From: Greg Liddle (gregory.w.liddle@wheaton.edu)
Date: Wed Oct 04 2000 - 09:09:12 CDT
I figured that it was time to share the wealth, so I'm going to share with
the list the basics of how we have implemented NetReg here at Wheaton.
First, many thanks to MR. NETREG (Peter Valian), for the initial
contribution and some good ideas at the ResNet conference. A nice Wheaton
shirt will be on its way to you shortly, especially now that we have our new
mascot...
First of all, some background on some of the policies which needed to be
accommodated here at Wheaton. The school requires that:
- students attend a Residence Life orientation session (once only over 4
yrs) prior to being able to register
- students sign our acceptable use policy (each year) prior to registering
- students be given an assigned IP address, for tracking purposes at our
proxy
- students be charged on a prorated basis for the portion of the semester
that is used
With these in mind, the version of NetReg directly from SW was inadequate,
since a POP/IMAP server authentication didn't satisfy our need to verify
requirements being met.
We implemented a mysql database which is fed through our (MS Access-based)
ResNet management database, which keeps all the student information
necessary to determine if a student has met the criteria, is qualified to
register, and what address should be given to them.
The perl script (register.cgi) was then HEAVILY modified to incorporate this
value checking, and multiple web pages were added to inform students of the
reason why they were not able to register, if unsuccessful.
We modified the way the html was output to the screen so that the script
would read a file and output it, rather than having all the html embedded in
the code. This simplifies updating the information contained on the pages,
including the schedule for ResLife orientation sessions, etc.
This script verifies that the student is qualified to register, and also
checks that the student hasn't been banned from resnet as a disciplinary
measure and hasn't subscribed, then cancelled, then resubscribed in the same
semester (billing nightmare...).
Upon successful registration, the script enters the DHCP info, using the
address assignment from the database, and enters the activation date,
OS-type, and MAC address for the user into the database, which is regularly
synchronized with our management database. Due to the use of databases, we
haven't even used any of the admin.cgi functionality yet.
On the technical structure side, since we are using only one subnet for all
of ResNet (we have a fully switched environment). Our dhcpd.conf file sets
parameters for a pool of 250 non-routable, temporary addresses, a subnet of
assigned addresses (NAT'ed class B for resnet), and our equipment subnet
(class C).
ISSUES we faced:
1 - since we required certain criteria to be met prior to allowing a
registration, our initial pool of 45 temporary addresses was completely
insufficient, and many users couldn't get an IP address. This was because a
user would attempt to register, be told to sign their AUP, but leave their
computer on, thereby occupying one of the temp IP's. Even 250 addresses
were all used at one point, but we anticipate this to only be an issue for
the fall rush period when significant numbers of people haven't met the
criteria.
2 - The method of finding the registering user's information from the
dhcpd.leases file has some permutations that caused us some problems. We
attempted to streamline the function so it would search until it found the
correct IP, then pull that MAC address and exit, rather than hashing the
whole file, but found the first record was not usually the correct record,
since the flushing doesn't occur very regularly. So, we still read the
whole file and take the last lease entry that matches.
3 - We ended up locating the NetReg box in the temporary address subnet. By
doing so, we were able to eliminate any use of a router declaration for
these computers in the conf file.
- - - - - - - -
So far this year, we have registered 1115 students, by far the majority of
which were during the first week. What a difference from last year!!
Sorry for the very long email. I'm happy to share more details with someone
else trying to do the same thing. Email me off-list for it. Thanks again
to Southwestern and Peter Valian for getting us going...
--- Greg Liddle ResNet Manager Wheaton College gregory.w.liddle@wheaton.edu********************************************************************** To unsubscribe from this list, send an e-mail message to majordomo@southwestern.edu containing a single line with the words: unsubscribe netreg Send requests for assistance to: owner-netreg@southwestern.edu **********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:34 CDT