Internet2 SDN Network Adds Multi-Tenancy

  • By Dian Schaffhauser
  • 10/29/14

Internet2 has added a new resource that enables its national education network to be divided into segments that can be allocated for use as multiple, discrete private networks by specific research or other user communities. The "FlowSpace Firewall" has been installed in the Internet2 production network, allowing it to be partitioned across nearly 40 100G-attached access nodes throughout the country. The firewall software was commissioned by the community organization and co-developed by Indiana University.

With the new firewall in place on the Internet2 network, one allocation will be prevented from consuming resources set aside for other allocations. The first uses are expected to surface among the research and education community.

The news came during this week's 2014 Technology Exchange in Indianapolis, a gathering of technologists who participate in the Internet2 network.

Internet2 runs the first 100-gigabit open, national software-defined network (SDN), a platform for network virtualization. As with virtualized servers and storage, SDN-enabled hardware uses abstraction to simplify the management of the underlying physical network, especially useful as data centers integrate cloud services and virtualization with on-premises operations. The SDN approach is intended to enable IT to pull together and manage hardware such as switches and routers from different vendors without having to deal with the underlying operating systems or protocols running on those components. When network service delivery changes are required, the network can respond programmatically.

The segmenting capability now built into the network "is a foundational technology that we've put in place," said Rob Vietzke, executive director of networking services within Internet2. "We don't quite know which [communities] will use it and for what. The first people will probably be computer scientists and folks developing infrastructure services. But it's a really unique partitioning of a very important national resource in a way that allows each person that chooses to take a partition to essentially act like they have their own national network."

Several institutional research organizations have already announced new projects to try out virtual slices of the SDN network. In August the National Science Foundation awarded separate $10 million grants to two projects creating cloud computing testbeds.

Chameleon is a large-scale, reconfigurable experimental environment for cloud research, co-located at the University of Chicago and the University of Texas at Austin.

The Chameleon testbed is intended to adapt to multiple experimental needs "from bare metal reconfiguration to support for ready-made clouds," said Kate Keahey, a scientist at the Computation Institute at U Chicago and principal investigator, in a statement. "Furthermore, users will be able to run those experiments on a large scale, critical for big data and big compute research." That project also encompasses creation of a community "where researchers will be able to discuss new ideas, share solutions that others can build on or contribute traces and workloads representative of real life cloud usage."

CloudLab, the second project, is a large-scale distributed infrastructure based at three institutions, the University of Utah, Clemson University in South Carolina, and the University of Wisconsin. Researchers will use CloudLab as a support for constructing different kinds of clouds using new architecture. Each site will have unique hardware, architecture and storage features and will connect to the others via Internet2's SDN-enabled network.

"By connecting CloudLab to Internet2's nationwide SDN network, we can give researchers a level of end-to-end network programmability that is unprecedented in a cloud platform," said Robert Ricci, a research assistant professor of computer science at U Utah and principal investigator of CloudLab. "Having this level of control, programmability and visibility into the network will enable the research community to push the boundaries of cloud networking and explore the future of network architectures for the cloud."

Traditionally, systems and network researchers have been part of the computer science department in the university while computational scientists worked in other disciplines using computing and network resources as tools to do their simulation and modeling-oriented research, added U Utah's Interim CIO, Steven Corbato. "Where we're headed is for these two disciplines to start talking to each other in ways they haven't done in probably 20 or 30 years. It's a pretty exciting time. Whenever you can bring scientists from different disciplines together, I think there are usually good results that come from it. That's one of the drivers from Utah's end."

Although the work going on now is intended to test out and prove the merits of the technology, eventually, the technologies and architectural schemes developed through the use of Internet2's SDN experimental efforts will infiltrate institutional data center operations, he noted.

"If I look at our network, it has historically been based on campus geography or organization," said Corbato.

What he'd rather see is a network structured to accommodate traffic segmentation based on the role of the individual and the risk profile of the data being handled. "We have a hospital; we have a lot of educational records flying around, especially now that we're pushing online education very hard. Those all fall under classes of protected information. Credit card information is protected. We need to put that on a special part of the network where it does not mix with other traffic." SDN and the other developments coming out of work being done by Internet2 and its members and partners "can help us achieve this architectural vision."

Featured

  • The AI Show

    Register for Free to Attend the World's Greatest Show for All Things AI in EDU

    The AI Show @ ASU+GSV, held April 5–7, 2025, at the San Diego Convention Center, is a free event designed to help educators, students, and parents navigate AI's role in education. Featuring hands-on workshops, AI-powered networking, live demos from 125+ EdTech exhibitors, and keynote speakers like Colin Kaepernick and Stevie Van Zandt, the event offers practical insights into AI-driven teaching, learning, and career opportunities. Attendees will gain actionable strategies to integrate AI into classrooms while exploring innovations that promote equity, accessibility, and student success.

  • floating digital interface with glowing icons, surrounded by faint geometric shapes

    Digital Education Council Defines 5 Dimensions of AI Literacy

    A recent report from the Digital Education Council, a global community devoted to "revolutionizing the world of education and work through technology and collaboration," provides an AI literacy framework to help higher education institutions equip their constituents with foundational AI competencies.

  • computer screen displaying a landline phone being unplugged from a single cord, with a modern office desk, keyboard, and subtle lighting in the background

    Microsoft to Discontinue Skype Services

    Microsoft has announced that it is shutting down service for its Skype telecommunications and video calling services on May 5, 2025.

  • glowing brain, connected circuits, and abstract representations of a book and graduation cap on a light gray gradient background

    Snowflake Launches Program to Upskill 100,000 People in Data and AI

    Cloud data platform Snowflake is embarking on an effort to train and certify more than 100,000 users on its AI Data Cloud by 2027. The One Million Minds + One Platform program will provide Snowflake-delivered courses, training materials, and free access to Snowflake software, at no cost to learners.