Scribd
Upload
11 views

Colocation Network SOP v1.0

Uploaded by

quang.nguyen.itdn
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
11 views

Colocation Network SOP v1.0

Uploaded by

quang.nguyen.itdn
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

Colocation Network SOP

Prepared By:

Group Technology

Infrastructure Planning

Confidential Colocation Network SOP Page 1 of 19


TABLE OF CONTENTS

1 DOCUMENT CONTROL .................................................................................................................. 3

1.1 REVISION HISTORY 3


1.2 REVIEWERS 3
1.3 DOCUMENT PROPERTIES 3
1.4 TERMS AND ABBREVIATIONS 3
2 INTRODUCTION ............................................................................................................................. 4

2.1 OBJECTIVES & SCOPE 4


2.2 TARGET AUDIENCE 4
3 CURRENT BURSA HQ COLOCATION SETUP .......................................................................... 5

3.1 COLOCATION GENERAL RULES 6


3.2 LAYER 2 NETWORK PROTECTION SETUP 7
3.3 POTENTIAL RISK 8
4 COLOCATION GUIDELINES ........................................................................................................ 9

4.1 THIRD PARTY SINGLE SWITCH SCENARIO 9


4.2 THIRD PARTY DUAL SWITCHES SCENARIO 11
4.3 ALTERNATIVE WITH FLEXLINK 13
4.3.1 Flex-link single switch scenario ............................................................................... 13
4.3.2 Flex-link dual switches scenario .............................................................................. 15
5 ACCEPTANCE SIGN OFF ............................................................................................................. 18

Confidential Colocation Network SOP Page 2 of 19


1 DOCUMENT CONTROL
1.1 REVISION HISTORY

Date Author Version Change Reference


20-Jan-2022 Elvis Chong V1.0 Document Created
Table 1: Revision table

1.2 REVIEWERS

Date Name Position

Table 2: Reviewer table

1.3 DOCUMENT PROPERTIES

Item Details
Document Title Colocation Network On-boarding SOP
Author Elvis Chong
Creation Date 20th January 2022
Last Updated
Table 3: Document properties table

1.4 TERMS AND ABBREVIATIONS

The following terms and abbreviations appear in this document.


BURSA refers to as Bursa Malaysia Berhad
COLO refers to as Co-Location
IP refers to as Internet Protocol
SPT refers to Spanning-Tree

Confidential Colocation Network SOP Page 3 of 19


2 INTRODUCTION
2.1 OBJECTIVES & SCOPE

The purpose of this document is to define the Colocation current network standards and
provide the guideline for internal bursa team and 3rd party vendor on Colocation network
onboarding without breaching the layer 2 network rule.

This document outlines the following:

▪ Existing Bursa Colocation Network Topology.


▪ The protocol uses to protect the layer 2 network services.
▪ The general rules and guidelines that 3rd party vendor should follow.

Bursa DRC currently with single switch environment but the setup will be identical in near
future and the similar guideline should be followed.

This document will be reviewed and updated from time to time to ensure it reflected the most
recent Bursa Colocation environment.

2.2 TARGET AUDIENCE

This documentation act as the Colocation network standards references for Bursa
Infrastructure Planning team and Network Operation support. This document also acts as a
guideline for 3rd party vendor to understand the layer 2 services provided and the general rules to
follows before connecting to Bursa Colocation environment.

Confidential Colocation Network SOP Page 4 of 19


3 CURRENT BURSA HQ COLOCATION SETUP
• Current design Bursa Colocation only provide Layer 2 Network Extension to 3rd party
network.

• VLAN root bridge on Bursa primary switch to ensure optimum traffic forwarding path
from downstream connection.

• Spanning-tree is required to ensure Layer 2 loop-free topology.

Figure 1: Standard Setup

Confidential Colocation Network SOP Page 5 of 19


3.1 COLOCATION GENERAL RULES

• The Layer 2 VLAN are owned by Bursa Malaysia.

• 3rd party Switchport interface that facing Bursa network, the interface speed and
duplex must be in default auto-negotiation mode.

• 3rd Party must participate into Bursa Spanning-tree to ensure Layer 2 loop-free
topology. Exception given for router L3 connection.

• Do not enable the following on uplink port/ports to Bursa network.

• Root guard

• BPDU Filter

• BPDU guard

• Do not configure vlan bridge priority lower than Bursa Root Bridge(24576) &
Designated bridge(28672). Root Guard will block the port if superior BPDU
received from 3rd party. 3rd party are recommended to leave the vlan with default
bridge priority (32768).

• Alternative, 3rd party shall configure vlan bridge priority to 61440 for inferior value
to become root bridge.

Confidential Colocation Network SOP Page 6 of 19


3.2 LAYER 2 NETWORK PROTECTION SETUP

• Spanning Tree Root Guard is enable on all Bursa downlink toward 3rd party connection.

• 3rd party who violated the general rules by sending superior BPDU and claiming root for
vlan, Bursa Root Guard configuration will disable the violated port, the port will goes for
spanning-tree blocking/root inconsistence status, in this case the port won’t able to
forward traffic.

• When the port blocked by root guard, the subsequent recovery is automatic. Recovery
occurs as soon as the offending device ceases to send superior BPDUs.

• Storm-Control is enabled for unicast, multicast and boardcast traffic. Partnet cannot
consistently send packet exceeding 40% of the bursa connected uplink in every second
interval.

• Storm-control will shutdown the violated ports if packet storm are detected to prevent
further crashing on Bursa switch CPU & Memory.

• The storm control breaches link will goes into error-disable state. Bursa has configure the
errdisable recovery interval of 1800 seconds (30 minutes). No manual intervention
required for auto recovery after 1800 seconds.

• However, post the interface auto-recovered, if the switch detects the packet storm persist,
the ports will be disabled and goes back to errdisable mode again, it needs to wait for
another 1800 seconds for auto-recovery.

• Manual intervention is needed if required recover the errdisable port before the defined
1800 seconds, by bouncing the interface manually(shut/no shut).

Confidential Colocation Network SOP Page 7 of 19


3.3 POTENTIAL RISK

• 3rd Party switch do not participate into Bursa Spanning Tree Process.

• 3rd Party enable BPDU filter.

• All downstream ports on 3rd party become forwarding port and network looping caused.

Figure 2: BPDU filter by 3rd party

Figure 3: Causing layer 2 looping

Confidential Colocation Network SOP Page 8 of 19


4 COLOCATION GUIDELINES

4.1 THIRD PARTY SINGLE SWITCH SCENARIO

• In this scenario, 3rd party only using single switch connected to Bursa both Primary and
secondary colo switches.

• The spanning tree will ensure loop-free topology by blocking the secondary port
connected to Bursa secondary switch.

• The traffic from 3rd party switch will follows the root port towards the primary switch
and the secondary port toward bursa secondary switch will be in alternate/blocking status
to avoid traffic looping in layer 2 network environment.

Figure 4: 3rd Party Single switch normal scenario

Confidential Colocation Network SOP Page 9 of 19


• In case of primary uplink failure, the alternate/blocking port will converged to root and
forwarding port. The traffic will failover over the secondary path automatic without any
human intervention.

Figure 5: 3rd Party Single switch failover scenario

Confidential Colocation Network SOP Page 10 of 19


4.2 THIRD PARTY DUAL SWITCHES SCENARIO

• In this scenario, 3rd party using dual switches connected to Bursa Primary and secondary
colo switches.

• Similarly, the spanning tree will need to ensure loop-free topology.

• The traffic from 3rd party switch will follows both the root port towards the primary
switch and the secondary port toward bursa secondary switch.

• The interlink on 3rd party will be in alternate/blocking status to avoid traffic looping in
layer 2 network environment.

Figure 6: 3rd Party Dual switch normal scenario

Confidential Colocation Network SOP Page 11 of 19


• In case of 3rd party primary uplink failure, the 3rd party interlink switchport’s
alternate/blocking port will converged to forwarding port. The traffic will failover over
the secondary root path automatic without any human intervention.

Figure 7: 3rd Party Dual switch failover scenario

Confidential Colocation Network SOP Page 12 of 19


4.3 ALTERNATIVE WITH FLEXLINK

• If 3rd party do not opt to participate into Bursa Spanning-Tree process and do not wish to
have layer 2 influence by Bursa managed network, Flex-link or any equivalent must be
ensure only single link is active at any time. Therefore, ensure no looping possibilities.

• STP is disabled on Flex Links ports. If STP is disabled on the switch, be sure that there
are no Layer 2 loops in the network topology.

• Refer to the flex-link document for guideline flexlink.pdf (cisco.com)

4.3.1 Flex-link single switch scenario

• From Flex-link interface pair, one link is acts as Active interface and another link will be
on standby mode.

Figure 8: 3rd Party single switch flex-link normal operation scenario

Confidential Colocation Network SOP Page 13 of 19


• When the primary active link down, the standby link start forwarding traffic. When
inactive linkcomes back up, it goes into standby mode.

Figure 9: 3rd Party single switch flex-link failover scenario

Confidential Colocation Network SOP Page 14 of 19


4.3.2 Flex-link dual switches scenario

• In this scenario, partner switches should have dual interlink connect between their
primary and secondary switches.

• The 3rd party interlink should be in standby mode to ensure no looping possibilities.

Figure 10: 3rd Party dual switches flex-link normal operation scenario

Confidential Colocation Network SOP Page 15 of 19


• Primay uplink failover scenario.

• Standby link on Switch 1 will change to active and start forwarding traffic.

Figure 11: 3rd Party dual switches flex-link failover scenario 1

• Secondary uplink failover scenario.


Confidential Colocation Network SOP Page 16 of 19
• Standby link on Switch 2 will change to active and start forwarding traffic.

Figure 12: 3rd Party dual switches flex-link failover scenario 2

Confidential Colocation Network SOP Page 17 of 19


5 ACCEPTANCE SIGN OFF
Signature of this Document by the authorized BURSA representative indicates satisfaction and
acceptance for the Bursa Colocation SOP.

BURSA Support Staff

Signature: ________________________

Name:

Designation:

Company Stamp:

Date:

Confidential Colocation Network SOP Page 18 of 19


< This page was intentionally left blank.>

Confidential Colocation Network SOP Page 19 of 19

You might also like