Requirements/Network

From Wiki
Jump to: navigation, search

This page exists to document the requirements for a DebConf network.

Contents

[edit] Definitions

[edit] Parts of the event

The Camp
The informal "camp" that precedes The Conference held on FIXME through FIXME through.Expected attendees: ~100, with the earliest arriving 2 days (FIXME) before the start of the camp, to prepare The Camp and The Conference for the arrival of the other attendees.
The Conference
The formal conference held FIXME through FIXME. Expected attendees: ~250 (FIXME), with the latest attendees departing, on the day after the end of the conference.

[edit] Teams

The Front Desk Team
The set of conference organisers that provide attendee-facing camp/conference administration services.
The Infrastructure Team
The set of conference organisers responsible for arranging for the resources necessary to satisfy the network and computing requirements of The Conference.
The Video Team
A the set of conference organisers that operate The Video Infrastructure.

[edit] Venues

The Hack Labs
Rooms dedicated to collaborative project work. We are planning to use FIXME as hack labs. Some of these will be open 24/7.
The Videoed Talk Rooms
The (usually) 3 lecture theatres that the main (video recorded) conference events are held in. We are planning to use FIXME as the talk rooms.
The Front Desk
The registration desk and attendee assistance desk for the conference, run by The Front Desk Team.
The NOC
A room that The Infrastructure Team uses as a work area to set up equipment. We are planning to use FIXME.
The Video Team Room
The NOC equivalent for The Video Team. Can be co-located with The NOC, given sufficient space. Needs access to The Video Network.
The Server Room
A room that The Infrastructure Team has access to (ideally 24/7), hosting conference server infrastructure. This can be a traditional server room or simply a room corner of The NOC / The Video Team Room, given sufficient network connectivity. Equipment can also be split across physical rooms.

[edit] Infrastructure

The Internet
The outside Internet. Attendees need no access to the venue's Intranet.
The DHCP & DNS Server
A machine in The Server Room that provides DHCP and DNS service for the conference's networks.
The Local Mirror Server
A machine in The Server Room that provides a local copy of the full Debian archive, should we elect to deploy one. The next closest full mirror is FIXME, if we don't deploy a local mirror, this will be getting a lot of traffic from our attendees.
The Local Video Storage Server
A machine in The Server Room that provides sufficient storage space to store the entire conference's recorded HD video, 10TiB. This HD video is transferred to the The Local Video Storage Server from The Videography Equipment in The Videoed Talk Rooms when talks aren't happening.
The Video Distribution Network
A network of video relays, hosted around the world (provided by The Video Team). Remote attendees watch live streams of the conference through this distribution network. The Video Distribution Network receives a feed from The Local Video Streaming Master Server.
The Video Streaming Master Server
A machine in The Server Room that receives live video streams from The Videography Equipment in The Videoed Talk Rooms, transcodes to several formats and relays to The Local Video Streaming Slave Server for local attendees and to The Video Distribution Network for remote attendees.
The Local Video Streaming Slave Server
A machine in The Server Server Room that provides local attendees with live video streams of the presentations underway in The Videoed Talk Rooms. A mirror of The Video Streaming Master Server's feeds.
The Local Video Transcoding Server
One or more machines in The Server Room that transcodes recorded HD video for publication to The Public Video Archive.
The Public Video Archive
The (off-campus) permanent archive of all of The Conference's videos.
The WiFi Network
The WiFi network (SSID), for attendees of The Camp and The Conference. Covering The Videoed Talk Rooms, The Hacklabs, BoF Rooms, meeting rooms, attendee accommodation, dining areas, The Front Desk, and public spaces used by attendees. (FIXME locations).
The Attendee Wired Network
The VLAN / Network, for attendees of The Camp and The Conference, in hacklabs.
The Video Network
The dedicated VLAN / Network, for The Videography Equipment to communicate with The Local Video Storage Server and The Local Video Streaming Master Server.
The Video Infrastructure
The set of equipment consisting of The Local Video Storage Server, The Video Distribution Network, The Local Video Streaming Master Server, The Local Video Streaming Slave Server The Local Video Transcoding Servers and The Videography Equipment.
The Videography Equipment
The equipment in The Videoed Talk Rooms that will be used to record the presentations in HD video. Usually split into two islands in the room.

[edit] Network Requirements

[edit] Attendees

[edit] IP Address Allocation and Firewall Configuration

Attendees do not require public IP addresses. Inbound connections from the Internet to Attendees may be filtered, per venue network policies. Outbound connections to the Internet from Attedees should not be filtered. Ideally, attendees will be offered both IPv4 and IPv6 connectivity.

A single VLAN can be used for both The WiFi Network and The Attendee Wired Network.

The DHCP & DNS Server can be used to SNAT all attendee network traffic, or this could be done elsewhere.

A /24 block is not big enough for the conference. A /22 should be sufficent.

[edit] Wireless

Desired: Authenticated (PSK) access to The WiFi Network permitting attendees machines to reach both the The Internet, The Local Video Stream Server, and The Local Mirror Server. The SSID should be accessible from FIXME (The first organiser arrivals to The Camp) until FIXME (the departure day from The Conference).

Acceptable: Individual generic access tokens for access to The WiFi Network with said tokens provided to the conference organisers by FIXME (well before the start of The Camp).

Observations regarding The WiFi Network:

  • This is a high-tech community. We anticipate that attendees will have between two and three devices, each. We recommend having >= 4 dual-band APs in each Videoed Talk Room and Hacklab.

[edit] Wired

To foster collaboration on specific projects, rooms have been assigned to serve as The Hack Labs.

Desired: Unauthenticated access to The Attendee Wired Network permitting attendees machines to connect with each other (no internal filtering), to connect to The Local Video Streaming Slave Server, and to the Internet (outbound only, if necessary).

The Infrastructure Team can provide local switches (FIXME?) in each room but require two wired ports, with BPDU guard turned off. It is anticipated that there will be many attendees wishing to work from The Hack Labs so sufficient IP addresses must be made available.

[edit] Infrastructure

[edit] IP Address Allocation and Firewall Configuration

Ideally, the servers will be offered both IPv4 and IPv6 connectivity.

The following machines should have Publicly accessible IP addreses:

  • The Local Mirror Server
  • The Local Video Storage Server
  • The Local Video Streaming Master Server

All of the conference's servers hosted in The Server Room should have unfirewalled access from The WiFi Network and The Attendee Wired Network.

The following TCP ports should be accessible from The Internet:

  • The Local Video Storage Server port 22 (ssh)
  • The Local Video Streaming Master Server port 22 (ssh)
  • The Local Video Storage Server port 80 (http) and 443 (https)
  • The Local Video Streaming Master Server port 80 (http) and 443 (https)
  • The Local Mirror Server port 80 (http)

Some additional firewall changes may need to be made during the event.

[edit] The Video Network

Presentations delivered in The Videoed Talk Rooms will be videographed in HD and transcoded to a number of streaming formats to provide local and non-local viewers with live video streams.

High throughput / low latency / QoS-enabled wired connections are required between The Videography Equipment (located in The Videoed Talk Rooms) and The Local Video Storage Server, The Local Video Streaming Master Server, The Local Video Streaming Slave Server, and The Local Video Transcoding Servers (located in The Server Room).

If these connections are between buildings, there must be sufficient bandwidth (1 Gbps for each of The Videoed Talk Rooms) between the talk room and The Server Room for the video streams and copying recordings.

Within The Videoed Talk Rooms, there must be gigabit connectivity between the front and back of the room (Videography Equipment islands). This can be provided by running a cable within the room, and having a gigabit switch connected to the room's uplink port (which would then need no BDPU).

Ideally The Local Video Storage Server would have a 10Gbps connection to the core network.

[edit] Desktop Computers

[edit] Video mixing machines

In each of The Videoed Talk Rooms, The Video Team needs a modern desktop machine (e.g. Intel i5 from > 2015, 1TiB HDD), monitor, keyboard, mouse etc. It should have 2 free PCI-E sockets for video capture cards. It should have a Gigabit network port. The Video Team will wipe and install Debian on these machines.

[edit] Front Desk and Review machines

We usually find it useful to have spare machines for The Front Desk, and miscellaneous tasks. They have no particular requirements.

[edit] Uplink capacity

Sufficient: 1Gbps.

Ideal: more.

[edit] Example Ideal setup

What has worked well for us in the past is to have 3 VLANs: 1. Public IPs for servers something like a /28. 1. Attendee LAN (WiFi and wired). /16 1. Video LAN. /24

The DHCP & DNS server can sit on all 3 networks and do this. Either the venue can provide a gateway that does routing between networks (and NAT for Attendee and video). Or given a 10Gbps link to The DHCP & DNS server, we can handle this.

[edit] Optional Requirements

The DHCP & DNS Server
We have successfully used DHCP and DNS service provided by the venue, in the past, for attendee wired and wireless internet. The Video Network really does need its own DHCP and DNS.
The Local Mirror Server
Given sufficient connectivity (or another on-campus mirror), we don't need to host our own mirror.
The Local Video Transcoding Server
Given sufficient CPU capacity on the storage server, transcoding servers may not be needed. But they are usually desirable.
The WiFi Network
Given a suitable guest-friendly network, we don't need our own SSID. However, this network should not have any ports firewalled, and ideally not require any registration.
The Attendee Wired Network
Similarly, a dedicated wired network may not be necessary, given the right policies on an existing wired network.
Personal tools
DebConf19