w2 14 NIB - Node

National Internet Backbone
“DATA NETWORK” FOR JTOs PH-II : NIB-I
National Internet Backbone
Introduction :
Internet is the most visible medium today to provide information to

prospective users. No serious business, worth its name can survive today
without a presence on the Internet. Most business organisations today
maintain web sites to provide information about their products and services to
the prospective customers. Most government organisation today also use the
Internet Web as a medium to provide various information. The advantage is
that information can be easily updated at a central place (the web server) and
can be accessed uniformly throughout the world.
Existing Internet Set up :
There are 53 Nodes commissioned so far in the country. These nodes

are maintained by VSNL / DoT. International Gateways are available from six
stations viz., New Delhi, Mumbai, Chennai, Calcutta, Bangalore and Pune.
These six nodes provide service to local subscribers as well as act as
International interconnection Gateway points for Internet. Most of the DoT’s
nodes have simple Remote Access Servers (RAS) and are connected to the
nearest Internal Gateway nodes (maintained by VSNL) using 2 MB digital
trunks. The Internet services are provided by the usage of different servers
available at Individual VSNL / DoT nodes. All the above 44 Internet nodes
provide dial up TCP/IP and Shell accounts for customers. Leased line and
ISDN access is provided only to certain customers at selected cities.
Need for National Internet Backbone :
There have been persistent complaints about the functioning of the

present Internet infrastructure. The present connectivity for any given station is
with a "Star" connection of one or two 2 Mbps. There is no redundancy in the
connectivity of the links. The equipment procured are not of carrier class. The
network is not centrally managed and therefore there may be cases of traffic
overload or failures.
Most of these complaints relate to difficulty in access, slow response

and unstable connections besides those about occasional non-availability of
Internet accounts due to capacity constraints. These types of complaints can
arise due to congestion in the international or the national access segment,
inadequate dial-up ports or deficiencies in Point Of Presence (POP) equipment
configuration and lack of synchronisation in the local switches which connect
to the POP. The Internet network backbone proposed is designed keeping in
mind the need to avoid the above potential problems.
Government policy on Internet is aimed to accelerate the growth and

increase the penetration and geographical spread of Internet services. In
BRBRAITT March-2007 2
addition to the DoT /MTNL /VSNL Internet nodes, Private Internet Service
Providers (ISP) are being permitted to provide Internet services.
The Internet policy allows the private operators to choose the network
on which they wish to offer Internet operations in the national and international
networks. With such open approach, it is expected that over the period of 5
years, the Internet growth in the country is expected to grow from its present
150,000 connections to more than 5 Million.
Government has decided to set up Internet nodes at all district head

quarters (approximately 549 Nos.) across the length and breadth of the
country. Department of Telecommunications has decided to set up an Internet
network backbone keeping in mind the need of vast growth and requirements
of the setting up of so many number of nodes as well as to take care of the
Private ISPs connectivity requirements.
National Internet Backbone :
The National Internet Backbone is planned on Router / Frame Relay

based design. The design of the network shall allow wider usage of frame
relay and ATM in the network at present or at a later date. The equipment and
the network design is based on carrier scale solutions with a high degree of
redundancy. Future expansion and scalability has been kept in mind with the
view of easy up-gradation.
The NIB architecture is on the centralised servers at few places with

distributed POPs (Points of Presence) at various places. The architecture
provides sufficient scope for easy expansion and decentralised working. Most
of the popular Internet applications will be supported with the option of
introduction of value added services. Roaming within the country will be
possible without the need of making any change in the accessing
methodology.
The equipment consists of Routers (and / or optional frame relay

switches), remote access servers, LAN switches, application servers, Network
Management System, Help Desk, Access Devices and Billing system. DoT’s
NIB is a broad based access network meant to provide convenient and easily
accessible Internet Access Points (IAPs) for DoT Internet Service Providers
(ISP) as well as private ISPs so that they can connect their Internet Points Of
Presence (POP) to the Internet.
The NIB is planned as a multi-tier structure consisting of aggregation

and connectivity at three different tiers. The architecture consists of :
• First Tier : It comprises of Metros and other big towns (Type ‘A'
stations) connected by high capacity links to the Gateways. A
total of 14 stations are identified as Type ‘A’ and all these shall be
connected in the first phase. Out of these, the stations which are
having international gateway connectivity will be identified as
Type A1 and others as A2 stations.
• Second Tier : It comprises of other medium towns (Type ‘B'

stations) which are connected to the first tier by medium
capacity links. In the first phase, it is planned to connect 31 ‘B’
stations to the NIB.
• Third Tier : it comprises of all district headquarters and other small

towns (Type ‘C' stations) which are aggregated around the
stations comprising the second tier. Type C stations are planned
to be connected to NIB in the second phase. As many as 504
Type C stations have been identified. Depending upon the
number of customers it supports, type C stations are identified as
C1, C2 and C3. Equipment requirements for different type C
stations are being finalised.
As many as 549 stations are planned to be connected on the NIB. In the

first phase, 45 stations will be connected to NIB and in the second phase
all C stations shall be included in NIB.
The network architecture consists of core stations (A1 locations) which

would be connected on approximately a mesh topology. The core backbone
will be 8 MBPS links to start with and will be converted onto E3 or STM-1
once the ATM and SDH networks are established. A2 stations will be
connected to two A1 stations with 2 Mb/s which will be converted into E3 in
the second phase. Type B stations will be connected to two A1 or A2 with 2
Mb/s which will be increased to 4 x 2 Mb/s in the second phase. Type C
will be connected to A1 or A2 or B, depending upon the geographical
proximity with 2 Nos. of 2 Mbps. All stations will have redundant
connectivity to the backbone so that the failure of links as well as
congestion are taken care of.
In addition to the providing of Internet Access, the NIB supports the ISP
operations of DOT by building-in the ISP functionality in its equipment
placed at the IAPs of the NIB. The NIB thus provides the following services
to its end customers :
• Provide connectivity to Internet.
• Provide Internet accounts to customers. The accounts shall be of

types-Shell, TCP/IP dial-up, Leased line, and Virtual Private
Networks (VPNs).
• Provide different Internet services like E-mail, FTP, Telnet, Chat,

WAIS etc.
• Network Management and Billing functions.
• Automatic Roaming Facility within the country.
• Multi-Homing facility for the E-mail users.
The network also gives the flexibility for the administrators to implement the
following additional features in the network without additional investments:
• Scaleable Security architecture which gives a framework to

implement the finalised security policy.
• Global Roaming Facility
• Distributed / Centralised billing.
• Centralised NMS
• Proxy servers for caching (to save on international bandwidth) and

implementing security with the help of access list.
• Free Home Page for all the customers.
• Centralised Radius and Directory Servers
Customer Access Mechanism :
The NIB shall support access of Internet to the respective nodes by the
following mechanisms. These shall apply only for DoT customers.
• PSTN Dial-up access to Internet at port speeds upto 33.6 Kbps. The
Digital Signalling Processor (DSP) modems shall be able to
provide future support for 56 Kbps standard by a suitable
software upgradation.
• ISDN Dial-up at Basic rate interfaces (BRI).
• X.25 access through Inet Gateway.
• Frame Relay (FR) and Asynchronous Transfer Mode (ATM) access.
• Leased line access to Internet at 64 Kbps, N X 64 Kbps and 2 Mbps,

N x 2 Mbps speeds using appropriate modems.
Private ISP Access Mechanism :
Private ISPs shall be connected to NIB through the following mechanism :

• Leased line access to Internet at 64 Kbps, N X 64 Kbps and 2 Mbps,
N x 2 Mbps speeds using appropriate modems.
Private ISP may either choose NIB for connectivity or choose other
networks like Railways, power grid, etc., or set up their own links with in the
licensed area for the Internet connectivity access. TEC has finalised a
Interface Approval IR for Remote access server to take care of the interface
requirements when the Private ISP has chosen to connect to the DoT
network.
Classification of Nodes :
There shall be following three types of nodes.
Type of Node No of Stations
Type A 14
Type B 31
Type CI 41
Type CII 87
Type CIII 376
In the NIB 1st phase, the requirement of servers and other equipment at
Type A and B have been identified, the network connectivity diagrams have
been worked out and IP address allocations have been asked from APNIC.
Separate servers are planned for different applications. Placement of
servers is done with the whole of network architecture requirement in
consideration. The network architecture thus has the concept of
centralised servers at few places where skilled manpower is available. The
login and caching servers are planned only at 14 A stations in the I phase,
but in the second phase at CI, CII and CIII stations have been worked out
and released as Amendment 2 of TEC GR on NIB. The up-gradation of
servers and Routers required at A and B stations to take care of the load of
the CI, CII and CIII stations have been also given in the amendment 2 of
TEC GR No. G/NIB-01/01.
A centralised Network Monitoring System (NMS) involving a unified console

and system has been planned for the Internet Backbone. Ultimately, the
NMS will be a two tier structure. The NMS at New Delhi and Mumbai
stations will act as the National NMS centre. They not only manage the
nodes, ports and devices connected to the areas marked for New Delhi and
Mumbai, but also manage the core connectivity links. NMS has been
planned for other Territorial Circles. These will act as middle level, they
manage the devices, links and equipment connected to its area, collect the
data of the core backbone and pass it on to the centralised NMS. The NMS
has been planned on Simple Network Management Protocol (SNMP).
The server requirements for the 1st phase have been worked out with the
customer capacity of about 300,000. The dial up customer base for RAS at
Type A node is planned with 480 DSP modem or 16 E1s (projected
customer base of 4800) and B node is planned with 120 DSP modems or 4
E1s (projected customer base of 1200 for 1:10 ratio). These may be
expanded suitably according to the requirements on a later date.
Salient Features of NIB :
NIB has been planned with the whole network architecture requirement with
a tier architecture and core layer. Carrier class equipment have been
planned with high redundancy features. The scalability and expandability
issues have been the main factors in designing the backbone. It is planned
with a greater stress on the network connectivity with link redundancy and
concept of Network Management System through Simple Network
Management Protocol (SNMP). All the power supply has been asked with –
48 Volts DC so that the NIB equipment can run on the exchange battery
supply. Wherever, vendor is not able to support this requirement, Inverters
have been asked to be supplied. All the equipment have been asked to be
hot swappable and support high redundancy features. The entire solution is
asked on the rack or chassis based. The equipment has been asked to
conform to as many less chassis as possible.
The Network is planned with a structure, which can implement the security
plan, which will be evolved for Internet by the Government. The firewall
architecture is able to define a single, integrated security policy distributed
across multiple firewall gateways and managed remotely from the central
place. The architecture is also able to give central integration, configuration
and management for the firewall as well as other third party security
applications.
The firewall architecture divides the network into the following three
separate zones (sub networks) :
• Secure Zone - This shall be highly protected zone. Only authorised and
authenticated personnel shall be permitted beyond this zone. DNS,
NMS and APP workstation and Billing servers shall be in this zone.
• Demilitarised zone (Perimeter Network) – This shall be semi-protected

zone. Only users that have been checked and authenticated shall gain
access to this zone. Application servers like WWW, Proxy, Radius, E-
mail, etc., shall be in this zone.
• Open Zone – These are open zones containing Remote Access Servers,
Routers and Login servers.
Numbering Scheme for Internet Access :
Internet Service Provider (ISP) node is connected to the exchange through

Analog subscriber lines or junction lines working at 64 Kbps, nx64 Kbps or
2 Mbps. In some cases, the connection of subscriber to ISP may be through
leased lines, but they will not pass through exchange and therefore, no
dialling is required for accessing the ISP node. PSTN subscriber will be
able to access ISP node on a local call basis, if the ISP node is available in
same local area. In all other cases, the subscriber needs to make a long
distance call to access ISP node.
The subscriber shall dial the following:
Access code + ISP code i.e. 172 + xxx
Where xxx = 100 to 999 and will be allocated on centralised basis to the
Internet service provider.
Equipment Configuration of Various Sites
Type A nodes servers requirements may vary at different places. No

servers are planned at type B and C locations. The requirement of servers
and other equipment at each site is indicated in subsequent paras.
Equipment Configuration at Type A sites
Equipment Configuration at New Delhi
This Type A node will contain the following equipments :
login1 server 1 No
WWW1server 1 No
DNS1 server 1 No
WWW3 server 1 No
Radius1 server 1 No
Radius2 server 1 No
Mail1 server 1 No
Mail2 server 1 No
Proxy1 server 1 No
Proxy2 Server 1 No
Billing 1 Server 1 No
Test Bed 1 No
Ethernet Switch 1 No
Router 1No (Gateway and Aggregation
router)
NMS Work stations. 1 No
Application (APP) work stations 1 No
Help Desk 5 Nos
CSU-DSU Converter 2 Nos
Line Drivers 2 Mbps and N x 2 Mbps As per requirements
Line Drivers 64 Kbps and N x 64 Kbps As per requirements

LAN cabling of UTP 5 category. As per requirements
LAN Cabling will be structured and Gigabit ready.
Equipment Configuration at Mumbai
login1 server 1 No
WWW1server 1 No
Radius1 server 1 No
& Radius2 server 1 No
router)
NMS Work stations. 1 No
Application (APP) work stations. 1 No
Help Desk 5 Nos
Equipment Configuration at Bangalore
login1 server 1 No
WWW1server 1 No
DNS1 server 1 No
WWW3 server 1 No
Radius1 server 1 No
Radius2 server 1 No
Mail1 server 1 No
Mail2 server 1 No
Proxy1 server 1 No
Proxy2 Server 1 No
Remote Access server 1 No
router)
Help Desk 5 Nos
Equipment Configuration at Calcutta
login1 server 1 No
WWW1server 1 No
Remote Access server 1 No
Router 1No (Gateway & Aggregation)
Help Desk 5 Nos

Equipment Configuration at Chennai and Pune
These Type A nodes will contain the following equipments :
login1 server 1 No
WWW1server 1 No
router)
Remote Access Server 1 No
Help Desk 5 Nos
Equipment Configuration at Ahmedabad, Indore, Ernakulam,

Hyderabad, Jaipur, Lucknow, Patna and Ludhiana
These Type A nodes are stations without international gateway. They will
contain the following equipments :
login1 & WWW1server 1 No

Router 1 No (Core and Aggregation
router)
Help Desk 3 Nos
The login for all the customers connected to Type B & Type C nodes will
be performed at the server of the Type A node to which they are
aggregated. Other functions like WWW Web hosting for users and E-mail
will also be performed in the similar way. The Type A stations will perform
these functions for customers connected to them directly as well.
Equipment Configuration at Type B Sites
The equipment configuration at Type B sites consists of :
Router 1No (Core & Aggregation)

Help Desk 2 Nos
Router
The routers planned for DoT’s NIB will be functionally used in three
different application scenarios. However all the ports will be physically
available in a single chassis.
• Gateway Router These routers will be used to connect the NIB to

the International Gateway (IG) of the Internet.
• Core / Interface Router These routers will be used to connect the
Internet Access Points/Points of Presence (IAP/POPs) to the
NIB.
• Aggregation router These routers will be used to connect leased
line customers, Virtual Private Networks and Internet Service
Providers (ISPs) to connect to the NIB for getting Internet access.
A Router used in the NIB will support the Exterior Gateway Protocol -
BGP4/CIDR (Border Gateway Protocol 4/ Classless Inter Domain Routing),
and Interior Gateway Protocols (IGP)- RIP, RIP2, OSPF.
Management and Security
The Router will support the following management and security features.
1) SNMP/RMON : Support for MIBs for SNMP - versions 1, 2, FR, E1 will

be provided. Additional Enterprise MIB (Management Information Base)
support will be available and its details will be provided. RMON MIB Version
I, II support will also be provided.
2) Access Security : The Routers will have at least one level of

password protection features. Multiple levels of management access
privileges for privileged (configuration), and non-privileged (read-only) tasks
will be supported.
3) Packet Filtering / Firewalling : The Router will support extensive

packet filtering and firewalling (stateful inspection). Ability to assign traffic
filters based on any parameter in a data packet will be supported. The
routers ability to have hardware traffic filters on LAN interfaces in addition to
software based filtering is desirable.
4) Console or Out-of-band Management : The Router will have console

management access, with the provision for remote out-of-band management
capability.
5) Telnet, FTP, and BOOTP support : The Router will support Telnet
access to the console and FTP/TFTP/BOOTP access to its
configuration/boot files. Provision will also exist for remote reboot.
6) Configuration Management : The Router will support configuration

management through the command line interface. GUI based software
configuration utility is desirable.
7) Debugging/ Troubleshooting : The Router will provide extensive

debugging and troubleshooting features. A facility to debug file by ‘sniffer'
arrangement will be available without disrupting the traffic on the network.
8) Flash Memory : The Router will support removable flash memory,

for easy replacement of configuration and boot files in the event of software
corruption.
9) Encryption : The Router will implement Encryption based upon widely

used industry standards such as DES.
10) Pre-planned Timed Reboot Facility The Router will support the pre-
planned timed reboot to upgrade their hardware to a new software feature and
plan the rebooting at an off-peak time.
Packet Forwarding Rate and Backplane Capacity : The table showing the
minimum requirement of processing power (aggregate forwarding rate) and
backplane/bus capacity required for the different types of Routers is given
below :
( Size of Packets = 64 bytes to 1560 bytes).

Type of Router Packet Forwarding Backplane
Rate in (PPS) Capacity in (Mbps)
Type A sites where 1000,000 1000

Gateway is available
Other Type A sites 500,000 1000
Type B 200,000 512
Compression : The Router will support the ability to compress payload data
on all WAN interfaces. The compression will be hardware / software based.
The compression algorithm will conform to the various industry standard
algorithms like Lempel-Ziff, STAC etc. The details of the algorithm used will be
indicated.
Traffic Prioritisation and Congestion Management : Traffic prioritisation

features will be supported. It will be possible to assign different levels of
priority to different types of data packets based on policies set on the Router.
The Router will support at least three levels of priorities. The Router will be
able to relieve congestion by acting appropriately on the prioritised traffic by
creating queues.
Bandwidth Aggregation : Bandwidth aggregation techniques will be

supported on all interfaces. Support for Multilink PPP which allows for load
balancing and load sharing, by grouping a number of dissimilar PPP (point-to-
point) links on a number of WAN interfaces will be provided. These links
may be dedicated synchronous or dial-up ISDN/asynchronous circuits.
Dial-on-demand : To reduce the need for dedicated circuits, Dial-on-demand

features will be supported on all dial-up interfaces (Asynchronous and ISDN).
Bandwidth-on-demand : Provision for additional connections in cases of

transmitted traffic on the primary link (WAN side) exceeding a pre-defined limit
will be available.
Dial-backup : There will be a provision for the establishment of an alternate

secondary connection in the eventuality of the failure of a primary link.
Encapsulation and Tunnelling : The routers will be able to support

Encapsulation and Tunnelling protocols.
Gateway Router
The Gateway Router will act as an interface between the NIB and the
international side of the Internet.
Core or Interface Router
Core or the Interface Routers will act as an interface between an IAP/POP

and the NIB. All traffic to and from an IAP/POP site will pass through the
Core or the Interface Router which will route all such traffic to other IAP/POP
sites or to the nearest International Gateway. This Router will run OSPF
routing protocol to determine the best route to any destination and do
alternate routing in case of network or link failures. These Routers will have
synchronous interfaces.
Aggregation Router
The Aggregation Router connects ISPs and corporate customers to the NIB
using leased lines of speeds ranging from 64 Kbps to 2.048 Mbps (E1). All
synchronous / asynchronous interfaces of these Routers will be capable of
handling E1 speeds and channelised E1 interfaces and will be capable of
adjusting to any speeds from 64 Kbps onwards upto E1.
Protocols to be supported
The following protocol support is mandatory on all the Gateway, Core or
the Interface and the Aggregation Routers. The Router will support
integrated bridging and routing and the complete list of protocols given in
sub paras below :
1) Network Protocols : The Internet Protocol (IP) will be supported.
2) Routing Protocols
The Routers will communicate with other Routers using standard

based open routing protocol message. The Router will support dynamic routing
using adaptive algorithms. The following protocols will be supported :
IP : RIP, RIP2, OSPF, BGP4/CIDR
“ Latest version of OSPF with support of variable length subnetting will be

supported”.
3) WAN Protocols
The following WAN protocols will be supported :
a) ITU-T X.25 (conforming to 1988 standards, Conformance to 1993 standards

is desirable)
b) Frame Relay (ITU-T Q.922 Annex-A)
c) Point-to-Point Protocol support for PAP & CHAP authentication over the
PPP link.
d) ISDN BRI (Q.921/Q.931) or PRI (Q.921/Q.931) or ATM
4) Following Features will also be Supported
a) Telnet, FTP
b) Future Support of IPv6 will be ensured
c) IGMP, DVMRP, MOSPF or any other new multicast routing
standard technologies
d) Reservation Protocol (RSVP) : Support of the draft of Reservation
Protocol’s (RSVP) will be provided.
Physical Interfaces
The physical interfaces to be supported on the Routers will include :
a) Ethernet, 10BT
b) Ethernet, 100BT
c) High Speed Serial Interface (HSSI)** (only for Gateway routers)
d) Multi Channel E1 (2 Mbps on G.703)
e) Synchronous interfaces, V.35, RS232
f) Asynchronous interfaces, RS232
g) X.21
h) ISDN BRI or PRI (As per TEC GR No. G/ISN-01/01 Aug'93)
i) Support of Fractional E1 i.e., 64, 128, 256, 512 Kbps, etc).
Link Speeds
The link speeds from 64 Kbps to 2 Mbps will be supported on all
synchronous WAN interfaces. The switch drivers will, however, be able to
support more than 4Mbps bandwidth, which will be required while using
compression on the Routers.
The support for E3 speeds (34 Mbps) will be provided for all Gateway
Routers.
Configuration
The configuration requirement for the four types of Routers is given in the table
below :
Sl Routers Interfaces Number of Ports

No Required
Core/GW Aggregation Total
Router Router
Min Max Min Max Min Max
Gateway Functionality
1. Type A stn a. HSSI 1 2 - - 1 2
with Inter- b. Synchronous E1 16 32 15 70 31 102
National c. Channellised E1 - - 10 30 10
30
Gateway d. 100BaseTx 1 2 1 2 2 4
Connectivity e. X.25 - - 2 10 2 10
Core Functionality
2. Other Type A a. Synchronous (E1) 8 16 15 70 23 86
stations b. Channellised E1 - - 10 30 10 30
c. 100BaseTx 1 2 1 2 2 4
3. Type B a. Synchronous (E1) 2 2 3 9 5 11

stations b. Channellised E1 - - 2 6 2 6
c. 100BaseTx 1 2 1 2 2 4
Note 1 The Gateway routers will have provision for Frame Relay (conforming
to TEC GR No. G/PDN-09/01 for FR UNI) and provision for future upgradation
ATM (34 Mbps / 155 Mbps - conforming to TEC GR No.G/ATM-01/01 for ATM
UNI) at two ports of Gateway and two ports of Aggregation routers.
Note 2 Wherever HSSI port is used, CSU-DSU (Channel service Unit - Data
Service Unit) converter is required to interconnect the transmission media (as
per ITU-T Rec. G.703). Routers supporting E3 (34 Mbps) G.703 interface may
also be considered and in such a case CSU-DSU may not be required.
3.0 Remote Access Server

This section specifies the generic requirements for Remote Access
Server (RAS) for use in the DoT's POPs for providing Internet access over
the PSTN using channelised E1 and/or ISDN PRI.
RAS is an internetworking device operating at Layer 1 through Layer 3

of the seven layer ISO-OSI model. It receives dial-up calls from PCs or
devices with modems on the PSTN network, and places data for them onto the
PSTN.
The RAS components are mentioned below :
• Channelised E1/R2 ports These will provide the connectivity

between the RAS and the PSTN network, and operate R2 MFC
inter-switch signalling protocols modified to Indian switches as
defined in TEC GR No.G/LLT-01/03 Sep 95.
• ISDN PRI These provide the connectivity from RAS to Exchange on

ISDN PRI links.
• DSP Modems These modems receive incoming calls from E1

trunks and decode the signals sent by the remote modem. The
DSP modems are based around software which allows easy
upgrades to new modem standards and operations.
•
• Router Engine This decodes and forwards data traffic received
from the remote device to a secondary LAN or WAN interface.
The following software features will be supported :
Terminal Server functionality
This functionality provides connectivity for remote users desirous of

connecting to the Internet with terminals or PC terminal emulation
applications. Users will be connected to the Internet through this feature,
to "Shell" E-mail accounts on UNIX. Terminal server functionality will
include :
• Configurable text login prompt.

• A message of the day function to alert users about features, problems,
or for sending warnings etc.
• Support for Telnet and rlogin to hosts on the service POPs.
• A menu function to allow users to select from a number of services
offered by the POP.
Radius Client
This allows the RAS to validate a dial-in user on a centralised Radius

server. Accounting packets on connect and disconnect are also to be
sent to this Radius server. In case of no response from the primary Radius
server, the Radius client will support one or more backup servers. The
Radius client will comply with RFC 2058 & RFC 2059.
IP address assignment : The RAS will be able to assign IP addresses

using the following mechanisms :
• Dynamic assignment through a pool of IP addresses stored within

the RAS.
• Assignment of an IP address from a Radius server (IP address per
user).
• Assignment from a DHCP server.

• Assignment from a downstream ISP Node.
Multi-chassis, Multi-Link PPP (using RFC 1717) : Multi-Link PPP allows

remote users, connecting over ISDN or PSTN, to use multiple channels
for the same circuit. In this way, a remote user can gain the benefit of
the combined bandwidth of two or more circuits.
Multi-chassis support, allows the second, third or more calls, which

arrive on E1 trunks separate from the first, and therefore, enter a
physically separate device, to be combined together as one connection
using the Ethernet to pass the PPP traffic between the different chassis.
Dial Virtual Private Network (DVPN) functionality : This allows dial-in

traffic to be tunnelled over the Internet, to a remote network. Tunnelling
functionality will allow direct data forwarding to, for example, ISP clients
who wish to route their own Internet traffic, and to information providers or
corporate customers. Remote users who use DVPN functionality will only
be able to access the network of their provider, and therefore not connect
or access any other service offered by the DOT's POP.
The latest draft standards of L2TP protocol to provide tunnelling will be

supported by the equipment. Future support for the approved standards by
IETF will be provided. Any other similar tunnelling protocols supported will
be specified.
Physical Interfaces
The following physical interfaces will be supported.
• Support for both Channelised E1 and PRI on the same card.

• IEEE 802.3/Ethernet 10-Base-T.
• Ethernet 100-Base-TX.
• E1 ISDN PRI (30 Channel) complying to ITU-T G.703 & G.704.
• Channelised E1 with R2 MFC (modified to Indian conditions) Signalling
as given in TEC GR NO. G/LLT-01/03 Sep 95.
• Synchronous Serial E1 ports will also be supported.
• Analog modem ports (minimum 32 numbers of async ports) will be
supported.
Network Protocols
Following Network Protocols will be Supported
• Synchronous and Asynchronous PPP, IPCP (RFC 1661, RFC 1332)

• PAP/CHAP - Authentication protocol for PPP connected clients.
• SLIP and CSLIP - for clients not supporting PPP.
• TCP/IP, IPX.
• Telnet (incoming & outgoing), Rlogin (outgoing) - for Shell account
access.
• ISDN V.120 & V.110 rate adoption for ISDN Terminal Adapters and for
calls from PCM/GSM Networks respectively.
• PPP VJ Header compression.
• Data Compression including STAC etc. Implementation type ( whether
software or hardware may be indicated).
• TCP Header Compression (RFC 1144) will be supported.
Modem Standards to be Supported
• V.22bis, V.32, V.32bis, V.34. V.34+

• 56K modem support: X2 and/or K56flex
• V.PCM software upgrade path
• MNP 10 error correction and V.42 LAPM error correction for PHS
functionality support.
• V.42bis, MNP 2,3,4,5
Channelised E1 /R2 & PRI Information to be Supported
DNIS Information: It allows the POP operator to obtain the number

dialled by the remote user (called party number) which will be passed to
the Radius server. It also gives an option to put restrictions on the number
of calls allowed by the RAS on any one particular number.
ANI : Allows the POP operator to obtain the telephone number of the
remote user (calling party number, or CLI).
The dial up user requirements will be as per the table given below :
Type of No. of Scalable No. of Scalable

Site Modems upto E1/PRIs upto
Type A & B 120 480 4 16
Network Management for RAS
In order to manage the RAS from a central location and to gather

statistical data on the operation of all the components like WAN ports
and Modems, the RAS will be configurable and manageable with SNMP 1
& 2 with compatible MIBS for vendor specific features. PPP Link Quality
Monitoring (LQM) feature will be supported.
Configuration options will include modem speeds, error correction

criteria, data pump parameters, real time and historical statistics, ability to
view modem connect rates, modem re-transmissions and other key
statistics for troubleshooting, accounting and system utilisation.
Accounting The RAS will provide both user and subscriber accounting
information for efficient generation of reliable billing output.
Local Area Network Switch

This chapter specifies the requirements for the LAN switch for use in the
DoT's Internet NIB and POPs for connecting the various inter networking
devices like Routers, RAS and Servers. Depending upon the port density
required at different locations in the NIB and the type of media required to
be supported (Ethernet or Fast Ethernet), these Switches are categorised
as Type A or Type B switches.
A LAN switch is a local area networking device operating at Layer 1

through 2 (and in some cases Layer 3) of the seven layer ISO-OSI model.
The basic function of a LAN switch is to forward packets from one port to
another.
In the path determination function, a switch creates dynamic tables based

on addresses learnt on the network. The creation and dynamic update of
this switching table is part of the intelligence of the switch. Since the
switching occurs in the hardware using Application Specific Integrated
Circuits (ASICs), the latency of a switch is very low as compared to
shared media repeaters.
Media Support The Switch will support the following switched/ shared
media as follows :
• Ethernet (IEEE 802.3)

• Fast Ethernet
Availability/ Redundancy
The Switch will have the following features to ensure high availability and
redundancy.
A redundant clock will automatically be activated following a primary clock

failure to monitor and distribute module clock rates to all slots.
The Switching Module will possess redundant link capability to support

fault-tolerant connections to other switches or shared media segments to
protect against a primary link failure. If the primary link fails, the backup
path will be automatically activated to maintain network connectivity and
throughput. On Ethernet/ Fast Ethernet, this will be done via a standard
protocol called the Spanning Tree Protocol (IEEE 802.1D).
Management and Security
The switch will support the following management and security features.
SNMP Manageability : Will support SNMP MIBs ver. 1 & 2 for Ethernet
(RFC 1643, RFC 1213, and RFC 1493). RMON (Remote Monitoring) MIB I,
II support is also required.
Access Security : The switches will have password protection features on

Telnet access to the box.
Console and Out-of-band management : The switch will have console

management access alongwith provision for remote out-of-band
management.
FTP/TFTP/BOOTP support : The switch will support

FTP/TFTP/BOOTP access to its configuration/boot files.
Configuration Software : The switch will support configuration

management through a GUI based software configuration utility.
Configuration management through the console is also required.
Aggregate Switching Rate & Backplane Capacity : The aggregate

switching rate and backplane/bus capacity for each type of switch will be
specified. The table of the minimum aggregate switching rate and
backplane/bus capacity required on all the switches for the different sites
is given below :
Type of Latency Backplane Aggregate

Sw.
Site in microseconds Capacity (Gbps) Rate (pps)
Type A < 15 5 > 3 million
Type B < 30 2 > 1 million
The Switch port configurations for various types of Switches are given
below :
Type of Site Interface No. of Ports Scalable upto
Type A 10BaseT 15 25
100Base-Tx 15 25
Type B 10BaseT 5 12
100Base-Tx 5 10
Servers
This section specifies the requirements for servers for application in
DoT's NIB to cater to various ISP operations.
A server is a device on which different types of applications can be run for

various kinds of services operating in the network. A server has a basic
Operating System (OS), on which various software can run for a host of
functions.
The Servers in DoT's network are required for the following software,
application and functionality support.
ISP Services
• WWW, E-mail, DNS, News servers software.

• WWW (Browsing), E-mail, FTP, Telnet, News client software.
• WWW Content Development software: HTML, Java, CGI scripts,
and Image processing software.
• Account login (Shell access).
• Programming languages: C, C++, PERL.
Management and Administration
• Authentication, Authorisation & Accounting (RADIUS).

• Billing.
• Network Management System.
• Application/Server monitoring System.
• Internetworking Device Configuration Utility.
Functional Requirements
The server will run basic UNIX operating system conforming to XPG4,
UNIX 95 standards and will support the TCP/IP stack. The OS will be Year
2000 compliant.
Dial-in login, E-mail (POP3/IMAP4), WWW hosting server for

Type A sites
These servers will be used for User shell accounts (logins), E-Mail
accounts and web serving/ hosting.
LOGIN SERVER-1 (Primary Server for login and e-mail)
CPU 2 x 180 MHz or higher

RISC Processor
SPECWeb96 Rating 1500 scaleable to 2200
System Memory 256 MB (expandable to 512)
System disk 2 x 4 GB
SCSI Controllers 2 x Ultra SCSI @ 40 Mbps or Fibre
channel
Ethernet Controller 2 x 10BASE-T/100BASE-TX
Autosensing
with NIC
System Architecture 64 bit
DLT drive 20/40 GB
CD-ROM drive Greater than 12x CD-ROM
IO Ports Serial 2 ports
Parallel 1 port
Security C2 level OS; POSIX P1003.1e least
privilege Access Control Lists
Console 14 “ colour monitor
Level 2 Cache 2 MB per processor
System Bus Speeds Minimum 1 Gbps sustained
WWW SERVER-1 (Primary server for WWW):

CPU 1 x 180 MHz or higher
RISC Processor
SPECWeb96 Rating (Min) 1000 scaleable to 2200
System Memory 128 MB (expandable to 512)
System disk 2 x 4 GB
SCSI Controllers 2 x Ultra SCSI @ 40 Mbps or Fibre
Channel
Ethernet Controller 2 x 10BASE-T/100BASE-TX
Autosensing
with NIC
System Architecture 64 bit
CD-ROM drive Greater than 12x CD-ROM
IO Ports Serial 2 ports
Parallel 1 port
Security C2 level OS; POSIX P1003.1e least
privilege Access Control Lists
Console 14” colour monitor
Level 2 Cache 2 MB per processor
System bus Speeds Minimum 1 Gbps sustained
The systems LOGIN SERVER-1 & WWW SERVER-1, are to be

connected in a back-to-back configuration wherein one system will take
over the services and IP address of the other in case of any software or
hardware failure. The system will have appropriate SCSI/Fibre channel
controllers to provide dual path to RAID-5.
Software Requirements
Dial-in users using "Shell access" to the ISP infrastructure are required to
have account logins into this server. They will be able to use command
line/menu based services like Telnet, FTP, WWW, E-mail, IRC, News etc.
The following software will be required on these server systems :
• GUI based User login management

• Remote, user-login account management
• Web server/client software
• Failsafe HA software
• IRC client
• E-Mail server (will support IMAP4/POP3/SMTP)
• E-Mail client (both text and GUI based).
• C (preferable), PERL5, CGI scripts
• RAID management
Mail Relay and Forwarding Servers for Gateways

The function of this server will be :
(i) Receipt of internal mail messages for forwarding to external

hosts/networks
(ii) Receipt of mail from external networks for relay to internal hosts.
The systems are to be connected in a back-to-back configuration wherein

one system will take over the services and IP address of the other in case
of any software or hardware failure. The system will have appropriate
SCSI/Fibre channel controllers to provide dual path to RAID-5.
Software Requirement
High-end E-mail software designed for handling > 200,000 user E-mail
forwarding and relay functionality.
DNS and WWW Server

This server will be used to provide two functions :
• Domain Name System resolution (DNS) services for the entire NIB.
It may be also used to provide DNS services for its leased-
line/ISP customers.
• This server will also have WWW hosting/serving capabilities.
RADIUS Authentication and Billing Server

This Server will be used for authentication of all user logins on the
various RASs in the network. The Server will support RADIUS
authentication software, for authentication, authorisation and auditing
functions.
Software Features
• The Radius software will be able to give billing details by extracting data
from files (generated by all the remote access servers in the
network) and collating the users' login and account usage
(number of hours) information.
• The above information will be dynamically updated and presented in a

standard ODBC/JDBC database format. The account information
will contain the information on the total usage hours allocated to
the user, and the amount of hours already utilised.
• There will be provision to automatically intimate (and subsequently send

reminders) the user and the system administrator, of an account's
usage hours coming close to its total provisioned time (based on
some pre-decided criteria). In the eventuality, that the account
usage time is not updated/incremented by the user, there will be a
provision in the software, to issue a command to the RAS to
disallow any further access to the ISP network.
• There will be a RADIUS software, which supports standards based

authentication, authorisation and accounting features. This
RADIUS package will support vendor specific RADIUS
parameters and user-customisable features for all major remote
access vendors.
The accounting details available from the Radius server will include :
• IP address assigned to the user on a per call basis.

• The remote access port assigned to the user on a per call basis.
• The date and time of connection.
• Duration of the call.
• The data rate.
• The number of input and output packets.
Proxy Servers
Software Requirement : Internet Proxy software is required.
Network Management System and APP Work Stations

This section specifies the functional requirements for the Network
Management System and APP Work Station.
The APP work station server will support real-time monitoring of all
remote servers in terms of network and system performance and it will be
able to show alarm conditions visually.
The NMS system will provide the capability to manage all servers,
workstations and the inter-networking devices connected to the network
from a system control centre. It will have the capability to consolidate all
NMS's information to one unified console. It will provide a unified system
and have single database command sets for all platforms.
The system solution will be GUI based, user friendly and will require
minimal administrative overhead.
The APP WORK STATION will be paired with the NMS WORK
STATION for shared disk functionality. Any other Hardware required for the
NMS and application service management functionality like monitor
screens, ACD, head gear, voice interface equipments, etc., will be specified
and supplied.
Software Requirement for APP work station
The system software will have the capability to remotely monitor all the
server stations performance in the network in terms of system, network,
high availability and application performances. This software will support
Graphical User Interface, real-time monitoring of alarms for error and
potential error conditions and three-dimensional views for easy
understanding. All the servers used in the network will support the
necessary features to enable this software to monitor them.
Some of the primary functions required for Help Desk Management are
given below :
• Will provide a single point of contact for all help desk functions.
• Will be the first level of problem diagnostics.
• Will proactively identify points of failure.
• Will support automatic routing of calls or Automatic Call Distribution, if
required.
Call Management Facilities
The system will have the call management facility through which it will be
able to distribute all incoming calls uniformly on a first-come-first-serve
basis to help desk operators starting from an initial 5 positions with
expansion upto 25 positions. Preferably computer telephony integration
systems will be present.
Automatic Call Distribution (ACD) System
The ACD system will be able to distribute all incoming calls uniformly on
a first-come-first-serve basis to a minimum number of 5 operator positions
going upto 25 positions. The ACD system will able to perform the following
functions :
• Select an idle operator and connect a call to the selected operator;

• perform pre-programmed distribution of calls;
• to reconfigure queues and call trunk groupings;
• control maximum number of calls waiting in the queue;
• priority assignment of incoming calls;
• priority assignment of incoming calls to any destination operator or a
group of operators;
• to be able to divert a call from the source queue to other specialised
queues;
• to queue overflow unanswered calls to other queues based upon pre-
settable wait time;
• to be able to forward calls to other helpdesk locations or to a after-
office-hours service number;
• to be able to automatically connect calls from the queue as soon as an
operator is free;
• support out-going access to PSTN.
Security Management
System will be able to ensure security issues for access to the network and
applications. The following security features will be supported.
ndustry standard Message Authentication techniques like Kerberos, a token

based security system on UNIX (Version 4 support and future support for
Version 5), MD 5 (RFC 1321) or equivalent will be supported.
DES and Triple DES will be supported.
Billing
The Billing system will be available at New Delhi and Mumbai. It will take
the inputs from Radius server and NMS server. The various hardware and
software features are listed in this Chapter.
It will be possible to bill the subscribers on the basis of the following usage
types
• Shell
• Roaming
• E-Mail
• PPP (TCP/IP)
• Leased lines
• WWW
• ISDN
• FTP
Under each usage type, the chargeable items could be the following :
• The date and time of connection.

• Duration of the call.
• FTP Disk Space.
• WWW Disk Space.
• Day time connection charge
• Evening time connection charge.
• Night time connection charge, etc.
Other chargeable items may be added later. System will have provision for
incorporating the same at a layer date without any software modifications.
Provision will exist for billing the subscribers at a centralised site (i.e., NMS) as
well at individual nodes.
Help Desk
These will work as clients to APP work station described in section 6.
Hardware
CPU - Pentium II 266 MHz or higher.

Memory - RAM : 32 MB or higher.
Video RAM : 2 MB or higher.
Cache : 256 KB or higher.
Drives - Hard Disk - 1.2 GB or higher.
Floppy Disk - 1.44 MB.
CD-ROM - 12x or higher.
Monitor - 14" SVGA Colour.

Resolution - Minimum 1024 x 768 with 256 colours support
(non-interlaced).
Mouse - Standard 2 button.
Bus - Support for ISA/PCI.
Slot - 5 or higher.
I/O Ports - Serial - 2 or more.
Parallel - 1 or more.
Cards - PCI based Network Interface card (NIC)
10BASE-T with RJ-45 connector
PCI based Sound Card - 16bit
Speakers - Internal or External Stereo
Software
Preloaded with Windows 95

Winsock - TCP/IP support
Winsock - PPP dial-up support
Multimedia support for Audio (MIDI, AIFF, WAV support)
and Video (MPEG-2, AVI support)
WWW browser client

POP3 or IMAP4 based E-Mail client.
Access Device
Access devices will be required for inter connecting two ports at any of
the speeds mentioned below :
1) 64 Kb/s
2) n x 64 Kb/s
3) Mbps
4) Speeds greater than 2 Mbps.
For speeds greater than 2 Mbps (Point IV), HSSI ports are used in routers.
The Industry standard routers give higher speeds outputs in HSSI

format. To enable connectivity to the transmission network, a DSU-CSU
converter is required. The DSU-CSU converter equipment enables connection
from router’s HSSI port to transmission equipment ‘s E3 speeds.
The DSU-CSU unit performs two main functions :
• DSU (Digital Service Unit) provides a standard digital interface to

routers via HSSI interface.
• CSU (Channel Service Unit) or LTU (Line Termination Unit) is used
to terminate the carrier transmission line.

w2 14 NIB - Node

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

w2 14 NIB - Node

Загружено:

Авторское право:

Доступные форматы

National Internet Backbone

“DATA NETWORK” FOR JTOs PH-II : NIB-I

National Internet Backbone

Internet is the most visible medium today to provide information to

Existing Internet Set up :

There are 53 Nodes commissioned so far in the country. These nodes

Need for National Internet Backbone :

There have been persistent complaints about the functioning of the

Most of these complaints relate to difficulty in access, slow response

Government policy on Internet is aimed to accelerate the growth and

Government has decided to set up Internet nodes at all district head

National Internet Backbone :

The National Internet Backbone is planned on Router / Frame Relay

The NIB architecture is on the centralised servers at few places with

The equipment consists of Routers (and / or optional frame relay

The NIB is planned as a multi-tier structure consisting of aggregation

• Second Tier : It comprises of other medium towns (Type ‘B'

• Third Tier : it comprises of all district headquarters and other small

As many as 549 stations are planned to be connected on the NIB. In the

The network architecture consists of core stations (A1 locations) which

• Provide connectivity to Internet.

• Provide Internet accounts to customers. The accounts shall be of

• Provide different Internet services like E-mail, FTP, Telnet, Chat,

• Network Management and Billing functions.

• Automatic Roaming Facility within the country.

• Multi-Homing facility for the E-mail users.

• Scaleable Security architecture which gives a framework to

• Global Roaming Facility

• Distributed / Centralised billing.

• Proxy servers for caching (to save on international bandwidth) and

• Free Home Page for all the customers.

• Centralised Radius and Directory Servers

Customer Access Mechanism :

• ISDN Dial-up at Basic rate interfaces (BRI).

• X.25 access through Inet Gateway.

• Frame Relay (FR) and Asynchronous Transfer Mode (ATM) access.

• Leased line access to Internet at 64 Kbps, N X 64 Kbps and 2 Mbps,

Private ISP Access Mechanism :

Private ISPs shall be connected to NIB through the following mechanism :

There shall be following three types of nodes.

Type of Node No of Stations

A centralised Network Monitoring System (NMS) involving a unified console

Salient Features of NIB :

• Demilitarised zone (Perimeter Network) – This shall be semi-protected

Numbering Scheme for Internet Access :

Internet Service Provider (ISP) node is connected to the exchange through

The subscriber shall dial the following:

Access code + ISP code i.e. 172 + xxx

Equipment Configuration of Various Sites

Type A nodes servers requirements may vary at different places. No

Equipment Configuration at Type A sites

Equipment Configuration at New Delhi

This Type A node will contain the following equipments :

Line Drivers 64 Kbps and N x 64 Kbps As per requirements

LAN Cabling will be structured and Gigabit ready.

Equipment Configuration at Mumbai

This Type A node will contain the following equipments :

LAN Cabling will be structured and Gigabit ready.

Equipment Configuration at Bangalore

This Type A node will contain the following equipments :

LAN Cabling will be structured and Gigabit ready.

Equipment Configuration at Calcutta