Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security To Route Or Not To Route? Michael H. Behringer Dirk Schroetter.

Published byVictoria Atkins Modified over 9 years ago

Similar presentations

Presentation on theme: "1 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security To Route Or Not To Route? Michael H. Behringer Dirk Schroetter."— Presentation transcript:

1 1 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security To Route Or Not To Route? Michael H. Behringer Dirk Schroetter TERENA Networking Conference 2006 17 May 2006, Catania, Italy

2 222 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security The Internet: Historic Observations Grown from an academic experiment Today connecting everybody (almost) Global reachability Independent of underlying infrastructure The glue: Routing & Global addressing

3 333 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security Another Historic Observation: ATM ATM was going to replace IP “ATM to the desktop” Why did this not happen?  No killer application for ATM at the desktop  IP works

4 444 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security Today’s Trends Commercial ISPs: “Value added services”  Up the OSI stack Goal 1: Tie customer to SP Goal 2: Not become a commodity NRENs: “Lambda switching”  Down the OSI stack Goal 1: Not become a commodity Trend: Away from IP??? (up or down)

5 555 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security Axiom Directions for the core: Mix of technologies Backbones based on different technologies (SDH/SONET, MPLS, optical, ATM, …) Interconnection between cores: Also IP, probably “IP will dominate the endpoint for the foreseeable future”.

6 666 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security Commercial Providers IP connectivity is a commodity  Service decided by price only  Advanced SPs want to charge a premium Offer of services on top Content filtering, portals, spam control, security, etc. Also: VoIP, Video, etc. Also: VPNs  “Service selection” Up the OSI stack!

7 777 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security NRENs and Higher Layer Services IP connectivity is a commodity  Must justify NREN’s existence by “value add” Many content services not acceptable to research community  Often break the “end-to-end principle”  If so, must be “non-intrusive” Limit to “acceptable” content services: CERT coordination, PKI, “community services”  Not enough to justify a NREN

8 888 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security NRENs and Lower Layer Services Need for “guaranteed bandwidth”, and “high b/w” Perceived need for dedicated bandwidth Guaranteed bandwidth in the past: ATM Problems: - Inter-provider guarantees hard to achieve - Scaling issues for global guarantees - economical issues Today’s Keyword: Lambda Switching Same requirements as in the past Same issues as in the past, really And, IP will remain the endpoint interface!!!

9 999 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security „IP Expensive – Optical cheep“??? -- Not Always True!! True without statistical multiplexing With statistical multiplexing: Routed infrastructure significantly cheaper! Key question for optical: Scalability! Works well for small set-ups (star, ring) When scaling up, becomes expensive (full / partial mesh) Small scale optical is price effective Large scale, routing is cheaper

10 10 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security Technical Considerations Routing required to make networks scale point-to-point (optical, ATM, …) does not scale Policy control required at the provider edges  Hard with IP  Even harder with optical IP abstracts from the upper layers  Any application can run on IP IP abstracts from the lower layers  Over any network infrastructure

11 11 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security Summary Any point to point technology has scalability limitations. Optical is an example. Endpoints are IP for the foreseeable future  The network must “speak” IP at the edge Inter-provider: Require an “abstraction point” between, to scale  IP Routing is required for large scale networks

Download ppt "1 © 2005 Cisco Systems, Inc. All rights reserved. M. Behringer: Pervasive Core Security To Route Or Not To Route? Michael H. Behringer Dirk Schroetter."

Similar presentations

Www.procket.com CONFIDENTIAL © 2004 Procket Networks, Inc. All rights reserved. 4-Feb-14 The 21 st Century Intelligent Network Tony Li, Carl DeSousa.

CONFIDENTIAL © 2004 Procket Networks, Inc. All rights reserved. 4-Feb-14 The 21 st Century Intelligent Network Tony Li, Carl DeSousa.
Identifying MPLS Applications

Identifying MPLS Applications
Deployment of MPLS VPN in Large ISP Networks

Deployment of MPLS VPN in Large ISP Networks
Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.

Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.
ONE PLANET ONE NETWORK A MILLION POSSIBILITIES Barry Joseph Director, Offer and Product Management.

ONE PLANET ONE NETWORK A MILLION POSSIBILITIES Barry Joseph Director, Offer and Product Management.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.
COS 461 Fall 1997 Networks and Protocols u networks and protocols –definitions –motivation –history u protocol hierarchy –reasons for layering –quick tour.

COS 461 Fall 1997 Networks and Protocols u networks and protocols –definitions –motivation –history u protocol hierarchy –reasons for layering –quick tour.
The Future Internet: A clean-slate design? Nicholas Erho.

The Future Internet: A clean-slate design? Nicholas Erho.
Dense Wavelength Division Multiplexing Food For The Internet.

Dense Wavelength Division Multiplexing Food For The Internet.
Pseudowire Edge to Edge Emulation FROM THE SERVICE PROVIDER POINT OF VIEW

Pseudowire Edge to Edge Emulation FROM THE SERVICE PROVIDER POINT OF VIEW
VoipNow Core Solution capabilities and business value.

VoipNow Core Solution capabilities and business value.
The need for BGP AfNOG Workshops Philip Smith. “Keeping Local Traffic Local”

The need for BGP AfNOG Workshops Philip Smith. “Keeping Local Traffic Local”
Introducing MPLS Labels and Label Stacks

Introducing MPLS Labels and Label Stacks
Chapter 10 Wide Area Networks. Contents The need for Wide area networks (WANs) Point-to-point approaches Statistical multiplexing, TDM, FDM approaches.

Chapter 10 Wide Area Networks. Contents The need for Wide area networks (WANs) Point-to-point approaches Statistical multiplexing, TDM, FDM approaches.
ENTERPRISE NETWORK IMPLEMENTATION

ENTERPRISE NETWORK IMPLEMENTATION
RIT Campus Data Network. General Network Statistics Over 23,000 wired outlets Over 14,500 active switched ethernet ports > 250 network closets > 1,000.

RIT Campus Data Network. General Network Statistics Over 23,000 wired outlets Over 14,500 active switched ethernet ports > 250 network closets > 1,000.
1 © 2006 Cisco Systems, Inc. All rights reserved. MS Network Symposium6 Thoughts on the MS Network Research Workshop Fred Baker.

1 © 2006 Cisco Systems, Inc. All rights reserved. MS Network Symposium6 Thoughts on the MS Network Research Workshop Fred Baker.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Considering the Advantages of Using BGP.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Considering the Advantages of Using BGP.
Point-to-Point Network Switching Computer Networks Computer Networks Spring 2012 Spring 2012.

Point-to-Point Network Switching Computer Networks Computer Networks Spring 2012 Spring 2012.

Similar presentations

Ads by Google