Friday, May 6, 2011

What is New in the US Research and Education Community?



Internet2 is a non-profit organization that operates the high-speed backbone for the US Research and Education (R&E) community. It counts 200+ of the largest US universities and research organizations as members plus a lot of other members - international partners, vendors, etc. - to a total of about 350 members. I have represented Polycom in Internet2 since 2007, and sit on one of the governing councils called Application, Middleware, and Services Advisory Council, or AMSAC. Internet2 members meet twice a year. While the Fall Internet2 Member Meeting moves around the country (next one will be in Raleigh, NC), the spring event is always in Arlington, Virginia. The latest meeting took place April 18-20, 2011, and was another great opportunity to meet the US R&E community and some international participants.

Here are some meeting highlights:
  • Internet2 CEO David Lambert announced the new Internet2 initiative in cloud services and the new Network Development and Deployment Initiative (NDDI).
  • Internet2 is expanding its high-speed backbone network
  • Video is a hot topic for the US R&E community
  • There is a need for new audio-video infrastructure to connect the R&E community
  • Migration from IPv4 to IPv6 may not be an issue in the backbone anymore but local R&E networks are still struggling, as are some commercial providers
  • Wide deployment of digital certificates in the R&E community improves network security  

New Internet2 Initiatives

David Lambert, Internet2 CEO, announced that I2 and HP were working on cloud services. Internet2 has spent quite a lot of time looking for the appropriate partner in this space and the HP offer was best suited for the needs of the R&E community. David announced the Network Development and Deployment Initiative (NDDI) that includes I2, Indiana University, and Stanford University (Clean Slate Program). Internet2 will offer a new service - Open Science Scholarship and Science Exchange (OS3E) - to meet community requirements. The service will be first available in fall 2011 and will use OpenFlow technology. The goal is to create the equivalent of Linux for networking and allow for open source development. They basically asked switch/router vendors to turn off the control plane and allow remote computers to control them. Internet2 will be a national test bed for OpenFlow. Matt Davy from the Global Research NOC at Indiana University and Rob Vietzke from Internet2 will lead the project. They will work closely with international partners: CANARIE (Canada), JANET (UK), GEANT (Europe), JGNX (Japan), and RNP (Brazil).

How does that relate to video communications? There have been efforts in the industry to make the IP networks video application aware, and that requires communication between a call control engine on the application side and a policy engine on the IP networking side. The limitation is that each IP networking vendor uses a different policy engine, and there is no single application that can control the entire mixed-vendor network. With the new OpenFlow architecture there is a "standard" API to talk to all IP networking equipment, no matter who makes it. That will potentially give us even more control of the end-to-end QOS in the IP network, which is a benefit to video applications.

Internet2 is Expanding its High-speed Backbone Network

US UCAN funding will be used to expand the Internet2 network. Map of the network expansion was presented in the demo area. The middle section connecting West and East Coasts will be built first, followed by the south span, then the north span of the network. The expansion will require building several new so Giga-PoPs that host optical and IP routing equipment. I took a picture of the equipment that is installed in such GigaPoP. On the left side is the Ciena optical equipment. On the right side are a small Cisco 2600 router, an HP server, and a giant Juniper T1600 router with huge blades. The expansion of the Internet2 backbone is necessary to carry the additional traffic from anchor institutions: community centers, rural hospitals, etc. Applications such as distance learning and telehealth will drive video traffic from and to these institutions, and result in a lot of video traffic over the expanded Interent2 backbone.

Video is a Hot Topic for the US R&E Community

The session "Where Videoconferencing and Telepresence Meet Immersion and Interoperability" drew a lot of attention. Internet2 members are big video users and Internet2 itself offers video services to the community. Polycom has been partnering with Intrenet2 for many years and a lot of the services are leveraging Polycom infrastructure. Ben Fineman from Internet2, talked about a successful telepresence interop test with 32 telepresence screens, connecting equipment from Polycom, Cisco, LifeSize, etc. My presentation focused on telepresence interop and the challenges of connecting multi-screen (multi-codec) systems. I provided an overview of the Telepresence Interoperability Protocol (TIP) that Polycom will be supporting within few months to enable short-term interop across Polycom and Cisco telepresence systems. Then I focused on the long-term telepresence interoperability efforts in the IETF CLUE Working Group, and on Polycom's work in this area. Since I attended the last IETF meeting, I was able to provide a lot of detail about CLUE and answer questions from the audience.

The third presenter in the session was supposed to be Sean Lessman from Cisco but meeting he canceled right before the since he was on his way out of Cisco. In the last minute Michael Harttree from the Cisco CTO office jumped in. Michael was not very familiar with telepresence and talked instead about the trend towards more video (streaming, surveillance, etc.) in the network. There are many types of video floating around and the challenge is how to separate them and treat them appropriately (in terms of latency budget) on the IP network. This reminded me of the discussion in the IETF MMUSIC group about more detailed description of the type of traffic in SDP so that this description can be preserved across SP networks (which modify QOS settings).

New Infrastructure for Audio and Video Services to the R&E Community

I have been attending meetings of the Audio Video Communication Infrastructure Special Interest Group (SIG) for quite a while. The group focuses on connecting VOIP and video networks with PBX and PSTN to deliver seamless communication across the R&E community. Hot topic is the use of E.164 numbers versus alternatives such as SIP URIs, leveraging standards such as ENUM and existing systems such as GDS.

Ben Fineman from Internet2 and Walt Magnussen from Texas A&M are very active in this group, and I always enjoy the opportunity to discuss with them. The consensus so far is that Internet2 should request from ITU an international "country code" that would allow Internet2 to assign numbers across the R&E community. Agreement with commercial SPs have to be signed to make sure the traffic is routed appropriately. I am very excited about that topic because a lot of new Unified Communications services can be developed for the R&E community on the IP network. (Unfortunately,) the connectivity to PSTN is still essential for the success of UC deployments.

Migration from IPv4 to IPv6

Leslie Daigle from the Internet Society (ISOC) delivered a keynote about the importance of IPv6. Only a very small portion of Internet traffic today is IPv6, and businesses have claimed for long time that there is no business case for IPv6. On the other hand, the need for IP address space is big, and companies are trying to buy address space from other users. Based on the Avaya-Nortel acquisition, we know that the price for an IPv4 address is $11.25. But residential and mobile providers need even bigger IP address space than enterprise. Content providers also need to enable IPv6 in their services. IPv6 is gradually starting to make business sense because IPv4 addresses have price attached, NATs are hard and expensive, certain apps, e.g. games, do not work well in NAT environment.

When Google turned on IPv6 on YouTube, IPv6 traffic spiked. That means there are a lot of IPv6 clients out there. It is estimated that about 0.5% of Google customers will not be able to reach the service if Google alone turns on IPv6. They do not want to lose customers to others; therefore, Google, Yahoo, and Facebook agreed to turn on IPv6 for 24 hours on June 8, 2011 (World IPv6 Day). Note that IPv4 will not be turned off.

The call to action to service providers is to announce plans for IPv6 and create momentum around it. It is important for network administrators to include the World IPv6 Day in their change plan, so that no other changes happen on that exact day. With all of the excitement around the migration to IPv6, I decided to write a white paper on that issue. I have tons of information about IPv6 (some is captured in a previous post) and intend to focus on the impact of IPv6 on video communications. Stay tuned! I will post a link to the paper when it is ready.

Digital Certificates to Improve Network Security in the R&E Community

InCommon is a part of Internet2 that provides services to the R&E community. These services range from authentication to group management to – recently – low-cost digital certificates. Security is very important for voice and video communications, and Polycom products support digital certificates, so I was curious how universities deploy them.

John Krienke, Internet2 COO, talked about the partnership between Internet2 and Comodo. Comodo listened to the requirements for campus administration, and allows sub-domains for local certificate management. They provide tools to find all server certificates, and since the Comodo license is per site, you can assign a certificate to each server and do not need wildcard certificates.

Paul Kaski from the University of Texas System shared his experience with the InCommon certificate service. His organization used VeriSign for 11 years but due to budgetary constraints could not afford the steep price tag anymore and started using the InCommon service in 2H'2010. The estimated cost saving is $325K per year. The main advantages of the InCommon service are very quick SSL certificates approval, easy admin interface, and available API for both SSL and user certificates.

Digital certificates are a great way to authenticate users, devices, and servers in the network. Certificates definitely increase security in the network, and the only drawback I can think of is the cost. Now that R&E organizations have access to lower cost certificates and to the tools to manage them in campus environment, I expect wide adoption.

Conclusion

The Spring Interenet2 Member Meeting was a great opportunity to take a snapshot of the technology developments in the US R&E community. It is ahead of the commercial sector in some areas (advanced networking, IPv6 migration) and lagging is others (applications). I think there is an opportunity for commercial vendors, especially the ones like Polycom who rely on open standards and interoperability, to participate in the creation of new applications and services for the R&E community.