The Campus Network Role in the Global Research and Education Networking Environment

1. The Campus Network Rolein the Global Research and Education Networking Environment Dale Smith University of Oregon/NSRC dsmith@uoregon.edu/dsmith@nsrc.org

2. Topics • The Global Research and Education Network (REN) ecosystem • The key role of the campus network • Suggestions for improvement in campus networks

3. Research and Education Networks • Some Terminology • Research and Education = R&E • Research and Education Networks = REN • National REN = NREN • Globally, the REN connectivity is very complex and very difficult to understand

4. REN Characteristics • High bandwidth networks • 10G backbones with 40G and 100G coming • Science research needs uncongested networks • Which means many RENs are lightly used with lots of headroom • Low latency • Terrestrial fiber • Open Networks with no filtering • Firewalls can make it hard for ad-hoc activities

5. REN Models • Peering network • Exchange traffic between members • Provide international connections (TEIN3, etc) • Can peer with a local commercial exchange (Google, local ISPs, etc) • REN provides all Internet connectivity • REN is the ISP • In this case, REN also provides peering network

6. REN as Peering Network Internet Exchange Other RENs Internet REN Member Member Member

7. REN as Internet Service Provider Other REN Networks Internet Exchange Internet REN Member Member Member

8. REN Ecosystem • Somewhat of a layered model • Global Connectivity • Regional RENs • National Research and Education Networks • All users are connected at the campus network level

9. Global REN Connections • Connect Regional or National networks together • Tend to be longer, more expensive circuits • Not always well coordinated • Routing policies often inconsistent • Always are peering networks – never an ISP

13. Regional REN Connections • Connects RENs of individual countries within a geographic region • Some Regional RENs are also Global • APAN is a good example • Almost all Regional RENs are peering only networks • AfricaConnect is likely to be the exception

14. Regional REN Connections • Most regional networks have funding from European Union • EUMedConnect • TEIN/TEIN2/TEIN3 • GEANT • ALICE/ALICE2 – RedCLARA • AfricaConnect

15. RedCLARA March 2011 Porto Alegre

18. Country RENs (NRENs) • Research and Education Networks that serve and entire country • Frequently funded by government • Much more common for NRENs to act as an ISP • Some countries have another layer of REN = regional RENs inside of country • USA is good example

19. USA NREN: Internet2

21. Investments in RENs • TEIN2 (Asia Pacific) - 10M Euros • TIEN3 (Asia Pacific)– 12M Euros • GEANT2 (Europe) – 94M Euros • GN3/GEANT (Europe) – 93M Euros • Internet2 US/UCAN (USA)- $62.5M USD • ALICE2 (South America) – 18M Euros • AfricaConnect (Afica) – 12M Euros • Total is hundreds of millions of dollars

22. But what about the Campus Nets? • Largely ignored from a funding perspective • Investments and improvements are left to the individual campuses • Lack of funding and attention is a big problem • Campuses actually connect all the users • They really are the foundation that National, Regional, and Global RENs sit upon

23. Education Network (EdNet) UniNet Bangkok Backbone Interuniversity Regional Node Universities Regional Node Regional Node Colleges Distribution Node Distribution Node Distribution Node Schools School School

24. Campus Network Challenges • Best practices documentation or books hard to find • Campus networks often grew without an overall plan • Campus networks are not well funded • Campuses often have a high rate of turnover in personnel • Bottom line: some campus networks don’t perform well and are unreliable

25. High Level Recommendations • Make your campus network hierarchical • Route in the core of your network • Switch at the edge of your network • Carefully consider where you place security devices in your network • NAT is a problem • Use appropriate cabling

26. Make your Campus Net Heierarchical • Do this: • Not this:

27. Route in the Core This should be a layer 3 router These are typically individual buildings on your campus

28. Switch at the Edge Everything not in the core are layer 2 switches

29. Security Device Placement • If all traffic passes through a firewall, traffic shaper, or intrusion prevention device, it will have a significant negative effect on the performance and flexibility of your network REN Firewall/ Traffic Shaper Border Router Core Router All router interfaces on a separate subnet Fiber optic links to remote buildings Central Servers for campus

30. NAT is a Problem • NAT does not provide security – it just forces you to have a firewall function • NAT makes some things hard • NAT breaks things like SIP (standard-based VoIP), which you have to work around • NAT translation device needs to know about applications. Stifles innovation. • Makes it harder to track down viruses and hackers

31. Use Appropriate Cabling • Unshielded Twisted Pair (UTP) • Use either category 5e or augmented category 6 (category 6A) • Do not use category 6 • Fiber Optic Cable • Single mode fiber for anything over 220m • Laser optimized 50 micron Multi Mode is very expensive and doesn’t provide any advantage

32. Parting Thoughts • Campus Networks are the foundation that National, Regional, and Global Research and Education Networks rely upon • You are the people who can improve your own campus network

33. Thank You