By Carolyn Duffy Marsan
Network World, 06/10/02
Home to some of the world's most powerful supercomputers and bandwidth-intensive applications, the University of Illinois at Urbana-Champaign (UIUC) was a pioneer in the use of high-speed networks for scientific research. Now UIUC is upgrading its campus network to provide better performance to all of its departments - not just computer science and engineering. Pete Siegel, CIO of UIUC, spoke recently with Network World Senior Editor Carolyn Duffy Marsan about the importance of managing bandwidth and why improving quality of service is his top priority.
Please describe the UIUC's network infrastructure.
We have two connections to the Internet, and two connections to Internet 2 [a high-speed IP network that links major universities]. Our peak usage for the Internet is about 110M bit/sec, and we have redundant carriers and paths. We have two connections to Internet 2, a 155M bit/sec connection for the university and a 622M bit/sec connection for the National Center for Supercomputing Applications [NCSA, a federally funded research center located on campus]. Most of our research traffic is on Internet 2, while e-mail and Web surfing is on the Internet.
We also connect to the Illinois Century Network, which is a state-run network that links academic institutions, libraries and public schools. We have one of the three largest academic libraries in the country, so we get a lot of traffic coming in over the Internet to our library system.
More than 90% of our traffic is IP, although we have some Novell IPX and AppleTalk.
Our campus network connects more than 200 buildings. We have 50,000 users, including undergraduate and graduate students, faculty and staff.
UIUC has some of the world's most powerful supercomputers on its campus. How do these systems drive your bandwidth demands?
NCSA creates a level of expectation on campus. Not just NCSA, but also our computer science department. They use the high bandwidth in their facilities all the time. Other people see that, and they want it in their spaces. So what these groups do is create demand on campus that is an order of magnitude of what it would be otherwise. From my point of view, it's a great pressure for innovation.
What upgrades to this network infrastructure do you have planned in the next year?
We have a major campus upgrade going on to get all of our buildings up to 100M bit/sec for now and capable of 1G bit/sec in the future. We still have sites that are using Category 3 wiring [which supports 10M bit/sec]. All of our engineering and IT-oriented fields have high-performance networks. Now we want to get the same capabilities out to fine arts, architecture and other departments. Unlike a number of other schools, we don't see a correlation between science and bandwidth. We see high-bandwidth needs across the campus. It will take a couple of years, but we're more than halfway there now.
We're spending $4 million this year on upgrades. What's slowing us down a little is [a shortfall in] the state budget. Capital investments will be less next year, although we'll still be moving ahead. We're also planning to increase our annual network operations budget from $4 million to $9 million. It will take about a three-year ramp up for us to get to that level.
What is your role related to the network infrastructure and how critical is it to you vs. other IT-related issues?
There are two issues that are most critical to me. One is the communications infrastructure. Having the network perform with high quality of service and with very good accessibility to everybody on campus - that's No. 1.
The second is the use of educational technologies. So it's not just the research use of the network, but the educational use of the network. Here's where I'd like to see us: A professor comes into the classroom and wants to set up a video session with a peer at another university. He clicks a button, and it just works. There's an interesting difference between this community and the research community. You get up in front of a group of students at 9 a.m. You have 50 minutes to get your point across. If you spend the first 5 minutes fiddling with the network and your computer, you're toast. It's very different from the research context, where you say: OK it didn't work today but it'll work tomorrow.
Getting the network, with extremely high reliability, into the classrooms as well as into the research spaces is the linchpin of everything we're doing.
What emerging network technologies do you see as having the most promise for UIUC and why?
Tools for quality of service. These kinds of technologies are going to be critical because they're going to allow the end user to create with a Web page, a social contract with the network. The user can say: 'I need this capacity at 9 a.m.' If you tell me I've got it, then I can rest assured. That [capability] is just developing in terms of the core infrastructure. On this campus, it would be nice to say that if it's a faculty member who has a class, they're going to get a certain level of priority that's guaranteed. And if it's a student who wants to send an MP3 to a friend, we'll just give them the bandwidth that they've paid for.
The other area is in security. Anything that can be done in terms of firewall technology, filtering systems, virus detection, passwords and certificate-based security are areas we're very active in. Those technologies just need to keep developing.
What do you see as UIUC's major challenges related to its network infrastructure and how are you addressing these challenges?
With good security and good quality of service, the third issue I have is under control. And that third issue is that people's use of the network - the demand for bandwidth - is going up dramatically, especially as we move to more streaming types of services. People can easily overwhelm networks, and the current strategy is to use headroom to manage that. We recognize that people are willing to pay more for bandwidth, but they aren't willing to pay infinitely for it. Having excellent quality of service will allow users to say: 'Here's what I'm willing to pay for and as long as I get what I'm willing to pay for, I'm happy.'
How do you balance the need for network security vs. the traditionally open computing environments found in academia?
Both the consistently increasing number of denial-of-service attacks and Sept. 11 have really changed our security strategy. We believe that everybody in the system has to become, reluctantly, more of an expert on computer security issues.
We're spending more money on security education and training. We're making sure that the system and network administrators are up to what we call 'certified standards' and that there are materials available to end users so that people have no excuse not to be up to date on their security technologies. We have very clear policies so that if somebody is unable - and this has happened - to keep their security up to snuff, we are now proactively taking them off the network rather than wait for the attack. Since Sept. 11, the enthusiasm from user groups that they'll step up to their [security] responsibilities is really significant.
Do you see the convergence of voice and data traffic as a potential for UIUC? Why or why not?
Convergence is one of my favorite subjects. Several years ago, I had a convergence development group at a prior institution, and we spent about a half-million dollars a year with the goal of creating convergence by the year 2000. We worked with vendors who said they would have that technology by the year 2000. But there were two problems with it. One was they had no accounting strategy. We have to know what people are doing, and we have to charge for those services. The other problem is that vendors didn't have technology that scaled. There are lots of things that will work with 2,000 or 6,000 people that will not work with 30,000 or 40,000 people.
The other issue with convergence is the costing model. When voice over IP was first suggested, the notion was that existing phone technologies were going to remain expensive and that the new technology would be lower cost. That costing model has not worked out at all. Our costs for telephone systems have been dropping quite rapidly.
But after saying all of that, my belief is that convergence is going to happen but not because it's cheaper - that was the wrong thing to focus on - but because the newer services that you can create are going to be so important to people.
What percentage of your overall IT spending is on the network infrastructure? Is it going up or down?
It's 15% of the CIO office's IT budget. [On the campus as a whole, there's certainly four or five times that amount of money being spent on computing technologies.] When we go up to $9 million per year for network operating expenses, the overall budget will go up by this amount. So this isn't taking funds away from other areas. It's a net increase.
It's also a recognition of two things: One is that the core networking has to be high quality of service. It's not for research experiments; it's for the business of the campus. The second thing is that other costs will go up in what we call middleware services. These services include authentication, the ability to reserve bandwidth for quality of service, and rate management. Software to manage the infrastructure will be a more significant part of our costs. You can't just manage the network resource with headroom. You want to manage it with technology that [allocates] the resources that are available based on some kind of contract or expectation.
How do you manage students' use of your network infrastructure?
We have rate limiting for the students, so they get what they pay for now, and it's working great. In the dorms, every student is entitled to 750M bytes per day, and as long as they stay under that limit they get really excellent service. If they go over the limit, we throttle them back so they actually get somewhat less than everybody else.
Faculty is not under the same restrictions. But one of the parts of our plan is to do that resource management everywhere so people are in fact getting a consistent amount of use corresponding to the investment allocated to them.
The model that we have going forward is that there's a certain amount of resource per faculty member, per staff member, per student. We also add some historical data that this department has historically been a big user, and we develop a notion of what usage ought to be. What we're going to start to do next year is say to departments: 'If you go over that limit, we will constrain you back to that limit. But we can work out by some special arrangement to raise that limit for specific projects.' The idea is you never cut anyone off. You never create poor service. But rather than seeing someone go way, way above their limit, they're constrained back towards that average number.
What's your wireless strategy?
The basic notion that we have is that classrooms and public spaces like the library and out on the quads need to be wireless accessible. Using a VPN strategy, we can limit our [wireless] services to appropriate campus use.
People like to gather around and do work together. They should be able to just sit down somewhere and have ready access to the Internet, to the Web and to their courseware. We're very early in that [transition] but I would like to see it done within three years.
Copyright 2001 Network World, Inc. All rights reserved