PERN (Pakistan Education & Research Network ) Jawad Raza Sr. Network Engineer jraza@hec.gov.pk

Outline PERN Network NOC Operation PERN Current Projects

PERN Overview Established, Managed and operated by Higher Education Commission (HEC). A Digital Dedicated Communication Network interlinking 84 Public & Private Sector Universities in Pakistan. I Gbps connectivity to all Institutes Connected to other Education & Research Networks World wide for fruitful R&D.

PERN Topology

PERN Motive PERN2 Research Internet Distance Learning Managed Services Intranet

PERN2 Network Overview Core Network Fifteen (15) PoPs in eight major cites of country Three (3) Regional Access PoPs Twelve (12) Local Access PoPs in major cities 10Gbps metro rings in Karachi, Lahore & Islamabad 10Gbps to Intercity Connectivity 10Gbps Commodity Internet bandwidth 155Mbps Link with TEIN3

Core Network Router Topology NE80E=3 NE40E=12 Access router= NE20E

Redundant Internet Connectivity SP1 SP2 SP1 SP2 SP1 SP2

PERN Offered Services Ordinary Services Internet – Min 32 Mbps to 400 Mbps Bandwidth distributed among different Institutes Upto 1Gbps of domestic Intranet link Digital Library Access Video Conferencing VOIP

Special Services MPLS L3 VPN MPLS L2 VPN IPv4 Multicast IPv6 Unicast Dedicated R&D link  (PERN directly connected to NREN through TEIN3 SG-PoP)

Interconnectivity between PERN and other NREN’S PERN2-GIEANT PERN2-TEIN3 PERN2-Internet2 PERN2-APAN

Research Activities through TEIN3 link NCP research with CERN on LHC (Large Hadron Collider)

Network Operations

PERN NOC TWO NOC throughout the country Central NOC at HEC Islamabad NOC Operating time 24X7X365 Karachi NOC at HEC Karachi NOC Operating time 8 to 18X7X365 Engineers are deputed on each PERN2 POP site (Lahore, Peshawar, Quetta & Multan)

NOC Support Level First Level Support Second Level Support NOC Engineer (Immediate response Officer) Available on Email : pern2noc@pern.edu.pk Landline: +92-51-11111PERN Cell Phone: +92-3335345100 Second Level Support Senior Network/Datacomm/ Transmission Engineer(s) Third Level Support Director Project Director Level1: Complaint logged through phone/email or ticket generated by university Ticket generated by PERN2 NOC Forwarded to relevant department (Transmission, media availability/Bandwidth issues, H/W) Team send to area Issue resolved Ticket cleared Level 2: Router Configuration or IP related issue (Engineer Involved from HEC) Link choking, low bandwidth complaint (Real time testing) Level 3: Full vendor support Any type of R&D

Customer Relationship Management (CRM) Generates Tickets Developed by HEC http://sc.hec.gov.pk Account of Every University / Institutes Available. They can log their Complain through this portal.

PERN2 Network Operations (CONTD..) View of PERN2 Central NOC

Network Monitoring Primary NMS is Solar winds Secondary NMS is Huwaei DMS for Network as well as for Transmission equipment Web Access to Universities / Engineers PerfSonar

NMS View

PerfSONAR Bandwidth Test Controller (BWCTL) PerfSONAR server is deployed at four PoP sites Karachi Lahore Islamabad Quetta Bandwidth Test Controller (BWCTL) Lookup Service One-Way Ping Service (OWAMP) PingER Measurement Archive and Regular Tester SNMP Measurement Archive Reverse Ping (http://pern.edu.pk/index.php?option=com_content&task=view&id=72&Ite mid=96) Reverse Traceroute (http://pern.edu.pk/index.php?option=com_content&task=view&id=72&Ite mid=96)

Current Project

IPv6 National Research Test-bed Test-bed aims to promote IPv6 implementation within the PERN connected Institutes Established among the 15 institutes HEC provided them carrier class router (Huawei NE40-X3), Internet Connectivity Universities were ask to run at least one IPv6 network application IPv6 deployment within there campus .

PERN Network & Information Security

Network & Information Security Plans Core Network Security International Traffic monitoring DDOS prevention, Anti Spam Deep Packet Inspection URL Filtering IPS/IDS DDOS, Spam prevention Passive Monitoring Access Network Network Forensic tools IP mapping record for back tracking. Internal Logs Host Base Intrusion Prevention System Internet Service Provider 10 G Stateful Firewalls No intrusion/Attacks: Special Check on Inside/Outside Traffic PE IP/MPLS Backbone 1G firewall, IPS/IDS Access Router

THANKS