Table of content

Participants

Name

Short

Organisation

Comment

Stefan Liström

SL

NORDUnet

 

Jani Sirpoma

JS

Funet


Teemu Kiviniemi

TK

Funet

 

Vegard Vesterheim

VV

UNINETT

 

Marius Olafsson

MO

RHnet

 

Jonny Lundin

JL

NORDUnet

 

Jörgen Qvist

JQ

NORDUnet

Present the first half of the meeting

Fredrik Pettai

FP

NORDUnet

Only present during his presentation of DNS

Agenda

  • Introductions and setting the agenda
  • NREN Operational updates
    • NORDUnet - JL
    • SUNET - JL
    • UNINETT - VV
    • RHnet - MO
    • Funet - TK
  • NREN development update
  • TF-NOC update - SL
  • Break for Lunch
  • DNS reflection - FP
  • Enterprise Architecture discussion - VV
  • Time to discuss other service operation
  • AOB and next meeting

Minutes of meeting

Introductions and setting the agenda

Following additions to the agenda was made
Jörgen will give an update from the service forum
Pettai will talk about DNS and reflection attacks

NREN Operational updates

  • NORDUnet - JQ
    • Network upgrades
      • Preparations have been made for 100G in core
        First 100G on "pure" dark fiber will be setup between the two sites in Stockholm as a test after the T4000 upgrade.
      • There are plans to extending the fiber footprint
      • There are plans to do a tender for optical equipment as a framework via Dante
        Other NRENs can indicate an interest to participate in the framework
      • Upgrades from MX80 to MX480 in Amsterdam and London are done
      • Surfnet had some problem that made us wait with our upgrades to T4000
        We know what the problem was now and it should not affect us, but we are waiting on SURFnet to successfully upgrade their network before upgrading completely to T4000
        Stockholm and Copenhagen will be upgraded to T4000
      • Telia changing peering policy, the effects of this is that we move the peering from SUNET to NORDUnet.
      • MX480 installed in Luleå will make it possible for NORDUnet to peer with Telia in Luleå and also connect CBF with Funet. UNINETT CFB reconnected to Luleå too. There are redundant paths from Luleå (within SUNET) back to Stockholm.
      • MX480s deployed in Oslo and Helsinki to allow redundant MPLS connections
    • Fibercut in Denmark
      Big impact on the IP services we provide.
      Connections to Amsterdam and London were affected
      Manual traffic engineering, and rerouting of US traffic using transit instead helped mitigate the situation. Transit providers were however also affected with congestion in their networks
      A meeting with fiber provider to figure out why the routes were not as redundant as expected will be done. A proposal will then be discussed for a new setup within 8 weeks that will give NORDUnet the expected redundancy.
    • New NOC manager
      Jonny Lundin has been hired as a new NOC manager for NORDUnet.
  • SUNET - JL
    • SUNET DCN network unstable, looking at redesigning the DCN network
    • Testing MPLS connections as a compliment to pure IP
    • eduroam extension outside campuses almost done, now eduroam is available at Swedish airports, major railway stations and many city hotspots in university cities.
      More info on meta.eduroam.se
      The setup is done using an IP tunnel to controller, back to Radius and DHCP (within SUNET) and onwards to the Internet
    • New project model developed for SUNET services
      http://www.sunet.se/Om-sunet/Strategiskt-arbete.html
    • The SUNET sync service (Box) is now in production.
    • Survey service tender is completed and the installation of the service has started.
  • UNINETT - VV
    • Olaf Schjelderup is leaving for position as technology director with
      Norsk Helsenett. Vidar Faltinsen taking over Olafs position from dec. 1st.
    • The Norwegian Health Network (Norsk Helsenett) is owned by the
      Ministry of health and care services. Approximately 100 employees and
      our headquarters are located in Trondheim, with branch offices in both
      Oslo and Tromsø.
    • System Services
      • SIP
        UNINETT SIP telephony infrastructure rollout continuing: 5 new
        institutions, 18.000 numbers ported since june, UiO the biggest with
        14.500 users. 37% of total customers numbers now on SIP.
      • NAV
        Employed new NAV-developer John Magne Bredal working
        together with Morten Brekkevold. Presenting NAV at workshop at The
        Academic and Research Network of Slovenia (ARNES) late november.
      • RIPE news
        The policy for handling of legacy internet resources
        is about to be posted in its second and more polished version.
      • Monitoring for hosts/system services
        Evaluating replacement systems for our host/service monitoring system (hobbit).
        Looking at icinga(nagios) and zabbix.
      • Configuration management for host/system services
        Evaluating replacement systems for cfengine2, looking at puppet.
    • Network
      • NyÅlesund cable project
        Still some tender work (round 2 with suppliers), new survey needed to "sysselmannen".
        UNINETT seeking government support for financing of 2 cables. Olaf is heavily involved
        and will continue running this project in agreement with his new employer.
      • Continuing rollout of 10 gig to customers and in core
      • Running 100Gig in production, trondheim-oslo
      • Work started on new fibre-ring (CWDM) in Trondheim (Frode)
      • Collection of IPv6 trafic stats implemented, from Juniper og ASR9k-routers
      • Finished renumbering and securing the core with ipv4 and ipv6 filters.
        Work that started when Kaisa visited from FUNET (Rune S)
  • RHnet - MO
    • Secondary schools have been connected to RHnet, which gives a lot more customers and connected institutions.
  • Funet - TK
    • CBF to Luleå completed, BGP sessions setup yesterday.
      Not using the connections yet, internal routing changes needs to be done before the third connection is put in use
    • 100Gb testing between Espoo <-> Oulu and in Helsinki metro network
    • CPE routing service is getting more popular
    • Internal documentation tools being updated
      NORDUnet NI considered, but the evaluation showed to much adaptation needed.
      Building a database with datamodelling for services and datacomponents (network inventory).
      Goal to have it operational spring next year.
      It will also have links to other systems CSC is using.
      AP Teemu, send Stefan their datamodel

Service forum update

Lots of talk on procurement, specially services that we do not produce ourselves.
NORDUnet going to rerun the mobile and desktop synchronization tender on behalf of SUNET, UNINETT, Funet and possibly Deic.
It was discussed how we put a framework in place for running these procurements, lots of legal aspects and how do we create a generic model that works for all Nordic countries, how do we handle software development for services (e.g. connecting the federations)? These topics will be continually discussed in the service forum.
Roundtable on the service outlook for respective NRENs:
RHnet - only network
UNINETT - more services are being developed, offered and used by customers
Vegard think it would be useful with more coordination or discussion between the respective NRENs about the service operations
Funet - also seeing more services (other than network) being relevant
E.g. Filesender service in production and use

NREN development update

Splunk - there is a model for doing it collaboratively. Fairly simple but expensive, however there will approximately be a 50% gain when doing it together.
NORDUnet will write some information and a proposal that will be circulated to the NRENs.
NORDUnet is putting NCS in production to automate filter (AS-path and prefix) updates on routers
Funet use scripts for AS-path and to mass configure core routers

TF-NOC update - SL

Last meeting in Ireland in June
Developers from Icinga and Cacti presented
Teemu presented how Nagios at Funet were used
Next meeting 12-13 December in Poland
Topics are among other things project NOCs & ticket systems
Jonny asked about which ticket systems are used in the respective NRENs
RT in UNINETT, Funet and RHnet. Redmine also used in UNINETT

DNS reflection - FP

There have been some DNS and reflection attack recently against Swedish government organistions and banks
Reflection attacks are "powerful" but relatively few. It is possible to amplify the traffic by easy means of using a reflection attack.
Pettai will start patching the DNS (authorative name servers) servers in SUNET and NORDUnet to limit the possible
amplification achieved with reflection attacks. Pettai recommended the other NRENs to do the same.

Enterprise Architecture discussion - VV

UNINETT has recently started looking into "Enterprise
Architecture", partly based on ideas from TOGAF. One aspect of this is
the concepts of "service lifecycles", ie the processes for establishing,
maintaining, and decommissioning services, and the different roles
involved in the different phases. Related to this again are the
procedures for service operations, where of course the UNINETT NOC
plays a central part. UNINETT has started using BPMN (Business Process
Modelling Notation) for describing processes, and Håvard Kusslid and Vegard have
been responsible for drawing processes related to Operations. They have
tried to reuse some concepts from ITIL in their work. This work is
ongoing, but they are curious about whether other Nordic NRENs have done
any similar work.
Stefan - SUNET have looked at simliar things but to a very small extent
Teemu - Finish universities build their own enterprice architecture
AP Vegard - send example processes and datamodel

Time to discuss other service operation

VV - Would be interesting to discuss the different datamodels (over email or at next meeting)

AOB and next meeting

F2F meeting in Copenhagen, late March or early April
AP Stefan - setup doodle for next meeting

  • No labels