Abstract
A network topology was needed to meet the various needs of the NEPTUNE and VENUS ocean observatories. On the one hand the data are, in principle, all public and should be made available to the world as soon as possible. On the other hand issues such as security of the network and sensitivity of data mean that it is not prudent to put all systems on the public internet. A remote secondary data centre is required in order to maximize data availability and minimize data loss. The topology of the NEPTUNE/VENUS network uses a variety of strategies to fulfill these requirements. The NEPTUNE and VENUS observatories consist of shore stations, a primary data centre and a disaster recovery backup site. The sites are all inter-connected by network links provided by CANARIE and commercial providers. The primary data backhaul line between the Port Alberni shore station and the University of Victoria data centre has a bandwidth capability of 10 gigabits per second (Gbps), the other links are lGbps or less. In addition to the high bandwidth connections we also have secondary connections in case of failures to provide limited connectivity to monitor and control our remote systems. The internal network bandwidth is at least lGbps up to the junction boxes to which the instruments are connected. Connections to the instruments vary greatly depending on the requirements of the data flow to and from the instrument. Most of the system is segregated on a private network that has no public access, however a handful of servers also have interfaces on the public network to serve data and web services to the world. Inside our internal network we have a number of Virtual Local Area Networks (VLANs) to separate various functional components: an undersea VLAN contains most of the instruments and the servers that collect their data, a data VLAN combines all the data processing, archiving and storage elements and management VLANs group other elements such as network devices and shore station infrastructure. We have also implemented VLANs for additional security features; one VLAN to segregate data from acoustic instruments that are considered sensitive by the Canadian and US navies and VLANs to provide limited VPN access to certain devices at the shore stations. There are a variety of situations where individuals such as researchers require access to the underwater instruments. The primary channel to provide this access is through the observatory software. The software bridges the internal and external networks and provides user interfaces the allow authorized individuals to access and control underwater devices. In exceptional circumstances we also create software and/or hardware based VPNs that provide a more direct connection to the instruments and some infrastructure components. In case of a major disaster that causes extensive damage to the data centre we have implemented a backup centre in Saskatchewan. This site can take over the data searching and other web-based services. Data in both the database and the file archive are continuously replicated to this backup site. The Saskatchewan systems are also currently being used as a secondary web site. We are using a global load balancing system that distributes requests between the primary data centre and the backup site. In case of a failure at either end the other end can take over until the situation is resolved.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
