Case Study of RSU-CAN(Pt. Ravishankar Shukla University- Campus

Area Network)

Presented By

Manoj K Tiwari ,

S.O.S In Computer Science & I.T.

Pt. Ravishankar Shukla Univers ity, Raipur (C.G) India

Outline

• Introduction• Network - VSAT• Equipments Installed• Server Setup• VSAT at University• How Managing Network • Challenges and Solution• Summary

INTRODUCTION

• Pt. Ravishankar Shukla University is Chhattisgarh's oldest University of higher education, Chhattisgarh is newly born state of INDIA. The campus of University is spread in 207 acres of land. There are thirty teaching departments in the University. Out of which six department’s buildings have been constructed recently.The total number of employees is about 500, who provide the

administrative support at different levels.

Conti….

INTRODUCTION• There are many talented and hardworking students in the University

who are engaged in Research and higher studies with the help of minimal infrastructure in isolated academic environment. Internet connectivity is the only source of continuous technical knowledge up-gradation and new information for these students in this under privileged region of Chhattisgarh state. There are 5000 students enrolled for variety of courses offered by the departments In the academic year 2005-06, 1,25,000 students were enrolled, both for undergraduate and postgraduate courses. The University plays a major role in influencing the educational, cultural and economic life of the region but due to the lack of proper connectivity it is unable to fulfill its role in a effective manner.

Conti…

U.G.C. New Delhi , India has provided our University VSAT connectivity under UGC-INFONET program with SCPC-512 kbps/1 Mbps bandwidth, which is installed in our S.o.S. in Computer Science and I.T. department and functioning successfully in our University. Now the Campus Wide Networking equipped with Cisco Router, Network Switches, fiber optics for University Campus has been done and this facilities is now functional in many of the School of Studies and University Library as well, under the same program, INFLIBNET Center, Ahmedabad is providing about 2000 Journals/databases of various disciplines. In the same RUS-CAN major challenges are proper distribution of bandwidth through the University Campus, Protect the RSU-CAN from Virus, Spam and Spy ware, that is cause of Router Jam. Internet access speed suddenly gets down

VSAT at University

Equipments Installed

5000 metersUTP cable 7.

3500 metersFiber Optics Cable 6.

1D-Link Central Switch DES-1200 M 5.

15D-link Network Switches DES-1024R

With fiber optics connector 4

1Indoor Unit, Out door (RF UNIT), Dish Antenna 3.8 meter Cisco Router 1721

series

3.

2IBM Server 225 Series 2.

1SCPC-VSAT with 512 kbps/1 Mbps Bandwidth With all necessary equipments (No. 3)

1.

QtyEquipments S.No.

Server Configuration

Configuration of Server – DHCP/Web server• IBM Server 225 Series , Xeon Processor

• 512 Mb RAM• 256 Cache Memory

• 40 GB HDD

• DVD-CD ROM,NIC Card.USB Port

• Monitor, keyboard, Mouse

Configuration of Server – DNS• WIPRO Net Power , Xeon Processor• 512 Mb RAM

• 256 Cache Memory

• 40 GB HDD

• DVD-CD ROM,NIC Card, USB Port• Monitor, keyboard, Mouse

DNS Server Configuration

Operating System used

• Windows 2003 Server, why • Active Directory : A central component of the Windows server operating

systems, the Active Directory directory service provides the means to manage the identities and relationships that make up network environments

• Clustering Technology :Clustering technologies provide significant improvements in availability, scalability, and manageability. Installation is easier and more robust in Windows Server 2003, and enhanced network features provide greater capabilities and high system uptime

• Kerberos : Kerberos is an authentication mechanism used to verify user or host identity and is the preferred authentication method for services in Windows Server 2003.

• Windows 2003 is a secured platform, it lets organizations to take advantages of security services.

Typical Hub Scenario

SCPC DAMA System• Single Channel Per Carrier Demand Assign Multiple

Access , some times also called Bandwidth On Demand, is an increasingly popular technique to improve connectivity, efficiency and more over Economics of time varying Mesh Satellite Networks as compared to Fixed SCPC and MCPS Satellite Networks being very expensive. In DAMA Systems there are Minimum Recurring charges of the Limited Leased Bandwidth as the bandwidth acquired remains in a pool for the usage for different locations and applications.

A DAMA system is typically a single hop satellite transmission network which allows direct connection between any two nodes in the network among many users sharing a limited "pool" of satellite transponder space.

VSAT• VSAT stands for "Very Small Aperture Terminal" and refers to

receive/transmit terminals installed at dispersed sites connecting to a central hub via satellite using small diameter antenna dishes (0.6 to 3.8 meter).

• VSAT networks are now viewed as the most flexible platform in the communications marketplace, typically allowing remote locations to communicate with other sites or a centralized computing facility.SCPC is used for economical distribution of broadcast data as well as

for full-duplex or two-way data or video communications.• In a SCPC system, user data is transmitted to the satellite continuously

on a single satellite carrier. The satellite signal is received at a single location, in the case of a point-to-point system, or at many locations in a Star Hub Configuration.

Applications & Benefits

• wide geographic coverage • high availability • flexible network configuration • rapid network deployment • Centralized NMS. • Cost Effective • Bandwidth On Demand, Pay what you use. • Internet • Video Teleconferencing • Bank transactions, ATM • Reservation systems

Primary Goal

• Providing reliable performance and services at lowest possible cost.

• Provide appropriate level of performance and services to different user on the basis of their needs.

• Provide high speed networking to entire University campus as well as application based services.

• Provide high speed of Internet access in order to appropriate utilization of e-journals provided by INFLIBNET Center.

• Conducting e-learning program through RSU-CAN• System must be able to handle heavy network load.

Scenarios of Buildings

Existing Server Setup

Using DHCP (Dynamic Host Configuration

Protocol ) , Why ?

• DHCP protocol is used to assign IP addresses to hosts or workstations on the network. Usually a DHCP server on the network performs this function. Basically it "leases" out address for specific times to the various hosts. If a host does not use a given address for some period of time, that IP address can then be assigned to another machine by the DHCP server. When assignments are made or changed, the DHCP server must update the information in the DNS server.

DHCP Lease Stages• Lease Request - The client sends a broadcast requesting an IP

address • Lease Offer - The server sends the above information and marks the

offered address as unavailable. The message sent is a DHCPOFFER broadcast message.

• Lease Acceptance - The first offer received by the client is accepted. The acceptance is sent from the client as a broadcast (DHCPREQUEST message) including the IP address of the DNS server that sent the accepted offer. Other DHCP servers retract their offers and mark the offered address as available and the accepted address as unavailable.

• Server lease acknowledgement - The server sends a DHCPACK or a DHCPNACK if an unavailable address was requested.

DHCP Server

Client Reservation

• Client Reservation• Client Reservation is used to be sure a computer

gets the same IP address all the time. Therefore since DHCP IP address assignments use MAC addresses to control assignments, the following are required for client reservation:

• MAC (hardware) address • IP address

Gateway/Cisco Router 1721

• A gateway can translate information between different network data formats or network architectures. It can translate TCP/IP to AppleTalk so computers supporting TCP/IP can communicate with Apple brand computers

• A router is used to route data packets between two networks. It reads the information in each packet to tell where it is going. If it is destined for an immediate network it has access to, it will strip the outer packet, readdress the packet to the proper Ethernet address, and transmit it on that. Network Routers do not send broadcast packets or corrupted packets. If the routing table does not indicate the proper address of a packet, the packet is discarded.

How Managing Network• Central hub is installed at ERNET India Center, Banglore connected to VSAT

facility with DAMA Phone of University.The central hub controls the entire operation of the communication network. At the hub there is a network management system server which allows a network administrator to monitor and control the networks.

• Two DNS server installed at ERNET Banglore IP Add. 202.141.99.9 and 202.41.1.131

• Technical person of ERNET is monitoring bandwidth and traffic of network. University can get status about network.

• Graphical view of used bandwidth by university can be seen on “www.ugcinfonet.ernet.in/bwview.asp “ . If network generate undesired packets, they inform to University and accordingly takes decision what to do. Some time University used to do disconnect the segment getting undesired packets.

• Servers are equipped with trial version of anti virus, anti spy ware package.• Trial version of Bandwidth monitoring software is using locally.• Trial version of Network view software is using for Network Monitoring.

Graphical View of Bandwidth taken from www.ugcinfonet.ernet.in/bwview.asp

Daily Graph of 02/09/06

Weekly Graph

Monthly Graph

Yearly Graph

Blue color is Transmit Traffic, Green color is Receive Traffic

Challenges• Pt. Ravishankar Shukla University serving the community of Education,

faced major obstacles in a way to build a high-speed computer network for empowering teachers and research scholars and students with instant connectivity to share information with each other.It needed a network that should be both fast and reliable for sharing Internet, email, files, printers, and other school resources.

• In order to meet the information access and educational goals, the Pt. Ravishankar Shukla University, Raipur needed to provide network access for all across the campus.University network provides the local area network,Computer labs (150 to 200 computers), access learning applications, and access to the Internet.

• Network security is a top priority for University, focusing primarily on two fronts: securing the confidential of Teachers/student information that is stored in its system database, as well as ensuring the web information are protected from unauthorized activities.

• “In today’s world, network security is just as important as physical security for schools. University need to ensure the students are supervised while they are on campus.

Problems. • Since Web server installed here, hackers may access the computers and

server without valid authentication for steeling the information, hacking may also lead to interception of the information from network. So some sort of security measures need to be employed to control traffic as well as hacking.

• Virus and spy ware problems at user end, which is the cause of Router Jam.

• Internet access speed suddenly gets slowed down.

• Some terminal runs with proper Internet access speed while some suffers form slow access speed. It may cause of virus, spy ware or unequal distribution of bandwidth.

• At present got 1 Mbps bandwidth where 256 kbps is provided for transmission of data and 1 Mbps is for receiving data while about 150 PCs are connected with this Network

• Like any other wireless communication technology information transmitted via VSAT network could be intercept or interfered by a third party.

Suggested Solutions

• A Router on dedicated connections to the Internet should be plugged

in to firewall system.• Router should be configured with some filtering rules

• Proxy server may be used to monitor the traffic on the network and allowing users to to a limited number of services or some unwanted

services may be blocked.• Anti virus and anti spy ware should be install centrally or every PC

should be equipped with same.

• Bandwidth management tool should be installed in order to monitor the network properly.

• Packet filtering, Application level filtering and Web filtering is needed in order to provide secured network.

• Currently using windows 2003 server and Most of the PCs with windows O/S, need to move to Linux based operating system in order to make network more reliable, Virus free and less expensive.

Graphical View of Firewall Solution

Summary

The Pt. Ravishankar Shukla University needed a more reliable, less expensive, and more flexible way to network the far-flung campuses together. At the same time the connection should be secure and compatible with the client/server model. Number of Computers are being added to Campus Area Network and the fact that available bandwidth is already fully utilized. Bandwidth upgradation is needed to be increase.No security system like firewall has applied. More technical person and training is needed to address the network problems.

?

Thank You