Technical Architecture Specification
DRAFT
Network services include the (1) wiring, (2) protocols, and (3) topologies necessary to enable reliable, transparent, end-to-end transmission across communications networks; transparent file access to local and remote files; and microcomputer support for the interoperability of proprietary systems.
Elements of network services are based upon and support the Open System Interconnect (OSI) model. OSI is an International Organization for Standardization (ISO) standard for worldwide communications that defines a framework for implementing protocols in seven layers. Control is passed from one layer to the next, starting at the application layer in one station, proceeding to the bottom layer, over the channel to the next station and back up the hierarchy. The sevens layers from top to bottom of the OSI model are (1) Application, (2) Presentation, (3) Session, (4) Transport, (5) Network, (6) Data Link, and (7) Physical. Standards, preferred products, and targets for these seven layers are defined in the following specific network service elements:
- Transmission Media
- Data Link Services
- Network Transport Protocols
- Files Services
- Directory and Naming Services
- Network Management
2. Transmission Media
The transmission media or the physical data layer form the foundation of the OSI stack. All other layers of OSI rely on this layer. Improper design, selection, or engineering will prohibit current operations and future growth. Thus, the network infrastructure must be flexible and dynamic enough to provide bandwidth speeds supportive of current, as well as future technologies. Extending the bandwidth horizon requires careful planning and selection of proper media and infrastructure. For example, to realistically support multimedia such as video, speeds up to 100Mbps to the desktop must be achieved. Careful planning within budget requirements are crucial to successfully meet such goals.
The DOE-ORO LAN is founded upon a star topology. In a star topology all devices are connected to a central hub. Star networks are relatively easy to install and manage, but bottlenecks can occur because all data must pass through the hub. On each wing of the Federal Operations Building (FOB) centralized communication closets are located containing punch down panels and hubs. Category 5 unshielded twisted-pair (UTP) cable has been deployed at the FOB, 2714, 55 Jefferson, 1916-T11916-T2, and Office of Scientific and Technical Information (OSTI) facilities. UTP cable is rated according to performance characteristics by ANSI, Electronic Industries Association (EIA), and the Telecommunications Industry Association (TIA). Category 5 is capable of supporting 10 Mbps and can accommodate future, higher speeds up to 100 Mbps. Fiber is the medium of choice for most backbone and intersite networks, such as 2714. A fiber backbone has been installed at the FOB, with connections to 2714.
Category 5 twisted-pair cable is the preferred transmission medium to the desktop. Fiber optic cable will be used for the network backbone and inter-site networks (2714) where it is economically feasible. Fiber will also be used when distance limitations for category 5 twisted-pair cable have been exceeded (1916-T2). The maximum distance from a desktop to network hub for category 5 twisted-pair cable is approximately 100m or 328 feet. The maximum distance for fiber between stations is 2 km or 1.3miles.
Servers.
The data link layer of a network architecture ensures effective physical transfer of data between network nodes. This layer resides immediately above the physical layer and immediately below the network layer in the OSI model. The Institute of Electrical and Electronic Engineers (IEEE) 802 specifications divide the data link layer into two sub-layers, the Logical Link Control (LLC) and Media Access Control (MAC) layers. The LLC layer (802.2) is common to all of the 802 series of specifications. The MAC layer is defined separately for each of the physical implementations.
The following multiple standards have been implemented at the DOE-ORO for the MAC layer:
Other IEEE noted project groups include:
Ethernet Standard 2 and IEEE 802.3 describe different packet formats for Ethernet-based networks. Ethernet is a local-area network (LAN) protocol developed by Xerox corporation in cooperation with DEC and Intel in 1976. Ethernet uses a bus topology and supports data transfer rates of 10 Mbps. The Ethernet specification served as the basis for the IEEE 802.3 standard, which specifies the physical and lower software layers. Ethernet uses the CSMA/CD access method to handle simultaneous demands. It is one of the most widely implemented LAN standards.
A new version of Ethernet, called 100Base-T (or Fast Ethernet) based on the CSMA/CD access method, supports data transfer rates of 100 Mbps. A proposed standard, called "Gigabit Ethernet" will support data rates of 1 gigabit (1,000 megabits) per second. 100Base-T is based on the older Ethernet standard. Because it is 10 times faster than Ethernet, it is often referred to as Fast Ethernet. Officially, the 100Base-T standard is IEEE 802.3u.
"Switched Ethernet" is a new term used to define an Ethernet LAN that uses switches to connect individual hosts or segments. In the case of individual hosts, the switch replaces the repeater and effectively gives the device full 10 Mbps bandwidth (or 100 Mbps for Fast Ethernet) to the rest of the network. This type of network is sometimes called a desktop switched Ethernet. In the case of segments, the hub is replaced with a switching hub.
Traditional Ethernets, in which all hosts compete for the same bandwidth, are called shared Ethernets. Switched Ethernets are becoming very popular because they are an effective and convenient way to extend the bandwidth of existing Ethernets. And unlike other solutions, such as Fast Ethernet, switched Ethernet can use existing network interface cards (NICs). The DOE-ORO LAN consists of a FDDI backbone (100Mbps) supporting 10BaseT desktops (10Mbps) within a star topology. The DOE-ORO target is 100Mbps to the desktop at the lowest possible cost.
The preferred access method used for systems operating at the desktop is Ethernet. FDDI will continue to be used for network backbones and where category 5 twisted pair limits have been exceeded. Systems requiring higher speeds will use 100BaseT, "Gigabit Ethernet", or "Switched Ethernet". In the future, careful consideration will be given to "Switched Ethernet". By replacing current hubs with switching hubs and replacing desktop NICs, then "Switched Ethernet" is a reasonable and economical alternative. In a "Switched Ethernet" environment, transmission speeds are equivalent to FDDI (100 Mbps). Collisions do not occur as in 10BaseT, 100BaseT, or "Gigabit Ethernet". A tremendous advantage in deploying "Switched Ethernet" in the DOE-ORO environment is that user impact would be minimal. An over-night change-out of user NICs and hubs would not be required. All deployment could be performed in a systematic fashion with minimal user interruption.
4. Network Transport Protocols
The target standard for network transport protocols for data communications has been the OSI standard developed by the ISO. The network transport protocols are concerned with the routing of packets from source to destination and are located above the data link layer and below the session layer in the protocol stack.
The Internet Architecture Board (IAB) and Internet Engineering Task Force (IETF) adopted the TCP/IP suite as the de facto standard throughout industry. This standard has also been accepted as the DOE-ORO selected standard.
IP Next Generation (Ipng) is a new version of IP which will resolve addressing limitations in the current version. The formal name of the IPng protocol is IPv6 (where the "6" refers to it being assigned version number 6). The current version of the Internet Protocol is version 4 (referred to as IPv4). IPv6 is designed to be an evolutionary step from IPv4. IPng supports addresses which are four times the number of bits as IPv4 addresses (128 vs. 32). This is 4 Billion times 4 Billion (2^^96) times the size of the IPv4 address space (2^^32). IPng is a natural increment to IPv4 and can be installed as a normal software upgrade in internet devices and is interoperable with the current IPv4. Its deployment strategy is designed not to have any flag days or other dependencies. IPng is designed to run well on high performance networks and at the same time still be efficient for low bandwidth networks (e.g. wireless).
With the rapid growth of the Internet, information technology leaders in the higher education community have come together with partners from the Federal government and industry to develop a joint strategy (Internet2 or Internet-II). This joint strategy will focus on developing a next generation Internet (Internet-II) for research and education, including both enhanced network services, as well as multimedia application which will be enabled by those services. Internet-II participants will require the availability of advanced Internet services and a much higher capacity and intelligence in the network than exists today. Another goal of Internet-II is to create the same development cycle that marked the evolution of the original Internet, except at a faster pace. This newly conceived infrastructure component that will enable the higher education community to continue to make use of existing Internet services, as well as gain access to the new advanced Internet-II services has been termed the "GigaPOP."
TCP/IP will be the standard for intercommunications until IPng has matured. Movement will be made away from supporting non-year 2000 compliant operating systems such as VMS. Thus, support for DECNet (Pathworks) will no longer be required.
5. File Services
File services refer to the ability of an operating system to make available to users, in a seamless manner, the distribution and exchange of files across a network.
For desktop filesharing, Windows NT provides for the distribution and exchange of files across the DOE-ORO LAN. FTP provides a means of data exchange across all tiers via the TCP/IP protocol. Windows 95 clients are provided with a character based ftp and telnet with the operating system. The target file service for desktop clients is Windows 95.
For UNIX file sharing, Network File Service (NFS) is the de facto standard. NFS runs as a native process on all UNIX platforms (Sun Solaris or HP-UX) and is the target file service for the UNIX environment. NFS used in conjunction with Network Information Service (NIS) can provide a tightly integrated environment for the seamless integration of UNIX applications. NIS provides a method of integrating all "hosts" files into a single file for centralized administration. Mention must be made to products such as PC-NFS, which allow for integration of desktop PCs and UNIX hosts. UNIX file systems can appear native to PC desktops with the use of such software and many third-party applications are built around this design. Ftp is native to the UNIX environment and can be used to transfer files on-demand. Ftp is the target on-demand file distribution and exchange service and NFS is the target file service for the UNIX environment.
2. Preferred Products and Technologies
The preferred product for the on-demand distribution and exchange of files across all platforms is ftp. For the desktop environment, Windows NT is the preferred means of seamlessly accessing files across the ORO-LAN. For the UNIX environment, NFS in conjunction with NIS is the preferred means of seamless integration. For mixed environments, such as PCs and UNIX hosts, NFS integration with products such as PC-NFS are preferred.
6. Directory Services And Name Services
Directory and name services provide the ability to locate individuals, resources, information, and to translate human readable names into forms that are useful to computer software. A directory service is similar to a telephone directory, and as such contains information helping to identify, locate, and access network objects. Typical network objects are individual users, servers (hosts), routers, and other telecommunications equipment. Analogous to the telephone directory, directory services maintain a list of entities (names) and their associated IP addresses (phone numbers). Directory services rely upon name services to provide address translation for objects inside and outside the DOE-ORO domain (oro.doe.gov). The DOE domain is managed by DOE-Headquarters (doe.gov). The ORO-DOE domain is managed by ORO operations (oro.doe.gov).
Local TCP/IP (DOE-ORO) name services are managed by Domain Name System (DNS) on a Sun Solaris workstation (dns1.oro.doe.gov). DNS runs as a UNIX process (named) and provides address translation for all objects and devices within the oro.doe.gov domain. For each desktop request (www.hp.com, www.ibm.com, www-internal.oro.doe.gov, etc.), a DNS service must translate the name into the corresponding IP address. For example, the domain name www.microsoft.com would be translated to 198.105.232.4. The DNS system is, in fact, its own network. If one DNS server does not know how to translate a particular domain name, it asks another one, and so on, until the correct IP address is returned. The DOE-ORO local name server points to the DOE-Headquarters name server for assistance in resolving any addresses outside of the oro.doe.gov domain. The DOE-Headquarters name server resides on an UNIX host (sukhoi.doe.gov), as well.
Locally managed systems for internal use exist for locating individuals. WinWhos is used by Lockheed Martin Energy Systems and DOE in determining an individual’s user identification for accessing the DOE-ORO LAN. UNIX "finger" and "whois" commands assist in the UNIX environment. Ph is a TCP/IP-based client/server program for locating individuals, as well.
2. Preferred Products and Technologies
Since TCP/IP is the preferred networking method, DNS is the preferred method for resolving and maintaining fixed IP addresses. Local applications such as ph and WinWhos will continue to be used in identifying user account information.
7. Network Management
Network management refers to the broad subject of managing computer networks. There exists a wide variety of software and hardware products that help network system administrators manage a network. Network management covers a wide area, including:
• Security: Ensuring that the network is protected from unauthorized users.
• Performance: Eliminating bottlenecks in the network.
• Reliability: Ensuring sure the network is available to users and responding to hardware and software malfunctions.
Simple Network Management Protocol (SNMP), is a set of protocols for managing complex networks. The first versions of SNMP were developed in the early 80s. SNMP works by sending messages, called protocol data units (PDUs), to different parts of a network. SNMP-compliant devices, called agents, store data about themselves in Management Information Bases (MIBs) and return this data to the SNMP requesters. Most DOE-ORO agents (routers, servers, etc.) are SNMP enabled. As such, software packages such as HP OpenView can provide dynamic valuable information to network managers.
The target product for network management will be one that can manage a heterogeneous multi-vendor network via SNMP-based commands and queries.
SNMP will be the preferred basis for network management within the DOE-ORO. All newly purchased hardware will be "SNMP enabled". Network management tools are currently being evaluated, such as HP OpenView and Cabletron Spectrum, to assist in this proactive network monitoring. A more aggressive network management approach will be taken as applications become Web enabled. Increased network traffic, server usage, etc., will be monitored. MIBs such as those provided by Oracle for monitoring database health will be monitored, as well. By mandating that all new hardware be "SNMP enabled" and acquiring a SNMP management tool such as HP OpenView, the DOE-ORO will be able to transition from a "reactive" to an aggressive "proactive" approach to network management.