Explanatory Notes to "Service to Wall-Outlet" Policy Model

See Information Technology Policies

ITS must control both the quantity and the network configuration of devices downstream from a wall outlet for a number of reasons.

Policy: One end-user device per wall-outlet and no downstream network components is a natural consequence of the policy setting that ITS runs the network out to the wall-outlet, which by definition means that ITS runs the whole network right out to the end-user device access point.

Network integrity: ITS cannot guarantee network integrity to other users when any users are allowed to announce their own network addresses and routing information. This would be like a telephone network letting the user decide what their telephone number is. Some of the most damaging and difficult to diagnose outages which have affected the largest numbers of totally unrelated users, have been the result of a misconfigured user device incorrectly advertising that it is a (counterfeit) major server, or a misconfigured downstream device incorrectly acting as a router by advertising that it knows a (spurious) route to other parts of the network. This cannot happen if ITS:

• specifies and controls what network address/s and/or MAC address/s are recognized on a particular wall-outlet;
• prohibits downstream routers or other network switching components.

Accounting and billing: If no monitoring of traffic is implemented, we cannot correctly bill those responsible.

Responsibility: We cannot be responsible for delivering a service to any particular standard (reliability, availability, performance, quality) if part of the delivery is dependent on downstream devices over which we have no control. These devices may: (a) be unreliable or have unreliable power feed; (b) be overloaded; (c) may not confirm to specifications, communications standards, regulatory approvals (which as network operator we may be obliged to ensure); (d) be of unknown type or have unknown/undocumented configuration; (e) be in an inappropriate environment (air, security); (f) have unknown whereabouts or even unknown existence.

Network operation (helpdesk & fault diagnosis): ITS cannot efficiently run a helpdesk and fault response service if we don't know what is connected and/or malfunctioning between our network service termination point (ie. the wall outlet) and the end device from which the user is experiencing the problem.

Remote monitoring, diagnosis and repair: Because third party equipment won't be under network management, we won't be able to: (a) pro-actively monitor for emerging problems, fixing them before the user complains and (b) remotely diagnose and fix the problem. Responding to faults in non-ITS devices would inevitably lead to unnecessary physical visits (the most costly and slowest fault response method). A key objective of the project is to make extensive use of remote network management systems to improve user experiences. This objective of the project would be eroded if we allow downstream network devices.

Network specifications: ITS cannot guarantee to users that the new sharing limit on shared media ethernet is to be no more than 10 if users are allowed to add downstream hubs, which would break this limit. ITS must insist on a single device per wall-outlet limit for shared media ethernet ports.

Network loading: Port costs have been calculated on the basis of provisioning for the amount of traffic from a single end user device. If ITS allows downstream concentrators, higher loads will occur on user tails, which will result in higher network provisioning costs and higher charges.

Network performance: ITS is attempting to provide a high performance network infrastructure which will support both conventional and demanding (e.g. real-time) applications, by carefully limiting the amount of concentration, and hence limiting the amount of disruption which can be caused to one user by another user's traffic. This objective would be eroded if downstream sharing of what are intended to be single user ports is allowed.

Routers: The present routers provide a rudimentary yet important first attempt at regulating addresses, at least to the level of ensuring that the traffic is going to the "correct" subnet number (if not exactly the correct end device).

Professionalism: ITS has a duty to lead the University and to nurture appropriate, quality systems, and hence must actively discourage the growth of downstream Network devices.