The WPI Network Frank Sweetser Manager of Network

The WPI Network Frank Sweetser Manager of Network Operations For CS 5316, B Term 2013

Agenda • • • Fundamentals Internet Connection Wireless Software Defined Networks Practical Career Tips

Network Design Fundamentals • • It has to work It has to keep working It has to be affordable Everything should be made as simple as possible, but no simpler • Read RFC 1925 for more

Design For Failure • What are your single points of failure? • How can you design around them? – Redundant links – Server clustering and failover – Offsite backups – Monitoring • Business Continuity Plan – Focus on business, not technology! – May need to fall back to pen and paper

Monitoring • Network/service monitoring – Is it up? – Is it answering? • Host monitoring – Pegged CPU, full disk, hardware failure… • Root cause analysis – What broke to cause these symptoms?

Single Building Design Pattern

WPI Internet Connection

Caching Reverse Proxies • Assumes repeated requests for unchanging data • Requires application support • Adds latency to every request • More commonly used for access control

Content Distribution Network

Content Distribution Network • Requires huge economy of scale – Large multi-tenant CDN, like Akamai – Facebook • Netflix local server – – – 10 Gig interface Targeted for networks with 5 GB+ Netflix traffic Estimated reduction of Netflix traffic by 70 -90% Initial data load takes 2+ hours @ 5 Gbps ≈ 4. 5 TB Sustained normal traffic at 2 Gbps

Bandwidth Shaping • Restrict bandwidth used by less important applications to ensure performance of mission critical applications • Shape by source/destination – Desktops vs servers • Shape by port number – HTTP, email • Deep Packet Inspection – Dig into packet for greater flexibility – Youtube vs corporate intranet – Port-hopping apps, such as Bittorrent

Wireless • Everybody’s favorite access method • General challenges – Channels – Onboarding new machines • Wireless Access Point architectures

Wi. Fi 2. 4 GHz Channels 1 1 6 2 3 4 5 6 11 7 8 9 10 11

Wi. Fi 5 GHz channels • • • Allows for 23 non-overlapping channels Less penetration through obstacles Fewer sources of interference Not supported on all clients Purchase dual band adapter for best results

Wireless Onboarding • Old method: generic cert, hand-rolled installer – Automation only available for Windows – “Big bang” as cert expires for everyone – No individual identities • New method: Cloudpath Xpress Connect – Automation for many more platforms – Individual identities and expirations – Vendor support for features and bug fixes – Generic certs still available

Thick AP Architecture

Thick AP Architecture • Easy setup for simple networks – Typical use in home networks • AP is “magic cable” for single port • Poor scalability – Becomes unmanageable at 100 s of APs

Controller AP Architecture

Controller AP Architecture

Controller AP Architecture • More moving parts – Separate controller – Lots of back and forth over network • More control – Manager controller, not individual APs • Greater coordination between APs – Better roaming – Better channel plan and power levels • Cloud controllers

Next Gen Wifi - 802. 11 ac • Incremental improvement on 802. 11 n – Still maintains backwards compatibility with all previous standards • Requires 5 GHz radio support – No change from 11 n in 2. 4 GHz • Coming in 2 waves

11 ac – Wave 1 • Currently available in consumer products, some enterprise gear • Theoretical max transmission rate of 1. 3 Gbps – Requires ideal conditions, 4 free channels – Not 1. 3 Gbps throughput!

11 ac – Wave 2 • Not yet fully ratified • Theoretical max of 3. 5 Gbps – Requires perfect RF conditions, top end hardware with all options • Multi-User MIMO – Better performance with lots of clients • Availability? – Product likely within 2 years – Deployment likely within 3

Wireless vs Wired Connection • • Need to find open port Automatic privacy 1 Gbps = 1 Gbps throughput Plug and Play operation Wireless Connection • • Convenient roaming Requires encryption Average 40% throughput Certs, authentication, etc…

Software Defined Networks • APIs – Make everything remotely programmable • Protocols over configuration – Don’t make me configure it when the network can just figure it out on it’s own • Orchestration – Glue all of the separate systems together

SDN Example - VMWare • VMWare v. Center – Automates VM creation – Picks physical hardware – Picks storage – Still limited by networks available on hardware • Add SDN! – Automatically extend required network to hardware – Virtual network overlaid on physical network

Certifications • Entry level – – – Useful for getting foot in the door Relatively inexpensive (≈ $200 - $300) IP and Ethernet fundamentals Basics of vendor specific CLI Often attainable through self-study • Advanced level – – – “Grad School” equivalent Less useful without matching experience More expensive (thousands, may require travel) Deep knowledge of specific area (MPLS, firewall, etc) Usually attained with matching training course ($$$)

Building A Home Lab • Ebay! – Last generation still valuable experience – Mix vendors • Virtual – Olive - unofficial port of Jun. OS – GNS 3 – graphical network simulator – Linux – create multiple guests with bridges, routing daemons, etc

References • Caregroup: All Systems Down – http: //www. cio. com. au/article/65115/all_syste ms_down/ • RFC 1925 – http: //tools. ietf. org/html/rfc 1925 • Olive – http: //juniper. cluepon. net/index. php/Olive • GNS 3 – http: //www. gns 3. net/