[524] in Resnet-Forum
Re: Intelligent hubs
daemon@ATHENA.MIT.EDU (Sandy Vavrinek Seehusen)
Tue Feb 28 17:28:00 1995
From: Sandy Vavrinek Seehusen <sandyv@ux1.cso.uiuc.edu>
To: JOHNB@ubo.lan.mcgill.ca (John Bates, McGill Business Operations)
Date: Tue, 28 Feb 1995 16:09:27 -0600 (CST)
Cc: Resnet-forum@MIT.EDU
In-Reply-To: <199502282008.PAA00662@sifon.CC.McGill.CA> from "John Bates, McGill Business Operations" at Feb 28, 95 03:04:28 pm
|
|We are contemplating wiring our residence halls, beginning with a
|pilot this summer. Our Computing Centre Director is proposing that
|we use intelligent hubs to link a NIC in a student's PC or Mac to the
|backbone, rather than building LANs and connecting through them.
|He believes that this will reduce costs, will reduce LAN and shared
|application software management problems (there won't be any) and
|improve security at the individual pillow.
|
|Most of the discussions I have seen (and understood) on resnet have
|had to do with conventional LAN solutions. Has anyone gone the
|intelligent hub route or have comments on it?
|
I would seriously recommend considering building a LAN using the
intelligent hubs. The primary reasons would be traffic, manageability
and security. I wouldn't dream of directly connecting any of our res
hall nets off the backbone, even if the net architect would let me.
We have about 3000 rooms connected to our Residence Hall network
(URHnet), only 1/3 of the connections are active. We have concentrated
on very automated and very secure systems.** We have been monitoring
huge levels of traffic from these nets, and very high levels of 'gunk'
to go along with it. 'Gunk' means anything bad from collisions to
broadcast storms and is caused by anything you can think of that a
student might try, from a poorly configured Linux machine, to a CS
experiment, to plugging in an answering machine to the data port. There
needs to be some sort of filtering measures in place.
And as far as security goes, yes the intelligent hubs do improve the
security levels to some degree, but it is not 100% reliable. It is not
uncommon for these 'intelligent' hubs to go stupid on occasion. Many
vendors set the default on the secured features to be 'port enabled',
'security disabled'. We have noticed cases where the hub took a power
hit and all the settings returned to default. I personally would be
uncomfortable offering that window of opportunity to any student or
resident that might be inclined towards mischief.
We have instead placed our students on the other side of an intelligent
hub, which is on the other side of a switch, on the other side of a
router from our backbone. And still.... on they surf, on they doom, on
they mud...:)
/svs
**I did a presentation at last summer's ResNet Forum detailing our setup
which will be available on the web at
http://tampico.cso.uiuc.edu/~sandyv/urhnet
as soon as I get my butt in gear and finish editing it. If you're
really interested in it and I've been dragging my feet, send me a little
private email to get it moved from my 'B' list over to the 'A' list of
things to do. don't bother the mailing list with it. I've been bad bad
BAD about not getting it done. There are all sorts of links to other
stuff from there at the moment.
--
sandyv
