U.S. Department of the InteriorU.S. Geological Survey

EDC Network StatusArchitecture and Technology Program

Mike RechtenbaughRaytheon

3/04/2002

Topics

Current status of LAN Current status of WAN Future network plans

Current Status of Local Area Network

1524 LAN connected devices 80 Unix Workstations 50 Unix Servers 600 Pcs. 200 Laptops 50 NT servers 105 Printers 110 network managed devices Novell and Windows NT networks

Physical Media Infrastructure

COM P RM 2"C2"

G

H

F

J

E

D

C

COM P RM 1"C1"

B

FR O N T O F BU ILD IN G

Basem ent

A

4/20/99

COM P RM 1 = "C1"COM P RM 2 ="C2"COM P RM 3 = "C3"

P

Phone Rm

COMPRM 3"C3"

Dow n-stairs

Fiber-Optic Physical InfrastrucutreFuture

Current Status of Local Area Network

OC-12 (622 Mbits/sec) ATM backbone Gigabit and FE switched networks 8 major logical networks Dual firewalls Combination of 3com, Fore/Marconi,

Cisco and Extreme equipment.

EDC Current LAN Configuration

100FE100FE

NASA(Sprint)

DHFESX-2400

Firewall

DAAC V0

ECS

DHF

LHF

NASA ATMSwitch

EBNetRouter

FDDI

OC-3OC-3

DS-3

OC-12

vBNS

NISN RouterATM

Backbone

Internet(backup)

Firewall

FE

GeoNet3

10 Mbs

Internet2(Abilene)

ECS Router

GigE

FDDI

GigE

GigE

OC-3

OC-3

edc75a

OC-3

OC-12

vBNS+

DS-3(shared with

Geonet3)

SDUniversities

FE

DS-3

Public AccessNetwork

DevelopmentNetwork

ProductionNetwork

OfficeAutomation

Network

100FE

GigEGigE100FE

NovellServers

NTServers Production Servers

100FE

WWW, FTP Servers

100FE

100FE

2 x OC-3

OC-3

Internet(SDN)

DS-3

ESX-2400

D IA GS T A T U S

AB

P S U C O N S O LE M OD E M M GM T

P C M C IAL IN K \A C TIV E

S M M i

45 01 4

450 13

1

2

3

4

5

6

7

8

3808

GigE

WAN Status

~600 Mbits/sec of WAN capacity 3 OC's (155 Mbits/sec)

(2) NASA South Dakota University Networks

3 DS-3's (45 Mbits/sec) Northern Lights Gigapop MCI/vBNS+ SDN

Dual Internet and I2 connectivity

WAN Status (cont.)

10 + T1's Dual redundant OC-48 (2.4

Gbits/sec) ring, connected via dedicated fiber to SDN

WAN Status

Northern Lights Gigapop Secondary Internet connection (Qwest, Envoy) Secondary Internet2 connection (Abilene)

MCI/vBNS+ GeoNet3 (USGS backbone) Primary Internet2 connection (vBNS+, Abilene)

SDN Primary Internet connection (UUnet, Sprint, AT&T) 15 Mbit/sec service

WAN Connections

EDC Wide AreaNetwork Connections

WRD

OC-3(155 Mbits/sec)

Internet2

EDC

NASA

vBNS+GeoNet3Internet2

Internet(backup)

2 x OC-3(310 Mbits/sec)

DS-3(45 Mbits/sec)

U MinnMinneapolis

DS-3(45 Mbits/sec)

Multiple T1/Frame Relay

SD Univ

Legend

SDN - SDN Communications

NASA - National Aeronautics and Space AgencyU Minn - Northern Lights GigapopWRD - Water Resources DivisionvBNS - Very High-Speed Network System

Internet(Primary)

SDNDS-3(15 Mbits/secprovisioned)

Geographic WAN Connections

SD Universities

NASA

Internet(backup)

Abilene /Internet2

UNIVERSITY

SDNInternet

GeoNet3vBNS+

05/18/2000 24

Abilene Access Nodes

Atlanta

Indianapolis

Kansas City

Denver

Los Angeles

Sacramento

Seattle

Abilene Core Node

Abilene Access Node

Operational January 1999

Houston

Cleveland

New York

Abilene - Internet2 Network

vBNS+ - Internet2 Network

WAN Data Statistics

Approximately 120+ Gigabytes of outflow daily Top 11 internal servers utilize 94% of

bandwidth Top destinations, .edu, .gov, .com

Approximately 3,000,000 TCP flows daily

Approximately 45,000 unique external hosts daily

WAN Statistics, daily output

Web Statistics

First level text here

02000000400000060000008000000

1000000012000000140000001600000018000000

Web hits

Sep

-93

Sep

-95

Sep

-97

Sep

-99

Date Range

EDC WWW Statistics

EDC's WWWStatistics Total

EDC's WWWStatistics External

EDC's WWWStatistics Internal

MRTG Graph of WAN Internet Traffic

MRTG Graph of WAN Internet2 Traffic

Latency Testing

Flow Log Information

Host Traffic Information

Future Plans for EDC Network

OC-12 to vBNS+ Cost sharing activity with NASA

Will save $500K / year Will support 1 Terabyte per day inflows

DS-3 to Ameritech NAP in Chicago Allows GeoNet3 Federal Network peering status Connections at NGIX West, NGIX Central, NGIX East

Gigabit core Deploy new Extreme Gigabit switches

Future Plans for EDC Network

Gigabit attached hosts SGI, Sun, NT Servers in computer rooms

Gigabit to closets VPN Concentrator

Secure, encrypted access from remote locations

Move wireless network Outside firewall All users required to use VPN client for internal

access

Future plans for EDC Network (6/2002)

100FE100FE

DHFEsx-2400

Firewall

DAAC V0

ECS

DHF

LHF

L7/V0 PublicAccess

Public AccessNetwork

GigE

GigE

GigE

GE

FEGEOC-12

OANetwork

Dev/ProductionNetwork

GE

WWW, FTP Servers

vBNS

Internet

Firewall

100 FE

DI AG

S T AT US

A

B

P S U C O NS O LE M O DE M M G M T

P CM C I AL INK \AC T IV E

S M M i

4501 4

45013

1

2

3

4

5

6

7

8

38 08

DI AG

S T AT US

A

B

P S U C O NS O LE M O DE M M G M T

P CM C I AL INK \AC T IV E

S M M i

4501 4

45013

1

2

3

4

5

6

7

8

38 08

GeoNet3 Internet2(Abilene)

GigE

DI AG

S T AT US

A

B

P S U C O NS O LE M O DE M M G M T

P CM C I AL INK \AC T IV E

S M M i

45014

45013

1

2

3

4

5

6

7

8

38 08

GigE

100FE

edc75a

GE

vBNS+DS-3

SDUniversities

DS-3

3804

D IA G

S TA TU S

A

B

PS U C O N SO LE M OD E M M G M T

PC M C IALIN K \A C TIV E

S M M i

4 5 0 1 4

4 5 0 1 5

1

2

3

4

Internet(SDN)

Internet2Federal Nets

Network Monitoring

Keynote Services – Outside/Active Ping and Trace Routes – Inside/Active Net Flow Stats – Inside/Passive

Keynote results