Networks ∙ Services ∙ People Xavier Jeannin (RENATER) - presenter, Tomasz Szewczyk (PSNC), DI4R, Krakow, Poland MD-VPN and E-Infrastructure.

Slides:



Advertisements
Similar presentations
ONE PLANET ONE NETWORK A MILLION POSSIBILITIES Barry Joseph Director, Offer and Product Management.
Advertisements

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.
BoD and MD-VPN service status in GÉANT SA3 – Network Service Delivery LHCOPN and LHCONE joint meeting – Pasadena (US) 3-4 December 2013 Brian Bach Mortensen/NORDUnet,
Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. New Virtual Application.
Trial of the Infinera PXM Guy Roberts, Mian Usman.
SERVER LOAD BALANCING Presented By : Priya Palanivelu.
VPN Extension Requirements for Private Clouds draft-so-vepc-00.txt.
MPLS And The Data Center Adrian Farrel Old Dog Consulting / Juniper Networks
1 October 20-24, 2014 Georgian Technical University PhD Zaza Tsiramua Head of computer network management center of GTU South-Caucasus Grid.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
Connect. Communicate. Collaborate VPNs in GÉANT2 Otto Kreiter, DANTE UKERNA Networkshop 34 4th - 6th April 2006.
LHC Open Network Environment LHCONE David Foster CERN IT LCG OB 30th September
Erik Radius Manager Network Services SURFnet, The Netherlands Joint Techs Workshop Columbus, OH - July 20, 2004 GigaPort Next Generation Network & SURFnet6.
IP Networks as a Service Sergi Figuerola Project Coordinator 8 th e-Infrastructure Concertation meeting.
Introduction & Vision. Introduction MANTICORE provides a software implementation and tools for providing and managing routers and IP networks as services.
Connect communicate collaborate LHCONE moving forward Roberto Sabatino, Mian Usman DANTE LHCONE technical workshop SARA, 1-2 December 2011.
1 | © 2015 Infinera Open SDN in Metro P-OTS Networks Sten Nordell CTO Metro Business Group
SOFTWARE DEFINED NETWORKING/OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS April 23, 2012 © Brocade Communications Systems, Inc.
BEIJING-LCG Network Yan Xiaofei
Networks ∙ Services ∙ People Mian Usman TNC15, Porto GÉANT IP Layer 17 th June 2015 IP Network Architect, GÉANT.
Connecting the Healthcare Ecosystem Evolving the Infrastructure 2013 Comcast and Juniper Networks:
Multi-Domain Virtual Private Network service
FlexPod Converged Solution. FlexPod is… A prevalidated flexible, unified platform featuring: Cisco Unified Computing System™ Programmable infrastructure.
Networks ∙ Services ∙ People Sonja Filiposka, Yuri Demchenko, Tasos Karaliotas, Migiel de Vos, Damir Regvart TNC 2016 DISTRIBUTED CLOUD SERVICES.
Craig Farrell CTO Telecom IBM. Why to operators want SDN and NFV? Definitions SDN: Separate control/management & data plane of switches Centralization.
SCALABILITY AND SECURITY Presentation. 01 Scalability.
Cisco Discovery 3 Chapter 1 Networking in the Enterprise JEOPARDY.
CAMPUS LAN DESIGN GUIDE Design Considerations for the High-Performance Campus LAN.
Networks ∙ Services ∙ People Afrodite Sevasti, Activity Leader for Integration with other eInfrastructures in GÉANT (GRNET) Michael Enrico,
©2015 EarthLink. All rights reserved. EarthLink overview.
Networks ∙ Services ∙ People Di4R Network. Services. People. GÉANT 28 th September, Krakow.
Clouding with Microsoft Azure
MPLS Virtual Private Networks (VPNs)
“Your application performance is only as good as your network” (4)
An evolutionary approach to G-MPLS ensuring a smooth migration of legacy networks Ben Martens Alcatel USA.
Accessing the VI-SEEM infrastructure
IoT Security Part 2, The Malware
Virtual Data Center LAN
Chapter 1: Exploring the Network
STEPS TO A CLOUD READY DATA CENTER
VPN Extension Requirements for Private Clouds
PrioСom Company Introduction
Barracuda Web Security Flex
BEST CLOUD COMPUTING PLATFORM Skype : mukesh.k.bansal.
Grid Optical Burst Switched Networks
Multi Point VPN Service
GENUS Virtualisation Service for GÉANT and European NRENs
G R N E T-2 Update Tryfon Chiotis, Technical Director
SURFnet6: the Dutch hybrid network initiative
Peer-to-peer networking
Enterprise vCPE use case requirement
GÉANT International Networking and Collaboration
DCI using TRILL Kingston Smiler, Mohammed Umair, Shaji Ravindranathan,
TRILL MPLS-Based Ethernet VPN
National Knowledge Network Overview
Chapter 1: WAN Concepts Connecting Networks
IS3120 Network Communications Infrastructure
Your Business Opportunity
CORPORATE PROFILE JUNE 2016
WAN. Re-invented..
The Business Value of MPLS VPNs
EVPN a very short introduction
Cloud Consulting Services and Solutions
Perfect Telecom Services Managed Services &
Experiences with Implementing MPLS/VPN Services
Intro to Data & Internet
AT&T Firewall Battlecard
Network Technology Evolution
Chapter 8 – Data switching and routing
Presentation transcript:

Networks ∙ Services ∙ People Xavier Jeannin (RENATER) - presenter, Tomasz Szewczyk (PSNC), DI4R, Krakow, Poland MD-VPN and E-Infrastructure 30 Sept 2016

Networks ∙ Services ∙ People At Foundation level but still vital Network service is key success factor for your infrastructure Performance Safety / Redundancy / Reliability Distribution and Location of your data 2 What about network in building E-infrastructure?

Networks ∙ Services ∙ People Provider L2 and L3 Virtual Private Network: Point-to-Point Point-to-Point VPN allows to connect 2 sites located in different domains as they were in the same physical location Layer2 Redundant P2P L2VPN: End Users see other site as they were connected by wire (pseudo-wire)

Networks ∙ Services ∙ People Provider L2 and L3 Virtual Private Network: Multi-point Multi-point VPN allows to connect several sites located in different domains as they were in the same physical location Layer3 Layer2 Redundant L3VPN: End Users see other sites as they were connected to a virtual router L2VPN: End Users see other sites as they were connected to a virtual switch

Networks ∙ Services ∙ People A joint service provided by the GÉANT network and NRENs A seamless transport infrastructure that provides a connectivity service: Layer3 or Layer2 VPNs point-to-point or multipoint Multi-domain networking What is MD-VPN? The service provides a seamless, scalable transport infrastructure L3VPN P2P L2VPN IPv4IPv6 MP L2VPN

Networks ∙ Services ∙ People Configure only at the edge An end-to-end extensible and flexible service VPN Provisioning as easy as in a single-domain Lead-time reduced MD-VPN service highly scalable, seamless transport infrastructure VPN multiplexed Configure only at the edge

Networks ∙ Services ∙ People How to interconnect a NREN that does not provide MD-VPN? All types of site can be connected

Networks ∙ Services ∙ People Last mile problematic All types of site can be connected

Networks ∙ Services ∙ People MD-VPN provides the same level of security as VPN MPLS service, There was no security concern related to users or even to MD-VPN users But it is impossible to protect the access to VPNs if the core is compromised In case of MD-VPN, the core is multi-domain The only threats that can occur are a NREN attacking another NREN a NREN router compromised by a pirate Security level provided

Networks ∙ Services ∙ People Where can you use MD-VPN? MD-VPN service in the GÉANT portfolio – 18 NRENs connected (+ 1 NREN using MD-VPN Proxy + 1 NREN still working on) – Roughly 400 PoPs available that European scientist can already use MD-VPN

Networks ∙ Services ∙ People A redundant service Portal available at: atus_dashboard.jsp atus_dashboard.jsp Redundancy is crucial A redundant monitored service

Networks ∙ Services ∙ People Reliability demonstrated since August 2014 Statistics available at m.jsp m.jsp Reliability is crucial Redundancy

Networks ∙ Services ∙ People All scientific projects based on international collaboration LHCONE is an example of successful L3VPN multi-domain service ITER, CONFINE, Distributed digital infrastructure Grid – HPC center PRACE – Deployment ongoing Data Center Interconnection Scientific infrastructure: Telescope, sensor network Cloud Service Provider (Express route)* MD-VPN use cases A wide scope for MD-VPN use (*) Presentation from A. Sevasti in 1B

Networks ∙ Services ∙ People MD-VPN use cases A wide scope for MD-VPN use Quick P2P connection Conference demonstration P2P data transport between two sites Education Remote lecture E-learning Etc …

Networks ∙ Services ∙ People Users and their concern Who are the users? – End-users – They do not care about technology only the service count – E-infrastructures – They are the real interlocutors of NREN User concern – Can you connect all my sites thanks to MD-VPN? – Yes – Is the service reliable and redundant? – Yes – Can you tell me what will be the cost? – Yes, but it is far short of an automatic process

Networks ∙ Services ∙ People An innovative design with added value for end-users Safe infrastructure – Security opex saved on site – Reduce firewall usage Multi-domain seamless infrastructure – Highly scalable – Redundant and reliable – Short lead time – All types of site can be connected Reduce OPEX and CAPEX for use – Cost saving – VPN cheaper – Cost saving – No tender for each research project Cover a wide scope of use cases

Networks ∙ Services ∙ People A scientist project FIWARE A scientist project FIWARE FIWARE is a project of the European Public-Private-Partnership on Future Internet (FI-PPP) programmeFI-PPP 16 sites connected in 12 countries Using all types of connection: Direct connection Via VPN-Proxy Private companies not connected to any NREN First user testimony: XiFi/FIWARE project A large project using MD-VPN as network infrastructure provider

Networks ∙ Services ∙ People First user testimony: XiFi/FIWARE project Benefits Usage  “In general I think that compared to the alternative (that we used in some cases, such as traditional VPNs), it was by far the best solution to federat the “private” traffic among the nodes.” Reliability  “The service was very reliable (much more than the traditional Point- to-Point VPN used by some of the data centres, that caused some interruptions) and simpler to configure, but I am afraid it was not exploited as it could. ” Federico Michele Facca Technical Manager of XiFi project

Networks ∙ Services ∙ People Second user testimony Demonstration for a conference CARNetova korisnička konferencija - CUC 2014 Video project demonstration at CUC #mod_news P2P data transport between to sites (P2P L2VPN) Very short lead time (2 days)

Networks ∙ Services ∙ People Prospective Data Center Interconnect (DCI) – Ethernet VPN is a new L2 Multi Point VPN with dedicated features for DCI – Active- active multi-homing – Load balancing per flow – VM mobility – Scalability – Support different data-plane – Cloud of Data Centers – For a dedicated community (HEP, HPC, Biologist, …) or generalist cloud Automation – Scripting for VPN provisioning – VPN automation delivery

Networks ∙ Services ∙ People Prospective A distributed Internet eXchange Point for Data Center One EVPN instance connecting all DCs Route Server Science project A Peering between DC with route server Science project A Traffic between 2 DCs for scientific project A DC Router PE providing one EVI Stockholm Warsaw Geneva DC of institute X DC of institute Y DC of institute Z

Networks ∙ Services ∙ People MD-VPN: a network service for E-infrastructure A highly scalable and reliable seamless transport infrastructure – Provided by NRENs, GEANT and NORDUnet – No need to invite to tender A bundle of services ( IPv4, IPv6, P2P L2VPN, VPLS, L3VPN ) – Short lead time – All types of site can be connected – Large number of use cases – Prospective: Data Center Interconnect Ethernet VPN Broad European deployment – 18 connected NRENs

Networks ∙ Services ∙ People Thank you Networks ∙ Services ∙ People 23 Xavier.jeannin “at” renater “dot” fr Any Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.