DCN ITU-T G.7712/Y.1703 (Architecture and specification
of data communication network, DCN).l This protocol is a regulation and guide document on DCN framework
and construction
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
7/52
HUAWEI TECHNOLOGIES CO., LTD. Page 7All rights reserved
Development of DCN
l For example, past MSC switch provided X.25 NM interface, butnow it provides IP-based Ethernet interface.
l Traditional telecom service should be changed into IP based NM,which has become a tendency.
l Previous DCN, constrained by different protocols (X.25, Async),may be comparatively independent physically in practice. X.25 isa network, and Async is another network.
l Currently IP-based DCN has integrated the above networks into alarge DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
8/52
HUAWEI TECHNOLOGIES CO., LTD. Page 8All rights reserved
DCN integrated with X.25
l To integrate OSN (mixed with X.25, Async, and IP) into an IP-based DCN, corresponding technical supports are needed.
l Such kind of technology is usually applied in lower end routerat access layer.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
9/52
HUAWEI TECHNOLOGIES CO., LTD. Page 9All rights reserved
DCN integrated with X.25 " - X2Tl X2T (X.25 to TCP Translation)
[ The principle and implementation methods of X2T scheme. X2T implements direct mutualtranslation between X.25 and TCP packet. Pure X.25 packet from X.25 network queriesaddress translation list based on called party X.121 address, and triggers setting up TCPconnection with the designated IP address. After setting up TCP connection, a router willextract pure data from X.25 packet and send them to IP host side through TCP connection.
l Equipment:
[ A Router supporting X2T;
[ An X.25 Terminal server which can run X25 application, supporting x25 protocol, connected inX25 network;
[ An IP Host, supporting/IP, connected in IP network.
X .25 Terminal IP HostRouter
E0S0
IP NetworkX . 25 Network
X.121 X.121 address1111
IP address10.1.1.1
IP address10.1.1.2
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
10/52
-
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
11/52
HUAWEI TECHNOLOGIES CO., LTD. Page 11All rights reserved
DCN integrated with X.25 " - X2T
l Data first flow to router A from client application program and implement IP to X25translation; then flow to router B through X25 network; finally flow to server application
program, and implement X25 to IP translation.
l The example is used to check the translation between X.25 and TCP/IP
IP Network X.25 Network IP Network
X2T- A X2T-B
S0 S 0E0 E0
20.1.1.1 20.1.1.2 10.110.96.49 10.110.96.51
Client Server
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
12/52
HUAWEI TECHNOLOGIES CO., LTD. Page 12All rights reserved
DCN integrated with X.25 " - X2T
l X2T looks like an NAT translation. Different from NATtranslation, it is the protocol translation between X.25 and IP.
l X25 host at the X25 network side runs a server applicationprogram supporting X25 protocol, responsible for receivingrequest, and transmitting data.
l IP host at the IP network side runs a client program supportingTCP/IP, responsible for requesting data from X25 host, andreceiving the transmitted data.
l X25 Terminal Communicates with Router through PVC.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
13/52
HUAWEI TECHNOLOGIES CO., LTD. Page 13All rights reserved
Competitor #s X.25 translation technology " - XOTl XOT (X.25 Over TCP) is designed by Cisco. See RFC 1613 for details.l It is designed for transmitting X.25 in IP network, permitting to transmit X.25 packet
through TCP/IP network instead of LAPB.
l XOT transmits X.25 packet in the IP network by packing it into an IP packet.
Router 1 Router 2 Router 3
S0 S1 S0 S1
IP X.25
IPNetwork X.25 Network
IPNetwork
IP Cloud IP CloudX25 Cloud
7000 2500
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
14/52
HUAWEI TECHNOLOGIES CO., LTD. Page 14All rights reserved
Chapter 1 Introduction of DCNChapter 1 Introduction of DCN
Chapter 2 Typical networking of DCNChapter 2 Typical networking of DCN
Chapter 3 Network protocol design of DCNChapter 3 Network protocol design of DCN
Chapter 4 MPLS design of DCNChapter 4 MPLS design of DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
15/52
HUAWEI TECHNOLOGIES CO., LTD. Page 15All rights reserved
Typical networking of DCN
l Typical networking of
DCN
[ National network
of DCN
[ Provincial network
of DCN
[ Municipal network
of DCN
l Running BGP in National
and Provincial DCNsAS
l AS numbers are
uniformly planned bycarriers. The private AS
numbers should be used
to the most.
R R R R
R R R R
R R R R
R R
R R
R R R R
R R R R
R R
R R
R R R R
R R R R R R R R
R R R R
R R
R R
SS SS SS SS SS
Municipal DCN
Municipal DCN
National DCNNational DCN
Provincial DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
16/52
-
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
17/52
HUAWEI TECHNOLOGIES CO., LTD. Page 17All rights reserved
Typical networking of DCN National DCN
l National DCN can be divided into two layers " - core layer and convergence layer.
l Considering redundancy and disaster prevention, generally, one core node is not enough. As shown in the diagram above,there are two core nodes, which are in different cities geographically.
l Convergence layer is used to access to province and region/city, and the link is POS or E1, or binding of multiple E1s.
l Convergence layer routers geographically are in different provinces, through which connect with provincial network routers.This is for management consideration. The link between national network convergence layer and provincial network router isthe division interface of national and provincial network. Provincial network takes charge of the management and maintenanceof the lower part, while national network the upper part.
R R
R R
R R
R R
R R
R R
R R
R R
R R
R R
R R
R R
R R R R
R R R R
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
18/52
-
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
19/52
HUAWEI TECHNOLOGIES CO., LTD. Page 19All rights reserved
Typical networking of DCN
l Provincial DCN is the main part of DCN;
l Provincial DCN is used to connect national DCN and municipal DCN and at same time,connect the services of different provincial networks, for example, carriers # centralized billingand NM service.
l Provincial DCN itself can be divided into two layers, core layer, and access layer, core routerof the core layer.
l Access layer includes layer-three switch, mainly used for access to server and PC of variousservices within provincial networks.
l As a connection between a province and a region/city, access layer router may be in aregion/city physically, and is also the management boundary point between a province and aregion/city. The distance between provincial core router and provincial distribution layerrouter is far, so generally the link between them is POS 155/622, and even E1.
l Provincial core router generally is NE80, Cisco 12000 series or Juniper M160
l Layer-three switch of a provincial distribution layer can be S8500, S8016, and S6500 series.
l Provincial distribution layer router can be NE40, NE20, NE16/8,M20, M10, Cisco 7500,andCisco 7200.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
20/52
HUAWEI TECHNOLOGIES CO., LTD. Page 20All rights reserved
Typical networking of DCNl
Municipal DCN is used to connect with provincial DCN, and takes charge of theinterconnection between municipal and branch offices.
l Concept of LDCN (compared with provincial DCN, municipal DCN is LDCN,L=Local)
l LDCN can be divided into three layers " - core layer, convergent layer, and accesslayer.
l Core layer takes charge of interconnection with provincial networks and municipal
nodes.l Comparatively powerful performance, in urban area geographically, a large number of
services from branch office to municipal office must pass through it
l In LDCN, a distribution layer device may be used at the same time as an access layerdevice, providing sufficient Ethernet ports to access to various important servers.
l Core layer equipment in common use: NE80, NE40-8, S8016;
l General convergent equipment in common use: NE40-4, S8500;
l Access layer equipment in common use: low end router (WAN access) and switch,R26, S3
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
21/52
HUAWEI TECHNOLOGIES CO., LTD. Page 21All rights reserved
Typical networking of DCN
l Main traffic is between municipal DCN and provincial DCN
l Very small part of traffic is from municipal DCN to national DCN
l DCN of different carriers may have different names, for example, the Mobile
is called MDCN.
l
DCN is a private network of carriers, on which there are various operationsupport services of carries. At the same time it is a pilot network for carriers,
all new features of data communication may be on trial first by carriers in
DCN.
l DCN is a private network, so theoretically its IP address and AS numbers
can be allocated at will. But in practice, carriers have correspondingregulations on IP address, AS numbers, and service name, which should be
abided by in design planning.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
22/52
HUAWEI TECHNOLOGIES CO., LTD. Page 22All rights reserved
Chapter 1 Introduction of DCNChapter 1 Introduction of DCN
Chapter 2 Typical networking of DCNChapter 2 Typical networking of DCN
Chapter 3 Network protocol design of DCNChapter 3 Network protocol design of DCN
Chapter 4 MPLS design of DCNChapter 4 MPLS design of DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
23/52
HUAWEI TECHNOLOGIES CO., LTD. Page 23All rights reserved
Typical networking of DCN - BGP
l On AS numbers, each province canown one AS or each region/cityown one.
l With the expanding of DCN, eachregion/city tends to own an ASnumber of itself.
l When provincial DCN releasesrouters to municipal DCN, it isbetter not to release default routers.
l From municipal network toprovincial network, and from
provincial network to nationalnetwork, there are generally dualegresses.
AS XXDCN
DCN
AS AA
DCN
R R
SS
R R
R R R R
R R R R
R R R R
R R R R
R R R R R R R R
SS SS SS SS
R R SS
National DCNNational DCN
Provincial DCN
Municipal DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
24/52
HUAWEI TECHNOLOGIES CO., LTD. Page 24All rights reserved
Typical networking of DCN - BGP
l Adopt link selection that Local-preference influences internalaccess to EBGP.
l Adopt link selection that MEDinfluences external access to
internal.l Municipal DCN AS numbers are
filtered at Provincial DCN egressto National network to avoid beingsent to the national network
l A strategy can be set in provincial
DCN to filter out over-convergentrouters sent from municipal DCN,for example /8 router.
R R R R
R R R R
R R R R
R R R R
R R R R
R R R R R R R R
SS SS SS SS SS R R R R
National DCNNational DCN
Provincial DCN
Municipal DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
25/52
HUAWEI TECHNOLOGIES CO., LTD. Page 25All rights reserved
Typical networking of DCN - BGP
l In municipal DCN, a router reflector is adopted, which is taken charge of by municipal DCN corelayer equipment. The router reflector has redundancy setting, and configured with Cluster-id.
Convergent layer equipment acts as the client of reflector.l IBGP uses loopback to establish neighborhood relationship.
l Multi-egress load sharing should be considered, it can be into two cases: VRP version supportsBGP load sharing, and VRP version does not support BGP load sharing.
R R R R
R R R R
R R R R R R R R
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
26/52
HUAWEI TECHNOLOGIES CO., LTD. Page 26All rights reserved
Typical networking of DCN - IGP
l IGP router protocol that used most in practice is OSPF.
l There is the case that the whole provincial network runs EIGRP (Ciscoprivate router protocol, enhanced IGRP) in early DCN.
l But carriers will consider the coordination between different manufacturers,so they have changed the principle " - don #t put all eggs in one basket ! .
l When BGP province and region/city have the same AS, provincial andmunicipal networks may be in the same OSPF domain, and all in Area 0.There will be no problem if only from the largest router numbers one Areacan support. One internal-province router is double-digit order of magnitude.
l In addition, different carriers or provinces may have different cases, so therelationship between province and region/city may be EBGP neighborhoodrelationship, may be not.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
27/52
HUAWEI TECHNOLOGIES CO., LTD. Page 27All rights reserved
OSPF design consideration
l If province and region/city have the same AS, provincial and municipal networks belong to the
same OSPF Domain but different Areas, province and region/city are separated in management,and should be taken in charge by provincial and municipal offices. Divide into different Areas toease management and router handling, and reduce calculating of OSPF.
Provincial DCNOSPF Area0
Municipal DCNOSPF Area1
Municipal DCNOSPF Area2
R R R R
R R
R R R R
R R
R R
R R R R
R R
R R
R R R R
R R
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
28/52
HUAWEI TECHNOLOGIES CO., LTD. Page 28All rights reserved
OSPF design consideration
Provincial DCN
Region/city A DCN Municipal B DCN
OSPF Area 0R R R R
R R
R R
R R
R R
R R
R R
R R
R R R R
R R
R R
R R
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
29/52
HUAWEI TECHNOLOGIES CO., LTD. Page 29All rights reserved
OSPF design consideration
l When Provincial and municipal networks belongs to different AS, they run IGProuter protocol of their own separately
l When provincial and municipal BGP have the same AS,
l OSPF has the following two modes:
[ The province and region/city are in the same Area, this may be present status
of carriers # DCN
[ The provincial network is Area 0, and municipal network is other Areas, for
example Area 1,Area 2 $ for convenience of management, router convergence
and other operations
l Provincial network and municipal network are managed separately, so dividing
multiple Areas is more convenient for management; if province and region/cityusing different AS numbers can be predicated on the schedule, then consider to
keep current state to ease dividing one Area 0 into multi Area 0s in the future.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
30/52
HUAWEI TECHNOLOGIES CO., LTD. Page 30All rights reserved
ISIS design consideration
l When ISIS router protocol is used as IGP, the same case existsl Divide provincial DCN into ISIS Level 2, and take municipal DCN as ISIS Level 1
Provincial DCN ISISL2
Municipal DCNISISL1
R R R R
R R
R R R R
R R
R R
R R R R
R R
R R
R R R R
R R Municipal DCN
ISISL1
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
31/52
HUAWEI TECHNOLOGIES CO., LTD. Page 31All rights reserved
ISIS design consideration
l For expandability, provincial network and municipal network can be divided
wholly into one layer, all belonging to ISIS Level 2,l An IGP convergence within AS is MPLS, VPN should notice that loopback
interface does not converge.
R R
Provincia DCNISIS L2 R R R R
R R
R R
R R R R
R R
R R
R R
R R R R
R R
R R
Municipal DCNISISL1Municipal DCN
ISISL1
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
32/52
HUAWEI TECHNOLOGIES CO., LTD. Page 32All rights reserved
Cost Value and Load Sharingl
On IGP link COST value, united rules are recommended. Refer to the following recommended value:Interface type Cost
GE 1
155M POS 7
100M FE 10
10M ETHERNET 100
N! E1 500/N
COST value at Loopback interface usually is 1.
l Usually there exist the following two load-sharing technologies:
[ 1) Per-Packet: rotates output interfaces to send packet, with effective load sharing. But the packet with the
same session may start off at different interfaces and different paths will result in disorder.
[ 2) Per-Flow: distributes service flow to different output interfaces based on certain rules, for example (source
IP +Destination IP) /N, and N i s the router number of load sharing. It has effective load sharing, and at the
same time it ensures the packet with the same session to start off at the same interface with the same path.l Equipment from different manufacturers with different models, supports different types and numbers of load sharing
technologies, which should be considered when the equipment cooperates with each other.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
33/52
HUAWEI TECHNOLOGIES CO., LTD. Page 33All rights reserved
Cost Value and Load Sharing
l Global load sharing can be implemented through modifying link COST value.
l For a node, data are transmitted uplink through a path; while for the whole network, atdifferent nodes, data are transmitted uplink through different paths.
l In addition, modification of Cost value is also a mode affecting BGP link selection.
R R R R
R R R R
R R R R
R R R R R R
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
34/52
HUAWEI TECHNOLOGIES CO., LTD. Page 34All rights reserved
Chapter 1 Introduction of DCNChapter 1 Introduction of DCN
Chapter 2 Typical networking of DCNChapter 2 Typical networking of DCN
Chapter 3 Network protocol design of DCNChapter 3 Network protocol design of DCN
Chapter 4 MPLS design of DCNChapter 4 MPLS design of DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
35/52
HUAWEI TECHNOLOGIES CO., LTD. Page 35All rights reserved
Application of MPLS VPN in DCN
l Layer-three MPLS VPN in DCN is increasingly applied.l Putting different service types into different VPNs has become a
tendency.l Classification of Common VPN:
[ BOSS[ Billing[ NMS[ Settlement[ Integrated Service[ OA[ Finance
l Carriers are changing Common ! network into VPN networkbased on service types.
l In design planning, we should cover and consider about it.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
36/52
HUAWEI TECHNOLOGIES CO., LTD. Page 36All rights reserved
INBASINBAS
MBASMBAS
RSSRSS
MNMSMNMS
SDHNMSSDHNMS
TNMSTNMS
DCSMSDCSMS
DNMSDNMS
INSMPINSMPINBSSINBSS
97BSS97BSS
97COMM97COMM
LSNMSLSNMS
SS7NMSSS7NMS
IPCNMSIPCNMS
NSNMSNSNMS
ISNMSISNMS
Examples of Service Classification on DCN
l The actual service quantity is far more
than that of current VPN on DCN, the
classification of VPN is not so detailed
as it is in service, not excluding the
possibility that in future single item orseveral items of services will be
classified separately into one VPN.
l Consideration should be given in
designing.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
37/52
HUAWEI TECHNOLOGIES CO., LTD. Page 37All rights reserved
MPLS VPN Design Change of IP Address
l Present situation of nodes in a certain office on a municipal DCN:
l The IP addresses are classified geographically, but not in accordance withservice types. Different types of services are in the same Vlan and the samenetwork segment.
SPC Switch
To hub
Transmission
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
38/52
HUAWEI TECHNOLOGIES CO., LTD. Page 38All rights reserved
MPLS VPN Design Change of IP Address
l Divide Vlan based on the service types of nodes on each branch office,and reallocate IP addresses
l Refer to relevant regulations of carriers on service classification. "
To hub
Switch Manages IP
SPC Switch Transmission
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
39/52
HUAWEI TECHNOLOGIES CO., LTD. Page 39All rights reserved
MPLS VPN Design Change of IP Address
l When re-planning the IP addresses, consider the following points:l Re-allocate addresses based on service types that are defined by carriers.
l Allocate address segment based on IP address numbers occupied by each service typeon each node, at the same time consider the possible added numbers in the future.Ensure IP addresses are enough to be allocated and certain address segments havebeen reserved, then reserve fully.
l
For future expandability, divide IP addresses strictly based on service types. Carriersmay operate several VPNs in practice, and many services may be divided into one VPNas a large category, but not excluding the possibility that in the coming future single itemor several items of services will be classified separately into one VPN. If dividing IPaddresses strictly based on service types, we need not to re-allocate IP addresses againwhen the demands above appear. "
l Though allocating IP addresses should be based on service types, we should follow thedefault principle in actual application. If the IP addresses are enough, do not multiplex IPaddress segment. Though VPN address composed of RD+IP address can distinguishmultiplexing addresses, don #t use this way as far as possible. In addition, DCN featuredin that itself is a large private network, and many addresses are available.
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
40/52
HUAWEI TECHNOLOGIES CO., LTD. Page 40All rights reserved
Internet Access Modes on MPLS VPN
l Considerer often that in DCN some VPNs require to access to Internet.l Sometimes, the public network egress is centralized in the provincial company,
but most of times Internet access should be in the LDCN of each region/city
(with the management right is gradually transferred to the upper, Internet
egress of the carriers # DCN can only be found in national network in the future).
l
Refer to modes of public network access for Internet access. There are severalways for option.
l It should be noted that generally a default route is released in each VPN
l The default route should be treated cautiously to ensure it would not result in
route disorder.
l
Particularly do not affect provincial DCN access
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
41/52
HUAWEI TECHNOLOGIES CO., LTD. Page 41All rights reserved
Internet Access Modes on MPLS VPN
l Each region/city DCN owns Internet egress of itself.
R R
SS
R R
R R R R
R R
R R
R R R R
R R R R
R R
R R
R R R R
R R R R
SS R R
National DCNNational DCN
Provincial DCNMunicipal DCN
FirewallMunicipal DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
42/52
HUAWEI TECHNOLOGIES CO., LTD. Page 42All rights reserved
VPN User Access to Internet - Traditional Mode
l Provincial DCN configures Internet access egress, handling Internet accessrequirements in a centralized manner.
R R
SS
R R
R R R R
R R R R
R R R R R R R R
R R
R R
R R R R
R R R R
SSR R
Firewall
Municipal DCN
Municipal DCN
National DCNNational DCN
Provincial DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
43/52
HUAWEI TECHNOLOGIES CO., LTD. Page 43All rights reserved
VPN User Access to Internet - Traditional Mode
l There are two logical links between PE and CE:
[ One is private network access. This logic interface is bound to a corresponding VPN on PE.
[ Another is public network access. This logic interface is not bound to a corresponding VPN on PE, butbelongs to public network.
[ On CE there are VPN private network route and public network default route for Internet access
[ Because this mode is easy to operate and the earliest to be used, so it is called traditional way ! for VPNusers to access Internet.
[ The disadvantage is that CE owns public router and private router at the same time.
[ The mode may occur in earlier DCN deployed MPLS VPN
R R
R R
R R
R R
CE
PEMPLS VPN
Private network access
Public network access
Internet
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
44/52
HUAWEI TECHNOLOGIES CO., LTD. Page 44All rights reserved
VPN User Access to Internet - Modes ofrouting leakage
l By Configuring a route to the private network in the public networkl And by leaking a default route to access to public Internet in the private network, VPN user
can access to InternetIpl route-static x.x.x.x 255.255.255.0 ethernet 0/0/0l Ip route-static vpn-instance VPNA 0.0.0.0 0.0.0.0 y.y.y.y publicl The principle of this method is simple, and its disadvantage is that route management is
complicated and maintenance is difficult.
CE
VPN A
CE
VPN B
R R
R R
R R
R R
PEMPLS VPN
Internet
R R
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
45/52
HUAWEI TECHNOLOGIES CO., LTD. Page 45All rights reserved
VPN User Access to Internet - Centralized Access of Center VPN
l Connect Internet and put it in the public VPNl Allow other VPNs to visit this VPN through Hub-Spoke, and deliver default router to other VPNs
from Internet VPNl This mode is the completely-mutual access between VPNs, unrelated to public network route,
having good security,l Some public servers in DCN, for example, file server, virus server, can be put to the Internet VPN
for centralized management
CE
VPN A
CE
VPN B
R R
R R
R R
R R
PEMPLS VPN
Internet
R R
VPN Internet
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
46/52
HUAWEI TECHNOLOGIES CO., LTD. Page 46All rights reserved
VPN Mutual Access in MPLS VPNl
Mutual access between VPNs is a headache in DCN designing. VPN isdesigned just for isolating different services and mutual access, but in actual
application, for some historical reasons and practical requirements, this kind
of mutual access is often needed.
l The most fearful mutual access is that all VPNs can access mutually, thus
VPN will totally lose its meaning. VPN in this kind of application is uselessexcept that it looks pretty ! . In addition, it will waste the equipment of the
whole network (CPU, MEM, convergence speed and delay) and broadband
resource.
l Our design planning is to guarantee users # VPN application will not get into
the above state, and ensure users will really benefit from their investment.l Guide users, explain the problem and try to find solution together
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
47/52
HUAWEI TECHNOLOGIES CO., LTD. Page 47All rights reserved
VPN Mutual Access in MPLS VPNl Mutual access demand of each VPN generally should be confined within several servers. For
example, in financial VPN, one server may require mutual access with a billing server, while inOA an anti-virus server requires all VPN can access it.
l Refer to the solution in MPLS VPN for servers # mutual access with certain limited numbers in
VPN, or consider dividing the servers with this kind of requirement into one VPN, just as the
centralized access of center VPN mode above.
Billing systemof group company
NMS of groupcompany functional network
PE
PE
Networkplatform of DCN
PE PE
Import:100:1Export:200:1
Import:100:1Export:100:1
PE
PE
Import:200:1Export:100:1
NMS of provincial company functional network
Billing systemof provincial company
Billing systemof provincial company
NMS of provincial company functional network
Networkplatform of DCN
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
48/52
HUAWEI TECHNOLOGIES CO., LTD. Page 48All rights reserved
VPN Mutual Access in MPLS VPN
l Typical Application of ACCESS MPLS VPN
l L2TP adaptor can replace real network card
l Realize dynamic selection of VPN by using L2TP verification mechanism
PE dynamically imports differentVPNs based on user name andpassword and allocates differentIP addresses
PE
Multi-roleHost
VLAN
Radius/CAMS
MPLS VPNL2TP
LNS
Host accessthrough L2TPtunnel
Host accessthrough L2TPtunnel
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
49/52
-
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
50/52
HUAWEI TECHNOLOGIES CO., LTD. Page 50All rights reserved
Consideration in Cross-Area MPLS VPN Design
l Between national and provincial network, or between provincial and municipal network, VPNsinterconnections all belongs to cross-area MPLS VPN. In DCN, two modes, Option A or Option B,
are usually adopted.l Option A configuration is simple and not necessary to consider the compatibility of different
manufactures. RT can be different in two AS, which is not suitable for the case with many VPNs.
AS1CE PE
ASBR
AS2
CEPE
ASBR
PE
PE
CE
CE
MP-IBGP
EBGP
MP-IBGP
PE ASBR ASBR PE
IP TransmitLSP1
VPN LSP1
LSP2
VPN LSP2
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
51/52
HUAWEI TECHNOLOGIES CO., LTD. Page 51All rights reserved
Consideration in Cross-Area MPLS VPN Design
l When Option B is used, it is necessary to consider the compatibility of different manufactures.
l Option B requires that RT in two AS be consistent. If RT rule in relevant regulation of carriers is ASN: XX, then RT of two AS cannot be consistent, which needs negotiation for a solution.
l The substance of users # selection schemes % dynamic access of VPN
AS1CE PE
ASBR
AS2
CEPE
ASBR
PE
PE
CE
CE
MP-IBGP MP-EBGP MP-IBGP
PE ASBR ASBR PEVPN LSP2
LSP1
VPN LSP1
LSP2
VPN LSP2
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.pdffactory.com/http://www.pdffactory.com/ -
8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0
52/52
www.huawei.com
Thank You
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.huawei.com/http://www.pdffactory.com/http://www.pdffactory.com/http://www.huawei.com/