Momo O & M supervisor: how do we deal with the office network environment of startups with more than 600 devices?

Editor's note: This article is based on Chen Xiaoyu, O & M Director of Momo. he participated in and led the construction of the network environment of Zhihu and Momo's office and shared with you how Momo solved the internet problem. By mistake, Momo is two years old. A two-year-old boy has started his schoolbag and learned English words. The two-year-old Momo is also on the road to entrepreneurship. It's not easy to look back at this road. Imagine that there were only four or five computers in that year, about 60 square meters of office.

Editor's note: This article is based on Chen Xiaoyu, O & M Director of Momo. he participated in and led the construction of the network environment of Zhihu and Momo's office and shared with you how Momo solved the internet problem.

By mistake, Momo is two years old. A two-year-old boy has started his schoolbag and learned English words. The two-year-old Momo is also on the road to entrepreneurship. It's not easy to look back at this road. Yao thought that there were only four or five computers in that year, about 60 square meters of office, and now one person was holding four or five mobile devices, 1000 high big CBD office buildings, a little emotion.

In that year's 60-square-meter small office, the Internet office relied on a 4-M asymmetric enterprise ADSL. The so-called asymmetry means that the uplink/downlink speed is not equal, that is, I can download up to 4 Mbps, but the upload speed is only 512 Kbps. Many people think that uploading is not important. Imagine that a 10 M Momo APP can only upload data to the server at a speed of 64 K/second. this is theory. A person uses only the shortest value of the entire line separately. it takes two minutes and a half. I believe that the XX optical fiber Fiber used by the household is faster than this. at that time, all employees of Momo were using this small water pipe.

Later, our office was moved to a pleasant villa. We spent the same warm time with ADSL (of course, bandwidth increased. Then, in the current office, the rapidly growing number of employees and the office which is more than ten times larger than the previous ones finally let us face up to these problems. We need a wired and wireless office network environment that can satisfy hundreds of devices.

First, let's look at the problems faced by a startup mobile Internet company:

1) wired and wireless Internet access for many devices
2) various Download acceleration
3) fence crawling

Momo's office uses broadband Internet access provided by the building. what we get from the building end is an ordinary network cable. we only need to plug in the gateway server (key role, will be detailed in the second part), configure the IP address allocated to the building to use. Wired Internet access is a real thing. the number of network ports must be fixed. We purchased a cost-effective switch for N homes, with 24 ports and 1 Gbit/s. The price is less than 1000. These switches are connected in Cascade mode, which makes expansion more convenient. when the office needs to expand the work station, it will continue to buy switches for cascade.

Okay. now let's talk about Wired Wireless. As an attitude mobile Internet company,I am embarrassed to say that I am working in Momo because I don't have five or six mobile devices on the desk of an employee.. As a brain powder, I chose Apple's Airport Extreme instead of the thin AP of the C family. Apple's AE is actually a router, but I use it as an AP. it is only responsible for establishing a wireless network, disabling DHCP, and connecting to the Gateway in Bridge mode. The reason for not selecting the AP of the C family is that the AP of the C family is not cheap, so it can achieve up to 50 simultaneous access APS as claimed by AE, or even more expensive than AE.

Momo's office is not a big open room, but a shape similar to "back" (elevator in the middle ). The office layout is directly related to the placement of routers. We currently have 11 AE nodes, with an average of 30 + users connected to each AE node. Only one SSID is broadcast. The 2.4G network and the 5G network use the same SSID. it is the best choice not to allow users to select one. The whole office has a SSID, which allows seamless roaming. even if the user's location is moved, it will automatically find the nearest access.

The user's device supports 2.4 to connect to 2.4, and 5 to connect to 5. As we all know, most PCs and mobile phones except iPhone 5 and above support only 2.4 GB, and the 2.4 GB is basically too crowded to be used. So we set up 3 ~ around the Android Team ~ Four routes to ensure that they can still access the Internet smoothly, but the speed is no longer guaranteed. In addition, you cannot trust the automatic distribution of AE. you must manually specify the channel for each route broadcast to ensure that the channels of the two adjacent routes do not overlap.

Apple's new Airport Extreme, which supports 802.11ac, can theoretically reach 1.3 Gbps throughput, which is faster than Wired gigabit NICs. Recently, we finally started the new Airport Extreme. behind the luxurious appearance, it is a helpless fact: The hero is useless. Currently, there are only a few devices that support 802.11ac. even last year's retina MacBook Pro did not support ac.

Here, let's talk a little bit about Apple's wireless management tool Airport Utility. Version 6.0 is not easy to use. Apple knows that version 5.6 can coexist with version 6.0. However, the new AE cannot be managed through 5.6, and after the system is upgraded to Mavericks, 5.6 will no longer be available. Airport Utility 6.0 + The New AE lacks many monitoring options. The Airport 5.6 + old AE can obtain some information through snmpd and syslog.

The next step is acceleration. Here we invite a key role to play --Moji. Moji is an employee of Momo No. 15 and our director of selling Meng. We used a retired black Apple and installed a Linux as our office gateway. To commemorate the ink marks, the machine name is moji. In the early stages of our business, Moji spent all the way to accompany us to work overtime. I finally met my love in my life one day, and then I ran away from home to pursue my own happiness and never came back again. We did not blame her for leaving, but blessed her and finally found the end of her life.

We have also made a special version for this purpose to commemorate the permanent director of the seller. It is the boot loading screen of Momo 1.9:

Moji has installed software such as Smokeping, Cacti, and Ntop. Smokeping can detect the network conditions from the office network to various places. Cacti is used to monitor the bandwidth of the entire office, ntop is used to monitor the network usage of everyone in the office.

Back to acceleration. The content we mainly accelerate is the APP update of iTunes and the download of Testflight ipa. Install a squid on the gateway to cache ipa. Then, use iptables to point the download address to squid so that squid can cache ipa. As long as the first download is successful, it will be cached on squid, and other people in the office will benefit from this. The update speed is always faster.

CDN has never been used for iTunes updates. until the beginning of this year, the ipa of the App Store was downloaded using CDN in China, and the function of iTunes acceleration in the office was not that great. After the release of iOS 7, this is not a problem, because the new features of iOS are automatically downloaded and updated, and basically all updates of iOS apps can be completed during sleep. However, the download of testflight still lacks CDN, and it is extremely slow. without acceleration, it is hard to imagine who else will use it.

As a forced criminal who never used Baidu, it indicates that Google cannot be used for a day. As a result, crawling the fence becomes a necessary factor for Internet access in the office. Similarly, it is too convenient for the Gateway to be a Linux instance. we still use it to do this. The principle is that IP addresses in China are exported by default, while IP addresses in China are exported by VPN.

How can I obtain IP addresses in China? Download an IP address list from APNIC and filter out IP addresses in China. As we all know, iPv4 addresses around the world have already been completed in batches, so the variability of this list is not very high. Even if it changes frequently, it is okay to update it once a day.