Award Abstract # 1341025
CC-NIE Network Infrastructure: CARNE

NSF Org: OAC
Office of Advanced Cyberinfrastructure (OAC)
Recipient: UNIVERSITY OF ILLINOIS
Initial Amendment Date: September 11, 2013
Latest Amendment Date: September 11, 2013
Award Number: 1341025
Award Instrument: Standard Grant
Program Manager: Kevin Thompson
kthompso@nsf.gov
 (703)292-4220
OAC
 Office of Advanced Cyberinfrastructure (OAC)
CSE
 Directorate for Computer and Information Science and Engineering
Start Date: October 1, 2013
End Date: September 30, 2015 (Estimated)
Total Intended Award Amount: $255,027.00
Total Awarded Amount to Date: $255,027.00
Funds Obligated to Date: FY 2013 = $255,027.00
History of Investigator:
  • Tracy Smith (Principal Investigator)
    tracys@illinois.edu
  • Roy Campbell (Co-Principal Investigator)
  • Mary Stevens (Co-Principal Investigator)
  • Paul Hixson (Co-Principal Investigator)
  • Nicholas Buraglio (Co-Principal Investigator)
Recipient Sponsored Research Office: University of Illinois at Urbana-Champaign
506 S WRIGHT ST
URBANA
IL  US  61801-3620
(217)333-2187
Sponsor Congressional District: 13
Primary Place of Performance: University of Illinois at Urbana-Champaign
IL  US  61820-6235
Primary Place of Performance
Congressional District:
13
Unique Entity Identifier (UEI): Y8CWNJRCNN91
Parent UEI: V2PHZ2CSCH63
NSF Program(s): Campus Cyberinfrastructure
Primary Program Source: 01001314DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s): 7433
Program Element Code(s): 808000
Award Agency Code: 4900
Fund Agency Code: 4900
Assistance Listing Number(s): 47.070

ABSTRACT

Advanced modern scholarly and scientific research increasingly requires the use of a high-performance networks and related services. Building such a utility service across a legacy campus network encounters significant challenges difficulties due to inadequate existing components, complex security provisions, poor reliability, high latency, and lack of ease-of-use. In response to this burgeoning need, the Campus Advanced Research Network Environment (CARNE) project is creating a scalable, incrementally deployable scienceDMZ-based infrastructure for an unencumbered high-performance network with low-latency paths and software defined networking for flexibility. The perimeter of the network has appropriate security and access control policies and performance and monitoring facilities. Contributions from this research are transformative and include the design of an infrastructure for: ease of use; zero packet loss; testing and measurement of security and performance using Bro - a locally enhanced intrusion detections system - and PerfSONAR; separating science from security policy and control; and improving agility and flexibility while reducing network management overhead. Monitoring of the infrastructure will allow traces, statistics, and analysis that document the use of the network by a large clientele of scholars and scientists.  The broader impact of the proposed high-bandwidth infrastructure is in providing a road map to enhance scholarly research and education throughout universities. Better connectivity will enhance advanced discovery classes as well as promote teaching and learning. Universities can leverage this infrastructure in their active outreach to many schools, community colleges, and surrounding communities.  CARNE will reach out to vulnerable populations, which will benefit socio-economically by having direct access to research deliverables developed at the University of Illinois.

PROJECT OUTCOMES REPORT

Disclaimer

This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.

CARNE, the Univ of Illinois' scienceDMZ, was constructed as a hybrid environment in response to varying research needs across diverse disciplines.  CARNE has multiple 100Gbps egress connections to enable wide area research collaboration.  To ensure a friction-free path between internal and external collaborators, we adopted a passive security strategy.  A series of taps at the CARNE border as well as in front of commonly shared research instrumentation, like the campus compute cluster, aggregate to a central switch that hashes each flow and distributes the flows to a Bro Network Security Monitor (http://www.bro.org) cluster.  Within campus, for research endeavors with <1Gbps bandwidth requirements, the on-ramp to CARNE is a virtual layer (Virtual Route Forwarding, VRF) that is carved out of the campus enterprise network.  For instrumentation with high-speed bandwidth requirements, like the campus compute cluster, dedicated infrastructure including fiber and equipment is used.  In addition to enhancing local connectivity to shared instrumentation, a series of data transfer nodes (DTNs) are deployed strategically to enable optimal data transmission.  The hybrid architecture strategy with CARNE has enabled us to build custom environments based upon specific needs.  Our environments range from highly available connections to shared high-performance computing (HPC) environments to software defined network (SDN) labs spanning across multiple campus buildings.  We have recognized and will continue expanding upon the goal of building a network framework that enables researchers to focus on science as opposed to the underlying technology that enables their science.


Last Modified: 10/27/2015
Modified by: Tracy L Smith

Please report errors in award information by writing to: awardsearch@nsf.gov.

Print this page

Back to Top of page