Part of the Facilities Manager's team, the Network Wrangler is responsible for ensuring that the wired, wireless, and Internet connectivity meets the needs of the convention.

Prior to the convention the Network Wrangler will collect needs send by the convention staff, members and guests and arrange to meet those needs or identify problems with the available network. Examples of these sorts of needs are

1. Where computer networks will be available (I need network connection in the X room)
2. Peer to Peer networking issues (can my room computer control my convention display computer)
3. Types of internet access (will guests be able to use SSH as well as HTTP)

During the convention the he/she will deal with day to day problems as the arise and be the liaison between the hotel's network staff and the convention personnel.

For Penguicon 2010, the team consists of Chris Krieger and folks that wish to help him in his quest to provide better network connectivity and better Internet service.

• Internet
  • Hotel Internet 5 T1 lines, Hotel states 200-300 connections maximum on their network.
  • Will be separating con floor with a completely separate wired and wireless network.
  • See Network section for plans for the floor network.

• Wireless Access
  • Chris Krieger are discussing a sponsorship by Cisco through which a switch and access points could be set up for the weekend.
• Computer Lounge
  • Chris Krieger Will search out groups to populate the lounge with various Open Source offerings.
  • Marshall Newrock is our contact for GLLUG, who wished to do a Linux table.

Subnets

• Public
  • Domain public.penguicon.local
  • Ip-range 10.0.0.0/21 Total IP addresses 2046
  • VLAN 2
  • This network will be public accessible via wireless and wired in the computer lounge.

• Staff
  • Domain staff.penguicon.local penguicon.local
  • IP-range 192.168.225.0/24 Total IP addresses 254
  • VLAN 1
  • This network will have most of the servers, and infrastructure. Registration, presenters and other VIPs.
  • Wireless portion will be encrypted to WPA2 with a strong pass-phrase.

Estimated Server requirements

• DHCP - Server runs DHCP and master DNS server for dynamic DHCP
• DNS x2 - Primary resolver servers for both subnets
• MYSQL - SQL server for all needed back-end infrastructure and websites.
• SYSLOG - server for collecting and monitoring system logs from all other system and network devices
• WEB - server for running any web servers, including web FRONTEND for SYSLOG and SNORT.
• SNORT - several sensors placed at key places to monitor for dangerous traffic, and hacking attempts against important infrastructure.
• FIREWALL - border device that routes between both networks and our internet connection.
• ZENOSS - Monitoring system for all infastrucre, allowing NOC personnel to monitor for outages and issues.
• REVERSEPROXY - System placed on the public network to allow access to the websites on the staff network.
• CACTI - pretty public graphics of usage of the network.
• FILES - File server supporting http, samba, nfs with Distro's and updates

Internet Requirements

• Estimate 16-20mb down 2mb up Bandwidth

Operating systems

• Planning for all servers to have Centos 5.
• All systems will be base-lined to CIS Level 1 (Center for Internet Security http://www.cisecurity.org/en-us/)

Firewall

• Likely will be configured using IPCOP or another Linux based Firewall Distro
• Will be blocking P2p and torrent traffic, to keep internet fast for everyone
• QOS for traffic priority to Staff network (some presenters have requested this)
• Large downloads (over 3mb) will be limited to 128kps on the public network. Keeps everyone's internet fast
• Caching proxy server to help improve internet speed.

Applications

• All applications possible will also be benchmarked to CIS level 1 (Mysql, Apache, Bind)

Websites

• status.penguicon.local - NOC Informational site for status on outages and other issues
• cacti.pengucion.local - Public accessible showing statics of all the systems.

Other Notes

• Planning to have a file server to hold a local repository of Distro's, will do dns redirection to force users to use local server for updates.