Wired Network

The group's wired network is based on a mix of equipment, from DELL, Extreme Networks, HP and Netgear. The network has a multi-level star topology with a DELL PowerConnect 8024F at the centre, and a mix of switches at the ends of the spokes. Each of these spokes is either a 1Gbps or (mainly) 10Gbps fibre connection. The 10Gbps connections serve the group's Tier2 GRID site, as well as the downstairs (RG2) and upstairs (R12) hubs on the general network. In each of these two hubs, there is a further star to several switches providing mainly 100Mbps switched Ethernet ports, which are connected to wall sockets in offices and labs. For the main fileservers 10Gbps connections are provided. The DELL PowerConnect 8024F connects to the HEP PoP switch via a 10Gbps uplink and then to the West Cambridge CUDN router and hence onto the CUDN and ultimately the internet. A simplified picture of the local network can be viewed here.

Desktop PCs are normally maintained by the local administrators and users should not need to worry about arranging a network connection for these. If you have a private desktop or a laptop that you wish to connect to the wired network, you must consult with one of the local administrators. It is forbidden to do the following without express permission:

  • Disconnect an existing computer so that you can utilise its network connection.
  • Use the IP address of an existing computer rather than register yours.
  • Spoof another computer by using its Media Access Control (MAC) address on your computer
  • Connect a computer that you know to be insecure. In particular, you must not under any circumstances reconnect a computer that has been disconnected due to security problems unless it has been secured and you are told that you can put it back on the network.
  • Anything else that attempts to bypass the normal procedures.

Computers that are to be connected to the wired network first have to be registered in the university's DNS database and the network's DHCP server. Users will need to provide the computer's MAC address (we can help with this if you don't know how to find it out) and to tell us which wall socket they intend to use for the computer (this is to ensure that the socket is live - we don't at present restrict the use of wall sockets). Normally there will be a few minutes' delay before registration is complete - though it may occasionally take longer if the administrators are busy.

Before we permit users to connect a new computer to the network, we will wish to convince ourselves that it is secure, is not infested with worms or viruses and that the operating system is patched as up to date as possible. We do not have a formal procedure for this at present - though this may change in the future if we begin to experience significant problems (which we haven't so far).

Once the computer is registered, an IP address is allocated and the local administrators are happy with the security of the computer, users can connect to the designated socket. We recommend that you set up your computer to pick up its IP address and other networking details automatically from the DHCP server - this makes it easier for us if we need to change the details as we can do it centrally without users changing their computer's configuration and it ensures that all the details (subnet mask, gateway address, DNS server addresses etc.) are correct. The DHCP server is set up to provide static addresses (you will get the same IP address every time), so that you could set up your computer with the IP address etc. defined on it - however this should only be done when there is a very good reason to do so.

Steve Wotton and John Hill Last update 4 December 2014.