Table of content
Participants
Name |
Short |
Organisation |
Comment |
---|---|---|---|
Stefan Liström |
SL |
NORDUnet |
|
Jani Sirpoma |
JS |
Funet |
|
Teemu Kiviniemi |
TK |
Funet |
|
Vegard Vesterheim |
VV |
UNINETT |
|
Marius Olafsson |
MO |
RHnet |
|
Jonny Lundin |
JL |
NORDUnet |
|
Jörgen Qvist |
JQ |
NORDUnet |
Present the first half of the meeting |
Fredrik Pettai |
FP |
NORDUnet |
Only present during his presentation of DNS |
Agenda
- Introductions and setting the agenda
- NREN Operational updates
- NORDUnet - JL
- SUNET - JL
- UNINETT - VV
- RHnet - MO
- Funet - TK
- NREN development update
- TF-NOC update - SL
- Break for Lunch
- DNS reflection - FP
- Enterprise Architecture discussion - VV
- Time to discuss other service operation
- AOB and next meeting
Minutes of meeting
Introductions and setting the agenda
Following additions to the agenda was made
Jörgen will give an update from the service forum
Pettai will talk about DNS and reflection attacks
NREN Operational updates
- NORDUnet - JQ
- Network upgrades
- Preparations have been made for 100G in core
First 100G on "pure" dark fiber will be setup between the two sites in Stockholm as a test after the T4000 upgrade. - There are plans to extending the fiber footprint
- There are plans to do a tender for optical equipment as a framework via Dante
Other NRENs can indicate an interest to participate in the framework - Upgrades from MX80 to MX480 in Amsterdam and London are done
- Surfnet had some problem that made us wait with our upgrades to T4000
We know what the problem was now and it should not affect us, but we are waiting on SURFnet to successfully upgrade their network before upgrading completely to T4000
Stockholm and Copenhagen will be upgraded to T4000 - Telia changing peering policy, the effects of this is that we move the peering from SUNET to NORDUnet.
- MX480 installed in Luleå will make it possible for NORDUnet to peer with Telia in Luleå and also connect CBF with Funet. UNINETT CFB reconnected to Luleå too. There are redundant paths from Luleå (within SUNET) back to Stockholm.
- MX480s deployed in Oslo and Helsinki to allow redundant MPLS connections
- Preparations have been made for 100G in core
- Fibercut in Denmark
Big impact on the IP services we provide.
Connections to Amsterdam and London were affected
Manual traffic engineering, and rerouting of US traffic using transit instead helped mitigate the situation. Transit providers were however also affected with congestion in their networks
A meeting with fiber provider to figure out why the routes were not as redundant as expected will be done. A proposal will then be discussed for a new setup within 8 weeks that will give NORDUnet the expected redundancy. - New NOC manager
Jonny Lundin has been hired as a new NOC manager for NORDUnet.
- Network upgrades
- SUNET - JL
- SUNET DCN network unstable, looking at redesigning the DCN network
- Testing MPLS connections as a compliment to pure IP
- eduroam extension outside campuses almost done, now eduroam is available at Swedish airports, major railway stations and many city hotspots in university cities.
More info on meta.eduroam.se
The setup is done using an IP tunnel to controller, back to Radius and DHCP (within SUNET) and onwards to the Internet - New project model developed for SUNET services
http://www.sunet.se/Om-sunet/Strategiskt-arbete.html - The SUNET sync service (Box) is now in production.
- Survey service tender is completed and the installation of the service has started.
- UNINETT - VV
- Olaf Schjelderup is leaving for position as technology director with
Norsk Helsenett. Vidar Faltinsen taking over Olafs position from dec. 1st. - The Norwegian Health Network (Norsk Helsenett) is owned by the
Ministry of health and care services. Approximately 100 employees and
our headquarters are located in Trondheim, with branch offices in both
Oslo and Tromsø. - System Services
- SIP
UNINETT SIP telephony infrastructure rollout continuing: 5 new
institutions, 18.000 numbers ported since june, UiO the biggest with
14.500 users. 37% of total customers numbers now on SIP. - NAV
Employed new NAV-developer John Magne Bredal working
together with Morten Brekkevold. Presenting NAV at workshop at The
Academic and Research Network of Slovenia (ARNES) late november. - RIPE news
The policy for handling of legacy internet resources
is about to be posted in its second and more polished version. - Monitoring for hosts/system services
Evaluating replacement systems for our host/service monitoring system (hobbit).
Looking at icinga(nagios) and zabbix. - Configuration management for host/system services
Evaluating replacement systems for cfengine2, looking at puppet.
- SIP
- Network
- NyÅlesund cable project
Still some tender work (round 2 with suppliers), new survey needed to "sysselmannen".
UNINETT seeking government support for financing of 2 cables. Olaf is heavily involved
and will continue running this project in agreement with his new employer. - Continuing rollout of 10 gig to customers and in core
- Running 100Gig in production, trondheim-oslo
- Work started on new fibre-ring (CWDM) in Trondheim (Frode)
- Collection of IPv6 trafic stats implemented, from Juniper og ASR9k-routers
- Finished renumbering and securing the core with ipv4 and ipv6 filters.
Work that started when Kaisa visited from FUNET (Rune S)
- NyÅlesund cable project
- Olaf Schjelderup is leaving for position as technology director with
- RHnet - MO
- Secondary schools have been connected to RHnet, which gives a lot more customers and connected institutions.
- Funet - TK
- CBF to Luleå completed, BGP sessions setup yesterday.
Not using the connections yet, internal routing changes needs to be done before the third connection is put in use - 100Gb testing between Espoo <-> Oulu and in Helsinki metro network
- CPE routing service is getting more popular
- Internal documentation tools being updated
NORDUnet NI considered, but the evaluation showed to much adaptation needed.
Building a database with datamodelling for services and datacomponents (network inventory).
Goal to have it operational spring next year.
It will also have links to other systems CSC is using.
AP Teemu, send Stefan their datamodel
- CBF to Luleå completed, BGP sessions setup yesterday.
Service forum update
Lots of talk on procurement, specially services that we do not produce ourselves.
NORDUnet going to rerun the mobile and desktop synchronization tender on behalf of SUNET, UNINETT, Funet and possibly Deic.
It was discussed how we put a framework in place for running these procurements, lots of legal aspects and how do we create a generic model that works for all Nordic countries, how do we handle software development for services (e.g. connecting the federations)? These topics will be continually discussed in the service forum.
Roundtable on the service outlook for respective NRENs:
RHnet - only network
UNINETT - more services are being developed, offered and used by customers
Vegard think it would be useful with more coordination or discussion between the respective NRENs about the service operations
Funet - also seeing more services (other than network) being relevant
E.g. Filesender service in production and use
NREN development update
Splunk - there is a model for doing it collaboratively. Fairly simple but expensive, however there will approximately be a 50% gain when doing it together.
NORDUnet will write some information and a proposal that will be circulated to the NRENs.
NORDUnet is putting NCS in production to automate filter (AS-path and prefix) updates on routers
Funet use scripts for AS-path and to mass configure core routers
TF-NOC update - SL
Last meeting in Ireland in June
Developers from Icinga and Cacti presented
Teemu presented how Nagios at Funet were used
Next meeting 12-13 December in Poland
Topics are among other things project NOCs & ticket systems
Jonny asked about which ticket systems are used in the respective NRENs
RT in UNINETT, Funet and RHnet. Redmine also used in UNINETT
DNS reflection - FP
There have been some DNS and reflection attack recently against Swedish government organistions and banks
Reflection attacks are "powerful" but relatively few. It is possible to amplify the traffic by easy means of using a reflection attack.
Pettai will start patching the DNS (authorative name servers) servers in SUNET and NORDUnet to limit the possible
amplification achieved with reflection attacks. Pettai recommended the other NRENs to do the same.
Enterprise Architecture discussion - VV
UNINETT has recently started looking into "Enterprise
Architecture", partly based on ideas from TOGAF. One aspect of this is
the concepts of "service lifecycles", ie the processes for establishing,
maintaining, and decommissioning services, and the different roles
involved in the different phases. Related to this again are the
procedures for service operations, where of course the UNINETT NOC
plays a central part. UNINETT has started using BPMN (Business Process
Modelling Notation) for describing processes, and Håvard Kusslid and Vegard have
been responsible for drawing processes related to Operations. They have
tried to reuse some concepts from ITIL in their work. This work is
ongoing, but they are curious about whether other Nordic NRENs have done
any similar work.
Stefan - SUNET have looked at simliar things but to a very small extent
Teemu - Finish universities build their own enterprice architecture
AP Vegard - send example processes and datamodel
Time to discuss other service operation
VV - Would be interesting to discuss the different datamodels (over email or at next meeting)
AOB and next meeting
F2F meeting in Copenhagen, late March or early April
AP Stefan - setup doodle for next meeting