VLAN and tunnel technology for "School-based communication"

As a business customer project, "Tong" is very profitable, just like "chicken ribs. Based on the actual implementation cases, this paper discusses and summarizes several technical means, and strives to help schools achieve "School-to-school communication" in a way that saves the most investment, meeting the requirements of schools without increasing investment.

School Communication Project Overview

Currently, local education committees and Education Bureaus have launched "School-to-school communication" programs. "School-based communication" is actually to interconnect schools in the city and share network resources. Students can learn computer and network knowledge, and master information methods such as programming, sending and receiving emails, computerization, and e-office, learn and play through the Internet. The implementation of the "School-to-school communication" plan can enable the school to arrange students to access the Internet in an organized manner, so as to prevent students from flowing into Internet cafes without supervision.

For the "School-to-school communication" project, the Education Bureau requires schools in the city to be interconnected. Each school has an Internet outlet or is uniformly exported from the Information Center of the Education Bureau.

Man structure and "School-based communication" Access

A new generation of carriers uses "IP + optical fiber" to form a man, as shown in network topology 1.



Schools can use the proximity access principle to access the physical points of the operator's Metropolitan Area Network, including the aggregation data center, Community data center, and corridor. During access, school users can use optical fiber cables and twisted pair wires on the transmission line. Technically, they can choose Ethernet technology based on various factors such as cost, distance, and pipe slot.

The operator's metropolitan area network can be divided into the core layer, convergence layer, and access layer from the perspective of network layering. Figure 2 shows the architecture of the school's access to Metropolitan Area Networks and VPN services.



Interconnection Technical Solution Analysis 

Connecting to the carrier's man data center through physical lines is only the first step to complete the "School-to-school communication" project. In order to achieve interconnection between schools in the city, man networks can adopt a variety of technologies:

Application of man Optical Fiber Core separation technology;

Add VPN devices to the school end;

Add a VPN device to the aggregation end;

VLAN and tunnel technology. 

The optical fiber core technology of man is used to realize "School-based communication". It is used to connect every school connected to the Man data center to the Information Center of the Education Bureau by using two pairs of main optical fiber cables. This technology is suitable for an environment where the number of schools in a city is small and the urban trunk fiber is surplus. This method can save investment in network equipment, but the excessive use of the backbone fiber-optic Resources in the city is not conducive to the future development of more valuable business users by operators.

VPN technology adds dedicated VPN network devices at the network layer. You can deploy VPN devices on the school side, or you can deploy VPN devices on the aggregation end to enable "School-based communication ". This technology requires new investment, which is generally unacceptable to schools and unacceptable to operators.

The VLAN and tunnel technology is used to implement "School-based communication". The Metropolitan Area Network requires that network devices in the aggregation data center support VLAN and tunnel technology, this technology divides all the school access ports connected to a metropolitan area network (man) Aggregation data center into one VLAN. the uplink interfaces of each VLAN are tunnel interfaces, the tunnel is established between the aggregation data center of each metropolitan area network and the Information Center of the Education Bureau.

Through VLAN and tunnel technology to achieve "School-based communication" is shown in figure 3), we can see that school users in the same VLAN directly exchange through local network devices, if a VLAN user needs to access resources or users in another VLAN, he/she must use an upper-connection tunnel interface to access the information center of the Education Bureau across man networks and switch routes to another VLAN.



VLAN and tunnel technology make full use of the layer-3 routing switching function of the carrier's metropolitan area network device. No additional device investment is required. Although the tunneling technology uses the GRE encapsulation method, it will bring a certain amount of overhead to the convergence network device, however, user data is isolated through tunnel without encryption.

VLAN and tunnel technology give full play to the bandwidth advantages of the operator's urban trunk, which can save the urban trunk fiber resources and offer low fees, meet the requirements of schools, and is suitable for the "School-based communication" Plan of cities.

School-school interconnection and Internet egress 

"School-based communication" can share resources between schools and complement each other. Some schools have abundant online books, some have special characteristics in mathematics teaching, and the Mathematics Courseware is good. Each school places advantageous resources on the network, and students can better roam in the ocean of knowledge through the network.

In the "School-to-school communication" dedicated network, it is very important to select an appropriate aggregation point or core point to provide Internet service access for school users. Network administrators can consider single point or distributed multi-point based on user distribution and actual network line conditions. Figure 4 shows the selection of Internet access points in the "" private network.

With the Internet exit, school teachers and students can learn about domestic and international news, retrieve information, and send and receive emails through the Internet.