OASIS – Open Access Server In Subnet Communication Systems Design 2002 KTH OASIS – Open Access Server In Subnet.

OASIS – Open Access Server In Subnet

Communication Systems Design 2002 KTH

OASIS – Open Access Server OASIS – Open Access Server In SubnetIn Subnet

OASIS – Open Access Server In SubnetCommunication Systems Design 2002 KTH

Agenda of the presentationAgenda of the presentation

• The project team’s members

• Open Access Networks’ background

• Existing system

• Team achievements

• Project management

• Conclusions

• Questions and answers

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


Who we areWho we are

• Adrian Mahdavi

• Ke ”Kurt” Chen

• Staffan Dahlberg

• Yidan ”Edward” Zhou

• Gilles Grandfils

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


Open Access Network Open Access Network ConceptConcept

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A

ISP'S

Internet

ISP'S

Internet

Operator-neutral network !Traditional architechture


OASIS’ positionOASIS’ position

Goal : To scale (extend via subnetting, in terms of the amout of networks and users connected, with the least loss of performance) an existing Open Access Network.

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A

The existing systemThe existing system design design

Ethernet

Firewall

Access Point

WLan User

DHCP Relay

Internet

WLan UserWLan User

Open Access Server Network

configurationServer

MACdb

Internet Service Provider

AccessServer

DHCP Server

DHCP Server

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A

Why does it need to be Why does it need to be expanded ?expanded ?

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A

• Open.Net in It-university is expanding,

Open.Net concept will cover Kista gallerian, Kista etc.

• More WLAN:s

• More ISP connections

• More different user types


How to expand ?How to expand ?

•Expand the access network by routers

No (need MAC)

•Expand the access network by Ethernet expansion?

No (local broadcast flooding)

•Replace the current access control with access control applications?

No (extra client-end software)


Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A

How to solve the problem ?How to solve the problem ?

Multiple options could be used• Packet marking, tokens

• IPv6

• PPP over Ethernet

• VPN


Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A

Two possible solutionsTwo possible solutions

• Ethernet over IPMake a tunnel between routers, directly send Ethernet frames to the backbone.

• Authentication in subnetThe router in the subnet acts as a firewall. Trust relationship with the ISP’s firewall.


Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A

Our choiceOur choice

Ethernet over IPThere will be problems with all solutions, this solution should have the least problems.

Advantages :

• Easy network system configuration

• Controlled broadcasting flooding by our “magic”


Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A

The designThe designDHCPrelay

Accessrelay

Fire wall

Internet

DHCP server in ISP

Router

Router

Access Point

Client

AccessServer

AccessSubnet

AccessBackbone

GRE IP TunnelIP net

Wireless

GREIP

tunnel

bridging

bridging

Broadcast

ARP phantom DHCP relay

MACData

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A

Limitations of the designLimitations of the design

• Users can not actively open a connection to backbone or non Ethernet over IP subnets.

• Broadcast messages in the backbone may flood the subnets.


Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


Time planTime plan

PlanningPlanning

jan feb mar apr maj

Literature studyLiterature studyDesignDesign

ImplementationImplementationTestingTesting

Techn. Ref.Techn. Ref.ReleaseRelease

Pres.Pres.

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A Mid-termMid-term


FFeedback of the planningeedback of the planning

• Good to divide responsibilities

• Including optional goals

• Not enough checkpoints

• More time for deliverables

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


Encountered problemsEncountered problems

• Communication:

• Means of communication

• Individualism:

• Divergent expectations on the project

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


Used solutionsUsed solutions

Communication:• Use the right means of communication

• Use a more direct way (phone / private meetings)

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


Used solutionsUsed solutions

Individualism:

• First we used an organic structure

Creative but messy

• More mechanical structure needed

Organized but constrained

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


Things learntThings learnt

• Communication is the key

• Find a good trade-off between organic and mechanical structures

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


Things to share with other Things to share with other groupsgroups

• Strong knowledge about Open Access Server

• Particularly about involved techniques (GRE tunnelling, Ethernet over IP etc)

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


Things needed from other Things needed from other groupsgroups

• Requirements from ISP:s, CSP:s and users for future work.

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


What you should rememberWhat you should remember

• Scalable Operator-neutral Access network

• Technique : Ethernet over IP

• Management : Trade-off between Organic & Mechanical group structure

Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A


Question & AnswersQuestion & Answers

Now, It is time for discussion !Introduction

Background

Existing system

Solution

Management

Conclusions

Q & A

Your questions !

or ...

Hot Topics :

• Management details

• Systems’ login scenarios

• Security issues

Tech Notes for Q&ATech Notes for Q&A


Notes: System Component Notes: System Component DefinitionDefinition

•Registration(Configure) server: Provide service for registration end-user ISP preference

•DHCP relay: Provide dynamic end-user IP address configuration according to the user’s ISP configuration.

•Dynamic Filtering Firewall: Control the traffic flow from the open access network to ISPs according to the combination of end user’s MAC and IP

•Access Server: According to the user’s registration, send control request to filtering firewall and detect the online status of end users

•MAC-ISP DB server: store the user’s ISP preference and related mapping information

Question&

Answer(Tech)


Notes: System Function Notes: System Function ViewView

Regi st ( Configur e) ser ver

DHCP r el ayAccessser ver

MAC- I SP DBLocal DHCP

ser verI SP DHCPser ver

Aut hent i cat ion

ser ver

Cl i ent

Fi l t erfi r ewal l

Qusetion&

Answer(Tech)

Notes: Solution Design Notes: Solution Design OutlineOutline

• Use Ethernet over IP to connect the access subnet and the backbone.

• Prevent broadcasting from subnet to backbone.

• Allow broadcasting from backcone to subnet.

• Each access subnet has an address server that responds to ARP requests for IP addresses of well known services (public services and ISP firewall).

• Each access subnet has a DHCP relay


Question&

Answer(Tech)


Notes: Solution ScenarioNotes: Solution Scenario

CentralCentral DHCPDHCP replayreplay

Access RelayAccess Relay

Subnet DHCPSubnet DHCP replayreplay

ISPISP DHCPDHCP ServerServer

AccessAccess ServerServer

DefaultDefault DHCPDHCP ServerServerMAC-ISP DBMAC-ISP DB

ISP Authen ISP Authen ServerServer

UserUserARP phantomARP phantom

Fire WallFire WallQuestion&

Answer(Tech)

Management Notes for Q&AManagement Notes for Q&A


Notes: Keys of teamworkNotes: Keys of teamwork

• Because a team is not just a set of individuals put together

• Aim: guide the group’s production to meet the best efficiency

Question&

Answer(Manage)


Notes: Project Notes: Project AchievementAchievement

Goals until mid-term• Project plan

• Literature study paper

• Lessons learned paper

• Proposition of design

Results = All achieved

Question&

Answer(Manage)


Notes: Next Step Notes: Next Step

• Complete the design

• Implementation in test bed

• Testing

• Optional – Technical refinements

Question&

Answer(Manage)


Notes: Project Time Usage Notes: Project Time Usage PlanPlan

hourshours

400400

800800

12001200

JanJan FebFeb MarMar

Question&

Answer(Manage)

OASIS – Open Access Server In Subnet Communication Systems Design 2002 KTH OASIS – Open Access Server In Subnet.

Documents

kthoasis open access

magicoasis open access

subnetoasis open access

existing open access

design users

current access control

access control applications

opennet concept