Versions Compared

Old Version 12

changes.mady.by.user Unknown User (blee)

Saved on

compared with

New Version 13

changes.mady.by.user Unknown User (blee)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Outcome of additional pricing discussions with MTI.
  • The MTI contract and SLAC purchasing.
  • Status of hardware purchases
  • Assembly/Integration planning
  • Extending the open SLAC network through the VPN tunnel

Attendees:

Amedeo Perazzo, Jean-Raymond Pierre, Charles Granieri, Gary Buhrmaster, Ric Claus, Bob Cowles

Discussion:

  • MTI has provided a revised quote for the tail circuit to SASS.
  • Linda Price (GLAST Project Controls Manager) is investigating the proper way to proceed for the service contract.
  • PR's for the Cisco switches and the Nokia IP380 are in the system, with Teri Church as the buyer.
  • Assembly location for the rack likely B33.
  • SLAC Public Network Access:
    • Bob approved the proposal to extend a SLAC public subnet through the VPN tunnel to NRL/SASS.
    • Only centrally-managed Windows or Linux systems may be attached to this subnet.
    • Workstations on this subnet will not have Internet access.
    • Connected systems must be registered in CANDO with static IP addresses (no DHCP).
    • We need to get the additional switch in place and the firewall configuration updated ASAP since MCR will be shipping to NRL soon.
  • JP was able to reproduce the poor transfer rates across the Nokia firewalls, and is contact with the manufacturer to determine more optimized settings.

Actions:

  • Bryson to work with Linda Price / Diana Vierra to get PR's issued for MTI and ASU network services.
  • Charley to create a new public subnet and provide&configure a 24-port 10/100 switch.
  • JP to update the firewall configuration for the public subnet.

Wednesday, 5 April 2006

Agenda:

  • Any SASS/MTI local-loop news
  • Revisit security policy re: SLAC PUB network through VPN tunnel to NRL/SASS.

Attendees:

Amedeo Perazzo, Jean-Raymond Pierre, John Canfield, Charles Granieri, Gary Buhrmaster, Ric Claus, Neil Johnson, Bryson Lee

Discussion:

  • SASS has received a proposal/contract from MTI for the Phonenix-to-Gilbert connection.
  • Project management has approved the purchase of the DMZ/Telco Rack equipment.
  • To support an additional SLAC-public VLAN in the MCR, we are adding a Cisco 3750-24 switch to the purchase.
  • We need to make another attempt to pitch for a separate SLAC-public network segment for e-mail, NCR's, etc. for the off-site LAT personnel at NRL/SASS.

Actions:

  • Gary to review the MTI contract and forward it to Bryson.
  • Charley / Rodney / JP to proceed with purchase requests for the equipment.
  • Bryson to schedule another discussion with Bob Cowles regarding the SLAC-public network needs at NRL/SASS.

...

  • Review system description and network diagram (MSWord)
  • Finalize cost estimate
    • T3 one-time and recurring costs.
  • Policy on use of spare firewall vs. new purchase
    • reprogramming turn-around time
    • re-use spare Checkpoint license?
  • NRL topic: "office"/public network connectivity.

Attendees:

Len Moss, Charles Granieri, Gary Buhrmaster, Ric Claus, Neil Johnson, Bryson Lee

Discussion:

  • Summary of SLAC/ASU/CENIC/SASS Networking telecon:
    • SASS will assist SLAC in provisioning a circuit from the FOF to the Sterling Networks DataCenter in Phoenix.
      • SASS has recently provisioned fiber-optic circuts to the FOF through Mountain Telecommunications (MTI), and will obtain pricing and service contract information from them on SLAC's behalf.
    • This circuit will cross-connect to the ASU border router (collocated in the datacenter). There is a one-time $1500 charge for the cross-connect.
    • ASU will pass the traffic onto a CENIC circuit to the CalREN-HPR backbone in Riverside, CA. ASU will pass on their bandwidth cost to SLAC at $1450/month for this service.
    • Stanford is a CalREN hub site, so the traffic will flow to SLAC via Stanford.

...

  • There was at one time a plan to provide an additional network on the MCR that would be an extension of the SLAC Public network, to allow for a small group of machines at NRL with general access to SLAC resources such as e-mail and the NCR database. Gary recalled this discussion, but did not know if it had been dropped for some good reason, or simply forgotten.

Actions:

  • Bryson will finalize the cost estimate in the system description document for presentation to the project next week.
  • JP will provide an estimate of the turn-around time required to reprogram a Nokia firewall, should we decide to repurpose one of the existing spares for pre-positioning at SASS.
  • JP will comment on the feasability of providing an extension of the SLAC public network through the VPN tunnel to support a small group of general-purpose desktop computers for LAT personnel stationed at NRL during environmental testing.

...

  • MCR location after LAT integration to spacecraft bus.

Attendees:

Bryson Lee, Len Moss, Charles Granieri, Jean-Raymond Pierre, Gary Buhrmaster, Rodney Wong, John Canfield

Discussion:

  • SASS/CENIC link: A telecon is scheduled for Wednesday, 29 March among the various players.
  • Charley provided refined pricing for the Nokia IP380, Checkpoint license, and Cisco 3560G switch
  • Decided to use the same HP enclosure (36U) as the MCR, and install two model 2200RM UPS's with NEMA 5-20P plugs. There are already multiple 120V/20A circuits available at SASS.
  • We recommend that LAT personnel familiar with the I&T flow perform a site survey at SASS. One potential concern is the distance between where the telco/DMZ rack will be positioned, and where the MCR will initially be set up for the post-arrival checkouts. It might be possible to make a fiber, rather than a copper connection between the two racks, if SASS has the necessary infrastructure and the distance is large.
  • We tabled the discussion of potentially relocating the MCR to SLAC after the LAT is integrated on the spacecraft as an idea that's better pursued through the I&T operations folks ( Neil, Ric, Ken Fouts, etc.).

Actions:

  • Gary will prepare a brief memo in advance of the local-loop telecon so everybody's on the same page. He'll try to include some estimate of installation, equipment, and recurring charges for the T3.
  • Bryson will incorporate the updated pricing information into the system-description document.
  • Bryson and Neil will present the system description and justification to Lowell Kleisner / Dick Horne next week to obtain the funding.
  • Rodney / JP / Charley will consolidate the quotes for the various components in preparation for placing the orders.

...

  • SASS I&T LAN Connectivity
    • creation of DMZ b/w MCR and SASS firewalls
      • firewall rule changes
      • VLAN changes
    • DMZ host machines(s)
      • quantity & hot/cold spare operation
      • rack space / power / cooling constraints
      • network connectivity (switch ports)
      • console connectivity (KVM ports)
      • purchase lead-time
    • Alternative bidirectional file-transfer possibilities

Attendees:

Bryson Lee, Neil Johnson, Len Moss, Charles Granieri, Jean-Raymond Pierre, Gary Buhrmaster, Rodney Wong, John Canfield

Discussion:

  • Current schedule for LAT arrival at SASS is mid-July; therefore we need to have the necessary equipment in place and tested NLT 15 June.
  • We do not have enough hardware in-house to be able to pre-position and check out connectivity without robbing backup units from the MCR.
  • We do not have enough power / cooling / rack space to install additional equipment in the MCR.
  • Proposed solution is to purchase and configure additional equipment, then deliver it to SASS, do the checkouts, and leave it in place until the LAT arrives. Additional equipment includes:
    • Nokia firewall + Checkpoint license + 48-port switch
    • 2 Dell 1850 servers (DMZ hosts)
    • T3 local-loop interface hardware (TBR)
    • half-height enclosure for above
    • "ITAR" workstations (already on order)
  • Upon arrival of the LAT & MCR from NRL, John C. will unplug the firewall in the MCR from the switch, and plug in the pre-positioned firewall for immediate connectivity to SASS and SLAC.

Actions:

  • Gary will convene a telecon among SLAC, CENIC, ASU, and SASS network engineers to refine the details of the ASU-SASS local-loop connection. Tentatively scheduled for 3/15, may move to early in the week of 3/18.
  • Neil will determine the correct funding mechanism / procedure for the telco charges.
  • Charley will begin preparations to purchase the firewall, license, and switch.
  • Rodney will begin preparations to purchase the additional 1850's.
  • Bryson will assemble a system description and operations concept to provide justification for the additional purchases and define the objectives of the pre-positioning test. Draft due 3/22.