| dc.description.abstract | One year after progressing from a research project to become the technology driving the wireless network at UFF, SCIFI Magalhaes, 2013 has grown. SCIFI (an acronym which stands for Intelligent Controller for Wireless Networks in Portuguese) started as a software controller to allow the use of inexpensive hardware in large wireless deployments, costing a fraction of a similar installation using enterprise controllers and access points. Although the core technology (Balbi, 2012) remains the same, the lessons learned from running a growing wireless network composed currently of 320 access points (APs), with more than 50000 unique users led to changes in network architecture, to the deployment of multiple SSIDs to allow visitors to self-register, and to the creation of an automated system for installing new APs. This paper presents the new, segmented network architecture that creates two planes, a control plane that connects all APs and the controller in a single VLAN, and multiple data planes, that isolates data traffic from each campus. It also presents the automated system for installing new APs, that prevent errors that were plaguing the network as faulty communication between the installation teams and operations caused misconfigurations and even network failures. To illustrate this we discuss the post-mortem of a denial-of-service "attack" caused by a simple mistake while installing new APs. Throughout the paper, we show how the monitoring tools that have been incorporated into the SCIFI installation (nagios (Josephsen, 2007), mrtg (Oetiker, 1998and monitorix (Monitrix, 2014) play a key role into understanding what is happening in the increasingly complex infrastructure. | en_US |
