Visible Changes: Cloud Transformation of China Mobile Tianjin IT System Network

Let's see what Tianjin Mobile and H3C did to make a significant change.

Since Tianjin was industrialized for a century, it has become a city in which tradition and modernity coexist and the word "intelligent" has become the city's new name card. According to the 14th Five-Year Plan for Tianjin Smart City Construction, by 2025, Tianjin will promote the construction of 70,000 5G base stations to achieve full coverage of the 5G network, and create 50 typical application scenarios of digital governance, and build a new system of urban governance with "one network for all".

Tamping the digital service base to generate the changes

In the digital era, IT infrastructure is required to reduce cost, increase efficiency, simplify O&M, and strengthen safety. As the largest mobile network company in Tianjin, Tianjin Mobile has actively implemented the Notice on Accelerating the Deployment and Application of Internet Protocol Version 6 (IPv6) jointly issued by the Cyberspace Administration of China, the National Development and Reform Commission and the Ministry of Industry and Information Technology. It has launched the upgrade of the IPv6 network architecture of the entire IT cloud resource pool with a view to enhancing the endogenous digital service capacity of the network, building an agile, high-quality and highly reliable data center network to meet the needs of future innovative services, realizing the "deep protection" security policy, and providing information base support for the smart city construction of Tianjin.

H3C provided the AD-DC solution with minimal deployment, network-wide collaboration, unified orchestration, design simulation and intelligent O&M capabilities to help Tianjin Mobile upgrade its existing IT cloud resource pool architecture to an IPv6 network under the SDN architecture, achieved IPv6 service isolation and security policy issuance, automated network equipment deployment and O&M management. The solution can connect to third-party cloud platforms to support quick launch of services.

Easy changes

The original IT cloud resource pool of Tianjin Mobile carries all of the company's OA, BOSS, CRM and other core service systems. In the process of upgrading the network architecture, H3C analyzed the challenges in the project implementation process and put forward six strategies to ensure smooth and stable service relocation during the switchover of the old and new networks, such as avoiding service migration interruption, compressing the cutover window time, and accurately matching the security policy after the cutover:

1. Establishment of a new SDN network unified and managed by AD-DC: new IP addresses were assigned to ensure IP reachability to each VTEP node.

2. Establishment of security barriers: Based on the network-wide leaf devices supporting micro-segmentation, east-west IPv6 traffic was diverted to vFW security resource pools through security service chains to achieve flexible deployment of security inter-access policies.

3. Program simulation verification: The lab built an experimental simulation environment consistent with the Tianjin Mobile IT cloud resource pool and conducted cutover tests according to the plan. Through the simulation of problems identified in the tests, we continuously optimized and improved the plan. Meanwhile, according to experiences from the past, a perfect emergency backup plan was established.

4. Service cutover: A gradual cutover strategy was implemented on the new SDN network in order to reduce the risk of cutover and the scope of services affected by the cutover

5. Service chain migration: Convert and import the flow table configuration data into the AD-DC in advance, and re-enable the service chain function after the cutover of all services.

6. Connection to third-party cloud management: After all services were completely connected to the new SDN network managed by AD-DC, the connection between the cloud management platform and AD-DC was completed by modifying the configuration information of the SDN plug-in on the cloud management side.

After the transformation, the whole network architecture upgrade of Tianjin Mobile IT cloud resource pool was delivered on time, and core business systems such as OA, BOSS and CRM achieved cutover with one click, and the system was smoothly switched over to the new network.

IPv6+SDN makes obvious changes

Through SDN transformation of Tianjin Mobile's IT cloud resource pool network and overlay technology based on EVPN+VXLAN, H3C realized the logical isolation of network resources among tenants and the demand for great Layer 2 network interconnection across server rooms, effectively simplifying the Layer 2 network deployment and improving the efficiency of O&M management through a visible topology. SDN realized automated deployment of network devices, automated issuance of L4-L7 policies for security devices, and dynamic and flexible egress configuration policies, which have greatly shortened the launch period of network services.

For Tianjin Mobile, the upgraded IT cloud resources pool network has three obvious advantages:

1. Overlay IPv6 automation. The automated deployment of IPv6 and connection to the cloud platform through the AD-DC solution realize rapid service launch and agile and intelligent startup and maintenance.

2. IPv6-based service chains are implemented to guarantee secure inter-access policies for IPv6 services. The leaf devices support micro-segmentation throughout the network, which enables east-west traffic diversion of IPv6 traffic and ensures secure data transmission.

3. Network devices are deployed automatically, improving O&M and management efficiency. The AD-DC solution supports configuration-free underlay launch and connection to third-party cloud platforms to meet the future demand of rapid service development and quick launch of services.

With its advanced technology innovation concept and excellent user experience, H3C's IPv6-based Application-Driven Network Empowering Tianjin Mobile IT Resource Pool Case was awarded the "Excellent Case Award for IPv6 Scale Deployment and Application" in the "Call for Excellent Cases of 2021 Internet Protocol Version 6 (IPv6) Scale Deployment and Application" jointly organized by the Cyberspace Administration of China and the Ministry of Industry and Information Technology, setting a new benchmark for cloud-based IT system and network innovation in large data centers.

As digital transformation deepens in various industries, H3C will continue to explore the native power of proactive network technologies, help Tianjin Mobile iterate and upgrade its intelligent and minimalist network, vitalize Tianjin's smart network, and empower the development of the digital economy for the whole society.