KeNOG Tutorial 1 - ISP Network Design

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

on meeting mode because we were hoping we could be more interactive we've been having the sessions we haven't been seeing who's on the call but today we get to see who's here and um enjoy interacting with one another so feel free to um put on your video and if you have questions you can raise your hand kevin will see and he can give you an opportunity to speak um we will go through a couple of things then after every section that's when we can have the q and a so um welcome and i guess we can get started i'm just going to quickly share my screen kevin if you will allow me to share my screen one moment [Music] do you try now okay cool let me try again okay cool all right so let's get started so today we're going to discuss some ice p network design let's just give an overview of how isps are set up how what their design looks like what would be a good best practice for you as you think of maybe setting up your usb or as you're running your isp i did share the slides on the whatsapp i hope you got them if you're interested in following along and we'll get to where we get to hopefully to be the end if not um we can carry on um on another occasion um so these materials that i'm using are being paired by a good friend of mine philip smith and barry green and also with help from marketing calcicom and that open to anyone to use them anytime they want to for the purposes of training so that's why we are going to be going over this today so we're going to look at um okay kevin sorry i'm getting this distracting things of people need to be admitted so okay let's get rid of it let me reclaim those just one minute [Music] okay all right cool um yes so what we're going to look at today um we're going to pop topologies and design and then we'll look at um how to design your backbone or what would be a good practice and then we'll look at how to address your network um then some rotating protocols that you would want to implement and then also look at some infrastructure and routing security considerations that you want to take in order to secure your network uh we'll try to get to autobahn management test network and operational of operational considerations if we do have the time um so we'll jump right in because we have a lot to go over present some topology and design so our point of presence is just basically somewhere where you've set up your network and you've decided that this is the uh right so in your pop you'll probably have something like a a corridor um which you use to connect everything to and then distribution routers which you now use to aggregate all the services that you have across the network then you can have access routers where your customers are able to connect in order to get their services um then you have border routers which are which you could use for connecting to other providers right so either your transit provider or your other isp that carries you and um yes then you can also have your service retailers which will be hosting kind of the the infrastructure of the resources that you have on your network that you provide as a service to others so if it's like hosting or even like virtual servers those will be connected to your service return so some of these things obviously you can do on one which it doesn't mean you have to go and buy um six routers just to have a pop and then you have a good isp some of these functions can be done by the same router but this is just kind of the modularity you want to think about in terms of um your call these are some of the actions you want to be taking so with that said a modular design is going to be very essential for your network you want to be able to differentiate your different um your different services between your customers your different areas of your network and you want to be able to control this and give customers something that would be able to be reliable so for instance we can look at this um pop design here and we have the core network which is sitting at the center there of the cloud and the core network even as the two devices are sitting there they don't actually have to be in the same physical place you can have one major pop say in nairobi and you have another major pop-in um mombasa right which are all inter content all interconnected and then they're connected to your border retailers where you get access to the internet exchange point or even your corridor could almost also be your border router right then from your corridors where it connects to all these other resources and infrastructure that you have available so from your corridor you have a link to your other pops right interconnecting them and then behind your core router is where you have um all your other services sitting there so you have if you're hosting a cdn um let's say you have a google cache on your network it's going to sit here behind your core router and all these aggregated customer services which have maybe come from your your metro your different buildings or distribution points across the city or the area which you serve you can all bring those all back to connect back straight into your core or if you're doing mobile network services those would also go back to your core and any other services that you're offering your customers whether it's dns and mail hosted services those can be connected back to your core as well um and the like right so that's in terms of physically how you would lay everything out and even still at your network you're going to have um routine right and your routine also has to consider a modular approach as well because you're going to want to separate how you how you learn about your infrastructure ips so your infrastructure i think these are those ones which you're using to address your point to points for instance or even the ips you give the loopback ips for devices um all of those you want those to be in an igp and igp is just an interior gateway protocol and usually there are two that most people use there are others but there's isis and there's ospf so for isis um the good thing about iss is that you can have both ipv4 and ipv6 in one process but for ospf you'd have to use version two and version three so version two doesn't support ipv6 and while version 3 does so if you're running iss as your igp you're going to have to use um v2 and v6 i mean version 2 and version 3 if you want to do a dual stack network or run to run ipv6 so having that separate is very important and look deeper into this when we get to the routing and section then also having an igp so ibjp in this case bgp is the border gateway protocol right so this protocol is more stable it's not always going to be reconverging so igp lets you know and re-roots quickly when there's a failure so if a link goes down it'll quickly recalculate what's the best path now and change that and inform all its neighbors and traffic will change flow bgp is a bit more stable it won't always make an update as quickly it also has longer timers and you can use now bgp to carry any other thing that isn't a link ip address okay so if you've assigned your customers some address space you want to put that into bgp if you have your servers you've assigned them a subnet and you want to get that information across your network you want to do that via bgp right so you have more stability and you're not constantly reconverging your network if you only use an igp you'll constantly be converging whenever these are false so keeping those two separate ensures that your customers have a more stable service from you um do you have any questions activate in that first part that we've covered feel free to raise your hand okay i guess we'll go into it and you'll get more questions as we go along so we're looking at now the the details of uh your point to point of presence design um you want to have like we saw in the network diagram you have to have at least two returns you want to have some redundancy there so that you're not um you're able to do stuff like maintenance for instance if i had to maintain my router say i have to do a software upgrade i would have to turn off everyone if i'm maintaining my corridor i'd have to turn off all the services just to do that so having at least two redundant ones allows me to do a maintenance on one or even if one fails or has an issue you can fail over to the to the other available router so it becomes important to have um that level of redundancy and then you want to have high speed connections right i don't think um anyone's doing 100 mb anymore so at least one gigabit and the difference in price between now one gig port and a 10 gigabyte is very low so at this point you could probably afford to just put 10g ports [Music] and for this we said you only have your backbone links so you're having the links that are interconnecting all your pops and you typically don't want to constantly be touching them right this is something which is very stable once you've put in a backbone link you're not it's not something you're constantly updating so you in most cases don't want to have um let's say your customer service terminating on you directly on your core return because that means you'll be constantly reconfiguring it as you turn up their services which can lead to outages so you want to keep that very separate and very specific in your pop right to make sure that it simply serves the function of interconnecting all your services and that's it not customer access so the specification for the type of routine we're wanting to look at is something that's probably high performance and it's able to handle a lot of cpu cycles you want to be able to carry all these um different services and offer line rate right for if it's a 10g you want to be able to give 10g services on that return without having any uh packet loss or instability or the cpu going to 100 and being over utilized then um for the speed of interfaces like i said um there's a much difference between one and 10 gigs so if you can get 10 gig do that and as you grow if you can get 100 gig you'd rather be at 100 gig than 10 gig once you have a large enough network then for your border network this is where you're interconnecting to other providers and assuming your border route is separate from what you're using for your core return you still want something that gives you high speed right because then you're going to be connecting to your transits and your transits could be giving you the full routine table which requires a lot of resources from your router it has to be able to store the full routine table for both v4 and v6 which is quite a number of routes i think about 800 and something thousand now and as you may have two even two transit providers it means you get two copies of the full routine table which means you have 1.6 million routes and as it increases with the number of transits that you have and also you're also picking up rats from your peers which means you should be able to handle that as well without being unable to program the routes into memory [Music] so on these returns you're going to be doing a bgp policy as well and your btp policy will determine how your traffic will flow what kind [Music] and so definitely want it to be redundant if possible and you want it to be highly available so um typically you don't you're not going to need a very large router for this just a one you router will probably do most of the times or to you and you'd have at least 10 gig back to your core uh 10 gig to the exchange or 1 to 10 gig depending on the scale of the size of your network then you want to have it ethernet services probability or service providers and this is going to probably be over fiber right because you're not going to be using um utp cables for this or ethernet cables so it has to have fiber ports for sure um then um for your budarita some networks would consider having a separate router to connect to um their peers or to the internet exchange point the internet exchange point is just an it's internet infrastructure that allows service providers to share um their routes with one another and interconnect with one another so it's typically a switch you'll find it at a data center for the most part and you'd want to be at one which is in a carrier neutral data center which means any provider can be there anyone can interconnect with anyone and there are no rules against that so um some would want to have a dedicated one simply for that just to make sure they never mix their transit with their peering and they never have mistakes you know giving someone a service that they shouldn't but it's not really necessary if you want to that's that's possible others would separate that traffic in let's say a sierra for something again you want something that's able to handle the full routine table and can apply policy and be able to do some ddos mitigation right where you can do um drop some traffic which is inappropriate for your network you want to stop it there so it should be able to handle quite a bit of traffic without falling over as well so in general like um the amount of pairing traffic versus transit so pairing is considered free traffic right so the amount of fearing traffic in most networks is about three to one so you'll find that in a network most in an isp especially you'll find that most um of the destinations that the customers are going through is um youtube and facebook and that type of thing which will make up about 70 percent of all the traffic then about 30 will be all other internet destinations other things people will be doing so you can see that it's important to be peering because you don't actually saves you money then for your customer aggregation which is you want something which has maybe more interfaces now these are what you'd have um for servicing your customers and being able to connect each of the various distribution points you might have across the city or across the neighborhood which you're connecting people and you wanted to have probably more pots than your your router would have so you'd be want to consider having you know 24 pots at least right and then yes so this is you can aggregate now the smaller trunks so you have meaning 1g trunks coming in for instance or 100 g 100 um mb services coming in and then you you would bundle those up over a 1g or 10g link and interconnect back into your core router as we said um so yeah so for customer um if you're having your business customers your business customers will be having um okay for your home users your home users will not be paying a lot of money but they still want um a very reliable service a very reliable service um they want a very reliable service and for most part you connect these are customers you can connect with other technologies or cheaper things you don't have to necessarily give them fiber intent and you can use things like um indoor fttx uh gpon wireless services to your to your smaller customers or your small business owners and um usually they tend to have their peak demand in the evening so you probably want to also profile your your service to them or your policies or your qrs for them to make sure that in the evening they get an exceptional performance although that has now changed we've covered with things kind of leveling out um across the times of day since we are now living and working from home for the most part um so for their aggregation as well you want something uh with many pots to connect them all back to your core then um like i said for and and uh isd you're going to want to have um to host our cdn we said that majority of the traffic is going to be going to the googles and the facebooks and the akamai's and they tend to have caches that they're able to give service providers who have reached a certain level of traffic with them so for the most part um each student will usually give you all the all the hardware that you need to connect back to them so they'll give you a server they will give you an ethernet switch or maybe even a router which you can now put in your pop right which you've allocated for this then they will be able to serve your customers and bring the content closer to them so they'll just use a little bit of transit to fill their cache with their with the frequently requested um resources or videos or whatever and then your customers whenever they want to get this data it's closed much closer to that because right there at you pop so the latency is low and when your latency is lower then your throughput is higher so um this one like i said is usually provided by the operators and it's based on how much traffic you have towards them in this case just a bunch of servers which then you can connect back to your core or to your border so that the cache can refill itself um with a request from the providers uh thing goes for mobile core your mobile core will also just be your servers going back not yourself as your your infrastructure which is connected back into your your core which is also part of the modular approach that we're looking at so in this case you have your radio network or going back into your cell gateway which now goes back into your ip core and you're able to service your customers in that way so in terms of isps what other services do isps offer um so other services that are critical for sp software is dns you want to be able to host your own dns i know a lot of people are happy to use 8.8.8.8 and all the others but it's really critical to host your own dns because um first of all it's going to be way closer than google's dns to your customers and it's also going to be more reliable for you so if google has an issue and then network is no longer available to you you're not going to be completely unable to browse right because if you can't translate that's it no browsing for you unless you know the ips to the resources you want so dns is an important service that every network operator should consider um offering and operating on their own network there are things like mail mail i know there's google and all that but then it's also something which is quite important to host if you're able able to host your own at least your own mail for your company um that can also make you a little less reliant on other providers and the failures in the network will not affect you critically then you can have your website that you're hosting your customer service portal that you're using a lot of people have um self-service for billing so a customer is able to log in pay for something that's a service that you can host on your network as well and keep behind your core um yeah this is just an illustration of how you would have this so you'd have your core there you'd have your core routers here which are then connected to your service routers um or distribution returns and then you can have your servers in a cluster probably you're going to have virtualized them and make sure that you're using just one virtual machine for each service so don't have one server where you put everything in the world you want to keep those services compartmentalized so that a failure or compromise in one of them doesn't lead to complete failure for every single service that you're hosting for your customers and for yourself so that's very critical to keep note of so remember that cloud computing is just someone else's computer so you can offer that service to your customers a lot of people need backups they're not no one's bothering to buy those hard disks anymore to store their data so that's a value-added service you can offer to your customers somewhere for them to back up their services and to do host their websites for them and host their emails on your cloud modules um yeah so in terms of your knock which is the other service that you're having on behind your your core your knock is where all your network monitoring infrastructure sits so it's directly connected you don't want your noc to be behind a firewall necessarily because you wanted to be able to reach all your resources all your infrastructure to be able to get the network monitoring to manage to check on the traffic flow so that you can tell which are my popular destinations where is my traffic going right and then you're able to manage it and even use this information to get pairing because for peering if i can tell that i have a lot of traffic let's say to c com i can say okay second we have so much traffic to you why don't i appear with you okay and then you can use you can get other statistics obviously from this section in your network which you consider your knock um you're able to do remote triggered black holes so you can mitigate um denial of service attacks so and also you can do your outer band management from your knock there's just an example a diagram illustrating what we've just discussed so you have your core routers and behind that you've given your network operating staff um access to your network from away from the firewall it doesn't mean that they don't protect their network with their own devices with firewalls and etc then you have your outer band management and then all your other services or all your other servers that are collecting data from your network and monitoring it then from there you can now behind the firewall or you you can have your corporate land where the rest of the staff sits and you can have your databases your billing your accounting systems there and those can comfortably sit behind the firewall without impacting their ability to work so in summary we said that a network operator wants to create a pop which is as modular as possible um and have a core that is high speed and low maintenance meaning you're not connecting your customers onto that you want once you've connected a service or a section of your network there you're not constantly reconfiguring it you want to have direct cross connects to every part of your network if possible or every other large segment of it and it possibly have redundancy for each of your devices that you have in your core and uh you can rely on now your routine to do the failover for you should there be a failure in any of the devices on the core so i think with that we can take questions maybe on the core network design bit don't be shy you can put up your hand you can speak yes you have a question you can announce yourself and and think barack i saw a question from barack well let me read it out okay thank you please asking michelle do you have recommendations on good routers to for use at the core uh he's asking for brand names he's asking you to endorse our brand or that's always a tricky question i think it really depends on what kind of um what kind of services you want to have from your core how you're interconnecting i'm always um wary of giving someone like um you must buy this brand or you should get this particular return i would say maybe come up with some specifications of what you're looking for in your router like we said a couple of things you want to know is how much cpu is it how many internet routes can it handle um what's the overall throughput of that device how is the licensing handled on on the device you're using that's how much will give you you can use 2.5 gig throughput at any given time on this device and if you want to do more than that you must upgrade and pay for a new license so it depends on so many different factors um but we can always chat on the side depending on what what you're trying to achieve unless someone else wants to venture a suggestion yeah maybe get someone here just an audition probably um i think it's very key not to as michelle says not to have a dependency on a vendor and that's why i think michelle is trying to restrain herself from saying huawei or whoever it is because if something there's a kind of support that is not given then you might end up having a problem i think one of the cases that i've been discussing multiple lists is um uh a router like for example microtip there's a router i'm sure somebody knows called microtech such boxes they're very good they have many features but remember they never commit to any kind of support so basically if something fails they'll tell you can you try another firmware goodbye and then you sort yourself so i think these are some of the things that also you need to to to be able to to look at for example is the router supportable is the vendor able to support you without any problem so yeah in terms of software software plans and broad maps yeah thank you yeah cool thank you for that um addition simon was there another question kevin yes there's a new question on the chat from samuel he's asking what are the best mtu configurations and practices at various levels of the network i think that also depends uh on who your customers are for the most part if you're it depends who you're also relying on to interconnect you so at a minimum you should be able to do 1500 which can do most of the things that you want to do so obviously any vendor that can't any operator who can't give you a link between your sites at with 1500 mtu is is going to break stuff for you on your network if you have a provider who's able to give you jumbo frames then that's even better but remember the internet is also still best effort so you might have all that in your network but once it leaves your network it'll still go back to probably the the 1500 so if you're offering an internet service i just say 1500 will be fine if you're offering um let's say like a carrier kind of service where you're interconnecting your customers branch offices right for that since it's all on your network you can give them higher mtu so where you have control give him to you and if you don't have control make sure you have at least 1500. okay one more question from tom how do you determine if the router or switch is struggling to carry traffic as clients increase on the upstream well that's why we talked about uh knock remember we say we are monitoring our stuff what you can't monitor you can't measure you can't know unless you do some monitoring so you want to be able to see what's the cpu utilization of your router at any given moment um how how the interface utilizations is other interfaces flatlining um you'll also be able to tell am i dropping lots of packets so that's really a function of monitoring you have to ensure that you're monitoring your network otherwise a lot of things could happen without you being able to to tell where it started from when it started what caused it so monitoring is key and and also make sure it can be more of um proactive rather than reactive i think most of the nms's which are even open source or the ones that you have to buy from a shop uh they have the capability for you to be able to configure thresholds so for example if you have your upstreams with one gig or 10 gig you can be able to configure threshold that once traffic hits 75 utilization once the memory for the rounds that he hit like 70 percent uh utilization uh cpu usage triggers an ad a notification to your email at least with that uh immediately it hits like 75 you need to be to be able to to be sure to plan like upgrading or seeing how to scale around yeah is there any other question um there is one more question uh on monitoring tools maybe we can take this last question then you can move to the next part of the of the tutorial so questions from barack did you make comments on monitoring tools especially open source ones if you could speak on that in a minute okay um no i haven't made any recommendations or monitoring tools um there are very many of them that are available like you said there are many open source ones um and of course you know if you're going open source then you have to be able to configure it and maintain it so that's also a function of what you are able to easily manage for yourself but there there are many open there are many of them that are available i would recommend probably something most important so you want something many people are using which will have probably a lot of plugins for the things that you want to monitor so look for the well or commonly used ones and you'll find that those are still very actively supported and they have a good community around them where you can get assistance when you whenever you run international and i'm sure people can tell you which ones they normally use as well on the chat yes a film recommendations have been put on the chat yeah yes great thanks okay so let's carry on we'll get another opportunity to ask some more questions shortly um so we're going to look at the network operator backbone design so this is now the infrastructure backbone this is the one that's connecting your various pops to one another right that's what constitutes your backbone so like i said the internet today is mostly about bringing um service content closer to the to the users right closer to the access networks so when you're an isp you're basically someone who's just connecting facebook to everyone or google to everyone right and for you to do that properly and to keep your customers happy you want to make sure that you have low latency links right you're able to you're using the best path between places so low latency links you want to have high bandwidth like i said go for the highest that you can afford if you can afford to have a 10g then have a 10g sfp between two sides right rather than um being very much on the threshold of exactly how much traffic passes through them so you want to have high bandwidth um you want to have content caching on your network and you want to interconnect with them other providers at the internet exchange point and you want to have great transit to ensure that you're able to still have your own your your customers destinations closer to you so a transit provider was not taking you around to the world to get a resource is is much better than one who has um a less well-paired network right which means you go further to get resources um so the competition is just about the speed and the quality of the content delivery and i think everyone can attest to that during this period of coverage everyone wanted to have high internet connectivity reliable internet connectivity in every forum we're in it's always about my service provider did this i can't even open that so that is where the value lies for the customer they want highly available services which are really fast so something to remember is that you don't have to um you don't want to be in a situation where you're being anti-competitive with your with your what are they called your competitors for instance if if two networks of the same size are at the exp it's best for them to save their money that they would have paid their transit provider by interconnecting to each other so even though they um even though in the marketplace you're competing you can still have some synergy that helps you um give your customers better services so don't shy away from things like pairing with your with your competitors and then you want to also not avoid places or situations where you have uh barriers to interconnection so let's say for instance we've we always speak about carrier neutral carrier neutral data centers right um you want to be in a place where if once you're located there you're freely able to interconnect with any other provider or any other service that you want that is available in that data center without being restricted by anyone so for the most part uh in most batons where doing a rooted backbone which means you'll have all your different pops interconnected with ip across them so you have your fiber connections between your pops or even if it's wireless um but it's rooted so you're not just um switching across them um so for another main technologies that people are using are ethernet and they still some operators are also offering sdh services um for to to interconnect uh different locations um so when you're having your your pop design so in a situation where you have more than one property you spoke about a core network or corporate it doesn't mean you're not going to have other different pops in different areas where you're able to serve customers from and one of the things as we said about the modular design in our core is that we want to have the same modular design um across all our hops right so that one of the key things to consider when you're designing your network is to think of a standard design right so that i know if i'm making up hope in a building i will always take one router with 12 ports and one switch with 24 ports right and one and wireless antenna on the rooftop or something so have a have a standard pop design that you have or you have a customer edge customer edge services router we give people access to your network and then you have another router which is now for interconnecting back to your call right which will have the backbone link attached to it so think of a standard design that you can have a network and have one for if i have a really small pop which i'm just having a few customers what should that design look like and for medium and for a large and the importance of this first of all when you standardize your design and even your configurations it allows you to do things like automating your network it's very difficult to automate when you're doing everything snowflaking every site is special try and avoid that as much as possible try and think of a design that meets most of your needs most of the times right and stick to that design because that makes it much easier to run your network you'll be able to have spare spare routers or spare devices a spare kit easily because you're using the same thing across which means you can buy in bulk and have the cost savings on that so when you're thinking about your design think of something modular and think of something that is standardized then you don't have to only have your services only at your prop you want to have some backup locations where you can offer your services so if i have like my my virtual servers at one location saying nairobi if i'm in another data center um let's say i'm in eadc i can have another backup location maybe in upper hill right where i also have some servers which can backup my primary site so that's important to ensure as well so if you can distribute some of your servers where possible across your backbone then you'll be able to have a more resilient network in case of a failure complete failure in one pop you'll be able to actually survive and still offer services i'll give you an example of uh just a few months ago i'm sure uh simon remembers when at a big large data center in london was completely offline like the power trip and that was it there was no power in the whole data center which hosts a good chunk of any network provider on the internet any global service providers any major content networks and we were simply completely out on that site and that would have been catastrophic if we never had any other points in our network where we are able to serve our customers or give redundant service or even pick up our own transit as well so it's good as much as possible if you can distribute your connections between your different pops so that if you have a complete outage on one you're able to recover and still offer at least a decent level of service for your customers so this is just a diagram showing um a network with like three pops and they've distributed some isp services across them you have you're picking up different customers at the various pops and you're able to have some redundancy between them um so for your background links you're going to probably be looking at uh fiber right for the most part at least wherever it's available and where it's cheap so your first or your best preference would be to have dark fiber if you kind of get dark fiber it's best because you can control um you know the the capacity which you light it at so if you have that fiber if today i have 1g and that's what my network is using and that's what i can afford i'll use that and if i now have more more traffic across my network i can just easily upgrade to 10g or 100g just by changing the equipment and the sfps at at both ends of the of the dark fiber then you're also able to do things like cwdm which allow you to channelize the fiber so even with a single pair you're able to have many more services crossing the same fiber right um if you can't get the dark fiber then the other options that people normally have are like the wavelengths you just get a wavelength from a different provider who allows you to connect your one pop to your other pop right so my eardc pop let's say to my columbus i can get a service provider can give me a lambda between those two where i can have services across then for um on the routers you can have now the ip on ethernet or you can have sdh as well um so just a brief summary of what uh dwtm is it's the dense wave division multiplexing which means you can have very many small wavelengths across your device um across the one fiber pair that you have which is a bit costly because you need specialized equipment so your normal router is not just going to be able to do this and your normal sfd is not going to be able to do this so you might need a bit more expensive equipment but it gives you much more flexibility when when you get to that stage of your network and the cost wavelength division multiplexing which is just still smaller ones but gives you less less wavelengths per fiber optic pair so either of those options depending on what's the number of services you need to get across um so for long distance um usually it's if you can't get dark fiber then you're going to have to lisa manage service which tends to be expensive but the um something important to note is don't just buy exactly what you need always give yourself a little bit of headroom to grow into it and usually for many providers the more capacity you buy the cheaper it is so try and buy as much as you can which gives you enough headroom to grow um so while you're buying all this um capacity across your backbone in order to interconnect your major pops you want to think of how much capacity is enough to have between them so usually if you're having a very high quality customers you have let's say corporate customers they want to be you want to be able to always offer them their services without having packet loss or congestion on your network so when you think about this i just wanted to go to this diagram so we can use it as the example um you have this [Music] backbone links interconnecting the pops so you have pop one pop two and pop three um so you want to consider what would happen if one of these uh connections between my pops went down you want to be able to if the link between pop two and pop one was down you want to be able to reroute all the traffic that was originally flowing this way plus all the traffic that was ideally using this link pop one pop two you want it to be able to hopefully comfortably flow on the other alternate path so that's something to consider because if this link only supports itself then if you have a failure you don't really have redundancy because you're just going to be dropping people's pockets so i'm not sure if it's better to drop packets or just be down on the network so you want to think about how much capacity you want to have and how much headroom you're going to give yourself you're going to have very high quality customers you're going to do at least 50 percent um if you're doing zero it just means you're maybe serving some customers who are not paying that much and maybe will not be so sensitive um to failures on your network so because uh these metropolitan area backbone links tend to be cheaper these are what we tend to call local loops right since those things they tend to be cheaper you can always try and get as much as you can um from your provider because it's it's not going to cost you that much and it allows you to give to have redundancy and resiliency on your network in the case of failure or if you had to shut down one router to do an upgrade you're able to do that comfortably without having to impact your customer their level of service if possible you try and be as meshed as possible so that you are if you have to say for instance i might pop one and have to service or maintain or any other reason take coruta one offline right you'd still have connectivity back to pop2 because core router 2 probably has a link back to pop2 so in as much as possible if you're able to mesh your network if you're able to measure your network do that because it gives you more resiliency and i hope you guys like to sleep if you like to sleep these are the type of designs you want to think about so that when you have a failure it's not um catastrophic for you and you you have enough time to recover from that um failure on the network um do you have any questions up till then okay um no questions on the chat um anyone have a question you can also maybe uh just just just a comment make sure you can highlight probably any considerations uh when trying to choose uh to go with metropolitan i'm sure sorry uh every john and james runs a metropolitan network um okay i think one of the main ones you would want to consider is someone who can give you a redundant service as well you don't want them to have just one link on their network that can interconnect you so even if you're giving your managed service you would likely want that to be a redundant managed service um so that when they have a failure also on their own ring you're able to still have um you want to still be able to have access between your two pops that's one of the main ones i would think about um in terms of choosing a a provider and um you want to consider whether they have i guess infrastructure into your building and how they're able to connect you what are they using what's the technology that they're using to interconnect you um because if you're connecting your own network you want someone who's able to give you a transparent service um between those two so that for you it's just a pipe that you're interconnecting those two networks your two pops um across um what else simon are you thinking of yeah yeah probably i think i i i think the redundancy part is a big plus because uh since you don't want like a fiber cutting you don't you don't have a fiber card like because of the the nairobi is called the expressway has been uh you have been cut off and you just say because you understand it's being constructed um yeah but i think uh but basically on high level uh the easier way to see also if a network meets some global standardization because if a network tells you that they are nef stan mef compliant and of course they are normally published in a in a portal which is uh which is normally only after test and verification then it will be easy for you to sign up with them even without testing their network because you can't get on that particular portal unless you've been extensively tested by the mef bodies to pass that network capability yeah thanks for that simon is there another question did someone want to raise a question let me see um there's a [Music] comment on the chat uh from philippi says you can also comment on considerations for pop transport uh backhaul there are two vpn mpls 3vpn etc yeah that's what we were talking about like i said you want someone who's able to give you a transparent service so whether it's whatever type of vpn they use or whichever technology they give you you want it to just be something that for you you get a straight circuit at the end and that's what um i think someone was also talking about carrier carry agreed right you want to carry an ethernet type of service um across your your backbone or even if you just have like a direct link you know even if you're having a wireless um wireless um wireless connection between both of those devices one last question from samuel talk about best practices when multi-homing connecting to multiple isps that's that's like a whole other big topic but if i had to say something like just a quick sound bite for material we're going to do some more webinars and we're going to go deep into that um but if i had a soundbite for if you're multi-homing um i would say you have to always announce your prefixes announce your aggregate prefixes to everywhere you're announcing your prefixes so if you're having two providers make sure you announce your full block that you have gotten from afrinic okay then you can do other good balancing tricks and all that stuff but always make sure you announce your full um your full aggregate blog um yeah and we will talk more about that hopefully maybe in the rooting section and also in future webinars we're going to go into how exactly to go about multi-homing um and achieve all the different scenarios you will be thinking about so we hope to see you there thanks michelle i don't see any other question unless someone wants to admit themselves and ask that's a good banana let's just go on because i'm i'm looking at the time here and running shot so let's go um right so addressing addressing we're now going to speak about um ip addresses right and as we know um we're running out of um ipv4 addresses so we're looking at probably ipv6 right or at the very least having um a dual start network where you have your ipv4 but now you're trying to deploy pv6 and you're kind of doing it dual stack door stack means like let's say if i have an interface i have an ipv4 address for it and i also have an ipv6 address for it so i've before an ipv6 independent protocol so whatever is happening if your ipv4 doesn't have to have an impact on what you're doing with your ipv6 and that's one of the benefits of that you're able to run them in parallel but without a failure on one impacting the other protocol so even now getting ip address base from afrinic is actually quite difficult they're getting they give me now slash 22s is the most that a provider can get and you have to literally prove that you actually require that address space and that you're going to use it and how you're going to use it on the flip side i have the ipv6 address space there's plenty of address ipv6 addresses available so if you want that an operator is given a slash 32 which is like way more ip address space than they would likely need and yeah and that's what's easily available from the registry from the internet registry which for us is afring so um in summary when you have this ipv4 and ipv6 into your in dual stack then you're able to do something called happy eyeballs which means like um the the services that you're using will determine which of them is offering better connectivity and use that right so if ipv4 if i can afford facebook is better in my region then i'll be served using ipv4 but if i have an ipv6 address and it's better over ipv6 and the network supports it then i will be served over ipv6 so it's just whichever of the transports responds fast to the to the connection requests um so where do you get an ip address piece um for africans we get our ip address space from afrinic and afrinic is just the internet registry so they've been assigned this ip block from a global body called ayan in the world and they give each different region a set of resources that they can then assign to service providers in those regions so affinic has their website where you can go and you can request you in order to get resources from afrinic you need to become a member right so a member is has to have some requirements you have to meet some requirements some of them is you have to be actually licensed in your market if you're a service provider with the necessary ones and then you need to obviously be a company and show your company documents you need to show them that you have a network or the type of network you're planning to build um and how you're going to use those ip addresses so that they can prove that because those resources are for africa they want to make sure that those resources are actually used in africa so they need um mechanisms and methods to provide so those are some of the things they look at so as you can see you need ip address space and if you don't have a license you can't get them so um for those of us who are running our chinese isps when you want to grow and want to scale and become independent you definitely have to get a license so that you're able to get your own resources and run your network and grow and offer reliable services to your customer otherwise you can't appear with anyone which means you can't save any money from your service provider at the moment unless you have your own ip address space so it's something that you want to consider getting if you're not licensed and so that you're able to run your own network um effectively so like i said for v6 you can get slash 32 for before you can get up to slash 22 if you can show how you're going to use it um the other alternative as a service provider is to get ip address space from your app stream right but the minute you get ipad just from your app stream they don't have that much ip address space themselves which means you're going to end up doing something that's not so fun which is called nutting and not has its limitations that will impact your services especially for your very sensitive customers and a host of other problems it also means you can't move from your service [Music] network design because say for instance i have two providers both of them give me some ip address space it means i can only use the provider who gave me the ip address space to reach those resources if that makes sense right um so that limits you in terms of how you use the ips on your network it means you have to give a portion of your network services or servers certain ips and the other portion the other ips from the other provider which means you don't have actual redundancy so if one of your service providers network fail then your part of your network or your whole network will be done so your feet is tied to that if they mess up with their ipr dressing then your feet is also still tied to this and so when you have your own address space you're able to multi-home which means you can have more than one service provider it's easier for you to move from one provider to another because you never have to remember your network all your numbers all the addressing remains the same while your um your service provider changes and that's something which is really important for you um what about um rfc 1918 these are just simply the private address space what about using that um you can use that on lands but if you want to for your infrastructure right you want to be able to reach your infrastructure from anywhere in the globe remember that the private address space is not rootable over the internet which means if i'm at home and my router has a private ip um it'll be quite difficult for me to log into it remotely and such stuff so you want to have um public address space for your for your infrastructure at the very least your lands and the rest you can have now um the private ip address space um yeah same goes for the carrier grid not [Music] ip address space as well it's still private it can't be rooted over the internet which means that it's still not as effective as having your own publicly available and returned ip address space um yeah so when you're noting some of the challenges that you can have which is the challenge of using the ip the private ip address space is for most part many people believe that nat gives them security that if i not they won't know it was this device that did that or whatever case me it might be you might think you're protected from security threats that exist on the internet and and the like which is not true because those can still be overcome um when you have not it impacts trace route so troubleshooting becomes much more difficult you can have weird nut implementations from a provider or a vendor who's just decided to do their own crazy stuff which breaks um services for your customers and they can be really difficult to isolate and figure out because for you like i'm just having frequent disconnections to this um let's say this server and no one can chase the reason why so some of those things um make it really difficult to troubleshoot and resolve issues easily on your network um then yeah so there's obviously the impact with dns and all that so it makes it just much difficult to run your network if you're running it or behind uh and not an added resource so in as much as you can um try and uh get your own ip address space especially for your infrastructure so in terms of why not not you can't not also when you have a large large pool of customers because there's a limitation of not how many how many sessions it can support right how many tcp or udp port it can have at any given moment so at some point you'll be unable to actually serve some customers if your network has grown very large um and then it breaks the end-to-end model of ip which means you can't tell where's the beginning and where's the end because then you're behind this one resource which is now breaking it up into various different sessions using port numbers and it impacts security um yeah and break some some user some types of traffic not friendly with not so typically you can see like for um for not some of the limitations for i use a device you can have up to 400 sessions typically or tcp udp ports per ipv4 you get like 130k different um udp ports that you can use um which means that you can only have about 320 users using one ip address if you're having more than that then just having even only one ipa is not going to be sufficient for you so far yeah yeah so thinking about how you handle the natural network is um quite important and if possible you can avoid it um and then try and avoid those situations where you get into this situation where you have double knots so one device has knotted the eyepiece and then another different device along the path in your network is also um is also a knotting eyepiece it becomes it can get really messy really quickly it also makes it difficult also to find out who's doing what on the network and resolving it um so let's just i'm just going to skip this and go into ipv6 addressing plans um because there isn't much ipv4 just space left it would be a good idea to figure out how would i use this ipv6 address piece if i got it right so we said that an operator is given a slash 32. so for the 32 they get it from the internet registry you're given the block and obviously if you get an ip address you also get an asn just so you know so you want an ip and an asm otherwise you're not uh your network cannot be uniquely identified on the internet and you'll be unable to um do bgp as effectively as you'd want to um so for uh the slash 32 how do you segment it and break it down so that you have a kind of an ip address plan that you can um then use to address your network and like i said remember when you go to the registry they ask you how you're going to use this address space these are some the things that you need to think about when you're saying this is how i plan to break up this address piece that you're giving me so for your loopbox your loopbacks are simply those uh interfaces on your network they're virtual and they don't go down and usually use them as the your router identifier for your different routing processes so out of your strategy you'll take a slash 64 which is now what is considered a lan in in in v6 so you'll take one of those and then you'll break up um one from that um 64 you'll be able to create 28 128 so the full size of uh ipv6 address is 128 bits i guess yeah which means if i'm doing a sashron 28 is similar to slash 32 in ipv4 speak right so you want to break those up into slash 128 for each look back um then from there you want to now further break down this slash 32 you got into um a slash 48 for each customer say if i have a cast not for each customer so for each region so for a pop i can say for my pop one i'll give it a slash 48 where i'll use to address everything in that pop if i get a customer there i'll just get a piece of another 64 56 from the 48 and i'll give it to my customer to use it as their ip address space which will be sufficient enough for them to go and further break it down on their network and address all their needs by addressing it on the network then so if the starch 48 can be purple or pyrigine and then you can have another separate slash rotate for your whole backbone so we said our backbone is um all the intel pop links that we have and even from this slash footage for your backbone you can also address your knock um all your servers your monitoring servers you can give them ip address space from that backbone block that you've saved so usually for your infrastructure you don't have to make sure that your subnet can be aggregated because typically you just use a point to point which will be like a slash one 26 or 127. so you can give any ip you don't have to confine it to a region you just give them out but they'll come from that particular block that you saved for your backbone so whenever you see an ip address in that range you know it's speaking about something that's in your own infrastructure and not something that you've assigned to a customer um and then you can summarize um address space between the the different sites if if necessary but always at the edge like i said when you're announcing your block to your transit or to your peers make sure you announce your aggregate to them and which is a similar strategy as you would use for ipv4 so you break up the address space to save some for your lookbox some for your customer assignments and some for your own network um backbone utilization for your infrastructure and i like the same um thinking if you're doing ipv4 um and then in terms of alan we say that lan is uh 64. in in the case of uh since the v6 addresses are so many each interface is kind of photovazalan so even though you're not using the whole 64 on an interface you can assign a 64 to an interface and then only use a slash 127 for the particular point to point right um because with ipv6 not like ipv4 where you have only one ip address on an interface you can have as many as you want so i can have 10 primary ipv6 addresses on one interface if i want to whereas in ipv4 you'd have like primary then you'd have the rest being secondary ip addresses with v6 it's not the same it's just as many as you want to put on that interface depending on how you're using them it's possible for you to do that so you can reserve a 64 for the for the interface or for the link but only user 127 for it which makes it much easier for you to submit as well then for your knock like i said it's part of your infrastructure and your backbone you want to give it the slash 48 where you have all your network stuff your stuff use um the same ips from the search for teach your result for the nok the management your monitoring systems and all the rest um and all your critical systems so you can give them their own um 64 that their own 48 and from that 48 you can break it down further to the different services that you're providing across your backbone as we saw in the in the modular design that we were looking at and then for customers you can just give them a slash 48 56 or or so that they can use on their network and for that you want to carry those ip addresses across your infrastructure like you said using bgp so we say we use our igp for routing our infrastructure ips right so that your router knows how do i get to the router in in mombasa i know that the next hop is this particular ip but that's only for that but if you're trying to figure out how do i reach that customer in mombasa i'll get that information from bgp so that's what i mean about i'm separating the two of them okay um yeah so for ipv56 i just said you can give your customers a such rotate or if they're smaller you can give them a slash 56 and it's just a lan um network they can have a slash 64 which gives them enough flexibility and v6 also has all the features that you can have for ipv4 so in the same way that you give a specific address to your infrastructure you can give lan addresses using you know dhcp just like you would with ipv4 so you don't have to think about how will i remember all these addresses you can still use the same techniques like dhcp in order to address the network and then give devices and the like ip addresses and remember i spoke about um dns and if you're using v6 dns becomes extremely critical for you because you can't remember all those ip address spaces and when you're like troubleshooting especially your infrastructure you want to have those links given their unique dns names so you have to come up with like a a naming convention that you can use for naming interfaces and sites so that you're able to tell oh okay this is how this traffic is flowing when i'm doing a trace route it's easy to tell otherwise if you just stare at those large number of numbers and letters it becomes very difficult for you to troubleshoot and debug and figure out what's going on on your network and also you have to remember to document all this stuff that you've done the customer allocations that you've done and the rest documentation is extremely critical in v6 so do we have a question up to that thanks michelle no questions on the chat at the moment anyone with a question you can type on chat or with yourself okay once okay um let's just continue i think we only have a couple more minutes let's see if we can get to security so now we're talking about um the type of routing protocols you want to have on your network and and i've spoken already a little bit about it so we can probably go through this quickly um so for reading protocols we said we have interrogated protocols and these are the ones which you use to address resources and things inside your own network and we said these are for your infrastructure so these are things like your point point links and i give you some examples of interior gateway protocols which are like ospf iss i guess other boys yeah grp but these are the like the what do they call when when they're vendor neutral they're open standards so these are the ones which are open um ospf isis and the like so you'd want to select one of those to be your igp and then um these exterior gateway portables and these are there's only one at the moment and that is uh bgp and the version of bgp that we're using is version four right so this we said we'll always use it to carry our customer prefixes across our network and obviously for our internet roots right that's what you use so you have two options you have one for igp and bgp and so why do you need an igp we said the reason that you want to separate um your your infrastructure routes from your customer and your internet troops is because when you have that modular structure you limit the scope of failure so like i said when a link goes down you don't have to cause um every single device plus your customers to reconvert right because that will impact their service availability if you have a flapping link you can imagine what that does to your customers um service and their qrs so separating those ensures that you can offer more stable services and it's also easier to troubleshoot right if i can't tell because your your infrastructure ips are so few it's very easy to quickly troubleshoot figure out what's going on the routine protocol or what exactly has broken but if you add like the internet uh roots into your igp um don't ever try that at home um you will cause a cast yeah horrible failure on your on your device it'll probably fall over and die so having that uh separated ensures that you're able to limit the scope of failure and recover quickly and offer scalable or stable services for your customers uh and so why do you use the e gp because the first of all egp or bp is the only way to connect to another network so that's one of the reasons you would use it the only way to participate on the internet as a network you need to do bgp um and it controls the rich ability to prefix it so the reason that bgp was designed is because it allows you to apply policy to your to your routing right you're able to do the routine policy to say um this customer can get access to these resources or not or i want to use this service providers network to reach these resources or not so all the things all the nitty gritty of how you want to do your business or for your services you can actually write those down and control um a large section of them via bgp so that's one of the main reasons actually people use bgp it's kind of like a policy protocol more so than a reachability one um and with that bgp you can still use it in conjunction with multiple igps so let's look at some differences between the two so for an interior routine protocol you'll have automatic network discovery which means if i turn on between a point to point and i turn on an igp as long as my as long as my settings are the same or depending on what that protocol requires um on both ends it will automatically detect that oh actually that's um that's a neighbor that retires a neighbor that i can connect to so it will automatically detect that neighbor and be able to bring up a session with them and um generally there's trust in your ib gp i igp because those are all pieces of infrastructure you control so you never ever ever want to do ospf or isis with another network okay so never do iss with your service provider or ospf with your service provider because it means then you have access to each other's network and you don't have that boundary that's created by the exterior gateway protocol then prefixes um the all the routers have the same view of the network in most igps so it means that um if i am this router in nairobi i can tell that the router in bombasa is down just as my neighbor can tell by themselves that they retain more buses down because we're all receiving all this um routine information and we're coming up with a view of a network and it should be a similar view of the network we know all the same links are down ideally or up then it obviously binds all the routers in one autonomous system together we said you use it inside your own network that's your autonomous system it's the network with which you have control over the policy in that network on the flip side for the exterior gateway protocols we have you have to specifically configure bgp to your pl right i can never just turn on bgp on my router and it detects the other neighbor it's very specific and very explicit in the in the configuration i have to say i'm connecting to this router i am es37271 and i want to connect to es 37100 i must configure that and they must configure that very explicitly in order for you to have a session between each other and then we said we use it to connect um other networks which are outside of our networks it sets the administrative boundaries so this is um the boundary of your autonomous system this is the partner you no longer have control over except what you accept or what you send out to your to your peers or your um yeah your ib transit or whatever they're called bgp neighbors and then it binds ass together so this is how the internet mesh is created all the different networks do bgp of one another until all of a sudden everyone is in one large mesh and connected to each other so again you only use your infrastructure ip addresses in your interior protocol and you want to keep it small for efficiency and scalability right then for exterior you want to carry your customer prefixes or anything that is not your infrastructure and carry your internet prefixes and it doesn't rely on the topology of your your igp right in order to to form those sessions or carry those routes so just as an example for where you use what we said bgp is with other autonomous systems so to other isps um to your customers some of them can use static or bgp depending and then to the ixp you must use bgp that's the only way you'll be able to connect with other service providers so when you're choosing igp there's always the discussion which one should i choose should i choose ospf or ss for me and he said both of them are quite similar at this time they've developed very much to be both robust protocols but like i said for ospf if you want to do v6 you have to run ospf version one and i mean version two and version three which just for for us as operators want to think about maintainability and opera operability i guess um you want it to be as simple as possible to troubleshoot your network and to maintain and to figure out what's going wrong and to also limit the number of cases you touch where you can cause things to go wrong so that's in that's the only thing that would make me say um use iss ospf and other than that it's what you're more more comfortable with you can try both of them out as long as you know how to run the network and troubleshoot it whichever critical suits your best um you could use it with equal success um yeah so with that you just said that for igp you want to keep it that routine table for your igp as small as possible keep it only to your backbone your point-to-point clicks and have your loopbox you don't have to what's it called summarize the ip addresses in your igp because it's not really necessary and and also remember to use authentication as well so just because you you trust obviously your router or their routers in your network but these protocols also have a layer of security that you can use which means i can have a password for the two routers to become neighbors with one another and that can prevent someone else who maybe has figured out who jip is but if they don't know your password then a rogue person or malicious person would be able to come and just connect to your returned somehow for my membership because we said that the neighbor discover is automatic so having a password increases and gives you that added layout um security um so these are just some other tips um you can also further reduce the size of your igp table by using unnumbered interfaces where whereby you can have a point point without any specific ip address associated with it and then you can use the contiguous like i said you have a block that you've used which you're going to use across the whole backbone so that's the one which you'll have summarized right and um but don't summarize your lookback addresses because the loopback addresses are used um as for many protocols as router identifiers that helps the the protocol detect where did i land this from how do i get there and all of that and like i said we'll do we'll do our routing um we'll do our routing tutorial then hopefully something practical next year i guess let's see how the covet goes and finally so i ibgp so this can be a little confusing we said ebg we say bgp is an external gateway protocol but there's the version called ibgp which is exactly the same it's only that it's between the same as right so we said for your customer prefixes across your network you want to use you want to carry them over bgp so that version of bgp which is within the same as is called ibgp and the only thing that makes it different from ebgp is that you're having the same as as they removed yes um so you carry your your internet shooting table once you've learnt it from your border routers you'll carry it across your network using bgp that's how all the routers in your network are going to learn about the available routes and also your customer addresses that's how they're going to be propagated across the network and all your summarized address space your customer point point links which you've aggregated those can also be in pgp so in order for you to scale your bgp um some of the things you'd want to consider they will be said to do password in your igp let's say i have or ospf i can have a password to bring up the neighborship is the same feature you can have for bgp just have a password um for the neighbors that they can use with one another in order for them to authenticate and ensure that they're actually um appearing and not with the right router and not a rogue person you've somehow gotten access to your network so just for an added layer of security you can use authentication in those sessions and then other things such as peer groups which are just like grouping similar things together to make it easier for you to configure so if i'm having the same configuration for many customers how it works in general is just having like a shared group of characteristics that i assign to that customer and makes it easier for me to quickly turn up a customer i don't have to write everything in my configuration again but i simply associate my new customer bgp session with a peer group which has similar qualities or configurations as my customer and like i said we will look into the like the practicals of that in upcoming webinars then um you can also use things called communities um for additional filtering and the like and root reflectors so in in i in ibgp another difference between ibtp and ebtp is that in ibgp a router can only tell its neighbor about routes it lands via ebgp okay because in the same network all the routers don't say actually have and they're all learning the same things it's just a way to prevent um loops from forming where each each retire is saying i have a net i have a route to this network yet it landed from its neighbor so how ibgp works is that for any route to be announced to another ibtp speaker or neighbor it must have been learned from ebgp um so for ibtp you have to have a full mesh all the routers in your network which want to speak ibtp have to have sessions with one another so that you make sure all the traffic goes across the network so this thing we're calling a root reflector is basically something that helps you overcome this limitation and it allows you to reduce the size of the your routine configuration and mesh by assigning some readers um okay yeah by assigning some routers um with the responsibility of um announcing ibgp launch routes to other ibtp speakers so that's a route reflector sort of our reflector works um if you have any questions after that uh there's one question in the chat from samuel uh e igrp was released to be an open standard by cisco does anyone in attendance know if there is any other vendor who has implemented eigrp in their code who has implemented other vendors i don't even know what doesn't even check for it yeah i'm actually not i don't think many people check for that so maybe some uh you you can afford that to the mailing list of the what's up yeah yeah what have the experiences been that would be an interesting one to hear about yeah and and and also especially it being a distance vector i don't think uh i mean its usability is limited so most of the vendors have not thought of even including it into the especially given that it was uh built by cisco because it will have so much limitation to have a dependability on cisco to be able to develop it yeah yeah because um i think like open standards have more people working on the problem so they also tend to be much better and their features are kept more up to date so probably why you might not see too many people um working on that and then also vendors go where the money is they're not really concerned about putting all the protocols into their boxes they want to know which protocols are people interested in and if we're interested in ospf and iss they're not going to waste their time their resources and their money because at the end of the day it's business in developing those protocols father um do you have another question uh no more questions okay so now i have a question um i think we're time up isn't it kevin yeah we are that will make it one half hour so yes okay so um from everyone here since you're the ones who joined would you like to go over the infrastructure and routine security before we close or should we um pick this up in another session please answer on the chat um so basically we oh you can put your hands up there's a raise your hand features so we can use that as a pole yes yeah so just raise your hand up if you think you want to continue or if you if you don't want to continue just don't raise your hand up uh then something is going please how long will it take you for this one infrastructure and routine skills yeah let's having says there this is a bit it's a bit heavy so if you're feeling tired we'd rather do it it's only it's about 20 slides um yeah 20 slides is like another 20 minutes maybe 30. so we can pick it up i can make it what we can do then in that case because we reached like the infrastructure and routing security part we can make it uh the next one we do like our routing security webinar so that we do this part and we can go into the details of how to do the rooting security does that sound good sounds good to me we can also follow up on on chat so yeah if it's another 20 30 minutes uh we can see how to schedule that with something else yeah it's fine so what i'll do then i'll make the next webinar uh are using security web you know then we can just talk about how to protect our our networks okay yeah so i think this one you can come you can combine the upcoming security uh which will capture like uh maybe a deep dive dive into the uh security for him yeah yeah yeah that's fine we can do that so and yeah that's okay and you also have the slides so you can actually go through them they're on the on the what's up i share them with everyone and as well as on the mailing list so i mean you can always read and um still benefit from the knowledge that is there and feel free to ask any questions if you're stuck or if something isn't clear we're on the mailing list um so use that and then we can chat there to be much more robust for us and it will also be saved for future when other people join the group they'll be able to go there and read what we discussed um in the past so if you haven't joined the mailing list um please um hop on over enjoy thanks yes um so so um kindly i've shared the url to join the mailing list um the whatsapp group was full last time but let me just share the link you can try your luck maybe a few people had dropped out but thank you very much michel that was very well done i'm sure everyone has enjoyed that so let me get this so that's what's up group but it's not a lot of space left the better one to use is the mailing list where we're going to circulate all the information yes yeah we also recorded the call we'll put it online on the youtube channel later on great um yeah anything else michelle no no it's cool um i think we can do a quick poll and see when would be a good time to do the next sessions um yeah but thank you for joining thank you for your questions and for your attention um we appreciate it um don't forget to join the mailing list yeah so maybe uh uh kevin just because of time and we see also maybe running into this uh as michelle had mentioned we have covered with that with us if it were not for you to be having the physical one so probably next year the physical ones it will be like a full day whereby you can be able to like touch all topics uh like a truck if it's routing if it's systems and any other stream yeah and do something more hands-on as well because i know it's um yeah it's a good thing for everyone to understand how these things work and to get to test it out away from their network before they go and implement so yeah let's see how how things go and then we'll make a plan for for workshops yeah yes indeed okay thank you again uh michelle uh that was fantastic um thanks everyone for making time for for the uh tutorial today uh please join the mailing list uh we are certainly going to send all the information there i've shared a few more urls um the whatsapp group is is full unfortunately but we are uh communicating on the mailing list and more and more so you'll find all the information there i'll share the link to you youtube channel as well uh we've uploaded a couple of past webinars uh from that we've done so you can uh follow them as well uh we are working on another tutorial uh perhaps before the end of the month uh information will be on the mailing list as well so if you enjoyed this content you can expect more coming soon have a good rest of the day look forward to seeing you on the mailing list thank you everyone cool thank you have a good one

Info

Channel: KeNOG

Views: 1,276

Rating: 5 out of 5

Keywords:

Id: fdoe21G8gh8

Channel Id: undefined

Length: 98min 47sec (5927 seconds)

Published: Tue Dec 01 2020