In the Netherlands, education and research institutions are connected to each other and to other (research) networks, enabling students, researchers and lecturers to collaborate easily with each other. The connection must be reliable, fast and secure and the link with the rest of the Internet is essential.
The SURFinternet service, which connects institutions to the Internet, starts with connection of the institution to two SURFnet core routers in Amsterdam. These are equipped with the latest hardware and technologies, such as 100 Gbit/s interfaces and RPKI route validation. Every institution is connected to both core routers, which provides a higher level of reliability as the connections are redundantly configured. More and more institutions are choosing to configure their own redundant routers, too. The core routers enable the institutions connected to them to exchange traffic with each other and with the rest of the world, e.g. with external networks such as the European research network GÉANT and the US education and research network Internet2.
What is needed, in addition to a redundant infrastructure, to provide the optimum Internet connection?
Provision of external connectivity
The Internet is a collection of networks all of which are directly or indirectly connected to each other. In other words, it’s a network of networks.
Links between networks can be established in various ways. The SURFnet network generally connects with other networks in the following three ways:
A Private Network Interconnect (PNI)
This is a direct link (generally using optical fibres) between two networks. This is the way in which the research networks GÉANT, Internet2 and NORDUnet are connected to the network of Dutch education and research institutions, as well as parties such as Google. The main advantage of a direct link with these networks is that you have control over the quality of the link. There is also direct contact between SURFnet and the managers of these networks, so any network issues can be resolved without delay. Another advantage is that this method of connection is extremely cost-effective. For example, there are no per Mbit charges or subscription charges for Internet exchanges.
Connection to an Internet exchange
This is a hub to which multiple networks are connected, so you can easily exchange traffic with other networks. The SURFnet network is connected to four exchanges: the AMS-IX and NL-IX in the Netherlands, the BNIX in Belgium and the LINX in the UK. These connections enable links to other parties. Many of these links are redundantly configured. This redundancy comes from the fact that both core routers are connected to each exchange and also from the fact that the other networks are often connected to more than one exchange. In the case of Internet exchanges, there is also direct contact with the managers of other networks, so here too any network issues can be resolved without delay. You are, however, dependent on the infrastructure of the exchange.
In this case, you are connected to a network that provides the connectivity to other networks for you. Traffic to networks that are not connected using the first two methods will be routed through the transit networks. The advantage of these links is that a large proportion of the Internet is accessible. On the other hand, with these networks you have little influence over the quality of the link. For transit traffic, SURFnet uses the networks of KPN and GTT. Both these networks are connected to the two core routers.
Search for optimal links
Incoming and outgoing traffic exchanged via the core routers is continuously analysed using specialised software that visualises the traffic flows. This software shows clearly how much traffic is being exchanged with which networks.
It also indicates which and how many intermediate networks the traffic passes through in order to reach its destination. In order to guarantee the quality of the link, the aim is to route traffic to its final destination through as few as possible or high-quality intermediate networks.
All of this data is used to configure links with other networks as efficiently as possible. If a large amount of traffic is exchanged, for example, the party concerned should be connected directly through a PNI. If the network path (the number of intermediate networks) is very long, it may be possible to optimise it by exchanging traffic to this destination through an exchange.
High level of quality and availability
Careful and continuous monitoring of how links with external networks can best be achieved ensures that Dutch education and research institutions receive a high-quality Internet connection. And, as a result, staff and students can do their work effectively at any time of the day or night and anywhere in the world.