The Next Generation Network's "growth troubles" are so hard during adolescence"

The next generation network includes a variety of changes in the way networks are being built. It uses a large number of innovative technologies to provide a comprehensive and open network architecture, including voice, data, multimedia, and other services, however, the development path is also full of "growth troubles ".

The United States has a majority of IPv4 address resources, followed by Europe. The remaining countries only have a small number of IP resources. MIT, Xerox, and Apple allocate more IPv4 address resources than China. It is this passive resource that promotes the development of IPv6 in China.

China's next-generation Internet (CNGI), which has passed the acceptance test, has already formed a network similar to the European Union and the United States. This huge project has established China's position and right to speak in the next-generation Internet field, it also breaks away from its dependence on key Internet technologies and core products, while enhancing the national information security construction.

The next-generation Internet should be a secure network with forward and backward compatibility and interoperation with traditional networks. However, after all, the next-generation Internet is an evolutionary revolution, which also brings some primary problems to the future of networks-how to be compatible with existing networks? How to Ensure network security?

"Confused" IPv6

The next-generation network (NGN) has a broad definition and concept. It includes a variety of changes in the way networks are built. NGN uses a large number of innovative technologies to provide a comprehensive and open network architecture including voice, data, multimedia, and other services.

CERNET2 is one of the components of CNGI. As the world's largest pure IPv6 large Internet backbone network, CERNET2 is difficult to implement and has a high technical start point. At the beginning of the construction, we proposed the innovative objectives of "building a pure IPv6 large-scale Internet backbone network", "Network Addressing Architecture Based on Real IPv6 source addresses", and "IPv4 over IPv6 mesh architecture transition technology "..

Compared with IPv4, IPv6 has improved many functions, such as expanding unicast and multicast address spaces, arbitrary broadcast addresses, and collective addressing of hierarchical routes. Through these improvements, IPv6 expands the address space, improves the overall network throughput, greatly improves the service quality, and ensures better security, plug-and-play and mobility are supported, and multicast functions are better implemented. IPv6 also solves the IPv4 address depletion problem and extends the address length from 32 bits to 128 bits.

Professor Li Xing, deputy director of the network center of Tsinghua University, said: "in the actual construction process, CERNET 2 has tasted a lot of 'sweet start '. However, because the acceptance environment is based on pure IPv6, it can expose many system problems. For example, when Microsoft's operating system is connected to an IPv6 environment, many functions become invalid. But more importantly, it provides a completely new application environment ."

Because the IPv6 network is built, the most common problem is that hardware and software are not supported in the past. For example, for domain name resolution, IPv4 network resolution is continuous, while IPv6 network resolution is discontinuous.

The reason is that IPv6 is still in its development stage. When a network device parses a website, the Latency Response Time also increases from 5 ms to 10 s, opening a TCP connection slows down.

Next-generation network security

The construction of NGN cannot be achieved overnight. The existing network has been in existence for more than 20 years. The IT application is not a switch. IT also requires a long time for the existing network to coexist with the new network. This requires that the new network be able to communicate with the original network, so it is necessary to solve the problem of intercommunication address resolution and route selection.

On the one hand, NGN is not a simple extension and superposition of the existing telecommunication network and IP network, nor is it a single node technology or network technology, but a change in the overall network architecture. What is needed is an overall solution. On the other hand, the emergence and development of NGN are not a revolution, but an evolution, that is, a smooth transition based on the existing network advantages.

The current method is to achieve interconnection through SoftSwitch. the softswitch architecture is a new generation of multimedia service integrated solution for network convergence, the interconnection between various business networks (such as PSTNISDN, PLMN, IN, CATV, and Internet) is realized.

Using Softswitch technology, the functional modules of traditional switches are separated into independent network components, and each component is divided by corresponding functions for independent development, that is, the separation of business functions and call control functions, and the separation of call control functions and bearer functions enable an open distributed network structure.

Specifically, NGN is a business-driven network that achieves separation of business and call control and separation of Call Control and bearer through open protocols and interfaces, so that the business is independent from the network, in order to provide business flexibly and quickly.

Network security is also one of the obstacles to the development of NGN, because NGN is also based on an IP network, it will inevitably be subject to network interruption, interception, modification, fabricated and other security attacks.

To prevent unauthorized entities from using the softswitch protocol to establish illegal calls or interfere with legal data transmission, a security mechanism needs to be established for the transmission of softswitch protocol connections. When a media gateway control protocol is transmitted over an IP network, IPSec must be used to protect the transmission of the softswitch protocol. If the low-layer protocol does not support IPSec, some enterprises define the AH header in the H.248 protocol header to implement Protocol connection protection.

Some experts believe that at present, two methods can be used to ensure the security of NGN. One is to reduce potential security threats and Implement mpls vpn in the network, to ensure the security of data transmission, it is best to use private IP addresses for devices built on the network. Second, we need to monitor the network to facilitate timely response to problems found.

It is reported that the T-series Core routing platform of Juniper is deployed in cernet2. The core of the T series is the JUNOS operating system, which has been running for more than three years in products that provide IPv6 functions. Professor Wu Jianping, CERNIC Director, pointed out: "The Network Platform requires the best performance, security, and reliability. After a series of tests, we decided to use the platform and products from Cisco, Huawei, and other vendors to provide assurance for cernet2 ."