Internet2 Innovative Application Awards

1. CREATING A CLIMATE FOR INNOVATION
ON INTERNET2
INTERNET2 INNOVATIVE APPLICATION AWARDS
Eric Boyd
Senior Director, Strategic Projects

2. May 18, 2014 © 2013 Internet2
[ 2 ]
2 – 5/21/2014, © 2012 Internet2
2 – © 2012 Internet2
Unleashing new waves of global discovery, together.

3. • Internet2 brings together thought leaders from member organizations
and the broader research and education community
• Our community advances frontiers of network-enabled applications
• Our community accelerates innovation and enables transformation
The Internet2 Community: An unparalleled human network
Nearly 400 member institutions

4. Internet2 Members and Partners
222 Higher Education members
72 Affiliate members
39 R&E Network members
64 Industry members
65+ Int’l partners reaching over
100 Nations
66,000+ Community anchor institutions
Focused on member technology needs
since 1996"The idea of being able to
collaborate with anybody,
anywhere, without
constraint…"
—Jim Bottum, CIO,
Clemson University

5. May 18, 2014 © 2013 Internet2
• The research and education community played a seminal role
in the creation of the modern Internet and the applications that
have made it the most transformative technology of the last
hundred years
• 34 of these leading universities created Internet2 in 1996
Creating new innovation opportunities
begins with understanding
what enabled innovation in the past

6. R&E networking ROI has been
staggering
Total 30-year federal investment to enable the precursors of the
Internet is very small compared to the massively successful
businesses it sparked.
Earth Venus
ARPAnet,
CSNET &
NSFnet
< $250 million
total
investment
Contribution of Internet to U.S.
economy: $684 billion annually, 4.7%
of all economic activity in 2010
(CNNMoney, 2012)
Value of Internet to U.S. economy —
Employment: $300 billion
Payments: $444 billion and
Time: $680 billion
Total: $1424 billion annually
(Harvard Business School/
Hamilton Consultants, 2009)
3963 mi 10,842,768 mi 22,573,248 mi
(not to scale)
These seminal investments
• Put the R&E community ―way out
in front‖ of commercial markets
• Created a new, bandwidth-rich
playing field
• Enabled innovations that led to a
global transformation: our
information-based economy

7. 7 – 5/21/2014, © 2013 Internet2
*
Routers
Stanford
Computer
Workstations
Berkeley,Stanford
Security
Systems
UnivofMichigan
Security
Systems
GeorgiaTech
Social
Media
Harvard
Network
Caching
MIT
Search
Stanford

8. 8 – 5/21/2014, © 2013 Internet2
How do we create
an at-scale
Innovation Platform
for the next era?

9. 9 – 5/21/2014, © 2013 Internet2
Innovation Platform vision:
Abundant bandwidth
Innovation route
• Raw capacity now
available
on Internet2 Network a
key imagination
enabler
• Incent disruptive use of
new, advanced
capabilities
• Promote ―open‖ and
creative freedom of use
Innovation roadblocks
• Limited capacity a
major
barrier—need more
than incremental
boosts
• Too expensive and
risky to try totally new
approaches
• Closed approaches
limit applications or use
cases

10. 10 – 5/21/2014, © 2013 Internet2
Innovation Platform vision:
Software-defined networking (SDN)
Innovation route
• Open up network layer
to innovation
• Let innovators
communicate with and
program the network
itself
• Allow developers to
optimize the network
for specific apps
Innovation roadblocks
• Proprietary software in
routers and switches
• Communications with
hardware limited by
actual, physical,
proprietary components
• Application developers
have to use the
network as prescribed

11. 11 – 5/21/2014, © 2013 Internet2
Innovation Platform vision:
Support for data-intensive science
Innovation route
• Architect a special
solution
to allow higher-
performance data flows
• Include end-to-end
performance
monitoring
• Include SDN server to
support
programmability
Innovation roadblocks
• One-size-fits-all
approach
to network data flows
• Lack of transparent
performance
monitoring solution
• No way to customize
and optimize the
network via SDN

12. 12 – 5/21/2014, © 2013 Internet2
Innovation Platform Program Pilot Sites
• 31 Campuses, 10 Regionals
• 76 NSF CC-NIE Awardees
• “Operating Innovative Networks”
workshops offered in collaboration with
ESnet, Indiana, Internet2

13. Title or Title
• Event/Date
• Presenter,
PresenterTitle, Internet2
What will
global innovators
do with the next
Innovation
Platform?

14. This is what we have been able to say for over a year:
The 100G testbed of innovation for tomorrow’s Internet is available
nationwide, right now.

15. • Abundant Bandwidth:
• 100G+ Nationwide Backbone
• Programmable:
• Native OpenFlow w/virtual slices
• Support for Data Intensive Science
• Interconnected with public Internet
• Full 18 months of solid production
experience
• Open for your innovation!
Provides production & innovation platform to:
• Dozens of high performance compute clusters
• Hundreds of campus data centers
• Thousands of SDN ports
• Hundreds of wireless access networks
• Millions of potential collaborators

17. • Community is now moving nearly 50
PB/month over Internet2
• Backbone already growing beyond 100G

18. Does this create a platform for innovation?
Abundant bandwidth to enable innovation? 
Programmability to encourage application innovation? 
Support data intensive science? 
TODAY

19. Does this create a platform for innovation?
Abundant bandwidth to enable innovation? 
Software-defined networking substrate? 
Support data intensive science? 
Virtualization? ☐
Integrate network with compute and storage? ☐
TOMORROW

22. • Simple VLAN Tag based flowspace firewall / proxy
• Policy definition and enforcement support range operations
– < 1,000 policies to support 3 slices using the entire flowspace
• Per slice total rule limits
• Per slice per switch flow modification rate limits (planned)
• Built upon FloodLight
• Designed for production use.
Developed by Internet2 with GlobalNOC Software Engineering
FlowSpace Firewall

23. FlowSpace Firewall Config Example
<flowspace_firewall>
<switch name="foo" dpid="5" flush_rules_on_connect="false" />
<switch name="foo1" dpid="2" flush_rules_on_connect="false" />
<switch name="foo2" dpid="3" flush_rules_on_connect="false" />
<switch name="foo3" dpid="4" flush_rules_on_connect="false" />
<slice name="OESS1”>
<switch name="foo" max_flows="10" flow_rate="1">
<port name="s5-eth1">
<range start="1" end="2000"/>
</port>
<port name="s5-eth2">
<range start="1" end="2000" />
</port>
</switch>
<controller ip_address="140.182.45.45" ssl="false" port="6633" />
</slice>
</flowspace_firewall>
Symbolic names reduce policy churn
limits protect network
Range expression for sanity

24. • Researcher wanting to run on NDDI, iDREAM or AL2S opens ticket
with Internet2 NOC
• Submitters required to submit a compatibility document
– Functionality
– Resource requirements
• All applications destined for AL2S will be tested on iDREAM lab
first.
• Testing will be performed in lab running the entire AL2S stack to
ensure compatibility
Application Vetting Process

25. • Same hardware as in the the AL2S + others
– Brocade, Juniper, Cisco ASR, NEC
• Verify Behavior
– Does it behave as described in compatibility document
– Can it function in a constrained FlowSpace
• Verify Interoperability with entire system
– When there is network churn or other event does the system as a whole
function correctly
– How does it handle network life cycle events like new ports or devices added?
– Does this app exhibit behaviors that interfere with higher priority apps?
• Verify FlowSpace Firewall is adequately protecting resources
– Anticipated failure modes are covered
– Testing if additional resources need protection
– Vulnerabilities not covered in current environment
• Oddly formed flowmod crashes switch scenario
Lab Testing

26. • Loss of Forwarding
– Forwarding rule triggers bug in Switch
– Testable in lab with sufficient test coverage
• Loss of Provisioning
– A failure in the control plane caused by bug in FSF, OESS, etc
– Not stop forwarding on switches, keeps proactive apps working
– Reactive apps, start to exhibit loss of Forwarding
• Application Flow Space Collisions
– 2 Applications interfere with each other’s flowspace
– Could be caused by bug in FSF, or possibly in policy defn
– Would disrupt forwarding
• Multiple Failure
– Imagine a case where overlapping flowspace breaks backup paths but
backup paths only activated when a trunk goes down
Anticipated Failure Modes

27. • Monitor control channel resources to detect failures
• Per Slice and per Slice/Switch
– Control Channel Bandwidth
– Packet IN/Out
– FlowMods/Sec
– Total Active Flow Mods
– Controller Reconnections
– FSF rejections
• FlowSpace Firewall (FSF)
– CPU / Mem / Running State
– Controller Connection Status
Monitoring

28. • Order of Operations
1. Service Restoration
2. Communication
3. Debugging
• Each app has an identified owner and a defined priority
• Higher priority wins (production will always be higher than research)
• Today OESS has the highest priority (only production app)
• If a bug in a lower priority service is causing an issue in a higher,
we will shut down the lower
• If a bug in virtualization is causing an issue in OESS we will revert
to non-virtualized operations
Incident Response

29. Does this create a platform for innovation?
Abundant bandwidth to enable innovation? 
Software-defined networking substrate? 
Support data intensive science? 
Virtualization?  In progress
Integrate network with compute and storage? ☐ Next step

30. Title or Title
• Event/Date
• Presenter,
PresenterTitle, Internet2
What will
global innovators
do with the next
Innovation
Platform?

31. 31 – © 2013 Internet2
GOLD
SILVER
BRONZE
2013 Internet2 Innovative Application Awards

32. Development of next generation, open source
applications that are of general interest to the
research and education community and take
advantage of SDN-enabled capabilities that
improve data movement across 100G
OpenFlow-enabled networks such as the
Internet2 Advanced Layer2 Service
[ 32 ]
Program Goal
May 18, 2014 © 2013 Internet2

33. • May 2013 – Program Announcement
• June 7, 2013 - Proposals Due
• June 25, 2013 – Proposal Notification
• July 1 - Oct 4, 2013 – Application Development
• October 15, 2013 – Submission of Application
• November 2013 – Application Demonstrations
• December 2013 – Applications available online
[ 33 ]
Contest Timeline

34. • Aimed at undergraduate and graduate
students at US based colleges and
universities
• $10,000 cash award
– $2,000 for when the proposal is accepted
– $8,000 for submission of completed, working
project
– Individual not institutional awards
[ 34 ]
Program Summary

35. • 8 proposals selected for completion
• Project teams
– Individuals as well as teams
– Graduate, undergraduate and university staff
– Most projects had a faculty or staff advisor
• Project types
– Data movement, network management
software, security
[ 35 ]
Selected Projects

36. • Projects completed
– Source code available from a public code
repository
– Documentation
• Code documentation
• Final report
• Slide presentation
• Application demonstrations
– November 2013, April 2014
[ 36 ]
Current Status

37. Application Developer: William J. Brockelsby Organization: North
Carolina State University (NCSU) Location: Raleigh, NC Project: The
application aims to provide an efficient, customized, enriched "Bring
Your Own Device" (BYOD) experience for any campus user or visitor.
The user can be securely verified to access the enterprise network,
and routed to the most pertinent digital resources based on the
user's role, work, and/or discipline. For example, a visiting particle
physics expert could have their identity and device recognized and
immediately routed to the institution's dedicated physics network,
cloud, and other digital resources.
[ 37 ]
Network Administration Control

38. Application Developer: Marc De Leenheer, Ali Al-Shabibi, William
Snow, Guru Parulkar
Organization: Open Network Laboratory Location: Palo Alto,
CA Project: Researchers need networking environments that can be
molded to meet their demanding requirements. OpenVirTex is a
network virtualization platform that aims to allow each researcher to
build discrete virtual networks on a shared physical infrastructure for
research collaboration. Each virtual network in the multi-tenant
cloud would look and behave just like a physical network, but
provide complete control over the address space and topology.
[ 38 ]
OpenVirTex

41. • Application Developer: Mo Dong, Qingxi Li, and P. Brighten
Godfrey
• Organization: University of Illinois at Urbana-Champaign
(UIUC) Location: Urbana, IL Project:– Big data senders are
faced with the challenge of efficiently and effectively
distributing large data sets among collaborators. BBCC aims
to allow individual senders to observe and diagnose
changing network conditions, optimize and control network
characteristics, and meet specific data movement needs.
[ 41 ]
Black Box Congestion Control (BBCC)

42. Application Developer: Rasha El-Jaroudi, Aditi Ghag Organization:
Georgia Institute of Technology (Georgia Tech) Location: Atlanta,
GA Project:– All network users, especially those without networking
expertise, need to reliably stream video content. The application
aims to enable seamless video streaming by providing better control
through a holistic view of network conditions, a programmable
interface to an SDN controller, and leveraging content from optimal
sources based on the global view of the network in order to reduce
bandwidth costs.
[ 42 ]
Software Defined Networking (SDN) based
Application for Efficient Video Streaming

43. Application Developer: Andy Li Xiaolin, Ze Yu
Organization: University of Florida Location: Gainesville, FL Project:
Scientists geographically distributed need to collaborate with
massive amounts of data. MapReduce is a popular programming
model for analyzing large data sets generated by experiments. This
application aims to provide a solution that enhances the
functionality of MapReduce by reserving network bandwidth and
performing intelligent data transfers.
[ 43 ]
Elf: Network-Enhanced Data Prefetching
Middleware for Geo-Distributed MapReduce

44. Application Developer: Pingping Lin, Jonathan Hart, Umesh
Krishnaswamy
Organization: Open Network Laboratory Location: Palo Alto,
CA Project: Collaborators using different types of network
architectures need them to reliably interoperate. This application
aims to allow Software Defined Networks to interoperate with legacy
networks, ensuring successful network collaboration. Utilizing BGP
(Border Gateway Protocol), this solution has been implemented and
evaluated for feasibility, and is now ready for deployment in
production environments.
[ 44 ]
Seamless Interworking of Software Defined
Networks and IP

45. Application Developer: Muhammad Shabaz, Arpit Gupta, Nick
Feamster
Organization: Georgia Institute of Technology (Georgia
Tech) Location: Atlanta, GA Project: Network operators need
controller software tailored for inter-domain routing due to the rise
of SDN infrastructures at several commercial SDN Internet exchange
(SDX) points. This application aims to create an architecture for SDX
that can solve a variety of problems for network operators who must
rely on BGP by enabling new functions and a richer set of policies
than are possible with today's inter-domain routing systems.
[ 45 ]
Software Defined Networking (SDN) for Internet
Exchange Points

46. Application Developer: Stephen Tredger, Patrick C. McGeer
Organization: University of Victoria and PlanetWorks LLC Location:
Victoria, BC Project:– Testing and developing new applications are
crucial to advancing network infrastructure, innovating Internet
technologies, and accelerating scientific discovery through enhanced
research collaboration. The GEE aims to radically simplify researchers
and educators workflow in using distributed systems to quickly
deploy and develop distributed apps that work higher in the stack by
using pre allocated dedicated VLANs creating an international
network to isolate GEE experiments.
[ 46 ]
GENI Experiment Engine (GEE) Infrastructure

47. Title or Title
• Event/Date
• Presenter,
PresenterTitle, Internet2
What will
global innovators
do with the next
Innovation
Platform?

48. CREATING A CLIMATE FOR
INNOVATION ON INTERNET2
eboyd@internet2.edu
innovation@internet2.edu
Thank you. For more information,
visit http://www.internet2.edu
or e-mail innovation@internet2.edu
48 – 5/21/2014, © 2012 Internet2