Talking about the new environment of network security difficult cases (Figure)
In the ever-changing market environment, when the communication line telecom operators when there are problems, operators can not provide the maintenance services provided only limited to their own line, this test failed on several cases dealing with difficult to discuss the current Customer circuit environment maintenance.
Difficult cases a barrier point positioning
An insurance company branches with Hefei, Anhui Telecom provides 8Mbit/sATM and the Shanghai circuit, as lines of communication between headquarters room for improving the security of communications networks, the company also uses other communication operators provide 6Mbit / sATM circuit, usually with two lines running load balanced manner, shared communications network business traffic. Once a route fails, another line can be completely responsible for all network traffic, thereby protecting the user's daily operations will not occur interruption losses.
After opening the communication lines, insurance companies, headquartered in Shanghai, under the unified arrangements of the two ATM circuits for the Measurement of the specific program for the Shanghai headquarters of the Measurement of room in the United Router Place a server-side, Anhui company through this two lines to download the server files, thus the bandwidth test line, quality and stability.
In the testing process, the insurance company to reflect Hefei Telecom, said the telecommunications circuit provided 8Mbit/sATM insufficient bandwidth. Hefei telecommunications engineers to the customer view room and found the test terminal through 8Mbit / s is displayed when the telecommunications line download speed and 6Mbit / s line to another operator shows the same speed, the user thus determine problems of telecommunication lines .
Engineers found that the company's three new structures as the internal switch network core devices, not equipped with the user within the network, there is no other network interference. Use the ping command to display two lines can reach Shanghai headquarters ATM terminal, and use the trace command also show that the signal difference is taking the two lines of each port, eliminating the client Router Routing settings problem. The router configuration is the national headquarters of the customers of all branches of the unified configuration model of the engineer branch of the test by other provinces, confirmed that there is no problem in this configuration mode.
Hefei telecommunications engineer was found by measuring fiber attenuation in the normal range, checking bureau side room ATM Switch Setting, also found no abnormalities, telecommunication lines can be ruled out, but the phenomenon of customers did not test any better. Hefei telecommunications engineers then found that when the client company to monitor the use of telecommunications in the ATM line to download a file, Telecom ATM Switch Without a corresponding flow port there, the initial judge client terminal display the download speed is not provided by the telecommunications line, but can not explain why using the ping command with the trace command to display the signal through the telecommunication port phenomenon. Hefei Telecom Engineer recommended bypassing the three-tier client companies switch to test the terminal directly connected to the telecommunications router port ATM line, the result found it impossible to use the ping connectivity Shanghai port engine room. Thus convinced, the customer's problem is that customers do not configure the router room Shanghai headquarters branch corresponds to the return route of Anhui Province, Hefei, therefore the client test ATM telecommunication lines, the actual data flow shown in Figure 1. Hefei
Figure 1 ATM line telecommunications client test data when the actual flow
Client company and the Shanghai headquarters, confirmed the judge, the Shanghai headquarters to change configuration, Hefei client download test showed normal.
This case, the client company's dual-route network formation, network structure, a certain complexity, when using the trace command, since the command only displays after arrival at the destination address by the way, does not show the return path , for engineers to create obstacles to determine the time of the initial disturbance. The final rule troubleshooting process also shows that only the first sort out the user's network structure, and then test the exclusion of other independent networks, can quickly and accurately positioning obstacle point.
Line hidden room Difficult Case 2
Hefei telecommunications room for a bank to provide SDH network services, users set up a room within the SDH equipment, through the device under the sub-2Mbit / s circuit for the bank customers of Internet service network. Room after the expansion of bank customers, new router in another room, etc. Network equipment , Hefei telecommunications room through a bank within the existing SDH equipment for these new devices 2Mbit / s circuit, bank customers room topology shown in Figure 2.
Figure 2, both old and new engine room of the network bank
Bank data transfer process, the discovery of new router to connect the engine room SDH telecom equipment 2Mbit / s lines, ports have a more serious packet loss, and the same router to use another communications operator PDH device provides 2Mbit / s lines are properly used. Hefei telecommunications engineers 2Mbit / s line ports linked to error Tester Test, the whole transmission channel normally, users of all the old engine room equipment is working properly, thus excluding Hefei Telecom, the initial judge was within the bank's new router port engine room problems. However, the bank line port and port to another line after the swap is still connected with the telecommunication line port packet loss occurs, so the router port problem banks were excluded.
I am an expert from China Products, usually analyzes all kind of industries situation, such as digital dial caliper , reading vernier calipers.
Processing your request, Please wait....
