network-backbone-architect
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseNetwork Backbone Architect
网络骨干架构师
When NOT to Use
不适用于以下场景
- REST/GraphQL, ESB, or enterprise application integration design →
enterprise-integration-api-developer - Cloud Well-Architected, landing zone, and managed VPC/service selection → ,
cloud-architectenterprise-cloud-architect - Day-two cloud resource configuration (subnets, LB, managed VPN to cloud) →
cloud-engineer - Cloud security guardrails, CSPM, and cloud IAM as primary deliverable →
cloud-security-engineer - Host firewall, endpoint, and corporate security control catalog →
information-security-engineer - OS patching, VM admin, and cloud instance operations →
cloud-system-administrator - Terraform modules, CI/CD, and K8s platform delivery without backbone routing design →
infrastructure-engineer - SLO programs, on-call, and incident response as the main task →
site-reliability-engineer - Cross-domain system ADRs unrelated to routing →
senior-system-architecture - Application throughput, caching, and horizontal scale without L3 design →
high-concurrency-scalability - Event bus and messaging topology only →
event-driven-architecture - OT/ICS segmentation, Purdue model, and plant protocols →
scada-ics-cyber-security-specialist
- REST/GraphQL、ESB或企业应用集成设计 →
enterprise-integration-api-developer - 云架构良好实践、着陆区及托管VPC/服务选型 → 、
cloud-architectenterprise-cloud-architect - 云资源后期配置(子网、负载均衡器、至云的托管VPN) →
cloud-engineer - 以云安全防护、CSPM及云IAM为主要交付内容 →
cloud-security-engineer - 主机防火墙、终端及企业安全控制目录 →
information-security-engineer - 操作系统补丁、虚拟机管理及云实例运维 →
cloud-system-administrator - 无骨干路由设计的Terraform模块、CI/CD及K8s平台交付 →
infrastructure-engineer - 以SLO项目、随叫随到支持及事件响应为主要任务 →
site-reliability-engineer - 与路由无关的跨领域系统ADR →
senior-system-architecture - 无L3设计的应用吞吐量、缓存及水平扩展 →
high-concurrency-scalability - 仅涉及事件总线及消息拓扑 →
event-driven-architecture - OT/ICS分段、普渡模型及工厂协议 →
scada-ics-cyber-security-specialist
Related skills
相关技能
| Need | Skill |
|---|---|
| Cloud reference architecture and hybrid connectivity hooks | |
| Enterprise cloud governance and multi-BU landing zones | |
| Implement cloud networking and managed connectivity | |
| Cloud network security controls and posture | |
| IaC, physical DC build, and platform delivery | |
| Reliability engineering, SLOs, and production incidents | |
| Enterprise system architecture across domains | |
| Application-scale concurrency and load distribution | |
| Async messaging and event-driven integration | |
| 需求 | 技能 |
|---|---|
| 云参考架构及混合连接挂钩 | |
| 企业云治理及多业务单元着陆区 | |
| 实施云网络及托管连接 | |
| 云网络安全控制及态势 | |
| 基础设施即代码(IaC)、物理数据中心构建及平台交付 | |
| 可靠性工程、SLO及生产事件 | |
| 跨领域企业系统架构 | |
| 应用级并发及负载分发 | |
| 异步消息及事件驱动集成 | |
Core Workflows
核心工作流程
1. Scope, constraints, and design principles
1. 范围、约束及设计原则
Clarify scale (sites, regions, carriers), traffic matrix, RTO/RPO for paths, and regulatory or sovereignty constraints.
See .
references/network_backbone_architect_scope.md明确规模(站点、区域、运营商)、流量矩阵、路径的RTO/RPO以及监管或主权约束。
详见 。
references/network_backbone_architect_scope.md2. Topology, hierarchy, and addressing
2. 拓扑、层级及地址规划
Define core/distribution/edge roles, summarization boundaries, and IP/VLAN/VRF plan.
See .
references/topology_hierarchy_and_addressing.md定义核心/分发/边缘角色、汇总边界以及IP/VLAN/VRF规划。
详见 。
references/topology_hierarchy_and_addressing.md3. Routing protocols and policy
3. 路由协议及策略
Select IGP (OSPF, IS-IS) and BGP design—peering, communities, path selection, and filtering.
See .
references/routing_igp_bgp_and_policy.md选择IGP(OSPF、IS-IS)及BGP设计——对等互联、社群、路径选择及过滤。
详见 。
references/routing_igp_bgp_and_policy.md4. WAN, MPLS, and SD-WAN
4. WAN、MPLS及SD-WAN
Architect carrier services, underlay/overlay, hub-spoke vs full mesh, and SLA alignment.
See .
references/wan_mpls_sdwan_and_carriers.md设计运营商服务、底层/覆盖网络、中心辐射式 vs 全网状架构,并对齐SLA。
详见 。
references/wan_mpls_sdwan_and_carriers.md5. DCI, peering, and internet edge
5. DCI、对等互联及互联网边缘
Design data center interconnect, IX/transit/peering, and anycast or multi-homing at the edge.
See .
references/dci_peering_and_internet_edge.md设计数据中心互联、IX/传输/对等互联,以及边缘的任播或多宿主架构。
详见 。
references/dci_peering_and_internet_edge.md6. Resilience, QoS, capacity, and operations
6. 弹性、QoS、容量及运维
Plan redundancy, BFD/FRR, backbone QoS, link sizing, change windows, and observability.
See .
references/resilience_qos_capacity_operations.md规划冗余、BFD/FRR、骨干网QoS、链路 sizing、变更窗口及可观测性。
详见 。
references/resilience_qos_capacity_operations.mdOutputs
输出成果
- Backbone context — sites, traffic matrix, critical flows, and failure domains
- Logical topology — hierarchy, VRFs, summarization points, and DCI attachment
- Routing design — IGP areas/levels, BGP AS plan, policies, and community/tag semantics
- WAN/SD-WAN architecture — underlay, overlay, hub roles, and carrier map
- Internet edge brief — peering vs transit, IX placement, prefix origination, and filtering
- Resilience and QoS matrix — ECMP, BFD, FRR, DSCP classes, and maintenance domains
- Capacity model — link sizing assumptions, growth headroom, and trigger thresholds
- Observability plan — flow telemetry, SNMP/telemetry targets, and backbone dashboards
- 骨干网上下文 —— 站点、流量矩阵、关键流及故障域
- 逻辑拓扑 —— 层级、VRF、汇总点及DCI连接
- 路由设计 —— IGP区域/层级、BGP自治系统规划、策略及社群/标签语义
- WAN/SD-WAN架构 —— 底层网络、覆盖网络、中心角色及运营商映射
- 互联网边缘概要 —— 对等互联 vs 传输、IX部署、前缀发起及过滤
- 弹性与QoS矩阵 —— ECMP、BFD、FRR、DSCP类别及维护域
- 容量模型 —— 链路 sizing 假设、增长预留空间及触发阈值
- 可观测性计划 —— 流遥测、SNMP/遥测目标及骨干网仪表板
Principles
设计原则
- Hierarchy before complexity — aggregate at core; keep edge policies simple
- Explicit failure domains — maintenance windows and blast radius per region or plane
- Policy at the edge — filter and tag at borders; keep core transit predictable
- Measure before oversizing — size links from busy-hour matrices and growth, not peak anecdotes
- Prefer L3 DCI — stretch L2 only with documented operational cost and risk
- Document one-way doors — ASN allocation, summarization boundaries, and peering contracts
- 先层级后复杂度 —— 在核心层进行聚合;保持边缘策略简洁
- 明确故障域 —— 按区域或平面划分维护窗口及影响范围
- 策略在边缘 —— 在边界进行过滤及标记;保持核心传输可预测
- 先测量再扩容 —— 根据忙时流量矩阵及增长需求确定链路大小,而非峰值传闻
- 优先选择L3 DCI —— 仅在记录运营成本及风险的情况下扩展L2
- 记录单向决策 —— ASN分配、汇总边界及对等互联合同