0% found this document useful (0 votes)
203 views38 pages

ANTlabs Tru'IP DDI Product Overview

Uploaded by

Ta Mendoza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
203 views38 pages

ANTlabs Tru'IP DDI Product Overview

Uploaded by

Ta Mendoza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 38

ANTlabs Carrier Solutions

[ Tru’IP DDI Product Suite ]

©2019 ANTlabs Pte. Ltd. All Rights Reserved.


ANTlabs - Quick Facts

1999 › ANTlabs was founded

3000 › Over 3000+ installations worldwide

50 › Customers in more than 50 countries

80+ › Global network of 80+ partners

24/7 › World-class, 24/7 support

20 › 20+ Granted Patents Internationally

©2019 ANTlabs Pte. Ltd. All Rights Reserved. 2


ANTlabs - Quick Facts

4 › 4 Offices, HQ - SG, MY, SKorea, UAE

70 › 70 Staffs (AUS, India, Philippines, Sri lanka)

60 › 60 technical personals(>80% of company)

28 › 28 R&D / Product Engineers

18 › 18 Technical Support Team

©2019 ANTlabs Pte. Ltd. All Rights Reserved. 3


What We Do

Hospitality Carrier Solutions


Our Hospitality solutions are a key business Our Carrier Solutions have enabled
enabler for service institutions,
Telcos, ISPs, Mobile Virtual Network Operators
such as hotels and service apartments,
deploying High Speed Internet Access (HSIA) to enter the competitive market
services for guests. with great speed and confidence.

ANTlabs is one of the leading network


solutions providers for visitor-based solutions
in MICE centers, schools and universities,
malls, and transport hubs.

Large Venue

©2019 ANTlabs Pte. Ltd. All Rights Reserved. 4


Our Customers
Carrier Solutions Carrier Solutions
Large Venue

Hospitality

©2019 ANTlabs Pte. Ltd. All Rights Reserved. 5


Timeline in Singtel (15 years and ongoing…)
Year 2016/2017: WiFi enhancement
Broadband, Wi-Fi, Mobile, VAS & AAA Solutions services with N+1 setup, central
Tru’DB (10M), central Reporting, etc.
Launch integration with Mobile
Product, Infrastructure, Hospitality, Managed Svcs service with EAP-SIM for seamless
Gen.Enterprise (GE), Corporate, Visitors, Tourist access and mobile offload
Mobile, Broadband, Satellite, mIO-Voice Tight integration to Mobile
WiFi Monetization Core and new Combo plans
launched Year 2015-Now
Launch with Singapore New W@SG Service with
Government Island-wide free Year 2012-Now Singtel Wifi bundle
Launch First WiFi Hotspots public hotspot Wireless@SG Mobile Offload Singtel GE
(OWS) Outdoor Wireless ---------------------------
Surf where it is a VAS for Year 2010 - Now Year 2013-Now
broadband service Satellite (InMarSat) Year 2015
Mobile Core AAA AAA Expanded
--------------------------- Radius
Year 2010 - Now Grow WiFi hotspot to more than
Year 2006-Now
HDM DHCP Year 2012 3000
Wireless@SG
--------------------------- Broadband WiFi Expanded
Year 2003 – Year 2006 Grow WiFi hotspot to more than
Year 2009 - Now
Outdoor Wireless Surf Year 2014 2000
MioVoice DHCP/DNS
(OWS) AAA Expanded with DR site
Grow Mobile Sub to more than
4 Million

©2019 ANTlabs Pte. Ltd. All Rights Reserved. 6


ANTlabs in Singtel GW – SSG4/IG4
Tru’Auth AAA Product Suite
Carrier-Grade 3GPP AAA
(RADIUS/Diameter), ADC and CMS

Singtel Visitors Singtel Mobile


ANTlabs’ (VIP, Delegates)
Authentication &
Presence Accounting Tru’Auth AAA
Ez Login, Mobile Authentication
Surf, EPG Singtel WiFi, VAS,
Policy, etc.
LDAP
AD-Banners
Account Print Print INOSS HLR Mobile Offloading,
NMS Server SNMP MD Monetization
APP Reporting System CDR SpringD
Tru’IP DDI
My Singtel IMDA Singtel mIO Voice,
DB-Provisioning Web API HDM
Radius/Dia AAA HDM, Voice, IP, API,
Authentication
DHCP/DNS DDI
SDP
Gateway Portal
BCC
CMS / Cloud GUI Singtel Broadband,
IMsat IP, Authentication
Singtel WiFi
Portal, Authentication, BizLiv Palo
Analytics
Tru’IP DDI Product Suite
Singtel Satellite
Singtel GE Carrier-Grade DHCP, DNS, ADC
Ship CPE and CMS
Enterprises Authentication, Tru’Auth AAA
Tru’IP DDI Billing Report
©2019 ANTlabs Pte. Ltd. All Rights Reserved. 7
Carriers, Telecoms, MVNOs

ANTlabs Product Family

©2019 ANTlabs Pte. Ltd. All Rights Reserved.


Product Family

Carrier Product Family

SSG 4 Tru’IP DHCP Product Suite


Carrier-Grade gateway for Telco Carrier-Grade DHCP and CMS
WiFi Mobile offload

Tru’Auth Product Suite Tru’IP DNS Product Suite Tru’Media Controller


Carrier-Grade AAA for Telcos, Carrier-Grade DNS and CMS Media Content Injector
ISP, MVNO

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 9


Product Specifications

Tru’IP DDI Product Suite

@2019 ANTlabs Pte. Ltd. All Rights Reserved.


Tru’IP Product Suite

Tru’IP DHCP ▪ High Performance DHCP Platform

Tru’IP DNS ▪ High Performance DNS Platform (Auth / Recursive)

Tru’IP CMS ▪ Management Platform for Tru’IP DDI

Tru’IP ADC ▪ Dedicated Load balancer for Tru’IP DDI

Tru’IP DB ▪ High capacity/performance boost by external database for DDI

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 11


Tru’IP DHCP

ANTlabs Tru’IP DHCP

Features & Functionalities

@2019 ANTlabs Pte. Ltd. All Rights Reserved.


Tru’IP DHCP: Solution Architecture (HLD)

SingNet
Core Network
Tru’IP DHCP
[Site-1] [Site-2 (DR)]

Site-Site Links

➔ Zone-1 DHCP
Active CLUSTER-1 Active

IPv4 IPv4
Active Central Standby Supported Capacity:
IPv4 Active Standby IPv4 • Tru’IP DHCP 4300 series:
DHCP-1 IPv6 IPv6 DHCP-2 (6M IP, 3M Leases, 30K LPS, 200K PPS)
Active CMS-1 CMS-2 Active
• Tru’IP DHCP 4200 series:
DB-1 DB-2
ADC-1 ADC-2 (4M IP, 2M Leases, 15K LPS, 100K PPS)
Load Balancer Load Balancer
MGMT SW Active
Active
CLUSTER-2
IPv6 IPv6
➔ Zone-2 DHCP Heartbeat
Data-SYNC

DHCP-3 DHCP-4

ANTlabs Tru’IP ANTlabs Tru’IP

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 13


Tru’IP DHCP:
High Performance Product Architecture CPU
Core
Incoming DHCP server –
DHCP Core
Grouped
packets Subnets
DHCP Packet DHCP Policy Core
handler Distributor
DHCP server –
Grouped
Subnets
DHCP Packet Handler Core
8388608
Sanity Check – Verifies that incoming packets conform to RFC standards or it is
dropped.
Rate Limit - Operates either in Detection only and reports or Detection and drops
packets exceeding rate limit per Circuit ID.

DHCP Policy Distributor


Sends request to appropriate DHCP server that governs a group of subnets based on Core
relay IP, VAS token or other business logic
DHCP server –
Grouped Core
DHCP server Subnets
Groups subnets according to the business logs.
Core
A separate IPv4 and IPV6 system pipeline architecture is implemented.

4xSockets 3.2GHz 16T


@2019 ANTlabs Pte. Ltd. All Rights Reserved. 14
Tru’IP DNS

ANTlabs Tru’IP DNS

Features & Functionalities

@2019 ANTlabs Pte. Ltd. All Rights Reserved.


DNS: General Problem Statement & Mitigation

▪ Slow Network response to the end users.


▪ How to improve user browsing experience ?
▪ How to improve the Broadband Customer experience ?

ANTlabs Tru’IP DNS Solution Mitigation Factors:

✓ Cache Hit Ratio:


▪ Committed Cache Hit Ratio > 50 %
▪ High Optimized Caching
▪ Faster DNS response.
✓ Low Latency
✓ High QPS
✓ IPv6 Support
@2019 ANTlabs Pte. Ltd. All Rights Reserved. 16
Tru’IP DNS: Solution Architecture (HLD)
CMS: Central OPS Mgmt (GUI, API, DB, SNMP) to manage DNS Backend DNS load sharing with 2 x Active Sites;
- 2 x Active :: Active Site clusters; Active :: Standby cluster setup
- 2 x Exchanges; Each Exchange with: 1 x Local HA Pair
- Geographical Redundancy / DR (BCP); 2 x Active Service IP
Solution-1 Solution-2
(One Site Only) (Geo-Redundancy/DR)
Remote HA
Main-Site Active Site-A Site-B (DR) Active
Active Passive
CMS-1 CMS-2
Local
Active HA Passive
Active Passive CMS-1 CMS-2 Active Passive
DNS-1 DNS-2 DNS-1 DNS-2 DNS-3 DNS-4
2xGE 2xGE 2xGE
Local Local Local
HA HA HA
1xGE 2xGE 2xGE 1xGE 1xGE 2xGE 2xGE 1xGE 1xGE 2xGE 2xGE 1xGE

DNS Service IP-A DNS Service IP-A DNS Service IP-B


(1 x Virtual IP) (1 x Virtual IP) (1 x Virtual IP)

UE
IP Core Network DNS-IP-A
UE
IP Core Network DNS-IP-A
DNS-IP-B
@2019 ANTlabs Pte. Ltd. All Rights Reserved. 17
Tru’IP DNS: Solution Architecture (HLD)
Solution-3
(Geo-Redundancy/DR)

Remote HA
Active Site-A Site-B (DR) Active
Backend DNS load sharing with 2 x Active Sites; Active Passive

- 2 x Tru’IP DNS Systems


- Active :: Active Site clusters; Active CMS-1 CMS-2 Active
DNS-1 DNS-2
- 2 x Exchanges; Each Exchange with: 1 x Tru’IP DNS GEO- HA Data Sync
- Geographical Redundancy / DR (BCP);
- 2 x Active Service IP 1xGE 1xGE 1xGE 1xGE
- Authoritative

Tru’IP CMS: Central OPS Mgmt (GUI, API, DB,


SNMP) to manage DNS
DNS Service IP-A DNS Service IP-B
(1 x Service IP) (1 x Service IP)
PRIMARY SECONDARY

UE
IP Core Network
DNS-IP-A (PRI)
DNS-IP-B (SEC)

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 18


Tru’IP DNS: Product Key Information
▪ Tru’IP DNS Server [Feature & Functionality]
o Authoritative DNS Server
• 1st stage check Server and Client IP group
Tru’IP DNS
• 2nd stage check Backend DNS records
o Recursive DNS Server
• Internet root to authoritative DNS resolution
o Forwarding DNS Server
• Forward to Recursive DNS server
o Cybersecurity: DNSSEC / NSEC3 / EPP
Supported Capacity:
• Cryptographic records / Encrypted tunnel transfer / Shadow DNS • Tru’IP DNS 4300 series:
o Stateful DNS LB (session tracking) (300K QPS, 1M host records)
o MGMT Interface • Tru’IP DNS 4200 series:
• RADIUS/LDAPs/TACACS+ (140K QPS, 500K host records)

▪ Native DNS query throttling (rate-limit) and random source query • Tru’IP DNS 4100 series:
o DNS storm, DNS caching poisoning protection, IDS / IPS false alert avoidance (10~70K QPS, 500K host records)

▪ High Performance ▪ High Availability (HA)


o >300,000 authoritative or recursive QPS o Support Local Active-Passive server HA
o Support 1M host records per cluster o Support Geographical Active-Active HA
o No synchronization required; Client side seamless failover
@2019 ANTlabs Pte. Ltd. All Rights Reserved. 19
Tru’IP CMS &
DNS
Management

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 20


Tru’IP DNS: Management Features – 1/2
DNS Statistics Reporting Features DNS Security Features
▪ DNS Traffic Performance ▪ Native DNS query throttling
• Cache Hit Ratio - IPv4 & IPv6 • DNS storm protection

• Latency - IPv4 & IPv6 ▪ Random source query


• DNS caching poisoning protection
• QPS - IPv4 & IPv6
• IPS false alert avoidance
▪ Native IPv4 and IPv6 firewall controls
▪ DNS System Performance (KPI)
• CPU ▪ View based recursive DNS and authoritative DNS ACL
• Disk Usage
• Memory DNS System Logs
• MySQL Connections, Cache Free • DNS Events logs
Memory, Db Size, Queries, Queries
Cache • CLI Logs
• Network Bond interfaces • Systems Events
• Server Load • CPU utilization & load factors

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 21


Tru’IP DNS: Management Features – 2/2
▪ Access Methods ▪ System MIBs
• Video and Keyboard • MIB2 (RFC 1213)

• Serial Console • HOST Resources (RFC 1514)

• DRAC • MIB for SNMPv2 (RFC 1450)

• SSH • UCD Davis MIBS


o (OID 1.3.6.1.4.1)
• SCP and SFTP (.iso.org.dod.internet.private.enterprises)

• ANTlabs private MIBs:


▪ Centralized Service Management (Optional) o Tru’IP MIBs

• SSL RSA key authentication o DNS MIBs

• Restricted Environment o HA MIBs

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 22


Tru’IP DNS: Scalability & Expansion

▪ Horizontal Expansion:
License Expand DNS Capacity
- Uplift License:
- 10K QPS ➔ 70K ➔ 140K ➔ 300K QPS
- 100K host records ➔ 500K host records

▪ Vertical Expansion:
Site-A Site-B
Adding multiple nodes say 2nd DNS pair
- Active :: Active clusters A
LB LB A
- Geographical Redundancy / DR Failover N+1 A
Singtel IP Core Network
A
N+1
- Setup in N+1 mode (each 4+1 forms a cluster) A A

- Expand adding “N” nodes


- Include LB node to load balance across Tru’IP DNS Systems

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 23


Strategize business decisions

Reports and Analytics capabilities

©2019 ANTlabs Pte. Ltd. All Rights Reserved.


Tru’IP DHCP: HIGH Performance KPI (Graphana)
DHCP – Leases & LPS
- High LPS
- High Leases
- Same Gi-Addr, MAC, etc.

DHCP – KPI
- Low CPU, MEM
- Low B/W, Disk logs

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 25


Tru’IP DNS: System – High DNS Caching
PC
Subscriber
DNS Reply DNS Request

ANTlabs TruIP DNS


Recursor
4
3 Checks on L1 YES
DNS Reply
Reply Domain
record
Cache If domain record exist
Query Cache on L1 cache
L2 Cache NO

2 If Domain record
5 DNS Reply doesn t exist on L1
cache
Custome
L1 Cache Singtel
r DNS DNS Reply
Reply Domain
(Packet cache) farm Checks on L2 YES
record
Cache If domain record exist
on L2 cache

Server / Internet
Authoritative
DNS Query

1
If the Domain is already cached,
ANTlabs Tru IP DNS Sever returns
the query from its 1st Level NO
DNS Reply If Domain record
doesn t exist on L2
cache
User s query hits the ANTlabs
Tru IP DNS Server 1st Level Cache Forward Domain Query
to DNS Farm

DNS Request
DNS Reply
DNS Farm/Internet

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 26


Tru’IP DNS: HIGH Caching Levels [L1, L2 Cache]

L1 - Cache
- Quick Answer to same
UE MAC
- Low Latency
- Hi-Caching

L2 - Cache
- Quick Answer to same
domain
- Low Latency
- Hi-Caching
@2019 ANTlabs Pte. Ltd. All Rights Reserved. 27
Tru’IP CMS System – KPI Monitoring & Reporting

CMS – KPI
- Low CPU, MEM
- Low B/W, Disk logs

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 28


Tru’IP Admin Configurations

GUI/CLI & Operations Control

@2019 ANTlabs Pte. Ltd. All Rights Reserved.


Administration
GUI Administration
HTTPS-secured Web-based administration page Role-based Access / Accounts permission

Access Account Provisioning

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 30


DHCP IP Pool / Address Management
GUI Administration
• Allocates to User groups based on their authentication profile.
• Allows to give out IPs from different IP pools based User group.

NOTE:
To manually release IP
address, select the checkbox
of that IP address and click
the “Reset” button to release
that IP address or click
“Reset All” button for all IPs..

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 31


Reporting
User Sessions and Usage

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 32


Monitoring

Fault Management
Alarms for System Indicators Alarms for Service Indicators Hardware Indicators - Alarms
• Battery Alarm
• Network Link Down • Unresponsive – Authentication • Voltage Alarm
• Network Link Up • Unresponsive – Accounting • Temperature Alarm
• System Load Return To Normal • RADIUS Service Down • Intrusion Alarm
• System Load Near Critical Limit • RADIUS Service Up • Power Supply Alarm
• System Load Exceed Critical Limit • Database Service Down • Watchdog Alarm
• Memory Usage Return To Normal • Database Service Up • System Power Alarm
• Memory Usage Near Critical Limit • Web Service Down
• Memory Usage Exceed Critical Limit • Web Service Up High Availability - Alarms
• Disk Usage Return To Normal • Syslog Service Down
• Disk Usage Near Critical Limit • Syslog Service Up • Failed Over
• Disk Usage Exceed Critical Limit • Failed Back
• System Time Back To Sync
• System Time Unable To Contact Server RADIUS Service Performance-
• System CPU Return To Normal Alarms
• System CPU Near Critical Limit
• System CPU Exceed Critical Limit • TPS Limit Exceeded
• Session Limit Exceeded

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 33


ANTlabs USPs…
▪ Ease of Operational Decisions
› Tru’Auth & Tru’IP product applications: Allows “on the fly”
configuration changes with “zero” impact to running services or
user sessions (ease of Snr. Mgmt approval process in confidence)
▪ Highly Secured & Low Latency
› Scaled & hardened “Tru’OS” with up-to date VA / PT, high
performance, fast turn-around service traffic in reduced time
▪ In-House Carrier Product Development and R&D
› Quick adaption of evolving technologies ahead of market reaction
▪ Multi-vendor System Integration - Simpler
› Deployed & well-connected with BNG, OLT, PGW, IMS/SBC, etc.
@2019 ANTlabs Pte. Ltd. All Rights Reserved. 34
ANTlabs Strength
▪ Experienced Integrator
› Long-term experience in Internet solutions to answer to the key
design consideration, e.g. HSIA, VBN, hotel-guest/PMS, mobile
offloading, GSM network 3G/LTE, IPv6, DHCP/DNS/GW/AAA, etc.
▪ High Performance & Capacity Scalable Stack
› Developing and deploying high performance scalable technologies
enabling sizing/dimensioning according to subscriber
strength/network infra needs.
▪ Enable New Services E2E via Technologies
› New services through multiple virtual networks via virtual routing,
allowing for service business model utilizing our own “Product Line”
(End-2-End).
©2019 ANTlabs Pte. Ltd. All Rights Reserved. 35
Summary:

▪ ANTlabs solution brings ..


› Trusted and Secure connections
› Telco-grade reliability and enterprise-grade security
› Scalable N+1 solution to meet the current and future demands
› In-House R&D for faster response to market demands
› Experienced deployments with Telcos & other virtual Operators
› Enable New Services E2E via evolving Technologies

@2019 ANTlabs Pte. Ltd. All Rights Reserved. 36


Addressing your concerns

Questions & Answers

@2019 ANTlabs Pte. Ltd. All Rights Reserved.


Thank You
www.antlabs.com

©2019 ANTlabs Pte. Ltd. All Rights Reserved.

You might also like