Presented By: Michael Pincott and Matt Vidal

July 29, 2003

2

Outline

• Introduction

• Internet2 Backbone (Abilene)

• Internet2 Goals

• Internet2 Applications

• Internet2 Projects– Shibboleth

– QBone

• Related Hyperlinks

• Questions

3

Introduction

• Internet2 development started in 1996– Backed by nearly 200 large universities

– Consortium partners include Qwest, Cisco, Nortel, Juniper, IU

• First stage involved the implementation of two backbones– vBNS (very high speed Backbone Network Service, OC-12)

– Abilene (OC-48)

• The current Abilene upgrade in progress is bringing backbone capacity of OC-192c (10 Gbps) to Internet2

• WPI has its own connection to the Internet2 backbone– Goddard GigaPoP (OC-3, scalable to OC-192)

4

Internet2 Backbone (Abilene)

• Abilene provides connectivity between regional GigaPoPs and Internet2 Cloud

• GigaPoPs provide regional aggregation and educational access points

• Abilene offers an interface between other high performance national and international research and educational networks

• Connectivity target is 100 Mbps between Abilene connected desktops

5

Internet2 Backbone (Abilene) (2)

• Network Architecture– Abilene core capacity is OC-192 (10 Gbps)

– 13,000 miles of fiber optic cable in the backbone network

– Operates nearly 180,000 times faster than 56 kbps modem

– Approximately 1,600 Terabytes of data per month are passed over the network

– 11 core nodes with router and supporting equipment

– Each router node supports IPv6 and multicast

– Network Operations Center (NOC) is located on the campus of Indiana University at Indianapolis

6

Internet2 Backbone (Upgrade)

Abilene Core Network Upgrade to OC-192 (Current Level)

7

Internet2 Backbone (IPv6)

IPv6 Deployment in Abilene Backbone Network

8

Internet2 Goals

• In general, the three main goals of the Internet2 next generation network are:

1. To provide an advanced backbone to support the demands of the advanced research applications being developed by Internet2 members

2. To provide a separate network to enable the testing of advanced network capabilities prior to their introduction into the application development network• Quality of Service (QoS) standards, Multicasting, IPv6, Advanced

Security and Authentication Protocols

3. To provide a separate network capability to conduct network research in order to advance both the Abilene network and the general state of the art

9

Internet2 Goals (2)

• Internet2 is a proving ground for next generation technology (including native IPv6)

• Ideal for tomorrow’s intensive applications requiring: high bandwidth, low latency, true multicast– Telemedicine– Legitimate Long Distance Learning– Virtual Laboratories– International Research Collaboration

• Interaction with Federal Next Generation Internet (NGI) Initiative

• Operating system and application tuning will be required– FTP slower across Internet2, tuned for highly congested network

10

Internet2 Applications

• Focus on higher education– Best applications should be available everywhere:

• Classroom, Library, Laboratory, Dorm

• Killer Application? <> Four Killer Attributes!1. Interactive Collaboration Environment (Distance Indifference)2. Common Access to Remote Resources (Labs, Telescopes, Etc.)3. Backplane Network (Shared Computation and Data Services)4. Virtual Reality Environments (Real-Time, 3-D Animation)

• True “Killer App” is digital video– Better-than-TV quality video conferencing– On-demand content– Remote control of equipment or instruments

11

Internet2 Projects - Shibboleth

• What is the Shibboleth Project?– Seeks to solve problems in user validation

• Immune to IP spoofing• Resistant to username/password theft• Simplifies system administrator’s workload

• Shibboleth is a Federated Administration Method– The network there the user originated provides user attributes

and information to the target site.

12

Internet2 Projects - Shibboleth

• Problem:– Two universities wish to share access

• Grant access from all IPs (susceptible to IP spoofing)

• Receiving system to keep lists of users/passwords (Intensive work on a large and dynamic group)

• Use public key infrastructure (again, intensive on sysadmin – user lists, registration of keys, smart card distribution)

– Overall lack of accountability

13

Internet2 Projects - Shibboleth

• Shibboleth Solution:1. User surfs to resource. Connects

to a SHIRE (Shibboleth Attribute Requester)

– SHIRE acquires a “handle”– Handles do not provide

insight into user’s personal information

2. SHIRE, through a WAYF (Where Are You From) server uses encrypted data from user’s original connection packet connects back to the user’s home network.

14

Internet2 Projects - Shibboleth

3. WAYF forwards request from SHIRE to the Handle Service

4. HS verifies user is valid and forwards handle information back to SHIRE (then forwarded to SHAR)

5. SHAR (Shibboleth Attribute Requester) communicates with user’s Attribute Authority.

– SHAR may request more information depending on level of access

– AA only responds with as much information as the user has pre-set.

6. If the information provided by the AA is enough, access to the service is allowed.

15

Internet2 Projects - Shibboleth

• Only the user’s home network is responsible for keeping records

• User decides how much personal information to expose.

• WAYF servers can be a target for attacks. The WAYF servers can be local or remote and extensive mirroring is suggested.

16

Internet2 Projects - QBone

• Internet is based on best effort packet delivery.– IP packets arrive at their destination using the best

method they can find.

– Latency through the Internet is indeterminate.

• Internet2 seeks to add Quality of Service (QoS) with two service levels.

– Premium Service

– Scavenger Service

17

Internet2 Projects – QBone Premium Service (QPS)

• Will offers close to virtual leased line service

• Works by ways of an expedite forward message in the header of the IP packet.

• EF Commitments is total bandwidth reserved for QPS

• EF Reservation load is what each QPS client receives

• EF Load is the load of each QPS data stream.

18

Internet2 Projects - QBone Premium Service (QPS)

• QPS Parameters– peakRate

– MTU (Maximum Transmission Unit)

– Source

– Destination

– Route

– startTime

– endTime

– Jitter Bound

MTU (Bytes) Jitter Bound (ms)

64 0.42

512 3.36

1500 9.84

19

Internet2 Projects – QBone Scavenger Service

• Scavenger Service’s goal is to use the spare bandwidth of Internet2 and not interrupt more important data.

• Scavenger’s bandwidth = total Internet2 bandwidth – (QPS + best effort service)

• Why would you use Scavenger?– Distributed software (SETI@Home, Distributed.Net)– Data backups– Website Mirroring– ISPs can sell scavenger bandwidth at a lower price

20

Internet2 Projects – QBone Scavenger Service

• How is a packet labeled for Scavenger Service?– Best Effort traffic uses the binary string 000000 in the

differentiated service code point in the IP packet. Scavenger packets are labeled with a 001000.

– Router use different queues and queuing techniques on packets with 001000.

• Currently, system administrators voluntarily mark packets for use with the Scavenger Service.

• In the future, software may determine the priority of the packets and pick the service effort required.

21

Internet2 Projects – QBone Today

• QPS is “suspended indefinitely” due to intractable deployment problems.

– Lack of router support– Lack of intensive policing on all ingress ports– Massive channel demand– Operating cost– Complexity

• Focus is being placed on “non-elevated” forms of QoS that require no policing, reservation, and admission control.

22

Internet2 Projects – QBone Today

• Scavenger Service works!

• Currently ~0.4% of all Internet2 traffic is Scavenger Service.

• Usage is due to the graciousness of system administrators. They are treading lightly despite the amazing bandwidth of Internet2

23

Related Hyperlinks

• Abilene Weather Map (link utilization & traffic analysis)– http://loadrunner.uits.iu.edu/weathermaps/abilene/

• Abilene Nodes (as of 7/24/03)– http://www.abilene.iu.edu/doc/logical.html

• Traffic Graphs for WPI’s Internet2 usage– WPI’s Traffic between its connecting Abilene core node (NYC)

• Complete Abilene Map– http://www.internet2.edu/resources/AbileneMap.pdf

24

Questions?