Date post: | 30-Dec-2015 |
Category: |
Documents |
Upload: | noel-mcdaniel |
View: | 219 times |
Download: | 1 times |
DirectConnect & UM’s Network
Access Control
University of Montana - Missoula
Adam Ormesher & Chase Maier
Background Information
We provide internet to about 3000 residents
All ten dorms are currently wired-only connections
NAT – Not enough forward facing IPs Outside connection managed by Central
IT – Not us
IP Address Pools Each residence hall has two designated
pools of IP addresses for use by clients.
“dirty pool” not registered or banned○ 10.247.__.__
“clean pool” devices which have been registered and are able to access the Internet and network resources.○ 10.248.__.__
Network Level Restrictions Each switch blocks outbound DHCP
Offers on all switch interfaces.A single exception is necessary allowing our
approved DHCP server to provide devices with leases.
This helps alleviate problems caused by students plugging in routers backwards which compete with our DHCP server.
DCOHome - Uses
Custom web application containing:Residence Halls Switch Port ControlResidential DHCP Backend Data StoreStudent Housing Records
DCOHome – Student Info
Student Personal InformationStudent ID, NetID, Name, Email, Phone #
Housing InformationDorm & Room #
The above information is updated daily from Banner for students living in our residence halls.
DCOHome – Registration
Each device that is connected to the network is given a DHCP lease based on MAC Address.
Each device is assigned to an existing student.
Game consoles are manually registered by our employees.
DCOHome – Ban Methods Using the ban system we are able to:
Ban specific MAC Addresses
Ban all devices registered to a student.
Banned machines are returned to the “dirty pool.”
DCOHome – Ban Reasons Student conduct violations
DMCA violations
Network Impacting Infections
Malfunctioning hardware
Unauthorized hardware
DCOWeb – DHCP Server
Developed using Java by our internal programming team.
Communicates with DCOHome using XML.
DCOWeb – Web Server
Contains pages with:Instructions to be followed to register.Commonly downloaded files.
○ Windows Service Packs○ .NET Installers○ Antivirus & Antimalware Utilities
DCOWeb– DNS Server
Computers in the “dirty pool” are assigned DCOWeb as their DNS server.
All DNS lookups sent to DCOWeb resolve to the IP of DCOWeb (10.248.242.55).
What is IP for “www.google.com”?
10.248.242.55 (DCOWeb)
Client In Dirty Pool DCOWeb
Overview
Student info
DHCP log
Port status
DHCP Server
DNS Server
Hosted Files
Client(Student machine)
DCOHome DCOWeb