The Evolution of Internet2: 1996-2010
Douglas Van Houweling
CEO, Internet2
May 2010
TERENA
1996: The Internet2 “Project”
• 34 research university CIOs• Commit $25,000 annual membership, $1M annual institutional investment
• Required to fill the vacuum left when NSFNet project terminated
• A project of EDUCOM• Used the National Science Foundation vBNS for connectivity
1997: The University Corporation for Advanced Internet Development
• Home to the Internet2 project• Approximately 100 members• Corporations and laboratories added
• NSF High Performance Connections Program
• Quality of Service -- QBone• International collaboration • Applications support
I2 InterconnectCloud
GigaPoPOne
GigaPoPFour
GigaPoPTwo
GigaPoPThree
“Gigabit capacity point of presence” anaggregation point for regional connectivity
Internet2 Network Architecture
I2 InterconnectCloud
GigaPoPs, cont.
GigaPoPOne
University A
University B University C
Regional NetworkCommodityInternetConnections
1998: Abilene
• April White House announcement with VP Gore
• Partnership with Qwest, Nortel & Cisco
• 2.5 Gb national reach• Connects regional networks and universities
• NSF High Performance Connections Program
1999: Middleware, Network Performance & Growth
• Middleware• Early Harvest workshop• Trusted multi-institutional authentication
• End-to-end performance initiative
• 24 International MOUs• 249 Members
2000-1: Beyond the University
• Sponsored Network Access• Schools and small colleges• Libraries• Museums and concert halls
• The Quilt• Arts & Humanities Initiative• Health Sciences Initiative• National Laboratories
2002-7 Optical Networking
• FiberCo• National LambdaRail• Abilene -> 10 Gb• Hybrid Optical and Packet Infrastructure (HOPI) Initiative
• The New Internet2 Network• ESNet Partnership
2002-9 Middleware Invention -> Deployment
• Middleware Workshops• OpenSAML• Shibboleth• InCommon Federation• Signet Privilege Management• Grouper Group Management• InCommon Steering Committee
2006-8 Reformed Governance, Membership, and Strategy
• Community divided between Internet2 and National LambdaRail• Merger unsuccessful
• Internet2 response• Include regional network members• Democratize and expand governance structure
• Community-based strategic plan
2009-10 New National Focus
• The FCC National Broadband Plan• “Anchor institution” networking market failure
• Build on higher ed networking experience
• The Department of Commerce Broadband Technology Opportunities Program• Regional network projects• Internet2/NLR/Northern Tier US UCAN Proposal
What Have We Learned?
• Stay at the leading edge• Late to optical networking
• Build trust• A consortium, not a corporation
• Focus on community needs• What members can’t do for themselves
• Never stop changing
The Internet2 Research and Development Agenda for 2010: The Year of End to End
Deployment
Randall Frank
Chief Technology Officer, Internet2
May 2010
TERENA
Being Honest With Ourselves
• Lots of great advanced technology out there deployed in pockets
• Great at custom demos that show off incredible bandwidth, high quality video, seemless authentication, …
• Not so great at making this all available to normal end users at their desks
• Users often need to become network experts to make all of this work
Example Technologies
• High performance networking (reserved bandwidth, predictable QoS)
• Performance monitoring• Federated Authentication (InCommon)
What’s missing?
• Predictable deployment in a large scale end to end environment
• Technologies that work across the incredible diversity of networking infrastructures that are present within the R&E community
• Troubleshooting tools that enable end user to know what to do when things don’t work
2010: Concerted Effort to Move from Demos to Production• Previous model: we did our work in the network core, now if only campuses and regionals would do their part…
• New model: joint effort to make technology work end to end
• Work with campuses and regionals to develop plans for funding and deployment
High Performance Networking
• Goal: allow research users access to predictable high performance/high bandwidth flows
• Allow network be better handle needs of research users by capacity reservation
Some Experiments didn’t have right scaling/deployment characteristics
• Implemented separate circuit based network for reserved capacity• Required separate interface(s) for downstream networks
• Didn’t integrate into financial or operational model, not financially viable given current funding models
• Didn’t deal with campus/regional issues• Physical vs. virtualized services• Required users to become network experts
Best effortIP
IP MPLS w/Res’v b/w
Layer 2 frameOver MPLS
DCN Control Plane
Domain Controller
Network 1
IDC
Domain Controller
Network 2
IDC
User Request/IDC Response
IDC to IDC communication
Domain Controller
Network 3
IDC
IDC to IDC communication
Performance Measurement
• Perfsonar• Widely adopted framework for exchange of network measurement data
• Joint development of ESNET, Internet2, GEANT2, RNP and others
• Goal: allows users world-wide to obtain data on end-end performance of a network path
Successes
• Gaining widespread acceptance across diverse networks and communities
• Extensive deployment within some networks (e.g., ESNET)
Limitations
• Not ubiquitous – users can’t rely on available of data collection points
• Implementation somewhat complex• Lack of standard, low cost deployment devices
• Authorization environment still lags
• End user friendly analysis tools
2010 Goals
• Low cost deployment kits• Work with (virtual) communities to spur deployment
• Partner with other orgs that have specialized expertise (Gloriad, IRNC funded circuits)
• Work with vendors to build Perfsonar collection into network devices
Authentication
• Shiboleth: international R&E standard for federated authentication• Each campus continues to use local authentication environment
• SAML based• Allow inter-campus trust (within federation) of other campus authentication assertions
• InCommon: US Federation, 300+ campuses
US-wide certificate service
• Based heavily on TERENA program with COMODO (Thank you!)
• Campuses sign-up directly with InCommon for fixed annual fee
• Summer 2010 SSL certificates• Fall 2010 user (signing and encryption) certificates
• Campuses choice in COMODO GUI (CCM) or API development
Goals for 2010
• “productize” InCommon Federation in US
• Gain acceptance outside of R&E for R&E authentication• US Federal government acceptance of InCommon for US Gov’t authentication of academic users
• Eduroam testing in US• Expansion of services using Shib• Today primarily web based authentication• Deployment within other API services (e.g., Perfsonar)
Thank You
Top Related