Cisco networking & eduroam: Rate Limiting Using Microflow Policing

This is my final post on the interesting technical aspects of the new networking infrastructure that support the eduroam service around the university. This post covers the finer technical details of how we currently rate limit client devices to 8Mbps … Continue reading

Posted in Cisco Networks, eduroam | 1 Comment

Linux and eduroam: link aggregation with LACP bonding

In previous posts, I discussed the roles of routing and NATing in the new eduroam infrastructure . In one sense, that is all you need to create a Linux NAT firewall. However, the setup is not very resilient. The resulting … Continue reading

Posted in eduroam, Linux | Tagged , , , | 8 Comments

Linux and eduroam: Routing

This is a continuation of the series of blog posts describing the Linux servers in the middle of the new eduroam infrastructure. Packets sent by your eduroam client eventually end up on one of the Linux boxes in the eduroam … Continue reading

Posted in eduroam | Tagged , | Comments Off on Linux and eduroam: Routing

Cisco networking and eduroam: Routing

This is the first post in a series discussing some of the finer details of the networking setup for the new eduroam infrastructure that went into production last month. In this post, I will be covering the IP routing setup … Continue reading

Posted in Cisco Networks, eduroam | Comments Off on Cisco networking and eduroam: Routing

Linux’s role in the new eduroam infrastructure

People within Oxford University may be aware that the eduroam service has recently been upgraded to increase its bandwidth, which was saturated on the old infrastructure. This included the replacement of two Linux servers which provide services key to the … Continue reading

Posted in eduroam, Linux | Tagged , | Comments Off on Linux’s role in the new eduroam infrastructure

Building the new eduroam networking infrastructure

As many of you around the university are likely to be aware of by now, this month we migrated to a new backend infrastructure to support the eduroam service across the city. This blog post has been written to give … Continue reading

Posted in Cisco Networks, eduroam, Wireless | Comments Off on Building the new eduroam networking infrastructure

I just received a spam email from my own address

Our team was asked to answer some queries about how it’s possible to receive mail that has been forged as being from your email address. This article slightly overlaps with a previous article in 2011┬áthat covered similar ground. Please note … Continue reading

Posted in Mail Relay | Comments Off on I just received a spam email from my own address

NTP service changes Nov 2012

Over the next month we’ll be doing some work to consolidate our NTP stratum 2 and 3 services into what will hopefully (subject to antenna installation) be a four system stratum 1 service. All historical IP addresses and DNS names … Continue reading

Posted in Best Practices, General Maintenance, NTP | 1 Comment

Using Microsoft Active Directory as the Authentication server for an SSL VPN on a Cisco ASA.

Background We wanted to be able to run an SSL VPN for a second team (Team B) on one of our ASA pairs. It was important to give each team a different VPN pool for security reasons. The first team … Continue reading

Posted in Cisco Networks, VPN | Tagged | Comments Off on Using Microsoft Active Directory as the Authentication server for an SSL VPN on a Cisco ASA.

Disabling 802.11b

We have been pondering the idea of disabling 802.11b for some time. Research into the subject has proved that it will be feasible. What’s the difference? 802.11b was the first standard of wireless networking conceived by IEEE in 1999. It’s … Continue reading

Posted in Wireless | 4 Comments