MathWork Network Architecture
- 1. MathWorks Network Architecture What is the MathWorks network? It is a collection of semi-independent net- works all inter-connected together using ei- ther switching or wide-area networking tech- nologies. We have a lot of networks here and they are all brought together using wide-area networking technology. What is the wide-area network? It is built via VPN and PIP. VPN Uses IP Securi- ty which is a suite of protocols that encrypts information going across networks. It is al- ways on and never goes down. PIP is a term that Verizon uses, at its core it is an MPLS network which allows Any to Any connectivi- ty. It allows us to do quality of service across the WAN and prioritize Voice, which is the top priority application on the network. How is the network put together? Via routers, which allow different networks to communicate together. They run dynamic routing protocols which allow us to stay up and running in event of a failure across the network. If we have a failure this will allow us to automatically continue to operate so there is as little impact as possible. Switches are used to extend networks. Once you have defined what the network is, the switch allows for a number of people or devices to connect. Common Network Questions Current MathWorks WAN using Network Mapping Tool Each MathWorks location has two routers, a primary and a secondary one. Each router has an active function on the network. The Mapping Tool shows the con- nections to Verizon’s MPLS network as well as which ones connect to the Inter- net. If a site goes down it will change the color to red and have an X next to it. Natick Campus Networks Over 200 networks in Apple Hill What is a network? It is a combination of a VLAN and an IP address range. Whenever we define a VLAN there is always a unique IP address that is associated with that particular VLAN. In the closets we have networks defined as Client, Voice and Device. Is there something wrong with the network? This is one of the most often asked questions. Because we have close to 300 net- works between the Natick and Lakeside campuses, that question at first may be difficult to answer because we need to locate what network is in question. Is it a client network that happens to exist in Apple Hill Two, floor one? Or is it the en- tire Apple Hill Two building? These are all different pieces of information that are needed when trying to diag- nose the problem. So it is important to have context to where a problem may be occurring. The WAN Mapping Tool is a good place to start to diagnose the prob- lem and where it may be happening. Just under 100 networks in Lakeside
- 2. MathWorks Network Architecture Benefits of a 3-Tier network It is a flexible and open design that will allow you to add a new distribution layer, as an example adding Apple Hill 5, and then making it very easy to connect to. All we need to do is just add a pair of Distribution routers and plug into the core. It allows you to segment different parts of the network off, which is important from a security perspective so that you can contain any issues that may arise. It also allows in the event of a network breakdown at a particular part of the campus, for you to contain that problem to that particular part of the campus. Ethernet connections The Network is built with 10 Gigabyte Ethernet. We can scale this to many number 10 Gigabyte Ethernet connec- tions. Most buildings have two 10 Gigabyte connections going to a Distribution router in each building. These connections are aggregated together, so we have the capability of using a full 20 Gigabyte of bandwidth in each building. Due to the high concentration of Develop- ers, there is 40 Gigabytes of bandwidth in Apple Hill 4. Lakeside Overview Built using a 3-Tier network architecture, which is an industry standard for building a network. Composed of three layers: Access layer – Where all of your clients or potentially your servers connect into. Distribution layer – Completely dedicated to a particular function. We have a Distribution layer for Apple Hill 1 and Lakeside as well as for each server network. Core layer – A very specific layer which aggregates every- thing together. This is the brains, where all of the infor- mation comes back to and gets routed. There are no VLANS on the core, it is all dynamically routed. The device we use is a Cisco Nexus 7000, which is one of the most powerful devices on the network. It stands three feet tall with a number of modules inside it with a very high through put device, so most of all the campus traffic goes through it. Apple Hill Campus Logical Network Design Lakeside Campus Logical Network Design Everything we have in Apple Hill has been replicated at Lakeside. We have 60GB of bandwidth between the two facilities using dark fiber, so we can run as much bandwidth over those links as possible. Our web pres- ence is hosted here, so whenever someone connects to www.mathworks.com, this is where their request goes. Apple Hill Overview
- 3. Future Network Design Considerations MathWorks Network Architecture Regional Office Overview Typical Regional Office Logical Network Design Each regional office has redundant network connectivity back to the Hub locations. In order to provide that, we have implement- ed two routers in each location connected to the Internet and the WAN. There are a couple of different types of offices. There are offices that have Internet only so they have two Internet connections, and then there are offices that have Internet and Private IP. So it’s either Internet and Internet or Internet and MPLS. The benefits of the MPLS network involve quality of service, as it recognizes that certain types of Internet traffic have priority over others. The Internet only sites do not have Any to Any Connectivity, it is Point to Point. These sites by default connect back to their regional hub. There are 3 regional hubs: Apple Hill Cambridge, United Kingdom Tokyo, Japan In the event an office loses connectivity, they have backup con- nections, which are always active and connects back to the oth- er locations, most often to Natick. If one of the connections goes down, there is an expected three minute outage before it goes to the alternative path. The architecture in the regional offices is called a Collapsed Core design, which takes a couple of the tiers and consolidates them into one device. These offices have a consolidated core and an access layer. This means the devices that are providing the core functionality, such as defining IP networks and VLANS, are also the devices that clients can connect to, where the routers are acting as switches. All sites have multiple routers and some sites have PIP and Internet or Internet and Internet and this reflects the different methods of connecting back. Most often all the servers connect directly back into the core. Sometime clients connect to the core and for some of the larger offices, where there are mul- tiple floors, they can connect in with access switch- es also. Virtualization – Will drive the Data Center design, as at the moment we are 90% virtualized in the Data Center, this technology would allow you to take a virtual server and have it automatically show up in different locations. IP Based Bridging Technologies – Where the VLANS will span from one location or another. Fabric Path – One of the reasons we chose Cisco for our core network is because of Fabric Path, which is a protocol that allows you to span VLANS across different data cen- ters. VXLAN – Is one of the newer technologies that is used to tie virtual environments together. Software Defined Networks (SDN) - If and when this hap- pens it will completely change how networking is done. Where today there is a lot of intelligence built into switch- ing and routers, it makes the devices you purchase for a closet very expensive. This will allow people to centrally manage network func- tions., and it will also be the brains of how network traffic is supposed to go across the network in a centralized loca- tion. Hybrid Network Design – Takes bits and pieces of all of these designs and most likely be how the network will evolve.