Knowledge base

At REANNZ, we're starting to gather together information that will be useful to our members, with a general focus on aspects of networking. You'll find links to our Wiki, external pages, and different files which you can download.

This page will grow as time goes on. If there's any similar information you would like to see added here, let us know and we'll do our best.

Science DMZ

The concept of a Science DMZ is a dedicated portion of a site or campus network, with its own equipment, configuration, and security policy, that serves only high-performance science applications. The main difference to other internal networks, is that a Science DMZ connects your organisation's research rich infrastructure, with another organisation's research infrastructure - and you remain in control of the access, security and connected infrastructure.

Developed by network engineers at ESnet, the Science DMZ addresses common network performance problems encountered by research organisations. Further information can be found on ESnet's website. Science DMZ: A Scaleable Network Design Model for Optimizing Science Data Transfers (link to ESnet website).

The US National Science Fund (NSF) has called for proposals to further develop the Science DMZ. See the "Data Driven Networking Infrastructure for the Campus and Researcher" section (II Program Description) in the Campus Cyberinfrastructure - Network Infrastructure and Engineering Program (CC-NIE) request for proposal (link to NSF website).

A Science DMZ has three components: a switch to guide the traffic; a data transfer node; and instrumentation to measure the performance and activity. You can create one in a number of different ways, using a number of different techniques.

• Tutorial: Achieving the Science DMZ (PDF from slideshow, 20MB)
• Presentation: Science DMZ Implementation recorded at the Joint Techs conference (link to video held on the Internet2 website)
• Deployment: ESnet's deployment of a Science DMZ to deliver data intensive science (link to HPCwire article)
• Securing supercomputer networks - Scientists experience life outside the firewall with "Science DMZs" (link to Arstechnica website)

Software Defined Networking and OpenFlow

Software Defined Networking is exactly as it says: networks that are controlled by software.

The benefits include that it’s hardware independent, which means that networkers are no longer effectively locked into using one type of switch. It also lets you have a centralised config, which means you can avoid the complexities of distributed decision making at the same time as enabling better testing; you can do a software proof that your network changes will work, without resorting to ‘try it and see’.

Openflow is a method of implementing Software Defined Networking.

• White paper: Enabling Innovation in Campus Networks (PDF, 620KB)
• Presentation: A New Approach to Networking (PDF from slideshow, 20MB)
• Openflow at REANNZ (including technical information) (link to REANNZ's wiki)
• Openflow Mythbusting by Google
• New Zealand at the research cutting edge: Software Defined Networking (link to Google NZ blog)
• Stanford's Nick McKeown describing how to make OpenFlow work at the 2012 Open Networking Summit (link to YouTube video)

Network Performance

Network performance is all about making your data transfers go faster. Having the network in place is only part of the solution; there are a number of things you can do to tune your network to get the best results.

• Tuning your network (including perfSONAR box deployment, gridFTP and more) (link to Esnet's Fasterdata blog)
• Tuning for speed (link to the Network Optimisation section on this website)
• Tuning BGP (link to the Network Optimisation section on this website)