Presentation is loading. Please wait.

Presentation is loading. Please wait.

Networks ∙ Services ∙ People Xavier Jeannin (RENATER) - presenter, Tomasz Szewczyk (PSNC), DI4R, Krakow, Poland MD-VPN and E-Infrastructure.

Published byScarlett Heath Modified over 8 years ago

Similar presentations

Presentation on theme: "Networks ∙ Services ∙ People Xavier Jeannin (RENATER) - presenter, Tomasz Szewczyk (PSNC), DI4R, Krakow, Poland MD-VPN and E-Infrastructure."— Presentation transcript:

1 Networks ∙ Services ∙ People www.geant.org Xavier Jeannin (RENATER) - presenter, Tomasz Szewczyk (PSNC), DI4R, Krakow, Poland MD-VPN and E-Infrastructure 30 Sept 2016

2 Networks ∙ Services ∙ People www.geant.org At Foundation level but still vital Network service is key success factor for your infrastructure Performance Safety / Redundancy / Reliability Distribution and Location of your data 2 What about network in building E-infrastructure?

3 Networks ∙ Services ∙ People www.geant.org Provider L2 and L3 Virtual Private Network: Point-to-Point Point-to-Point VPN allows to connect 2 sites located in different domains as they were in the same physical location Layer2 Redundant P2P L2VPN: End Users see other site as they were connected by wire (pseudo-wire)

4 Networks ∙ Services ∙ People www.geant.org Provider L2 and L3 Virtual Private Network: Multi-point Multi-point VPN allows to connect several sites located in different domains as they were in the same physical location Layer3 Layer2 Redundant L3VPN: End Users see other sites as they were connected to a virtual router L2VPN: End Users see other sites as they were connected to a virtual switch

5 Networks ∙ Services ∙ People www.geant.org A joint service provided by the GÉANT network and NRENs A seamless transport infrastructure that provides a connectivity service: Layer3 or Layer2 VPNs point-to-point or multipoint Multi-domain networking What is MD-VPN? The service provides a seamless, scalable transport infrastructure L3VPN P2P L2VPN IPv4IPv6 MP L2VPN

6 Networks ∙ Services ∙ People www.geant.org Configure only at the edge An end-to-end extensible and flexible service VPN Provisioning as easy as in a single-domain Lead-time reduced MD-VPN service highly scalable, seamless transport infrastructure VPN multiplexed Configure only at the edge

7 Networks ∙ Services ∙ People www.geant.org How to interconnect a NREN that does not provide MD-VPN? All types of site can be connected

8 Networks ∙ Services ∙ People www.geant.org Last mile problematic All types of site can be connected

9 Networks ∙ Services ∙ People www.geant.org MD-VPN provides the same level of security as VPN MPLS service, There was no security concern related to users or even to MD-VPN users But it is impossible to protect the access to VPNs if the core is compromised In case of MD-VPN, the core is multi-domain The only threats that can occur are a NREN attacking another NREN a NREN router compromised by a pirate Security level provided

10 Networks ∙ Services ∙ People www.geant.org Where can you use MD-VPN? MD-VPN service in the GÉANT portfolio – 18 NRENs connected (+ 1 NREN using MD-VPN Proxy + 1 NREN still working on) – Roughly 400 PoPs available that European scientist can already use MD-VPN

11 Networks ∙ Services ∙ People www.geant.org A redundant service Portal available at: https://tools.geant.net/portal/links/mdvpn/ms_st atus_dashboard.jsp https://tools.geant.net/portal/links/mdvpn/ms_st atus_dashboard.jsp Redundancy is crucial A redundant monitored service

12 Networks ∙ Services ∙ People www.geant.org Reliability demonstrated since August 2014 Statistics available at https://tools.geant.net/portal/links/mdvpn/ms_avail_sum m.jsp https://tools.geant.net/portal/links/mdvpn/ms_avail_sum m.jsp Reliability is crucial Redundancy

13 Networks ∙ Services ∙ People www.geant.org All scientific projects based on international collaboration LHCONE is an example of successful L3VPN multi-domain service ITER, CONFINE, Distributed digital infrastructure Grid – HPC center PRACE – Deployment ongoing Data Center Interconnection Scientific infrastructure: Telescope, sensor network Cloud Service Provider (Express route)* MD-VPN use cases A wide scope for MD-VPN use (*) Presentation from A. Sevasti in 1B

14 Networks ∙ Services ∙ People www.geant.org MD-VPN use cases A wide scope for MD-VPN use Quick P2P connection Conference demonstration P2P data transport between two sites Education Remote lecture E-learning Etc …

15 Networks ∙ Services ∙ People www.geant.org Users and their concern Who are the users? – End-users – They do not care about technology only the service count – E-infrastructures – They are the real interlocutors of NREN User concern – Can you connect all my sites thanks to MD-VPN? – Yes – Is the service reliable and redundant? – Yes – Can you tell me what will be the cost? – Yes, but it is far short of an automatic process

16 Networks ∙ Services ∙ People www.geant.org An innovative design with added value for end-users Safe infrastructure – Security opex saved on site – Reduce firewall usage Multi-domain seamless infrastructure – Highly scalable – Redundant and reliable – Short lead time – All types of site can be connected Reduce OPEX and CAPEX for use – Cost saving – VPN cheaper – Cost saving – No tender for each research project Cover a wide scope of use cases

17 Networks ∙ Services ∙ People www.geant.org A scientist project FIWARE A scientist project FIWARE FIWARE is a project of the European Public-Private-Partnership on Future Internet (FI-PPP) programmeFI-PPP http://infographic.lab.fi-ware.org/status 16 sites connected in 12 countries https://www.fi-xifi.eu/federation.html Using all types of connection: Direct connection Via VPN-Proxy Private companies not connected to any NREN First user testimony: XiFi/FIWARE project A large project using MD-VPN as network infrastructure provider

18 Networks ∙ Services ∙ People www.geant.org First user testimony: XiFi/FIWARE project Benefits Usage  “In general I think that compared to the alternative (that we used in some cases, such as traditional VPNs), it was by far the best solution to federat the “private” traffic among the nodes.” Reliability  “The service was very reliable (much more than the traditional Point- to-Point VPN used by some of the data centres, that caused some interruptions) and simpler to configure, but I am afraid it was not exploited as it could. ” Federico Michele Facca Technical Manager of XiFi project

19 Networks ∙ Services ∙ People www.geant.org Second user testimony Demonstration for a conference CARNetova korisnička konferencija - CUC 2014 Video project demonstration at CUC 2014 http://cuc.carnet.hr/2014?news_hk=5605&news_id=285&mshow= 1105#mod_news P2P data transport between to sites (P2P L2VPN) Very short lead time (2 days)

20 Networks ∙ Services ∙ People www.geant.org Prospective Data Center Interconnect (DCI) – Ethernet VPN is a new L2 Multi Point VPN with dedicated features for DCI – Active- active multi-homing – Load balancing per flow – VM mobility – Scalability – Support different data-plane – Cloud of Data Centers – For a dedicated community (HEP, HPC, Biologist, …) or generalist cloud Automation – Scripting for VPN provisioning – VPN automation delivery

21 Networks ∙ Services ∙ People www.geant.org Prospective A distributed Internet eXchange Point for Data Center One EVPN instance connecting all DCs Route Server Science project A Peering between DC with route server Science project A Traffic between 2 DCs for scientific project A DC Router PE providing one EVI Stockholm Warsaw Geneva DC of institute X DC of institute Y DC of institute Z

22 Networks ∙ Services ∙ People www.geant.org MD-VPN: a network service for E-infrastructure A highly scalable and reliable seamless transport infrastructure – Provided by NRENs, GEANT and NORDUnet – No need to invite to tender A bundle of services ( IPv4, IPv6, P2P L2VPN, VPLS, L3VPN ) – Short lead time – All types of site can be connected – Large number of use cases – Prospective: Data Center Interconnect Ethernet VPN Broad European deployment – 18 connected NRENs

23 Networks ∙ Services ∙ People www.geant.org Thank you Networks ∙ Services ∙ People www.geant.org 23 Xavier.jeannin “at” renater “dot” fr Any Questions?

Download ppt "Networks ∙ Services ∙ People Xavier Jeannin (RENATER) - presenter, Tomasz Szewczyk (PSNC), DI4R, Krakow, Poland MD-VPN and E-Infrastructure."

Similar presentations

ONE PLANET ONE NETWORK A MILLION POSSIBILITIES Barry Joseph Director, Offer and Product Management.

ONE PLANET ONE NETWORK A MILLION POSSIBILITIES Barry Joseph Director, Offer and Product Management.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.
BoD and MD-VPN service status in GÉANT SA3 – Network Service Delivery LHCOPN and LHCONE joint meeting – Pasadena (US) 3-4 December 2013 Brian Bach Mortensen/NORDUnet,

BoD and MD-VPN service status in GÉANT SA3 – Network Service Delivery LHCOPN and LHCONE joint meeting – Pasadena (US) 3-4 December 2013 Brian Bach Mortensen/NORDUnet,
Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.

Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. New Virtual Application.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. New Virtual Application.
Trial of the Infinera PXM Guy Roberts, Mian Usman.

Trial of the Infinera PXM Guy Roberts, Mian Usman.
SERVER LOAD BALANCING Presented By : Priya Palanivelu.

SERVER LOAD BALANCING Presented By : Priya Palanivelu.
VPN Extension Requirements for Private Clouds draft-so-vepc-00.txt.

VPN Extension Requirements for Private Clouds draft-so-vepc-00.txt.
MPLS And The Data Center Adrian Farrel Old Dog Consulting / Juniper Networks

MPLS And The Data Center Adrian Farrel Old Dog Consulting / Juniper Networks
1 October 20-24, 2014 Georgian Technical University PhD Zaza Tsiramua Head of computer network management center of GTU South-Caucasus Grid.

1 October 20-24, 2014 Georgian Technical University PhD Zaza Tsiramua Head of computer network management center of GTU South-Caucasus Grid.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.

©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
Connect. Communicate. Collaborate VPNs in GÉANT2 Otto Kreiter, DANTE UKERNA Networkshop 34 4th - 6th April 2006.

Connect. Communicate. Collaborate VPNs in GÉANT2 Otto Kreiter, DANTE UKERNA Networkshop 34 4th - 6th April 2006.
LHC Open Network Environment LHCONE David Foster CERN IT LCG OB 30th September 2011 1.

LHC Open Network Environment LHCONE David Foster CERN IT LCG OB 30th September
Erik Radius Manager Network Services SURFnet, The Netherlands Joint Techs Workshop Columbus, OH - July 20, 2004 GigaPort Next Generation Network & SURFnet6.

Erik Radius Manager Network Services SURFnet, The Netherlands Joint Techs Workshop Columbus, OH - July 20, 2004 GigaPort Next Generation Network & SURFnet6.
IP Networks as a Service Sergi Figuerola Project Coordinator 8 th e-Infrastructure Concertation meeting.

IP Networks as a Service Sergi Figuerola Project Coordinator 8 th e-Infrastructure Concertation meeting.
Introduction & Vision. Introduction MANTICORE provides a software implementation and tools for providing and managing routers and IP networks as services.

Introduction & Vision. Introduction MANTICORE provides a software implementation and tools for providing and managing routers and IP networks as services.
Connect communicate collaborate LHCONE moving forward Roberto Sabatino, Mian Usman DANTE LHCONE technical workshop SARA, 1-2 December 2011.

Connect communicate collaborate LHCONE moving forward Roberto Sabatino, Mian Usman DANTE LHCONE technical workshop SARA, 1-2 December 2011.
1 | © 2015 Infinera Open SDN in Metro P-OTS Networks Sten Nordell CTO Metro Business Group 2015-10-15.

1 | © 2015 Infinera Open SDN in Metro P-OTS Networks Sten Nordell CTO Metro Business Group
SOFTWARE DEFINED NETWORKING/OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS April 23, 2012 © 2011-2012 Brocade Communications Systems, Inc.

SOFTWARE DEFINED NETWORKING/OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS April 23, 2012 © Brocade Communications Systems, Inc.
BEIJING-LCG Network Yan Xiaofei

BEIJING-LCG Network Yan Xiaofei

Similar presentations

Ads by Google