A public school network WTF



  • This is an experience from a countryside school in my area. These state funded schools have minimal  IT budgets so I really should not be surprised, but it was THAT bad.

    It was a network that had started its existence as a coax net. Sometime around early this century that network was destroyed by a fateful lightning strike.  They chose to replace it with more modern cat cabled net. Probably the the computer lab teacher was however the one responsible for the wiring because the classroom was wired with EXACTLY the same topology as coax had been. In a classroom of about 20 computers there were four 10Mbit hubs in series and computers connected to them. The network performance was below any sensible expectation. The WTF did not end with the wiring tho. Each computer had a public, visible to the whole world, IP.  The poor computer lab teacher reinstalled computers weekly, because thats what it took for an XP(where kiddies for some reason had admin rights) to be completely infested and destabilized with s*it. I heard her complaints about this annoyance  from a mutual friend and every time I told him that this was not normal and that there is a better way. It was so bad that I volunteered to help for free. Finally she asked me to help out. I set them up with a firewall, file server and a domain controller based on Linux and one of the classroom PC-s for them. Since then the only reinstalls have been for PC-s with hardware failures. And I seriously hope that the dreadful topology was replaced with a sensible one per my instructions and explanations during renovations this year.



  • @death said:

    In a classroom of about 20 computers there were four 10Mbit hubs in series and computers connected to them.

    Which is, of course, the reason why it was so slow. Ethernet does not support more than a distance of three segments with active devices (computers) in a collision domain. With four hubs, there would be five segments here. It's all to do with packet timings and the CSMA/CD algorithm - if you make the chain too long, then a computer at one end of the chain will routinely transmit packets that collide with one from the other end.

    This is why all sane modern networks use switches instead of hubs, and full-duplex rather than CSMA/CD.
     



  • I dropped what I was holding (piece of cardboard oddly enough) when I read about the 10Mbit hub thing. They say those who can't do, teach. It's always been a saying that has sounded odd to me (how can you teach if you're useless) but I keep seeing it again and again. I remember a girl from my MSc classes that i wouldn't trust to turn on my PC and yet she's teaching IT in a school as we speak.



  • Well to be completely honest there used to be fifth hub in the principals office extended from the last hub but that actually got replaced with a switch when things got too bad and extended one more step, to teachers lounge...

     

    I have two other stories from that place to share too.

    Once I got called out as the whole school network was "simply not working and it was probably my routers fault". The first oddity I noticed was that my router was getting tons and tons of DHCP requests so it could not answer all. And they seemed to be duplicates too. As soon as i walked into the classroom I noticed that lights on any and all networking equipment were blinking like mad. "Bad network device somewhere," was my first conclusion so I started fault searching by pulling the plug starting with the router. Soon I had walked all the way through the classroom hubs to a wire leaving the classroom. Sanding and holding an nondescript wire identified as source of confusion I ask where its other end is.", The principals office," I hear. So we go there. There is a switch blinking like mad. I identify the wire that causes blinking and ask about its other end. Teachers lounge. So we go there. Another cheap 8-port switch. Repeated process lands me another untagged wire. This time however the answer to the question about the other end is honest "I don't know." So I trace the wire and soon find the other end. Most of you should know by know where it was. Yep, in the same switch... Somebody did not want lose wires around...

    Another time I was called out with the same description. What I noticed was that computers were getting their addresses from somewhere else, than my router.  What it turned out to be was the teachers wireless router she had brought in and plugged in at the teachers lounge switch so she could use her laptops wireless. Of course it had not occurred to her to reconfigure the thing to be an AP first. In addition to DHCP problem there was an IP conflict with my router and she when asked if she changed anything lately in the network said "No.. Not that I know of...".


     



  • Hope they're paying you now. If had to fix someone else's mistakes for free, sooner or later I'd walk in with a gun.



  • Actually to be honest, I haven't ALLOWED them to pay me. If they pay me I cant tell them off, when I have had enough of it. So far this experience has been invaluable in terms of experience of how NOT to do things but still seem get done...



  • @asuffield said:


    Which is, of course, the reason why it was so slow. Ethernet does not
    support more than a distance of three segments with active devices
    (computers) in a collision domain. With four hubs, there would be five
    segments here.

    Plain 10Mbit Ethernet configuration rules are largely academic now. However, you have fallen into the common error of misunderstanding what the 3 part of the 5-4-3 rule is. What 802.3 (13.3e) actually says is:

    "When a transmission path consists of four repeater sets and five segments, up to three of the segments
    may be mixing and the remainder must be link segments"

    10BASE-T segments are link segments, so the network isn't misconfigured, just badly configured.



  • @Cthulhu reencoded said:

    @asuffield said:

    Which is, of course, the reason why it was so slow. Ethernet does not
    support more than a distance of three segments with active devices
    (computers) in a collision domain. With four hubs, there would be five
    segments here.

    Plain 10Mbit Ethernet configuration rules are largely academic now. However, you have fallen into the common error of misunderstanding what the 3 part of the 5-4-3 rule is. What 802.3 (13.3e) actually says is:

    "When a transmission path consists of four repeater sets and five segments, up to three of the segments
    may be mixing and the remainder must be link segments"

    10BASE-T segments are link segments, so the network isn't misconfigured, just badly configured.

    "Link segments" are segments that don't have any active devices on them - they're just connections between repeaters (hubs + similar crap). This network is misconfigured.



  • @asuffield said:

    "Link segments" are segments that don't have any active devices on them - they're just connections between repeaters (hubs + similar crap). This network is misconfigured.

    <Sigh> You pulled that definition from your hat. This is what 802.3 says:

    "1.4.200 link segment: The point-to-point full-duplex medium connection between two and only two
    Medium Dependent Interfaces (MDIs)." All 10BASE-T segments are link segments.

    There is a good discussion of the multi segment configuration guidelines in "Ethernet: The Definitive Guide", which happens to be the preview chapter at http://www.oreilly.com/catalog/enettdg/chapter/ch13.html

     

     
     

     


     



  • As I understand that, the fact that hubs had several computes connected as well chimes in perhaps violating "between two and only two"? Right/wrong? Anyway. I do not know the standards that well. I just look at it and thought this must be at least against best practices...



  • @death said:

    So I trace the wire and soon find the other end. Most of you should know by know where it was. Yep, in the same switch... Somebody did not want lose wires around...

    I know very little about networking, so bear with me.  The fact that I know very little about networking also makes my story a little funny.

    One time our network guy did a change control and brought our network to its knees.  He said there was a rogue switch connected somewhere on his network.  It was screwing up his change control and when he found out who connected it... *POW* right in the balls.

    He managed to disable some ports and monkeyed around enough that our local users (about 90% of our customers) could access their servers.  At this point I thought he had fixed everything (since he asked me to call our boss and let him know everything was A-OK!).  Then he proceeded to try and figure out who "sabotaged" him.

    Out of curiosity, I asked how he determined it was a "rogue switch".  He ran "show cdp neighbor" and showed me the problematic MAC address.  He determined it was effectively creating a loop(?) in the network.  I glanced down at the documentation for the switch he just installed and noticed the "rogue" MAC address belonged to one of the uplinks.  I had a dawning moment of comprehension and said "ohhhhh, so the switch was plugged back into itself."  He looked at me funny and then smacked himself in the forehead.  Then proceeded to unplug his "rogue switch".



  • @Cthulhu reencoded said:

    @asuffield said:

    "Link segments" are segments that don't have any active devices on them - they're just connections between repeaters (hubs + similar crap). This network is misconfigured.

    <Sigh> You pulled that definition from your hat. This is what 802.3 says:

    "1.4.200 link segment: The point-to-point full-duplex medium connection between two and only two
    Medium Dependent Interfaces (MDIs)." All 10BASE-T segments are link segments.

    The part you quoted agrees with me. I don't know why you keep adding the "All 10BASE-T segments are link segments" part that you just made up. Nothing in the text you are quoting supports that (and in fact, it directly contradicts it).
     



  • "show cdp neighbor" says Cisco to me and most of their switches when configured right are capable of handling loopbacks( Spanning Tree Protocol IIRC) with grace by disabling one of the ports involved. In my case the switches/hubs were dumb Trendnets... The legit communication did not have even snowballs chance in hell.



  • He is saying that becasue 10Base-T segments *are* all link segments. The 5-4-3 rule applies to 10Base-2 (coax cable) networks. The last part (the '3' of 5-4-3) is the limit on 'populated' segments. These would be the segments with t-connectors on them attached to computers or other devices. 10Base-T uses a star arrangement, not a bus or daisy-chain, so it has no populated segments. With 10Base-T the 'rule' is 5 segments, 4 repeaters. Populated segments aren't possible. It's not quite that simple though, because the 5-4 'rule' is really only a guideline related to signal propagation, so a lower-quality hub or an overly-long cable could introduce more delay than the 'rule' expected, leading to packet loss and continuous collisions.



  • A mate of mine has a network plug on a keyring that crashes most networks when plugged in. It is simply a plug with the same wire connected to both the send and receive pins. Guaranteed to packet storm a stupid network, and it doesn't even need batteries. The network comes back up in seconds if it's removed, so it seems to be completely safe.

     



  • Shorting the pins on a random cable end you get your hands on has the same effect.



  • @Thief^ said:

    A mate of mine has a network plug on a keyring that crashes most networks when plugged in. It is simply a plug with the same wire connected to both the send and receive pins. Guaranteed to packet storm a stupid network, and it doesn't even need batteries. The network comes back up in seconds if it's removed, so it seems to be completely safe.

    As some sort of evil joke? 



  • @rdamiani said:

    He is saying that becasue 10Base-T segments are all link segments.

    No they aren't. The text he quoted from the specification is very clear on this.

     

    The 5-4-3 rule applies to 10Base-2 (coax cable) networks. The last part (the '3' of 5-4-3) is the limit on 'populated' segments. These would be the segments with t-connectors on them attached to computers or other devices. 10Base-T uses a star arrangement, not a bus or daisy-chain, so it has no populated segments. With 10Base-T the 'rule' is 5 segments, 4 repeaters. Populated segments aren't possible.

    That's true only on switched full-duplex networks, which this one isn't. A hubbed baseT network is a single collision domain (sometimes misnamed a 'bus' configuration by people who believe what they read in the Cisco manuals), does use the CSMA/CD protocol, and does suffer from collisions when CSMA/CD breaks down due to overextended timings. The maximum span length of hubbed baseT networks is three populated segments (the maximum number of unpopulated segments depends on the equipment in use, and poor quality equipment may have shorter populated spans - but no correct ethernet hub implementation can manage more than 3). This doesn't have anything to do with the old "5-4-3" nonsense, except that baseT was designed to have similar capabilities to base2.



  • @Thief^ said:

    A mate of mine has a network plug on a keyring that crashes most networks when plugged in. It is simply a plug with the same wire connected to both the send and receive pins. Guaranteed to packet storm a stupid network, and it doesn't even need batteries.

    It should just foul up CSMA/CD so that all the hosts think the network is busy and don't try sending any more packets. Not quite the same thing as a packet storm - the failure shouldn't pass through a switch (unless it's broken).



  • I stand corrected.


Log in to reply