terena netwoking conference 2009 network core design for business continuity architectures martí...
TRANSCRIPT
Terena Netwoking Conference 2009
Network core design for business continuity architectures
Martí Griera - Juanan Martínez
Servei d’Informàtica
Universitat Autònoma de Barcelona
Terena Netwoking Conference 2009
Agenda
Context The Campus Network today Tomorrow’s network
The manufacturer approachOur vision
Considerations Conclusions
Terena Netwoking Conference 2009
Context
Current (future?) business trends:From network availability to business
continuityDo it for lessDo it the green way
Classic operational principles:Fit to standardsKeep it simple
Terena Netwoking Conference 2009
In short...
Could you implement a business class network topology which easily accommodates distributed services in a cost effective way, not being tied to any specific manufacturer?
Terena Netwoking Conference 2009
The Campus Network today
Simple and fast (for today’s speed needs!)
Easy to troubleshoot Centralized intelligence The highly redundant
core guarantees service availability (or not?)
Double internet connection: different routers but same location
....
...
...
.
Internet
Internet
Terena Netwoking Conference 2009
Our example Core
L3 Routing technology (implemented in a Cisco 6513, second router Standby)
Buildings with 1/2 connections to the main core VLAN distribution for specific activities (Wireless, ToIP) Main servers connected through a firewall blade to the
same equipment Buildings
Switching topology with multivendor equipment (3Com, Nortel, HP)
Two levels: switching-core and user Internet connection
Cisco 7200 (2) connected to the routing core Transparent firewalling
Terena Netwoking Conference 2009
Problems and desiderata
Core failure means total disaster (and it happens!)Redundant links ... but converging to a single pointDouble internet connection, but also in the same physical location
Easy to operate and troubleshootDistributed approach Standards basedPlease... No complexity! It increases failure probability while enlarging troubleshooting time (and is prone to human mistake!)
Terena Netwoking Conference 2009
Building tomorrow’s network: The manufacturer approach
VSS VRRP or virtual routing solutions Distributed proprietary routing solutions with
proprietary interconnecting protocols
In general, these solutions cost around 150-200K€ for a Campus Core. As an additional consideration, you get tied to a specific manufacturer.
Terena Netwoking Conference 2009
Is there an alternative?Reliable switching coreSimple protocols (fast STP)Physically distributed core by design
Distributed routing layerSimple routing among buildingsDirect connection between buildings can provide additional redundancy
Distributed servicesService accommodates easilyBy nature (DNS/DHCP)By application mechanismsBy specific appliances
Terena Netwoking Conference 2009
Our (future) picture
Switching Core(1G/10G)
Switching Core(1G/10G)
InternetInternetInternetInternet
Maindatacenter
(SI)
SecondaryDatacenter
(Under Construction)
Servers
Serverequipment
Terena Netwoking Conference 2009
Roadmap In our case, both for economic and risk-management
considerations we have made a progressive approach to this topology. We suggest: Decide which will be the 2nd location Provide network equipment for this building (if not
present) Segregate a building with an available subnet (can be
a phantom/test building) Accommodate a testbed service Distribute DNS and DHCP services Segregate the buildings Distribute critical services
Although our model has been designed for a Campus network we think it can be extended (probably with some minor modifications) to other environments
Terena Netwoking Conference 2009
Considerations
Migration from a concentrated routing scheme to this distributed-routing switched-core network is simple
Seamless migration procedure (evolution, not disruption) Routing moved to building-base Redundancy achieved through multiple paths with well-
known (and proved) L2 protocols Easy accommodation of distributed datacenter for critical
services Critical network services (DNS, DHCP) accommodates
seamlessly to this topology Network operation requires no additional complexity Possibility to integrate different manufacturers (or at
least, have real competency when choosing) Substantial cost reduction
Terena Netwoking Conference 2009
Conclussions
Business continuity architectures can be achieved with classic protocols
We believe strongly in standards and simple topologies as the best way to keep the network up and running smoothly
With these ideas in mind, the combination of a fast switching core and a distributed simple routing creates a reliable framework for service-continuity
Although it’s critical for us, if there are neither economic nor human-knowledge constraints, proprietary solutions can provide valid solutions which even can provide additional (also proprietary) features