Linux as a network solution - During my Linux classes at CMCC, I'm always amazed at the amount of effort that I have to make in order to pursuade students, new to Linux, that it is another powerful operating system. Most of the people new to Linux aren't new to computing - they usually have a few years of Windows behind them. I've found out that's not always a good thing. Now when I talk to new people, either students, or people in general, I'm less likely to want to convince them or pursuade them that they should make the leap over to Linux. That's too much work, I'd rather wait until they have done some research themselves and have decided that Linux may be the only way that the job they need done can only be done with Linux. Minot Consolidate School was such a job. All of the pieces that are necessary for Linux to be the operating system of choice were at the Minot Consolidated School.

Back to Top

Minot Consolidated School - Minot, Maine

Project - The Minot Consolidated School has been surviving for the past few years, like many other small school systems in Maine, with limited or inadequate internet and email access, no internal school servers, and plenty of extra unconnected Cat. 5 ethernet cable running "where-evaa" above the ceiling tiles throughout the school.

Goals: Improve existing network to include security, reliability, durability, and consistent functionality, all with as little or no cost as possible and with as little need for change for the existing user as possible ie.. If a teacher feels comfortable with the Windows 98 operating system on their desktop then give that person the option to keep that and work with that.

Overall goal: To create (as close as possible) a healthy, secure, minimal maintance, easy to troubleshoot network with all in-house existing hardware at little or no cost.

But first - "Hunt down wires and make sure ends have labels."

Opportunity #1

How do you take an existing network (really a large bunch of single wires) that should support about 50 desktop pc's and 80 laptops plus about 5 printers and make it operate effectively.

Baseline - Initially only about 6 pc desktop users could connect to the internet with reasonable consistency and the laptops - it depends.

Decision - First, I felt we needed to find out what wires were being used and where they were going. So, along with Mark (Director of Maintenance) , Kevin his assistant, Rick Roy, and myself, we started the process of finding end to end locations of wires. (This started over Christmas break - Dave Bressler was busy working with pc desktop issues.)

When my new semester (Jan. 14th) for Advanced Linux started I was able to recruit more people to help. (Tom Pelletier, Luke Hague, and Bill Hickey - Devin Giroux came later to help with the desktop computer issues.)

Conclusion - Out of maybe 80 or more wires that had been run above the ceiling tiles, we narrowed the need down to less than 20. That means that most of the wires that had already been run were not needed. The old headset was, if something was wrong or a new hookup needed to take place then run a new wire not use an existing one.

Opportunity #2

The computer teacher had been going to auctions and buying extra equipment ie.. PBX system, thin client systems etc.. which he intended to use for some improvements to the school resources. Unfortunately, the PBX equipment, after a bid from an outside contractor, would cost an additional $4,000 in order to use. The thin client systems were not set up to work with Linux, which was the intended use, so until a solution could be found, they were not useful.

Also, the school had about 20 older Dell computers donated to them, but most were stacked in the computer room not being used.

Baseline - Money had already been spent and none of the added equipment was in use.

Decision - Initially, I looked at the PBX equipment, I researched the cost and the implementation strategy on-line. This equipment would be over-kill for this small school. My recommendation was to find another less-costly solution that would better suit their needs and see if some of the money spent (about $1,500) could be recovered - maybe on ebay (Mark the custodian's suggestion). Final outcome still pending.

Next, I started working on the Terminal Server Project, which had been the intended use for the Thin Clients (approx. $800). I immediately decided not to waste a lot of time trying to make the thin client boxes work. I went to the stack of Dell's and started selecting the best units for the Terminal Server Project, along with a Packard Bell system (temporary server) to use as the server and had the project completed with (4) terminals accessible in the library. (Cost $0)

Finally, I talked to Dave Bressler about having a goal of one computer per classroom with at least 128 meg of RAM in each system and the ability to connect to the internet. Anything more than that would have to come later, if we had the time - and no promises beyond that.

Conclusion - PBX system for school - still pending a decision. Linux Terminal Server Project - completed, with the option of expansion throughout the school if necessary. Currently, all classrooms that want/need the desktop pc's are up and connected to the internet - completed.

Opportunity #3

There are no servers in the school.

Baseline - Nothing needed to be changed or upgraded, nothing needed to be copied, nothing existed. The school had been relying on MSLN (Maine School and Library Network) to supply them with not only DHCP but everything else as well. That meant that if any PC needed to connect to the internet then it had to go to MSLN (Orono, Maine) to get all of the necessary information, ie.. network addresses etc.. This not only risked the possibility of not having a good connection but also of having too much contention and delay on the network. Example: If I needed to get a local address (in Lewiston) but had to go to Augusta every time I needed it, then I risk the possiblity of my car breaking down along the way or any number of things happening before/or if I get back to Lewiston. What I really need is the ability to get a local address, locally.

Decision - Build the necessary servers (locally) and have them act as the decision makers (locally).

Conclusion - I selected one of the Dell's (600 Mhz) and loaded it with RedHat Linux and made some changes to assist in network support. Loaded it to act as the network Firewall/ local DHCP/proxy server (for the internal NAT network) and have the option of making it work also as a local mail server - if necessary. Because most of the systems at the user level are loaded with some flavor of Windows, I have the ability to use SAMBA for file sharing as well. Also, because of the Apple laptops, I've included Appletalk - which may or may not be used. Mission accomplished - all desktops and all laptops in the school can access the internet and they all connect with greatly improved speed.

Linux instructor - Don Cunningham

Back to Top

This is the current Linux Network. It is a basic network that fulfills a really basic network function - it connects to the internet and allows network browsing and email retrieval. It still needs a lot of work to be considered a full functioning network such as, a backup system, a print server, a logging server, network monitoring software, etc..

Back to Top

Phase 1

1. Assess needs and suggest necessary work to improve existing network in order to consistently connect to the internet and read email on at least one computer per classroom that wanted/needed that connection.

2. Schedule dates, times, and manpower to facilitate work in phases of completion.

3. Divide responsibilities up by need, desire, and ability.

4. Complete necessary wiring/re-wiring of the network and re-work existing PC's to insure at least one computer per classroom with at least 128 Meg. of ram and can successfully connect to the internet.

5. Install wiring rack and punch down necessary wires and illiminate unnecessary or extra cables.

6. Complete network server(s) (DHCP,NAT,Firewall, etc...), print server, and possible DNS, Web, and File server. Also install and test UPS's etc.., write preliminary network policies ie.. security, backup, maintainance etc...

7. Complete work on the Library LTSP (Linux Terminal Server Project)

8. Test complete network by the end of the first school break in Feb.

Back to Top

Phase 2

1. Install print servers and determine adequate locations throughout the school.

2. Make sure that the teachers in the classrooms are satisfied (as much as possible) with their current computers, operating systems, and email solutions.

3. Start the process of formally documenting all necessary paperwork ie.. Policies, Procedures, Hardware Sheets, etc...

4. Load and use available network monitoring software.

5. Test policies and procedures ie.. backup policy, security policy, etc..

6. Address other functional requirements within the school ie.. need for scanners, library software, more LTSP labs, possible in-house webmail server for local school mail, local content management site for information sharing between teachers and/or administrators.

Back to Top

What's next ?

I don't know! What should be next is to finish the phase 2 process, but a number of things are up in the air: support, our continued need, and just a general understanding and appreciation of the work that has already been done. I would like to think that what has already happened will create an awareness that this approach to training is not only a benefit to the students but it is a solution to local schools or small businesses that really need this type of help - and I'm not suggesting that this should be a free solution (meaning instructors free time and work done totally for free by the students) but this should be a solution that is worth investigation by the State or whatever organization is tasked to help.

There are things that I personally would like to have the opportunity to assist in, such as a better and cheaper way of administering support for installed networks, better use of available equipment, a cost effective strategy to allow students to "earn while they learn", and some master plan that uses the most cost effective tools in building secure, stable, and reliable networks that need very little support. I think I've been able to demonstrate that Linux should be the operating system of choice for this type of need. By the way, I have no stock in Linux - I just believe in using the right tool for the right job. As for the future - We'll see.

Don Cunningham - Linux instructor

Back to Top

Backup system - In order to insure that this network will be easy to reconfigure if some catastraphy were to happen, like a loss of power for the building, we need to establish an adequate backup policy. Typically when power is lost from a computer it will simply need to be re-powered and hopefully nothing will have damaged the important system files during that process of a quick loss of power. Unfortunately, most of the time it is very important to have a "clean power down" of the computer to insure that important system files are safely maintained on the hard drive. When power is abruptly taken away from the computer it is considered a "non-clean power down" of the computer and it's more likely that during that process important files will be damaged.

For this network we want to put a backup policy in place that will reasonably garenutee a "clean power down" of the network computers and a timely backup of data files to a backup media. Currently, the network computers are not adequately powered with a battery backup UPS and there are no data files that need to be backed up from a file server, but as the network expands and new possibilities, such as network file sharing, are recognized then a proper "Network Backup strategy" should be in place. For this to happen we need to be aware of the following:

1. An adequate Back-up Policy document needs to agreed upon and put in place to establish an adequate written procedure to follow.

2. There are adequate UPS systems already at this site but two batteries need to be purchased and installed in those UPS's.

3. If it is projected that it would be beneficial to have a network file server available to network users for the purpose of sharing project information etc.. then it would be necessary to purchase a couple of larger hard drives and a little more RAM for the existing Dell server as well as some type of backup media, such as a tape drive. There are lots of choices for a proper backup strategy but really everything can be done in stages and at a very responsible cost.

Back to network diagram

Easy to troubleshoot - With this network design it should be very easy to assess where a major network problem exists. Consider the following steps/questions:

Question: Are the laptops in the middle school connecting to the internet?

Answer: No, they are not able to connect but the laptops and desktop PC's in the rest of the school are.

Troubleshooting answer: If the laptops in the middle school can't connect to the internet, but the laptops and desktop PC's in the rest of the school can then the problem is down at the middle school wiring closet. It's either a switch gone bad or a CAT 5 cable connector problem for the laptop "up-link cable" .

Question: Are the desktop PC's in the middle school connecting to the internet?

Answer: No, they are not able to connect to the internet but the laptops and the rest of the PC's in the school are.

Troubleshooting answer: If the desktop PC's in the middle school can't connect to the internet, but the desktop PC's and laptops in the rest of the school can then the problem is down at the middle school wiring closet. It's either a switch gone bad or a CAT 5 cable connector problem for the PC "up-link cable".

Back to work

What are the benefits of using Linux as the network solution?

This is always the first question asked when Linux is even considered for a possible choice. Naturally, I'm aware of the concerns about support and training but the bottom line ($) is always in favor of Linux. So why does it seem to be always such a last (have to ) decision for most IT people? Some might suggest that Linux just doesn't have the hardware choices, as say, Cisco for a network router, but now that just is a matter of making sure that you buy current industry PC hardware not try to build up an old PC. The same network benefits can be recognized for a third of the cost, but that does mean you have to build up the Linux router and I guess, for some, that means a lot of extra work.

At Minot I believe I have proven that even though the primary goal of building a complete network solution from old existing equipment for less than $180 was accomplished, it has also proven that a reliable, secure, and maintainance free solution was also gained. This network, with newer hardware, will support any growth that Minot has for years to come.

What has Minot gained by this Linux network?

1. Security - Most of the network is behind a very secure network firewall. For the future I would suggest putting in a commercial version of my Linux firewall solution, but the one that's currently in place is very secure. Minot had NO firewall server prior to this network and a lot of time and money was spent trying to solve problems that never should have been problems. Behind the Linux firewall,even Windows PC's are virus free, which means no more time is spent ridding the desktop PCs of viruses.

2. Reliability - In the computer industry there are varied stories of how reliable Linux is as an operating system. It is not uncommon to hear that a Linux server has been running, maintainance free, for months and in some cases years. This of course, also depends on the hardware. With new hardware this Minot Linux network would be basically maintainance free. Unfortunately, with the current hardware, there are questions about how long the servers will last and without proper backup equipment, on-going problems will have to be worked as they arise.

3. Maintainance free - Currently this is not exactly true. We have had problems with the network hardware, but most is due to a lack of proper backup hardware (battries for the UPSs). The initial goal of intalling a usable, stable, secure network has been met, but in order to provide a network that can enhance the teaching environment I would suggest that more work is done to provide a fully functional "21st. century" solution.

Back to the top