IC-LeSC (10 Questions)
Provide the name and contact details of your local (Departmental) and Institutional network support staff.
- My Departmental network support contact is: Stuart McRobert et al, Computing Support Group: help at doc.ic.ac.uk
- My Institutional network support contact is: Phil Mayers et al, Imperial College ICT Network Infrastructure Group: servicedesk @ imperial.ac.uk
(Public CSG contact details available at http://www.doc.ic.ac.uk/csg/contact)
(Private ICT contact details available at https://www.imperial.ac.uk/spectrum/ict/ict/who/phonebookint/external/displaymembers1.asp -- restricted to Imperial College personel.)
Provide details of the responsibilities, together with the demarcation of those responsibilities, of your local and Institutional network support staff.
- The departmental contact is responsible for:
* Providing routing connectivity between ICT and LeSC. * Security monitoring infrastructure: Goldeneye packetlogger. * DNS: Provides doc.ic.ac.uk authoritative DNS servers.
- The institutional contact is responsible for:
* Providing connectivity between JA.net and the department. * Implements boundry firewall between JA.net and the department. * DNS: Provides imperial.ac.uk, ic.ac.uk authoritative DNS servers.
What is a Regional Network Operator (RNO), and why does this matter to you?
- An RNO is:
"A Regional Network Operator is an organisation that operates a regional network and holds a contract with UKERNA for the delivery of JANET services to those organisations which receive PRIMARY connections via the regional network."
The Regional Network Operator that services Imperial College is the London MAN (Metropolitan Area Network): http://www.lmn.net.uk/.
- I care because:
* They provide connectivity between regional institutions and provide the link between the local institutions and Ja.net.
What is SuperJANET4? And more importantly what is SuperJANET5?
- SuperJANET4 is: The current implementation of the Ja.net network. It's function is to link the different regional network operators to each other with fast data connections.
- SuperJANET5 is: The next implementation of the Ja.net network.
Questions 5, 6, 7 and 9 (part)
5: Draw a simple diagram showing your local (Departmental) network and sufficient of your Institutional network such that you can trace a line from your end-system to the connection from your Institutes network into the RNO infrastructure.
London e-Science Centre Department of Computing Imperial College ICT =========================== =============================================== ========================= [ 254 ] --- [ 252 ] ---- [ Black Diamond 6800] ___ [ Black Diamond 10k ] ___ <nebulous cloud here> [ 146.169.*.222 ] [ 146.169.*.223 ] 1Gbit? 1Gbit? 10Gbit 1Gbit
6: On the diagram produced in answer to Question 5, show the capacity of each link in the network and provide a note against each link of its contention ratio.
7: On the diagram produced in answer to Question 5, colour and distinguish the switches and routers and for each device provide a note of its backplane capability.
9.x: On the diagram produced in answer to Question 5 colour in the firewall(s) (or other security devices).
(upload an image via http://wiki.gridpp.ac.uk/wiki/Special:Upload)
What is the average and peak traffic flow between your local (Departmental) network and the Institutional network?
- Average traffic:
- Peak traffic:
TODO: Ask CSG for Goldeneye stats.
What is the average and peak traffic flow between your Institutional network and the RNO?
- Average traffic:
- Peak traffic:
TODO: Ask ICT..
What is the total capacity of your Institutional connection to the RNO?
- Our total capacity is: 1 Gbit.
What are the upgrade plans for your local (Departmental) network; your Institutional network and the network run by the RNO?
- Departmental plans: Experiment with 10Gbit/copper, 100Gbit/fibre when it becomes available.
- Institutional plans: Unknown. (TODO: Ask.)
- RNO plans: Unknown. (TODO: Ask.)
Do you believe in IS Security? Does your Institute believe in IS Security?
- I'm a believer: YES/NO
- We're collective believers: YES/NO
(TODO: WTF is "IS" Security? The term is not defined!)
Do you believe in firewalls? Does your Institute believe in firewalls?
- I'm a believer:
YES/NO They tend to get in the way. Ideally, you'd live without them -- but this requires sufficient control over your infrastructure.
- We're collective believers: YES/NO Unknown, but they use them. (They have much less control over our infrastructure than we do.)
Provide information of how changes are made to the rule set of the firewall.
- Firewall rules are changed by:
* There are multiple firewalls: ICT, CSG, LeSC. * They are all managed by their respective owners.
Provide a note of the capacity of this device and what happens when that capacity is exceeded.
- The capacity is:
- When it goes over-capacity, the following happens:
Extra note: The Goldeneye boundry packet logger also has a maximum logging rate. When this rate is exceeded, not all information going over the wire is recorded.
What is the best performance you can achieve from your end-system to an equivalent system located in some geographically remote (and friendly!) Institute?
- Best performance is:
For your end-system: In principle, 1Gbit sec.
- Do you understand the kernel, the bus structure; the NIC; and the disk system?
- I understand: YES/
(There are degrees of understanding; don't ask me _too_ many detailed questions..)
- Do you understand TCP tuning and what it can do for you?
- I understand:
(Again, there are degrees of understanding. I know that it can have a significant impact depending on the current configuration, but I'd want to read up on the subject first before making any decisions..)
- Do you understand your application and what it can do to your performance?
- I understand: YES/NO
(Uh, _what_ application? I don't have (only) one in this context..!)