Converged Networks Threat (Was: Level3 Outage)

Jared Mauch jared at puck.nether.net
Wed Feb 25 18:04:16 UTC 2004 

On Wed, Feb 25, 2004 at 09:44:51AM -0800, David Meyer wrote:
> 	Jared,
> 
> >> 	I keep hear of Frame-Relay and ATM signaling that is going
> >> to happen in large providers MPLS cores.  That's right, your "safe" TDM
> >> based services, will be transported over someones IP backbone first.
> >> This means if they don't protect their IP network, the TDM services could
> >> fail.  These types of CES services are not just limited to Frame and ATM.
> >> (Did anyone with frame/atm/vpn services from Level3 experience the
> >> same outage?)
> 
> 	Is your concern that carrying FR/ATM/TDM over a packet
> 	core (IP or MPLS or ..) will, via some mechanism, reduce
> 	the resilience of the those services, of the packet core,
> 	of both, or something else?

	I'm saying that if a network had a FR/ATM/TDM failure in the past
it would be limited to just the FR/ATM/TDM network.  (well, aside from
any IP circuits that are riding that FR/ATM/TDM network).  We're now seeing
the change from the TDM based network being the underlying network to the
"IP/MPLS Core" being this underlying network.

	What it means is that a failure of the IP portion of the network
that disrupts the underlying MPLS/GMPLS/whatnot core that is now 
transporting these FR/ATM/TDM services, does pose a risk.  Is the risk
greater than in the past, relying on the TDM/WDM network?  I think that
there could be some more spectacular network failures to come.  Overall
I think people will learn from these to make the resulting networks
more reliable.  (eg: there has been a lot learned as a result of the
NE power outage last year).

> >> 	We're at (or already past) the dangerous point of network
> >> convergence.  While I suspect that nobody directly died as a result of
> >> the recent outage, the trend to link together hospitals, doctors
> >> and other agencies via the Internet and a series of VPN clients continues
> >> to grow.  (I say this knowing how important the internet is to
> >> the medical community, reading x-rays and other data scans at
> >> home for the oncall is quite common). 
> 
> 	Again, I'm unclear as to what constitutes "the dangerous
> 	point of network convergence", or for that matter, what
> 	constitutes convergence (I'm sure we have close to a
> 	common understanding, but its worth making that
> 	explicit).  In any event, can you be more explicit about
> 	what you mean here?

	Transporting FR/ATM/TDM/Voice over the IP/MPLS core, as well as
some of the technology shifts (VoIP, Voice over Cable, etc..) are removing
some of the resiliance from the end-user network that existed in the past.

	I think that most companies that offer frame-relay which also
have a IP network are looking at moving their frame-relay on to their IP
network.  (I could be wrong here clearly).  This means that overall we need
to continue to provide a more reliable IP network than in the past.  It
is critically important.  I think that Pete Templin is right to question
peoples statements that "nobody died because of a network outage".  While
I think that the answer is likely No, will that be the case in 2-3 years
as Qwest, SBC, Verizon, and others move to a more native VoIP infrastructure?

	A failure within their IP network could result in some emergency
calling (eg: 911) not working.  While there are alternate means of calling
for help (cell phone, etc..) that may not rely upon the same network elements
that have failed, some people would consider a 60 second delay as you
switch contact methods too long and an excessive risk to someones health.

	I think it bolsters the case for personal emergency preparedness,
but also spending more time looking at the services you purchase.  If
you are relying on a private frame-relay circuit as backup for your VPN over
the public internet, knowing if this is switched over an IP network becomes
more important.

	(I know this is treading on a few "what if" scenarios, but it could
actually mean a lot if we convert to a mostly IP world as I see the trend).

	- jared

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.

More information about the NANOG mailing list