Campus Wireless Network kitenet
Koji OKAMURAResearch Institute for Information Technology, Kyushu University
Overview of Kyushu Univ.• is located in Fukuoka City of Fukuoka
Prefecture.– Population of Fukuoka City is 1.3M.– Population of Fukuoka Pref. is 5.0M.
• has– 20,000 students and 10,000 staffs
(faculties and etc.).– and two main big campus (hakozaki and
ito) and several satellite campus (hospital, chikushi and oohashi ).
– every campus are connected 10G.• uses
– AS2508 and one Class B address (133.5.0.0/16).
Campus of Kyushu Univ.
New Main
Main
Hospital
Art
Material, Energy etc
15km
Why Campus Wireless Network is necessary ?
• Everyone of Kyushu Univ. want to use Internet when they come to University.
• Everyone had bought and set-upped their own Wireless AP.– Only owner can use his Wireless AP even there are so
many Wireless APs in campus.– Policies for Member of Kyushu Univ. and guests should be
different.
• Computer Center had decide to introduce Campus wide wireless network in 2006.
The 1st Version (2003~2007)• Mobile IP based.
– Non Standard.
• 228APs• Special Driver (Software) is necessary.• The product becomes “Dis-Continue”.• No Windows Vista support.
The 2nd Version (2006~
• 802.1x Base• 591 APs• APs are installed with
core network when the new building is build.
Infrastructure
Campus Network of Kyushu Univ.(KITE)
Campus Network of Kyushu Univ.(KITE)
Commercial Network
Commercial Network
Ether Switch
Authentication Server
Authentication
Campus Network of Kyushu Univ.(KITE)
Campus Network of Kyushu Univ.(KITE)
Commercial Network
Commercial Network
Ether Switch
Authentication Server
Connecting
Dynamic VLANDynamic VLAN
Campus Network of Kyushu Univ.(KITE)
Campus Network of Kyushu Univ.(KITE)
Commercial Network
Commercial Network
Ether Switch
Authentication Server
Campus Network of Kyushu Univ.(KITE)
Campus Network of Kyushu Univ.(KITE)
Commercial Network
Commercial Network
Ether Switch
Authentication Server
Policy for each user can be supported.
Commercial ISPCommercial ISP
Kyoto Univ.Kyoto Univ.
Tohoku Univ.Tohoku Univ.
133.5.7.0/24133.5.7.0/24133.5.22.0/24133.5.22.0/24
133.5.11.0/24133.5.11.0/24
System Design• Functions
– Authentication• 802.1x → Mandatory• Web → Option
– Dynamic VLAN • Wired
– AX (MAC VLAN)• 802.1 1X
– SW or Wireless AP which can pass EAP packets can be cascaded.
• Web
• Wireless– Allied Tetesis (Tagged VLAN)
• 802.1X• Web(not supported)
AX
Wireless AP by Allied Telesis
SW or Wireless APwhich can pass
EAP packets
Port which is set ofAuthentication
RadiusServer
Core SW
Center Network
User Network
SWwhich can not
pass EAP packets
AT-TQ2403
AX-630x
Dynamic VLAN
WirelessAP
WiredSW
WirelessAP
WiredSW
WirelessAP
VID=xxx
VID=yyy
VID=zzz
Radius
kitenet (IPv4)
WirelessAP
WiredSW
WirelessAP
WiredSW
WirelessAP
VID=xxx
VID=yyy
NAT NAT
InternetInternetKyushu Univ.
Kyushu Univ.
ISPISP
10.1.0.0/16
10.2.0.0/16
kitenet (IPv6)
WirelessAP
WiredSW
WirelessAP
WiredSW
WirelessAP
VID=xxx
VID=yyy
NAT NAT
InternetInternetKyushu Univ.
Kyushu Univ.
ISPISP
10.1.0.0/16
10.2.0.0/16
QGPOPIPv6
QGPOPIPv6
2001:200:905:15f1::/64
2001:200:905:15f2::/64
The current situation• every one can use Internet using Windows, Mac,
iPhone, Windows Mobile….• even guests can use Internet when they come to
Kyushu Univ. based on security policy of Kyushu Univ.– Conference at Kyushu Univ.
New
Main
Hospital
Art
Material, Energy etc
15km
Future Works• Big segment across whole campus
management/authentication
Kyushu University
Guest
Future Works• They should be segmented.
• IPv4 is used for each segment.– Virtual Router will support the routing.
AuthenticationManagement
Kyushu Univ.
Guest
Thank you very much!
Top Related