1 / 13

Duke University

Duke University . SDN Approaches and Uses GENI CIO Workshop – July 12, 2012. Duke Network – Current State. Duke ’ s existing infrastructure has a great deal of flexibility Campus core is 20Gbps today (40Gbps soon) External connectivity is 20Gbps today

lorna
Download Presentation

Duke University

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Duke University SDN Approaches and Uses GENI CIO Workshop – July 12, 2012

  2. Duke Network – Current State • Duke’s existing infrastructure has a great deal of flexibility • Campus core is 20Gbps today (40Gbps soon) • External connectivity is 20Gbps today • Extensive wireless (~3200 802.11n APs) + Wired • Utilizes MPLS/VRF (VPN Routing and Forwarding) technologies throughout the campus (multi bldg depts, etc) • More than 65 VPNs operating today, from PCI to e-PHI • Custom firewalls can be deployed for any VRF • IPS/IDS operating at network Interchange Layer • Inspects traffic in/out of Duke and VRF-to-VRF

  3. Duke Network – Current Operation MCNC (Commodity + I-2/NLR) Interchange Layer Campus “Backbone” Duke Shared Cluster Resource Institute for Genome Sciences & Policy Physics Department

  4. Duke Network – Current Operation MCNC (Commodity + I-2/NLR) Current Cross-domain Data Flow Interchange Layer Campus “Backbone” Duke Shared Cluster Resource Institute for Genome Sciences & Policy Physics Department

  5. Duke Network – Limitations • VRFs (VPNs) are configured by central IT • We’d like to give scientists more control and flexibility to create their own private VPNs with their collaborators on the campus network • IPS/IDS can add latency and complexity • We’d like known (safe) transmissions on campus to proceed without exhaustive security checks • External “big data” collaborations are the norm • We’d like to enable faster transmissions + more flexibility to access resources (cycles, storage) outside of Duke (without clogging the core network)

  6. Duke Network – SDN Approach • Leverage existing enterprise infrastructure and provide a bridge mechanism to enable SDN at the “edge” and take advantage of VRF capabilities where SDN is not yet deployed (in the “core”) • Retain the “rock solid” nature of the production network, WITHOUT creating a totally separate and independent physical research network • Extend Exo-GENI access via SDN capabilities • Enable “regular traffic” routes + “HOV/express” routes with planned points of ingress/egress • Enable scientists to opt-in to SDN connectivity as well as Exo-GENI capability Give scientists easy access to virtual slices (network, computation, storage) whether at Duke or beyond

  7. Duke Network – Current Operation MCNC (Commodity + I-2/NLR) SDN Enabled Only for ExoGENI Research Project in CS, with Direct Connection by-passing Duke Network RENCI’s BreakableExperimental Network (BEN) Interchange Layer Campus “Backbone” Duke Shared Cluster Resource Institute for Genome Sciences & Policy Physics Department Duke CS – Exo-Geni Research

  8. Duke Network – Future Operation MCNC (Commodity + I-2/NLR) SDN Capability Added to Edge Sites with Know Use Cases: Physics (DYNES and big data transfers externally), IGSP (research with ePHI implications) RENCI’s BreakableExperimental Network (BEN) Interchange Layer Campus “Backbone” Duke Shared Cluster Resource Institute for Genome Sciences & Policy Physics Department Duke CS – Exo-Geni Research

  9. Duke Network – Future Operation MCNC (Commodity + I-2/NLR) Future Cross-domain Data Flow: SDN-Mediated+ Prepositioned-VRFs to Enable Shortest Path, bypass Interchange RENCI’s BreakableExperimental Network (BEN) Interchange Layer Campus “Backbone” Pre-positioned VRF Segment Duke Shared Cluster Resource Institute for Genome Sciences & Policy Physics Department Duke CS – Exo-Geni Research

  10. Prepositioned VRFs • Prepositioned VRFs can be used to connect an SDN edge endpoint with know collaboration sites in the core (non-SDN) network • Traffic routes around campus interchange layer • Avoids IPS/IDS checks – faster transmission of “big data” for researchers • Point-to-point routes mean less traffic in the “core” - benefits other university users • Benefit to the SDN users: potentially higher bandwidth, lower latency paths

  11. Expressway Links • Med-/Long-term SDN connections between known (frequently accessed) end-points • Establishes direct traffic routes • Benefits are even greater than prepositioned VRF (even more direct), but less scalable since SDN required on both sides and fiber capacity needed between end-points • Enables ExoGENI experimentation and access to compute, storage and network “slices” beyond Duke to other SDN-enabled sites & ExoGENI racks

  12. Duke Network – Future Operation MCNC (Commodity + I-2/NLR) I-2/ION Future External Data Flow: SDN-Mediated“Expressway”Links: Enable Layer2 Transport and ExoGENI Resource Access RENCI’s BreakableExperimental Network (BEN) Interchange Layer Campus “Backbone” Duke Shared Cluster Resource Institute for Genome Sciences & Policy Physics Department Duke CS – Exo-Geni Research

  13. External Data Flow • SDN-enabled edge points can connect through a (pre-established) set of VPNs in the campus core (Layer 3) to reach external destinations • Where Expressway Links exist and connect to ExoGENI, SDN-enabled edge points can connect via BEN-ExoGENI (Layer 2) to reach external destinations

More Related