On Sun, 14 Mar 2004, David A. Ulevitch wrote:
Has it been a while since you've been on a resnet? They're bad, but most all "ResNet's" I know of are now implementing some sort of MAC/DHCP combo at the very least.
The thing to remember is that all rooms are locked until someone is issued a key. So you have someone to blame if the port becomes hot in a dorm room. The public portals are another story and should require some sort of registration. The university I've been hounding for a while now had a problem...They didn't require you to authenticate yourself only when your mac changed, they required you to do it everytime the link status changed on your port. Problems with this are a many... 1. I have a laptop, I turn it off and on a lot...That's quite a bit of logging in and with it being web based with SSL now it makes it even harder for me to automate the login process. 2. Everytime they rebooted a switch, the switch powered off, etc...I'd have to relogin. This would always catch me when I had left my machine online during the day to retreive something remotely while at work. (I can't take a laptop to work with me...but I can download from the net) I go back to my statement time and time again...Who cares if there are 6 people in the room, I issue an honor system referral to ALL parties in the room and let the justice system sort out who was at fault. If they need more information, I'll assign a senior engineer to investigate and pull logs and check machines. Often times the naughty student will fess to their dirty work without requiring the extra work. Less hassle for the general population and less questions when the newbies can't figure out how to login to access the Internet. This login thing can also be extended to colleges who require VPNs for wireless...Way to kill the battery on my ipaq doing all the calculations. Plus it creates major setup complications for the general newbie and I often wonder if its worth the hassle when most universities should worry about the much worse problems like students who are sharing illegal warez. In a corporate environment with confidential data flying around...There better be a VPN on that wireless or one day you are going to have fun explaining to your boss why your new top secret cookie recipe is on IRC. :) I know I'm shooting in the wrong forest but I think some of the practices of universities and supporting small ISPs really needs to be discussed. Some of the IT management folks just don't have a clue because they have never provided carrier class services. As shown with the small ISP who tried to stick hundreds of users behind a small, underpowered firewall...*sigh* I seriously investigated satellite based net access until I found the regulation prohibiting dishes from being outside the window. Andrew --- <zerocool@netpath.net> http://www.andrewsworld.net/ ICQ: 2895251 Cisco Certified Network Associate "Learn from the mistakes of others. You won't live long enough to make all of them yourself."