www.linbit.com: Federal German Foreign Office, Germany

All 230 German embassies and consulates are using DRBD as standard for their HA solutions. DRBD (Distributed Replicated Block Device) is therefore a major component of the Foreign Offices IT strategy. DRBD is now available in version 8.3 with new key functionalities: e.g. support of storage devices larger than 4 Terabyte and Multi-Node-Replication. http://www.drbd.org

Unnoticed by the general public the Federal German Foreign Office conducted one of the most spectacular success stories of the IT world. Still everyone should know about it, because by using Open Source Software their IT department saved a lot of money for the tax payers. In 1999 Linus Torvald had a vision: “"I'd like to say that I knew this would happen, that it's all part of the plan for world domination." Today – 10 years later – The Federal German Foreign Office put this vision into effect like no other organization or company.

Until 2001 the Federal German Foreign Office like many other public authorities was dominated by proprietary software . Even products like Windows 3.11 and Microsoft Mail were in use, but at that time only a few of the embassies had access to electronic communication with the headquarter. In 2001 a Virtual Private Network (VPN) was introduced. “Due to our low budget the use of Windows, and in consequence of the inevitable additional costs for Exchange based mail servers and database servers, was not an option!�? explains Torsten Werner, IT department of Federal German Foreign Office. This resulted in a total shift of their IT strategy and IT infrastructure.

Today the Federal German Foreign Office is running an IPsec secured intranet, which is permanently accessible to all of their staff worldwide. It is used for email communication, standardized reporting and posting decrees. High Availability of the VPN is achieved by a radial topology with two central locations in Berlin and Bonn. A special router in every location is connected to 2 internet-providers for redundancy and load-balancing. In addition the so called “SINA�? IPsec-gateways are redundant. After completion of the roll-out the Federal German Foreign Office has a worldwide state-of-the-art data network at hand, which is even certified for the exchange of classified information.

Due to the lack of highly available broadband connections in every location of the world local servers were a must. The Debian server configurations are managed by a dedicated central LDAP server. This allows them to install many similar servers automatically. The Linux HA-Clusters in all outposts are automatically installed that way too. The local servers are all highly available in a fail-over configuration and run in active-active mode (load-balancing). Distributed DRBD volumes are automatically supported and flexibly managed by the Logical Volume Manager (LVM). Updates can be distributed and monitored on a huge number of servers.

The step-by-step migration to Open Source Software in the past 7 years was realized with a minimum of budget. The Federal German Foreign Office has only 0.9% of the Federal German budget at hand and compared the budget the United Nations, a organization with comparable size, only 25% .