Embed Size (px)
Queensland University of Technology
CRICOS No. 00213J
Internet Access and Accounting @ QUT
Presented by:
Peter Kurtz
February 2008February 2008
Queensland University of Technology
CRICOS No. 00213J
Overview
• Features• Elements• Activation Sequence• Quotas• Traffic Bandwidth Management• Usage Reports and Monitoring• Future Trends
Queensland University of Technology
CRICOS No. 00213J
QUT Internet Accounting - Features
• Juniper Internet Accounting solution (3 years) • Real time user level accounting and billing• Web login• Gigabit throughput• Uses BGP to dynamically update free and
charged sites• Current System handles 8,000 users
simultaneously in peak times
Queensland University of Technology
CRICOS No. 00213J
Internet Accounting Service - Elements
KGNetscreen ISG
GPNetscreen ISG
KG Router
CA Router
KG SDX
GP SDX
Internet Router
GP Router
Charged
KG ERX
Charged
GP ERX
IAS Portal
• E-series edge router (ERX)– Creates Dynamic Subscriber
Interfaces (DSI) for new connections – Routes the new interface
based on SDX instructions– AARNet BGP community strings are
used to forwarded "over" the DSIs for free traffic, flows through DSIs for charged traffic
• Service Deployment System (SDX-300 on Solaris)
– Sends provisioning, routing, & data rates info to ERX
– Access Control is provided by LDAP service
– LDAP stores user account details and policies
• Access Portal (Linux + Apache) – Provides Authentication Services
Queensland University of Technology
CRICOS No. 00213J
IAS – Activation Sequence
KGNetscreen ISG
GPNetscreen ISG
KG Router
CA Router
KG SDX
GP SDX
Internet Router
GP Router
Charged
KG ERX
Charged
GP ERX
IAS Portal
• Client attempts an Internet connection
• Packet hits the ERX– DSI is created– DSI Route policies applied– Queries SDX for DSI policy
• Client is redirected -> Access Portal– AP sends login user message
• SDX Setup the DSI– classifies the user– sends the user policy to the ERX for the DSI
• Client now has access to the internet– Client keep alive browser window
keeps internet connection open
Queensland University of Technology
CRICOS No. 00213J
Student Quota Type Description
IAS Entitlement
(MB)
0 Non-Quota(Staff) 0
1 Non-Credit 0
2 Under-Graduate, Part-Time 75
3 Under-Graduate, Full-Time 150
4 Under-Graduate, External 75
5 Post-Graduate, Part-Time 150
6 Post-Graduate, Full-Time 300
7 Post-Graduate, External 150
8 Post-Graduate, Research, Part-Time
225
9 Post-Graduate, Research, Full-Time
450
10 Post-Graduate, Research, External
225
11 International 750
12 Guest IAS [previously Gold-Pass Holders]
300
15 Leave of Absence 0
• Free quota based on enrolment type for Students – This covers legitimate Internet
usage like tutorials, study etc.
• Staff have unlimited quotas
Student and Staff Quotas
Queensland University of Technology
CRICOS No. 00213J
IAS - Provisioning
• User Provisioning – QUT's corporate directory push user details to the LDAP
directory on the SDX– Account name & authorisation information are used by DSI's on
the ERX
• Server Provisioning– QUT’s Server Registration System manages and when the ERX
queries the SDX as to how it is to manage a new interface, the SAE will reply with a Static Subscriber Interface (SSI) and the service will be automatically provided with service
– Servers are not quota limited.
Queensland University of Technology
CRICOS No. 00213J
Internet Access Service Traffic Bandwidth Management
• Traffic shaping– No driver to traffic shape
• Rate limit traffic– Students are limited to 10M and then rate limited to
modem speeds (56K) once they go over quota – Staff are limited to 10M– Supervisors to place a limit on the amount of traffic
downloaded by an individual.
Queensland University of Technology
CRICOS No. 00213J
Usage Reports and Monitoring
• IAS Reports– Current Status– Personal reports– Admin reports based
on cost centre
• Usage Monitoring – Done by the business
Queensland University of Technology
CRICOS No. 00213J
Internet Usage Trends
• Internet Usage will increase even though QUT has a quota based system
Queensland University of Technology
CRICOS No. 00213J
What Next?
• In 2008-9 QUT will either refresh or replace the current Internet Accounting System– Replace keep alive window– Increase concurrent use limits– Remove in-house developed code
Queensland University of Technology
CRICOS No. 00213J
TheThe
EndEndTheThe
EndEnd
