u r talking about an ENTERPRISE or even CORPORATE network that spans across different countries, right? there's a difference between that and the PUBLIC internet backbone.

your multi-national network is under a single control (your company); while the internet backbone has no single control (hence BGP comes in, etc). your network is more or less like a telco's ENTERPRISE network such as AT&T's (Allstream), Bell's, MCI's and Sprint's.

Note: the above Telcos have their own PUBLIC internet networks too, but those are NOT their enterprise networks -- Hint: the typical example of an Enterprise network is the ATM networks for banking machines.

so when you talk about 主干网, you have to distinguish between different kinds of networks.

for most small-to-medium ISPs, NOC is the ultimate level of support. for a big ISP such as UUNET, NOC was both level-1 and level-2 (we didn't need a redundant layer of helpdesk), and Engineering and Architecture was the level-3 support (I was a fresh hand and didn't qualify for that group ;)).

Implementation is never in the loop of support/operation for any organizations.

indeed that was a very valuable experience to you.
  • 工作学习 / 事业与工作 / 俺的UUNET朋友们(一)
    本文发表在 rolia.net 枫下论坛routergod上登载摇滚歌星Courtney Love搞笑解答互联网广域路由协议BGP,提到90年代WorldCom NOC(网络操控中心),不禁令俺想起一段往事……



    俺能从低层摸爬上来,则凭了一段运气:90年代末在传奇般的UUNet Canada鼎盛期最后两年混过。那段好时光,大大缩短了俺的经验积累过程。人生,大概就是那样,充满了岔路和捷径。

    说起UUNet,它代表UNIX-to-UNIX Network,是历史上首家商业Internet(互联网)服务公司,是由互联网前身ARPAnet的开发者之一Rick Adams在1987年创建的。

    鼎盛时期UUNET是(MCI )WorldCom旗下的全球最大骨干网供应商,曾经改写“六大金刚”(指90年代的骨干网公司MCI、SPRINT、UUNET、ANS、PSI和AGIS)的历史,客户包括美国在线AOL(时代华纳)这样的大ISP。



    俺当年混过的UUNET Canada,成立于1991年,创建人是原多伦多大学电脑系硕士生、电邮系统ZMailer和防火墙Borderware的作者Rayan Zachariassen。他自任执行副总裁。


    90年代,UUNET Canada直接掌控横贯加拿大东西部的唯一一条45Mbps骨干线,外加三条冗余配置的连入UUNET在美国和国际AlterNet网络的DS-3干线,分别从温哥华、芝加哥和满地可接入。

    2000年之前,UUNET Canada只有20%由美国UUNET Technologies控股。所以那时是好日子,500名员工在职责范围上,享有极大的自由度和权限。。。。对俺来讲则是天赐的学习和实践良机。:-)


    [注一]:从UUNET到MCI WorldCom、WorldCom直至MCI的演变历史,可参见拙作“西奇默和UUNet、世界通讯及MCI”:

    [注二]:加拿大第一个学术互联网CA*net和第一家服务商UUNET Canada的历史回顾可参阅:
    http://www.canarie.ca/press/publications/ango.pdf
    • 2000年得到第一个工作面世就是在那里, 结果木有经验, 被涮。
      • network operations or programming? the fun part was in the former, which ended its golden time in early 2000 anyways :)
        • programming
    • 不错,请继续展开
      • thx...will continue in a couple of days.
    • 好文. Rayan Zachariassen和John Alsop什么渊源?有知道的么?
    • UUNET,多么遥远的名字啊. 疯狂快乐的2000
      • hehe....before 2000 :)
    • 好像是胡司令的文章. are you HSL ?
      • hehe...like my new name better?
    • 俺的UUNET朋友们(二)
      本文发表在 rolia.net 枫下论坛从第一家ISP辞职后,为了糊口,去了中城央街一家10人小公司。干了一个月,老板便要俺开路。正巧在那前一天,俺也收到UUNET的聘书,所以算是互相解放了。记得那是1998年9月底,加拿大的感恩节前夕。


      UUNET NOC里的同事都是从小就在本地ISP里混出来的,在网络、UNIX方面都有自己的一两手绝活,其中一些“时髦颓废”的小年轻表面看着是蓬客,暗中其实是黑客--多年后才知道某某某原来是LV“黑帽”年会上的知名人士。这些抢注了www.net和mail.net等域名的多伦多青年,上班都是耳环唇环鼻环和纹身刺青,还有令人眼花缭乱的发式染色。



      UUNET Canada当时最大的吸引力之一,就是NOC工作人员拥有所有AlterNet骨干路由器的终极权限密码,包括加拿大和美国本土的。想去UUNET工作的人,多半都已经整明白了用户电脑和服务器各自如何工作的,还想进一步知道它们之间是怎么路由通讯的。这种权力,使俺们如虎添翼,有种高空超人的感觉。不但能监控全北美大陆任何节点的数据交通情况,甚至还能把手伸到纽约、芝加哥、旧金山、圣荷西等地,远程排除路由故障。



      在UUNET不仅要全面接触各种广域网协议和操控,互联网服务(mail, Web, DNS, NNTP)的具体步骤,还有许多别处不太学到的实用技巧和诀窍,如blind DNS, passive FTP, SSH tunnel forwarding, black holing (null routing)等。

      千禧年之前,与维吉尼亚州Fairfax的总部之间的通电越来越多,对方的水平和处理方式让同事们觉得是在同一个询问台(helpdesk)打交道。一种不祥之兆在大伙心里渐渐升起:哪天俺们的good old NOC也会沦落到“傀儡”的地步呢?……果然,千禧年一过,Bernie领导下的“世界通讯”决定买下UUNET Canada的全部股份。于是UUNET Canada充满自由和权限的黄金时代从此一去不返。

      自从光纤、宽带服务涌现之后,CogentCo(并购了PSInet), GlobalCrossing, Level3, AboveNet等新的北美Tier-1公司来势凶猛,以租赁电信线路为主(美国本土除外--MCI本身就是大电信公司)的UUNET的角色和作用越来越往后台靠了,尤其经过“世界通讯”的丑闻冲击之后更是如此。但它独特的历史作用、遍布全球(除中国大陆比较弱外)的骨干网络、其雄厚的互联网IP技术底蕴,仍是任何一家公司无法取代的。



      刚进衙门玩入侵探测,新人一般都很放开手脚,俺也不例外。某晚,探测到一个极具侵略性的扫描行为,俺当即进行反扫描(现在想想太牛!),发现那是North Bay一家小ISP被黑掉的网站。太晚了那边没人上班,但不把它制住俺实在心不甘。他们的上游服务商是Sprint,当年UUNET的哥们正好在那里掌管网络生杀大权。俺一个电话打过去,老兄二话不说,用当年对付DoS的办法,给了个nullroute,就把那个网站给罩死了。





      (完)
      • 这就完了?不会吧
        • sorry - that's it bud :)
      • 呵呵,精彩. 主动给nullroute把人家网站整死好像不合法吧.
        • that's legal...if the box is hacked with virus running, etc.
      • 牛!直接就加NULL上去,就活活把人家踢出网络,虽然有原因,但如果上级的SP都这么玩,估计用户要上法院去打官司了。
        • 呵呵,我不是说了,“这类故事,不会再有第二次。”:)


    • 司令别来无恙。 really enjoy your article. so you frequent rolia now?
      • 风雨兼程好!你喜欢,我就高兴。在下一直都在这儿晃悠的啊:)
    • 这经验确实难得,居然有AS701的全部密码,现在MCI已到VERIZON门下了。
      • 是!不光是有AS701的最高密码,还有米加其它几个AS(忘记号码了)的最高密码呢。对,我见到uu.net自动跳到verizonbusiness.com了。你在那里工作吗?
    • 你这名字不错, :-)...
      • actually someone already took the correct name. i have to use a "1" (one) in mine. ;)
        • 改改作密码不错. :-)..
          • still kinda weak though ;)
    • 看来你们UUNet当时确实停松的. 我们这里做任何网络维护,哪怕是只有潜在可能影响traffic,也要经过chang management control.
      • Agree on chg mgmt ctrl. however the extent of the control depends on 公司的性质和年代。whether control or efficiency, it all boils down to business mandates.
    • 惭愧啊惭愧,我Info Security科班出身,却半途而废.人生多变如此,老兄还是及时行乐吧.
      • Info Security科班 is only 5 years max, so u didn't waste much (at least not as much as i did - i am not 科班出身;)). thx for ur advice :-)
    • Good experience.珍惜吧。 我在国内时,在一US大公司做网络,是负责整个亚太地区(包括澳大力亚)10+国家和地区的网络 with over 200 routers.
      主要是主干网 support and new project implementation. 各国家/site network team supports their campus network unless they need our support . That was really my valuable experience .
        • I agree that enterprise networks are different from ISPs. Large enterprise backbones focus on WAN architecture, routing design and implementation. The routing protocol was EIGRP in the environment I mentioned above,
          and now we are using OSPF in my current company. ISPs, on the other hand, use BGP in most cases, and provide more other services, like mail, DNS, etc. Good luck, you are good.
          • I worked with Allstream (then AT&T Canada) right after UUNet, only for 6 months. Yes Enterprise networks mostly run OSPF and sometimes even the older EIGRP.
            At the time I had to deal with a complicated merged network of mixed EIGRP and OSPF. It was horrible. I could see telco techies were not as good at all in routing stuff. ;) Once I had to help a "senior" guy MANUALLY configure a static route to make an EIGRP-routed subnet work in an OSPF environment.

            I got tired of helping all the senior AT&T folks all the time, that's why I moved on to a consulting firm after 6 months. ;D

            Good to know you, dude. Good luck to you too and, keep in touch.
            • telecommunication is different from network engineering
              • hehe, am I not talking about data networking within telcos? ;)
                • weren't you? what were you refering to then?
                  • 请允许俺译成中文吧:“呵呵,难道俺不是在谈电信公司的数据网通讯吗?;)”
                    • 我怎么知道你在说什么,东一句,西一句,我看着发晕
                      • sorry man. have a nice weekend.
                        • you too. enjoy your weekend.
                • it's better to redistribute and tag the eigrp route into ospf rather than statically point to the eigrp network
                  • EIGRP ? who still use it ? Who had used it might be fooled by cisco's trick.
                    • okay, other than it's cisco's proprietary. tell me what are the disadvantages. suppose you are a ospf fan, then tell me why you are preferring ospf than eigrp?
                      • I won't waste my time touch eigrp. if ospf, is-is, eigrp all can do same thing, why would you pick up a proprietary protocol ? This is a basic logic flaw.
                        You network won't expending any more ? Don't want implement new features such as mpls ? I guess cisco itself might have stopped develop eigrp
                        • yup. eigrp is phased out.
                          • eigrp is phased out? are you sure?
                            • that's my view, trust it or not ;)
                              • no
                                • good!
                        • you won't waste your time to touch eigrp? I'm not sure what kind of network you are running here but as long as Cisco being the dominant market player, most of networks will be running eigrp.
                          本文发表在 rolia.net 枫下论坛picking a proprietary protocol or not depends on what kind of boxes are running on your network, most of enterprise network nowadays consists 80% of cisco equipment . then why not running eigrp on these networks?

                          running eigrp can't expend network anymore? are you trying to be funny or just pure ignorance? if you trying to say MPLS requires link state protocol for path calculation, then let me ask you how many enterprise networks are running MPLS on their Core network? on backbone, yes. but very rarely on the core. althrough if it's running on the backbone, in most case it's handled by ISP, you can't really do much on your CE router.

                          "I guess cisco itself might have stopped develop eigrp". not sure what kind of crack you were smoking when you said that. as cisco's dominance of the market for enterprise networks, in what mind would cisco stop developing eigrp? perhaps you should take look at the new features have been added into eigrp. let me just name a few here, so you won't be as arrogant and ignorant. have you heard of neighbor startup enhancements? bidirectional forwarding detection? graceful shutdown? non-stop forwarding? in my opinion, non-stop forwarding is a great implementation for any network that consists cisco equipment.

                          i'm not saying eigrp is the greatest protocol in the world, but it has it's advantages. for instance, when comparing convergence speed between eigrp and link state protocols, eigrp is way on the top of the game if every path had the feasible successors. even for ospf and isis with tuned timers, their convergence speed are still slower.

                          okay, that's it for now, if you want more, i can bring it on as long as you like it.更多精彩文章及讨论,请光临枫下论坛 rolia.net
                  • 这种标准解决方法俺们都试过的,不管用(细节记不得了)。当时只是针对一个route需要马上修理,情急之下才用静态路由暂时救急。俺的要点是:AT§T的老同志们对简单的静态路由都整不明白,还想啥子更高级的,跟扯蛋似的。:)
                    • 急了当然什么都来啦,谁都一样。
                      • u got it ;) good to see you and a few other networking folks here!!! -- that's excellent, making me feel 后继有银哪!哈哈
            • "MANUALLY configure a static route"?难道还有automatically/dynamically 的 static?:)
              just kidding. very valuable experience indeed.
              • manually means typing the command, versus using a GUI tool. (dynamic is only opposite to static though :)).