Network Capacity Management in Student Residence Areas

Updated June 23, 2006

[Sep 04, 2008 18:43] Emergency downtime - Central Exchange Service mailstore 3 is experiencing a problem and must be taken offline. Time-to-resolution is not yet known. ITC is working to resolve the problem.

[Sep 04, 2008 17:32] Access to ITC ESERVICES Exchange Mailstore 7 will be intermittent for the next 2-4 hours as we check to make sure the mailstore remounted correctly.

Introduction

The primary motivation for the installation of network connections in student residence rooms was for access to library and other educational materials, electronic mail, and generally to make it easier for students to work in their rooms. While the evolution of the Internet has greatly expanded the usefulness of the network connections, our focus has remained on first ensuring high-speed access to on-Grounds' resources and, secondly, on providing good response for commonly used Internet applications such as browsing the Web, Instant Messenger, file transfer, and other similar services. Our lowest priority is providing capacity for various unknown applications and for servers dispensing large volumes of data from the residence halls. Given that network capacity is a limited and expensive commodity, we have developed this document to explain how we manage network resources in student residence facilities.

Campus data networks are generally designed based on the capacity needed within a building, the expected quantity of traffic going from the building to other campus locations, and the anticipated volume of traffic that will go to the Internet. Each of these portions of the network has a distinct characteristic and is managed differently.

  • Capacity within a building.
    The capacity of a data network within a building is a function of the electronics installed in the wiring closets. In general, the newer the electronics, the more network capacity will be available in the building. The primary limiting factor is the funding needed to upgrade the electronics continually and to install the new cabling that is needed every few generations of network electronics.
  • Capacity to other on-Grounds' locations.
    The network capacity to other on-Grounds' buildings is limited by the speed of the building network and the capacity of the link that connects the building to core of the campus network.
  • Internet capacity.
    The volume of traffic that can flow from a user’s machine to the Internet is limited by the speed of the building network, the capacity of the link from the building to the network core and, most importantly, the capacity of the University’s connection to the Internet.

How network capacity is managed

Network traffic in the student residence areas is managed to achieve the general goals described above using the following configurations:

  • Traffic from any individual computer to the building network is limited to 10 million bits per second (Mbps). This is approximately 180 times the speed of a normal 56 kbps dial-up phone modem.
  • Network traffic to and from a student residence building to any other point on Grounds is limited only by the overall capacity of the campus network and the servers being accessed. This configuration ensures that access to University-provided network services is always fast and reliable.
  • Network traffic between student residence areas and the Internet is limited based on the type of traffic, the total volume of residence area Internet traffic, and the capacity of our Internet connection.
    • Maximum Bandwidth Rate per Machine
      Each machine has an overall rate limitation of 512kbps (1/3 of a T1 connection) for inbound prioritized traffic, 512kbps for inbound unprioritized traffic. Outbound traffic is not rate limited. All traffic is measured. The inbound rate limitations were determined by analyzing usage statistics over previous academic years and were set in an effort to promote fair distribution of Internet connectivity.
    • NEW for Fall 2006
      The change for the start of this year will be to remove the two following measures and monitor the residence area Internet connection to make sure that it can handle the load. If not, we may need to revert to a different technical implementation of the following measures later in the semester.
      • Standard Internet traffic
        No per protocol limits or restrictions are imposed on network traffic from the student residence areas to the Internet for standard Internet applications. Our list of standard applications with no restrictions is HTTP for browsing the Web, Telnet for accessing remote computers, FTP¹ for file transfers, SMTP for email, MSN Instant Messenger (standard port, text messaging only), traffic for AOL Instant Messenger (one standard port) and for most locations UDP. We have also added ping and any traceroute using ICMP (i.e. Windows by default or Linux and Solaris with the -I option) to the higher priority traffic. Allowing ping and traceroute traffic a higher priority provides information which enables us to differentiate real network problems from problems associated with traffic shaping such as applications that respond slowly. If you are using traceroute on another platform besides those mentioned above, please refer to the documentation for traceroute on that platform to learn if ICMP is the default or can be used. One caveat for traceroute and ping traffic is that it is limited to 512kbps and could exhibit problem if a denial of service (DOS) is underway.
      • Other Internet traffic
        Any network traffic between student residence areas and the Internet not specifically listed above as standard traffic is defined to be general “other” traffic and is transmitted on a lower-priority basis. Note that no Internet traffic is actually blocked. However, standard traffic has priority and other traffic can be slowed down by an increase in the volume of standard data.

Network usage measurement and excessive usage

In the fall of 2001, ITC began a formal process of measuring the volume (not content or type) of network traffic generated by each student’s computer. We contacted students owning computers that generated large volumes of traffic and ask them to limit their usage. Each year, we have reviewed this process and sought ways to improve.

During fall 2004, ITC began a process of issuing a “time out” for overuse offences. In response to feedback from students and staff concerning the time needed to notify the owner, identify and correct the problem, ITC has revised the time out policy for fall 2006.

  • Residence area network users will continue to receive email notification for overuse.
  • An Overuse Offense occurs when a computer consumes network capacity at a rate of more than five (5) standard deviations above the mean consumption of all of the computers on the residence area network. Traffic volume is measured daily over a 24-hour period. A computer must have transferred at least 750 Mbytes over the 24-hour period in order to be flagged for an overuse event.
  • Our response to overuse offenses will use a 14-day focus period and will be issued using the following guidelines:
    • First incident of the year - 3 offenses in a period move the computer to the “time out” box for 7 days
    • Second incident of the year - 3 offenses in a period move the computer to the “time out” box for 30 days
    • Third incident of the year - 3 offenses in a period move the computer to the “time out” box for 130 days
  • All computers registered to a person who has received the notification will be subject to the "time out" state. A computer in the “time out” state will experience network performance limited to the speed of a 56kbps modem.
¹Some FTP programs work in a passive mode that our system cannot detect as FTP traffic. We recommend that you use Internet Explorer for downloading files from the Internet via FTP since it operates correctly with our systems. Do not use Netscape Navigator. In the past, the default configuration for ITC-supported FTP clients was to use passive mode. That is no longer the case. Please either download a new copy of your FTP client from Software Central or see the documentation for information on changing the configuration of an already installed FTP client. Technical details on FTP behavior are available online for those who are interested.

© 2008 by the Rector and Visitors of the University of Virginia.

The information contained on the University of Virginia’s Department of Information Technology and Communication (ITC) website is provided as a public service with the understanding that ITC makes no representations or warranties, either expressed or implied, concerning the accuracy, completeness, reliability or suitability of the information, including warrantees of title, non-infringement of copyright or patent rights of others. These pages are expected to represent the University of Virginia community and the State of Virginia in a professional manner in accordance with the University of Virginia’s Computing Policies.