Data networking at UCL - Networkshop44
Transcript of Data networking at UCL - Networkshop44
![Page 1: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/1.jpg)
UCL Data CentresInfrastructure Design
James Clements Emma Cardinal-Richards
![Page 2: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/2.jpg)
Areas Covered
• Background• Design Process• Routing and Site Connectivity• Application Delivery Controllers• Switching• Storage• Security
![Page 3: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/3.jpg)
Background
• Extensive dark fibre network• One logical data centre• Simplicity for applications• Stretched failure
![Page 4: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/4.jpg)
Design Process
• Requirements Gathering• Current State• Vision• Plan• Design Validation • Business Validation
![Page 5: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/5.jpg)
The White Paper: Key elements
• Active-Active• Disaster Recovery• No Cross DC Dependency• Symmetric architecture where possible• Auto-failover where possible• Converged Networking where available
![Page 6: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/6.jpg)
Campus Network
![Page 7: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/7.jpg)
Routing (Logical)
![Page 8: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/8.jpg)
Routing (Physical)
![Page 9: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/9.jpg)
SLB Current State
• Cisco Application Control Engine Service Modules
Application Delivery Controllers
• Essential for multi-site data centres• PoC market leaders• F5 solution selected
![Page 10: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/10.jpg)
Future State - GSLB
• DNS-Based multi-site load balancing• Active/Active• Client location• Load distribution• Site failover
![Page 11: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/11.jpg)
Future State - SLB
• No need to use the ADC to route• Service
optimisations • Delegated
administration
![Page 12: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/12.jpg)
Switching Current State
![Page 13: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/13.jpg)
Switching – Production Design• Leaf Spine Architecture• Nexus 5K• Fabricpath• VPC+• Dynamic FCoE
![Page 14: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/14.jpg)
• New (but familiar) VM hosting platform
• New (but familiar) storage platform
• Decoupling the DCs
• Partially new software stack
Torrington Place 1 Wolfson House SloughTorrington Place #
Infrastructure Platform Vision
![Page 15: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/15.jpg)
Storage Area Networking (SAN)
• Converged Networking (FCoE)• Collaborative working• Keeping existing storage design concepts• Dynamic FCoE over FabricPath • SANs existing within 1 Data Centre• Cisco Data Centre Network Manager
![Page 16: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/16.jpg)
Security from a ISG view
![Page 17: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/17.jpg)
Security – Network Style
![Page 18: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/18.jpg)
Security ZonesSimplified!
FIREWALL
INTERNET
DATACENTRE
CAMPUS
RESEARCH
FIREWALL
INTERNET
DATACENTRE
CAMPUS
RESEARCH
SLOUGHTORRINGTON
PLACE
![Page 19: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/19.jpg)
Standardised Service Design
• Separate IP space per datacentre for both IPv4 and IPv6• Symmetrical networks• Standardisation• Layered application design• Security
![Page 20: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/20.jpg)
Service LayersPresentation Layer
Application Layer
Additional Service Layer
Data Layer
Clie
nts / E
xter
nal A
cces
sBl
ocke
d by
fire
wal
l by
defa
ult
Man
agem
ent L
ayer
VPN
Appl
icati
on D
eliv
ery
Cont
rolle
r
Client Traffic Service Traffic (direct or load balanced) Management Traffic Key
![Page 21: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/21.jpg)
Current Layer NewApplications
Ad-hoc ACLs Network Security Firewall, ACLs, Zoned, SecuredApplication specific, secured by application, complex
Networking Layout Standard, Secure by Design, IPv6 Ready, Consistent
Not Required Global Server Load Balancing (GSLB) F5 BigIP GTMCisco ACE Server Load Balancing (SLB) F5 BigIP LTM
Split HA/BH Stacks, Non-representative Development
Hardware Stacks Single Converged Stack, Representative Development
VMware vSphere ESXi Virtualisation VMware vSphere ESXiVMware vSphere ESXi Virtual Mobility SRM or Zerto or VeeamNot Used Virtualisation Insights VMware Operations ManagerIBM HS22/23 Blades in BladeCentre-H Virtualisation Hardware Lenovo x240 Blades in Flex Chassis
Separate Ethernet/Storage Network Interconnect Converged Network AdaptorsIBM DS5100/v7000 G1/SVC Storage IBM v7000 G2/SVCSynchronous Everywhere Storage Replication AsynchronousIBM/Brocade Fibre Channel SAN Storage Networking Cisco Nexus ConvergedCisco Catalyst Ethernet Networking Cisco Nexus Converged NetworkOne Logical Site across Two Physical Physical Location Two Distinct Physical Sites
Physical Data Centres
![Page 22: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/22.jpg)
</presentation>
• Thanks to all the (uncredited!) people from whom we have ‘borrowed’ drawings, photos etc.
• Even more thanks to all at JISC/Janet and Infinity who have been very understanding and accommodating of our shifting requirements and sometimes unusual requests.
![Page 23: Data networking at UCL - Networkshop44](https://reader034.fdocuments.net/reader034/viewer/2022050614/588043931a28abfd0a8b68cd/html5/thumbnails/23.jpg)
Contact
James ClementsNetwork Core Services [email protected] Cardinal-RichardsSenior Network [email protected]