Points of pain Campus vs backbone
Bill St. Arnaud [email protected]
Backbone operator perspective
> NB: CANARIE operates a very small IP backbone – Our major focus is operating a “substrate” network to support a number of
virtual lighpath networks – APNs
> Many of our departments and users on campuses have multiple independent connections to CA*net 4 and other networks– Medical-health-HIPAA– Physics– Astronomy– Various Grids – backplane and frontplane connection– Distributed campus networks
> We are seeing many APNs dedicated to specific community of interests which extend from user desktop to desktop right across the country
Canada HEPnet APN
UoToronto PhysicsTier 2
UoVictoria PhysicsTier 2
TRIUMFTier 1
CERNTier 0
Amsterdam
New York
Chicago
Toronto
Vancouver
Victoria
FERMITier 1
BrookhavenTier 1
UBC Physics
UA Physics
UoT Physics
Carleton Physics
UdM Physics
CA*net 4
Edmonton
Ottawa
Geneav
10G Lightpath WS
TRIUMFAPN
UoTAPN
UoVAPN
1G Interface WS
5G Interface WS
External links or APNs
Note: Typical View on TRIUMF UCLP GUI
Montreal
RAL LHC Tier 1 Centre
Geant / SuperJanet4 / TVN Access (2*1Gbits/s)
NetscreenFirewall
8Gb/s
UKLIGHT(2*1Gbits/s) “Lightpath” to
CERN via NetherLight
Router A
Router C
Router B
UKLight AccessRouter
RAL Site
Site AccessRouter
R-PoP Sites
Source: Robin TaskerNetworks and CommunicationsCCLRC
Parallel Campus Production & Research Networks- Rutherford
Production & Research Networks at UCL
Source: Andrew Kerl UCL
Points of pain- RONs and NOCs
> Many of our users have direct optical connection to the backbone with NICs using long range GBICs
> RONs and campuses want to “manage” the link and insert devices in the middle of the all optical link which makes it less reliable and poorer throughput
> First point of contact is not local IT dept> Certificate authority and authorizing server is often off
campus for many campus research groups– HIPAA– Grids – APNs
> Federations good idea – but really hard to implement
Virtual CIO and virtual NOC
> Increasingly networks and security issues are neither geographical or local domain– i.e. Jacob Forum
> Outside organizations are setting standards within “your” network– In fact it may be no longer “yours”
> CERN NOC is setting standards on OS, IdM, routing, network connectivity at campuses
> Look at Skype security standards– Skype sits above the “network”
> The “old network” is becoming increasing irrelevant > The pervasive Internet is coming because of SOA & Mashups
– Google, Skype , Cisco IPICS, SOA etc