AcIS Takes Action:
Network Slowdowns and You

--Josh Mackler '04 and Vincent Rubino '04

When most SEAS students move in around the beginning of September to await the coming fall semester, what is the first thing that they probably do? Hook up their internet of course, and start downloading everything they can at incredibly height bandwidths. This fall, however, a lot of people were disappointed to experience some slowdowns, sometimes so severe that simple instant messaging was often an arduous task. What was going on that could cripple such a powerful network as that of Columbia University? After a brief session with AcIS, the Moment has all the answers to this puzzling question, and also the strategies that are being used to conquer the slowdown problem.

First of all, the problem has been divided into three categories, old hardware, mail server problems, and file sharing. According to Jeff Eldredge, Manager of Computing Support for AcIS, there were a number of old routers and switches that needed to be replaced with high performance systems that could handle the amount of traffic that has been going over the CU network. A new Cisco system has been recently installed, and the performance gains have already been experienced.

The Klez virus has also been a major problem hampering the performance of the network, and also compromising some personal computers. The Klez virus is sent through email, and like most other worm viruses, it replicates by taking control of the infected computer to send copies of itself to numerous other computers. While this problem might not be fatal to a particular system, it effectively clogs the network servers with meaningless file transfers. Currently, AcIS is filtering out around 300,000 Klez emails every day. .A temporary solution has been found that has shortened the lifespan of this virus, and provided for better mail filtering. The Klez virus automatically sends itself by targeting mail servers that start with "SMTP" such as "smtp.columbia.edu." The solution has been to create a new mail server, send.columbia.edu, through which all mail will be sent. Another benefit of send.columbia.edu is in the server¡¯s enhanced security features known as Authenticated SMTP. With this new server named "send.columbia.edu," outside users can not send mail through Columbia servers without a valid UNI. While there are still many problems with certain service providers and mail programs such as Eudora, AcIS hopes to have everyone moved over to send.columbia.edu some time in the near future. While the plan was originally to shut off smtp.columbia.edu all at once, it is being shut down slowly to buy time for the small problems that have arisen with ISPS and mail programs. Smtp.columbia.edu will be shut down in the next week, but a new server, oldsmtp.columbia.edu will allow users who have not migrated to the new system to be able to send mail, while also cutting down on the Klez traffic.

The last major problem with network speed has been the sheer amount of traffic going across network lines. Columbia has a 155 megabit channel directly into the backbone of the internet for incoming transmissions, as well as a matching 155 megabits for outgoing. Each user could theoretically use 10 megabits of this connection due to the nature of 10baseT networking, and unfortunately, some users have, in fact, been coming close to this limit. At that transfer rate, only 15 people could be using the internet at full download speeds on a network that supports thousands. In order to account for this lost bandwidth, Jeremy Schiffer, the Security Administrator has been implementing port shutdowns for those individuals who use more than 2 megabits for 10 consecutive minutes. While this speed is only 20% of what is capable of flowing through the jack in the wall, it is still no modest number. 2 megabits is approximately 250 kilobytes per second. Shutting off these individuals, however, is very time consuming, and takes attention away from other issues that must be solved in order to keep the network secure. AcIS is therefore considering a 100 kilobyte per second cap on all network transfers.

Network speeds have already been up over the past few months, but AcIS thinks that the problems are only temporarily solved. Newer hardware is still needed, as well as better antivirus and mail software. Until the day when an across the board cut is instituted, the network may probably never run in the most efficient manor.