Below, We have some visio diagrams we have done for customers.
This first design is a customer mesh into a couple of different data centers. We are referring to this as a switch-centric design. This has been talked about in the forums and switch-centric seems like as good as any.
This next design is a netonix switch and a Baicells deployment.
We like to refer to Indianapolis, Indiana as an “NFL City” when explaining the connectivity and peering landscape. It is not a large network presence like Chicago or Ashburn but has enough networks to make it a place for great interconnects.
At the heart of Indianapolis is the Indy Telcom complex. www.indytelcom.com (currently down as of this writing). This is also referred to as the “Henry Street” complex because West Henry Street runs past several of the buildings. This is a large complex with many buildings on it.
One of the things many of our clients ask about is getting connectivity from building to building on the Indy Telcom campus. Lifeline Data Centers ( www.lifelinedatacenters.com ) operates a carrier hotel at 733 Henry. With at least 30 on-net carriers and access to many more 733 is the place to go for cross-connect connectivity in Indianapolis. We have been told by Indy Telcom the conduits between the buildings on the campus are 100% full. This makes connectivity challenging at best when going between buildings. The campus has lots of space, but the buildings are on islands if you wish to establish dark fiber cross-connects between buildings. Many carriers have lit services, but due to the ways many carriers provision things getting a strand, or even a wave is not possible. We do have some options from companies like Zayo or Lightedge for getting connectivity between buildings, but it is not like Chicago or other big Date centers. However, there is a solution for those looking for to establish interconnections. Lifeline also operates a facility at 401 North Shadeland, which is referred to as the EastGate facility. This facility is built on 41 acres, is FEDRAMP certified, and has a bunch of features. There is a dark fiber ring going between 733 and 401. This is ideal for folks looking for both co-location and connectivity. Servers and other infrastructure can be housed at Eastgate and connectivity can be pulled from 733. This solves the 100% full conduit issue with Indy Telcom. MidWest Internet Exchange ( www.midwest-ix.com ) is also on-net at both 401 and 733.
Another location where MidWest-IX is at is 365 Data Centers (http://www.365datacenters.com ) at 701 West Henry. 365 has a national footprint and thus draws some different clients than some of the other facilities. 365 operates Data centers in Tennessee, Michigan, New York, and others. MidWest has dark fiber over to 365 in order to bring them on their Indy fabric.
Another large presence at Henry Street is Lightbound ( www.lightbound.com ). They have a couple of large facilities. According to PeeringDB, only three carriers are in their 731 facility. However, their web-site lists 18+ carriers in their facilities. The web-site does not list these carriers.
I am a big fan of peeringdb for knowing who is at what facilities, where peering points are, and other geeky information. Many of the facilities in Indianapolis are not listed on peering DB. Some other Data Centers which we know about:
Zayo (www.zayo.com)
LightTower ( www.lightower.com )
Indiana Fiber Network (IFN) (https://ifncom.co/)
Online Tech ( www.onlinetech.com )
On the north side of Indianapolis, you have Expedient ( www.expedient.com ) in Carmel. Expedient says they have “dozens of on net carriers among all markets”. There are some other data centers in the Indianapolis Metro area. Data Cave in Columbus is within decent driving distance.
A few days ago Homeland Security published an e-mail on threats to network devices and securing them. Rather than cut and paste I exported the e-mail to a PDF. Some good best practices in here.
TA16250A The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations
So today UPS dropped off a brand new EdgeSwitch 16XG. I won’t bore you with all the cool stats. You can read the official product literature here. This is just a first look. Future posts will dive into configuration, testing, and other such things. For those wanting the cliff notes version of what this switch is about:
UBNT is following a natural trend in the switch world. As more and more networks are looking at 1Gig being their minimum, the switches are reflecting this. Gone are the days of 10/100 ports. Now are going toward 1/10 gig ports, even on copper. 10/100/1000 switches still have their place, but usually not on switches with 10 gig ports.
Out of the box the switch isn’t anything sexy. I feel like it should have a shiny UBNT logo somewhere.
I like the fact that none of the ports are shared ports. You can use all 16 ports. It always annoys me when I buy a switch and can’t use all the ports because they are shared on the bus.
An interesting feature on this switch is a redundant DC input option. This can be anything from 16-25volts and be able to support 56watts. This results in a minimum of a 2.2 Amp power supply. This is assuming a full load on the switch as well. For the WISP market this could be a very handy option. You could install the switch where it is drawing from AC power but in the event of AC outage it will switch to a DC source. One of my questions to UBNT is if you can run it off total DC.
Now on to some nitpicky design things. None of these really affect the performance of the switch, just are annoyances.
-The console port not being on the front. In today’s dense rack environments we are putting patch panels and Transfer switches in the backs of the rack. If we have to get to the back of the front mounted devices then anything other than power becomes an annoyance. This is not an issue if you install every new switch with a console cable back to a console server like we do, but even that doesn’t always happen.
-The SFP cages should stick out just a tad from the front. During inserting and re-inserting SFPs I actually pushed the cage back a little. This resulted in some of the SFPs not clicking in correctly. The little tabs holding the top of the SFP cages aren’t sturdy enough to hold some repeated clicking in and out.
After seeing this I was prompted to open the switch and see what is under the hood.
I think this will be a hugely popular switch for anybody looking to do 10Gig. At a $600 approximate price these are, by far, the most cost effective 10 Gig switch out there. Many manufacturers have tacked on one or two, sometimes 4 SFP+ ports, but if you need to go beyond that you are talking 4 digit pricing. This is something we have struggled with MidWest-IX. It usually leads to us buying something on the used market that has the port density we need.
There you have it for a first look at this switch. More articles to follow that include:
-Interoperability Testing
-Configuration tasks
-Questions I and you, the reader, have for UBNT
Direct from their web-site.
when reporting for a service outage. Once verified we will plot it on tracker.
For e.g. #outage #loc (street, city – location name) #start (time), followed by #back (time)#planned or #unplanned (if its a planned or unexpected outage).
Send comments/feedback/feature requests tovirendra[dot]rode[at]outages.org
Follow us on Twitter @outagesdotorg
If you are like me and enjoy technical manuals here is a good one from Commscope for you installers out there. It is a good overall manual, with some Commscope specific products thrown in.
From the manual
The Drop Cable Applications and Construction Guide is written for the cable installation professional who, due to the diverse services offered by CATV and telecommunication service providers, needs a quick and handy reference to practical installation information, especially in the case of retrofitting.
We’ve tried to simplify the decision-making process as to which cables to choose for what installation, taking into account factors such as performance over distance, preventing RF interference and fire/safety codes.
As you get more and more into Cisco Data Center terminology you come across the term DCI. DCI is a Data Center Interconnect. DCI’s typically come in 3 categories.
Dark Fiber (CWDM/DWDM)
MPLS Layer 2 VPN (VPWS/VPLS)
MPLS Layer 3 VPN
A DCI is basically a LAN extension over one of the above methods.
Routing Registries are a mysterious underpinning of the peering and BGP world. To many they are arcane and complicated. If you have found this article you are at least investigating the use of a registry. Either that or you have ran out of fluffy kittens to watch on YouTube. Either way one of the first questions is “Why use a routing registry”.
As many of us know BGP is a very fragile ecosystem. Many providers edit access lists in order to only announce prefixes they have manually verified someone has the authority to advertise. This is a manual process for many opportunities for error. Any time a config file is edited errors can occur. Either typos, misconfiguration, or software bugs.
Routing registries attempt to solve two major issues. The first is automating the process of knowing who has authority to advertise what. The second is allowing a central repository of this data.
So what is a routing Registry?
From Wikipedia: An Internet Routing Registry (IRR) is a database of Internet route objects for determining, and sharing route and related information used for configuring routers, with a view to avoiding problematic issues between Internet service providers.
The Internet routing registry works by providing an interlinked hierarchy of objects designed to facilitate the organization of IP routing between organizations, and also to provide data in an appropriate format for automatic programming of routers. Network engineers from participating organizations are authorized to modify the Routing Policy Specification Language (RPSL) objects, in the registry, for their own networks. Then, any network engineer, or member of the public, is able to query the route registry for particular information of interest.
What are the downsides of a RR?
Not everyone uses routing registries. So if you only allowed routes from RR’s you would get a very incomplete view of the Internet and not be able to reach a good amount of it.
Okay, so if everyone doesn’t use it why should i go to the trouble?
If you are at a formal Internet Exchange (IX) you are most likely required to use one. Some large upstream providers highly encourage you to use one to automate their process.
What are these objects and attributes?
In order to partipate you have to define objects. The first one you create is the maintainer object. This is what the rest of the objects are referenced to and based from. Think of this as setting up your details in the registry.
From this point you setup “object types”. Object types include:
as-set
aut-num
inet6num
inetnum
inet-rtr
key-cert
mntner
route
route6
route-set
If you want to learn more about each of these as well as templates visit this ARIN site.
So what do I need to do to get started?
The first thing you need to do is setup your mntner object in the registry. I will use ARIN as our example. You can read all about it here:https://www.arin.net/resources/routing/.
You will need a couple of things before setting this up
1.Your ARIN ORGID
2.Your ADMIN POC for that ORGID
3.Your TECH POC for that ORGID
Once you have these you can fill out a basic template and submit to ARIN.
mntner: MNT-YOURORGID
descr: Example, Inc.
admin-c: EXAMPLE123-ARIN
tech-c: EXAMPLE456-ARIN
upd-to: hostmaster@example.net
mnt-nfy: hostmaster@example.net
auth: MD5-PW $1$ucVwrzQH$zyamFnmJ3XsWEnrKn2eQS/
mnt-by: MNT-YOURORGID
referral-by: MNT-YOURORGID
changed: hostmaster@example.net 20150202
source: ARIN
The templates is very specific on what to fill out. The mnt-by and referral-by are key to following instructions. MD5 is another sticking point. The process is documented just in a couple of places. In order to generate your MD5-PW follow these instructions.
1.Go to https://apps.db.ripe.net/crypt/ Enter in a password. Make sure you keep this cleartext password as you will need it when sending future requests to ARIN’s Routing Registry.
2.Submit the password to get the md5 crypt password. Keep this password for your records, as you may need it when interacting with ARIN’s IRR in the future.
3.Add the following line to your mntner object template in the text editor.
auth: MD5-PW
Our example above has a MD5 password already generated.
Once this is done and created you can add objects. The most commonly added objects are your ASN and IP space.
Create your ASN object using the as-num template
aut-num: AS65534
as-name: EXAMPLE-AS
descr: Example, Inc.
descr: 114 Pine Circle
descr: ANYWHERE, IN 12345
descr: US
import: from AS65535 accept ANY
import: from AS65533 accept AS65534
export: to AS65533 announce ANY
export: to AS65535 announce AS2 AS65533
admin-c: EXAMPLE456-ARIN
tech-c: EXAMPLE123-ARIN
mnt-by: MNT-YOURORGID
changed: user@example.com 20150202
source: ARIN
password:
The things to know about the above template are the import and export attributes.
Now on to adding IP space
Suppose you have IP space of 192.0.2.0/24 Your template would look like:
inetnum: 192.0.2.0 – 192.0.2.255
netname: EXAMPLE-NET
descr: Example, Inc.
descr: 115 Oak Circle
descr: ANYWHERE, IN 12345
country: US
admin-c: EXAMPLE123-ARIN
tech-c: EXAMPLE456-ARIN
notify: user@example.com
mnt-by: MNT-YOURORGID
changed: user@example.com 20150202
source: ARIN
password:
The password attribute is the cleartext password for your MD5 key.
Further Reading:
Using RPSL in practice
http://www.midwest-ix.com/blog/?p=67
Outlines a real world example of how an exchange benefits a network operator
You must be logged in to post a comment.