440 likes | 584 Views
WASHINGTON DC NETWORK TECHNOLOGY OVERVIEW. NET@EDU FEBRUARY 2006 CHRIS PEABODY DEPUTY CTO: NETWORK AND COMMUNICATION SERVICES Government of the District of Columbia chris.peabody@dc.gov. Washington DC. Unique City / County / State Governance (all in one) Executive Office of the Mayor
E N D
WASHINGTON DCNETWORK TECHNOLOGYOVERVIEW NET@EDU FEBRUARY 2006 CHRIS PEABODY DEPUTY CTO: NETWORK AND COMMUNICATION SERVICES Government of the District of Columbia chris.peabody@dc.gov
Washington DC • Unique • City / County / State Governance (all in one) • Executive Office of the Mayor • 76 Agencies • Elected City Council • Independent Agencies • Public Schools • CFO • Water and Sewer Authority (WASA) • Major Federal Oversight and funding • Primary business is government • No Smokestack industry allowed • DHS is having a major impact on city • Business is currently very good
Washington DC • Approximately 500,000 Residents • Government presence in over 600 locations within the city. • Major Federal presence • Hub of a major urban metropolis • Dulles – Baltimore and beyond • Major Schools • GU / GWU / American / Catholic / Howard / Trinity
OCTOwww.octo.dc.gov • Office of the Chief Technology Officer • Formed in 1998 with 4 employees • Over 600 employees & contractors today • Centralized technology support • All agencies under the Mayor • Not Independent Agencies • Agencies managed own technology before OCTO Very similar to HEC • “Worst to First” • District Website DC.Gov named Best of the Web • The portal was named Best of the Web by the Center for Digital Government, a national research and advisory institute on information technology policies and best practices in state and local government • Major ERP initiatives complete or underway • Amazing network and public safety initiatives
OCTOwww.octo.dc.gov • Undergoing major transformation right now • Moving from entrepreneurs to production programs • Major emphasis on transforming contractors to FTE’s • Network has grown in “smokestacks” • Major Peabody task is integration of technology • Groups are in technical smokestacks • Separate networks • Technology programs are in separate smokestacks • Separate people, separate budgets, separate helpdesks • Sound familiar? • Much like HEC used to be! • Politics - real politics – plays a major role in everything
OCTO HAS BEEN VERY BUSY “In order to great things in the world of technology you need to have 2 very critical things: Great people and lots of money. OCTO has been blessed with both over the last few years.” Suzanne Peck CTO - OCTO
DC Gov’t NetworksIn-Source Vs Out-Source • Most network services were outsourced • CENTREX telephony service • MAN data circuits all from ILEC • Public Safety networks from traditional vendors • Contractors versus FTE’s • In process of complete reversal • Citywide/city owned and managed communications networks. • Key: District owned and managed • Shift from Contractors to FTE’s
DC-NET: Goals • Build and maintain a comprehensive technology network that meets the needs of the ENTIRE District Government • All voice services • All data Intranet connectivity • Enhance Public Safety applications • Working group determined that the network must have “at least” these attributes: • Scalable (especially future growth; both size and services) • Highly available, fault-tolerant • Minimize total cost of ownership, particularly operational costs • Secure (traffic isolation and privacy) • Accommodate the wide variety of network needs and data flow patterns present in the District
DC-Net: Unique Architectural Issues in DC • Different agencies have different data flows • Some have flows that are centralized on an agency HQ or data center • Some have flows that are centralized on the OCTO Data Centers (different sites than Agency data centers) • Some use site-to-site flows (eg: video conferencing) • Multi-agency buildings • Security (and resulting costs) • Addressing and routing hierarchy
DC-Net: Architectural Issues In The District • Many agencies require encryption • Extranet connections need to filter/firewall their traffic before it reaches other agencies • Redundancy • Different preferences, requirements, budgets, etc. • Some agencies are 100% stand-alone, others use centralized resources such as e-mail Bottom Line: Much like a campus, the Districts network needs and applications differ by agency, by building and by budget.
DC-NET: Options Overview • Considered a variety of options - variety of approaches: • Different types of equipment considered • Different layers of the OSI model considered for service delivery • “Legacy,” “mature,” “state-of-the-art,” and “bleeding edge” technologies were all considered • Impact of teams ability to effectively manage/administer • Both point-to-point and shared (cloud) models • Consistent factors • DC Net should be the transport mechanism not desktop • All traffic should use SONET as the “convergence layer” • Ethernet over SONET vs. a separate Gigabit Ethernet network • Ethernet aggregation at the edge of the network for cost savings, while maintaining necessary resiliency levels.
DC-NET Fast Facts • DC Loves Teddy Roosevelt • 1903 Statute required “the phone company” to provide conduit space for public safety use. Very powerful discovery! • $48 mil multiyear project • Local Capital dollars • Some Federal dollars • Post 9/11 interest in improving communications between Feds, DC and surrounding areas • Goal is to be self sustaining by FY08 • Approximately 86 employees working on the project • Currently in “Construction and Production” • Final production team should be substantially smaller • Must maintain fiber splicers - Help Desk specialists • DC-NET currently provides Voice and MAN transport • Does not manage LAN/WAN or Internet
DC-NET: Independent Agency? • Plan has been to “spin out” DC-NET into an Independent Agency • This is on again, off again. • Requires full support from EOM and Council • New Mayor elected next year • Requires “full time “driver”” • Independent agency not “hamstrung” by same “inane Gov’t rules and regulations” • Can become an Erate eligible Company • Can provide services to Federal Agencies • Can provide services to non-Gov’t entities
DC-NET: Fiber • SONET Fiber planned to all Gov’t locations • 400 – 600 Gov’t sites across the city • Currently at 165 buildings • All citywide voice and data services at sites “which make sense” will eventually be riding these fully redundant SONET rings • Some fiber deployed direct in Verizon Conduits • Needless to say, Verizon not been happy about this • Have tried unsuccessfully to stop deployment in courts & PSC • Other fiber obtained via CATV Franchise Agreements • Comcast • 23 Additional miles just obtained in “fire zone” • Great to have, but hard to integrate into network • RCN (formerly Starpower) • Some original fiber purchased on IRU’s
DC-NET: Core and Edge electronics • Cisco 15454's as the core routing hardware • Other than one major software issue, very stable • Chosen for it’s carrier class abilities • Chosen because “they’re Cisco” over other vendors • Chosen for it’s ability to support SONET • SONET chosen for it’s proven redundancy (circa 2003) • Great for T1 Handoffs • Lots of Government Applications for T1’s • Motorola Radio circuits to Towers (42 of them across the city) • Voice circuits for ancillary products like ACD • Cisco 3750’s currently used at edge • Edge is almost always at the BDF
DC-NET: Replacing the Legacy Services • Rapidly replacing legacy MAN circuits from Verizon • District has hundreds of Point – Point circuits • T3 through Analog circuits deployed across the city • In 2001, over 3500 analog circuits were installed • Major Frame Relay networks installed today • Multiple 45 Mbps at host sites • Independent agencies like DCPS manage their own network • DC Gov still pay’s about $5mil/year for MAN circuits to Verizon • DC-NET replacing these circuits as fast as possible • Layer 3 MPLS VPN’s • Currently offer 2Mbps – 500Mbps • T1’s also provided • Pricing of DC-NET services currently mirrors Verizon fees to ensure no impact to agency budget. • DC-NET “costs” still hard to determine at this phase
DC-NET L3-MPLS VPN: Pros, Cons & Verdict • Pros • L3-MPLS VPN provides all the “usability” benefits of a “Global VLAN” based network without the disadvantages • Much more scalable • Much better traffic tuning and optimization tools • L3 routing protocols and MPLS Traffic Engineering versus Spanning Tree tuning • Cons • Adds a degree of complexity to the overall District network • Verdict • Provides the optimal mix of flexibility, scalability, control, and operational efficiency for a District-wide data network
PROPOSED MPLS LAYER 3 VPN SERVICE Agency Router Ethernet Label Switched Path (LSP) Ethernet VLAN to Metro Ring MPLS cloud on built over Metro rings PE router imports Ethernet traffic into MPLS Provider Edge Routers (PE)
DC-NET: Voice Platform • Avaya s8700 is core voice platform. • Redundant servers in two host centers • Connected via DC-NET SONET fiber • MCI (now Verizon) provides PRI + DID numbers • Service provided from 2 CO’s • 30,000+ phones when complete. • 12,000 have been ported • 25,000 ISDN/CENTREX remain • 10 – 15% unused inventory discovered during cutovers • Migration is very, very, VERY challenging • Avaya Modular Messaging voicemail • Still 10,000 Verizon Optimail boxes not migrated
DC-NET: Terminals • Phone terminals have been problematic • Legacy ISDN sets retained because of $$ • Most purchased within last 5 years • S8700 platform supports these older sets • Pro’s: Each port on switch supports 2 stations • Con: Antiquated NT1/Power supplies • Are going to start deploying “newer” digital sets • VoIP terminals not “deployable” yet • DC LAN/WAN is separate network • VoIP could be deployed today at “green field” site • VoIP strategies are actively being engineered Bottom line – we’ve got a racehorse fiber network with world class routing and switching hardware and last generation terminals.
DC-NET: Terminal Plans • Voice terminal plans mirror most large enterprise plans: • Get out of the “Henry Ford Phone business” • Any set you want as long as it’s my black phone… • SIP (of course) • Single number on multiple terminals • EC500 has been available for years, not deployed • First responder’s anxious for single number • Hardphone • Softclient on “rugged - ized” laptop in cruiser • Cellphone • Utilize private 700Mhz spectrum to deploy softclients for first responders and other Gov teams.
DC-NET: NOC • NOC is carrier class / world class • 24 x 7 x 365 • Underground • Redundant center in planning stages • Hub of all .gov technology performance mgmt • Actually doing application management not just monitoring & performance mgmt • DC-NET opted to outsource to legacy OCTO NOC • Critical to DC-NET success because of mission critical applications on-net
Some $$$$$ • DC has been spending about $8mil/year for data circuits • DC has been spending about $15mil/year for voice services • Current DCNET expenses $15mil/year • Includes major capital build out of fiber/hardware • Includes all new software license fees • Includes a lot of people “to build” • “Break Even” on voice: about 18,000 lines • Projected expenses post cutovers:$10mil/yr
District of Columbia E911 Network Update February 2006
Direct Connect Overview • 90% complete with modernization of District’s E911 Network • 8 years ago, DC’s Verizon-managed 9-1-1 system was the worst in the country. • Verizon’s existing technology is unreliable, slow, expensive, contains inaccurate data, and has two primary weaknesses: • ALI • Trunking (pathways) • Since then, DC has built fully redundant E911 network infrastructure that enables Carriers to “Direct Connect” to the PSAP • All wireless (cellular) carriers have been on the District’s “selective router” system for 4 years. 50+% of the traffic to PSAP is cellular. • Wireline carriers are being migrated onto the system now. • System will accommodate VoIP carriers as well • 0 calls have been blocked or dropped in 4 years • Call delivery and processing has dramatically improved • National Emergency Number Association (NENA) has reviewed the District 911 network and believes the District’s network is how E911 services should be engineered • Redundant and secure, on a robust network.
Direct Connect Overview • 10% Remaining to Finish the Job • Completing migration of wireline carriers to selective routers • With exception of Verizon, all 13 carriers providing wireline phone service in the District are engaged in the process or are connected via reliable trunks. • So far, Verizon has refused to meet. • Migrating carriers/calls onto the new UCC telephone system • UCC systems add increased redundancy via back-up at McMillan (PSCC) • Competing the ALI (Automatic Location Identification) service • Texas and Allegheny County, PA have done this. • Texas passed supporting rules. • DC/OUC must complete rulemaking regarding ALI and engineering standards.
Unreliable vs Reliable Trunking DC-NET Fiber
WASHINGTON DC E911 CURRENT ARCHITECTURE VERIZON SINGLE POINTS OF FAILURE FULLY REDUNDANT DISTRICT NETWORK
E9-1-1 http://ucc.octo.dc.gov/ucc/site/default.asp?
The UCC is a newly constructed state-of-the-art facility that will consolidate the public safety and non-public safety communications functions of the District of Columbia The UCC will house the call centers for 9-1-1, 3-1-1, and 727-1000, the entire Emergency Management Agency (EMA) as well as the Mayor’s Command Center and the Regional Incident Command and Control Center Facility is currently under construction with schedule completion in Aug 2006 UCC Benefits Emergency Preparedness Public Safety Efficiency Economic Development Community Revitalization PROJECT OVERVIEW
PROJECT OVERVIEW– KEYFACTS • Project Fact Summary • Location St. Elizabeths - East Campus • Site Area 11.8 acres • Building Size 137,000 square feet • Building Height 57 feet • Parking Capacity 260 • Building Occupancy 350 (over 24 hr period) • Zoning Designation C-2-B • Design Features / Criteria • 15% internal expandability • 72 hour self-sustaining capabilities • Fully redundant telecommunications • Fully redundant communications systems with back-up facility • 100 ft. Security Setbacks per Federal Guidelines • Blast / Bullet resistant glass and walls
DC-NET: Citywide Motorola Radio System • 42 Towers across the District • Supports entire First Responder Community • T1 Based Connectivity • Cutover in a single weekend from Verizon • Never Failed • Adding 28 new circuits due to UCC building
DC-NET: “Phili Wi-Fi” backbone • Mayor gets calls and Emails every day • “Why does DC not have a network like “Phili”? • Currently exploring “win – win” options • Looking for partners • Not sure where the $$ will come from • DC-NET will provide citywide backbone for network service partner
Antenna Site Leases (TALL Program) • (OCTO) manages a program for leasing space on government property and buildings to telecommunications and wireless companies that want to install antennas in the District of Columbia. • Leases may be obtained through the Telecommunications Asset and Location Leverage (TALL) program, which is being established in concert with the Office of Property Management (OPM). • The program currently has over 300 sites available for antenna installations by lease agreement. • TALL recognizes that the need for new antenna sites in the District of Columbia will grow as existing personal communications services expand and third generation ("3G") wireless services are introduced.
DC-NET: WARN • The Wireless Accelerated Responder Network (WARN) is the nation’s first city-wide broadband wireless public safety network. This pilot network was unveiled in September 04 and was first operationally used in January, 2005 for the Inauguration followed by the State of the Union.
DC-NET: WARN Network Attributes • WARN is supported, managed and operated by the OCTO Wireless Programs Office (WPO). • WARN is a pilot network run on an experimental license in the 700 MHz band provided by the FCC. • WARN consists of 12 radio sites and 200 network devices (i.e. PC cards) that facilitate wireless interconnection of Local and Federal public safety mobile devices throughout the District of Columbia. In addition, users of the network can access applications that, heretofore, were only accessible from the desktop computers.
DC-NET: WARN Network Attributes • Covers 95% of the District • Uplink rate -- 900 kbps (peak)/300 kbps (average) • Downlink rate -- 3 Mbps (peak)/900 kbps (average) • Uses Flash/OFRM • Low latency (30-50ms) • Full mobility (communications sustained while device mobile throughout the city) • Dedicated Public Safety network – no contention with cellular or commercial users. • All IP network; features include full quality of service (QOS) capabilities, and static IP addresses • Single phone # trial being engineered (hardphone/Softphone/Cell)
Spectrum Coalition for Public Safety • The District anticipates that use of this network, in concert with the activities of the Spectrum Coalition for Public Safety, will help persuade Congress to allocate the spectrum necessary for the deployment of broadband public safety networks by state, county and local governments.