From AptivateOER
NOTE: If you want to edit the timetable or raise an issue, but you're not one of the organisers:
This page lists the proposed activities for the training. After the training is finished, the timetable changes to a record of what actually happened.
[edit] 1 Every Day
Four sessions per day:
| Start
| Length
| Activity
|
| 08.30
| 2 hours
| Session 1
|
| 10.30
| 15 mins
| Morning break
|
| 10.45
| 2 hours
| Session 2
|
| 12.45
| 90 mins
| Lunch
|
| 14.15
| 2 hours
| Session 3
|
| 16.15
| 15 mins
| Afternoon break
|
| 16.30
| 2 hours
| Session 4
|
| 18.30
| 2 hours
| Evening Meal
|
| 20.30
| 2 hours
| Lab open for evening classes/extra practice
|
[edit] 2 Monday 8th
[edit] 3 Tuesday 9th 2009
[edit] 4 Wednesday 10th
[edit] 5 Thursday 11th
[edit] 6 Friday 12th
| Prioritisation of Topics from Expectations Sheet
| Card
|
|
| Saturday Planning
| Card
|
|
| Quiz
| Card
|
|
| Documentation of Thursday (35 mins)
| Card
|
|
| Introduction to Bandwidth Monitoring (60 mins)
| Card
| Documentation
|
| Packet Sniffing
| Card
|
|
| Introduction to Bandwidth Management
|
| Documentation
|
[edit] 7 Saturday 13th
| What makes good documentation?
|
| Documentation
|
| What do we want to do with the BMO documentation?
|
| Documentation
|
| How do we get the BMO documentation in the right state?
|
| Documentation
|
| More bandwidth management
|
|
|
| What to do with the BMO box (UON example)
|
| Documentation
|
[edit] 8 Sunday 14th
No training today.
[edit] 9 Monday 15th
[edit] 10 Tuesday 16th
[edit] 11 Wednesday 17th
| Further Security with snort
|
|
|
| Topic
|
|
|
| Topic
|
|
|
| Topic
|
|
|
[edit] 12 Thursday 18th
| Measuring Bandwidth From the ISP
|
|
|
[edit] 13 Friday 19th
| Practical Example:Connecting Multiple Subnets to the Same Proxy
|
|
|
| Using Munin and Nagios
|
|
|
| Windows domain using Samba
|
|
|
| Remote Logging
| Card
| Documentation
|
[edit] 14 Saturday 20th
[edit] 15 Sunday 21st
No training today.
[edit] 16 Monday 22nd
[edit] 17 Deferred Topics
- Map diagnostics practice: mark a faulty point on your network map, describe the fault, and mark a reference point, and pass the map to someone else, who will describe what symptoms are visible at that point (work in pairs to solve two map problems)
- Design of a large network? (time permitting)
- Firewalls: how would I block this application locally? including bittorrent and skype (theory and practical exercise)
- How would I block it on a network gateway?
- Diagnosing packet loss (brainstorm, practical exercise with freesbie about packet loss)
- Recreate the history of the Internet using string and plastic cups (game, drama)
- Using experiments to test whether a hypothesis is true or false (brainstorm)
- Practical: examine another problem, create hypotheses, design experiments to test them
- Tools for testing end-to-end connectivity: ping, browser, telnet, host, dig, nmap (brainstorm, practical exercise)
- Controlled Experiments: what are they useful for, how to do one (brainstorm)
- Simulate a poor connection (using freesbie), test the effects on skype, web browsing, downloads. What's the minimum that works? (practical)
- How can one person damage the network usability for everyone, e.g. make skype impossible? (brainstorm, practical)
- How can we do X without destroying the network (e.g. download movies, watch video, whatever) (brainstorm, practical)
- Interventions: changes to policy/network/behaviour: what are they, how do they work, how to use them? (brainstorm)
- Impact Ranking as a tool to choose interventions
- Scientific intervention process: baseline measurement, plan, controlled test, execute, measurement of results, evaluation, rollback if necessary (brainstorm, practical)
- Using picture sequences to help plan a large and complex intervention (practical)
- Problem: overused Internet connection.
- How would you know it was overused? (what are the symptoms?)
- How would you monitor it? (mrtg, cacti, router graphs, smokeping, munin)
- What could cause it?
- What responses might the users have, and which ones would make it worse? (e.g. bittorrent, download managers)
- How can you respond to it quickly? (nagios)
- How would you track down the cause or causes? (switch port LEDs, wireshark, network partitioning and binary search, netflow, bridging, pmgraph?)
- How can you influence user behaviour? (discussion, punishment, policy, humiliation?) (role play)
- Policy making exercise: split class in two, one half make secret rules that the other half must follow or be punished
- Negotiating policy (role play)
- Decide our own policy (consensus)
- How to give feedback to users (role play) - league tables? transparency? tools? (DU meter?)
- How to design a large network? (addressing, subnets, routing, network address translation, default gateways, other gateways, DHCP servers, broadcast domains, ARP, port security, network access control)
- Using traceroute to locate faults on the network or the internet
- Traceroute alternatives (MTR, tracepath)
- Good practice for DNS implementation (forward and reverse) (brainstorm)
- Create our own DNS zones
- Problem: not getting as much bandwidth as expected (brainstorm)
- How to find out when it's happening (using firefox, iperf, speedtest.net as bandwidth testing tools)
- What to do about it
- How to gather evidence
- Simulate a poor connection (using freesbie), working in pairs, one sets the parameters, the other experiments to find out what they are. (practical)
- Problem: need to block certain websites (why is this difficult? why not use a firewall?)
- Proxy servers (what are they, what are they good for, how do we use them, which ones can we get)
- Install Squid and configure to block certain sites (practical)
- Adding SquidGuard to Squid
- Blocking sites at different times of day
- Using delay pools to improve bandwidth fairness
- Using Squid for caching, and measuring effectiveness
- Using Calamaris to analyse Squid usage
- Install and configure a caching DNS server
- Measuring effectiveness of a Squid cache
- Transparent proxies, advantages and disadvantages
- Squid versus SOCKS
- Problem: investigating and understanding how bandwidth is being used
- What are flows?
- What are flow aggregates?
- Monitoring a network for flow data (transparent bridging, routing, switch monitoring, netflow, ntop, darkstat)
- Recording flow data for later analysis (nfsen, argus, pmacct)
- Associating IP addresses to users (802.1x, Squid, Active Directory, RADIUS)
- Using the MySQL database interface
- Installing and using pmGraph
- Tuning the pmacct MySQL database for size and performance
- Monitoring the monitoring system (munin, nagios)
- Problem: Windows Update takes too much bandwidth (Squid hacks, WSUS)
- Rebuild the BMO boxes
- Rerun selected exercises
- Problem: need to support UDP applications (e.g. VoIP) or improve quality
- Factors that affect quality of service in UDP applications (latency, packet loss, jitter)
- Measuring quality of UDP service (ping, smokeping, hping)
- Quality of service implications of the Internet connection
- Traffic classes
- Traffic shaping
- Traffic prioritisation
- Deep classification (layer 7 inspection)
- Bandwidth reservation
- Red team tries to hack blue team's network
- The bandwidth management game: Red team downloading music and PDFs, Blue team managing the network, Red scores 1 point per MB of either, Blue scores 2 points per MB of PDFs
- Small teams prepare a challenge on their local network, and then rotate and try to solve the challenge on the network they move to.
- Plan the implementation of BMO on our own networks (maybe work in small groups, maybe based on the Action matrix)
- Discuss what BMO goals we can commit to (brainstorm, consensus)
- Agree what steps are required to complete the course and receive the certificate (consensus)
- Evaluate the training part of the course
- Agree how the implementation part will be evaluated
