From 23C3 Public Wiki

Contents 1 23C3 Network Operations Centre 1.1 Introduction 1.2 Latest Updates 1.3 Network 1.3.1 General 1.3.2 Wired 1.3.3 Wireless 1.3.4 Servers 1.3.5 Layout 1.3.6 Statistics

23C3 Network Operations Centre

Introduction

Unfettered high-speed Internet access at 23C3 is available via both wired and wireless networks. In the event of any network emergency, network outage or questions, contact the NOC-Helpdesk. Please see below for further information about the NOC.

Latest Updates

• Network is up and running
• IPv4 and IPv6 available everywhere
• Multiple uplinks active
• Switches and wall sockets active throughout the whole building.

Network

General

Your computer, should you choose to accept this mission and bring it along, will be able to obtain IP addresses via DHCP and IPv6 RS/RA.

In order to facilitate a smooth functioning of the network, please adhere to the following dos and don'ts:

• Do run up-to-date software on your computer. If you don't, you risk losing control over your equipment and it being used for nefarious purposes.

• Do not run a DHCP server.

• Do not run portscans on our subnets. This creates excessive traffic on the local network and unnecessary load on our switches and routers.

• Do not run portscans or otherwise try to gain unauthorised access to outside networks. This leads to abuse complaints and worse.

Wired

Switches will be provided at strategic locations. You can plug your equipment into them.

Please adhere to the following:

• Do bring your own switch (if you can)! Especially if you want to take up a spot in the Hackcenter.

• Do not disconnect, take, spill drinks over, monopolise or otherwise interfere with any switch provided by the organisation.

Wireless

The wireless network is again sponsored by Aruba Networks, providing full coverage in the 802.11a/h LM band and 802.11b/g coverage on channels 1 and 6. Channel 10 is dedicated to Mesh/OLSR (freifunk.net).

• Do not bring your own access point! It will interfere with the network provided by the organisation. Unless you're part of the OLSR community (only on channel 10). We're able to locate and remotely disable such rogue access points.

• Do not configure your computer to create any Ad-Hoc network. Again, this interferes with all existing networks and will prevent others from successfully connecting.

• Do use as little bandwidth as possible while connected to the wireless network. If you have something big to download, please find a wired network patch. Quit your filesharing applications such as BitTorrent and mldonkey. The wireless network is available for many more users if per-user bandwidth use remains low. The NOC may have to resort to traffic shaping or even refusing access to users or not to carry certain types of traffic if warranted.

• If your WLAN NIC can do 5GHz (802.11a), please use this option. You will be rewarded with more bandwidth in a less crowded piece of spectrum.

• Safety Notice: All WLAN traffic will be unencrypted! Everybody can sniff it! Please make shure you don't reveal passwords or more to the WLAN. Also make sure your WLAN drivers have been updated to newest available version. Some of them (Centrino, Netgear, D-Link, Apple, MadWiFi) have known buffer overflows. A few of those are remotely exploitable (see the Metasploit Project), so be careful out there!

• Known Problems: Access points seem to appear and disappear all the time - signal strength changes!

Servers

If you have a server you want connected, please contact the organisation. We can provide a dedicated 1000baseT or 10GE port (bring your own XFP optics!).

There will be a wiki page where you can list your server if you want to share its (legal) contents with the other participants.

Layout

The edges of the network are formed by several tens of 24/48-port Ethernet switches. These switches connect to the core router either directly or via aggregation switches with multiple GigabitEthernet or 10GigabitEthernet uplinks, such as the Force10 S50 and E300.

The heart of the network is a Foundry Networks BigIron RX-8. It routes IPv4 and IPv6 between the edge layer and the external gateways. It has a multitude of interfaces, ranging from 10GE XFP ports via SFP slots to 1000baseT.

Transit to the Internet at large is provided via Force10 E300, Juniper M10 and Cisco 7600 routers to a variety of networks that provide dark fiber, a partial or full routing table to us:

Cogent KPN MESH D-Hosting ECIX.DUS Netsign Versatel

Statistics

found here:

• http://89.22.1.53/mrtg/overview.html
• http://89.22.5.45/mrtg/
• http://89.22.1.12/pdns/

Personal tools

Overview | Schedule | Tickets | Support | Contact