The Network Operation Centre of a RREN: The Network Operation Centre - PowerPoint PPT Presentation

The Network Operation Centre of a RREN: The Network Operation Centre of a RREN: Anella Cient Anella Cientí ífica fica Maria Isabel Gandía Carriedo Communications Area, Systems & Networks Department, CESCA TF-NOC Preparation Meeting NORDUnet A/S, Kastrup, 3/5/2010

Agenda Agenda � About CESCA and Anella Científica � Anella Científica/CESCA NOC: • Communication with the users • How we manage the network • How we manage dedicated circuits � Tools • Communications database • Ad-hoc scripts • Cacti & its plugins • PerfSonar • SMARTxAC • NAM • Other tools � Conclusions

About CESCA and Anella Cientí ífica fica About CESCA and Anella Cient � Public consortium � Created in 1991 � Formed by: • Generalitat de Catalunya • Talència • 9 Catalan universities • Consejo Superior de Investigaciones Científicas � Anella Científica created in 1993 � CATNIX created in 1999

Our Services Our Services

About Anella Cientí ífica fica About Anella Cient Anella Científica is the research and education network in Catalonia Managed by CESCA Connected to RedIRIS With more than 80 points of access of institutions related to research

Anella Cientí ífica: fica: Evolution Evolution Anella Cient 85 82 29G 79 90 28G 76 28G 73 (Aggregatged capacity in Mbps) 16G 66 80 6G 4G 53 70 # Points of access 2G ≥ 1.000 Mbps ≥ ≥ ≥ 60 37 100–990 Mbps 50 1G 27 40 10–90 Mbps 502 19 17 16 30 15 388 ≤ 10 Mbps 288 ≤ ≤ ≤ 190 188 8 8 20 7 6 6 80 80 70 60 60 10 0 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 9 9 9 9 9 9 9 0 0 0 0 0 0 0 0 0 0 1 1200 2006 2.920,75 1000 2007 4.665,43 800 Tràfic (TB) 2008 7.646,55 600 2009 6.712,35 2010 2.591,91 400 200 0 2002 2003 2004 2005 2006 2007 2008 2009 2010

Anella Cientí ífica: Architecture fica: Architecture Anella Cient � Some local dark fibre links � L2 Gigabit Ethernet network � Flexible and easily scalable � Different points of access & connections: • Ethernet: 10, 34, 100, 1,000 and 10,000 Mb/s • ADSL, SHDSL � Core is a full mesh, redundancy in the links between nodes � Access is a “ring”: dual homing � Redundancy of the provider network and the WDM network � Customizable CIR + EIR � QoS capabilities at L2 network …but the model will probably change

Anella Cientí ífica: projects fica: projects Anella Cient � PIC participates in LHC (10 Gbps) � i2CAT participates in FEDERICA, Phosphorus, HDVIPER (10 Gbps) � UPC-CCABA participates in EuQoS, MUPBED,… (1 Gbps) � CESCA, i2CAT & UPC participate in PASITO (10 Gbps) � BSC participates in RES (1 Gbps) � Liceu transmits the course Opera Oberta

Anella Cientí ífica: L3 fica: L3 Anella Cient CESCA, as the manager of the Regional Research and Education Network (RREN) in Catalonia and as a Local Internet Registry (LIR) has: • Addresses for the connected institutions: – IPv4: 84.88.0.0/15 – IPv6: 2001:40B0::/32 • An Autonomous System (AS): – AS13041 � CESCA controls all the L3, some L2 and some L1, so our monitoring is mostly L3-based .

Anella Cientí ífica: topology fica: topology Anella Cient A B C 1. Science and technological parks 1. Public and private non-profit Universities 1. Official bodies of R+D management 2. Official Bodies of Research 2. Relevant Digital contents institutions 2. Other hospital units 3. Other non-profit Research centres 3. R+D+i participants 4. Hospital Research centres 4. Special interest for R+D institutions Operator C. Nord Telvent Internet

Anella Cientí ífica: circuits fica: circuits Anella Cient � Permanent circuits & services: • Each point of access has one circuit to each core node for redundancy (using L3 routing) • An institution can have more than one VLAN with other points of access that usually belong to the same institution (internal traffic) • An institution can have a dedicated virtual router, managed by CESCA, to aggregate some connections A B C Operator C . Nord Telvent

Anella Cientí ífica: points of access fica: points of access Anella Cient Access Ring Core Access Node Backbone 10~70km Node Backbone 10~40km Node Access 10~70km Node

Agenda Agenda � About CESCA and Anella Científica � Anella Científica/CESCA NOC: • Communication with the users • How we manage the network • How we manage dedicated circuits � Tools • Communications database • Ad-hoc scripts • Cacti & its plugins • PerfSonar • SMARTxAC • NAM • Other tools � Conclusions

The NOC: Communications Area The NOC: Communications Area � Some numbers: • 85 points of access • 2 core nodes • 76 institutions connected to Anella Científica • 22 entities connected to CATNIX • 4 network engineers & 1 student • 20 engineers for the weekend monitoring � Help from the Operations & Security Area for cabling, installations, etc. � We have a technical and an administrative contact for each institution that channel all the requests (IP address assignments, routing, dedicated circuits, incidents), but we can have previous conversations with relevant users to know their needs. � Some technical contacts have a meeting once a year (CTAC). � We organize a Meeting/Workshop (TAC) once a year to present new institutions and projects (for instance, this year, Cloud Computing)

Communication institutions - -> CESCA > CESCA Communication institutions � Adresses (RT): • ac-noc@suport.cesca.cat – Routing – Network incidents • ac-nic@suport.cesca.cat – Addresses requests – Reverse DNS • anella.serveis@suport.cesca.cat – Services (Multicast, ftp-mirror,…) • eduroam@suport.cesca.cat – Eduroam • eriac@suport.cesca.cat – Security incidents � Telephone

Communication CESCA - -> institutions > institutions Communication CESCA � Distribution lists: • ctac@cesca.cat – Members of the Comission • anella-t@cesca.cat: – Technical representatives • anella-a@cesca.cat: – Other technical staff – Generic addresses � RT queues � Telephone & e-mail � TAC � Aula (New Technologies and Seminars)

If there is an incident.. If there is an incident.. � During our working hours (9.00-18.00 Mo-Th, 9.00-14.30 Fr, 8.00-15.00 Jul/Aug) • They call us • They send a message to ac-noc@suport.cesca.cat • We try to be very proactive � Out of our working hours, 24x7 reactive service for the institutions with an external enterprise. � The external enterprise is able to check the state of our routers and switches and, if the problem is external, they can call our provider. � Second level support from our technicians during the weekend.

How we manage the network How we manage the network � Inventory of circuits using “our” Communications database � Ad-hoc scripts and alarms � Statistics via SNMP with Cacti � UPC-CCABA has developed a passive monitoring system using real-time analysis: SMARTxAC � Our NOC is subscribed to the Dante E2ECU (End to end coordination unit) mailing list for dedicated circuits � perfSONAR node through RedIRIS for LHC � NAM � Other tools

How we manage dedicated circuits How we manage dedicated circuits � Special circuits & services: • If the circuit is between two institutions connected to Anella Científica, we ask both if they want the connection. We have a special range of VLAN for these connections. • If the circuit is external, RedIRIS uses a formulary that the institutions fill and send. They send it to RedIRIS and CESCA indicating the name of the project, description, responsible entity, kind of connection, etc. • For modifications, institutions can ask us directly and we contact RedIRIS • RedIRIS and CESCA have agreed two ranges of VLAN for special projects, one range for each type of encapsulation • We use the Request tracker to handle all the requests, arrange a VLAN number, etc.

For our users: For our users: � Listen to their needs first � For each new connection, there are some stress tests before going to a production environment � They can choose static routing or dynamic routing (BGP) � We ping their interface from the other end of the /30 and from our monitoring machine � We apply anti-spoofing filters…Some insist on using the infrastructure address for VPNs �

Agenda Agenda � About CESCA and Anella Científica � Anella Científica/CESCA NOC: • Communication with the users • How we manage the network • How we manage dedicated circuits � Tools • Communications database • Ad-hoc scripts • Cacti & its plugins • PerfSonar • SMARTxAC • NAM • Other tools � Conclusions

“Our Our” ” Communications database Communications database “

“Our Our” ” Communications Communications database database “ � We store all the information of our institutions: • Points of access • Addresses • Technical and executive contacts e-mails and telephones • Assigned IP addresses • Infrastructure addresses (point to point) • Equipment • Bandwidth • Technology • Comments, special cases for the 24x7 service � It makes our life easier, as we have many “special” cases: • More than one point of access per institution • More than one institution per point of access • Different circuits intra and inter-institutions • …