How To Choose A List Of Trusted Providers That Provide Us Cn2 Large Bandwidth And High Defense Services

1.

clarify business requirements and performance indicators

- sub-step: identify and quantify traffic types (http, gaming, media streaming, api, etc.).
- sub-step: estimate peak bandwidth and number of concurrent connections (for example, peak 1gbps, 20,000 concurrent connections).
- sub-step: establish key slas: packet loss rate <1%, one-way delay, jitter and response time targets.
- sub-step: clarify protection requirements: how many gbps cleaning capabilities are required, whether automatic cleaning is required by minutes/hours, and whether application layer web attack protection (waf) is required.

2.

initial collection of supplier lists and information sources

- sub-step: collect candidate suppliers from search engines, industry forums (such as nga/low barrier hosting forum), linkedin, peeringdb, bgp looking glass, bgp.he.net, etc.
- sub-step: prioritize suppliers with cn2 claims (usually mentioning cn2/gia on product pages or network topology descriptions).
- sub-step: obtain the network topology diagram, backbone asn, city where the cleaning center is located, and public network ip segment samples disclosed by the supplier.

3.

establish an evaluation matrix and quantitatively score

- sub-step: create an excel or table to list the items: cn2 routing, bandwidth scale, cleaning capability (gbps), protection mode (cloud/local/hybrid), sla, price, technical support response time.
- sub-step: assign a weight to each item (e.g. protection capability 30%, cn2 path 20%, delay 15%, price 15%, service and contract 20%).
- sub-step: preliminary scoring based on the collected information to form a short list (usually 3-5 companies).

4.

technical verification: check cn2 routing and latency

- sub-step: obtain the test ip or bgp prefix provided by the candidate supplier.
- sub-step: actually run traceroute or mtr (linux) on different nodes in china: mtr -rwz -c 100 , windows uses tracert. observe whether the path passes through "china telecom/cn2" related nodes and the last hop delay.
- sub-step: use whois or bgp.he.net to query the asn and routing source of the ip, and confirm whether it is forwarded by china telecom cn2 related asn (also pay attention to reverse dns/vendor comments).

5.

bandwidth and throughput testing (actual measurements)

- sub-step: ask the vendor to provide an available iperf3 test endpoint. use iperf3 -c -p 10 -t 60 to test concurrent throughput; record average throughput and packet loss.
- sub-step: test multiple times in different time periods (peak/off-peak, day/night) to compare stability.
- sub-step: if you cannot run iperf directly, use large file multi-thread download or curl/wget speed test, or ask the supplier to provide historical throughput charts.

6.

high defense capability verification and drills

- sub-step: ask and require the supplier to provide historical attack reports (anonymized), including cleaning volume and recovery time in response to peak attacks.
- sub-step: require the supplier to conduct a "commitment verification" drill: on the premise that both parties agree and it is legal, simulate a small traffic attack or the supplier initiates a test in a controlled environment to observe whether the cleaning is triggered immediately and whether it affects normal business.
- sub-step: verify the cleaning method (black hole, traffic bypass, rct/cleaning center) and cleaning threshold, whether normal traffic will be accidentally killed, and whether attack traceback logs will be retained.

7.

contract terms and sla key points

- sub-step: understand the bandwidth billing methods (peak meter, 95 peak, annual port) and excessive traffic billing rules.
- sub-step: clarify in the contract: sla indicators (availability, switching time, response time), compensation terms (proportional compensation if standards are not met), emergency contact number and dedicated account manager.
- sub-steps: confirm ip ownership, bgp announcement policy (whether you are allowed to bring your own asn), route filtering and blacklist policy.

8.

operations and support assessment

- sub-step: confirm whether there is 7x24 dedicated chinese technical support, work order system response time limit and telephone/wechat emergency channel.
- sub-step: ask whether real-time traffic monitoring panel, log export, and alarm rule configuration are provided.
- sub-step: ask for the possibility of a trial period or a monthly trial, first launch the line on a small scale for 7-14 days of verification and then expand the capacity.

9.

final checklist and sample email before signing the contract

- sub-step: list example: test ip, iperf port, bgp announcement style, cleaning capability certificate, sla terms, 24h support commitment, price details, termination terms.
- sub-step: key points of the sample email: requesting test ip, historical attack samples, cleaning center location, legal compliance certificate (if necessary), trial period terms and refund policy. the sample language should be short and clear, listing specific dates and expected test items.
- sub-step: after comparing prices, rate the three shortlists one by one, and select the supplier with the highest total score and the ability to provide trials and clear slas.

10.

monitoring and optimization after acceptance and launch

- sub-step: closely monitor within 30 days of launch: daily traffic curve, packet loss rate, delay, and application logs.
- sub-step: if an abnormality is found, initiate the supplier's emergency response according to the contract process and record the processing time and results as the basis for subsequent negotiations.
- sub-step: review bandwidth and protection capabilities regularly (quarterly), and renegotiate or switch suppliers if necessary.

11.

faq: how to confirm that the supplier really provides cn2 lines?

- answer: ask the supplier to provide a test ip or bgp prefix, use traceroute/mtr to test on multiple domestic nodes, and observe whether the path passes through the china telecom / cn2 node; also use whois or bgp.he.net to query the asn and routing source, and confirm that there is a china telecom-related asn or the supplier document clearly indicates cn2.

12.

faq: how to legally and safely test its high-defense capabilities?

- answer: do not launch attack tests on the real network by yourself. suppliers should be required to conduct attack and defense drills in a controlled environment or provide historical attack cleaning records; they can also sign a test agreement and have a third party (or supplier) simulate small-scale attacks under authorized conditions to observe the triggering and cleaning effects.

13.

faq: what are the most easily overlooked but critical clauses when signing a contract?

- answer: pay attention to the cleaning threshold and black hole strategy (whether normal traffic will be accidentally killed), compensation calculation method, whether to allow bringing your own asn, ip ownership and migration terms, as well as emergency contacts and work order response time limits. these are directly related to the availability and rights protection capabilities in the event of an attack.