Design of CERNET2-One of the Core Networks in CNGI

The China Next Generation Internet (CNGI) project has been approved by the State Council of China. It is jointly led by eight departments of Chinese government, including National Development and Reform Commission, Ministry of Science and Technology, Ministry of Information Industry, the State Council Information Office, Ministry of Education, Chinese Academy of Science (CAS), Chinese Academy of Engineering, and National Natural Science Foundation. The Chinese Academy of Engineering is responsible for the coordination. As the starting program of the CNGI project, CERNET2 and CNGI-6IX, established jointly by Tsinghua University and other  24 universities in China, are important parts of CNGI.

    By the end of 2004, the backbone network of CERNET2 has been established. It connects the core nodes distributed in 20 cities of China at the rate of 2.5-10 Gb/s.  In addition, it implements interconnection with international Next Generation Internets (NGIs) in North America, Europe and the Asia-pacific area at the rate of 45 Mb/s. The CERNET2 can provide high-speed access for 100 universities in China. It lays a solid foundation for high-speed interconnection of six backbone networks of CNGI.

    CERNET2 is the largest native IPv6 NGI network in operation in the world. It provides an overall network environment for trials and tests on CNGI technologies. Most equipment in the CERNET2 is offered by Chinese vendors. Therefore, the network becomes a test base for China-made equipment. The CERNET2 allows experimental research of the IPv6 related technologies. which builds a solid foundation for the safe and reliable CNGI. Important applications of the NGI are under development based on the CERNET2. These applications include China Education and Research Grid (ChinaGrid), high-definition video transmission and large-scale, point-to-point multimedia communication system. In a word, CERNET2 is putting the development of
CNGI forward.

    The CERNET2 is an open experimental environment for China to do research in NGI and its application. The network is becoming an important part of the infrastructure, with which China will do research, develop important applications, and promote the development of the NGI industry.

    The commissioning of CERNET2 is a greatly significant strategy in the development of NGI of China. Moreover, it has great impact on the scientific and technological innovation platform of China and on its combined advancement and economic development while boosting China´s comprehensive national strength. Thereby, the CERNET2 was selected as one of the ten scientific and technological progresses in 2004 by the academicians of Chinese Academy of Science and Chinese Academy of Engineering.

1 Overall Design
With a bi-layer structure, CERNET2 is divided into the backbone network and the customer networks, as shown in Figure 1.

    The backbone of CERNET2 consists of the network center and the core nodes distributed in 20 cities of China. The customer networks are the trial NGI networks of universities, research institutes and other units in China. As shown in Figure 1, the customer networks are connected to the core nodes via the metropolitan area optical networks or long-distance lines, which are called the Customer Access Networks. Through its Domestic/International Exchange Center, the CERNET2 connects with other CNGI backbone networks and international NGIs.
The overall design of CERNET2, based on its bi-layer structure, includes network architecture, address assignment, domain name system and routing strategy.

1.1 Network Architecture
The backbone network of CERNET2 adopts the IPv6-only protocol (Native IPv6). It supports the access of both IPv4 and IPv6 customers, and has three models to support point-to-point applications, as shown in Figure 2.

    (1) If the customer network is based on pure IPv6, its access is implemented by the BGP＋routing protocol or static routing. The customers in the network enjoy IPv6 applications with
point-to-point IPv6 connection.

    (2) When the customer network is based on IPv6/IPv4 dual stack, its access is implemented by the BGP＋ routing protocol or static routing. The IPv4 over IPv6 tunnel technology implements IPv4 end-to-end connection through the backbone network.

    (3) With regard to IPv4 applications, the Network Address Translation (NAT) technology  implements the interconnection of IPv4 access networks via the IPv6-based backbone network. In this way, CERNET2 implements the interconnection and interworking with existing IPv4-based networks, as well as the sharing of information and resources.

1.2 Address Allocation
CERNET-IPv6 Test Bed, as a 6Bone model network, got a p-TLA address 3ffe:3200::/24 in 1998. This was the first 6Bone node in China and the only /24p-TLA network. Based on it, the CERNET Information Center (CERNIC) made a scheme for IPv6 address planning and allocation, and provided the first IPv6 address allocation service in China in October 2000.

    In 2000, the Asia Pacific Network Information Center (APNIC) assigned CERNET a formal IPv6 sTLA address: 2001:250::/32.

    In 2003, The CERNET Center applied for an IPv6 address from the APNIC, and obtained 2001:0da8::/32 for CERNET2.

    The following is the address allocation scheme that is matched with the bi-layer structure of CERNET2, and facilitates trials and tests on the NGI technologies.

    (1) The address space of CERNET2 backbone is /36, out of which /48 is the address scope for the network center and the Local Area Networks (LANs) at the core nodes.

    (2) The address space for regional networks controlled by the core nodes is /36, out of which /48 is the address scope of each customer network connected to certain a core node.

    The CERNET2 Center is responsible for the assignment and administration of IPv6 addresses of CERNET2. It also provides the directory service, and carries out relevant statistics and analysis.

1.3 Design of Domain Name System (DNS)
    (1) Implementation of IPv6 DNS
    The native IPv6 DNS is established to provide trial root domain name service. Besides, the dual-stack DNS is established to be compatible with the existing DNS.

    (2) Data Presentation of IPv6 DNS
    The forward domain adopts the host-A6 address chain, which supports address aggregation, but the reverse domain adopts IP6.ARPA.

1.4 Routing Strategy
The most commonly used IPv6 routing protocols include the default routing protocol, static routing protocol, RIPng, OSPFv3, IS-ISv6 and BGP4+.CERNET2 adopts the following hierarchical routing strategies:

    (1) Routing Strategy for the Backbone Network
    First, OSPFv3 is used. All core nodes consist of Area0 (the area numbered 0). The optimum routing is chosen according to the topology of the network. Second, iBGP4+ is used to select the route for the connected customer network. Third, different communities may be labeled to the accessed customer networks.

    (2) Routing Strategy for the Access of Customer Networks
    The access of customer networks adopts BGP4+ or the static routing protocol to fulfill effective authentication and classification check on the address offered by a user. In addition, the protocols support for receiving the label of a community.

    (3) Routing Strategy for Interconnection with Other IPv6 Networks
    BGP4+ is used for interconnection with other backbone networks of the CNGI, and guarantees the effectiveness of published addresses. Moreover, the community label and Multi-Exit Discriminator (MED) may be sent to the interconnected network, and vice versa. The local-pref of routing entries can also be adjusted.

    (4) Routing Strategy for International Interconnection
    The IPv6/IPv4 dual-stack is adopted to implement international interconnection. International IPv6 routing tables are received, and the addresses of the corresponding CNGI model networks are classified and published. According to the memos signed with the international networks for interconnection, the address penetration of the CNGI model networks is allowed.

    (5) Routing Strategy for IPv4 Network
    The address translation technology helps implement the source sharing with the IPv4 network.

2 Design of Backbone Network
The design of the backbone of CERNET2 includes the selection of the core node, its topology design, and design of the network center of CERNET2.

2.1 Selection of Core Nodes
The core nodes of CERNET2 are chosen based on the available optical transmission resources of CERNET and the distribution of user groups connected to the CETNET2.

    (1) Available Optical Transmission Resources
    The CERNET High-speed Backbone Network was built for Modern Distance Education Project, a program under the 21st Century Plan of Educational Renovation of China, from December 1999 to December 2001. In addition, the high-speed transmission network of CERNET based on Dense Wavelength Division Multiplexing/ (DWDM)/Synchronous Digital Hierarchy (SDH) was also established.

    In order to carry out the 211 Program, a governmental project of China, the DWDM transmission network of CERNET has been further expanded. Extended coverage and improved capacity enable the transmission network to cover 20 cities of China, 13 more than those covered by the original transmission network. The core node network centers are set up in these 20 cities, where through the optical interfaces, independent wavelength can be separated to build a backbone network of CERNET2.

    (2) Distribution of Customer Groups Connected to CERNET2
    The main customer groups of CERNET2 are universities and research institutes in China. According to incomplete statistics, 100 most important universities were listed in the 211 Program, and more than 80 universities out of the 211 list have national essential disciplines. The cities with the nodes of the high-speed transmission network of CERNET almost match the first 20 cities of China with most important disciplines, most important universities and most important education and research institutes. Therefore, 20 cities of China with a number of universities and research institutes are selected as the core nodes of the backbone network of CERNET2. They are Beijing, Shanghai, Nanjing, Wuhan, Xi´an, Guangzhou, Tianjin, Chengdu, Harbin, Changsha, Hangzhou, Hefei, Changchun, Shenyang, Xiamen, Dalian, Chongqing, Jinan, Lanzhou and Zhengzhou.

2.2 Topology of Backbone Network
2.2.1 Design Principals
    The topology of a network decides its operation efficiency and scalability of the network. The design of the backbone network of CERNET2 based on the following principles:

    (1) High Reliability
    Proper redundant lines are necessary between the nodes to ensure the network operation in case of breakdown on the working lines.

    (2) Minimized Cost
    The cost of network construction and operation should be minimized on the condition that the network still meet the requirements of data communication and operate well.

    (3) Reasonable Traffic Distribution
    The design should take full advantage of all network lines to avoid that some lines are overcrowded while some totally free.

    (4) Minimum Transmission Delay
    Presuming that the principles mentioned above are followed, the delay caused by data transmission between the nodes should be minimized, that is to say, the number of the nodes passed during data transmission should be reduced.

    (5) Easy Management
    Presuming that communication requirements are met and excellent performance is guaranteed, the design should try the best to conform to the characteristics of the organization and administration of user units. Such design will facilitate the technical management, maintenance and administration of the network.

2.2.2 Network Topology
    According to the principles of network design, the backbone of CERNET2 is based on the topology of the high-speed transmission network of CERNET. It connects 20 core nodes, and builds a topology with three rings. Its reliability is accordingly enhanced. Figure 3 illustrates its topology.

2.2.3 Networking Techniques and Transmission Rates
    The backbone network of CERNET2 adopts the Packet over SONET/SDH (POS) technology. In the view of the traffic load balance of the network and the requirements of technical tests, the transmission rate among Beijing-Wuhan-Guangzhou and Wuhan-Nanjing-Shanghai is
10 Gb/s, while the rate of other lines is 2.5 Gb/s.  This is shown in Figure 3.

2.2.4 Network Center
    The network center of CERNET2 is located in Beijing. it has the following departments with different functions:

    (1) Operation Center of Transmission Network
    It is responsible for real-time monitoring and troubleshooting of the operation of the transmission lines and equipment provided by the CERNET.

    (2) Network Operation Center (NOC)
    It is responsible for management of configuration, fault, performance, security and billing of the network. The status monitoring, troubleshooting, performance analysis and security management is all implemented here. In addition, it focuses on the study of billing models.

    (3) Network Information Center (NIC)
    It offers services of registration, domain name and directory, such as address allocation, domain name registration and domain name system maintenance. It is also responsible for information release.

    (4) Network Security Center
    It provides security guarantee for the backbone network, including security monitoring and identity authentication.

    (5) Center for Technical Tests and Application Demonstration
    It provides experimental environment for testing of NGI technologies, homemade product tests and application illustration.

3 Core Nodes
The core nodes of CERNET2 provide equipment room for the backbone network, as well as access service for customer networks (in the cities where the core nodes are located, as well as other cities in both the same and neighboring provinces). Moreover, they have functions of operation management and security management of distributed network. They offer an experimental environment for testing of NGI technologies and application illustration.

    According to the construction requirements of the core network of CNGI, each core node allows the access of more than ten customer networks. In addition, it supports an access rate of
1-10 Gb/s of the customer networks in the same city, as well as the access of both IPv6 and
IPv4 customers.

    The network architecture of the core node is based on the requirements of its functions and access capability. The architecture is shown in Figure 4.

4 Access Solutions of Customer  Networks
According to the study and application demands of Chinese universities on NGI, CERNET2 has selected more than 100 universities with the most important disciplines as its first customer group. Moreover,  some research institutes and the R&D departments of large-scale enterprises are welcomed to become the customers of CERNET2, as well as any units with requirements of mass memory/exchange.

    (1) Access Solutions Based on Different Protocols
    The customer networks include the IPv6 and the IPv4 networks. The former follows the BGP4+ routing protocol to directly connect to CERNET2 via the core node. However, the IPv4 over IPv6 technology or NAT is necessary for the IPv4 customer network to connect to the core node.

    (2) Access Solutions Based on Different Networking Technologies
    The customer networks in the cities with core nodes can use the metropolitan optical system to access the CERNET2 backbone by adopting 1 GE or 10 GE technologies. With regard to those customer networks out of the core node cities, the POS technology is used for the access to the backbone of CERNET2, and the IPv6 over IPv4 tunneling technology used for the access to the core node.

5 Domestic/International Interconnection Center
CNGI-6IX, the domestic/international interconnection center of CNGI, is built by the CERNET center. It implements interconnection with those backbone networks of CNGI in Beijing built by China Telecom, China Netcom-CAS, China Unicom, China Mobile and China Railcom, with the rate of beyond 1 Gb/s.  In addition, the interconnection with the NGIs in North America, Europe and the Asia Pacific Area will be available at the speed of 155 Mb/s. Figure 5 illustrates the interconnection. The establishment of CNGI-6IX helps set up an open experimental environment for China´s study of NGI and its applications.

6 Conclusions
The backbone of CERNET2 covers 20 important cities of China, and connects universities, research institutes and other units. Different to other IPv6 networks home and abroad, the CERNET2 adopts the pure IPv6 protocol, rather than the IPv4/IPv6 dual stack. It is the largest pure IPv6 based NGI network in the world. Based on CERNET2, large-scale tests and trials on pure IPv6 network have been carried out, and several world-leading innovative achievements have been made, such as IPv4 over IPv6. These achievements have obtained the technical invention patents of China, based on which the relevant standards in China are forming and relevant international standards have been applied.

    The IPv6-based core router, access router and three-layer routing switch are the most important equipment of NGI. The CERNET2 program has cooperated with the R&D project of the excellent-performance IPv6 router jointly sponsored by National Development and Reform Commission, Ministry of Science and Technology and Ministry of Information Industry of China. Since 2003, it has offered the test and operation trial environment for IPv6 core routers. Moreover, it positively supports the tests and trials on interconnection, interworking and interoperation between homemade equipment and equipment from international leading vendors such as Juniper, Hitachi and Cisco. The core routers and access routers in the backbone network of CERNET2 are from Chinese vendors. This creates good conditions for equipment made in China to reach and lead the international advanced technical level, and for Chinese equipment vendors to improve their core competence. The CERNET2 has become a test and trial base for homemade equipment.

    Based on the pure IPv6 network environment, the technologies for real IPv6 address network are studied. The study makes use of the characteristic of sufficient address space of IPv6, and combines the study of reliable Internet architecture with security and security monitoring theory that is a part of the theoretical research of the next generation Internet architecture. Therefore, CERNET2 lays a solid foundation for building the safe and reliable NGI.
Based on CERNET2 with wide bandwidth and excellent performance, the important applications of NGI have been developed. They include the connection of ChinaGrid distributed in the leading universities of China, high-definition video transmission, sharing of virtual reality, and wireless mobile integrated communication based on Session Initiation Protocol (SIP) and Wireless Local Area Network (WLAN).

Manuscript received: 2005-04-12