Wed, 19 Oct 2005
Report nothing, expect nothing
We have ran out of DHCP addresses on a VLAN dedicated for student's laptops (be it wireless-connected or ethernet-connected). We have decided to split the wireless and wired part to separate VLANs (partly in order to allow the traffic shaping on the wireless part - the air is the bottleneck here, and we want to allow occasional users to work even though there are few bandwidth hogs among the students).
So I allocated a new block of 256 IP addresses, configured a new VLAN, edited the firewall rules, changed the authentication application so that it can work on two /24 IP blocks, etc. Yesterday evening I have reconfigured the public ethernet ports to the new VLAN. Today the students on the ethernet ports should be on a new VLAN, and the wireless access should remain on the original VLAN.
I wondered whether it worked as expected - it seemed that one of the switches in concern had unusually low traffic. I walked downstairs to the rooms where the public ethernet ports are, and asked the students whether their network connection was working correctly. In one room they replied that everything is OK, but the other room was full of students just sitting there with their laptops (probably connected over a slow WiFi link), and when I asked about their connections, they said that the it is not working. It remains beyond my imagination why they did not report the problem to us. Report nothing, expect nothing. I will try to fix the problem when I get some time.
Update - Wed, 19 Oct 2005: Allied-Telesyn switches are crap
I have power-cycled one of the switches between that computer room and our router, and it started to work. We have about seven switches from Allied-Telesyn, four of them have already been replaced because they were faulty. Especially their low-end switches are crap - no SSH, no Q-BRIDGE-MIB, no text configuration which could be saved over TFTP, etc. Even the high-end ones (such as the AT-9812T I've just power cycled) have their problems (only SSHv1 with 56-bit DES, no free firmware upgrades, etc).
That said, A-T switches of course have some nice features: AT-98xx reboots itself very fast (under five seconds) - I suspect they do most of the switching in hardware and keep the hardware running even during reboots. Their in-advance replacement warranty is also good.
However, I recommend HP switches for LANs. If you are building a LAN, do not buy Cisco or A-T. HP is simply better: text-based configs, lifetime warranty with in-advance replacement, real DB-9 serial connectors (null-modem cable included), firmware freely downloadable from their web site, OpenSSH, broad support for standards (incl. Q-BRIDGE-MIB, for example), automatic MDI/MDI-X detection, etc.