Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Strawman for Merging LHCOPN and LHCONE infrastructure LHCOPN + LHCONE Meeting Washington, DC, Jan. 31, 2013 W. E. Johnston and Chin Guok.

Published byFay Campbell Modified over 9 years ago

Similar presentations

Presentation on theme: "A Strawman for Merging LHCOPN and LHCONE infrastructure LHCOPN + LHCONE Meeting Washington, DC, Jan. 31, 2013 W. E. Johnston and Chin Guok."— Presentation transcript:

1 A Strawman for Merging LHCOPN and LHCONE infrastructure LHCOPN + LHCONE Meeting Washington, DC, Jan. 31, 2013 W. E. Johnston and Chin Guok

2 2 Network architecture and security models - today site border rtr ESnet site rtr security controls LHCOPN LHCONE ESnet core rtr T0-T1 LHCOPN circuits ESnet LHCONE VRF trusted LHCONE traffic general internet traffic untrusted LHCONE traffic Internet source-based policy routing for each address space with the default egress path being the general Internet for traffic that does not match the ACLs; VRF; etc Internet Internal site network physical circuits This model illustrates a Tier 1 site that is also being accessed directly by T2 sites The basic security model is to have some form of access control in each environment that vets incoming traffic and deals with non-compliant traffic in a reasonable way (e.g. sending it through site security controls before passing it to the LHCONE environment) ingest deep archive cache compute cluster LHCONE internal network OPN internal network trusted LHCOPN traffic LHCOPN circuit

3 3 Network architecture and security models – future-I In essence, the idea for combining LHCOPN and LHCONE is to unify the physical circuit infrastructure and share it between the T0-T1 and T2 access using – a combination of VRFs providing best effort IP service to the T2s and – using virtual circuits to provide for T0-T1 traffic ESnet site rtr security controls ESnet core rtr ESnet LHCONE VRF general internet traffic untrusted LHCONE traffic Internet source-based policy routing for each address space with the default egress path being the general Internet for traffic that does not match the ACLs; VRF; etc Internet Internal site network multiple physical circuits treated as a single logical circuit LHCONE circuits LHCONE + LHCOPN site border rtr trusted LHCONE traffic ingest deep archive cache compute cluster LHCONE internal network OPN internal network trusted LHCOPN traffic LHCOPN is a virtual circuit that share the physical circuit with LHCONE traffic

4 4 Issues for combining LHCOPN and LHCONE In future-I model the division of resources and the security model remain unchanged The infrastructure questions are: 1.Can the Experiments tolerate the T0-T1 traffic sharing bandwidth with the T2 traffic without any guarantees? If we look at the traffic to the US Tier 1s it looks like the T2 generated traffic is more or less steady state at a reasonable level, but occasionally there are periods of several days when the traffic peaks at levels that might interfere with unprotected T0-T1 traffic

5 5 Issues for combining LHCOPN and LHCONE 2.If the LHCOPN path for any given site involves multiple 10G circuits, how is the offered load distributed across the multiple paths? Explicit circuit sharing by a higher-level application such as Lambda Station or TeraPaths –This would presumably work just as well using virtual circuits as physical circuits, with the sharing systems being provided with the bandwidth of each virtual circuit Router-based load balancing such as ECMP (equal cost, multi-path) load sharing –Would this work when the port is associated with a tagged VLAN (e.g. of a virtual circuit) rather than a physical interface? 3.If guarantees are required – that is, the virtual circuits need to provide guaranteed bandwidth – how well will the bandwidth guarantee mechanisms of the various VC implementations map onto converged circuits (e.g. LAG-ed Ethernet circuits)?

6 6 Technical Considerations Bandwidth Virtualization – Are there underlying constrains in bundling (lagging) distinct resources to create a virtual link? Link Aggregation: –Can an aggregated link be virtualized at all levels (i.e. management/control/data plane) »e.g. how does a 15Gbps LSP over a 2x10G aggregated Ethernet behave? –Are flows still limited to individual physical links (e.g. 10G)? Multi-Lane –What is the skew tolerance allowed across a multi-lane data path (e.g. VCAT)? Bandwidth Elasticity – Are there mechanisms to dynamically reclaim unused bandwidth and reallocate to congested circuits? How dynamic (e.g. time scale) is this function supported by the underlying transport technology (e.g. LCAS)? Flow Isolation – Is there a mechanism in the underlying transport technology to provide logical isolation (e.g. QoS (different queues), SONET/SDH TDM)?

Download ppt "A Strawman for Merging LHCOPN and LHCONE infrastructure LHCOPN + LHCONE Meeting Washington, DC, Jan. 31, 2013 W. E. Johnston and Chin Guok."

Similar presentations

Virtual Links: VLANs and Tunneling

Virtual Links: VLANs and Tunneling
Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:

Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:
Internetworking II: MPLS, Security, and Traffic Engineering

Internetworking II: MPLS, Security, and Traffic Engineering
T1-NREN Luca dell’Agnello CCR, 21-Ottobre-2005. The problem Computing for LHC experiments –Multi tier model (MONARC) –LHC computing based on grid –Experiment.

T1-NREN Luca dell’Agnello CCR, 21-Ottobre The problem Computing for LHC experiments –Multi tier model (MONARC) –LHC computing based on grid –Experiment.
Giảng viên : Ts. Lê Anh Ngọc Học viên: Trịnh Hồng Điệp Nguyễn Minh H ư ớng 1.

Giảng viên : Ts. Lê Anh Ngọc Học viên: Trịnh Hồng Điệp Nguyễn Minh H ư ớng 1.
FNAL Site Perspective on LHCOPN & LHCONE Future Directions Phil DeMar (FNAL) February 10, 2014.

FNAL Site Perspective on LHCOPN & LHCONE Future Directions Phil DeMar (FNAL) February 10, 2014.
Corrigent Confidential Copyright © 2007 Corrigent Systems 100G Packet Ring Architectures Gady Rosenfeld VP October 2007.

Corrigent Confidential Copyright © 2007 Corrigent Systems 100G Packet Ring Architectures Gady Rosenfeld VP October 2007.
A Flexible Model for Resource Management in Virtual Private Networks Presenter: Huang, Rigao Kang, Yuefang.

A Flexible Model for Resource Management in Virtual Private Networks Presenter: Huang, Rigao Kang, Yuefang.
Ethernet and switches selected topics 1. Agenda Scaling ethernet infrastructure VLANs 2.

Ethernet and switches selected topics 1. Agenda Scaling ethernet infrastructure VLANs 2.
5: DataLink Layer5-1 Asynchronous Transfer Mode: ATM r 1990’s/00 standard for high-speed (155Mbps to 622 Mbps and higher) Broadband Integrated Service.

5: DataLink Layer5-1 Asynchronous Transfer Mode: ATM r 1990’s/00 standard for high-speed (155Mbps to 622 Mbps and higher) Broadband Integrated Service.
Trial of the Infinera PXM Guy Roberts, Mian Usman.

Trial of the Infinera PXM Guy Roberts, Mian Usman.
5: DataLink Layer5-1 Cerf & Kahn’s Internetwork Architecture What is virtualized? r two layers of addressing: internetwork and local network r new layer.

5: DataLink Layer5-1 Cerf & Kahn’s Internetwork Architecture What is virtualized? r two layers of addressing: internetwork and local network r new layer.
4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side, delivers.

4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side, delivers.
Metropolitan Ethernet Networks Estella Kang Matt Powers SC441 Computer Networks – Independent Study Boston University.

Metropolitan Ethernet Networks Estella Kang Matt Powers SC441 Computer Networks – Independent Study Boston University.
Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 14.

Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 14.
10 - Network Layer. Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving.

10 - Network Layer. Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving.
Larger Site Networks Part2. 2 Ethernet Virtual LANs Hubs versus Switches –Hubs broadcast bits out all ports –Switches usually send a frame out a one port.

Larger Site Networks Part2. 2 Ethernet Virtual LANs Hubs versus Switches –Hubs broadcast bits out all ports –Switches usually send a frame out a one port.
A Flexible Model for Resource Management in Virtual Private Networks Sanket Naik CS590F Fall 2000.

A Flexible Model for Resource Management in Virtual Private Networks Sanket Naik CS590F Fall 2000.
Mr. Mark Welton.  Three-tiered Architecture  Collapsed core – no distribution  Collapsed core – no distribution or access.

Mr. Mark Welton.  Three-tiered Architecture  Collapsed core – no distribution  Collapsed core – no distribution or access.
Questionaire answers D. Petravick P. Demar FNAL. 7/14/05 DLP -- GDB2 FNAL/T1 issues In interpreting the T0/T1 document how do the T1s foresee to connect.

Questionaire answers D. Petravick P. Demar FNAL. 7/14/05 DLP -- GDB2 FNAL/T1 issues In interpreting the T0/T1 document how do the T1s foresee to connect.

Similar presentations

Ads by Google