• No results found

Janko Jager. * MPLS Multi Protocol Label Switching ** NLBd.d. Nova Ljubljanska banka d.d.

N/A
N/A
Protected

Academic year: 2021

Share "Janko Jager. * MPLS Multi Protocol Label Switching ** NLBd.d. Nova Ljubljanska banka d.d."

Copied!
29
0
0

Loading.... (view fulltext now)

Full text

(1)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 1

MPLS@NLBd.d.

* MPLS – Multi Protocol Label Switching ** NLBd.d. – Nova Ljubljanska banka d.d.

(2)

Foreword

ƒ This presentation is about NLB d.d. experience in upgrading network communications infrastructure –

why, what, how, pros., cons., lessons learned – and not about technology and configurations.

ƒ Some statements in this presentation could be author’s personal opinion and not official opinion of NLB d.d.

(3)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 3

Agenda

ƒ

About NLB d.d.

ƒ

WHY...

ƒ

WHAT...

ƒ

HOW...

ƒ

Conclusions

ƒ

Q&A

(4)

About NLB d.d.

ƒ NLB Group

(5)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 5

NLB d.d. - NLB Group

58 members in 17 countries ƒ banks: 13 (including NLB d.d.) ƒ leasing: 11 ƒ trade finance: 11 ƒ insurance: 5 ƒ asset mgmt: 1 ƒ non financial: 17

(6)

NLB d.d. - Slovenia

(7)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 7

WHY to upgrade network

ƒ Capacity ƒ Technology ƒ New services ƒ Costs

(8)

WAN topology (present)

(9)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 9

WAN utilization (present)

ƒ 100% increase of network traffic in less than one year

(10)

Goals

ƒ To provide sufficient capacity, quality, availability, security - to migrate corporate network from switching and routing to service oriented network platform.

ƒ To provide network support for several emerging technologies and network services – IP ATMs, IP telephony, IP video surveillance...

ƒ To lower communications costs (enhance price –

performance) and achieve independence from only one telecom provider.

(11)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 11

WHAT is obvious technical solution

ƒ MPLS VPN ƒ GRE/IPsec

(12)

MPLS VPN

(maybe right solution for “non-corporate” networks)

ƒ Provided/implemented by telecom provider

+

ƒ Customer’s virtual private “communication cloud” within provider’s network

ƒ Media independent (Ethernet, xDSL, leased lines, Frame Relay, FO...)

ƒ Network devices managed by provider

Customer depends on provider (costs, QoS...)

(13)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 13

GRE/IPsec

ƒ Implemented by customer

+

ƒ GRE/IPsec tunnels provide data security

ƒ Tunnels connect customer’s private networks (branches – datacenters)

ƒ Network devices managed by customer

Additional network equipment (costs, management, processor power)

(14)

MPLS VPN over GRE/IPsec

ƒ Implemented by customer

+

ƒ Customer defined MPLS VPN network(s) over GRE/IPsec

ƒ Provider independent (better monitoring and service management, easy to introduce new network services, customer defines virtual networks within his network) ƒ More than one provider (costs, price-performance, QoS, redundancy...)

ƒ Network devices managed by customer

(15)

-Telecommunications, Portorož, 04.10.2008 NLB d.d. 15

Comparison...

MPLS VPN over GRE/IPsec

MPLS VPN GRE/IPsec

Provider independency No Yes Yes

Authentication No Yes Yes

Encryption No Yes Yes

Media independency Yes Yes Yes

Trafic separation Yes No Yes

(16)

MPLS VPN over GRE/IPsec

Customer’s network Customer’s network MPLS VPN MPLS VPN Provider #1 Provider #2 Provider #3 GRE/IPsec GRE/IPsec VPN A VPN A VPN B VPN B Branch 2 VPN A VPN A VPN B VPN B Branch 1 VPN A VPN A VPN B VPN B Branch 3 VPN A VPN A Branch 4 VPN A VPN A VPN B VPN B Primary MP-BGP

ƒ Simplifyed logical scheme

datacentre secondary

(17)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 17

HOW to do it

ƒ ... (project) ƒ Requirements ƒ Pilot testing ƒ Telecom Slovenia ƒ ... (implementation)

(18)

Requirements, decisions...

ƒ Selecting telecom provider(s): primary and secondary connections by Telecom Slovenia (all connections MPLS VPN; defined QoS,

reporting, on-line monitoring, problem solving...)

ƒ Selecting system integrator(s): NIL d.o.o., NLB Propria

ƒ Datacenter:

ƒ 1Gbps, FO, Ethernet

ƒ Cisco routers ASR 1002

ƒ Branch office:

ƒ Primary connection: 10Mbps, FO, Ethernet, RJ45 (to the micro location)

(19)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 19

QoS requirements

Parameters Required Acceptable offset

Bandwidth 10Mbps up to 20%

Availability – monthly average >= 99,9%

Delay – hourly average <= 100 ms up to 3 times/month

Delay – daily average <= 70 ms up to 1 time/month

Delay – monthly average <= 60 ms

Jitter – hourly average <= 15 ms up to 3 times/month

Jitter – daily average <= 10 ms up to 1 time/month

Jitter – monthly average <= 5 ms

Packet loss – hourly average <= 0.8% up to 3 times/month

Packet loss – daily average <= 0.3% up to 1 time/month

Packet loss – monthly average <= 0.2%

ƒ Should be confirmed by provider (and put in a contract)

(20)

Pilot implementation

Telecom Slovenia Datacentre Branch office Secondary MPLS New (MPLS) routers

Existing routers ISDN Ethernet

Leased line

Primary MPLS

Leased line

HSRP

(21)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 21

Telecom Slovenia 1/3

MPLS@NLB add on from TS

VPN business services

ƒ Carrier Class equipment

ƒ Carrier Grade network infrastructure with DWDM protection mechanisms

ƒ MPLS Based Core network with protection of all links

ƒ Metroethernet based Access Network with protection of business customers

ƒ Usage of different kind of first‐mile technologies as ADSL2+, VDSLx, FTTx, SHDSL, EFM,  Wimax and Mobile network

ƒ Over 100 cities covered with business network for VPN services

ƒ E2E QoS assurance

ƒ SLA monitoring/reporting and advanced SLA monitoring/reporting (with applications)

ƒ 24/7 Network operations center 

ƒ Dedicated contact channel and technical team for business customers * Signedcontractwith mobile operater Mobitel (on trial)

(22)

Telecom Slovenia 2/3

Services on MPLS network ƒ L3 VPN ƒ VoIP for SB, SMB and large enterprise networks (IP centrex and IP PBX support) ƒ Advanced IP TV services, standard and high definition ƒ VoIP for residental segment and for SOHO ƒ FMC services ƒ Hotels multimedia services and advanced hotels multimedia services ƒ SLA monitoring and advanced SLA monitoring (with applications) ƒ Combination of P2P and mash VPN network  ƒ L2 VPN* ƒ IMS (IP multimedia subsystem)* ƒ IPS service (Intrusion Prevention System)* ƒ Redundancy location of DRC** ƒ Surveillance service (commercial name INFRANET)* ƒ VPN service for IP/POS terminals and ATM’s* * on trial

(23)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 23

Telecom Slovenia 3/3

MPLS@NLB add on from TS Telekom Slovenia topology ƒ Carrier Class equipment  ƒ MPLS Based Core network with protection of all links (10G) ƒ Metroethernet based Access Network with protection of business customers ƒ Over 100 cities covered with business network for VPN services ƒ Separate business and residental netwotk on physical layer  ƒ Dual WAN connectivity

(24)

Conclusions

ƒ Lessons learned ƒ Results

(25)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 25

Lessons learned

Importan NLB d.d. experience

Project Involve internal users/customers; gain management support; prepare business case...

Plan, plan, plan More than one year of planning, meetings, educations. Larger network, more services – more planning required.

Think about big picture – don’t forget about other network segments (network core, monitoring and management) and new services (IP telephony, IP ATMs...)

Significant architecture change – server centralization.

Equipment Be careful when buying new network equipment: capacity, end of sale, end of support, SW versions for required functionalities...

Support costs for new equipment might be lower; part of business case. Testing, pilot branch office implementation Proved to be very useful; some configurations were changed.

Internal users/customers confirmation.

Telecom providers Take time for negotiations. Think about contract: obligations and penals – costs, response times, QoS parameters, measurements, reporting... Not all telecom providers are capable of connecting all NLB d.d. branch offices.

Different providers – very different prices.

Cable installations (within buildings) Might be a problem: protected buildings, permits, cabling documentation, extra costs, extra time...

(26)

Results

Goals NLB d.d. conclusions

Sufficient capacity 10Mbps for each branch office, can be upgraded.

QoS Telecom providers put QoS parameters and measurement methods into contracts. Unfortunately they do not offer QoS as required.

Availability High availability is technically supported by using primary and secondary connections. Unfortunately both are still from the same provider.

Security Enabled by using MPLS VPN over GRE/IPsec. Ability to easily support new network

services (IP ATMs, IP telephony...)

Enabled by using MPLS VPN over GRE/IPsec. Independent from telecom provider. Consideration could be sufficient QoS. Lower communications costs Much better price-performance. Lower network equipment

maintenance costs. Server centralization/consolidation. Independence from only one telecom

provider

Independence is technically supported. Not all telecom providers are capable of connecting all NLB d.d. branch offices.

(27)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 27

TO DO...

ƒ Sign the contract with provider

ƒ Establish connectivity with all branches

ƒ Finish implementation (only datacenters and one branch implemented)

ƒ Introduce network support for new services (IP ATMs) ƒ Start redesigning network core

(28)

Q&A

(29)

Telecommunications, Portorož, 04.10.2008 NLB d.d. 29

Thank you.

Janko Jager, B.Sc. Manager

NLB d.d., IT Processing and Infrastructure, Network Šmartinska 132, SI-1520 Ljubljana, Slovenia

References

Related documents

The aim of the present study was to examine the impact of preoperative dexamethasone on the magnitude of the postoperative SIR and complications following surgery for

The purpose of this paper is threefold: firstly to provide a brief historical overview of vocational rehabilitation in South Africa; secondly to describe research undertaken

[r]

Under the Chief Counsel, the Sanctions section imposes administrative enforcement intervention and adverse actions on providers of various state health care programs found to

The program’s 25 activities are distributed in 3 intervention modules or axes about bullying and cyberbullying: (1) Conceptualization and identification of roles (the activities

The FMEA of the remanufactured computers consists of nine potential failure modes which show as to whether the components, subsystem or system have met the

Part 3: Categories of description of both the conceptions (“what”) and the orientations (“how”) of embedding graduate attributes in the curriculum : The third part of

Najczęściej rekomendowane były szkolenia z zakresu ICT (prawie 31% wskazań) oraz szkolenia kadrowo-księgowe (blisko 27% wskazań). Szczegółowe zagadnienia w obrębie