the operator neutral access at kistaip. kistaip ? is a student dorm with 144 apartments
TRANSCRIPT
![Page 1: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/1.jpg)
The Operator Neutral Access At KistaIP
![Page 2: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/2.jpg)
KistaIP ?
• Is a student dorm with 144 apartments.
![Page 3: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/3.jpg)
KistaIP ?
• Is a student dorm with 144 apartments.
• Each apartment have a fiber connection to the router room at KistaIP.
![Page 4: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/4.jpg)
KistaIP ?
• Is a student dorm with 144 apartments.
• Each apartment have a fiber connection to the router room at KistaIP.
• The student obtains a fiber-to-Ethernet converter which is used to connect the fiber to a computer.
![Page 5: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/5.jpg)
The Network Infrastructure
• Each room is connected by a multimode fiber to one of the Dynarc 1124 routers.
![Page 6: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/6.jpg)
The Network Infrastructure
• Each room is connected by a multimode fiber to one of the Dynarc 1124 routers.
• There are 6 Dynarc 1124 routers with 24 ports providing 6*24=144 connections.
![Page 7: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/7.jpg)
Workstation
Laptop computerPC
Dynarc 1124
Dynarc 1124
Dynarc 1124
Dynarc 1124
Dynarc 1124
SD
Media C
onverter
LINK
PW
RLIN
K
5VD
C. 1A
_ __ __ +
UP
LINK
RX
TX
SD
Media Converter
LINK PWR LINK
5VDC. 1A_ __ __ +
UP LINK
RX
TX
SD
Media C
onverter
LINK
PW
RLIN
K
5VD
C. 1A
_ __ __ +
UP
LINK
RX
TXSD
Media C
onverter
LINK
PW
RLIN
K
5VD
C. 1A
_ __ __ +
UP
LINK
RX
TX
SD
Media C
onverter
LINK
PW
RLIN
K
5VD
C. 1A
_ __ __ +
UP
LINK
RX
TX
SD
Media Converter
LINKPWRLINK
5VDC. 1A _ __ __ +
UP LINK
RX
TXFiber
144Converters
Single mode Fiber
Apartment
Router room at KistaIP
24 ports
24 ports
24 ports
24 ports
24 ports
Mul
ti m
ode
Fib
erM
ulti
mod
e F
iber
5116 Router
Dual DTM RingInternet
IX Room
SM to MM converter
Dynarc 1124
24 ports
![Page 8: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/8.jpg)
The Network Infrastructure
• Each room is connected by a multimode fiber to one of the Dynarc 1124 routers.
• There are 6 Dynarc 1124 routers with 24 ports providing 6*24=144 connections.
• The 6 routers are connected to the Dynarc 5116 router at Electrum by a singlemode fiber.
![Page 9: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/9.jpg)
The Network Infrastructure
• Each room is connected by a multimode fiber to one of the Dynarc 1124 routers.
• There are 6 Dynarc 1124 routers with 24 ports providing 6*24=144 connections.
• The 6 routers are connected to the Dynarc 5116 router at Electrum by a singlemode fiber.
• The 7 routers build together a dual DTM (Dynamic synchronous Transfer Mode) ring.
![Page 10: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/10.jpg)
The Network Infrastructure
Dynarc 1124
Dynarc 1124
Dynarc 1124
Dynarc 1124Dynarc 1124
Dynarc 1124
Dynarc 5116
Dual Ring
Electrum
KistaIP
![Page 11: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/11.jpg)
Problems & solutions?
• How to provide operator neutral access.
![Page 12: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/12.jpg)
Problems & solutions?
• How to provide operator neutral access.
• Introduce the use of VLANs.
![Page 13: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/13.jpg)
Problems & solutions?
• How to provide operator neutral access.
• To provide an easy way to change between the providers.
• Introduce the use of VLANs.
![Page 14: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/14.jpg)
Problems & solutions?
• How to provide operator neutral access.
• To provide an easy way to change between the providers.
• Introduce the use of VLANs.
• Provide server side software.
![Page 15: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/15.jpg)
Problems & solutions?
• How to provide operator neutral access.
• To provide an easy way to change between the providers.
• Software free from the client side.
• Introduce the use of VLANs.
• Provide server side software.
![Page 16: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/16.jpg)
Problems & solutions?
• How to provide operator neutral access.
• To provide an easy way to change between the providers.
• Software free from the client side.
• Introduce the use of VLANs.
• Provide server side software.
• Use a form of web based login and control
![Page 17: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/17.jpg)
VLAN ?
• Virtual Local Area Network (VLAN) .
![Page 18: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/18.jpg)
VLAN ?
• Virtual Local Area Network (VLAN) .• Devices on different LANs that joins the same VLAN
have the ability to communicate with each other as if they were at the same broadcast domain.
![Page 19: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/19.jpg)
VLAN ?
• Virtual Local Area Network (VLAN) .• Devices on different LANs that joins the same VLAN
have the ability to communicate with each other as if they were at the same broadcast domain.
• Can be used to divide a LAN to different small LANs (VLANs), limiting the broadcast traffic and making the network more manageable.
![Page 20: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/20.jpg)
Method
• Each provider belongs to a VLAN.
![Page 21: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/21.jpg)
Method
• Each provider belongs to a VLAN.
• Users connect to a “VLAN changer” to switch between ISPs.
![Page 22: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/22.jpg)
Method
• Each provider belongs to a VLAN.
• Users connect to a “VLAN changer” to switch between ISPs.
• A server side software called vpch is used to change VLANs on each port on the Dynarc 1124 routers.
![Page 23: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/23.jpg)
Method
• Each provider belongs to a VLAN.
• Users connect to a “VLAN changer” to switch between ISPs.
• A server side software called vpch is used to change VLANs on each port on the Dynarc 1124 routers.
• The “VLAN changer” provides vpch with the information necessary.
![Page 24: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/24.jpg)
Method
• Each provider belongs to a VLAN.
• Users connect to a “VLAN changer” to switch between ISPs.
• A server side software called vpch is used to change VLANs on each port on the Dynarc 1124 routers.
• The “VLAN changer” provides vpch with the information necessary.
• The oasis software is used to authenticate and open the firewall on the providers side.
![Page 25: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/25.jpg)
Same Machine
Dynarc 1124
Dynarc 1124
Dynarc 1124
Dynarc 1124Dynarc 1124
Dynarc 1124
mdtm0VLAN (1,2,10,100)
Dynarc 5116
DHCP Server
Auth & Vlan Changer
Vlan 1
Vlan 2
Vlan (10,100)
Vlan 1
Vlan 2
DHCP Server & Auth
DHCP Server & Auth
SSVL
KTH
Firewall
Firewall
Electrum
KistaIP
![Page 26: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/26.jpg)
The main components of the KistaIP neutral network
• Auth and VLAN changer.
• DHCP and Auth machine on the providers side
![Page 27: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/27.jpg)
Auth and VLAN changer
• DHCP to provide a private network (VLAN 100) for the students where they are able to use to change ISPs.
![Page 28: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/28.jpg)
Auth and VLAN changer
• DHCP to provide a private network (VLAN 100) for the students where they are able to use to change ISPs.
• A database to provide the vpch with information on each user, as well as for security reasons.
[Password, lgh, building, room, MAC, router (IP), interface, oldvlan]
![Page 29: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/29.jpg)
Auth and VLAN changer
• DHCP to provide a private network (VLAN 100) for the students where they are able to use to change ISPs.
• A database to provide the vpch with information on each user, as well as for security reasons.
[Password, lgh, building, room, MAC, router (IP), interface, oldvlan]
• A second database with information about the ISPs.
[isp (name), vlan, ip (redirection page)]
![Page 30: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/30.jpg)
Auth and VLAN changer
• DHCP to provide a private network (VLAN 100) for the students where they are able to use to change ISPs.
• A database to provide the vpch with information on each user, as well as for security reasons.
[Password, lgh, building, room, MAC, router (IP), interface, oldvlan]
• A second database with information about the ISPs.
[isp (name), vlan, ip (redirection page)]
• The vpch application, which connects to the routers and changes the VLAN on users port.
![Page 31: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/31.jpg)
Auth and VLAN changer
• DHCP to provide a private network (VLAN 100) for the students where they are able to use to change ISPs.
• A database to provide the vpch with information on each user, as well as for security reasons.
[Password, lgh, building, room, MAC, router (IP), interface, oldvlan]
• A second database with information about the ISPs.
[isp (name), vlan, ip (redirection page)]
• The vpch application, which connects to the routers and changes the VLAN on users port.
• An Authentication mechanism.
![Page 32: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/32.jpg)
Auth and VLAN changer
• DHCP to provide a private network (VLAN 100) for the students where they are able to use to change ISPs.
• A database to provide the vpch with information on each user, as well as for security reasons.
[Password, lgh, building, room, MAC, router (IP), interface, oldvlan]
• A second database with information about the ISPs.
[isp (name), vlan, ip (redirection page)]
• The vpch application, which connects to the routers and changes the VLAN on users port.
• An Authentication mechanism.
• A registration form to register new users.
![Page 33: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/33.jpg)
ISP side configuration
• An authentication protocol (e.g. kerberos, radius).
![Page 34: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/34.jpg)
ISP side configuration
• An authentication protocol (e.g. kerberos, radius).
• Web based authentication forms.
![Page 35: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/35.jpg)
ISP side configuration
• An authentication protocol (e.g. kerberos, radius).
• Web based authentication forms.• The Oasis software package:
Provides a mechanism for authentication.
Opens and closes firewall rules.
Ability to detect inactive users.
Support many kinds of authentication protocols by using PAM (Pluggable Authentication Modules).
![Page 36: The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments](https://reader036.vdocuments.site/reader036/viewer/2022062421/56649e115503460f94afd0d5/html5/thumbnails/36.jpg)
Same Machine
Dynarc 1124
Dynarc 1124
Dynarc 1124
Dynarc 1124Dynarc 1124
Dynarc 1124
mdtm0VLAN (1,2,10,100)
Dynarc 5116
DHCP Server
Auth & Vlan Changer
Vlan 1
Vlan 2
Vlan (10,100)
Vlan 1
Vlan 2
DHCP Server & Auth
DHCP Server & Auth
SSVL
KTH
Firewall
Firewall
Electrum
KistaIP