1 Internet Bandwidth Management at The University of Pennsylvania Deke Kassabian, Sr. Tech. Director University of Pennsylvania & The MAGPI GigaPoP October.

Slides:



Advertisements
Similar presentations
EdgeNet2006 Summit1 Virtual LAN as A Network Control Mechanism Tzi-cker Chiueh Computer Science Department Stony Brook University.
Advertisements

ONE PLANET ONE NETWORK A MILLION POSSIBILITIES Barry Joseph Director, Offer and Product Management.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
Assignment 3 LTEC 4550 Cason Parker. Network Hub A Network Hub is a device that connects other devices together using Ethernet cables. Hubs are unintelligent.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
1 Some QoS Deployment Issues Shumon Huque University of Pennsylvania MAGPI GigaPoP April 15th NSF/ITR Scalable QoS Workshop.
RIT Campus Data Network. General Network Statistics Over 23,000 wired outlets Over 14,500 active switched ethernet ports > 250 network closets > 1,000.
UW Campus Network Upgrade Terry Gray Director, Networks & Distributed Computing University of Washington Oct 12, Internet2 Meeting.
Service Providers & Data Link & Physical layers Week 4 Lecture 1.
Stanford University August 22, 2001 TCP Switching: Exposing Circuits to IP Pablo Molinero-Fernández Nick McKeown Stanford University.
Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.
Understanding Network Architecture Access Methods –CSMA/CD Carrier Sense Multiple Access/Collision Detect –CSMA/CA Carrier Sense Multiple Access/Collision.
Campus Networking Best Practices Session 2: Layer 3 Dale Smith University of Oregon & NSRC
1 Internet Access Bandwidth Management at The University of Pennsylvania Deke Kassabian, Sr. Tech. Director University of Pennsylvania & The MAGPI GigaPoP.
Mr. Mark Welton.  Three-tiered Architecture  Collapsed core – no distribution  Collapsed core – no distribution or access.
Networking Components Chad Benedict – LTEC
Agenda Network Infrastructures LCG Architecture Management
NJEDge.Net Regional Meeting Jim Stankiewicz Network Operations October 20, 2006 Jim Stankiewicz Network Operations October 20, 2006.
Company and Product Overview Company Overview Mission Provide core routing technologies and solutions for next generation carrier networks Founded 1996.
Networking Components Christopher Biles LTEC Assignment 3.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
LTEC 4560 Summer 2012 Justin Kappel Networking Components.
1 October 20-24, 2014 Georgian Technical University PhD Zaza Tsiramua Head of computer network management center of GTU South-Caucasus Grid.
Bandwidth in the Local and Wide Area Network Monmouth County Vocational Schools / Advanced Networking Program X.25 ATM 56k SONET T1/T3 OC 192 Gigabit Megabit.
Cisco PIX firewall Set up 3 security zones ***CS580*** John Trafecanty Jules R. Nya Baweu August 23, 2005.
Virtual Networking. Module Objectives By the end of this module participants will be able to: Understand the use of virtual LANs Create VLAN subinterfaces.
Access Control List ACL. Access Control List ACL.
Windows 7 Firewall.
U.S. Department of the Interior U.S. Geological Survey EDC Network Status Architecture and Technology Program Mike Rechtenbaugh Raytheon 3/04/2002.
NJEDge.Net DRG/VRG Meeting Jim Stankiewicz Verizon October 26, 2006 Jim Stankiewicz Verizon October 26, 2006.
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
1. 2 TODAY’S AGENDA What are medical simulators? Role of MAGPI GigaPoP The experiments –1 st year –2 nd year Security issues The future.
1 Second ATLAS-South Caucasus Software / Computing Workshop & Tutorial October 24, 2012 Georgian Technical University PhD Zaza Tsiramua Head of computer.
Access Control List (ACL)
Subnetting When an organization is given a block of class A, B, or C address, the first address in the block defines the network address. This address.
NETWORK COMPONENTS Assignment #3. Hub A hub is used in a wired network to connect Ethernet cables from a number of devices together. The hub allows each.
Access Control List ACL’s 5/26/ What Is an ACL? An ACL is a sequential collection of permit or deny statements that apply to addresses or upper-layer.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introducing Network Design Concepts Designing and Supporting Computer Networks.
Inter VLAN routing W.lilakiatsakun. What is inter VLAN routing.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.
Lecture 6 Page 1 Advanced Network Security Review of Networking Basics Advanced Network Security Peter Reiher August, 2014.
Chapter 7 Backbone Network. Announcements and Outline Announcements Outline Backbone Network Components  Switches, Routers, Gateways Backbone Network.
NUOL Internet Application Services Midterm presentation 22 nd March, 2004.
Terri Lahey Control System Cyber-Security Workshop October 14, SLAC Controls Security Overview Introduction SLAC has multiple.
Networking in the Real World Presentation for CS520 Ed Drouillard, IT Services, University of Windsor January 23, 2004.
Client/Server Model: A Business View The different Client/server implementations differ according to: 1.Where the processing for the presentation of information.
Network Components By Cameron Baker.
Scalable Bandwidth on Demand: A New Model for the Era of Entitlement? Educause Mid-Atlantic Regional Conference January 17, 2003 Gregory D. Palmer Jennifer.
NETWORK COMPONENTS BY REYNALDO ZAMORA. HUB Hubs are devices that serve as the central connection for a network. Its job is to send data from one computer.
Internet Connection Types Connect to the Internet through: –modemmodem –local-area networklocal-area network –cable modemcable modem –Digital Subscriber.
Networking Components WILLIAM NELSON LTEC HUB  Device that operated on Layer 1 of the OSI stack.  All I/O flows out all other ports besides the.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Akhyari Nasir.  Router-on-a-stick is a type of router configuration in which a single physical interface routes traffic between.
Networking Components William Isakson LTEC 4550 October 7, 2012 Module 3.
Access Control List (ACL) W.lilakiatsakun. Transport Layer Review (1) TCP (Transmission Control Protocol) – HTTP (Web) – SMTP (Mail) UDP (User Datagram.
Stanford University TCP Switching: Exposing circuits in the Internet Pablo Molinero-Fernández Nick McKeown Stanford University.
Wrapping up subnetting, mapping IPs to physical ports BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
© 2001 Caspian Networks, Inc. CONFIDENTIAL AND PROPRIETARY INFORMATION Internet Intelligence and Traffic Growth Lawrence G. Roberts Chairman & CTO Caspian.
The Internet2 Network and LHC Rick Summerhill Director Network Research, Architecture, and Technologies Internet2 Given by Rich Carlson LHC Meeting 25.
Inter VLAN routing Ferry Astika Saputra.
Lab A: Planning an Installation
VSNL Sify /24 / 24 / 24 /24 Internal Network / Default gateway is
Computer Data Security & Privacy
About PennNet Redundant Gigabit Ethernet Core
Networking and Telecommunications
Presentation transcript:

1 Internet Bandwidth Management at The University of Pennsylvania Deke Kassabian, Sr. Tech. Director University of Pennsylvania & The MAGPI GigaPoP October Internet2 Members Meeting Campus Bandwidth Management BoF

2 Large research university in Philadelphia, PA 22,000 students, 4,000 faculty, 10,000 staff 48,000 registered IP addresses 200 switched subnets Central routing between them and out to Internet and Internet2 University of Pennsylvania network

3 MAGPI Bld 1Bld 2Bld 3Res 1Res 2 Subnets Campus Core Routers Core Switches Campus Edge Routers GigaPoP

4 MAGPI GigaPoP  Operational since 1997  Two Locations  Penn Campus and a local carrier hotel  Interconnect via both SONET and GigE  External Connectivity-  Internet2 - OC-12c POS to Abilene  Commodity Internet  UUNET: OC-3  Cogent: Gigabit Ethernet  Yipes: Gigabit Ethernet (rate limited)

5 MAGPI GigaPoP  Subscribers currently include  Penn, Lehigh, Princeton, Widener  J&J Pharmaceuticals  some PA county school units  A few Penn and Princeton affiliates (don’t get Internet2 access)  Temple University and Children’s Hospital of Pennsylvania coming online late this year

6

7 Problem Statement Very high outbound bandwidth demand to the Internet and Internet2 Demand profile for residential building networks very different from academic and admin building networks

8 Some alternatives considered Get more bandwidth Manage existing bandwidth Application-port limiting or blocking Alter priority for some networks Per-user bit “budgets” Hard rate limits at wallplate jack Hard rate limits at campus edge

9 Why not a QoS Appliance? Extra equipment - cost, complexity, reliability Tough to place in highly redundant network with lots of links Rather not mess with TCP

10 What we did… Used our Juniper edge routers to limit outbound bandwidth available based on source address.

11 Implementation (1 of 3) Bandwidth limits apply to IP address ranges. Outbound direction only. Inbound unrestricted. Using “firewall” filters on Juniper routers. No limits apply on campus in either direction– users have full line rate.

12 Implementation (2 of 3) Two levels of limits apply (1) Limits for each group of users (2) An overall limit that applies to total residential traffic

13 Implementation (3 of 3) Initial implementation 4 Mb for use by 256 users (IP addresses) Next step - 2 Mb for 64 users Next step 1 Mb for 16 users Next step 800k for 8 users In August of 2002 we reached the goal of 400kbps outbound limits per IP address A 200 Mb total limit applies for all 6000 users

14 Status Per IP filtering on the Junipers works, but the configuration file is huge and complex. Each range now includes exactly 1 IP address Each gets 400 Kbps, with some burst capacity Some promising efficiencies in coming versions of JunOS Limits today apply to both Internet-bound and Internet2-bound traffic.

15 End user reaction Initial concern that the fix would be worse than the problem Users agreed to participate in testing at each step, and to report results Most admit that performance for typical activities has improved Non-residential users see major improvements Nobody complains anymore

16 Next step Redesign campus-to-gigaPoP connectivity to allow the limits to apply for commodity Internet only (leaving Internet2 alone)

17 Conclusion Penn’s bandwidth management approach works for today’s situation No extra hardware No staff time on changing rules Exploring approaches to removing Internet2 from limits

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.