Engineering Computing report to CNAG October 2004

• wireless - recently ran out of IP addresses for wireless clients on the 68 subnet which serves Engineering. Only 100 out of a possible 253 ip addresses were available for wireless clients. The following steps have been taken:
• The management interfaces for most access points have been moved off of the 68 subnet, and on to the 37 subnet, so that the APs do not waste IP addresses which could be used for wireless clients. This requires an 802.1q trunk feed to each AP. Instructions for configuring an Avaya AP for 802.1q trunk use and separating the management interface from the wireless clients are here.
• An additional 88 IP addresses (for a total of 188) have been added to the wireless client pool on the 68 subnet.
• The max and default dhcp lease times in /usr/local/etc/dhcpd.conf have been changed from 14400 and 3600 seconds to 3600 and 1200 seconds, respectively, after noticing many leases were consumed by wireless clients connecting for a short period, and then leaving.
• Departmental firewalls. Diagram added to Engineering Computing Firewall Services document showing how to introduce a firewall while maintaining a layer 2 path through the network. This has a number of advantages, for example the ability to support an institution wide vlan.
• Audio Visual and classroom1net - The Audio Visual departments classroom equipment (ie projectors, podium stations) go on classroom1net (53 subnet) for much of the campus, but not in Eng, Science or DC, as the 53 network is not trunked from the IST core into these areas. While there is no technical requirement that AV equipment be on a single subnet, Randy Boehm of AV advises that his departments work would be simpler if their equipment was on the same subnet across the entire campus. The issues are DHCP, equipment inventory, preconfiguring equipment before deployment, troubleshooting, and deploying spare equipment. Staff from IST, EngComp, SciComp and AV have discussed the issue and are keen to streamline the situation. Summary:
• Trunking the 53 subnet into Eng,DC,Sci is technically straightforward.
• Or, a separate classroom2net could be made for Eng,DC,Sci
• AV has approximately 100 devices, subnet limit is 253, so multiple subnets may be required some day anyway.
• Randy would like a single point of contact to obtain DNS name, switch port, etc. IST Production Support could provide that interface, independent of what happens behind the scenes to make things so.
• Extreme equipment failures in DC - Higher than expected failure rate on equipment with a date code of 00 (manufactured in 2000). Approximately 10% of such Summits (edge devices), and 10% of such modules in Alpines/Blackdiamonds (core devices) have failed in each of the 4 years since installation. This contrasts with an estimated 1% annual failure rate on our aging Cisco equipment. Extreme has acknowledged quality control problems for the manufacturing period in question, and we are talking to them about a solution. The support contract on the DC Extreme equipment ends Sept 29, 2005. To date there have been no hardware failures on the approximately 30 Extreme switches in Science, Eng and EIT which were manufactured in 2002/2003/2004.
• qos and multicast assessment - see qos and multicast capability table. An assessment of the qos and multicast capabilities of our network equipment is in progress.
• Open Network Administrator (ona) - added a TopPorts and RealTimeStats button to the switch screen to give a snapshot of the busiest ports and perform real time traffic graphs on all ports, respectively.