UCI's Campus Network: Status and Plans
Summary: A detailed report on the campus network's (UCInet) status as of 2001 and future plans.
May 7, 2001
Background
UCI's Network Backbone History
The data-communication network has long been an important research and
instructional tool at the University of California, Irvine (UCI).
In 1988 UCI installed a fiber-optic backbone ring as the heart of a new
campus network, becoming one of the first universities in the country
to do so. The fiber installation was facilitated by the "ring"
layout of the UCI campus, and the presence of a utility tunnel adjacent
to most UCI buildings. Early network connections were provided to a limited
subset of UCI's buildings, in contrast to today where virtually every
space has one or more connections. There are currently over 14,000 registered
computers connected to UCI's campus network, UCInet.
UCInet Funding and Commitment
UCI views UCInet as a critical utility that must be provided universally
without financial or other disincentives to its use. End-users must be
able count on robust, high-speed network connectivity regardless of their
location on campus. UCI provides annual funding to operate, maintain and
grow the network infrastructure to keep up with evolving campus academic
and administrative needs. In addition to providing direct funding to maintain
off-campus connectivity and perform major upgrades, the campus mandates
that each school and unit contribute to the operation of the network through
a financial contribution in proportion to the unit's size.
UCI's annual telecommunication budget is approximately $6.8 million, roughly $1.3 million of which is applied to campus infrastructure upgrades each year. The remaining budget is spent on maintaining and supporting existing infrastructure, providing user services, and on funding external high-speed connections.
Operation and Maintenance
The responsibility for operating and maintaining UCInet is assigned to
Office of Information Technology (OIT). OIT has
7 electronics field technicians, 3 network administrators, a 6 person
network services group, a network security and planning team, and a project
management team dedicated to network support, maintenance, and growth.
In addition, the OIT Business Office and Response Center provide administrative
and customer support for network functionality. OIT staffs a trouble
desk 24 hours a day, 365 days a year, with technical staff on-call to
deal with network failures that may occur.
UCInet Description
When describing UCInet, six major aspects must be addressed. Each of these areas is expanded upon below.
- Building Infrastructure. Sometimes called the "edge" of the network, this is the cable plant and network equipment located in each building that provide the direct connections to end-user equipment.
- UCInet Backbone. The "backbone" is the central component of UCInet that connects all UCI buildings together and to the outside world.
- Connectivity Beyond UCI. In addition to tying together departmental and campus networks, UCInet provides critical off-campus connections to the rest of the world.
- Wide Area Network: UCInet extends to remote locations including the UCI Medical Center. The wide area network connects geographically disperse parts of UCI to the main campus and beyond.
- Wireless Network Access. UCInet has recently been extended to provide wireless access at several key campus locations.
- Network Services. The network is not usable without key software-based network services such as Domain Name Service (DNS), authentication, authorization, and directory services.
1. Building Infrastructure
Early Networking
UCI has provided a variety of end-user cabling and connectivity over the
years, with local departments having implemented their own networks in
some past cases. Early networking was based on thin-net coax and network
hubs, sharing the 10 megabit/second (mbps) bandwidth among many users.
Current Networking
Currently, OIT provides supported network outlets in virtually all campus
offices and laboratories. The wiring standard includes three category-5E
network connections to each occupied space. Standard speeds are 10 and
100 mbps, depending on need. "Switching" technology is employed
so that the local bandwidth provided each user is not shared by other
users. Category-5e cabling is routinely used for 10 and 100 megabit speeds,
and products recently available will provide speeds of 1 gigabit or greater
in the future as needed.
Network Upgrade Plans
OIT has been incrementally retrofitting the network infrastructure in
UCI buildings for the past several years. Each year priorities for network
upgrades are identified and a portion of the central network support budget
is allocated to upgrade the network in a subset of UCI buildings. OIT
network planning staff meet with staff and faculty in the affected areas
to ensure that network needs are well understood and that the standard
network implementation is appropriate. OIT staff work hand-in-hand with
local staff to assess specific requirements in each location and coordinate
the implementation of the new infrastructure.
Network Upgrades
As of April, 2001, upgrades have been completed in Information and Computer
Science, Physical Sciences, and the School of Engineering. The School
of Biological Sciences upgrade was completed
in the summer of 2001. The College of Medicine shared-Ethernet
networking
was replaced by switched-100 or switched-10 mbps connectivity. Additional
outlets were added as needed to respond to growth, both in the
level
of network use and in departmental population. This project was
completed in the Summer of 2002.
2. UCInet Backbone
Backbone Description
The core of UCInet is the "backbone" -- the "network of
networks" that provides connectivity between departmental Local Area
Networks (LANs), as well as connectivity from them to the Internet, other
off-campus networks such as CalREN-2, and Wide Area Network (WAN) sites
such as the UCI Medical Center.
New Backbone
A new backbone, based on a 1,000 mbps Gigabit Ethernet fault-tolerant
core, was installed in 1999 at a cost of $1.5 million. A blend of 100
mbps Fast Ethernet and Gigabit Ethernet interfaces connect each UCI building
to the backbone, radiating from a core of four, powerful switches interconnected
at gigabit speeds. The backbone switches are installed at the main campus
fiber nexus points in geographically advantageous locations: Central Plant,
Social Sciences Plaza, Computer Sciences, and Medical Sciences. Each of
the core backbone switches has a built-in router, known as a Route Switch
Module. The balance of the backbone exists in the buildings themselves,
in the form of building switches which connect to the core via fiber.
This configuration allows the greatest flexibility and speed at the core
of the backbone and provides good distribution to the campus buildings.
In cases where a fault-tolerant backbone connection is required, a building is connected to two switches in the backbone mesh, to ensure no single point of failure. The backbone mesh itself can also lose an entire switch and continue running.
Upgrade Plans
UCI continues to upgrade backbone links to individual buildings from Fast
Ethernet (100 mbps) to Gigabit Ethernet. These upgrades have already taken
place in the Department of Information and Computer Sciences, the Henry
Samueli School of Engineering, the Music building in the School of the
Arts, and in the School of Physical Sciences.
3. Connectivity Beyond UCI
UCI has been connected to national and international networks since the early days of "CSnet" - the Computer Sciences Network based on dial-up technology. Other early connectivity was provided via BITNET and TCP/IP to the ARPAnet.
CERFNET and CENIC
UCI was an early member of Southern California's first regional network,
CERFNET, and acted as a hub site for other local participants. UCI is
currently an active participant in the University of California network
community, as well as in CENIC,
the Corporation for Education Network Initiatives in California. UCI is
also a member of the Internet2
Consortium, which seeks to expand network frontiers by facilitating the
implementation of high speed network applications.
CalREN-2
UCI enjoys the broad capability of the region, being connected to the
high-speed regional network, CalREN-2,
managed by CENIC. CalREN-2 operates as two parallel networks--ATM (Asynchronous
Transfer Mode) and POS (Packets Over SONET)--at OC-12 speeds (622 mbps).
CalREN-2 is connected to other regional networks, the University of Southern
California, Stanford University, the Jet Propulsion Laboratory, California
Institute of Technology, campuses of the California State University system,
and the Internet2 network, Abilene.
Abilene operates at a speed of 2.4 gigabits per second (OC-192).
New Border Router
In Summer of 2001, OIT installed a sophisticated
new "border router" configuration at UCI. The new Cisco 6509
border router allows higher speed connectivity to CalREN-2 (1000
mbps),
provides UCI Computer Science Researchers access to the Internet2 Quality
of Service (QoS) backbone, allows the implementation of new intrusion
detection
and firewall systems to enhance UCI network security, and provides better
vehicles for network metrics and off-campus traffic management.
4. Wide Area Network
Remote Sites
UCI has several key "remote" sites including North Campus, University
Tower, Centerpointe, the UCI Medical Center, and Long
Beach VA Hospital. As UCI grows, additional use is made of non-UCI
buildings such as University Tower and those in the University Research
Park (URP).
UCI Medical Center (UCIMC)
The single largest concentration of UCI activity outside of the main campus
is at the UCI Medical
Center in Orange. UCIMC is currently connected to the main campus
through a DS3 (45 mbps) ATM link. OIT monitors the traffic on this connection
and will work with UCIMC to upgrade it as needed to handle increasing
network demands. It is expected that the link will be upgraded to OC-3
(155 mbps) in the future.
North Campus and University Tower
North Campus and University Tower are currently connected to UCI's
network via T1 (1.54 mbps) lines. Bandwidth afforded by the T1 lines has
been acceptable until recently, but OIT is negotiating with the Irvine
Company and Pacific Bell to gain access to conduit space to install fiber
to these locations. Wireless point-to-point network solutions are also
being investigated. It is a priority to provide excellent connectivity
at all UCI locations.
University Research Park (URP)
Some UCI departments have taken up space in the new University Research
Park (URP), where companies like Cisco Systems have research facilities.
UCI has trenched conduit and fiber out to the URP and maintains a backbone
presence there. This affords UCI occupants of URP space the same high-speed
network access available in campus buildings.
Centerpointe
Centerpointe is a business complex about a mile from the main campus that
is used to house some UCI functions; connectivity is provided via a T1
line. Connectivity to UCI-affiliated Long Beach VA Hospital, and to UCI
University Extension's learning center in Orange, are also provided
via T1 lines. These connections will be upgraded as demands dictate.
5. Wireless Network Access
Introduction
In early 2001, UCI deployed a pilot wireless network based on 802.11b
11 mbps technology. The project was carried out by OIT in partnership
with the UCI Libraries, the Graduate School of Management (GSM) and the
Student Center. Wireless service was made available in parts of the "Gateway
Study Center" (operated by the Libraries), Main Library, Student
Center, GSM, and OIT Engineering Gateway Computing Labs. To manage wireless
access issues, OIT developed the UCInet Mobile
Access Authentication system. This Radius-based system allows members
of the campus community to identify themselves and register devices for
wireless access.
Wireless Expansion
Wireless access was expanded to additional
public/shared meeting and gathering areas, a subset of UCI classrooms,
conference rooms, and other locations. The goal is to augment wired
network
access with wireless access throughout UCI. In the future, faculty will
be able to make final adjustments to electronic course materials using
their office laptop, carry the computer to the classroom for presentation
to the students, and enter feedback from the session over lunch at
an
UCI eating establishment, all without ever disconnecting from the network.
6. Network Services
Domain Name Service (DNS)
An essential part of UCInet is the software based services that make the
network fully functional. Domain Name Service (DNS), which registers network
hosts and associates host names with their network address, is provided
through two redundant servers on opposite sides of the UCI campus. The
two principal DNS servers are augmented by local servers in some departments
that manage local name spaces.
UCInetIDs
Central network authentication and basic authorization is based on the
concept of "UCInetIDs," unique identifiers
that are automatically assigned to everyone upon joining UCI. MIT Kerberos
is used to associate UCInetIDs with user-set passwords to control access
to central services such as e-mail and dial-up modems. OIT makes the
"WebAuth" tool available
to facilitate the use of UCInetIDs and passwords to regulate access to
campus applications with Web interfaces. Examples of current uses include
access to student election voting, electronic course materials, and the
UCI off-campus proxy gateway for licensed Library resources.
Directory Services
UCInetIDs are also the principal lookup key for UCI
Directory Services, which are based on PH/QI from the University of
Illinois at Urbana-Champaign. Central QI servers maintain directory information
about every faculty, student, and staff member at UCI, as well as affiliate
and "guest" users. Public directory information is made available
through PH clients, the Web, and through a standard LDAP (Lightweight
Directory Access Protocol) interface. OIT is working in conjunction with
UCI Administrative Computing Services (AdCom) and the UC Office of the
President (UCOP) to implement enhanced directory and authentication services
in the future, including those based on PKI Certificates.
Mail Transport Agents (MTA)
A cluster of six central "Mail Transport Agent" (MTA) systems
provide electronic mail delivery services to the campus. Each individual
at UCI is provided with a top-level e-mail address of the form "UCInetID@UCI.EDU."
The MTAs route incoming e-mail to delivery points on distributed campus
machines; users specify this delivery point using the directory services
described above. This allows people to maintain consistent electronic
addresses despite changes in department affiliation or in local e-mail
services. To reduce the amount of unwanted mail on campus, the MTAs are
also configured to detect incoming mail from known sources of unsolicited
commercial e-mail (UCE or SPAM),
and from unregistered or invalid network addresses, and reject them.
The machines that provide these centralized network services are upgraded on an annual basis using a recurring budget of approximately $60,000. Using a "trickle down" approach, the newest machines are installed to handle the tasks that require the most powerful machines and the previous machines are installed to handle the tasks requiring less horsepower. Mail handling by the MTA machines is distributed among six machines to balance the load.
Mailing Lists
Central subscription-based mailing lists are provided using the MAILMAN
software system. OIT uses data provided by the Registrar's Office
to maintain central mailing lists of students enrolled in each UCI class,
facilitating instructor/student communication.
E-mail & Calendaring
UCI provides central e-mail facilities
to all faculty, staff, and students - this service is augmented by
local services in some departments and schools. CorporateTime
is used for central electronic calendaring, sharing schedules among all
participating departments.
Summary
UCI has enjoyed a long tradition of quality network services and support - this will not change in the future. UCI faculty and administrators consider the growth and maintenance of the network a priority on campus. UCInet will continue to be enhanced and expanded to keep up with evolving campus needs.
