Friday, January 12, 2007

University Accommodation Network Design

I have been in the process of designing the network topology and enacting it within a Mikrotik RouterOS 2.9.38 configuration. It has been an interesting exercise since its not everyday you get to design a new Internet access system around a quality physical infrastructure.

The Universityhas a Cisco switched network throughout the on-campus student accommodation campuses. This entails Catalyst 29xx and 3550 switches running VLANs and trunked into a route/switched core network.

Particulars about the environment:
  • 100Mbit to each room, 1Gbit between campuses
  • Each campus has approximately 300 units - a total of 950 units
  • There are two VLANs per campus
What I have planned is to trunk the VLANs into two 1Gbit/s ports on a Eber230, three VLANs per port. Then create three bridge interfaces corresponding to each campus and add the appropriate VLAN pair to each bridge. I will deny forwarding on all bridges to force routing. Then I can apply services to each bridge as per normal - in this case a Hotspot and a PPPoE Server.

This will give the guests an option of using the Hotspot or the PPPoE service to connect. I would expect most will use the Hotspot given its simplicity however there will be the power user who will want to run a 24x7 connection using a broadband router, possibly wishing to have a public IP to run other services.

I have modified the plan and I will now use three servers - one per campus. The main reason for this is to simplify the configuration on each of the servers and provide better resources to each campus. The VLANs will still be in place however I will still need to use a bridge on each to combine the two to offer both a hotspot and a PPPoE service too. Running both a Hotspot and a PPPoE service on the one interface is generally frowned upon - I will investigate the inclusion of a single PPPoE server that services all three campuses.

Network Topology including services Revision 5:

Network Topology including services Revision 2:

Network Topology including services Revision 1:

Friday, January 05, 2007

Nifty WiFi Configuration for RouterOS 2.9.38

An unusual situation prompted me to create a rather elaborate WDS configuration between three APs. Originally it was meant to be a simple AP with two clients, the clients would be configured as wireless bridges using WDS. However one of the two clients ended up not having good line of site back to the AP, so I had to get creative and create another WDS link that bounces of the other client, while preserving the important services...

Each AP/Client has three interfaces - 1 Ethernet, 1 CM9 and 1 SR5. Originally the SR5's where meant to connect to each other (AP/Clients) and the CM9's were there for backup/hotspot access. The Ethernet ports connect to the LAN/PPPoE network at each client site.

Basically I created a Virtual AP on the "Varsity" hotspot interface and turned on WDS, made it so that it adds WDS interfaces to the 'Backbone' bridge, which is shared with the ethernet and SR5 interfaces. This way the normal Hotspot AP can continue to function as normal although the interface will be under extra load.

Then on "The Village" hotspot interface I set its primary role to 'station wds' and created a VirtualAP to run its hotspot onto. This allows me to maintain the hotspot on this interface.

However the direct link back to the AP worked fine, so the link between the two clients was set up on STP for auto-failover.