Source: Own Illustration
On June 10, 2025, we successfully converted RWTH’s network connection to the German science network (X-WiN) to a new generation of routers. You can also read more information in the blog post. These important components of the network infrastructure were replaced with more powerful and energy-efficient devices. In this article, we take a look behind the scenes of the technical changeover: Why was it necessary? What was replaced? How did the complex conversion actually work?
Why Was the Changeover Necessary?
The previous two large routers that connect the RWTH network to the internet were based on the Nexus 7700 series, purchased in 2016. This meant that the hardware was not only technologically outdated – the manufacturer also no longer offers spare parts or maintenance. In addition, the systems were no longer adequate in terms of performance and future-proofing:
- No scaling option for higher transmission rates
- High utilization due to increased routing tables
- “End of life”: no more support from the manufacturer
A replacement was also unavoidable in view of the constantly increasing network requirements, particularly due to digital teaching, research and cloud-based services.
The New Hardware: Catalyst 9600
After careful selection, the decision was made in favor of the Cisco Catalyst 9600 product as the new generation of routers. This offers a whole range of advantages:
- Significantly lower energy consumption with higher performance
- Ports with higher transfer rates: previously: 40 Gbit/s as standard and individual ports with 100 Gbit/s; now: 100 Gbit/s as standard, with the option of 400 Gbit/s
- Almost doubled number of ports for future connections
- Faster routing response in the event of network faults due to higher CPU performance
Preparation: Parallel Commissioning and Configuration Work
The changeover was not completed by simply replacing the two existing devices. Rather, both system environments – old and new routers – ran in parallel for a while. The new routers were integrated into the network via iBGP (routing protocol) so that initial tests could be carried out without disrupting ongoing operations.
Challenges:
- Different operating systems (old: NX-OS, new: IOS-XE)
- Completely new cabling (power, copper and fiber optic patching)
- Extensive testing and validation effort for routing, switching and firewall rules (ACLs)
- Manual and automated tests, especially for routing stability and redundancy
Changing the operating system was challenging, not least because the configuration logic is not identical – the old configuration could not simply be adopted. Instead, it had to be recreated piece by piece, including appropriate tests to ensure that the new device behaves correctly in its network environment and performs its tasks as intended. As a result, the old configuration, which consisted of 3,118 configuration lines, became a new configuration with 5,431 lines.
Source: Own Illustration
How Many Data Paths Does a Router Know? – A Look at the Routing
As part of the changeover, we also tested how many so-called routes the new devices can process. But what are routes anyway?
Put simply, routes describe the next destination for data packets on the Internet. When data is transported on the internet – be it for a website, an email or a video conference – a decision has to be made at various points along the way based on the IP address of the destination as to which of several possible paths should be chosen so that the data reaches its destination. The systems that make this decision are known as routers, and the list of destinations that a router knows and for which it can make precise decisions is its routing table.
The number of routes therefore indicates how many different destination networks and paths a router knows and can manage simultaneously – a key capability for stable, fast Internet connections.
Our routers manage an impressive amount of routing information:
- Around 980,000 IPv4 routes from Frankfurt
- Another 22,000 IPv4 routes from Hanover
- Around 215,000 IPv6 routes from Frankfurt and Hanover
The routes come from DFN-Verein (German Research Network), through which RWTH is connected to the Internet and other scientific networks. The main reason why certain areas of the Internet can be reached from our university via Frankfurt and others via Hanover is that shorter routes and therefore better performance can be achieved. However, in the event of an error – and this is made possible by automatic mechanisms – the unaffected connection takes over all data traffic. This requires the routes to be recalculated, which is much faster with more powerful routers (faster convergence). Our update to a new generation of routers therefore also results in better behavior in the event of a fault.
Redundancy & Location Concept
To increase reliability, the two routers are also located at different sites in Aachen. This geo-redundancy also results in a separate power supply, independent cabling and separate fiber optic routes. Operation is designed in such a way that if one location fails, the system automatically switches to the other.
The site concept goes hand in hand with the so-called active/active operation of the two routers, i.e., as already mentioned above with regard to the routes, both systems and therefore both uplinks to Frankfurt and Hanover are used during regular operation. Both in the event of site failures on the RWTH side and in the event of a connection failure on the DFN side (e.g. the connection to Frankfurt), the other line takes over the traffic – almost unnoticed by the users.
Implementation of the Changeover
Despite the high level of complexity and difficult access due to the simultaneous construction of the Kimiko Festival, the conversion was completed within the planned maintenance window. In the background, the conversion team was in constant communication via a Webex channel. The Webex meeting remained available throughout the entire conversion period due to the redundancy. Individual steps at a glance:
| Time | Action |
|---|---|
| 8:30pm | Team-Briefing |
| 9pm | Start of maintenance window (load >20 Gbps) |
| 9:01pm | Shutdown uplink Frankfurt |
| 9:02pm | Rewiring at the first location |
| 9:07pm | Connectivity restored via new router |
| 9:08pm | Configuration & tests |
| 9:36pm | Rewiring at the second location |
| 9:57pm | BGP IPv4/IPv6 redundant active via new routers |
| 10pm | Maintenance window officially ended |
| 11:15pm | Rework completed |
The maximum downtime for IPv4/IPv6 was around 8 and 20 minutes respectively – a strong figure for such a far-reaching change.
Follow-up & Outlook
After the changeover, the old systems were dismantled, the cabling optimized and the configuration further streamlined.
At the same time, the new infrastructure created the basis for the next major measure: increasing the performance of the DFN connection from 2×100 Gbps to 4×100 Gbps – an essential step to prevent overloads and be prepared for future requirements.
Conclusion: Technical Milestone with a Signal Effect
The successful migration to the two Catalyst 9600s marks a significant milestone for RWTH Aachen University’s network infrastructure. With high-performance technology, sophisticated planning and dedicated teamwork, a future-proof network foundation has been created – with significantly better performance and energy efficiency.
Special thanks go to everyone involved – especially the colleagues in the Networks division.
Responsible for the content of this article are Christoph Viethen and Robin Westarp.
Leave a Reply