The issue here is that students are here to do academic work, and the network needs to support that first. But I think that while they are doing that academic work they are still... here. This is their home, and we can't forget that. If it were just another corporate network we would do things like block all ports except 80 and a few friends and be done with it.
To those who feel like grouping by residential area can't be done, I say you haven't tried hard enough. We're small enough here that it's not a problem for me personally, but I have visited much larger campuses where this problem is solved. If residence halls themselves are too large, group it by floor or wing. It does require more work up front getting the settings right for features like vlan tunnelling with roaming, but once you've got it done right the first time it doesn't take anything more keeping it there. I sympathize with those trying to avoid NAT. That makes this much harder, but I think it is still doable. It may be that you need a separate SSID that serves out non-routable IPs to those wanting to use bonjour. And as for bonjour/mDNS itself -- my opinion is that it's a great streaming pile of a protocol that Apple never should have put into production, but they did and so now I get to support it, at least in the sense where it's not specifically forbidden. Joel Coehoorn IT Director York College Nebraska 402.363.5603 On Fri, Jun 24, 2011 at 9:05 AM, Johnson, Neil M <neil-john...@uiowa.edu>wrote: > Even on on our wired side we have multiple L2 networks in the same dorm > building. Our dorms are substantially bigger (800+ residents). When you > only have two /16's for the entire campus and a desire not to do NAT, you > have to make compromises. > > In addition, most of our dorms are right next to other academic buildings, > so we have intra-building roaming to worry about. That can result in more > complaints about connectivity issues than complaints about Bonjour not > working. > > We have had some people expect to have Bonjour work between wired and > wireless networks and have had to explain how that wasn't going to happen. > > -Neil > > -- > Neil Johnson > Network Engineer > The University of Iowa > Phone: 319 384-0938 > Fax: 319 335-2951 > Mobile: 319 540-2081 > E-Mail: neil-john...@uiowa.edu > > > > > > > On 6/23/11 1:53 PM, "Jeffrey Sessler" <j...@scrippscollege.edu> wrote: > > >Bruce, > > > >I'm not sure I'm advocating large wireless networks at all... At the > >minimum, ensuring a given user's devices are all in the same L2 network > >doesn't change your desire to use smaller /23 subnets, it only requires > >additional back-end support to ensure those devices are placed together. > >Probably more work for IT staff, and potentially less efficient IP pool > >use, but I'd argue it will provide a better customer experience. > > > >Even the desire to group devices within a given residential hall together > >doesn't mandate a change in the size of your subnets, although I suspect > >that would depend more on the size of your housing units. Our residential > >halls are 80-100 beds, so an easy fit within smaller subnets. > > > >Jeff > > > >>>> "Osborne, Bruce W" <bosbo...@liberty.edu> 6/23/2011 5:32 AM >>> > >Jeff, > > > >Large wireless subnets increase airtime consumed by broadcast traffic. > >That is why we use a VLan pool of /23 subnets. > > > >The clients are distributed automatically based on a hash of the mac > >address & the number of subnets in the pool, so we cannot easily control > >which subnet a user gets. > > > >Changing the number of subnets in the pool recalculates everybody's > >subnet too, so we make sure we have plenty of capacity. > > > > > >Bruce Osborne > >Wireless Network Engineer > >IT Network Services > > > >(434) 592-4229 > > > >LIBERTY UNIVERSITY > >40 Years of Training Champions for Christ: 1971-2011 > > > > > >-----Original Message----- > >From: Jeffrey Sessler [mailto:j...@scrippscollege.edu] > >Sent: Wednesday, June 22, 2011 4:30 PM > >Subject: Re: iOS devices on wireless > > > >Bruce, > > > >You could, by any number of technical solutions, ensure that students > >within a given residential space were all on the same L2 network. That is > >to say, if a given residence hall is made up of 200 students, then it's > >not technically difficult to ensure all the residential wireless devices > >within that area are placed in the same VLAN. Or, at a minimum, to ensure > >that a user's device(s) will always be in the same L2 network so that > >they can see each other. If one can't do that, then I wouldn't consider > >the wireless solution to be very flexible, especially given the trend in > >devices wanting/needing to talk to each other. > > > >On my campus, students spend four years of their life in what we consider > >a residential setting, and it seems only logical to me that the > >experience should, to the extent possible, mimic home life. That is, it's > >reasonable to me to expect a student's wireless devices to see each > >other, and that they should be able to share/collaborate with the other > >users within their residential hall. > > > >I know that if I was back in college, I'd expect that level of > >functionality, and If it wasn't there, I'd probably make it happen using > >my own gear... exactly what you don't want happening. > > > >Jeff > > > > > >>>> "Osborne, Bruce W" <bosbo...@liberty.edu> 6/22/2011 4:55 AM >>> > >We here at Liberty University have about 8000 students in our residences, > >the vast majority using wireless. > > > >That would be a *huge* L2 network. > > > >Bruce Osborne > >Wireless Network Engineer > >IT Network Services > > > >(434) 592-4229 > > > >LIBERTY UNIVERSITY > >40 Years of Training Champions for Christ: 1971-2011 > > > >-----Original Message----- > >From: Jeffrey Sessler [mailto:j...@scrippscollege.edu] > >Sent: Tuesday, June 21, 2011 3:05 PM > >Subject: Re: iOS devices on wireless > > > >Mike, > > > >I take it you are not able to reference housing data and then place all > >students/student devices from the same residential hall into the same > >VLAN? > > > >Jeff > > > >>>> Michael Dickson <mdick...@nic.umass.edu> 6/21/2011 11:18 AM >>> > >On Jun 21, 2011, at 2:04 PM, Jeffrey Sessler wrote: > > > >> My belief is that a student should be able to have a similar experience > >>when in a residential hall as they would at home. That requires > >>supporting everything under the sun including Bonjour. > > > >Unfortunately our enterprise network is sufficiently different enough > >that the user cannot have a similar experience as they would at home. > > > >At home all of their devices are segregated in an L2 network. All their > >neighbors devices are in their own L2 network, etc. They can browse and > >discover all the devices in their house but not (hopefully) the devices > >in their neighbors. Here at UMass their L2 domain is huge and includes > >mostly unknown devices. Plus, thanks to vlan pooling, it is likely that > >all of their devices are not in the same L2 subnet. So the "similar to > >home" experience is not a reality for us. > > > >Personally I think students should not think of an enterprise network as > >similar to their home network. That's a dangerous concept given most > >students turn on every sharing feature and protocol they can find at home > >- with relative (L2) protection from the outside world - in an effort to > >make all of their music and videos work in harmony across all devices. > > > >My understanding is that Bonjour only discovers devices at L2, not across > >L3. If that is correct and our enterprise wireless network offers no less > >than a dozen L2 networks per SSID in a vlan pool configuration (Aruba), > >then users aren't discovering their devices in most cases anyway. > > > >-Mike > >********** > >Participation and subscription information for this EDUCAUSE Constituent > >Group discussion list can be found at http://www.educause.edu/groups/. > > > >********** > >Participation and subscription information for this EDUCAUSE Constituent > >Group discussion list can be found at http://www.educause.edu/groups/. > > > >********** > >Participation and subscription information for this EDUCAUSE Constituent > >Group discussion list can be found at http://www.educause.edu/groups/. > > > >********** > >Participation and subscription information for this EDUCAUSE Constituent > >Group discussion list can be found at http://www.educause.edu/groups/. > > > >********** > >Participation and subscription information for this EDUCAUSE Constituent > >Group discussion list can be found at http://www.educause.edu/groups/. > > > >********** > >Participation and subscription information for this EDUCAUSE Constituent > >Group discussion list can be found at http://www.educause.edu/groups/. > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
