At present, the education informatization with the characteristic of Digital campus has been developed rapidly, and the construction of the teaching educational Administration, scientific research management and office automation in colleges and universities has begun to take shape. China has a certain scale of the backbone of the network has been upgraded to tens of thousands of networks, in advance into the million trillion era. The million-gigabit backbone network effectively solves the problem of insufficient bandwidth within the campus network, satisfies the network demand of tens of thousands of campus users, but the export area of campus network still faces many challenges.
1. Multi-Export Support challenge
At present, most of the domestic university campus network exports are using multiple export structure, for two reasons:
1 improve the speed of accessing different network resources.
Cernet and Telecom, Netcom and other operators connected only in Beijing, Shanghai, Guangzhou, there are three exchange centers, and the bandwidth is not high enough, this gives education network access to public networks, operators network access to education network bottlenecks, the need to use more exports to improve access speed.
2 solve the problem of line backup to avoid single point of failure.
In practical application, multi-export architecture needs to support the policy Routing function of multiple element matching, and the number of Policy Routing rules applied in practice is up to hundreds of. Early or part of the new export equipment due to the use of a large number of policy routing, performance degradation, affecting the export performance.
2.NAT Performance Challenge
Because the campus network mostly uses the private network address, the net user accesses the extranet to need to carry on the NAT (network address conversion), even if some colleges and universities have more education network IP, in uses the Netcom, the telecommunication line accesses the external network resources to still need to carry on the NAT. Due to the limited address of the operator, the campus network export equipment needs to carry on the massive NAT, therefore, the NAT performance of the export equipment becomes the important factor that decides the campus Internet speed. Nat performance mainly depends on three factors: A, NAT maximum concurrent connection number, B NAT New connection rate, C) NAT throughput capability.
3. Security and defense challenges
Campus Network Export area is the campus network "portal", as the campus network "portal" "security" of the export equipment is the first safe. In recent years, network bandwidth has grown rapidly, and network threats have increased dramatically, including attacks, scans, intrusions, DDoS attacks, worm attacks, malware, and spam. Export equipment needs to guard against external network threats of attacks or intrusions. The greater the bandwidth of campus network, the more harm the network threat may cause, the security defense of export equipment is facing unprecedented challenge.
4. Flow Control Challenge
In recent years, Peer-to-peer applications (BT, Electric Mule, Thunder, network television, etc.) are increasingly rich. These applications occupy a large amount of network resources, the growth of export bandwidth seems to never meet their "appetite", resulting in the normal application is not guaranteed. Therefore, it is necessary to carry out flow control for some specific applications that affect the normal application.
5. Content Audit Challenge
Boundary devices should record and write logs for a large amount of NAT to meet the government's audit requirements for related content. The ability to turn on logging can severely affect performance and further reduce the performance of boundary devices that are inherently difficult to afford for massive NAT work.
6. High-reliability challenges
Campus Network Export area is in a special position, therefore, the campus network can not be used to export the entire campus network to become an island of information, how to ensure the high reliability of export equipment? How to ensure the reliable export network line? is the campus network manager must face the problem.