DroidLar - Automac¸ao residencial atraves de um celular android.pdf
autoMAC: A Tool for Automating Network Moves, Adds, and Changes
description
Transcript of autoMAC: A Tool for Automating Network Moves, Adds, and Changes
![Page 1: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/1.jpg)
autoMAC: A Tool for Automating Network Moves, Adds, and Changes
Christopher J. Tengi
Princeton University
![Page 2: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/2.jpg)
What’s the problem?
Over 1500 hosts Over 100 IP subnets/VLANs 672 user switch ports (currently) 388 wall boxes 1072 patch points
![Page 3: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/3.jpg)
1072 Patch Points
![Page 4: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/4.jpg)
Why subnets?
Why not a flat network? Broadcast domains User segregation Access Control
![Page 5: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/5.jpg)
How we used to do it
Email host registration requests Manual host database entry Manual patch installation Switch re-configuration
![Page 6: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/6.jpg)
So, what’s wrong with that?
Users never get it right the first time Manual host entry is prone to errors Patch panel diving is a pain Did you remember to set the port
VLAN? Did you save the switch config?
![Page 7: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/7.jpg)
What we wanted
Automation! Less user interaction :-) Better accuracy Static switch configuration
![Page 8: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/8.jpg)
What we did
Automate the host database Automate switch port VLAN
assignment Keep everyone in the right place
![Page 9: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/9.jpg)
Automating the host database
Move to a web-based registration system
Use a daemon to process requests Have the daemon rebuild all the
database extracts
![Page 10: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/10.jpg)
Automating VLAN assignment
No more manual switch configuration Any port, any VLAN, any time Use the host MAC address as the key Registration VLAN for unknown hosts
![Page 11: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/11.jpg)
The nitty-gritty
![Page 12: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/12.jpg)
Tools we used
Existing host database FreeRADIUS NetReg
![Page 13: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/13.jpg)
Tools we used - Host DB
Originally only for administrators Very little field validation Input through a ‘vi’ -based interface Extracts generated manually with
‘make’
![Page 14: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/14.jpg)
Tools we used - FreeRADIUS
Config files generated from Host DB Originally implemented for Cisco APs Our user switches could “speak”
RADIUS
![Page 15: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/15.jpg)
Tools we used - NetReg
Web-based data input Two to choose from
Carnegie Mellon University Southwestern University
![Page 16: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/16.jpg)
Integration: Tying it all together
![Page 17: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/17.jpg)
Integration - Host database
Web registration form Field validation on the form Automate request processing
![Page 18: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/18.jpg)
Integration - RADIUS server
Use MAC address to lookup VLAN Add “tunnel” A/V pairs to accept
response Unknown MAC addresses are rejected
![Page 19: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/19.jpg)
Integration - Hardware
First, get a vendor to write code for you Why not 802.1X? Known hosts always land on the right VLAN
Locally registered Mobile IP
Unknown hosts land on the registration VLAN
![Page 20: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/20.jpg)
Integration - NetReg Server
Listening on the registration VLAN Answers all DHCP requests Specifies itself as DNS server/gateway Answers any HTTP request
Requires a CS username/password Presents the host registration form Sends the completed form for
processing
![Page 21: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/21.jpg)
Future Enhancements
Virus/patch scanning on the registration VLAN
Automatic isolation of newly-infected hosts
Expand registration VLAN concept to 802.11b
![Page 22: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/22.jpg)
Conclusions
Automation is a good thing Open Source Software is invaluable Sometimes you can get what you want
![Page 23: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/23.jpg)
Acknowledgements
Princeton CS Technical Staff Jon Finke Rob Kolstad
![Page 24: autoMAC: A Tool for Automating Network Moves, Adds, and Changes](https://reader033.fdocuments.net/reader033/viewer/2022051416/56813e5e550346895da863ac/html5/thumbnails/24.jpg)
Availability
http://www.CS.Princeton.EDU/autoMAC/