250 likes | 377 Views
Fall 2007 Internet2 Member Meeting San Diego, October 8 th , 2007. SINET3: NII’s new Network. Shigeo Urushidani. National Institute of Informatics (NII). Evolution of Japanese Academic Networks.
E N D
Fall 2007 Internet2 Member Meeting San Diego, October 8th, 2007 SINET3: NII’s new Network Shigeo Urushidani National Institute of Informatics (NII)
Evolution of Japanese Academic Networks • SINET3 is integrated successor network to two academic networks, SINET and Super-SINET, economically and flexibly providing rich variety of services. • SINET3 started its operations in April 2007 and completed its migration in May 2007. Packet Switching Network ▲1987.1 Internet backbone for more than 700 universities and research institutions SINET ▲1992.4 Super-high-speed environment for cutting-edge research Super-SINET ▲2002.1 SINET3 - Growing traffic and diversified user requirements - Limited abilities of existing IP routers - New trend of end-to-end circuit services ▲2007.4
Service Categories in SINET3 • SINET3 emphasizes four service aspects: transfer layer, virtual private network (VPN), quality-of-service (QoS), and bandwidth on demand. On-demand QoS-guaranteed BW-specified L1VPN Lambda L1VPN VPLS (QoS) L3VPN L2VPN (QoS) High Priority Multicast (QoS) Application-based QoS VPLS L3VPN L2VPN Best Effort Multicast Multi-homing IPv4 IPv6 IP (L3) Ethernet (L2) Lambda/Dedicated (L1)
Multiple Layer Services • SINET3: integrated network providing all transfer layer services. • Users can freely choose best transfer layer for their applications. • It provides economical service provision and flexible network resource assignment for ever-changing and unpredictable service demands. Past Networks SINET3 User Equipment User Equipment IP network (Layer 3) Innovative Integration IP Router IP Router • Provides all transfer layer services • Integrated network Ethernet network (Layer 2) Ethernet Switch Ethernet Switch Dedicated line network (Layer 1) Cutting-edge Device Cutting-edge Device
Multiple VPN Services • For collaborative research activity: closed user group environment (virtual private network: VPN) is essential for security reasons. • Users can choose from L3VPN (IP), L2VPN/VPLS (Ethernet), and L1VPN services. * Virtual Private Network (VPN); Virtual Private LAN Service (VPLS) Super-SINET SINET3 IP Router IP-based VPN (L3VPN) Expansion of Services & Sites L3VPN IP Router Secure Closed User Group VPLS L1VPN Ethernet Switch Analysis device
L3VPN (IP-based VPN) • National Institute for Fusion Science (NIFS) utilizes L3VPN services for its collaborative research with many universities and research institutions.
L2VPN and VPLS (Ethernet-based VPNs) • SINET3 provides two types of Ethernet-based VPNs: • Point-to-point-based VPN (L2VPN) • Broadcast-based VPN (Virtual Private LAN Service (VPLS)). e.g. Grid computing research e.g. Earthquake research Point-to-point-based VPN (L2VPN) Broadcast-based VPN (VPLS)
L1VPN (Layer-1 VPN) • Virtual dedicated lines over shared platform form VPN among specified sites. • Users can obtain protocol-free and completely exclusive environment. • National Astronomical Observatory of Japan (NAOJ) utilizes L1VPN to transfer constantly-flowing ATM cells from remote telescopes through STM-16 interfaces. • On-demand capabilities will be available soon. * Asynchronous Transfer Mode (ATM) e.g. e-Very Long Baseline Interferometry (eVLBI) project 32 m 11 m 32 m 2.4 Gbps
Bandwidth on Demand (BoD) Services • SINET3 provides BoD services as part of layer-1 services. • Users can specify the destinations, duration, bandwidth, and route option. • BoD server receives reservation requests, schedules accepted reservations, and triggers layer-1 path setup. Web-based Interface (Destination, Duration, Bandwidth, & Route option) On-demand Server User 1 Gbps (13:00-14:00) Layer-1 path setup trigger 2 Gbps (17:00-18:00) On-demand layer-1 path 1 Gbps (15:00-16:00) SINET3
Service Parameters of L1 BoD Services • BoD server allows users to specify destinations, duration, bandwidth, & route option via Web-based interface. Connection Style + Destinations : VPN-A Duration : VPN-B : Non-VPN Pre-configured interfaces - Start Time & - Finishing Time (by 15 minutes) VPN Extranet Public Route Option Bandwidth VC-4 Granularity (about 150 Mbps) - “Minimum Delay” or - “Unspecified” GE GE VC-4-7v VC-4-Av STM-64 STM-64 1 ≤ A ≤ 7 1 ≤ B ≤ 64 VC-4-17v STM-16 10GE VC-4-Bv Lambda Bandwidth-specified
High-level Network Architecture • High-level network architecture is composed of transport network, adaptive network control platform, and user-oriented service control platform. • User-oriented Service Control Platform • Bandwidth on demand • Enhanced network security • Middleware/application coordination • Adaptive Network Control Platform SINET3 BoD Security Middleware • Dynamic resource control • Resilient network control • Performance monitoring UNI, API, GUI … Service Control Platform Dynamic Control User side Network Control Platform • Hybrid Optical and IP/MPLS Network IPv6, Multicast, VPN, QoS … • Multi-layer accommodation • Enriched VPN • Enhanced QoS • High availability • Flexible resource assignment • 40 Gbps (STM-256) lines Layer 3 (IP) Layer 2 (Ethernet/MPLS) Layer 1 (TDM/Lambda)
Network Structure of SINET3 • SINET3 has two-layer structure with edge and core nodes. • Edge nodes are edge layer-1 switches with layer-2 multiplexing, which are located in universities or research institutions and accommodate user equipment. • Core nodes are composed of high-end IP routers and core layer-1 switches located in public data centers. SINET3 SINET/Super-SINET IP Router Backbone Core Node Backbone Router Core L1 Switch Super-SINET/SINET Router Edge L1 Switch With L2 Mux Edge Node SINET Router 10GE/GE/FE STM-16 : L3 (IP) : L3 (IP) : L2 (Ethernet) : L1 (Dedicated/On-demand)
Network Topology of SINET3 • Has 63 edge nodes and 12 core nodes (75 layer-1 switches and 12 IP routers). • Deploys Japan’s first 40 Gbps lines between Tokyo, Nagoya, and Osaka. • Links form three loops in backbone to enable quick service recovery against link and node failures and for efficient use of network bandwidth. 40 Gbps package L1 Switch(NEC UN5000) IP Router (Juniper T640) Hong Kong Los Angeles 2.4 Gbps 622 Mbps Singapore 622 Mbps 10 Gbps New York : 40 Gbps : 10 to 20 Gbps : 1 to 20 Gbps : Core Node (L1 Switch + IP Router) : Edge Node (L1 Switch) Japan’s first 40 Gbps (STM256) lines
Accommodation of Multi-layer Services • L3 and L2 traffic are accommodated in shared bandwidth by L2 multiplexing and transferred to IP router, where each traffic is encapsulated with MPLS labels as needed. • L1 traffic is assigned dedicated bandwidth and separated from L2/3 traffic. • L2/3 (or IP/MPLS) traffic bandwidth can be hitlessly changed by LCAS to flexibly accommodate multi-layer services. Shared Layer-2/3 traffic * Multi-protocol Label Switching (MPLS); Link Capacity Adjustment Scheme (LCAS) FE/GE/10GE Flow Control Hitless bandwidth change by LCAS 10GE data IP VLAN Ether data IP Ether IP Router L2 Mux L3 data VLAN Ether data IP IP Router IP/MPLS IP/MPLS traffic data Ether MPLS data VLAN Ether MPLS Layer-1 traffic L2 Ethernet Switch STM64/STM16 Core L1 Switch Edge L1 Switch L1 Cutting-edge device GE/10GE/ STM16 STM256/STM64 SINET3
Accommodation of Multi-VPN Services • L3VPN, L2VPN, and VPLS are logically separated by internal VLAN tags and logical routers. Each logical router exchanges different protocols for each VPN service. • L1VPN and on-demand services need GMPLS protocols to set up layer-1 paths and have separate control planes from that of IP routers. * Generalized MPLS (GMPLS) or data IP data IP MPLS data VLAN Ether MPLS : Logical Router IP Router IPv4/IPv6 (L3) : Virtual routing/forwarding table Aggregation L3VPN (L3) data IP Ether data IP VLAN Ether L2 MUX IPv4/IPv6 L2VPN (L2) L3 L3VPN data VLAN Ether VPLS (L2) data Ether Shared Layer-2/3 traffic L2VPN L2 Layer-1 traffic VPLS IP/MPLS traffic L1 VPN L1 VPN L1 L1VPN Edge L1SW Core L1SW GMPLS Control Plane
Architecture for BoD Services • BoD server receives reservation requests, schedules accepted requests, and triggers layer-1 path setup to source layer-1 switch via L1-OPS. • Source layer-1 switch sets up layer-1 path toward destination using GMPLS. • BoD server changes L2/L3 traffic bandwidth by LCAS via L1-OPS as needed. Destinations, Duration, Bandwidth, & Route Option Layer-1 BoD Server Scheduling Route calculation User Front-end Path control Resource management Path setup trigger L1-OPS Path setup request GMPLS control and management plane GMPLS L1SW L1SW L1SW L1SW On-demand L2 MUX L2 MUX Ethernet IP Hitless bandwidth change by LCAS IP Router IP Router
Path Calculation in BoD server • BoD server calculates best path for route option using two metrics for each link: delay time and available bandwidth for layer-1 services. • For Minimum delay, route is uniquely chosen. • For Unspecified, route that has largest available bandwidth is chosen. • Available bandwidth for L1 changes depending on traffic volume of L2/L3. 1 Gbps (VC-4-7v) Sapporo L1SW Fukuoka L1SW Hiroshima L1SW Kyoto L1SW Kanazawa L1SW 0.6 Gbps (VC-4-4v) Tokyo2 L1SW VCAT 0.45 Gbps (VC-4-3v) Matsuyama L1SW Osaka L1SW Nagoya L1SW Tokyo1 L1SW Tsukuba L1SW Sendai L1SW 1 Gbps (VC-4-7v) Available bandwidth for layer-1 services Route for Minimum Delay Route for Unspecified Link Bandwidth Route for Unspecified using VCAT L2/L3 Traffic Pattern Mon Tue Wed Thu Fri Sat Sun
High-availability Networking Functions • Multiple loops easily enable multi-layer traffic to be detoured in different directions. • Layer-1 switches detect link failures very quickly and inform them to neighboring layer-1 switches and IP routers. Fukuoka Hiroshima Kyoto Kanazawa Hokkaido TDM IP MPLS MPLS Protection & Fast Reroute Tokyo2 IP route recalculation (option) GMPLS LSP Rerouting TDM MPLS IP Matsuyama Osaka Nagoya Tokyo1 Tsukuba Sendai
Schedule • SINET3 started to provide L3VPN, L2VPN, & L1VPN (static) services, as well as IPv4/IPv6 dual stack services in April 2007. • Starting VPLS services soon and layer-1 BoD services in February 2008. Overlay construction In operation (01/04/2007) Migration Complete (31/05/2007) IPv4/IPv6 dual stack L3VPN L2VPN VPLS L1VPN (static) On-demand (GMPLS-based) Enhanced GMPLS Today
Multiple QoS Services • SINET3 provides QoS by identifying applications, VPNs, & physical/logical ports. • Layer-2/3-based QoS has four priority classes: expedited forwarding (EF), network control (NC), assured forwarding (AF), & best effort (BE). • Layer-1-based QoS has smallest packet delay, no delay variance, & no packet loss. SINET3 SINET/Super-SINET HDTV QoS- aware Node Congestion Expedited End-to-end on-demand path NW control Assured Best effort Best Effort Uncompressed HDTV • Network congestion affects all services • Application/VPN/port-based QoS control
Accommodation of Multi-QoS Services • Layer-3/2-based QoS • User Priority bits of internal VLAN tags are marked at edge L2 MUX. • User Priority bits are mapped into DSCP (IP) or EXP (MPLS) bits at IP router. • There are four forwarding classes: EF, NC, AF, & BE. • Layer-1-based QoS • Layer-1 switches assign end-to-end bandwidth on demand. Marking User Priority bits by identifying IP/Ethernet header Mapping User Priority bits into IP DSCP or MPLS EXP bits IP data IP L2 MUX IP Router IP VLAN Priority mapping for IP IP (L3) Prioritizing for IP IP MPLS EF EF DSCP& EXP based classifier User Priority based classifier Internal VLAN tag Identifier NC NC data Ether Shared Layer-2/3 traffic Priority mapping for Ether AF AF Prioritizing for Ether Ethernet (L2) BE BE Ether VLAN Ether MPLS Dedicated (L1) Layer-1 traffic Edge L1SW Core L1SW • Smallest packet delay • No delay variance • No packet loss
Functions of BoD Server • BoD server software is composed of following function modules: • Front-end functions • Admission control and scheduling • Path calculation • Path control • Resource management Layer-1 BoD Server Database User DB L1SW-DB Path DB Usage DB Route DB Resource DB Front-end Path Calculation Admission Control, Scheduling User - Route Selection - Link Selection - Request Acceptance - Admission Control, Scheduling - Database Registration - User Authentication - Session management IF GUI (Web browser) IF http(s) Operator Path Control Resource Management GUI (Web browser) IF - L1 Path Setup/Release - IP/MPLS Bandwidth Change - L1 Path Management - L1 Path Monitoring http(s) : Function Module L1-OPS