Campus NetworkingBest PracticesGARNET/NSRC Workshop

This document is a result of work by the Network Startup Resource Center (NSRC at http://www.nsrc.org). This document may be freely copied, modified, and otherwise re-used on the condition that any re-use acknowledge the NSRC as the original source.

Instructors

Sebastian BuettrichIT University of Copenhagen/NSRCKevin ChegeKENET Kenya Education Network TrustJose DominguezUniversity of Oregon/NSRCSteve HuterUniversity of Oregon/NSRCDale SmithUniversity of Oregon/NSRC

Week at a Glance

MondayIntroduction and Campus Network OverviewTuesdayLayer 2 in-building concepts + LabWednesdayNetwork Management and Monitoring + LabThursdayWirelessFridayMore wireless

Daily Schedule

8:30am-10:30amMorning Session 110:30am-11:00amTea Break11:00am-1:00pmMorning Session 21:00pm-2:00pm Lunch 2:00pm-4:00pmAfternoon Session 14:00pm-4:30pmTea Break4:30pm-6:00pmAfternoon Session 2

Today

8:30am-10:30amIntroduction10:30am-11:00amTea Break1:00am-1:00pmCampus core and Edge1:00pm-2:00pm Lunch 2:00pm-4:00pmCampus Cabling4:00pm-4:30pmTea Break4:30pm-6:00pmGhana campus networks

Why Are We Doing This?Our goal is to build networking capacity to support Research and EducationRemember: University = Research & EducationThe end game is regional, national, and larger Research and Education Networks (RENs)All RENs start with campus networks they are the foundation of the REN

Justification Design Goals Reliability/Resiliency performance Manageability Scalability Layering

Why a REN?Enable research or services that could not be accomplished otherwiseCost Savings (buyers club)Aggregate demand from multiple partiesVision of building alliancesSuccessful RENs find that there are unanticipated benefits

REN ServicesWhat services are provisioned? Various models:REN provides all Internet connectivityPeering network to exchange traffic between membersAdvanced peering network that mightDevelop or peer with a local commercial exchangeProvide international connections (GEANT, etc)Other services (video conferencing)

REN as Peering NetworkInternetRENMemberMemberMember

REN as Internet Service ProviderInternetRENMemberMemberMemberInternet exchange pointOther REN Networks

RENs Around the WorldUnited States Two National RENsBoth provide peering, but have access to lots of commercial peering and other REN peeringUS Regional RENs (usually one per state)Different models, but many act as ISPEurope GEANT across EuropePeering only. Much more restrictive on commercial traffic

REN Financial ModelsSome pay for bandwidth per Mb (typical for ISP model only)Some have membership fee with eat as much as you wantSome pay on size of connection and can eat up to the size of the connectionSome have combinationREN needs staff and circuits

GARNETWhat model makes sense?REN as peering network?But, is there significant traffic between your Universities?How about having the REN attach to a commercial peering point access to GoogleREN as ISP requires trust and possibly different licensing

IP Addressing

Who Needs Public IP Space?Every campus must have Public IP address space Where do you get it?GARNET needs to get IP address spaceIf GARNET becomes ISP, it must have address space for its customersAny University can get their own IP address space.

Provider Independent IP AddressesWhat are provider independent IP addresses?Public IP addresses that are not allocated to you by your Internet Service Provider.Can move between service providers without changing IP addressesIf GARNET gets space, then addresses provided by GARNET is not provider independent

NAT is a realityNAT is common technique to reduce number of public IP addresses requiredNAT makes some things hard.NAT breaks things like SIP (standard-based VoIP), which you have to work aroundNAT translation device needs to know about applications. Stifles innovation.Makes it harder to track down viruses and hackers

Who Needs Public IP and ASN?NRENMust have both ASN and Public IPCampus NetworkAll campuses must have Public IPOnly need ASN if campus is multi-homedHow much IP address space?

General Notes on IP AddressingIP version 4 addresses are 32 bits longIP address blocks allocated in powers of 2Blocks of addresses: 1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1024, 2048, 4096, etc.CIDR notation: Address blocks are described with a notation of /number. /32 = 1 address, /31 = 2, /30 = 4, . /24 = 256

Logical NetworkUbuntuNetUniversityMemberNRENNRENUniversityMemberUniversityMemberUniversityMemberGEANTOther NRENPeers

Examining the NRENInternetExchangeNRENMemberCampusNetworkMemberCampusNetwork

MemberCampusNetworkUbuntuNet

NREN IP AddressingEvery member connected with a point to point linkEvery point to point link requires at least a /30 (4 addresses)NREN will address space forNetwork management equipmentServices such as web, video conferencingBuild a spreadsheet that details all the above

A Simple (Small) REN ExampleMemberCampusNetworkMemberCampusNetworkNREN RouterMemberCampusNetworkMemberCampusNetworkNREN RouterNREN Router

Simple (Small) REN Example

NetworkHostsCIDR blockSizeQtyTotalPoint to point links2 /304728Server network for network Mgmt40 /2664164Server network for Services40 /2664164Future network for services40 /2664164Future customer links2 /304416Total236

You can't get a CIDR block of 236 addresses - rounding up, you get 256 or a /24

That isnt all for the RENIf the REN is going to act as an ISPREN needs IP address space to allocate to customers.If customers NAT, dont need as much, but still need space.In application to AfriNIC (www.afrinic.net), you will want to apply for space for your customers.

Campus Network IP AddressingBuild a spreadsheetOne row for every building on your campusWrite down how many computers will be in each buildingRound up to the nearest power of 2Add a row for serversAdd a row for wireless

A Simple Campus ExampleCore Router

A Simple Campus Example

BuildingHostsCIDR BlockSizeQtyTotalAdministration Building68 /251281128Physics Building220 /242561256Chemistry Building120 /242561256Computer Science200 /242561256Literature Building44 /2664164Server Network20 /2732264Additional Buildings Medium 100 /251283384Additional Buildings Large200 /242562512Wireless Network500 /235121512Total2432

Round 2432 up to the next CIDR block gives you 4096 or a /20

Applications to AfriNICAAU has negotiated a 50% discount on fees with AfriNICFRENIA funds are available to pay the other 50% for the first year (first year is free)There is no barrier to getting spaceWhen you apply for V4 address space, also apply for V6 space

Why Focus on Campus Networks?The Campus Network is the foundation for all Research and Education activityWithout a good campus network, the Research and Education Network cant work as well as it shouldAd-hoc campus networks work OK with VSAT uplinks, but moving to high speed external links, they start to fail.

Why Focus on Campus Networks?Your campus network is the foundation that all services are provisioned onAd hoc networks just dont work well. They are unreliable and hard to maintain.If you dont have a plan, how will you know where are going?

Campus Network PersonnelEvery campus should have at least one person who does nothing but work on the network. Not email systems. Not course management systems. Just networks.Larger campuses will need moreUniversity of Oregon has 9 people just doing networking plus 3 doing security (26,000 network connections)Started small 20 years ago with 2 people

Questions?

**