Outbound Routes of USTC Network

USTC mainly has four outbound routes: Education Network (CERNET), Telecom, Mobile, and Unicom.

These four exits each have their own characteristics, let’s go through them one by one:

Education Network

• The full name of the Education Network is “China Education and Research Computer Network” (CERNET), which connects universities and research institutions nationwide. The main node is in Beijing (the headquarters is in Tsinghua Science Park, next to Google), and USTC is the core node in Anhui Province.
• IPv4 bandwidth 2G
• IPv6 bandwidth 2G, relatively loose (Liuwei is IPv6, very fast)
• The north-south interconnection within the Education Network is quite congested during the day, and the network is more smooth at night. The north-south interconnection problem of other operators may be more serious.
• Access to other domestic operators and foreign countries is very slow
• The routing path on the network is not necessarily the shortest geographically, for example, the traffic from USTC to Beijing may have to go through Shanghai.
• Access to IPs outside the “free addresses” defined by CERNET is charged by traffic. Although it does not charge us directly, try to save money for the school :)
• Everyone is advised to use IPv6 when accessing resources within the Education Network

Telecom

• China Telecom bandwidth 700M, quite congested
• IPv4 only

Unicom

• Bandwidth 500M, quite congested
• IPv4 only

Mobile

• China Mobile bandwidth 500M, relatively idle, because the network does not go through the mobile exit
• The access speed to foreign countries is much better than that of the Education Network, so it is set as the default exit for mirrors synchronization
• IPv4 only
  Note: When describing network bandwidth, the unit is generally bit per second, and the general system is decimal. The unit of file size is byte, which is generally binary, so the download speed of 2M broadband at home is reflected in “file size”, which is (210001000)/8/1024 = 244KB/s. In fact, due to packet headers and other losses in the network, the transmission speed will only be slower than this. So don’t complain about download speeds of only 200K+ in the future :)

The servers of LUG are mainly distributed in the following network segments:

• 202.141.160.0/25, Telecom IP. Virtual machines applied for by jameszhang are all here, including blog, gitlab, dns, ldap. Mirrors also have an IP in this subnet.
• 202.141.162.0/25, Telecom IP. The lug homepage is in this subnet.
• 202.141.176.0/25, Mobile IP. Only mirrors have an IP in this subnet.
• 202.38.95.0/25, Education Network IP. The PXE server is in this subnet. Virtual machines applied for by the Information Department of the Network Center are all here. If any student applies for a server from the Information Department of the Network Center, please note that “domestic permission” does not mean that it can be accessed domestically, but “it can be accessed by the domestic Education Network”, that is, most other operators cannot access it.
• 202.38.70.0/24, 114.214.197.0/24, Education Network campus IP, need to go through “network pass”. The central router is in the Modern Education Technology Center of the Second Teaching Building. The servers in the Shao Yuan computer room (including the freeshell running nodes) are all in these two subnets.
  In addition to the Network Center computer room, public Internet access places (including the Shao Yuan computer room) need to use the “network pass” for outbound access, and inbound access is prohibited by the firewall. Therefore, even if the network pass is turned on, the machine in the dormitory cannot be used as a server for external services. If you need external services (such as websites hosted in Shao Yuan), you need to open the “homepage proxy” service at the User Service Department of the Network Center. The domain name is resolved to a homepage proxy server of the Network Center, and then nginx proxy_pass comes in. The homepage proxy only supports HTTP. The homepage proxy server is multi-line access, and the delay is not high from all operators.

The network pass can choose the Education Network, Telecom, and Unicom three exits. As we all know, the interconnection between Chinese Internet operators is very poor. But all the network pass exits, are to Telecom to go Telecom, to Unicom to go Unicom, only affecting the default routing route. [1] The upstream DNS of the school is the Education Network DNS, no matter whether the resolved IP is the Education Network, Telecom or Unicom, it will take the best route from the network pass. The problem is: [1]

• Some websites have Education Network nodes, and return the IP of the Education Network nodes to the Education Network DNS, but these Education Network nodes are often unstable and cannot be connected.
• Most websites do not have Education Network nodes, and will return a default IP to the Education Network’s DNS. According to observations, it seems that many websites default to using Unicom’s nodes, which leads to the school’s Unicom outbound traffic being greater than Telecom.
  The servers of LUG, except for those in the Shao Yuan computer room, do not need a “network pass”. Except for the three-line access of mirrors, the outbound route is fixed. Therefore, accessing domestic websites from the server is not necessarily faster than your own computer.

Useful links:

• USTC IP address range: http://lib.ustc.edu.cn/ustcip.html (Updated in July 2013)

• USTC network traffic monitoring: http://202.38.64.1/

• Wireless network online user statistics: http://linux.ustc.edu.cn/ap/

• DNS query statistics: http://202.38.64.56/dns/

• CERNET free addresses: http://www.nic.edu.cn/
  Useful tools:

• Query IP geographic location: http://ip138.com/

• Test server connectivity with various operators: http://ping.chinaz.com/

• View your own IP: curl ifconfig.me

• Query IP’s affiliated operator: whois <ip address or domain name>
  References:

1. http://archive.lug.ustc.edu.cn/2013-June/011615.html