Enterprise Architecture and Infrastructure Mark Day Dept. of Radiology & Biomedical Imaging Tu Luu Dell Healthcare Consulting March 20, 2012 Progress Report for Committee on Technology and Architecture March 2012 SECTION HEADING 2012 Priority Projects • MPLS / UCSF “One Network” • DNS / DHCP • Enterprise backups - Crash Plan pilot to be presented at a future meeting 2 Brief Acronym Glossary • MPLS – Multiprotocol label switching – the underlying technology used to label and segregate logical networks on shared physical equipment • VRF – Virtual Routing and Forwarding – the separate network instances • PE – Provider Edge (PE router) • CE – Customer Edge (CE router) • QoS – Quality of Service – tagging of network traffic to allow different classes to be treated according to different business rules 3 MPLS - Goals • Highly redundant enterprise MPLS core shared between Campus and Medical Center • Capability to provision multiple segregated networks on shared equipment. • Communication between segregated networks enforced by security policy • End-to-End QoS • Unified support for Multicast • Ability to provision layer two between any two points on the network (borderless data center) 4 MPLS Benefits • Simplified and consolidated routing and security infrastructure with ability to delegate separate control • Leverage MAN upgrade projects from both Campus and Medical center • Ability to logically group devices of similar use regardless of physical location • Reduce operational expenses through shared infrastructure and simplified management • High availability and capability to achieve subsecond convergence in the core • Ability to meet Medical Center’s need for resiliency, and campus research community’s need for speed 5 Separate Distribution and Access Infrastructure 6 Shared Distribution But Separate Access 7 Shared Distribution and Access 8 Security Layer at Inter-VRF Routing 9 Project Status • Meetings held regularly between MCIT and ITS network staff, vendors, and interested observers • Medical Center proposal is to use heterogeneous Cisco ASR 9000 class routers for all PE Devices • Campus would like to re-use Cisco Catalyst 6500 class routers due to budgetary constraints • Cisco’s recommendation is to build MPLS core with ASR equipment, but also state 6500 product line has necessary features 10 Equipment Comparison • Case for ASR 9000 everywhere – Equipment designed for aggregation services – IOS XR software streamlines common service provider operations compared to IOS – Single software version and configuration to be used everywhere – Higher throughput – support 100 Gbps ports • Case for Catalyst 6500 – Upgrades necessary for MPLS project modest compared to replacement of routers – Configuration is different, but not expected to change much in core – Equipment is from same vendor and contains necessary feature set – Additional speed of ASR not immediately needed 11 Immediate Next Steps • Cisco to re-evaluate design and present options for re-purposing 6500s • Better define requirements to help in evaluation of 6500 vs. ASR 9000 for PE routers at some locations • Medical Center and Campus to explore ‘creative’ options to make homogeneous ASR 9000 design more affordable – Repurpose Catalyst 6500s in MC? – OE funding available for a consolidated network? – Additional pricing relief from Cisco? • Evaluate best way to use 6500s in design – As a PE router – Only as CE routers (fewer PEs?) 12 Future Items • Flesh out PE/CE design • Define details of security model • Agree on connection of MPLS core to internet • Agree on schedule • Decide on shared distribution / shared access layers • Governance aspect – threshold for defining additional VRFs • Define shared management responsibilities and structure • … 13 MPLS Network 15