u r talking about an ENTERPRISE or even CORPORATE network that spans across different countries, right? there's a difference between that and the PUBLIC internet backbone. -f1amingo(flamingo) @巴尔的摩华人论坛:巴尔的摩枫下论坛 The Rolia Forum of Baltimore

工作学习 / 事业与工作 / 俺的UUNET朋友们（一） -f1amingo(flamingo); 2006-8-21 {2355} (#3156649@0)
本文发表在 rolia.net 枫下论坛routergod上登载摇滚歌星Courtney Love搞笑解答互联网广域路由协议BGP，提到90年代WorldCom NOC（网络操控中心），不禁令俺想起一段往事……

网络这行，多靠经验积累。俺刚来加拿大时，深夜拨号上网找ISP（上网服务公司）的茬出了名。于是有一天小橄榄枝伸了过来，俺不假思索，一夜之间从打骚扰电话的顾客摇身变成接骚扰电话的雇员：俺在加拿大有了第一份工作。

电话技术支持是一门艺术，也是一个挑战；而隔着电话帮大爷、主妇查家庭电脑无法上网的毛病，那真是个噩梦无底洞！但俺饶有兴趣，边干边玩。炉火纯青时，9分钟之内可搞定任何一位挑剔的男女老少顾客的电话。

俺能从低层摸爬上来，则凭了一段运气：90年代末在传奇般的UUNet Canada鼎盛期最后两年混过。那段好时光，大大缩短了俺的经验积累过程。人生，大概就是那样，充满了岔路和捷径。

说起UUNet，它代表UNIX-to-UNIX Network，是历史上首家商业Internet（互联网）服务公司，是由互联网前身ARPAnet的开发者之一Rick Adams在1987年创建的。

鼎盛时期UUNET是(MCI )WorldCom旗下的全球最大骨干网供应商，曾经改写“六大金刚”（指90年代的骨干网公司MCI、SPRINT、UUNET、ANS、PSI和AGIS）的历史，客户包括美国在线AOL（时代华纳）这样的大ISP。

UUNET自己的线路称为AlterNet，比如traceroute的时候常常会看到很多节点名字是*.alter.net。

UUNET不为一般老百姓所熟知，因为它是上游的批发商，专营互联网的主干线（backbone）；经营个人上网的ISP一般都是较下游的零售商，如AOL以及俺的第一个雇主。当年克林顿访问UUNET总部，称赞它为网络经济的快速膨胀爆炸中心，说的就是它在互联网起源发展中的头功。

俺当年混过的UUNET Canada，成立于1991年，创建人是原多伦多大学电脑系硕士生、电邮系统ZMailer和防火墙Borderware的作者Rayan Zachariassen。他自任执行副总裁。

Rayan同网络时代技术出身的大部分传奇人物一样，也十分低调。他是加拿大最早的全国性研究网络CA*net及其NOC的幕后系统设计师，世界上几个最大邮件系统的鼻祖，以及多家互联网先驱公司的创始人。

90年代，UUNET Canada直接掌控横贯加拿大东西部的唯一一条45Mbps骨干线，外加三条冗余配置的连入UUNET在美国和国际AlterNet网络的DS-3干线，分别从温哥华、芝加哥和满地可接入。

2000年之前，UUNET Canada只有20%由美国UUNET Technologies控股。所以那时是好日子，500名员工在职责范围上，享有极大的自由度和权限。。。。对俺来讲则是天赐的学习和实践良机。:-)

(待续)

[注一]：从UUNET到MCI WorldCom、WorldCom直至MCI的演变历史，可参见拙作“西奇默和UUNet、世界通讯及MCI”:
http://www.fhy.net/On-line/2004/fhy0401c.html

[注二]：加拿大第一个学术互联网CA*net和第一家服务商UUNET Canada的历史回顾可参阅:
http://www.canarie.ca/press/publications/ango.pdf更多精彩文章及讨论，请光临枫下论坛 rolia.net

2000年得到第一个工作面世就是在那里，结果木有经验，被涮。 -ningxin0809(雁影行洲); 2006-8-21 (#3156660@0)

network operations or programming? the fun part was in the former, which ended its golden time in early 2000 anyways :) -f1amingo(flamingo); 2006-8-21 (#3156683@0)

programming -ningxin0809(雁影行洲); 2006-8-21 (#3156688@0)

不错，请继续展开 -deen(王者归来); 2006-8-21 (#3156663@0)

thx...will continue in a couple of days. -f1amingo(flamingo); 2006-8-21 (#3156685@0)

好文. Rayan Zachariassen和John Alsop什么渊源？有知道的么? -oe2003(东方快车); 2006-8-21 (#3156845@0)
UUNET,多么遥远的名字啊. 疯狂快乐的2000 -ican(apple); 2006-8-21 (#3156945@0)

hehe....before 2000 :) -f1amingo(flamingo); 2006-8-22 (#3159172@0)

好像是胡司令的文章. are you HSL ? -kisswolf(土狼一号); 2006-8-21 (#3157111@0)

hehe...like my new name better? -f1amingo(flamingo); 2006-8-22 (#3159177@0)

俺的UUNET朋友们（二） -f1amingo(flamingo); 2006-8-22 {4419} (#3158987@0)
本文发表在 rolia.net 枫下论坛从第一家ISP辞职后，为了糊口，去了中城央街一家10人小公司。干了一个月，老板便要俺开路。正巧在那前一天，俺也收到UUNET的聘书，所以算是互相解放了。记得那是1998年9月底，加拿大的感恩节前夕。

UUNET加拿大公司的骨干，除了多伦多大学的人马，很多也出自有名的滑铁卢大学数学电脑专业。UUNET这家网络商中的网络商，为俺技术上的长进提供了一个广阔天地。俺后来跳到电信、咨询等行业，回过头看，常常为自己这段UUNET经历感到庆幸：在最好的互联网公司的鼎盛时期同最有才华的顶尖高手一起混，让俺此生受益不尽。

UUNET NOC里的同事都是从小就在本地ISP里混出来的，在网络、UNIX方面都有自己的一两手绝活，其中一些“时髦颓废”的小年轻表面看着是蓬客，暗中其实是黑客－－多年后才知道某某某原来是LV“黑帽”年会上的知名人士。这些抢注了www.net和mail.net等域名的多伦多青年，上班都是耳环唇环鼻环和纹身刺青，还有令人眼花缭乱的发式染色。

虽然平时看起来愤世嫉俗，全无正经，但他们在NOC工作起来都非常牛B，动嘴动手动脑，反应总比客户快几拍。电话中对方一般都是单位的主要网管，技术过硬，能让他们这些人常年服气，乃是UUNET常盛不衰的原因。同样，有些客户老喜欢来问一些范围外的疑难问题，譬如如何配置Sendmail，俺们当然一概谢绝回答。超过半小时的咨询是要收费的。

NOC最让人留恋的地方是：无论何时，同事们都毫无保留地互相支持帮助，有的是猩猩惜猩猩的义气，绝无半点同行相轻之气。俺是那里唯一的外国移民，但大伙看上的是俺毫不逊色的NOC工作能力，他们绝不打听俺的背景。跟美国人不同，俺的多伦多朋友们从不惊诧于俺的那点英语口音，就像他们不会取笑魁北克或纽芬兰人的英语口音一样。俺想，这正是住在多元化国家的国际化都市的优点。:)

UUNET Canada当时最大的吸引力之一，就是NOC工作人员拥有所有AlterNet骨干路由器的终极权限密码，包括加拿大和美国本土的。想去UUNET工作的人，多半都已经整明白了用户电脑和服务器各自如何工作的，还想进一步知道它们之间是怎么路由通讯的。这种权力，使俺们如虎添翼，有种高空超人的感觉。不但能监控全北美大陆任何节点的数据交通情况，甚至还能把手伸到纽约、芝加哥、旧金山、圣荷西等地，远程排除路由故障。

大伙一般都喜欢下午班，一半时间可以跟踪处理公司客户的业务，另一半时间则可以按自己的喜好做些事。夜班都是solo，独自一人守护着横贯加拿大的互联网干线，成百个路由交换设备，还有影响上百万用户的关键域名服务器，心里确实有某种神圣感。但是，自由和权力总有代价。彻底screw-up的时候也是很可怕的。

有一天，俺自信心急剧膨胀，想独自解决满地可和多伦多之间的BGP稳定性问题，结果是搞错AS号，当了一回asshole；引起的BGP路由震荡，把整个安省西南部从互联网上抹去宕掉了5分钟。幸好当时是晚饭时分，不过前后台电话还是跟开锅似的。俺当时连汗都下来了，心想就这么卷铺盖走人啦？

在UUNET不仅要全面接触各种广域网协议和操控，互联网服务（mail, Web, DNS, NNTP）的具体步骤，还有许多别处不太学到的实用技巧和诀窍，如blind DNS, passive FTP, SSH tunnel forwarding, black holing (null routing)等。

千禧年之前，与维吉尼亚州Fairfax的总部之间的通电越来越多，对方的水平和处理方式让同事们觉得是在同一个询问台（helpdesk）打交道。一种不祥之兆在大伙心里渐渐升起：哪天俺们的good old NOC也会沦落到“傀儡”的地步呢？……果然，千禧年一过，Bernie领导下的“世界通讯”决定买下UUNET Canada的全部股份。于是UUNET Canada充满自由和权限的黄金时代从此一去不返。

自从光纤、宽带服务涌现之后，CogentCo（并购了PSInet）, GlobalCrossing, Level3, AboveNet等新的北美Tier-1公司来势凶猛，以租赁电信线路为主（美国本土除外－－MCI本身就是大电信公司）的UUNET的角色和作用越来越往后台靠了，尤其经过“世界通讯”的丑闻冲击之后更是如此。但它独特的历史作用、遍布全球（除中国大陆比较弱外）的骨干网络、其雄厚的互联网IP技术底蕴，仍是任何一家公司无法取代的。

母公司一旦100%控股，事情就开始程序化，以后再难自己说了算。于是，俺也向其他牛人同事学习，拿了一笔股票金，离开了公司。当时还是网络IT发烧的年代，心情来不及惆怅，便去了下一个东家。公司骨干先后走掉很多，但好朋友都记得对方，和在NOC一起工作玩乐的好时光。日后在职场上也互有关照。

若干年后，在UUNET一位旧同事的大力推荐下，俺进了衙门工作。当年，那哥们先跳槽离开UUNET，有天晚上，俺越权帮他修改BGP路由表，及时帮他拯救了公司。事后他用替俺写表扬信的方式平息俺们NOC某资深同事的不满。

刚进衙门玩入侵探测，新人一般都很放开手脚，俺也不例外。某晚，探测到一个极具侵略性的扫描行为，俺当即进行反扫描（现在想想太牛！），发现那是North Bay一家小ISP被黑掉的网站。太晚了那边没人上班，但不把它制住俺实在心不甘。他们的上游服务商是Sprint，当年UUNET的哥们正好在那里掌管网络生杀大权。俺一个电话打过去，老兄二话不说，用当年对付DoS的办法，给了个nullroute，就把那个网站给罩死了。

第二天，一种网络新病毒大规模爆发，那个ISP网站也是先期中毒者之一。从此，单位领导对俺猎犬似的能量刮目相看。:)

俺知道，这类故事，不会再有第二次。

写到这里，不禁想起宋词一段：

少年侠气，交结五都雄。肝胆洞，毛发耸。。。。

（完）更多精彩文章及讨论，请光临枫下论坛 rolia.net

这就完了？不会吧 -oe2003(东方快车); 2006-8-22 (#3159190@0)

sorry - that's it bud :) -f1amingo(flamingo); 2006-8-22 (#3159205@0)

呵呵,精彩. 主动给nullroute把人家网站整死好像不合法吧. -aloha2u(工夫茶); 2006-8-22 (#3159198@0)

that's legal...if the box is hacked with virus running, etc. -f1amingo(flamingo); 2006-8-22 (#3159208@0)

牛！直接就加NULL上去，就活活把人家踢出网络，虽然有原因，但如果上级的SP都这么玩，估计用户要上法院去打官司了。 -westvv(Bestway); 2006-8-29 (#3173489@0)

呵呵，我不是说了，“这类故事，不会再有第二次。”：） -f1amingo(flamingo); 2006-8-29 {336} (#3173979@0)
不过，即使在规范化不强的当年，我们还是有理有节的：

１）我们只是nullroute单独一个IP地址，而非整个子网；
２）我们有受害记录的证据，说明那个机器已受感染并正在到处污染，或者正浪费服务商的网络频宽；
３）我们给机器的主人打电话留言，发email（所有能找到的号码邮址），做到仁至义尽。

那时一般用户意识到后，都会感谢其服务商及时采取措施的。

司令别来无恙。 really enjoy your article. so you frequent rolia now? -gobbledegook(风雨兼程); 2006-8-29 (#3173413@0)

风雨兼程好！你喜欢，我就高兴。在下一直都在这儿晃悠的啊：） -f1amingo(flamingo); 2006-8-29 (#3173902@0)

这经验确实难得，居然有AS701的全部密码，现在MCI已到VERIZON门下了。 -westvv(Bestway); 2006-8-29 (#3173482@0)

是！不光是有AS701的最高密码，还有米加其它几个AS（忘记号码了）的最高密码呢。对，我见到uu.net自动跳到verizonbusiness.com了。你在那里工作吗？ -f1amingo(flamingo); 2006-8-30 (#3173933@0)

你这名字不错, :-)... -kaia(勤杂工); 2006-8-29 (#3175451@0)

actually someone already took the correct name. i have to use a "1" (one) in mine. ;) -f1amingo(flamingo); 2006-8-30 (#3176148@0)

改改作密码不错. :-).. -kaia(勤杂工); 2006-8-30 (#3177851@0)

still kinda weak though ;) -f1amingo(flamingo); 2006-8-31 (#3180076@0)

看来你们UUNet当时确实停松的. 我们这里做任何网络维护,哪怕是只有潜在可能影响traffic,也要经过chang management control. -iambigcat(cat); 2006-8-30 (#3177835@0)

Agree on chg mgmt ctrl. however the extent of the control depends on 公司的性质和年代。whether control or efficiency, it all boils down to business mandates. -f1amingo(flamingo); 2006-8-31 (#3178969@0)

惭愧啊惭愧,我Info Security科班出身,却半途而废.人生多变如此,老兄还是及时行乐吧. -fatherof9kids(分身乏术); 2006-8-30 (#3178060@0)

Info Security科班 is only 5 years max, so u didn't waste much (at least not as much as i did - i am not 科班出身;)). thx for ur advice :-) -f1amingo(flamingo); 2006-8-31 (#3178977@0)

Good experience.珍惜吧。我在国内时，在一US大公司做网络，是负责整个亚太地区(包括澳大力亚)１０+国家和地区的网络 with over 200 routers. -ccz(高山流水); 2006-8-30 {180} (#3178291@0)
主要是主干网 support and new project implementation. 各国家／site network team supports their campus network unless they need our support . That was really my valuable experience .

u r talking about an ENTERPRISE or even CORPORATE network that spans across different countries, right? there's a difference between that and the PUBLIC internet backbone. -f1amingo(flamingo); 2006-8-31 {1015} (#3179036@0)
your multi-national network is under a single control (your company); while the internet backbone has no single control (hence BGP comes in, etc). your network is more or less like a telco's ENTERPRISE network such as AT&T's (Allstream), Bell's, MCI's and Sprint's.

Note: the above Telcos have their own PUBLIC internet networks too, but those are NOT their enterprise networks -- Hint: the typical example of an Enterprise network is the ATM networks for banking machines.

so when you talk about 主干网, you have to distinguish between different kinds of networks.

for most small-to-medium ISPs, NOC is the ultimate level of support. for a big ISP such as UUNET, NOC was both level-1 and level-2 (we didn't need a redundant layer of helpdesk), and Engineering and Architecture was the level-3 support (I was a fresh hand and didn't qualify for that group ;)).

Implementation is never in the loop of support/operation for any organizations.

indeed that was a very valuable experience to you.

I agree that enterprise networks are different from ISPs. Large enterprise backbones focus on WAN architecture, routing design and implementation. The routing protocol was EIGRP in the environment I mentioned above, -ccz(高山流水); 2006-8-31 {177} (#3179197@0)
and now we are using OSPF in my current company. ISPs, on the other hand, use BGP in most cases, and provide more other services, like mail, DNS, etc. Good luck, you are good.

I worked with Allstream (then AT&T Canada) right after UUNet, only for 6 months. Yes Enterprise networks mostly run OSPF and sometimes even the older EIGRP. -f1amingo(flamingo); 2006-8-31 {503} (#3179572@0)
At the time I had to deal with a complicated merged network of mixed EIGRP and OSPF. It was horrible. I could see telco techies were not as good at all in routing stuff. ;) Once I had to help a "senior" guy MANUALLY configure a static route to make an EIGRP-routed subnet work in an OSPF environment.

I got tired of helping all the senior AT&T folks all the time, that's why I moved on to a consulting firm after 6 months. ;D

Good to know you, dude. Good luck to you too and, keep in touch.

telecommunication is different from network engineering -coolj(酷不起来); 2006-8-31 (#3179636@0)

hehe, am I not talking about data networking within telcos? ;) -f1amingo(flamingo); 2006-8-31 (#3179742@0)

weren't you? what were you refering to then? -coolj(酷不起来); 2006-8-31 (#3180086@0)

请允许俺译成中文吧：“呵呵，难道俺不是在谈电信公司的数据网通讯吗？；）” -f1amingo(flamingo); 2006-9-1 (#3181355@0)

我怎么知道你在说什么，东一句，西一句，我看着发晕 -coolj(酷不起来); 2006-9-1 (#3182820@0)

sorry man. have a nice weekend. -f1amingo(flamingo); 2006-9-1 (#3182826@0)

you too. enjoy your weekend. -coolj(酷不起来); 2006-9-1 (#3182840@0)

it's better to redistribute and tag the eigrp route into ospf rather than statically point to the eigrp network -coolj(酷不起来); 2006-8-31 (#3180111@0)

EIGRP ? who still use it ? Who had used it might be fooled by cisco's trick. -iambigcat(cat); 2006-8-31 (#3180212@0)

okay, other than it's cisco's proprietary. tell me what are the disadvantages. suppose you are a ospf fan, then tell me why you are preferring ospf than eigrp? -coolj(酷不起来); 2006-8-31 (#3180234@0)

I won't waste my time touch eigrp. if ospf, is-is, eigrp all can do same thing, why would you pick up a proprietary protocol ? This is a basic logic flaw. -iambigcat(cat); 2006-8-31 {144} (#3181024@0)
You network won't expending any more ? Don't want implement new features such as mpls ? I guess cisco itself might have stopped develop eigrp

yup. eigrp is phased out. -f1amingo(flamingo); 2006-9-1 (#3181361@0)

eigrp is phased out? are you sure? -coolj(酷不起来); 2006-9-1 (#3182634@0)

that's my view, trust it or not ;) -f1amingo(flamingo); 2006-9-1 (#3182790@0)

no -coolj(酷不起来); 2006-9-1 (#3182821@0)

good! -f1amingo(flamingo); 2006-9-1 (#3182828@0)

you won't waste your time to touch eigrp? I'm not sure what kind of network you are running here but as long as Cisco being the dominant market player, most of networks will be running eigrp. -coolj(酷不起来); 2006-9-1 {1699} (#3182626@0)
本文发表在 rolia.net 枫下论坛picking a proprietary protocol or not depends on what kind of boxes are running on your network, most of enterprise network nowadays consists 80% of cisco equipment . then why not running eigrp on these networks?

running eigrp can't expend network anymore? are you trying to be funny or just pure ignorance? if you trying to say MPLS requires link state protocol for path calculation, then let me ask you how many enterprise networks are running MPLS on their Core network? on backbone, yes. but very rarely on the core. althrough if it's running on the backbone, in most case it's handled by ISP, you can't really do much on your CE router.

"I guess cisco itself might have stopped develop eigrp". not sure what kind of crack you were smoking when you said that. as cisco's dominance of the market for enterprise networks, in what mind would cisco stop developing eigrp? perhaps you should take look at the new features have been added into eigrp. let me just name a few here, so you won't be as arrogant and ignorant. have you heard of neighbor startup enhancements? bidirectional forwarding detection? graceful shutdown? non-stop forwarding? in my opinion, non-stop forwarding is a great implementation for any network that consists cisco equipment.

i'm not saying eigrp is the greatest protocol in the world, but it has it's advantages. for instance, when comparing convergence speed between eigrp and link state protocols, eigrp is way on the top of the game if every path had the feasible successors. even for ospf and isis with tuned timers, their convergence speed are still slower.

okay, that's it for now, if you want more, i can bring it on as long as you like it.更多精彩文章及讨论，请光临枫下论坛 rolia.net

这种标准解决方法俺们都试过的，不管用（细节记不得了）。当时只是针对一个route需要马上修理，情急之下才用静态路由暂时救急。俺的要点是：ＡＴ§Ｔ的老同志们对简单的静态路由都整不明白，还想啥子更高级的，跟扯蛋似的。:) -f1amingo(flamingo); 2006-9-1 (#3181358@0)

急了当然什么都来啦，谁都一样。 -coolj(酷不起来); 2006-9-1 (#3182832@0)

u got it ;) good to see you and a few other networking folks here!!! -- that's excellent, making me feel 后继有银哪！哈哈 -f1amingo(flamingo); 2006-9-1 (#3183575@0)

"MANUALLY configure a static route"?难道还有automatically/dynamically 的 static？：） -rodgerxu(rodgerxu); 2006-9-1 {47} (#3181566@0)
just kidding. very valuable experience indeed.

manually means typing the command, versus using a GUI tool. (dynamic is only opposite to static though :)). -f1amingo(flamingo); 2006-9-1 (#3182793@0)

@Baltimore

u r talking about an ENTERPRISE or even CORPORATE network that spans across different countries, right? there's a difference between that and the PUBLIC internet backbone.

Replies, comments and Discussions:

More Topics