Info: Zenodo’s user support line is staffed on regular business days between Dec 23 and Jan 5. Response times may be slightly longer than normal.

Published November 7, 2019 | Version v1
Presentation Open

Unroutable LHCONE traffic

Description

This talk explores the methods and results confirming the baseline assumption that LHCONE traffic is science traffic. The LHCONE (LHC Open Network Environment) is a network conceived to support globally distributed collaborative science. The LHCONE connects thousands of researchers to LHC data sets at hundreds of universities and labs performing analysis within the global collaboration. It is "Open" to all levels of the LHC as well as a short list of approved non-LHC science collaborations. It is distinct from the smaller, tightly integrated and private LHCOPN (Optical Private Network) network which is strictly for "Tier 1" compute centers and used in support of the engineered workflow for LHC data processing, distribution and longtime storage of the baseline datasets. LHCONE satisfies the need for a high performance global data transfer network of networks supporting scientific analysis at universities and science labs. **Science traffic separation is the hard part** The separation of science flows from non-science flows, is an essential first step in traffic engineering high performance science networks. Before resources or preference can be applied to more effectively move science data, it is essential to identify and separate the science from non-science traffic. This talk explores the methods and results in detecting traffic in the LHCONE network that does not comply with the Appropriate Use Policy established by the global LHC collaboration. **LHCONE hosts are high performance** Through integration of the Science DMZ network model and collaborative software platforms. The data transfer nodes connected to LHCONE are high performing data movers placed on the network edge/Science DMZ and secured precisely according to the applications they support and the purpose they serve. **LHCONE is at risk of unauthorized use** Unauthorized use of LHCONE places both the network and the sites using it at risk. The risk takes two forms: Science flows are mixing with non-science flows or unauthorized traffic is being dropped inside LHCONE. **Identifying unauthorized traffic** An EDUgain authenticated portal visualizing unauthorized usage will be demonstrated. For keeping track of the frequent changes of LHCONE the underlying database will be maintained and administered cooperatively by the LHC and NREN community.

Files

CHEP2019_325.pdf

Files (11.7 MB)

Name Size Download all
md5:b497e2ddaa7f3453152e8366f8b589b6
3.7 MB Preview Download
md5:d9f73188207fb13f2a1d67903c315e4e
8.0 MB Download