ODD010011 DCN Network Planning ISSUE 1_0

8/13/2019 ODD010011 DCN Network Planning ISSUE 1_0

1/52

HUAWEI TECHNOLOGIES CO., LTD.

2001-12-19

All rights reserved

www.huawei.com

Internal

ODD010011 DCNNetwork Planning

ISSUE1.0

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
http://www.huawei.com/http://www.pdffactory.com/http://www.pdffactory.com/http://www.huawei.com/


2/52

HUAWEI TECHNOLOGIES CO., LTD. Page 2All rights reserved

With the constantly increased network status ofthe data communication equipment of ourcompany, which widely covers network accesslayer, convergent layer, core layer, and corebackbone layer, we should provide entire networksolutions. DCN is an important network forcarriers. With the wide application of ourequipment in DCN, we should have a betterunderstanding of DCN and master the key points

in DCN design planning to construct better DCNfor clients and increase its expandability.

http://www.pdffactory.com/http://www.pdffactory.com/


3/52


This course helps you to know:

[ Definition of DCN Typical

[ networking of DCN

[ MPLS VPN in DCN



4/52


Chapter 1 Introduction of DCNChapter 1 Introduction of DCN

Chapter 2 Typical networking of DCNChapter 2 Typical networking of DCN

Chapter 3 Network protocol design of DCNChapter 3 Network protocol design of DCN

Chapter 4 MPLS design of DCNChapter 4 MPLS design of DCN



5/52


Definition of DCN

l The full name of DCN is Data Communication Network:

[ Its initial definition is the network for carriers to carry out out-bandnetwork management.The actual DCN covers various services ofcarriers.For example SPC switch NM, transmission NM, billingsystem, and OA.

l DCN is used to connect Network Elements (NE) and correspondingOperation Support System (OSS), which is an important networkbetween the network providing service and the network operationcenter.

l DCN is the nervous system ! of the carriers, with the characteristics ofphysical entity network, virtual service network ! . Comparing with

service networks of carriers (for example 169 network), DCN does notneed a very high broadband, but has a high demand for networksecurity, reliability, and manageability.



6/52


Development of DCNl OSN (Operation Support Network):

[ DCN can be seen as a subset of OSN, or DCN is the main part ofcurrent OSN. Before IP networks are widely used, DCN/OSN hasexisted already, just not through IP. But X.25 protocol has beenwidely used in 1980s, and X.25 once played an important role in

OSN, for the above historical reasons, current DCN is impossible IPOnly.

l DCN has become a comprehensive network with IP service as its mainservice and compatible with X.25, and Async at the same time.

l Standard of DCN ITU-T G.7712/Y.1703 (Architecture and specification

of data communication network, DCN).l This protocol is a regulation and guide document on DCN framework

and construction



7/52


Development of DCN

l For example, past MSC switch provided X.25 NM interface, butnow it provides IP-based Ethernet interface.

l Traditional telecom service should be changed into IP based NM,which has become a tendency.

l Previous DCN, constrained by different protocols (X.25, Async),may be comparatively independent physically in practice. X.25 isa network, and Async is another network.

l Currently IP-based DCN has integrated the above networks into alarge DCN



8/52


DCN integrated with X.25

l To integrate OSN (mixed with X.25, Async, and IP) into an IP-based DCN, corresponding technical supports are needed.

l Such kind of technology is usually applied in lower end routerat access layer.



9/52


DCN integrated with X.25 " - X2Tl X2T (X.25 to TCP Translation)

[ The principle and implementation methods of X2T scheme. X2T implements direct mutualtranslation between X.25 and TCP packet. Pure X.25 packet from X.25 network queriesaddress translation list based on called party X.121 address, and triggers setting up TCPconnection with the designated IP address. After setting up TCP connection, a router willextract pure data from X.25 packet and send them to IP host side through TCP connection.

l Equipment:

[ A Router supporting X2T;

[ An X.25 Terminal server which can run X25 application, supporting x25 protocol, connected inX25 network;

[ An IP Host, supporting/IP, connected in IP network.

X .25 Terminal IP HostRouter

E0S0

IP NetworkX . 25 Network

X.121 X.121 address1111

IP address10.1.1.1

IP address10.1.1.2



10/52


11/52


DCN integrated with X.25 " - X2T

l Data first flow to router A from client application program and implement IP to X25translation; then flow to router B through X25 network; finally flow to server application

program, and implement X25 to IP translation.

l The example is used to check the translation between X.25 and TCP/IP

IP Network X.25 Network IP Network

X2T- A X2T-B

S0 S 0E0 E0

20.1.1.1 20.1.1.2 10.110.96.49 10.110.96.51

Client Server



12/52


DCN integrated with X.25 " - X2T

l X2T looks like an NAT translation. Different from NATtranslation, it is the protocol translation between X.25 and IP.

l X25 host at the X25 network side runs a server applicationprogram supporting X25 protocol, responsible for receivingrequest, and transmitting data.

l IP host at the IP network side runs a client program supportingTCP/IP, responsible for requesting data from X25 host, andreceiving the transmitted data.

l X25 Terminal Communicates with Router through PVC.



13/52


Competitor #s X.25 translation technology " - XOTl XOT (X.25 Over TCP) is designed by Cisco. See RFC 1613 for details.l It is designed for transmitting X.25 in IP network, permitting to transmit X.25 packet

through TCP/IP network instead of LAPB.

l XOT transmits X.25 packet in the IP network by packing it into an IP packet.

Router 1 Router 2 Router 3

S0 S1 S0 S1

IP X.25

IPNetwork X.25 Network

IPNetwork

IP Cloud IP CloudX25 Cloud

7000 2500



14/52








15/52


Typical networking of DCN

l Typical networking of

DCN

[ National network

of DCN

[ Provincial network

of DCN

[ Municipal network

of DCN

l Running BGP in National

and Provincial DCNsAS

l AS numbers are

uniformly planned bycarriers. The private AS

numbers should be used

to the most.

R R R R

R R R R

R R R R

R R

R R

R R R R

R R R R

R R

R R

R R R R

R R R R R R R R

R R R R

R R

R R

SS SS SS SS SS

Municipal DCN

Municipal DCN

National DCNNational DCN

Provincial DCN



16/52


17/52


Typical networking of DCN National DCN

l National DCN can be divided into two layers " - core layer and convergence layer.

l Considering redundancy and disaster prevention, generally, one core node is not enough. As shown in the diagram above,there are two core nodes, which are in different cities geographically.

l Convergence layer is used to access to province and region/city, and the link is POS or E1, or binding of multiple E1s.

l Convergence layer routers geographically are in different provinces, through which connect with provincial network routers.This is for management consideration. The link between national network convergence layer and provincial network router isthe division interface of national and provincial network. Provincial network takes charge of the management and maintenanceof the lower part, while national network the upper part.

R R

R R

R R

R R

R R

R R

R R

R R

R R

R R

R R

R R

R R R R

R R R R



18/52


19/52



l Provincial DCN is the main part of DCN;

l Provincial DCN is used to connect national DCN and municipal DCN and at same time,connect the services of different provincial networks, for example, carriers # centralized billingand NM service.

l Provincial DCN itself can be divided into two layers, core layer, and access layer, core routerof the core layer.

l Access layer includes layer-three switch, mainly used for access to server and PC of variousservices within provincial networks.

l As a connection between a province and a region/city, access layer router may be in aregion/city physically, and is also the management boundary point between a province and aregion/city. The distance between provincial core router and provincial distribution layerrouter is far, so generally the link between them is POS 155/622, and even E1.

l Provincial core router generally is NE80, Cisco 12000 series or Juniper M160

l Layer-three switch of a provincial distribution layer can be S8500, S8016, and S6500 series.

l Provincial distribution layer router can be NE40, NE20, NE16/8,M20, M10, Cisco 7500,andCisco 7200.



20/52


Typical networking of DCNl

Municipal DCN is used to connect with provincial DCN, and takes charge of theinterconnection between municipal and branch offices.

l Concept of LDCN (compared with provincial DCN, municipal DCN is LDCN,L=Local)

l LDCN can be divided into three layers " - core layer, convergent layer, and accesslayer.

l Core layer takes charge of interconnection with provincial networks and municipal

nodes.l Comparatively powerful performance, in urban area geographically, a large number of

services from branch office to municipal office must pass through it

l In LDCN, a distribution layer device may be used at the same time as an access layerdevice, providing sufficient Ethernet ports to access to various important servers.

l Core layer equipment in common use: NE80, NE40-8, S8016;

l General convergent equipment in common use: NE40-4, S8500;

l Access layer equipment in common use: low end router (WAN access) and switch,R26, S3



21/52



l Main traffic is between municipal DCN and provincial DCN

l Very small part of traffic is from municipal DCN to national DCN

l DCN of different carriers may have different names, for example, the Mobile

is called MDCN.

l

DCN is a private network of carriers, on which there are various operationsupport services of carries. At the same time it is a pilot network for carriers,

all new features of data communication may be on trial first by carriers in

DCN.

l DCN is a private network, so theoretically its IP address and AS numbers

can be allocated at will. But in practice, carriers have correspondingregulations on IP address, AS numbers, and service name, which should be

abided by in design planning.



22/52








23/52


Typical networking of DCN - BGP

l On AS numbers, each province canown one AS or each region/cityown one.

l With the expanding of DCN, eachregion/city tends to own an ASnumber of itself.

l When provincial DCN releasesrouters to municipal DCN, it isbetter not to release default routers.

l From municipal network toprovincial network, and from

provincial network to nationalnetwork, there are generally dualegresses.

AS XXDCN

DCN

AS AA

DCN

R R

SS

R R

R R R R

R R R R

R R R R

R R R R

R R R R R R R R

SS SS SS SS

R R SS


Provincial DCN

Municipal DCN



24/52



l Adopt link selection that Local-preference influences internalaccess to EBGP.

l Adopt link selection that MEDinfluences external access to

internal.l Municipal DCN AS numbers are

filtered at Provincial DCN egressto National network to avoid beingsent to the national network

l A strategy can be set in provincial

DCN to filter out over-convergentrouters sent from municipal DCN,for example /8 router.

R R R R

R R R R

R R R R

R R R R

R R R R

R R R R R R R R

SS SS SS SS SS R R R R


Provincial DCN

Municipal DCN



25/52



l In municipal DCN, a router reflector is adopted, which is taken charge of by municipal DCN corelayer equipment. The router reflector has redundancy setting, and configured with Cluster-id.

Convergent layer equipment acts as the client of reflector.l IBGP uses loopback to establish neighborhood relationship.

l Multi-egress load sharing should be considered, it can be into two cases: VRP version supportsBGP load sharing, and VRP version does not support BGP load sharing.

R R R R

R R R R

R R R R R R R R



26/52


Typical networking of DCN - IGP

l IGP router protocol that used most in practice is OSPF.

l There is the case that the whole provincial network runs EIGRP (Ciscoprivate router protocol, enhanced IGRP) in early DCN.

l But carriers will consider the coordination between different manufacturers,so they have changed the principle " - don #t put all eggs in one basket ! .

l When BGP province and region/city have the same AS, provincial andmunicipal networks may be in the same OSPF domain, and all in Area 0.There will be no problem if only from the largest router numbers one Areacan support. One internal-province router is double-digit order of magnitude.

l In addition, different carriers or provinces may have different cases, so therelationship between province and region/city may be EBGP neighborhoodrelationship, may be not.



27/52


OSPF design consideration

l If province and region/city have the same AS, provincial and municipal networks belong to the

same OSPF Domain but different Areas, province and region/city are separated in management,and should be taken in charge by provincial and municipal offices. Divide into different Areas toease management and router handling, and reduce calculating of OSPF.

Provincial DCNOSPF Area0

Municipal DCNOSPF Area1

Municipal DCNOSPF Area2

R R R R

R R

R R R R

R R

R R

R R R R

R R

R R

R R R R

R R



28/52



Provincial DCN

Region/city A DCN Municipal B DCN

OSPF Area 0R R R R

R R

R R

R R

R R

R R

R R

R R

R R R R

R R

R R

R R



29/52



l When Provincial and municipal networks belongs to different AS, they run IGProuter protocol of their own separately

l When provincial and municipal BGP have the same AS,

l OSPF has the following two modes:

[ The province and region/city are in the same Area, this may be present status

of carriers # DCN

[ The provincial network is Area 0, and municipal network is other Areas, for

example Area 1,Area 2 $ for convenience of management, router convergence

and other operations

l Provincial network and municipal network are managed separately, so dividing

multiple Areas is more convenient for management; if province and region/cityusing different AS numbers can be predicated on the schedule, then consider to

keep current state to ease dividing one Area 0 into multi Area 0s in the future.



30/52


ISIS design consideration

l When ISIS router protocol is used as IGP, the same case existsl Divide provincial DCN into ISIS Level 2, and take municipal DCN as ISIS Level 1

Provincial DCN ISISL2

Municipal DCNISISL1

R R R R

R R

R R R R

R R

R R

R R R R

R R

R R

R R R R

R R Municipal DCN

ISISL1



31/52


ISIS design consideration

l For expandability, provincial network and municipal network can be divided

wholly into one layer, all belonging to ISIS Level 2,l An IGP convergence within AS is MPLS, VPN should notice that loopback

interface does not converge.

R R

Provincia DCNISIS L2 R R R R

R R

R R

R R R R

R R

R R

R R

R R R R

R R

R R

Municipal DCNISISL1Municipal DCN

ISISL1



32/52


Cost Value and Load Sharingl

On IGP link COST value, united rules are recommended. Refer to the following recommended value:Interface type Cost

GE 1

155M POS 7

100M FE 10

10M ETHERNET 100

N! E1 500/N

COST value at Loopback interface usually is 1.

l Usually there exist the following two load-sharing technologies:

[ 1) Per-Packet: rotates output interfaces to send packet, with effective load sharing. But the packet with the

same session may start off at different interfaces and different paths will result in disorder.

[ 2) Per-Flow: distributes service flow to different output interfaces based on certain rules, for example (source

IP +Destination IP) /N, and N i s the router number of load sharing. It has effective load sharing, and at the

same time it ensures the packet with the same session to start off at the same interface with the same path.l Equipment from different manufacturers with different models, supports different types and numbers of load sharing

technologies, which should be considered when the equipment cooperates with each other.



33/52


Cost Value and Load Sharing

l Global load sharing can be implemented through modifying link COST value.

l For a node, data are transmitted uplink through a path; while for the whole network, atdifferent nodes, data are transmitted uplink through different paths.

l In addition, modification of Cost value is also a mode affecting BGP link selection.

R R R R

R R R R

R R R R

R R R R R R



34/52








35/52


Application of MPLS VPN in DCN

l Layer-three MPLS VPN in DCN is increasingly applied.l Putting different service types into different VPNs has become a

tendency.l Classification of Common VPN:

[ BOSS[ Billing[ NMS[ Settlement[ Integrated Service[ OA[ Finance

l Carriers are changing Common ! network into VPN networkbased on service types.

l In design planning, we should cover and consider about it.



36/52


INBASINBAS

MBASMBAS

RSSRSS

MNMSMNMS

SDHNMSSDHNMS

TNMSTNMS

DCSMSDCSMS

DNMSDNMS

INSMPINSMPINBSSINBSS

97BSS97BSS

97COMM97COMM

LSNMSLSNMS

SS7NMSSS7NMS

IPCNMSIPCNMS

NSNMSNSNMS

ISNMSISNMS

Examples of Service Classification on DCN

l The actual service quantity is far more

than that of current VPN on DCN, the

classification of VPN is not so detailed

as it is in service, not excluding the

possibility that in future single item orseveral items of services will be

classified separately into one VPN.

l Consideration should be given in

designing.



37/52


MPLS VPN Design Change of IP Address

l Present situation of nodes in a certain office on a municipal DCN:

l The IP addresses are classified geographically, but not in accordance withservice types. Different types of services are in the same Vlan and the samenetwork segment.

SPC Switch

To hub

Transmission



38/52



l Divide Vlan based on the service types of nodes on each branch office,and reallocate IP addresses

l Refer to relevant regulations of carriers on service classification. "

To hub

Switch Manages IP

SPC Switch Transmission



39/52



l When re-planning the IP addresses, consider the following points:l Re-allocate addresses based on service types that are defined by carriers.

l Allocate address segment based on IP address numbers occupied by each service typeon each node, at the same time consider the possible added numbers in the future.Ensure IP addresses are enough to be allocated and certain address segments havebeen reserved, then reserve fully.

l

For future expandability, divide IP addresses strictly based on service types. Carriersmay operate several VPNs in practice, and many services may be divided into one VPNas a large category, but not excluding the possibility that in the coming future single itemor several items of services will be classified separately into one VPN. If dividing IPaddresses strictly based on service types, we need not to re-allocate IP addresses againwhen the demands above appear. "

l Though allocating IP addresses should be based on service types, we should follow thedefault principle in actual application. If the IP addresses are enough, do not multiplex IPaddress segment. Though VPN address composed of RD+IP address can distinguishmultiplexing addresses, don #t use this way as far as possible. In addition, DCN featuredin that itself is a large private network, and many addresses are available.



40/52


Internet Access Modes on MPLS VPN

l Considerer often that in DCN some VPNs require to access to Internet.l Sometimes, the public network egress is centralized in the provincial company,

but most of times Internet access should be in the LDCN of each region/city

(with the management right is gradually transferred to the upper, Internet

egress of the carriers # DCN can only be found in national network in the future).

l

Refer to modes of public network access for Internet access. There are severalways for option.

l It should be noted that generally a default route is released in each VPN

l The default route should be treated cautiously to ensure it would not result in

route disorder.

l

Particularly do not affect provincial DCN access



41/52


Internet Access Modes on MPLS VPN

l Each region/city DCN owns Internet egress of itself.

R R

SS

R R

R R R R

R R

R R

R R R R

R R R R

R R

R R

R R R R

R R R R

SS R R


Provincial DCNMunicipal DCN

FirewallMunicipal DCN



42/52


VPN User Access to Internet - Traditional Mode

l Provincial DCN configures Internet access egress, handling Internet accessrequirements in a centralized manner.

R R

SS

R R

R R R R

R R R R

R R R R R R R R

R R

R R

R R R R

R R R R

SSR R

Firewall

Municipal DCN

Municipal DCN


Provincial DCN



43/52


VPN User Access to Internet - Traditional Mode

l There are two logical links between PE and CE:

[ One is private network access. This logic interface is bound to a corresponding VPN on PE.

[ Another is public network access. This logic interface is not bound to a corresponding VPN on PE, butbelongs to public network.

[ On CE there are VPN private network route and public network default route for Internet access

[ Because this mode is easy to operate and the earliest to be used, so it is called traditional way ! for VPNusers to access Internet.

[ The disadvantage is that CE owns public router and private router at the same time.

[ The mode may occur in earlier DCN deployed MPLS VPN

R R

R R

R R

R R

CE

PEMPLS VPN

Private network access

Public network access

Internet



44/52


VPN User Access to Internet - Modes ofrouting leakage

l By Configuring a route to the private network in the public networkl And by leaking a default route to access to public Internet in the private network, VPN user

can access to InternetIpl route-static x.x.x.x 255.255.255.0 ethernet 0/0/0l Ip route-static vpn-instance VPNA 0.0.0.0 0.0.0.0 y.y.y.y publicl The principle of this method is simple, and its disadvantage is that route management is

complicated and maintenance is difficult.

CE

VPN A

CE

VPN B

R R

R R

R R

R R

PEMPLS VPN

Internet

R R



45/52


VPN User Access to Internet - Centralized Access of Center VPN

l Connect Internet and put it in the public VPNl Allow other VPNs to visit this VPN through Hub-Spoke, and deliver default router to other VPNs

from Internet VPNl This mode is the completely-mutual access between VPNs, unrelated to public network route,

having good security,l Some public servers in DCN, for example, file server, virus server, can be put to the Internet VPN

for centralized management

CE

VPN A

CE

VPN B

R R

R R

R R

R R

PEMPLS VPN

Internet

R R

VPN Internet



46/52


VPN Mutual Access in MPLS VPNl

Mutual access between VPNs is a headache in DCN designing. VPN isdesigned just for isolating different services and mutual access, but in actual

application, for some historical reasons and practical requirements, this kind

of mutual access is often needed.

l The most fearful mutual access is that all VPNs can access mutually, thus

VPN will totally lose its meaning. VPN in this kind of application is uselessexcept that it looks pretty ! . In addition, it will waste the equipment of the

whole network (CPU, MEM, convergence speed and delay) and broadband

resource.

l Our design planning is to guarantee users # VPN application will not get into

the above state, and ensure users will really benefit from their investment.l Guide users, explain the problem and try to find solution together



47/52


VPN Mutual Access in MPLS VPNl Mutual access demand of each VPN generally should be confined within several servers. For

example, in financial VPN, one server may require mutual access with a billing server, while inOA an anti-virus server requires all VPN can access it.

l Refer to the solution in MPLS VPN for servers # mutual access with certain limited numbers in

VPN, or consider dividing the servers with this kind of requirement into one VPN, just as the

centralized access of center VPN mode above.

Billing systemof group company

NMS of groupcompany functional network

PE

PE

Networkplatform of DCN

PE PE

Import:100:1Export:200:1


PE

PE


NMS of provincial company functional network

Billing systemof provincial company

Billing systemof provincial company

NMS of provincial company functional network

Networkplatform of DCN



48/52


VPN Mutual Access in MPLS VPN

l Typical Application of ACCESS MPLS VPN

l L2TP adaptor can replace real network card

l Realize dynamic selection of VPN by using L2TP verification mechanism

PE dynamically imports differentVPNs based on user name andpassword and allocates differentIP addresses

PE

Multi-roleHost

VLAN

Radius/CAMS

MPLS VPNL2TP

LNS

Host accessthrough L2TPtunnel

Host accessthrough L2TPtunnel



49/52


50/52


Consideration in Cross-Area MPLS VPN Design

l Between national and provincial network, or between provincial and municipal network, VPNsinterconnections all belongs to cross-area MPLS VPN. In DCN, two modes, Option A or Option B,

are usually adopted.l Option A configuration is simple and not necessary to consider the compatibility of different

manufactures. RT can be different in two AS, which is not suitable for the case with many VPNs.

AS1CE PE

ASBR

AS2

CEPE

ASBR

PE

PE

CE

CE

MP-IBGP

EBGP

MP-IBGP

PE ASBR ASBR PE

IP TransmitLSP1

VPN LSP1

LSP2

VPN LSP2



51/52


Consideration in Cross-Area MPLS VPN Design

l When Option B is used, it is necessary to consider the compatibility of different manufactures.

l Option B requires that RT in two AS be consistent. If RT rule in relevant regulation of carriers is ASN: XX, then RT of two AS cannot be consistent, which needs negotiation for a solution.

l The substance of users # selection schemes % dynamic access of VPN

AS1CE PE

ASBR

AS2

CEPE

ASBR

PE

PE

CE

CE

MP-IBGP MP-EBGP MP-IBGP

PE ASBR ASBR PEVPN LSP2

LSP1

VPN LSP1

LSP2

VPN LSP2



52/52

www.huawei.com

Thank You

http://www.huawei.com/http://www.pdffactory.com/http://www.pdffactory.com/http://www.huawei.com/

ODD010011 DCN Network Planning ISSUE 1_0

Documents