• Created by Unknown User (blee), last modified on May 24, 2006

Wednesday, 24 May 2006

  • DMZ rack purchases
    • Nokia PO not issued?
    • Finalize ASU service agreement language
  • Launch base networking update
  • MCR network performance

Wednesday, 10 May 2006

Agenda

  • MCR shipment to NRL
    • Support in case of connectivity problems
    • analog line for modem
  • SASS networking
    • Language of ASU Service Agreement
    • MTI purchase req

Wednesday, 26 April 2006

Agenda

  • Status of purchases.
  • Status of SLAC-public subnet configuration on the MCR firewall.
  • Network connectivity at Astrotech/KSC (no, it's not too early...)

Wednesday, 19 April 2006

Agenda

  • Status of hardware purchases.
  • Status of telco purchases.
  • Status of SLAC-public subnet configuration on the existing MCR firewall.
  • Status of Nokia-bandwidth investigation.
  • AOB

Wednesday, 12 April 2006

Agenda

  • Outcome of additional pricing discussions with MTI.
  • The MTI contract and SLAC purchasing.
  • Status of hardware purchases
  • Assembly/Integration planning
  • Extending the open SLAC network through the VPN tunnel

Attendees:

Amedeo Perazzo, Jean-Raymond Pierre, Charles Granieri, Gary Buhrmaster, Ric Claus, Bob Cowles

Discussion:

  • MTI has provided a revised quote for the tail circuit to SASS.
  • Linda Price (GLAST Project Controls Manager) is investigating the proper way to proceed for the service contract.
  • PR's for the Cisco switches and the Nokia IP380 are in the system, with Teri Church as the buyer.
  • Assembly location for the rack likely B33.
  • SLAC Public Network Access:
    • Bob approved the proposal to extend a SLAC public subnet through the VPN tunnel to NRL/SASS.
    • Only centrally-managed Windows or Linux systems may be attached to this subnet.
    • Workstations on this subnet will not have Internet access.
    • Connected systems must be registered in CANDO with static IP addresses (no DHCP).
    • We need to get the additional switch in place and the firewall configuration updated ASAP since MCR will be shipping to NRL soon.
  • JP was able to reproduce the poor transfer rates across the Nokia firewalls, and is contact with the manufacturer to determine more optimized settings.

Actions:

  • Bryson to work with Linda Price / Diana Vierra to get PR's issued for MTI and ASU network services.
  • Charley to create a new public subnet and provide&configure a 24-port 10/100 switch.
  • JP to update the firewall configuration for the public subnet.

Wednesday, 5 April 2006

Agenda:

  • Any SASS/MTI local-loop news
  • Revisit security policy re: SLAC PUB network through VPN tunnel to NRL/SASS.

Attendees:

Amedeo Perazzo, Jean-Raymond Pierre, John Canfield, Charles Granieri, Gary Buhrmaster, Ric Claus, Neil Johnson, Bryson Lee

Discussion:

  • SASS has received a proposal/contract from MTI for the Phonenix-to-Gilbert connection.
  • Project management has approved the purchase of the DMZ/Telco Rack equipment.
  • To support an additional SLAC-public VLAN in the MCR, we are adding a Cisco 3750-24 switch to the purchase.
  • We need to make another attempt to pitch for a separate SLAC-public network segment for e-mail, NCR's, etc. for the off-site LAT personnel at NRL/SASS.

Actions:

  • Gary to review the MTI contract and forward it to Bryson.
  • Charley / Rodney / JP to proceed with purchase requests for the equipment.
  • Bryson to schedule another discussion with Bob Cowles regarding the SLAC-public network needs at NRL/SASS.

Additional later information:

  • The MTI quote is quite a bit higher than expected, and is for DS-3 rather than Ethernet service. The cancellation provisions are also rather unattractive (penalty == unpaid balance of 2-year contract).
  • I've revised the system cost estimate to include DS-3/Ethernet conversion hardware and MTI's fixed/recurring costs. Result is a 72% increase in the system cost.
  • We will proceed with the purchases. We are seeking some relief from MTI, and may also pursue having ASU provide the tail circuit to SASS through one of their local vendors.

Wednesday, 29 March 2006

Agenda:

  • Review system description and network diagram (MSWord)
  • Finalize cost estimate
    • T3 one-time and recurring costs.
  • Policy on use of spare firewall vs. new purchase
    • reprogramming turn-around time
    • re-use spare Checkpoint license?
  • NRL topic: "office"/public network connectivity.

Attendees:

Len Moss, Charles Granieri, Gary Buhrmaster, Ric Claus, Neil Johnson, Bryson Lee

Discussion:

  • Summary of SLAC/ASU/CENIC/SASS Networking telecon:
    • SASS will assist SLAC in provisioning a circuit from the FOF to the Sterling Networks DataCenter in Phoenix.
      • SASS has recently provisioned fiber-optic circuts to the FOF through Mountain Telecommunications (MTI), and will obtain pricing and service contract information from them on SLAC's behalf.
    • This circuit will cross-connect to the ASU border router (collocated in the datacenter). There is a one-time $1500 charge for the cross-connect.
    • ASU will pass the traffic onto a CENIC circuit to the CalREN-HPR backbone in Riverside, CA. ASU will pass on their bandwidth cost to SLAC at $1450/month for this service.
    • Stanford is a CalREN hub site, so the traffic will flow to SLAC via Stanford.
  • Although there are spare Nokia IP380 units for each end of the VPN link, there are no spare licenses, so we will at a minimum have to purchase an additional Checkpoint license in order to pre-position a firewall at SASS.
  • There was at one time a plan to provide an additional network on the MCR that would be an extension of the SLAC Public network, to allow for a small group of machines at NRL with general access to SLAC resources such as e-mail and the NCR database. Gary recalled this discussion, but did not know if it had been dropped for some good reason, or simply forgotten.

Actions:

  • Bryson will finalize the cost estimate in the system description document for presentation to the project next week.
  • JP will provide an estimate of the turn-around time required to reprogram a Nokia firewall, should we decide to repurpose one of the existing spares for pre-positioning at SASS.
  • JP will comment on the feasability of providing an extension of the SLAC public network through the VPN tunnel to support a small group of general-purpose desktop computers for LAT personnel stationed at NRL during environmental testing.

Wednesday, 22 March 2006

Agenda:

  • Status of SLAC/CENIC/ASU/SASS connectivity
    • Schedule for provisioning ASU-SASS local loop
    • Additional H/W needed in the MCR
  • SASS I&T LAN Connectivity
    • System description / justification (MSWord)
    • Purchase of Firewall / switch / modem
    • DMZ/Telco rack configuration
      • one-off vs. MCR-like
      • UPS sizing
  • MCR location after LAT integration to spacecraft bus.

Attendees:

Bryson Lee, Len Moss, Charles Granieri, Jean-Raymond Pierre, Gary Buhrmaster, Rodney Wong, John Canfield

Discussion:

  • SASS/CENIC link: A telecon is scheduled for Wednesday, 29 March among the various players.
  • Charley provided refined pricing for the Nokia IP380, Checkpoint license, and Cisco 3560G switch
  • Decided to use the same HP enclosure (36U) as the MCR, and install two model 2200RM UPS's with NEMA 5-20P plugs. There are already multiple 120V/20A circuits available at SASS.
  • We recommend that LAT personnel familiar with the I&T flow perform a site survey at SASS. One potential concern is the distance between where the telco/DMZ rack will be positioned, and where the MCR will initially be set up for the post-arrival checkouts. It might be possible to make a fiber, rather than a copper connection between the two racks, if SASS has the necessary infrastructure and the distance is large.
  • We tabled the discussion of potentially relocating the MCR to SLAC after the LAT is integrated on the spacecraft as an idea that's better pursued through the I&T operations folks ( Neil, Ric, Ken Fouts, etc.).

Actions:

  • Gary will prepare a brief memo in advance of the local-loop telecon so everybody's on the same page. He'll try to include some estimate of installation, equipment, and recurring charges for the T3.
  • Bryson will incorporate the updated pricing information into the system-description document.
  • Bryson and Neil will present the system description and justification to Lowell Kleisner / Dick Horne next week to obtain the funding.
  • Rodney / JP / Charley will consolidate the quotes for the various components in preparation for placing the orders.

Wednesday, 15 March 2006

Agenda:

  • Status of SLAC/CENIC/ASU/SASS connectivity
    • Schedule for provisioning ASU-SASS local loop
    • Additional H/W needed in the MCR
  • SASS I&T LAN Connectivity
    • creation of DMZ b/w MCR and SASS firewalls
      • firewall rule changes
      • VLAN changes
    • DMZ host machines(s)
      • quantity & hot/cold spare operation
      • rack space / power / cooling constraints
      • network connectivity (switch ports)
      • console connectivity (KVM ports)
      • purchase lead-time
    • Alternative bidirectional file-transfer possibilities

Attendees:

Bryson Lee, Neil Johnson, Len Moss, Charles Granieri, Jean-Raymond Pierre, Gary Buhrmaster, Rodney Wong, John Canfield

Discussion:

  • Current schedule for LAT arrival at SASS is mid-July; therefore we need to have the necessary equipment in place and tested NLT 15 June.
  • We do not have enough hardware in-house to be able to pre-position and check out connectivity without robbing backup units from the MCR.
  • We do not have enough power / cooling / rack space to install additional equipment in the MCR.
  • Proposed solution is to purchase and configure additional equipment, then deliver it to SASS, do the checkouts, and leave it in place until the LAT arrives. Additional equipment includes:
    • Nokia firewall + Checkpoint license + 48-port switch
    • 2 Dell 1850 servers (DMZ hosts)
    • T3 local-loop interface hardware (TBR)
    • half-height enclosure for above
    • "ITAR" workstations (already on order)
  • Upon arrival of the LAT & MCR from NRL, John C. will unplug the firewall in the MCR from the switch, and plug in the pre-positioned firewall for immediate connectivity to SASS and SLAC.

Actions:

  • Gary will convene a telecon among SLAC, CENIC, ASU, and SASS network engineers to refine the details of the ASU-SASS local-loop connection. Tentatively scheduled for 3/15, may move to early in the week of 3/18.
  • Neil will determine the correct funding mechanism / procedure for the telco charges.
  • Charley will begin preparations to purchase the firewall, license, and switch.
  • Rodney will begin preparations to purchase the additional 1850's.
  • Bryson will assemble a system description and operations concept to provide justification for the additional purchases and define the objectives of the pre-positioning test. Draft due 3/22.
  • No labels