Wednesday, July 14, 2010

Ohio Union, Hays Cape Room
The Ohio State University
Columbus, OH

OpenFlow

  • Could shorten time for features to be developed
  • Could eliminate need for routing protocol
  • Focus is now on the control plane, what about the management plane?
  • Should examine this space in about twelve months

VRFs

  • DNS: DNS servers colocated with each core router - ANYCAST (cross vrf distributions
  • Most have implemented between 2 and 8 VRFs
  • Internal training component

Firewall

  • Juniper SRX
    • Check performance of flows
    • Different platforms - difference code features
    • NSM - manage ACLs and firewalls
  • ASA
  • CheckPoint
  • Consolidation
    • create zones
    • attaches are internal rather than internal
    • BigFix and automated patching
  • ACL vs Firewall rules
  • Host based firewalls: replace or supplement hardware firewall
  • ASA 5550 as VPN concentrators

Wireless

  • 802.1X vs Captive portal
  • Express Connect?
  • Token - second factor
  • 802.1X wired ports
    • Supplicant issues?
    • On MAC per port
    • Switch on a port rather than an end user
    • Change VLAN based on MAC address
  • QoS
  • If fail on EAP, automagically try captive portal
    • Send user email about EAP if captive portal used
  • Register MAC before connect to network
    • Students self register at start of semester
    • Faculty can bulk register or use web page
  • Guest Access
    • AT&T
  • Use SMS to send credentials for guest access
  • departmental WLAN
  • pulling more or less CAT6? CAT5?
  • dense wireless in classrooms
  • DFS - 4 non overlapping channels
  • N increases coverage by 30%

IPv6

  • Google whitelist
  • Win7 VPN to AD with IPv6
  • When on public facing services
  • Use wireless to get users feet wet with IPv6
    • users have control with connection to SSID
  • Addressing?
    • put VLAN ID in IPv6 address
    • incremental assignment
    • infrastructure towards the bottom
    • probably going to be wrong, do it small and then do it again
    • address around core infrastructure
  • Apple may cave on DHCPv6 on MacOS soon
  • NAC with MAC and DHCP
  • Sending DNS in RAs
  • 6to4 tunnels

Data Center Cabling

  • Top of rack
  • Power in the floor or from overhead
  • Some in row cooling or cooling from the floor
  • CAT6 and Fiber
  • OM3 50 micron
  • 210 block above rack
  • Twinax - > 5m but not all NICs can drive it

Cellular DAS

  • Superior DAS, Cronwcastle, NextG, US Tower
  • Leaky coax
  • CoW
  • Public safety to help pay way

CATV

  • Video Furnace
  • Move Networks bankrupt
  • Anook
  • Wait and maybe HULU will solve the problem
  • MFH3 DirectTV - IP advantage
  • Building signage
    • PC in some TVs now
    • safety message: cell phones off during class, put TV in each classroom

Thursday, July 15, 2010

Video Conferencing

  • Consistency
  • QoS
  • Get the standard out fast or will turn into the wild wild west
  • Audio bridge?
  • WebX
    • presentation - conversational not so good

Future Meetings

  • Senior Network Engineers and Architechs
  • Invite host institution
  • Public facing site with mission statement - What are we about?

10G to the Edge

  • Third party SFPs
  • Failure rates

Help Desk

  • After hours coverage?
  • Equipment pages if core equipment down
  • If department problem, reserve the right to charge
  • After hours, technical ability varies
  • Consolidation

Decentralized to use Centralized services

  • Security a big driver
  • Sticks and carrots?
  • Centrally funded
  • Upgrades are bring some along
  • Give uses control of ports settings
  • Money crunch is driving many to centralized services

Long reach copper

  • Actelis
  • ADSL

Wireless Authentication

  • No labels