NCWISE Analysis LEA Network Architecture and Capacity Standards Revision Date Author Description 1 1/9/03 John Bass Outline 2 2/4/03 John Bass, James Robinson Final Proof and submission to DPI 3 2/24/03 John Bass Incorporated feedback from DPI/IBM 4 2/26/03 John Bass Added network performance testing methodology and incorporated more DPI/IBM feedback 5 2/27/03 John Bass Final corrections and finalized document 0540ce52281754131f9f39c7906afe3e.docCNL Confidential 4/29/18
1 Background
1.1 Introduction
This document describes an initial standard for LEA networks to support the NCWISE application. This is a living standard and will change as experience is gained while incorporating LEA’s into the NCWISE pilot program. The standard will also change as system requirements change as the NCWISE system changes.
An LEA that meets this standard will with a reasonable degree of confidence be able to run the NCWISE application without having its local network and WAN adversely affect NCWISE user experience. If an LEA that is interested in converting from SIMS to NCWISE does not meet these standards, an assessment may follow to gauge the amount of effort and/or expense that may be needed to comply.
This standard is not an exhaustive list of all combinations of network technologies and configurations that would minimally impact NCWISE user experience. Other technologies and configurations may also minimally impact NCWISE user experience. Therefore, if your LEA does not meet these standards, do not assume that a network reconfiguration is necessary.
This standard will be used to assess the current state of all candidate NCWISE LEAs. If an LEA does not meet this standard, it may be analyzed further to determine options for network changes.
1.2 Principles Behind the Standards
The standards outlined in this document are based on the following three network objectives listed in order of importance.
1. Function/Testability
2. Monitoring
3. Performance
The most important aspect of network design is providing adequate connectivity and the ability to quickly detect and correct problems. Providing adequate connectivity means implementing a network that has enough bandwidth to support user applications with tolerable packet transmission latency.
Page 2 of 10 0540ce52281754131f9f39c7906afe3e.docCNL Confidential 4/29/18
Network failures and/or service degradation will occur. It is important to be able to troubleshoot these failures, develop a solution and implement the solution quickly to minimize user interruption. The ability to generate and receive network traffic between all points on the network gives a network administrator the ability to conclusively determine the source of network failures.
Once a network is providing adequate connectivity and is testable, it should be monitored to determine if the network is achieving its objectives over time. Developing usage trends helps network administrators react to increased network demand before problems occur. Recognizing changes in usage patterns can also help detect network problems.
Planning network systems around these three principles will help maximize user experience. Once it is determined that an LEA has a functional, testable, and monitored network, the network will be tested to determine its available capacity to support the NCWISE application. The following sections in this document provide details on how to evaluate an LEA network against each of the network objectives described above.
1.3 Contacts
Name Agency Email Joe Dietzel DPI [email protected] James Robinson CNL (NCSU) [email protected] John Bass CNL (NCSU) [email protected]
Page 3 of 10 0540ce52281754131f9f39c7906afe3e.docCNL Confidential 4/29/18
2 Network Architecture Templates
The following subsections define architecture standards for the following list of network types.
Cloud-based network
A cloud networking technology (such as Frame Relay or ATM) is leased from a service provider to interconnect schools and the LEA central office
LAN based network
LAN technologies (such 100baseT or 1000baseSx Ethernet) are used to interconnect schools and the LEA central office
2.1 Cloud-Based Networks
2.1.1 Architecture Template Diagram
The following diagram illustrates acceptable network architecture for a cloud-based network.
DMZ Cloud-based (optional) Network
Central Office Network
School School Switched … Switched Network Network Internet Service Provider
Figure 1 – Cloud-based Network Architecture Template
2.1.2 Architecture Template Description
The following list characterizes the above architecture template.
Page 4 of 10 0540ce52281754131f9f39c7906afe3e.docCNL Confidential 4/29/18
A cloud-based network (such as Frame Relay or ATM) interconnects each school and the central office within the LEA. The LEA’s ISP link is separate from the cloud-based network that interconnects the schools. Separating the ISP connection and the cloud network improves testability and reduces network administration costs.
All firewall services are centralized between the LEA’s ISP edge router and the LEA network to improve network testability (as opposed to a distributed firewall solution).
2.2 LAN Based Networks
2.2.1 Architecture Template Diagram
The following diagram illustrates acceptable network architecture for a LAN based network.
Central Office Network
DMZ (optional)
School School Switched … Switched Network Network
Internet Service Provider
Figure 2 - LAN Based Network Architecture Template
2.2.2 Architecture Template Description
The following list characterized the above architecture template.
LAN technologies such as 100baseT or 1000baseSx interconnect each school and the central office within the LEA
All firewall services are centralized between the LEA’s ISP edge router and the LEA network to improve network testability (as opposed to a distributed firewall solution).
Page 5 of 10 0540ce52281754131f9f39c7906afe3e.docCNL Confidential 4/29/18
3 Network Monitoring
The LEA must have the ability to monitor network utilization within their network according to the following specification. These monitoring specifications should satisfy the need to know how much of the network is being used and how usage patterns change over time. Knowledge of these patterns are necessary for adjusting network configuration for increased demand and for recognizing sudden changes in network utilization that could indicate a network problem.
This standard for monitoring networks is minimal. Many more network parameters can be measured.
The following parameters can be gathered with a number of software tools such as Multi-router Traffic Grapher (MRTG, an open source project) and Ringshere from HCS Systems. Ringsphere is currently used at DPI to monitor some LEAs. Many network devices such as packet shapers and firewalls may already have the ability to monitor these parameters.
3.1 Monitoring Points
The following network points should be monitored in the LEA.
Inbound utilization to each school in the LEA
Outbound utilization from each school in the LEA
Inbound utilization from the Internet (LEA’s ISP)
Outbound utilization to the Internet (LEA’s ISP)
3.2 Monitoring Metrics
The following measurements should be made at each network point to be monitored.
Average bit rate over the sampling period
Take measurements at least once every 5 minutes
Page 6 of 10 0540ce52281754131f9f39c7906afe3e.docCNL Confidential 4/29/18
3.3 Metric Archives
The following archives for the network metric data must be maintained.
Last 24 hours (minimum of 288 data points – at least one data point for every 5 minutes)
Last 7 days (minimum of 336 data points – at least one data point for every 30 minutes)
Last 30 days (minimum of 360 data points – at least one data point for every 2 hours)
Page 7 of 10 0540ce52281754131f9f39c7906afe3e.docCNL Confidential 4/29/18
4 Network Capacity
4.1 Available Bandwidth
Network performance is measured by determining available bandwidth, latency, and packet loss. To complicate matters, available bandwidth is a combination of maximum theoretical utilization and current use levels. Measuring all these parameters and deriving a comparable and useful result is time consuming and confusing.
Defining one measurement that factors in all the parameters described about would greatly simplify the task of obtaining a meaningful measurement of network performance. TCP bandwidth between two network hosts is the best metric for this purpose since it is dependent on available bandwidth, current network utilization, latency and packet loss. This is due to the dynamic nature of the TCP window size that adjusts itself to varying network conditions.
When considering the NCWISE network requirements, available bandwidth should be assessed under two conditions – NCWISE software updates and daily use. Daily use of NCWISE has a very low bandwidth impact on the network. In comparison, NCWISE client software updates are relatively infrequent (about twice per year), but bandwidth intensive (about 10Mbytes per workstation). The following sections consider NCWISE network requirements under both conditions.
4.1.1 NCWISE Maintenance
To be able to handle downloading the 8MB jinitiator and the 1MB applet file from the DPI servers, the following bandwidths are necessary for K-5, middle schools, high schools, and LEA central office. This will help an LEA upgrade NCWISE workstations to a new version of these files.
Available TCP School Bandwidth K-5 schools 100kbs Middle Schools 300kbs High Schools 1Mbps Central Office 1Mbps Table 1 - Available Bandwidth by School Type
To further ease the burden of NCWISE Maintenance, an upgrade policy that defines DPI lead times before changes will be developed. This policy will help LEAs react to the changes in a manner that would minimally impact network and computer administration resources.
Page 8 of 10 0540ce52281754131f9f39c7906afe3e.docCNL Confidential 4/29/18
4.1.2 NCWISE Daily Use
The daily use requirements for NCWISE are relatively small. The following formula is used to assess the necessary bandwidth for NCWISE use for a school. This formula is applicable regardless of the type of school or facility (K5, Middle School, High School, Alternate School, Central Office, etc).
BWNCWISE = 6kbps x 1.5 x # concurrent users Equation 1
The NCWISE bandwidth requirement is a product of the number of concurrent users, the amount of bandwidth per user (6kpbs), and a safety factor of 1.5 (50% overestimation of bandwidth). Resulting school NCWISE bandwidth requirements can be aggregated to derive the NCWISE bandwidth requirement for the entire LEA.
4.2 Bandwidth Measurement Methodology
Once it is determined that the LEA has an adequate network architecture and monitoring mechanism, the network performance will be tested.
Twenty percent of K-5 schools, twenty percent of Middle schools, twenty percent of High Schools and the LEA Central Office are to be evaluated for available bandwidth to the Internet. This sampling will ensure that even the largest LEAs can be evaluated in a couple of days. Most LEAs will be able to evaluate their network capacities in one working day.
Available bandwidth is to be measured using iperf. Iperf is a free software based network capacity measurement tool that runs on Windows platforms, Linux, Apple OSX, and Unix operating systems.
Use the steps below to evaluate bandwidth availability from a school.
1. DPI will contact the LEA to schedule a time period for performance testing.
2. Before the testing period begins, determine which schools are to be evaluated within the LEA.
3. DPI will deliver the performance evaluation software with instructions before the testing period begins.
4. Measure network performance at each school within the testing period defined for the LEA. Note the time that the test was run and the results obtained.
5. Submit all results to DPI.
Page 9 of 10 0540ce52281754131f9f39c7906afe3e.docCNL Confidential 4/29/18
It should take about 5 minutes to complete the network performance test at each school. The average sized LEA should be able to complete the network testing within one working day.
Page 10 of 10