Data Center Design Guide 4 1

1,549 views

Published on

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,549
On SlideShare
0
From Embeds
0
Number of Embeds
19
Actions
Shares
0
Downloads
230
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide
  • Data Center Design Guide 4 1

    1. 1. Internet Data Center Solution Design
    2. 2. Internet Data Center Solution Design IDC Industry Analysis Internet Data Center Requirements Alteon IDC Solution Overview Alteon IDC Solution Design IDC Solution Case Study
    3. 3. Internet Infrastructure Upgrades Web Switching Gigabit Ethernet Giga/Terabit Router DWDM Sonet xDSL Cable Wireless Caching CDN Web Switching
    4. 4. Migration to Internet Data Centers <ul><li>IMPACT: </li></ul><ul><ul><li>Outsourcers will own and manage web switches for customers (already happening) </li></ul></ul><ul><ul><li>API-level interfaces for controlling web switches will become more important </li></ul></ul>Source: Forrester
    5. 5. Why companies outsource to IDCs? Source: Forrester
    6. 6. E-commerce vs. Brochureware <ul><li>New sites are increasingly complex and transaction-oriented </li></ul><ul><li>Mission critical sites are more common, which changes the requirements for hosting </li></ul>Source: Forrester
    7. 7. Internet Data Center Solution Design IDC Industry Analysis Internet Data Center Requirements Alteon IDC Solution Overview Alteon IDC Solution Design IDC Solution Case Study
    8. 8. Internet Data Center Environment
    9. 9. Internet Data Center Environment Remotely-monitored video surveillance safeguards the IDC and its perimeter 24 hours a day, 7 days a week. Hand scanning sensors authorize Internet Data Center clearance by means of biometric recognition. Server racks are reinforced against seismic anomalies with scientifically exact bracing that adjoins both the server racks and the caging environment to a below-floor channel. All IDCs run on clean power conditioned by an Uninterruptible Power Supply (UPS). The UPS provides immunity to energy spikes and surges experienced by the public sector. Backup generators guarantee an alternate power source, providing indefinite hours of additional uptime in the event of a system failure. Multiple HVAC units supplement principal cooling systems for consistent temperature control and maximum airflow. A preferred alternative to conventional fire suppression methods, this system, together with intelligent early detection and backup suppression methods, prevents unnecessary equipment damage and incidental loss of uptime. Internet operations are simultaneously monitored 24 x 7 within each Internet Data Center NOC (Network Operations Center) and from the Exodus Response Center IDC access, 24 x 7 security monitoring and incident management are controlled by on-premises security officers. Alarms are monitored 24 x 7 for rapid incident resolution. Electronic motion sensors detect and react to movement around the perimeter of the IDC and within its interior. .
    10. 10. Successful key factors <ul><li>Give client control </li></ul><ul><ul><li>Accessibility 24x7 with security </li></ul></ul><ul><li>Pre-configured wiring system </li></ul><ul><li>Best security to safeguard the access </li></ul><ul><li>Best facility </li></ul><ul><ul><li>Network Operations Center (NOC) </li></ul></ul><ul><ul><li>Best reliable networking equipment </li></ul></ul><ul><ul><li>UPSs </li></ul></ul><ul><ul><li>Secure, monitored facility </li></ul></ul><ul><li>Great Connectivity </li></ul><ul><ul><li>Multi-Telco connections with great and various types of bandwidth </li></ul></ul><ul><li>Offer Multi-services </li></ul><ul><li>Best people & support </li></ul>
    11. 11. Internet Data Center Services <ul><li>Real Estate </li></ul><ul><li>Bandwidth </li></ul><ul><ul><li>10Mbps and 100Mbps (shared or Dedicated) </li></ul></ul><ul><ul><li>Incremental bandwidth between 10Mbps - 100Mbps </li></ul></ul><ul><li>Managed Services </li></ul><ul><ul><li>System monitoring > Network monitoring </li></ul></ul><ul><ul><li>Basic equipment level trouble shooting </li></ul></ul><ul><ul><li>Reporting > Backup service </li></ul></ul><ul><li>Professional Services </li></ul><ul><ul><li>Total solution </li></ul></ul><ul><ul><ul><li>H/W, S/W, Planning, Design, Implementation </li></ul></ul></ul><ul><ul><li>Security service </li></ul></ul><ul><ul><ul><li>Consultation > Firewall </li></ul></ul></ul><ul><ul><ul><li>Intrusion detection > Anti-virus </li></ul></ul></ul><ul><ul><ul><li>Data Recovery > Monitoring </li></ul></ul></ul><ul><ul><ul><li>Reporting </li></ul></ul></ul>
    12. 12. IDC Service Provider Approaches <ul><li>Infrastructure-driven service providers </li></ul><ul><ul><li>Started out focusing on network pieces </li></ul></ul><ul><ul><ul><li>WAN (Internet backbone/peering) </li></ul></ul></ul><ul><ul><ul><li>LAN (per customer) </li></ul></ul></ul><ul><ul><ul><li>IP </li></ul></ul></ul><ul><ul><ul><li>Facilities like air conditioning and power </li></ul></ul></ul><ul><ul><li>Provide value by knowing about infrastructure and how to run it </li></ul></ul><ul><ul><li>Evolving “up the stack” </li></ul></ul>
    13. 13. IDC Service Provider Approaches <ul><li>Application-driven service providers </li></ul><ul><ul><li>Started out focusing on hosting simple applications </li></ul></ul><ul><ul><li>Quickly moved to business applications like ERP with web front-ends </li></ul></ul><ul><ul><li>Provide value by knowing about applications and the business rules that shape them </li></ul></ul><ul><ul><li>Evolving “up the stack” </li></ul></ul>
    14. 14. Changes in Site Complexity <ul><li>Move to transaction-oriented E-commerce sites drives need for stronger session state management </li></ul><ul><ul><li>Network Intelligent URL based load balancing </li></ul></ul><ul><ul><li>Session state management for SSL </li></ul></ul><ul><ul><li>More awareness of applications </li></ul></ul><ul><ul><li>Application-level QoS </li></ul></ul>
    15. 15. IDC Solution Requirements Summary <ul><li>High Performance, Reliability, Flexibility, Scalability </li></ul><ul><li>Solve Data Center security concerns and Firewall Protection </li></ul><ul><li>Serviceability </li></ul><ul><li>Enable E-commerce platform </li></ul>
    16. 16. Internet Data Center Solution Design IDC Industry Analysis Internet Data Center Requirements Alteon IDC Solution Overview Alteon IDC Solution Design IDC Solution Case Study
    17. 17. Alteon WebSystems <ul><li>Founded May, 96 </li></ul><ul><li>Claim to fame Content networking pioneer </li></ul><ul><li>Customers 2000+ worldwide </li></ul><ul><li>Employees 600+ </li></ul><ul><li>FY00 revenue $109m </li></ul><ul><li>Revenue growth 545% (4Q/00 over 4Q/9) </li></ul><ul><li>Growth in value 774% (Sept 99 to Aug 00) since IPO </li></ul><ul><li>Status Just acquired by Nortel </li></ul>
    18. 18. Alteon Products/Technology Stackable and Modular Web Switches High-Speed Adapters Traffic Control Software Next Generation Network Processing ASICs Web Optimization Tools
    19. 19. IDC Network Basics
    20. 20. Alteon IDC Solution Vision <ul><li>Infrastructure network for IDC </li></ul><ul><ul><li>Most server-efficient Ethernet connectivity </li></ul></ul><ul><ul><li>Best resilience and application availability services </li></ul></ul><ul><ul><li>Most intelligent traffic prioritization, redirection and load balancing </li></ul></ul><ul><ul><li>Most comprehensive integration of IP traffic management services </li></ul></ul><ul><ul><li>Most scalable, high performance data center infrastructure network </li></ul></ul>Access Networks Remote Data Center Internet WAN Backbone Remote POPs <ul><li>Fast and Gig Ethernet </li></ul><ul><li>L2/3/4/L7 switching </li></ul><ul><li>Local/global load balancing </li></ul><ul><li>Cache redirection </li></ul><ul><li>Bandwidth management </li></ul><ul><li>Security/Fire walling </li></ul>Data Center Database Web Servers DNS Web Switches Host Optimized Adapters Email Firewall & VPNs
    21. 21. <ul><li>Local Server Load Balancing </li></ul><ul><ul><li>Increase application performance, availability and scalability by transparently distributing user requests across local server farms </li></ul></ul><ul><li>High Availability Configurations </li></ul><ul><ul><li>No single-point-of-failure at system level </li></ul></ul><ul><ul><li>Active-Active Design </li></ul></ul><ul><li>Global Server Load Balancing </li></ul><ul><ul><li>Increase application performance, availability and scalability by transparently distributing user requests across geographically distributed server farms </li></ul></ul><ul><li>Policy-based Traffic Redirection </li></ul><ul><ul><li>Per port access control and traffic redirection to increase security, manage traffic and offload routers </li></ul></ul><ul><ul><li>Enables load balancing of transparent devices including caches, SSL off-load, firewalls and default gateways for increased performance and availability </li></ul></ul><ul><ul><li>Enables differentiated services and QoS </li></ul></ul><ul><li>Bandwidth Management </li></ul><ul><li>Server Security Protection </li></ul><ul><ul><li>Protects servers against hacker attacks </li></ul></ul>Alteon Data Center Solution FAB
    22. 22. Alteon IDC Network Design <ul><li>High Performance, Reliability, Flexibility, Scalability </li></ul><ul><ul><li>Capable to handle burst Internet transaction volume </li></ul></ul><ul><ul><li>Distributed Processing and Virtual Matrix Architecture </li></ul></ul><ul><ul><li>Active/Active configuration </li></ul></ul><ul><ul><li>Extremely high scalability </li></ul></ul><ul><ul><li>No restriction on IP addressing scheme of real servers </li></ul></ul><ul><li>Solve Data Center security concerns and Firewall Protection </li></ul><ul><ul><li>Leading-edge solution for Denial of Service (DoS). </li></ul></ul><ul><ul><li>Most scalable high-performance firewall load balance </li></ul></ul><ul><ul><li>Freedom of choice of firewall selection </li></ul></ul>
    23. 23. Alteon IDC Network Design <ul><li>Serviceability </li></ul><ul><ul><li>Guaranteed Internet Bandwidth </li></ul></ul><ul><ul><li>Enable Service based provisioning, Dynamic bandwidth, Preferential service, Usage-based service. </li></ul></ul><ul><li>Enable E-commerce platform </li></ul><ul><ul><li>Content switching Server Load Balance </li></ul></ul><ul><ul><li>Content Intelligence switching </li></ul></ul><ul><ul><li>Scriptable Health Check </li></ul></ul><ul><ul><li>SSL Offload </li></ul></ul>
    24. 24. Internet Data Center Solution Design IDC Industry Analysis Internet Data Center Requirements Alteon IDC Solution Overview Alteon IDC Solution Design IDC Solution Case Study
    25. 25. Internet Data Center Solution Design Alteon IDC Solution Design IDC Network Infrastructure Design IDC Network WAN Backbone Design IDC Network Firewall & CDN Design IDC Network LAN Backbone Design IDC Network User Access Network Design IDC Network User Network Design IDC Network Management System Design A Sample IDC Network Design
    26. 26. IDC Network Architecture Internet ( International/ Local) Internet Backbone Connection Firewall & Security (VPN) Hosting Customer Internet Data Center Backbone Switch Hosting Access Switch / BMW Hosting Customer Hosting Access Switch / BMW Hosting Customer Hosting Customer Hosting Access Switch / BMW Hosting Customer Hosting Customer Network Management System Internet WAN Layer IDC Security Layer LAN Backbone Layer User Access Layer User Networks Layer IDC Infrastructure Customer Network
    27. 27. Mission of IDC Network Design <ul><li>IDC Network Infrastructure Design </li></ul><ul><ul><li>High Throughput and Reliable WAN Backbone </li></ul></ul><ul><ul><li>Scalable Network Security Gateway </li></ul></ul><ul><ul><li>Reliable, Scalable, High Bandwidth LAN Backbone </li></ul></ul><ul><ul><li>Customer & Application Bandwidth Management </li></ul></ul><ul><li>IDC User Network Design </li></ul><ul><ul><li>High Performance Server Farm with SLB </li></ul></ul><ul><ul><li>Global Access by GSLB </li></ul></ul><ul><ul><li>E-Business Application supported by SSL Offload and Persistence </li></ul></ul>Network Design is an art not just connect all box together
    28. 28. Internet Alteon Alteon Alteon Gigabit BB Gigabit BB Alteon Firewall Alteon Alteon Firewall SSL Service SSL Service SSL Service SSL Service L2 100Mbps Switch With Gigabit uplink L2 Gigabit Switch L2 100Mbps Switch With Gigabit uplink L2 100Mbps Switch With Gigabit uplink L2 100Mbps Switch With Gigabit uplink L2 100Mbps Switch With Gigabit uplink L2 100Mbps Switch L2 100Mbps Switch With Gigabit uplink L2 10Mbps Switch L2 10Mbps Switch L2 10Mbps Switch L2 10Mbps Switch L2 10Mbps Ethernet Hub L2 10Mbps Ethernet Hub L2 10Mbps Ethernet Hub L2 10Mbps Ethernet Hub Gigabit dedicated Bandwidth Connection 100Mbps dedicated Bandwidth connection 100Mbps dedicated System service 10Mbps dedicated Bandwidth connection 10Mbps dedicated System service 100Mbps shared Bandwidth connection 10Mbps shared Bandwidth connection 100Mbps Shared System Service 100Mbps Shared System Service Gigabit Dedicated System Service Bandwidth Mgt. function FWLB function Cache Service FWLB function L4/L7 LB function, iSD Service Gigabit Ethernet Backbone L2 Switching Fabric IDC User Access R R Internet Access Router A Big Picture of IDC Network Design Legends: Gigabit Ethernet 100Mbps Ethernet 10Mbps Ethernet Cache Server Cache Server Cache Server Cache Server
    29. 29. IDC Network Infrastructure Sample Design INTERNET R ACE 184 ACE 184 ACE 180E Accelar 8600 Accelar 8600 ACE 180E Firewall ACE 180E ACE 180E Firewall SSL Service SSL Service SSL Service SSL Service L2 100Mbps Switch With Gigabit uplink L2 Gigabit Switch L2 100Mbps Switch With Gigabit uplink L2 100Mbps Switch With Gigabit uplink L2 100Mbps Switch With Gigabit uplink L2 100Mbps Switch With Gigabit uplink L2 100Mbps Switch L2 100Mbps Switch With Gigabit uplink L2 10Mbps Switch L2 10Mbps Switch L2 10Mbps Switch L2 10Mbps Switch L2 10Mbps Ethernet Hub L2 10Mbps Ethernet Hub L2 10Mbps Ethernet Hub L2 10Mbps Ethernet Hub Gigabit dedicated Bandwidth Connection 100Mbps dedicated Bandwidth connection 100Mbps dedicated System service 10Mbps dedicated Bandwidth connection 10Mbps dedicated System service 100Mbps shared Bandwidth connection 10Mbps shared Bandwidth connection 100Mbps Shared System Service 100Mbps Shared System Service Gigabit Dedicated System Service Bandwidth Mgt. function FWLB function Cache Service FWLB function L4/L7 LB function, SSLService Gigabit Ethernet Backbone L2 Switching Fabric IDC User Access R Internet Access Router Legends: Gigabit Ethernet 100Mbps Ethernet 10Mbps Ethernet Cache Server Cache Server Cache Server Cache Server
    30. 30. Alteon IDC Network Solution Data Center Shared hosting service Managed firewall and VPN services Dedicated hosting/co-location service Customer 1 Customer 2 Customer 3 Data Center Data Center Internet Provider Backbone L3 concentration, Bandwidth mgnt L3 concentration, policy redirection, ACL, and FWLB POPs caches SLB, GSLB SLB, GSLB Reverse caches Dynamic Content Static Content L2 concentration, ACL, policy redirection, SLB, GSLB, Bandwidth mgnt SLB, Customer 3 SLB, GSLB Hierarchical Cache Farm D N S D N S D N S D N S
    31. 31. IDC Infrastructure and User Network (Option 1) Dedicated Bandwidth Service 10/100/1000Mbps; 256nKbps Global Server Load Balance (GSLB) Bandwidth Management (BWM) Firewall Load Balance (FWLB) Layer 4 & Layer 7 Load Balance L4&L7 LB iSD Service iSD Service S S S S Server offload L2/L3 Dedicated connection IDC Infrastructure User Network Legends: S Servers IDC equipment boundary User equipment boundary
    32. 32. IDC Infrastructure and User Network (Option 2) Shared Bandwidth Service 10/100/1000Mbps; 256nKbps Global Server Load Balance (GSLB) Bandwidth Management (BWM) Firewall Load Balance (FWLB) Layer 4 & Layer 7 Load Balance L4&L7 LB iSD Service iSD Service S S S S Server offload L2/L3 Shared connection IDC Infrastructure User Network Legends: S Servers IDC equipment boundary User equipment boundary
    33. 33. IDC Infrastructure and User Network (Option 3) Dedicated System Service 10/100/1000Mbps Global Server Load Balance (GSLB) Bandwidth Management (BWM) Firewall Load Balance (FWLB) Layer 4 & Layer 7 Load Balance L4&L7 LB iSD Service iSD Service S S S S Server offload L2/L3 Dedicated connection IDC Infrastructure User Network Legends: S Servers IDC equipment boundary User equipment boundary
    34. 34. IDC Infrastructure and User Network (Option 4) Shared System Service 10/100/1000Mbps Global Server Load Balance (GSLB) Bandwidth Management (BWM) Firewall Load Balance (FWLB) Layer 4 & Layer 7 Load Balance L4&L7 LB iSD Service iSD Service S S S S Server offload L2/L3 Shared connection IDC Infrastructure User Network Legends: S Servers IDC equipment boundary User equipment boundary
    35. 35. Internet Data Center Solution Design Alteon IDC Solution Design IDC Network Infrastructure Design IDC Network WAN Backbone Design IDC Network Firewall & CDN Design IDC Network LAN Backbone Design IDC Network User Access Network Design IDC Network User Network Design IDC Network Management System Design A Sample IDC Network Design
    36. 36. IDC Network Design – WAN Backbone <ul><li>IDC WAN backbone connect public and private network </li></ul><ul><ul><li>Major ISP with a high concentration in private connections </li></ul></ul><ul><ul><li>All IDC using multiple high-speed OC-3, and OC-12 lines for high performance, dedicated, and redundant backbone network connection </li></ul></ul><ul><li>Using reliable and far more powerful routers to built reliability, performance and scalable Internet node. </li></ul><ul><ul><li>High end Internet backbone router </li></ul></ul><ul><ul><li>Comprehensive IP backbone routing design </li></ul></ul>Internet ( International/ Local) Internet Backbone Connection Firewall & Security (VPN) Hosting Customer Internet Data Center Backbone Switch Hosting Access Switch / BMW Hosting Customer Hosting Access Switch / BMW Hosting Customer Hosting Customer Hosting Access Switch / BMW Hosting Customer Hosting Customer Network Management System Internet WAN
    37. 37. WAN Router Load Balancing <ul><li>All egress traffic is statistically load balanced among the routers. </li></ul><ul><li>Similar to how we do it with Redirection, we ensure IP Flows are properly maintained between unique IP Sources and Destinations </li></ul><ul><li>Required to ensure no out-of-order frames are transmitted out the WAN or LAN backbone </li></ul><ul><li>We don’t care (nor can we control) how frame INGRESS from the WAN to the switch </li></ul><ul><li>All Routers must have the ability the get to all destinations. Out-of-balance routing tables between the routers (from different network providers, for instance) will create problems. </li></ul>Load-sharing Routers Internet Backbone Load-sharing links
    38. 38. WAN Backbone Support Differentiated Services <ul><li>Reduce costs and increase trans-Pacific access performance: </li></ul><ul><ul><li>Redirect non-time sensitive traffic to high-latency satellite links </li></ul></ul><ul><li>Put WAN link to different server groups, using policy filter to redirect different service to different server group. </li></ul>Internet Backbone HTTP FTP, Email
    39. 39. Bandwidth Management Design A.com <ul><li>Usage-based services </li></ul><ul><ul><li>Basic charge by target rate (Soft Limit) </li></ul></ul><ul><ul><li>Over-subscription penalty based on frequency and amount of bursting between soft and hard limits </li></ul></ul><ul><ul><li>Tag packets above software limit - “discard eligible” when upstream bandwidth not available </li></ul></ul><ul><ul><li>Accounting data archived automatically for monthly billing </li></ul></ul><ul><li>QoS service offering </li></ul><ul><ul><li>Offer hosted Web sites preferential delivery by source IP blocks, applications, URL types, cookies, … </li></ul></ul><ul><li>Fast provisioning </li></ul><ul><ul><li>Pre-define up to 64 bandwidth policies AD3/180e </li></ul></ul><ul><ul><li>Pre-define up to 1024 bandwidth policies AD4/184 </li></ul></ul>VIP A CIR = 5 SL = 25 HL = 33 IPTOS = … . . . VIP A B.com VIP B VIP B CIR = 15 SL = 75 HL = 100 IPTOS = … CAR enabled Internet Backbone
    40. 40. Security Management <ul><li>Prevent DOS attacks by </li></ul><ul><ul><li>Rate limit SYN, Ping or other disruptive packets. </li></ul></ul><ul><ul><li>Alert operator when soft limit exceeded. </li></ul></ul><ul><li>Prevent potential outgoing DOS attacks. </li></ul><ul><ul><li>Rate limit applications using unknown port numbers. </li></ul></ul><ul><li>Augmented by other security features. </li></ul><ul><ul><li>ACL to prevent undesirable packets. </li></ul></ul><ul><ul><li>NAT to hide internal addresses </li></ul></ul>Broadcast/ Multicast CIR = 10 SL = 30 HL = 50 Internet IDC SYN & IP Options CIR = 2 SL = 2 HL = 5 Unknown Socket #’s CIR = 2 SL = 10 HL = 10 BW Contracts:
    41. 41. L3 VRRP for Reliable WAN Backbone Internet Backbone IP1 IP2 VIR Default Gateway for All Servers: VIR L3 VRRP

    ×