AcIS Takes Action:
Network Slowdowns and You
--Josh Mackler '04 and Vincent Rubino '04
When most SEAS students move in around the beginning of
September to await the coming fall semester, what is the first
thing that they probably do? Hook up their internet of course,
and start downloading everything they can at incredibly height
bandwidths. This fall, however, a lot of people were disappointed
to experience some slowdowns, sometimes so severe that simple
instant messaging was often an arduous task. What was going
on that could cripple such a powerful network as that of Columbia
University? After a brief session with AcIS, the Moment has
all the answers to this puzzling question, and also the strategies
that are being used to conquer the slowdown problem.
First of all, the problem has been divided into three categories,
old hardware, mail server problems, and file sharing. According
to Jeff Eldredge, Manager of Computing Support for AcIS, there
were a number of old routers and switches that needed to be
replaced with high performance systems that could handle the
amount of traffic that has been going over the CU network.
A new Cisco system has been recently installed, and the performance
gains have already been experienced.
The Klez virus has also been a major problem hampering the
performance of the network, and also compromising some personal
computers. The Klez virus is sent through email, and like
most other worm viruses, it replicates by taking control of
the infected computer to send copies of itself to numerous
other computers. While this problem might not be fatal to
a particular system, it effectively clogs the network servers
with meaningless file transfers. Currently, AcIS is filtering
out around 300,000 Klez emails every day. .A temporary solution
has been found that has shortened the lifespan of this virus,
and provided for better mail filtering. The Klez virus automatically
sends itself by targeting mail servers that start with "SMTP"
such as "smtp.columbia.edu." The solution has been to create
a new mail server, send.columbia.edu, through which all mail
will be sent. Another benefit of send.columbia.edu is in the
server��s enhanced security features known as Authenticated
SMTP. With this new server named "send.columbia.edu," outside
users can not send mail through Columbia servers without a
valid UNI. While there are still many problems with certain
service providers and mail programs such as Eudora, AcIS hopes
to have everyone moved over to send.columbia.edu some time
in the near future. While the plan was originally to shut
off smtp.columbia.edu all at once, it is being shut down slowly
to buy time for the small problems that have arisen with ISPS
and mail programs. Smtp.columbia.edu will be shut down in
the next week, but a new server, oldsmtp.columbia.edu will
allow users who have not migrated to the new system to be
able to send mail, while also cutting down on the Klez traffic.
The last major problem with network speed has been the sheer
amount of traffic going across network lines. Columbia has
a 155 megabit channel directly into the backbone of the internet
for incoming transmissions, as well as a matching 155 megabits
for outgoing. Each user could theoretically use 10 megabits
of this connection due to the nature of 10baseT networking,
and unfortunately, some users have, in fact, been coming close
to this limit. At that transfer rate, only 15 people could
be using the internet at full download speeds on a network
that supports thousands. In order to account for this lost
bandwidth, Jeremy Schiffer, the Security Administrator has
been implementing port shutdowns for those individuals who
use more than 2 megabits for 10 consecutive minutes. While
this speed is only 20% of what is capable of flowing through
the jack in the wall, it is still no modest number. 2 megabits
is approximately 250 kilobytes per second. Shutting off these
individuals, however, is very time consuming, and takes attention
away from other issues that must be solved in order to keep
the network secure. AcIS is therefore considering a 100 kilobyte
per second cap on all network transfers.
Network speeds have already been up over the past few months,
but AcIS thinks that the problems are only temporarily solved.
Newer hardware is still needed, as well as better antivirus
and mail software. Until the day when an across the board
cut is instituted, the network may probably never run in the
most efficient manor.
|