Case Study of RSU-CAN

(Pt. Ravishankar Shukla University- Campus

Area Network)

Presented By

Manoj K Tiwari,

S.O.S In Computer Science & I.T.

Pt. Ravishankar Shukla University, Raipur (C.G) India
 Outline
• Introduction
• Network - VSAT
• Equipments Installed
• Server Setup
• VSAT at University
• How Managing Network
• Challenges and Solution
• Summary
 INTRODUCTION
• Pt. Ravishankar Shukla University is Chhattisgarh's
oldest University of higher education, Chhattisgarh
is newly born state of INDIA. The campus of
University is spread in 207 acres of land. There are
thirty teaching departments in the University. Out
of which six department’s buildings have been
constructed recently.The total number of
employees is about 500, who provide the
administrative support at different levels.

Conti….
 INTRODUCTION
• There are many talented and hardworking students in the University
who are engaged in Research and higher studies with the help of
minimal infrastructure in isolated academic environment. Internet
connectivity is the only source of continuous technical knowledge
up-gradation and new information for these students in this under
privileged region of Chhattisgarh state. There are 5000 students
enrolled for variety of courses offered by the departments In the
academic year 2005-06, 1,25,000 students were enrolled, both for
undergraduate and postgraduate courses. The University plays a
major role in influencing the educational, cultural and economic life
of the region but due to the lack of proper connectivity it is unable
to fulfill its role in a effective manner.

Conti…
 VSAT at University
U.G.C. New Delhi , India has provided our University VSAT
connectivity under UGC-INFONET program with SCPC-512
kbps/1 Mbps bandwidth, which is installed in our S.o.S. in
Computer Science and I.T. department and functioning
successfully in our University. Now the Campus Wide
Networking equipped with Cisco Router, Network Switches,
fiber optics for University Campus has been done and this
facilities is now functional in many of the School of
Studies and University Library as well, under the same
program, INFLIBNET Center, Ahmedabad is providing
about 2000 Journals/databases of various disciplines. In the
same RUS-CAN major challenges are proper distribution
of bandwidth through the University Campus, Protect
the RSU-CAN from Virus, Spam and Spy ware, that is
cause of Router Jam. Internet access speed suddenly gets
down
 Equipments Installed
S.No. Equipments Qty
1. SCPC-VSAT with 512 kbps/1 Mbps 1
Bandwidth With all necessary equipments
(No. 3)
2. IBM Server 225 Series 2

3. Indoor Unit, Out door (RF UNIT), Dish 1

Antenna 3.8 meter Cisco Router 1721
series

4 D-link Network Switches DES-1024R 15

With fiber optics connector

5. D-Link Central Switch DES-1200 M 1

6. Fiber Optics Cable 3500 meters

UTP cable 5000 meters

 Server Configuration
Configuration of Server – DHCP/Web server
• IBM Server 225 Series , Xeon Processor

• 512 Mb RAM
• 256 Cache Memory
• 40 GB HDD
• DVD-CD ROM,NIC Card.USB Port
• Monitor, keyboard, Mouse
 DNS Server Configuration

Configuration of Server – DNS

• WIPRO Net Power , Xeon Processor

• 512 Mb RAM
• 256 Cache Memory
• 40 GB HDD
• DVD-CD ROM,NIC Card, USB Port
• Monitor, keyboard, Mouse
 Operating System used
• Windows 2003 Server, why
• Active Directory : A central component of the Windows server operating
systems, the Active Directory directory service provides the means to manage
the identities and relationships that make up network environments
• Clustering Technology :Clustering technologies provide significant
improvements in availability, scalability, and manageability. Installation is
easier and more robust in Windows Server 2003, and enhanced network
features provide greater capabilities and high system uptime
• Kerberos : Kerberos is an authentication mechanism used to verify user or host
identity and is the preferred authentication method for services in Windows
Server 2003.
• Windows 2003 is a secured platform, it lets organizations to take advantages
of security services.
Typical Hub Scenario
 SCPC DAMA System
• Single Channel Per Carrier Demand Assign Multiple
Access , some times also called Bandwidth On Demand,
is an increasingly popular technique to improve
connectivity, efficiency and more over Economics of time
varying Mesh Satellite Networks as compared to Fixed
SCPC and MCPS Satellite Networks being very expensive.
In DAMA Systems there are Minimum Recurring charges
of the Limited Leased Bandwidth as the bandwidth
acquired remains in a pool for the usage for different
locations and applications.

A DAMA system is typically a single hop satellite

transmission network which allows direct connection
between any two nodes in the network among many
users sharing a limited "pool" of satellite transponder
space.
 VSAT
• VSAT stands for "Very Small Aperture Terminal" and refers to
receive/transmit terminals installed at dispersed sites connecting to a
central hub via satellite using small diameter antenna dishes (0.6 to 3.8
meter).
• VSAT networks are now viewed as the most flexible platform in the
communications marketplace, typically allowing remote locations to
communicate with other sites or a centralized computing facility.
SCPC is used for economical distribution of broadcast data as well as
for full-duplex or two-way data or video communications.
• In a SCPC system, user data is transmitted to the satellite continuously
on a single satellite carrier. The satellite signal is received at a single
location, in the case of a point-to-point system, or at many locations in
a Star Hub Configuration.
 Applications & Benefits

• wide geographic coverage

• high availability
• flexible network configuration
• rapid network deployment
• Centralized NMS.
• Cost Effective
• Bandwidth On Demand, Pay what you use.
• Internet
• Video Teleconferencing
• Bank transactions, ATM
• Reservation systems
 Primary Goal
• Providing reliable performance and services at lowest
possible cost.
• Provide appropriate level of performance and services to
different user on the basis of their needs.
• Provide high speed networking to entire University
campus as well as application based services.
• Provide high speed of Internet access in order to
appropriate utilization of e-journals provided by
INFLIBNET Center.
• Conducting e-learning program through RSU-CAN
• System must be able to handle heavy network load.
Scenarios of Buildings
Existing Server Setup
 Using DHCP (Dynamic Host Configuration
Protocol ) , Why ?
• DHCP protocol is used to assign IP addresses to hosts or
workstations on the network. Usually a DHCP server on
the network performs this function. Basically it "leases"
out address for specific times to the various hosts. If a
host does not use a given address for some period of
time, that IP address can then be assigned to another
machine by the DHCP server. When assignments are
made or changed, the DHCP server must update the
information in the DNS server.
 DHCP Lease Stages
1. Lease Request - The client sends a broadcast requesting an IP
address
2. Lease Offer - The server sends the above information and marks the
offered address as unavailable. The message sent is a DHCPOFFER
broadcast message.
3. Lease Acceptance - The first offer received by the client is
accepted. The acceptance is sent from the client as a broadcast
(DHCPREQUEST message) including the IP address of the DNS
server that sent the accepted offer. Other DHCP servers retract their
offers and mark the offered address as available and the accepted
address as unavailable.
4. Server lease acknowledgement - The server sends a DHCPACK or
a DHCPNACK if an unavailable address was requested.
DHCP Server
 Client Reservation

• Client Reservation
• Client Reservation is used to be sure a computer
gets the same IP address all the time. Therefore
since DHCP IP address assignments use MAC
addresses to control assignments, the following
are required for client reservation:
• MAC (hardware) address
• IP address
 Gateway/Cisco Router 1721

• A gateway can translate information between different

network data formats or network architectures. It can
translate TCP/IP to AppleTalk so computers supporting
TCP/IP can communicate with Apple brand computers
• A router is used to route data packets between two
networks. It reads the information in each packet to tell
where it is going. If it is destined for an immediate network
it has access to, it will strip the outer packet, readdress the
packet to the proper Ethernet address, and transmit it on
that. Network Routers do not send broadcast packets or
corrupted packets. If the routing table does not indicate the
proper address of a packet, the packet is discarded.
 How Managing Network
• Central hub is installed at ERNET India Center, Banglore connected to VSAT
facility with DAMA Phone of University.The central hub controls the entire
operation of the communication network. At the hub there is a network
management system server which allows a network administrator to monitor
and control the networks.
• Two DNS server installed at ERNET Banglore IP Add. 202.141.99.9 and
202.41.1.131
• Technical person of ERNET is monitoring bandwidth and traffic of network.
University can get status about network.
• Graphical view of used bandwidth by university can be seen on “
www.ugcinfonet.ernet.in/bwview.asp “ . If network generate undesired
packets, they inform to University and accordingly takes decision what to do.
Some time University used to do disconnect the segment getting undesired
packets.
• Servers are equipped with trial version of anti virus, anti spy ware package.
• Trial version of Bandwidth monitoring software is using locally.
• Trial version of Network view software is using for Network Monitoring.
 Graphical View of Bandwidth taken from
www.ugcinfonet.ernet.in/bwview.asp

Daily Graph of 02/09/06 Monthly Graph

Weekly Graph Yearly Graph

Blue color is Transmit Traffic, Green color is Receive Traffic
 Challenges
• Pt. Ravishankar Shukla University serving the community of Education,
faced major obstacles in a way to build a high-speed computer network for
empowering teachers and research scholars and students with instant
connectivity to share information with each other.It needed a network that
should be both fast and reliable for sharing Internet, email, files, printers, and
other school resources.
• In order to meet the information access and educational goals, the Pt.
Ravishankar Shukla University, Raipur needed to provide network access for
all across the campus.University network provides the local area
network,Computer labs (150 to 200 computers), access learning applications,
and access to the Internet.
• Network security is a top priority for University, focusing primarily on two
fronts: securing the confidential of Teachers/student information that is stored
in its system database, as well as ensuring the web information are protected
from unauthorized activities.
• “In today’s world, network security is just as important as physical security for
schools. University need to ensure the students are supervised while they are
on campus.
 Problems.
1. Since Web server installed here, hackers may access the computers and
server without valid authentication for steeling the information, hacking
may also lead to interception of the information from network. So some
sort of security measures need to be employed to control traffic as well
as hacking.
2. Virus and spy ware problems at user end, which is the cause of Router
Jam.
3. Internet access speed suddenly gets slowed down.
4. Some terminal runs with proper Internet access speed while some
suffers form slow access speed. It may cause of virus, spy ware or
unequal distribution of bandwidth.
5. At present got 1 Mbps bandwidth where 256 kbps is provided for
transmission of data and 1 Mbps is for receiving data while about 150
PCs are connected with this Network
6. Like any other wireless communication technology information
transmitted via VSAT network could be intercept or interfered by a
third party.
 Suggested Solutions
1. A Router on dedicated connections to the Internet should be plugged
in to firewall system.
2. Router should be configured with some filtering rules
3. Proxy server may be used to monitor the traffic on the network and
allowing users to to a limited number of services or some unwanted
services may be blocked.
4. Anti virus and anti spy ware should be install centrally or every PC
should be equipped with same.
5. Bandwidth management tool should be installed in order to monitor
the network properly.
6. Packet filtering, Application level filtering and Web filtering is needed
in order to provide secured network.
7. Currently using windows 2003 server and Most of the PCs with
windows O/S, need to move to Linux based operating system in order
to make network more reliable, Virus free and less expensive.
Graphical View of Firewall Solution
 Summary

The Pt. Ravishankar Shukla University needed a more reliable, less expensive,
and more flexible way to network the far-flung campuses together. At the same
time the connection should be secure and compatible with the client/server
model. Number of Computers are being added to Campus Area Network and
the fact that available bandwidth is already fully utilized. Bandwidth
upgradation is needed to be increase.No security system like firewall has
applied. More technical person and training is needed to address the network
problems.
Thank You
?