internet2 technology update
DESCRIPTION
Internet2 Technology Update. Rick Summerhill Chief Technology Officer, Internet2 [email protected] Internet2 Fall Member Meeting 9 October 2007 San Diego, CA. Introduction. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/1.jpg)
Internet2 Technology Update
Rick SummerhillChief Technology Officer, Internet2
Internet2 Fall Member Meeting9 October 2007San Diego, CA
![Page 2: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/2.jpg)
Introduction
• This session will provide an introduction and summary of many of the technology investigations and developments underway in the Internet2 community
• Technology group on the Internet2 staff• Rick Summerhill, CTO• Eric Boyd, Deputy Technology Officer, concentrating on Network
Architecture and Performance• Ken Klingenstein, Senior Director, concentrating on Middleware
and Security• Matt Zekauskas, Senior Researcher, concentrating on Network
Research
• The session is not meant to include an exhaustive list of everything the community is examining, but rather describe the flavor of new technologies under investigation.
![Page 3: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/3.jpg)
Collaborations • Almost all technology development is done through a
variety of collaborations• Collaborations with members, including campuses,
regional networks, and corporate members• Almost all of the development in middleware, for example, is
done through these types of collaborations.
• Collaborations with the international community or other national networks like ESnet• Much of the work on network performance or architecture
includes these types of collaborations.
• Collaborations with researchers in academia and corporate members• For example, network research
• All of these collaborations are essential to technology development at Internet2
![Page 4: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/4.jpg)
Agenda
• Some Examples• Performance and Architecture• Network Research• Security and Middleware
![Page 5: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/5.jpg)
Examples
• Here are a few examples to illustrate how new technologies are undertaken
• It is crucial that our community push the boundaries on new developments and investigate new ideas.
• In these first few examples, consider• IPv6•Hybrid Networking and the Dynamic Circuit
Network
![Page 6: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/6.jpg)
IPv6• IPv6 has long been an area of emphasis for our community
• IPv6 will likely become very important in the near future given
recent ARIN discussions and announcements about the
exhaustion of the IPv4 address space
• The IPv6 initiative is essentially member driven in our community
• There is an IPv6 working group that meets regularly at the Joint
Techs meetings and there are hands-on workshops to support
deployment
• Many of our connectors and members have deployed IPv6 from a
network centric point of view.
![Page 7: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/7.jpg)
![Page 8: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/8.jpg)
IPv6 Deployment• Although many connectors have deployed IPv6, it is
difficult to gauge the deployment deep into the campus• IPv6 deployment as a network protocol is
fundamentally not difficult• Getting campuses and connectors to support IPv6 on
crucial applications, however, is often problematic• For example, mail servers, web servers, authentication
servers - supporting (and porting, in some cases) critical applications to IPv6 lags
• We encourage you to participate in the IPv6 working group to help set strategic direction for Internet2 in the future
![Page 9: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/9.jpg)
Hybrid Networking• There has been tremendous interest from all communities
associated with Internet2 to examine services that utilize lower layers of the protocol stack along with IP at layer 3
• This has become known as “hybrid networking”• It is motivated by applications from the research and education
community that require greater capabilities• High bandwidth flows (for example, flows that come close to
saturating links in the shared IP backbone)• Flows with special requirements related to quality of service, for
example jitter requirements
• On the Internet2 network, this takes the following form of an IP network together with the Dynamic Services Network:
![Page 10: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/10.jpg)
![Page 11: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/11.jpg)
Nodes
![Page 12: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/12.jpg)
The Dynamic Circuit Network
• A Network using protocols different from the normal IP protocols• A similar model as an IP network, but with different basic
elements - dedicated circuits rather than shared data flows
• Create Circuits (data paths) in seconds for periods of hours to days between hosts
• Hosts might be individual hosts or routers on the IP network
• Tremendous international collaboration on this project - GÉANT2, ESnet and Internet2
• Innovative work involving exchange of topology, path computation and scheduling and signaling using web services
• Demonstration of how this works in the first plenary session
![Page 14: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/14.jpg)
CI Components
Network
Performance Infrastructure / Tools
MiddlewareControl Plane
….
Bulk Transport
2-Way Interactive
Video
Real-Time Communications
Applications
Applications call on Network Cyberinfrastructure
….
…. ….Phoebus
Netw
ork C
yberinfrastructure
Measurement Nodes
Control Plane Nodes
![Page 15: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/15.jpg)
Internet2 DCN and HOPI
10 Gigabit Ethernet
1 Gigabit Ethernet or SONET/SDH
OC192 SONET/SDH
I2 DCS: Ciena CoreDirector10 Gigabit Ethernet
1 Gigabit Ethernet
I2 HOPI: Force10 E600
10 Gigabit Ethernet
![Page 16: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/16.jpg)
Internet2 DCN “Circuits”• Physical Connection:
• 1 or 10 Gigabit Ethernet• OC192 SONET
• Circuit Service:• Point to Point Ethernet (VLAN) Framed SONET Circuit• Point to Point SONET Circuit (future)• Bandwidth provisioning in 100 Mbps increments
• How do Clients Request?• Client must specify [VLAN ID|ANY ID|Untagged], SRC Address,
DST Address, Bandwidth• Request mechanism options are Web Service API, Web Page,
phone call, email• What is the definition of a Client?
• Anyone who connects to an ethernet or SONET port on an Ciena Core Director; could be RON, other wide area networks, domain specific applications
![Page 17: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/17.jpg)
Internet2 DCN Circuit IntraDomain
•Source Address•Destination Address•Bandwidth•VLAN TAG (None | Any | Number)
•User Identification (certificate)•Schedule
Client A
Client B
Circuit Request
api
api
Ethernet Mapped SONET or
SONET Circuits
Dynamically Provisioned Dedicated Resource Path (“Circuit”)
Internet2 DCN Service
Internet2 IDC
•api can run on the client, or in a separate machine, or from a web browser
XML
USER API
Actual Network Path
To IDC
![Page 18: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/18.jpg)
Internet2 DCN Circuit InterDomain
• No difference from a client (user) perspective for InterDomain vs IntraDomain
RON Dynamic Infrastructure Ethernet VLAN
RON Dynamic Infrastructure Ethernet VLAN
Internet2 DCS Ethernet Mapped SONET
1. Client Service Request2. Resource Scheduling 5. Service Instantiation (as a result of Signaling)
A. Abstracted topology exchange
AA
22
1
USER API
XML
![Page 19: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/19.jpg)
Internet2 DCN Current Status
• DCN Infrastructure Deployed• DCN Control Plane deployed and under test
• available for use for early adopters
• General DCN availability planned for January 2008
• Instructions for those interested in using Internet2 DCN or in deploying their own dynamic network will be made available soon
c
![Page 20: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/20.jpg)
Phoebus Current Status
• Developed at University of Delaware (Martin Swany)• Transport Middleware
• Configuration per route/host/user• UDT for inter-depot communication• Transparent operation (library, iptables)
• Simple file transfer tool (scp)• Transparently use Phoebus/Dynamic Circuits
• Leverage Control Plane• Allocate dynamic circuits across Oscars (DCN, others)
• Authentication and Authorization (currently primitive)• Future: Utilize Measurement Infrastructure
• Help find best routes, provide information about paths and achievable bandwidth
![Page 21: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/21.jpg)
Internet2 Active Measurement Tools
• OWAMP (Latency)
• v3.0c (RFC 4645 version) available now
• Regular tests between all routers, and on-demand
• BWCTL (Throughput)
• v2.0 version under development
• Regular tests between all routers and on-demand
• NDT (User Diagnostic)
• v3.4.1 available now
• Latest version added better logging and error handling
• NPToolkit (Active Measurement Tool Package)
• v1.7 available now
• Knoppix Live-CD bootable system
![Page 22: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/22.jpg)
Internet2 Passive Measurement Tools
• Circuit Status Service (E2EMON)
•v1.0
•Internet2 implementation of European tool
•Circuit Status service, Link Status service,
Topology service
• Netflow
•Anonymized, available to researchers
![Page 23: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/23.jpg)
Internet2 Measurement Framework
• Why do we need an end-to-end measurement framework?• Most organizations can do monitoring and diagnostics of their own
network
• Networking is becoming an increasingly cross-domain effort
• Monitoring and diagnostics must also become a cross-domain effort• What is perfSONAR?
• A set of protocols and schemas for implementing a service-oriented architecture for sharing and controlling network performance tools
• A community of users and developers (Internet2, ESnet, GEANT2, and RNP)
• A set of software (the sample implementation)
![Page 24: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/24.jpg)
Internet2 perfSONAR Current status• perfSONAR UI v0.9 available• Java release v2.1 available• perfSONAR-PS
•Perl versions of perfSONAR services written by Internet2, ESnet, FNAL, SLAC, and UDel
•Now Available: Micro-releases of Circuit Status Service, Link Status Service, Lookup Service, Topology Service, SNMP MA
•Under Development: Micro-releases of perfSONOBUOY, and PingER
•perfSONAR-PS bundle release planned for early ‘08
![Page 25: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/25.jpg)
![Page 26: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/26.jpg)
![Page 27: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/27.jpg)
![Page 28: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/28.jpg)
![Page 29: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/29.jpg)
![Page 30: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/30.jpg)
![Page 31: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/31.jpg)
![Page 32: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/32.jpg)
![Page 33: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/33.jpg)
![Page 34: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/34.jpg)
![Page 35: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/35.jpg)
![Page 36: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/36.jpg)
![Page 37: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/37.jpg)
![Page 38: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/38.jpg)
![Page 39: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/39.jpg)
![Page 41: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/41.jpg)
Research Support in Internet2
• Research on the network• Learning from measurements• Ability to test new theories, protocols and
components
• Research using the network• All kinds, not just “network research”•Much tends to be “big science”, but it also
spans a wide range including new methods of interaction and learning
![Page 42: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/42.jpg)
Philosophy
• Internet2 does not do network research per se, but seeks to facilitate and support research projects led by faculty at member institutions• Make accessible network resources readily
available to this community• Participate in research collaborations and
provide support for proposals• Integrate research findings into the evolution of
Internet2 network initiatives and services
![Page 43: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/43.jpg)
Making Resources Available
• Primarily through Internet2 Observatory
• Two pieces•Measurements of Internet2 Network made
available• Measurements for operations• Measurements specifically for research
•Opportunity to collocate equipment where it makes sense to do so
![Page 44: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/44.jpg)
Existing Measurement Capabilities
• One way latency, jitter, loss• IPv4 and IPv6 (“owamp”)
• Regular TCP throughput tests – ~1 Gbps• IPv4 and IPv6; On-demand available (“bwctl”)• ~10GE now also possible (Myricom and Dell 1950, must ask)
• SNMP• Octets, packets, errors; collected 1/min
• Flow data• Addresses anonymized by 0-ing the low order 11 bits
• Routing updates• Both IGP and BGP - Measurement device participates in both
• Router configuration• Visible Backbone – Collect 1/hr from all routers
• Dynamic updates• Syslog; also alarm generation (~nagios); polling via router proxy
![Page 45: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/45.jpg)
Dataset Use
• Major consumption• Flows
• Most popular (but also one that must be asked for)
• Routes• Configuration
• Nick Feamster (while at MIT)• Dave Maltz (while at CMU)
• Papers in SIGCOMM, INFOCOM• Hard to track folks that just pull data off of web sites
![Page 46: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/46.jpg)
Current Collocation
• VINI, a Planetlab followon• Will provide some sort of private network• Congruence with routed network useful
• 100x100: programmable network processors• Again, want private interconnect• More details in Research talk
• Phoebus• Break TCP sessions to allow hosts that are not
tuned or on flawed networks to effectively use wide-area network
• May also take advantage of circuits or non-TCP
![Page 47: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/47.jpg)
Current Research Collaborations
• Ultralight (NSF)• Research support for upcoming LHC Physics data flows• Project led by Caltech
• 100x100 (NSF)• Focused on understanding the technical & economic requirements for
providing 100-Mbps connectivity to 100 million U.S. homes• Project led by CMU, Stanford and Rice
• Hybrid Multi-layer Network (DoE)• Look at interoperability issues with new dynamic circuit networks. Data
plane interoperability, control plane interoperability…• Project led by U New Mexico, USC ISI; includes ESnet and
UltraScienceNet
![Page 48: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/48.jpg)
Other, More Ad-Hoc, Collaborations
• Buffer sizing project (Stanford):• Reduce buffers available to router interfaces
(software controlled)• Take an anonymized but correlated packet trace• Look for throughput and latency anomalies
• Rapid raw SNMP to test link capacity measurement programs
• Occasionally run programs on behalf of researchers on backbone machines
![Page 49: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/49.jpg)
Small Grant Participation
• Network Measurement for International Connections• I’m PI, but work is done in close collaboration
with Matt Mathis (who also has a small grant) and the International Research Network Connection PIs.
• Research current state and propose solutions• Suggest common measurements• Identify areas for improvement• Work to establish a program-wide
measurement group
![Page 50: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/50.jpg)
Futures
• Work with Research Advisory Council to determine futures
• Restart some focus on outreach and dialog that was begun under a different small grant on the use of Internet2 facilities for research
• Provide the best possible data from our network, and facilitate other opportunities that come our way
• Come see the Network Research update late this afternoon for more details on current activity
![Page 52: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/52.jpg)
Security
•REN-ISAC - http://ren-isac.net/•CSI2•Real time security exchanges•Google analytics
•Disaster Recovery•FWNA and eduRoam
![Page 53: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/53.jpg)
Middleware Developments
• SAML and Shibboleth
• InCommon and international federations
• Collaboration management platforms
• NSF-Mellon Scientific and Scholarly Workflow
![Page 54: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/54.jpg)
SAML and Shibboleth
• Shibboleth 1.3 widely deployed as federating software; openSAML widely used as a library
• Shibboleth 2.0 completes Shib/SAML integration; now in beta
• Missing pieces (e.g. personal attribute release) becoming evident and being addressed
• Google, MS, others now provide some financial support; service companies now available
![Page 55: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/55.jpg)
InCommon
• Growing steadily now; 65 members and 1.3M user base
• Major applications include outsourced services, content providers, wiki and collaboration tools
• NIH and federal follies elsewhere
• Apple, Google and Microsoft in contract review
• InCommon Bronze and Silver now under discussion
![Page 56: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/56.jpg)
Prague Meeting on Inter-federation
• 15-20 International R&E federations (5 continents) plus Liberty Alliance and a few others
• Prague, September 3• Lots of topics: Attribute mapping, Privacy
Policies, Dispute resolution, Financial considerations, Technical direction setting
• UK drafting an analysis of International Peering needs, opportunities, etc.
![Page 57: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/57.jpg)
Peering Parameters
Parameters:
•LOA•Attribute mapping•Legal structures• Liability• Adjudication•Metadata
•VO Support•Economics•Privacy
![Page 58: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/58.jpg)
Collaboration Management Platforms
• Management of collaboration a real impediment to collaboration, particularly with the growing variety of tools
• Goal is to develop a “platform” for handling the identity management aspects of many different collaboration tools• Platform includes a framework and model, specific running
code that implements the model, and applications that take advantage of the model
• This space presents possibilities of improving the overall unified UI as well as UI for specific applications and components.
![Page 59: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/59.jpg)
COManage
• Leverages federated identity and the attribute ecosystem heavily
• Shib-enabled; uses Grouper to manage groups, Signet to manage privileges, Eddy for diagnostics
• Built completely on open protocols, using open source components
• Open and proprietary applications can be plumbed to work with it• Sympa, wikis, audioconferencing, sharepoint, calendaring are
comanageable, to varying degrees, now• Web-based file shares, rich wikis next…
![Page 60: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/60.jpg)
Comanage dimensions of growth
• In the applications that can be driven by it• Collaboration and domain science prime areas• Largely a function of the application’s respect for
middleware
• In the areas being managed - diagnostics
• In the identities being managed
• In the coupling of autonomous and diverse instances
![Page 61: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/61.jpg)
Upcoming Talks
• Middleware: The Big Picture Gets Bigger• Happening now, look at slides online
• Network Research Update• Tuesday, 4:30, Grand Hall
• Performance Update• Wednesday, 10:30 AM, Golden West
• Dynamic Circuit Network Update• Thursday, 8:45 AM, California Room
• General Session: Cyberinfrastructure: The Way Forward• Thursday, 10:15 AM, Grand Hall
![Page 62: Internet2 Technology Update](https://reader038.vdocuments.site/reader038/viewer/2022103006/56813d54550346895da711d5/html5/thumbnails/62.jpg)