Embed Size (px)
Citation preview
Network Registration & Bandwidth ManagementNetwork Registration & Bandwidth Management
Gary Holeman
Ken Johnson
Tim Medin
LeTourneau Internet Bandwidth HistoryLeTourneau Internet Bandwidth History
• 1998 – 1.5 Megabit/sec shared with 5 institutions, very unreliable• 2000 – 1.5 Megabit/sec dedicated, commercial provider• 2002 – 3.0 Megabit/sec dedicated, commercial provider• August 2004 – 6.0 Megabit/sec dedicated, two commercial
providers, Autonomous System Number (ASN) belongs to LeTourneau, Border Gateway Protocol (BGP) Routing to balance load between providers and provide fault tolerance
• March 2005 – 9.0 Megabit/sec dedicated, two commercial providers• June 2005 – 21 Megabit/sec on a full SONET fiber ring both to the
campus and on the campus, providing protection from fiber cuts, both on the campus and within Longview. 3 Megabit/sec with secondary provider for fault tolerance.
• July 2006 – Expanding to 45 Megabit/sec on the SONET ring, with two different sources
LETU Internet Bandwidth
0
5
10
15
20
25
30
35
40
45
50
1998 1999 2000 2001 2002 2003 2004 2005 2006
Year
Mbit/sec
AssumptionAssumption
• It will not be possible to control the growth in bandwidth use without individual responsibility and accountability.
BackgroundBackground
• Background
• Problems–Virus Containment
• Outbreak in Fall 2004
–Difficult to Quarantine
–No Direct Policy Notification
RequirementsRequirements
• Quarantine
• Trust Registered Computers
• Track Usage
• Force DNS Naming
• Security Levels
Registration SolutionsRegistration Solutions
• NetReg–Tested & Stable–Moderate Support
–Security Only at Boot–No VLAN Support
Decision: Not Secure Enough
Registration SolutionsRegistration Solutions
• Commercial Software–Dedicated Support
–Stable
–Very Expensive
Decision: Too Expensive
Bandwidth Management SolutionsBandwidth Management Solutions
• Commercial Software–Stable–Ramping
–Expensive–Support
Decision: Implementation Failed
Registration SolutionsRegistration Solutions
• Custom Solution–Monetarily “Cheap”
–Customizable
–Development Time
Citadel is Born
CitadelCitadel
Connect to Network
Redirect to Registration Page
Validate Username, MAC, and Hostname
Agree to Policies & Submit
Move VLAN
Registration ProcessRegistration Process
Wait for New IP
CitadelCitadel
Link UpLink Up
QuerySwitch
QuerySwitch Lookup
MAC
LookupMAC
MoveVLAN
MoveVLANLink Life CycleLink Life Cycle
LinkDown
LinkDown
SNMPLink Down
Trap
SNMPLink Down
Trap
SNMPLink Up
Trap
SNMPLink Up
Trap
Link UpLink Up
SNMPLink Up
Trap
SNMPLink Up
Trap
QuerySwitch
QuerySwitch Lookup
MAC
LookupMAC
MoveVLAN
MoveVLAN
LinkDown
LinkDown
SNMPLink Down
Trap
SNMPLink Down
Trap
MoveVLAN
MoveVLAN
CitadelCitadel
Query PacketShaper
Translate IP to MAC
Lookup User
Log DataMove VLAN (Over Limit)
Bandwidth LoggingBandwidth Logging
Wait next interval
ComponentsComponents
Citadel
Watchtower Garrison Keep Emissary Herald
SNMP Trap Handling
MoveVLANs
Management (Web)
BandwidthManagement
Messaging
Security Levels & VLANsSecurity Levels & VLANs
Untrusted Untrusted
Student Student
Faculty/Staff Faculty/Staff
Voice Voice
Admin Admin
Special Special
ManagementManagement
ManagementManagement
ManagementManagement
ManagementManagement
ManagmentManagment
ManagementManagement
ResultsResults
• No Virus Outbreaks
• Faster & Better Tracking
• Easier Network Troubleshooting
• Better Communication
Implementation StepsImplementation Steps
• Fall 2005 – Announced future bandwidth allocation to student
• January 2006 – FAQ with limits and costs provided to students
• January 2006 – bandwidth detail pages available to students
• Student newspaper articles, student IT committee meetings
• May 2006 – Limits and costs in place
Costs and LimitsCosts and Limits
Internet usage limit Monthly Fee
< 3 GB/month Free
3 - 10 GB/month $25
10 - 30 GB/month $40
30 - 50 GB/month $60
50 - 120 GB/month $100
Questions?Questions?
Thank YouThank You
