ISP Network Design. Point of Presence Topologies. ISP Network Design. PoP Topologies. Modular PoP Design. PoP Design



Similar documents
ISP Systems Design. ISP Workshops. Last updated 24 April 2013

ISP & IXP Design. Philip Smith APNIC st 31 st August 2012

ISP Network Design. ISP Workshops. Last updated 16 September 2013

ISP Case Study. UUNET UK (1997) ISP/IXP Workshops. ISP/IXP Workshops. 1999, Cisco Systems, Inc.

IPv6 Addressing. ISP Training Workshops

Address Scheme Planning for an ISP backbone Network

ISP & IXP Design. Philip Smith MENOG 11 Amman 30 th September 9 th October 2012

Introduction to The Internet. ISP/IXP Workshops

Introduction to Routing

Introduction to The Internet

IPv6 Address Planning

Transitioning to BGP. ISP Workshops. Last updated 24 April 2013

Introductions to ISP Design Fundamentals

Simple Multihoming. ISP/IXP Workshops

Simple Multihoming. ISP Workshops. Last updated 30 th March 2015

Module 12 Multihoming to the Same ISP

APNIC IPv6 Deployment

BGP. 1. Internet Routing

BGP Multihoming Techniques

BGP Multihoming Techniques

Designing and Developing Scalable IP Networks

Cisco Configuring Commonly Used IP ACLs

IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE)

BGP Terminology, Concepts, and Operation. Chapter , Cisco Systems, Inc. All rights reserved. Cisco Public

L2F Case Study Overview

Networking Technology Online Course Outline

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs

Chapter 1 Personal Computer Hardware hours

BT Internet Connect Global - Annex to the General Service Schedule

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Enterprise Edge Communications Manager. Data Capabilities

Topic 1: Internet Architecture & Addressing

Campus IPv6 connection Campus IPv6 deployment

VPN. Date: 4/15/2004 By: Heena Patel

Design, Implementation and Evolution of a DNS anycast resolving service in a country-wide ISP network

Top-Down Network Design

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Course Contents CCNP (CISco certified network professional)

Everything You Need to Know About Network Failover

HP Networking BGP and MPLS technology training

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

DD2491 p Load balancing BGP. Johan Nicklasson KTHNOC/NADA

Troubleshooting and Maintaining Cisco IP Networks Volume 1

Essential Curriculum Computer Networking 1. PC Systems Fundamentals 35 hours teaching time

Using the Border Gateway Protocol for Interdomain Routing

BELNET: Service Level Description Version (29/7/2009)

IP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life

Multi-Homing Dual WAN Firewall Router

The Cisco IOS Firewall feature set is supported on the following platforms: Cisco 2600 series Cisco 3600 series

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Broadband Phone Gateway BPG510 Technical Users Guide

Step-by-Step Configuration

Exterior Gateway Protocols (BGP)

Resilient Network Design Concepts. Mark Tinka

Unicast Reverse Path Forwarding

INTERNET ORGANIZATION OVERVIEW OF THE INTERNET'S ORGANIZATION AND MAIN STANDARD BODIES. Internet Organization. Peter R. Egli INDIGOO.COM. indigoo.

Fireware How To Dynamic Routing

The Internet Introductory material.

CTS2134 Introduction to Networking. Module 07: Wide Area Networks

Firewalls. Chapter 3

IPv6, Perspective from small to medium ISP

Introduction to MPLS-based VPNs

Build yourself an ISP

Data Sheet. V-Net Link 700 C Series Link Load Balancer. V-NetLink:Link Load Balancing Solution from VIAEDGE

"Charting the Course...

ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

How Cisco IT Uses Firewalls to Protect Cisco Internet Access Locations

FIREWALLS & CBAC. philip.heimer@hh.se

How To Learn Cisco Cisco Ios And Cisco Vlan

APNIC elearning: BGP Basics. Contact: erou03_v1.0

SSVP SIP School VoIP Professional Certification

Understanding Large Internet Service Provider Backbone Networks

Configuring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011

WAN Traffic Management with PowerLink Pro100

Cisco ASA, PIX, and FWSM Firewall Handbook

KENET NETWORK INFRASTUCTURE. KENNEDY ASEDA

WANs and Routers. M.Sc. Aleksandra Kanevce M.Sc. Aleksandra Bogojeska

co Characterizing and Tracing Packet Floods Using Cisco R

Router and Routing Basics

Network Security Auditing April 2015

Proxy Server, Network Address Translator, Firewall. Proxy Server

Course Description and Outline. IT Essential II: Network Operating Systems V2.0

BSCI Chapter Cisco Systems, Inc. All rights reserved.

The Internet. Internet Technologies and Applications

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Description: Objective: Upon completing this course, the learner will be able to meet these overall objectives:

LAB II: Securing The Data Path and Routing Infrastructure

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.

RAS Associates, Inc. Systems Development Proposal. Scott Klarman. March 15, 2009

SSVVP SIP School VVoIP Professional Certification

Interconnecting IPv6 Domains Using Tunnels

Enterprise Network Simulation Using MPLS- BGP

UIP1868P User Interface Guide

Prestige 310. Cable/xDSL Modem Sharing Router. User's Guide Supplement

IPv6 Firewalls. ITU/APNIC/MICT IPv6 Security Workshop 23 rd 27 th May 2016 Bangkok. Last updated 17 th May 2016

Configuring the Edgewater 4550 for use with the Bluestone Hosted PBX

Transcription:

ISP Network Design PoP Topologies and Design Backbone Design ISP Network Design ISP/IXP ISP Systems Design Addressing Routing Protocols Security Out of Band Management Operational Considerations 1 2 PoP Topologies Point of Presence Topologies Core routers high speed trunk Distribution routers and Access routers high port density Border routers to other providers Service routers hosting and servers Some functions might be handled by a single router 3 4 PoP Design Modular PoP Design Modular Design Aggregation Services separated according to connection speed customer service contention ratio security considerations Backbone link to another PoP Consumer DIAL Access ISP Services (, Mail, News, FTP, WWW) Nx64 customer aggregation layer Channelised T1/E1 circuits Nx64 leased line circuit delivery Web Cache Other ISPs Network Core Network Operations Centre Hosted Services NxT1/E1 customer aggregation layer Channelised T3/E3 circuits T1/E1 leased line circuit delivery Backbone link to another PoP Consumer cable, xdsl and wireless Access 5 6 1

Modular Routing Protocol Design Modular IGP implementation IGP area per module aggregation/summarisation where possible into the core Modular ibgp implementation BGP route reflector cluster per module core routers are route-reflectors clients peer with core only Point of Presence Design 7 8 PoP Modules PoP Modules Low Speed customer PSTN/ISDN dialup low bandwidth needs low revenue, large numbers Medium Speed customer 56/64K to sub-t1/e1 speeds low bandwidth needs medium revenue, medium numbers High Speed customer E1++ speeds medium bandwidth needs high revenue, low numbers Broad Band customer xdsl, Cable and Wireless high bandwidth needs low revenue, large numbers 9 10 PoP Modules PoP Modules PoP Core Two dedicated routers High Speed interconnect Backbone Links ONLY Do not touch them! Border Network dedicated border router to other ISPs the ISP s front door transparent web caching ISP Services (cache, secondary) News, Mail (POP3, Relay) WWW (server, proxy, cache) Hosted Services Virtual Web, WWW (server, proxy, cache) Information/Content Services Electronic Commerce 11 12 2

PoP Modules Low Speed Access Module Network Operations Centre primary and backup locations network monitoring statistics and log gathering direct but secure access Primary Rate T1/E1 PSTN lines to modem bank AS5300 AS2511 Web Cache Access Network Gateway Routers To Core Routers Out of Band Management Network The ISP Network Safety Belt PSTN lines to built-in modems 2600/3600 TACACS+/Radius proxy, resolver, Content 13 14 Medium Speed Access Module High Speed Access Module 3800/7206/7600 7200/7600 Channelised T1/E1 Channelised T3/E3 64K and nx64k circuits To Core Routers T1 and E1 circuits To Core Routers Mixture of channelised T1/E1, 56/64K and nx64k circuits Mixture of channelised T3/E3 and T1/E1 circuits 15 16 Broad Band Access Module ISP Services Module Web Cache To core routers Telephone Network 61xx IP, ATM 6400 Access Network Gateway Routers Service Network Gateway Routers ubr7246 To Core Routers The cable system SSG, DHCP, TACACS+ or Radius Servers/Proxies, resolver, Content WWW cache secondary POP3 Mail Relay NEWS cache 17 18 3

Hosted Services Module Border Module To core routers Hosted Network Gateway Routers To local IXP - NB - no default route + local AS routing table only ISP1 ISP2 Network Border Routers 1 3 5 7 2 4 6 To core routers 19 20 NOC Module Out of Band Network Out of Band Management Network 2620/32async To core routers Hosted Network Gateway Routers Critical Services Module Firewall Corporate LAN Out of Band Management Network Router consoles 2620/32async NetFlow To the NOC NetFlow enabled routers NetFlow TACACS+ SYSLOG Analyser server server Primary Billing, Database and Accounting Systems Collector Out of Band Ethernet Network Operations Centre Staff 21 22 Backbone Design Routed Backbone Switched Backbone Backbone Network Design Leased point-to-point circuits nx64k, T1/E1, T3/E3, OC3, OC12,... ATM/Frame Relay service from telco T3, OC3, OC12, delivery easily upgradeable bandwidth (CIR) 23 24 4

Distributed Network Design Distributed Network Design PoP design standardised operational scalability and simplicity ISP Services Backup Operations Centre POP Two ISP essential services distributed around backbone NOC and backup NOC Redundant backbone links POP Three POP One ISP Services ISP Services External Operations Centre External 25 26 Backbone Links Long Distance Backbone Links Tend to cost more ATM/Frame Relay now less popular due to overhead, extra equipment, and shared with other customers of the telco Leased Line more popular with backbone providers IP over Optics and MPLS coming into the mainstream Plan for the future (at least two years ahead) but stay in budget Unplanned emergency upgrades can be disruptive without redundancy Allow sufficient capacity on alternative paths for failure situations sufficient can be 20% to 50% 27 28 Long Distance Links Metropolitan Area Backbone Links POP Three POP Two Long distance link POP One Tend to be cheaper Circuit concentration Choose from multiple suppliers Think big More redundancy Less impact of upgrades Less impact of failures Alternative/Backup Path 29 30 5

Metropolitan Area Backbone Links POP Two Metropolitan Links ISP Services POP Three POP One, Mail, News design and location Metropolitan Links Traditional Point to Point Links 31 32 Domain Name System Provides name and address resolution Servers need to be differentiated, properly located and specified Primary nameserver Secondary nameserver Caching nameserver resolver Primary nameserver Holds ISP zone files forward zone (list of name to address mappings) for all ISP s and any customer zones reverse zone (list of address to name mappings) for all ISP s address space One Unix server, fast I/O, reasonable amount of memory (512Mbytes), reasonable disk Located in secure part of net, e.g. NOC LAN 33 34 Secondary Example Secondary nameserver apnic.net zone Holds copies of ISP zone files At least two are required, more is better primary in Brisbane secondary around the world Unix server, fast I/O, reasonable amount of memory (512Mbytes), reasonable disk Should be geographically separate from each other and the primary At different PoPs On a different continent e.g. www.secondary.com At another ISP $ dig apnic.net ns ;; ANSWER SECTION: apnic.net. 50m44s IN NS svc00.apnic.net. apnic.net. 50m44s IN NS ns.ripe.net. apnic.net. 50m44s IN NS rs.arin.net. apnic.net. 50m44s IN NS ns.apnic.net. ;; ADDITIONAL SECTION: svc00.apnic.net. 1d23h53m25s IN A 202.12.28.131 ns.ripe.net. 1d23h54m46s IN A 193.0.0.193 rs.arin.net. 1d23h53m25s IN A 192.149.252.21 ns.apnic.net. 1d9h29m16s IN A 203.37.255.97 Tokyo Amsterdam Washington Brisbane 35 36 6

Secondary Example apnic.net zone primary in Brisbane (ns.apnic.net) secondary run by APNIC in Tokyo (svc00.apnic.net) zone secondaried by RIPE NCC in Amsterdam ARIN in Washington Geographical and service provider redundancy this is the perfect example! Caching nameserver This is the resolver it is the cache Your customers use this as resolver, NOT your primary or secondary Provides very fast lookups Does NOT secondary any zones One, or preferably two per PoP (redundancy) Unix server, fast I/O, large amount of memory (512Mbytes+ depending on number of zones) 37 38 Caching Nameserver Anycasting the Caching Nameserver DIAL network Web Cache To Core Routers One trick of the trade assign two unique IP addresses to be for the two resolver systems use these two IP addresses in every PoP Geek Alert route the two /32s across your backbone Switch redundancy Router redundancy Cache redundancy Cache Cache Radius proxy DIAL users automatically given the IP addresses of caches when they dial in 39 even if the two resolver systems in the local PoP are down, the IGP will ensure that the next nearest resolvers will be reachable Known as IP Anycast 40 Efficient and resilient design Primary keep it secure Secondary geographical and provider redundancy Don t ever put them on the same LAN, switched or otherwise Don t put them in the same PoP Caching one or two per PoP reduces traffic across backbone more efficient, spreads the load Software Make sure that the BIND distribution on the Unix system is up to date the vendor s distribution is rarely current Pay attention to bug reports, security issues Reboot the cache on a regular (e.g. monthly) basis clears out the cache releases any lost RAM accepted good practice by system administrators 41 42 7

Mail Implementation Put all your hosts, point-to-point links and loopbacks into the under your ISP s domain name use sensible/meaningful names Put all your hosts, point-to-point links and loopbacks into the REVERSE also don t forget about in-addr.arpa many ISPs do some systems demand forward/reverse mapping before allowing access Must have at least two mail hosts (MX records) for all supported domains geographical separation helps POP3 server dedicated to that function DIAL users get mail from here SMTP gateway dedicated to that function DIAL users send mail via here Mail relay open to CUSTOMERS only! 43 44 Mail Example Mail telstra.net mail (MX records) primary MX is mako1 backup MX is postoffice two addresses backup MX used if primary unavailable $ dig telstra.net mx ;; ANSWER SECTION: telstra.net. 1H IN MX 10 postoffice.telstra.net. telstra.net. 1H IN MX 5 mako1.telstra.net. ;; ADDITIONAL SECTION: postoffice.telstra.net. 1H IN A 139.130.4.7 postoffice.telstra.net. 1H IN A 203.50.1.76 mako1.telstra.net. 1H IN A 203.50.0.28 45 Software Make sure that the MAIL and POP3 distributions on the Unix system are up to date the vendor s distribution are rarely current Pay attention to bug reports, security issues, unsolicited junk mail complaints IMPORTANT: Do NOT allow non-customers to use your mail system as a relay 46 News News System Placement News servers provide a Usenet news feed to customers Distributed design required Incoming newsfeed to one large server Distributed to feed servers in each PoP Feed servers provide news feed to customers Outgoing news goes to another server Separate reading news system Separate posting news system 47 News Feeder News Feeder POP Three External POP Two News Collector POP One News Distributor News Feeder External 48 8

News System Placement News News Feeder Software POP Two Make sure that the Internet News distribution on the Unix system is up to date the vendor s distribution is rarely current Pay attention to bug reports, security issues, unsolicited junk posting complaints POP Three POP One News Feeder News Feeder External News Collector News Distributor External IMPORTANT: Do NOT allow non-customers to use your news system for posting messages 49 50 Where to get IP addresses and AS numbers Your upstream ISP Africa AfriNIC http://www.afrinic.net Asia and the Pacific Addressing APNIC http://www.apnic.net North America ARIN http://www.arin.net Latin America and the Caribbean LACNIC http://www.lacnic.net Europe and Middle East RIPE NCC http://www.ripe.net 51 52 Internet Registry Regions Getting IP address space ARIN LACNIC Take part of upstream ISP s PA space or Become a member of your Regional Internet Registry and get your own allocation Require a plan for a year ahead General policies are outlined in RFC2050, more specific details are on the individual RIR website There is plenty of IPv4 address space registries require high quality documentation 53 54 9

Addressing Plans ISP Infrastructure Addressing Plans Address block for router loop-back interfaces Address block for infrastructure per PoP or whole backbone summarise between sites if it makes sense allocate according to genuine requirements, not historic classful boundaries s assigned address space according to need Should not be reserved or assigned on a per PoP basis ISP ibgp carries customer nets aggregation not required and usually not desirable 55 56 Addressing Plans ISP Infrastructure Addressing Plans Planning 220.10.0.1 assignments Phase One 220.10.0.0/21 Phase Two 220.10.0.0/20 220.10.6.255 /24 Instrastructure Loopbacks 220.10.0.1 220.10.5.255 /24 /24 220.10.15.255 Registries will usually allocate the next block to be contiguous with the first allocation Minimum allocation is /21 Very likely that subsequent allocation will make this up to a /20 So plan accordingly Original assignments New Assignments 57 58 Addressing Plans (contd) Document infrastructure allocation eases operation, debugging and management Document customer allocation contained in ibgp eases operation, debugging and management submit network object to RIR Database Routing Protocols 59 60 10

Routing Protocols Why Do We Need an IGP? IGP Interior Gateway Protocol carries infrastructure addresses, point-to-point links examples are OSPF, ISIS, EIGRP... EGP Exterior Gateway Protocol carries customer prefixes and Internet routes current EGP is BGP version 4 No link between IGP and EGP ISP backbone scaling Hierarchy Modular infrastructure construction Limiting scope of failure Healing of infrastructure faults using dynamic routing with fast convergence 61 62 Why Do We Need an EGP? Interior versus Exterior Routing Protocols Scaling to large network Hierarchy Limit scope of failure Policy Control reachability to prefixes Merge separate organizations Connect multiple IGPs Interior automatic neighbour discovery generally trust your IGP routers prefixes go to all IGP routers binds routers in one AS together Exterior specifically configured peers connecting with outside networks set administrative boundaries binds AS s together 63 64 Interior versus Exterior Routing Protocols Hierarchy of Routing Protocols Interior Carries ISP infrastructure addresses only ISPs aim to keep the IGP small for efficiency and scalability Exterior Carries customer prefixes Carries Internet prefixes EGPs are independent of ISP network topology Other ISPs BGP4 BGP4 and OSPF/ISIS FDDI BGP4 Local IXP Static/BGP4 s 65 66 11

Routing Protocols: Choosing an IGP Routing Protocols: IGP Recommendations Review the Introduction to Link State Protocols presentation i.e. OSPF and ISIS have very similar properties ISP usually chooses between OSPF and ISIS Choose which is appropriate for your operators experience In IOS, both OSPF and ISIS have sufficient nerd knobs to tweak the IGP s behaviour Keep the IGP routing table as small as possible If you can count the routers and the point to point links in the backbone, that total is the number of IGP entries you should see IGP details: Should only have router loopbacks, backbone WAN point-to-point link addresses, and network addresses of any LANs having an IGP running on them Strongly recommended to use inter-router authentication Use inter-area summarisation if possible 67 68 Routing Protocols: More IGP recommendations Routing Protocols: ibgp Recommendations To fine tune IGP table size more, consider: Using ip unnumbered on customer point-to-point links saves carrying that /30 in IGP (If customer point-to-point /30 is required for monitoring purposes, then put this in ibgp) Use contiguous addresses for backbone WAN links in each area can then summarise into backbone area Don t summarise router loopback addresses as ibgp needs those Use ibgp for carrying anything which does not contribute to the Link State Routing process ibgp should carry everything which doesn t contribute to the IGP routing process Internet routing table assigned addresses point-to-point links DIAL network pools, passive LANs, etc 69 70 Routing Protocols: More ibgp Recommendations Scalable ibgp features: Use neighbour authentication Use peer-groups to speed update process and for configuration efficiency Use communities for ease of filtering Security Use route-reflector hierarchy Route reflector pair per PoP (overlaid clusters) Use route flap damping at the network edges 71 72 12

Security ISP Infrastructure Security ISP Infrastructure security ISP Network security Security is not optional! ISPs need to: protect themselves help protect their customers from the Internet protect the Internet from their customers The following slides are general recommendations do more research on security before deploying any network router security usernames, passwords, vty filters, TACACS+ Disable telnet on vtys, only use SSH vty filters should only allow NOC access, no external access See IOS Essentials for the recommended practices for ISPs 73 74 ISP Infrastructure Security ISP Infrastructure Security ISP Server Protection ISP server security usernames, passwords, TCP wrappers, IPTABLES protect all servers using routers with strong filters applied Hosted services security protect network from hosted servers using routers with strong filters protect hosted servers from Internet using routers with strong filters Access-list examples: Allow tcp/established to all servers ICMP 2ary: udp/53 and tcp/53 POP3: tcp/110 Mail Relay: tcp/25 and ISP address range only News: tcp/119 and ISP address range only Cache: udp/53 Web server: tcp/80 Other necessary filters: secondary POP3 To core routers Mail Relay NEWS Service Network Gateway Routers cache Web server All servers: SSH (tcp/22) from NOC LAN only 75 76 ISP Infrastructure Security Hosted Server Protection ISP Infrastructure Security premises security Access-list examples: Inbound Allow tcp/established to all servers ICMP Web server: tcp/80 SSH for customer access Any other ports for services sold to customers Outbound ICMP Allow udp/53 and tcp/53 Block all access to ISP address range To core routers Service Network Gateway Routers Server1 Server2 Server3 Server4 Server5 Server6 locks electronic/card key preferred secure access 24x7 security arrangements environment control good aircon staff responsibility password policy, strangers, temp staff employee exit procedures RFC2196 (Site Security Handbook) RFC3871 (Operational Security Requirements for Large ISP IP Network Infrastructure ) 77 78 13

ISP Network Security ISP Network Security Secure external access Denial of Service Attacks eg: smurfing see http://www.denialinfo.com Effective filtering network borders see Essentials customer unicast RPF network operation centre ISP corporate network behind firewall How to provide staff access from outside set up ssh gateway (Unix system with ssh daemon and nothing else configured) provide ssh client on all staff laptops ssh available on Unix and Windows ssh is Secure Shell encrypted link How not to provide access from outside telnet, rsh, rlogin these are all insecure open host insecure, can be compromised 79 80 Ingress & Egress Route Filtering Your customers should not be sending any IP packets out to the Internet with a source address other then the address you have allocated to them! Out of Band Management 81 82 Out of Band Management Out of Band Management Not optional! Allows access to network equipment in times of failure Ensures quality of service to customers minimises downtime minimises repair time eases diagnostics and debugging OoB Example Access server: modem attached to allow NOC dial in console ports of all network equipment connected to serial ports LAN and/or WAN link connects to network core, or via separate management link to NOC Full remote control access under all circumstances 83 84 14

Out of Band Network Out of Band Management Equipment Rack Equipment Rack Router, switch and ISP server consoles OoB Example Statistics gathering: Routers are NetFlow and syslog enabled Management data is congestion/failure sensitive (Optional) Out of band WAN link to other PoPs Modem access to PSTN for out of band dialin Ensures management data integrity in case of failure Full remote information under all circumstances Ethernet to the NOC 85 86 Test Laboratory Designed to look like a typical PoP operated like a typical PoP Test Laboratory Used to trial new services or new software under realistic conditions Allows discovery and fixing of potential problems before they are introduced to the network 87 88 Test Laboratory Test Laboratory Some ISPs dedicate equipment to the lab Other ISPs purchase ahead so that today s lab equipment becomes tomorrow s PoP equipment Other ISPs use lab equipment for hot spares in the event of hardware failure Can t afford a test lab? Set aside one spare router and server to trial new services Never ever try out new hardware, software or services on the live network Every major ISP in the US and Europe has a test lab It s a serious consideration 89 90 15

Operational Considerations Operational Considerations Why design the world s best network when you have not thought about what operational good practices should be implemented? 91 92 Operational Considerations Maintenance Operational Considerations Support Never work on the live network, no matter how trivial the modification may seem Establish maintenance periods which your customers are aware of e.g. Tuesday 4-7am, Thursday 4-7am Never do maintenance on a Friday Unless you want to work all weekend cleaning up Never do maintenance on a Monday Unless you want to work all weekend preparing Differentiate between customer support and the Network Operations Centre support fixes customer problems NOC deals with and fixes backbone and Internet related problems Network Engineering team is last resort they design the next generation network, improve the routing design, implement new services, etc they do not and should not be doing support! 93 94 Operational Considerations NOC Communications NOC should know contact details for equivalent NOCs in upstream providers and peers Or consider joining the INOC-DBA system Voice over IP phone system using SIP Runs over the Internet www.pch.net/inoc-dba for more information ISP Network Design Summary 95 96 16

ISP Design Summary KEEP IT SIMPLE & STUPID! (KISS) Simple is elegant is scalable Use Redundancy, Security, and Technology to make life easier for yourself Above all, ensure quality of service for your customers ISP Network Design ISP/IXP 97 98 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information