1 / 23

HEPiX IPv6 F2F Meeting

HEPiX IPv6 F2F Meeting. QI Fazhi [ qfz@ihep.ac.cn ] Computing Center, IHEP July  4, 2013. CERN. IPv6 Network Status in IHEP/China. Outline. CSTNet CERNet CNGI IHEPNet IPv6@IHEP SDN@IHEP Summary. *. CSTNet. China Science and Technology Network Domain name: *.ac.cn

johnrross
Télécharger la présentation

HEPiX IPv6 F2F Meeting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HEPiX IPv6 F2F Meeting QI Fazhi [qfz@ihep.ac.cn] Computing Center, IHEP July  4, 2013. CERN IPv6 Network Status in IHEP/China

  2. Outline CSTNet CERNet CNGI IHEPNet IPv6@IHEP SDN@IHEP Summary *

  3. CSTNet China Science and Technology Network Domain name: *.ac.cn An academic network system operated by Chinese Academy of Sciences Covers the whole country via 13 regional sub-centers to form the domestic backbone Operation Center: CNNIC

  4. CERNet China Education & Research Network Domain name is *.edu.cn the largest academic networkin China Connects more than 200 cities Provides connectivity to ~2000 colleges and institutes.

  5. CNGI China Next Generation Internet A government-supported IPv6 project A largest ipv6 pure network in the world the largest academic networkin China consists of six core networks implemented by China Telecom, China Netcom/CAS, China Mobile, China Unicom, CERNET and China Railcom

  6. CERNet2 The CERNet part of CNGI 2.5~10Gbps backbone

  7. CSTNet2

  8. IPv6 History @IHEP • 2008 • 1Gbps IPv6 Link to CNGI, Part of IHEP endpoints support IPv6 • 2009 • IHEP started to use the IPv6 Link to do the HEP data transfer between the cooperation Universities(SDU/…) • 2011 • IHEP DNS supports IPv6 • 2012 • Dual Stack IHEP Campus Network, 10Gbps IPv6 link CNGI(Fund from The National Reform and Development Committee ) • 2013 • IHEP Gird-Area Network supports IPv6(test bed) • The SDN @IHEP project start up(IPv6 enabled)

  9. IPv6 deployment principles @IHEP • Dual Stack • The same management and security policies with IPv4 • Users (IP) management • Monitoring • Access control • Step by Step • Public Network Services • DNS • WEB • Email • …… • Grid & Cloud Computing

  10. DHCPv6 @IHEP (Dibbler) • Feature • OS supported • Linux 2.4/2.6; Windows NT4.0,XP,WIN7/8; Mac OS • Multi-server supported • Autoconguration procotol supported • Stateful /Stateless • IA,TA,PD client IP configuration control • Dhcpv6 relay request supported • Per client conguration by MAC or UUID • Server caching • Dibbler • Open source software • Author :Tomasz Mrugalski and Marek Senderski from Gdansk University of Technology • A dhcpv6 solution include • Server • Client (Support Windows XP) • Relay

  11. Current Status • Infrastructure deployment ✔ • All the network devices(switch/router/firewall) support IPv6 • Infrastructure Monitoring ✔ • Easy to do (all the devices are dual stack supported) • Cacti & Nagios with IPv6 patch • User(IP) management ✔ • The ipdb & access control system ✔ • DHCPv6 server: ✔ • DHCPv6 server service (DHCPv6 serverDibbler server; running on the same server with DHCPv4) • All the office users use the dibbler client to achieve ipv6 address. • Security ✔ • Firewall: ✔ • Network traffic and user behavior analysis: ✔

  12. Current StatusUser Management & Access Control • Central Database – IPDB • MAC Address is the key • Static IP address for Users • IPv6/IPv4 host addresses assigned by Dibbler/DHCPv4 servers, based on the MAC address declared in the IPDB • Central Control System • User information management • Network devices information management • Dhcpd configuration auto-updated • Release access policies to the proper user switch

  13. Current StatusUser Access Control Procedure MAC/User Name/Email/Tel/Building/Room number/Plugin number/…… Online Register Submit no Approved by Admin ok Assign IP address save Dibbler/DHCP configuration updated Switch configuration updated IPDB Switch information: IP/Port/Vlan/ Switch-Room/Plugin Number relationship Vlan/IP subnet/switch-port relationship IP/MAC relationship ……

  14. Current StatusGrid Area Network • Grid Computing Environment • The gridftp(ipv6) test bed was set up • IP Name: ui01-hepix.ihep.ac.cn • ui01-hepix-v6.ihep.ac.cn (2401:de00::9998)   • ui01-hepix-v4.ihep.ac.cn (202.122.32.172) • OS: Scientific Linux 5.9 x86_64 • CPU: Intel E5345 X 2 • Mem: 16GB • DISK: 320GB. Will add to 6TB(2TBX3 Raid 0). For Transfer test. • Middle ware: Gridftp server and EMI-2 UI • Web server: nginx with ipv6 support

  15. IPV6 check result New CA server included in EGI-ca-policy 1.53 Gridftp server or client ca version less than 1.53 will failed to transfer

  16. Problems • No enough resources and applications in the IPv6 internet world • Most of the IHEP IPv6 traffic are video/iptv/…… • Less scientific data go through IPv6 • And Then…….SDN@IHEP Project

  17. What is SDN?

  18. SDN@IHEP • Goal • A flexible, reliable and high performance HEP data transfer network (virtual and private) and system platform in China • IPv4 and IPv6 supported • The traffic can be switched between IPv4 and IPv6 infrastructure and physical path automatically or manually • SDN@IHEPIHEPDTN • End user network • Backbone network(IPv6 & IPv4) • SDN Switch (L2VPN gateway & Openflow supported) • Control center (API to Application) • Applications(FTS/NMS/…….) • Members • IHEP/SJU/SDU/TsingHua/…… • Network manufacturer:Ruijie Networks, A high performance network union lab (IHEP-Ruijie) 高能所-锐捷网络高性能计算网络联合实验室

  19. SDN@IHEP model

  20. Final Result

  21. Summary • IPv6 infrastructure @IHEP is running well • The IPv6 management and support platform is running well • The Gridftp testbed @IHEP for IPv6 is ready • We would like to jion the mesh test for data transfer • IHEP SDN project will build a platform in China for HEP(BESIII/Daya Bay Experiments) data transfer with the current/IPv6 network infrastructure

  22. Thank you

More Related