RE: Internet Bandwidth Capacity and Management in general
Hello Bill We have a total of 6000 student rooms connecting to our core over a number of 1Gb leased lines. These feed into a Cisco 6509 which aggregates the data and connects to our firewall through a 10Gb connection. The traffic is passed through a Tipping Point device prior to being passed out of the firewall and into the internet on a single 1Gb connection. The Tipping Point is primarily used for P2P policing. Each user is limited to 4Mb down and 1Mb up, implemented through per-user microflow policing on the 6509. We have had a maximum of 732Mb being generated from the residences, with the daily average being 385Mb. Regards Bryn Bryn Jones ISS Network Development Rm 8.01e Computer Block University of Leeds Woodhouse Lane Leeds LS2 9JT 0113 343 7055 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of William Emmel Sent: 03 December 2009 13:17 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Internet Bandwidth Capacity and Management in general I'm looking for some information to help us baseline and level set. We currently have two 100Mb diverse Internet connections. We have about 3500 students in our campus residence village and another 500 at remote residences. The individual residences each have a 10Mb fiber back to the campus but that's a discussion for a different day. Most of the wired and wireless traffic from the on campus residence halls is directed to one of the 100Mb links while admin, faculty and some other small student population uses the other. We use Packeteer to rate limit and the two links are pretty much maxed out for a good part of the day and night. I'm curious at to what bandwidth some of the other universities have and also what type of management policies and techniques people are using. Thanks. Bill William F. Emmel Director of Network and Communications Services St. John's University - New York Office 1-718-990-2007 Mobile 1-516-647-7624 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Upgrade to N
Bruce, We here at Liberty University have just finished moving our wireless ^ NAC. Our old system used Cisco 1231 802.11b/g autonomous APs, WLSE (attempted) Cisco Clean Access. We evaluated tested our options for more than a year. The major vendor offerings that we evaluated in depth were from Cisco and Aruba Networks. We chose Aruba ECS (based on Bradford Campus Manager) for NAC, Aruba's AP-125 N APs, and Aruba's Airwave product for wireless management. We are now starting to deploy their new AP-105 N APs in select locations. We did a one for one replacement in some of our dorm areas. In other areas, we deployed APs based on a survey since our old coverage was a nightmare. We primarily used simulation / planning software for the surveys. Follow-up spot checks helped verify our service. We monitor AP usage and reclaim some under used APs and augment coverage in areas with over-used APs. We now tunnel our Guest SSID to a DMZ on our network edge. This provides a firewall between guests our internal network. This summer, we deployed multicast IPTV over wireless using Video Furnace (A press release is at http://www.marketwire.com/press-release/Aruba-Networks-Inc-NASDAQ-ARUN-1069662.html). Aruba's support has been great. Due to the density of APs per controller (They handle up to 512 APS) and other issues, there have been some technical challenges, but Aruba has patched these issues very quickly. They are very customer focused. All customers have the information to directly contact their Global Director of Support, if needed. He also reads responds to the feedback surveys after a ticket is completed. It has been a hectic year. We now have almost 12000 resident students and over 700 APs deployed. We still have a couple of pockets of our old wireless that we will eliminate as time budget permit. Feel free to contact me off-line for further details. Bruce Osborne Network Engineer Liberty University From: Entwistle, Bruce [mailto:bruce_entwis...@redlands.edu] Sent: Thursday, December 03, 2009 3:04 PM Subject: Upgrade to N We are currently looking at upgrading our current Cisco 1200 autonomous APs, with WLSE management to a new wireless N network. The new vendor has yet to be determined. I was looking to learn from others who have made a similar migration how the move to N changed AP deployment? Was it a simple one for one replacement where you were able to install the new APs in the same location as the previous APs, eliminating the need for additional cabling? Was a new wireless survey conducted, requiring different AP locations? Please let me know what your experience has been. Thank you Bruce Entwistle Network Manager University of Redlands ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Upgrade to N
When we installed N wireless in our dorms, we kept in mind that not everyone is n capable - b,g is by far the more predominant wireless mode. So spacing access points based on N surveys would have provided potentially weak signals for many of our dorm residents. Knowing that, we've installed Cisco 1231 APs in 9 dorms using a b,g placement strategy. Works very well for us and have had no problems with Cisco WCS, controllers or APs. On the campus side we've started swapping one-for-one.. Kevin Semrau Millersville University www.millersville.edu From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Entwistle, Bruce Sent: Thursday, December 03, 2009 3:04 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Upgrade to N We are currently looking at upgrading our current Cisco 1200 autonomous APs, with WLSE management to a new wireless N network. The new vendor has yet to be determined. I was looking to learn from others who have made a similar migration how the move to N changed AP deployment? Was it a simple one for one replacement where you were able to install the new APs in the same location as the previous APs, eliminating the need for additional cabling? Was a new wireless survey conducted, requiring different AP locations? Please let me know what your experience has been. Thank you Bruce Entwistle Network Manager University of Redlands ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Tipping Point IPS and Aruba Wireless Performance
Yes, we ran into this exact issue. The problem is related to the fact that some of the GRE traffic is fragments which Tippingpoint has a (at least when we ran into it) undocumented rate-limit for all fragments. Removing this limit solved our problems. Thanks! David On Dec 2, 2009, at 2:56 PM, Firsdon, Michael wrote: Hello all, we recently started deploying a few Aruba 125 access points and series 6000 controller which runs 3.2.2.22 code on its m3 modules. While doing some initial testing we encountered very poor performance numbers (like 2-4mb) when running some of the typical speed tests that are out there. After placing one of the ap 125’s on a segment that was not being inspected by a tipping point IPS unit the performance was more in the 60-80mbs range which is consistent with what we see on our other campus which does not have these units in place. We suspect the IPS unit is taking the GRE tunneling traffic that the access point is trying to use to communicate with its controller and going “deep” within it creating the latency we are seeing. When I put the IPS unit in a layer 2 fallback mode the traffic when through flawlessly. My question is has anyone seen this behavior before and if you have what did you do in order to resolve the issue? Any help would be greatly appreciated. We are currently working with tipping point support on this issue as well. Thanks! Michael J. Firsdon The University of Toledo Network Engineer III / Team Lead michael.firs...@utoledo.edumailto:michael.firs...@utoledo.edu Office Phone: 419.530.3962 Office Fax:419.530.3643 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Tipping Point IPS and Aruba Wireless Performance
This same issue drove us crazy for a while! We first blamed it on Aruba ;-) We still make the GRE tunnel go through our typing point but have created an exception that ignores IP addresses of APs. Philippe Hanset Univ. of TN On Dec 4, 2009, at 12:14 PM, David Sinn wrote: Yes, we ran into this exact issue. The problem is related to the fact that some of the GRE traffic is fragments which Tippingpoint has a (at least when we ran into it) undocumented rate-limit for all fragments. Removing this limit solved our problems. Thanks! David On Dec 2, 2009, at 2:56 PM, Firsdon, Michael wrote: Hello all, we recently started deploying a few Aruba 125 access points and series 6000 controller which runs 3.2.2.22 code on its m3 modules. While doing some initial testing we encountered very poor performance numbers (like 2-4mb) when running some of the typical speed tests that are out there. After placing one of the ap 125’s on a segment that was not being inspected by a tipping point IPS unit the performance was more in the 60-80mbs range which is consistent with what we see on our other campus which does not have these units in place. We suspect the IPS unit is taking the GRE tunneling traffic that the access point is trying to use to communicate with its controller and going “deep” within it creating the latency we are seeing. When I put the IPS unit in a layer 2 fallback mode the traffic when through flawlessly. My question is has anyone seen this behavior before and if you have what did you do in order to resolve the issue? Any help would be greatly appreciated. We are currently working with tipping point support on this issue as well. Thanks! Michael J. Firsdon The University of Toledo Network Engineer III / Team Lead michael.firs...@utoledo.edu Office Phone: 419.530.3962 Office Fax:419.530.3643 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
