Over the summer ITS performed five major enhancements to CU-wireless.
1. Faster Authentication
Authentication means getting your device connected securely using MyCarletonOne credentials as quickly as possible. On a typical Carleton school day over 19,000 wireless laptops & phones roam the campus at any one time. While moving around the campus, these devices must pass network security and “authenticate” at each wireless access point encountered. This constant roaming of so many devices across the Carleton University campus generates 2.6 million authentication server requests per day, making CU-Wireless likely the most used service on campus. What makes the Carleton campus even more challenging, is that when classes change over, almost all user devices move at the same time and need to authenticate at the same time. This creates large spikes and even more load than non-campus environments. Providing fast authentication on campus requires a significant amount of server resources to process these time sensitive requests.
What upgrades did we do?
In Summer 2018, ITS did a complete overhaul and re-design of our wireless authentication systems. 6 new Authentication Servers (called Cisco ISE servers) were deployed on more powerful hardware. These replaced the 4 slower legacy servers (called ACS Servers). In addition, the new solution is now fully integrated behind load balancers which evenly splits the 2.6 million authentications per day across all 6 servers. This has led to a dramatic decrease in the authentication time for wireless users as they roam around campus. Prior to the upgrades, while classes switched over a new authentication could take up to 9 seconds. Following these upgrades, wireless authentication now takes between 0.008 and 2.4 seconds with the bottleneck now being the end user device capabilities.
Maximum Authentication Time
- Before Upgrades: 9 seconds
- After Upgrades: 2.4 seconds
2. Air Quality Improvements
Think of the wireless air quality as an invisible highway with multiple lanes (called channels), and the cars (called wireless radios) need to share all available lanes. The more free lanes you have, the faster traffic can flow. Also if you have more cars (wireless radios), you can carry more passengers (wireless devices). All of this translates into faster download speeds for our laptops, phones and tablets.
What upgrades did we do?
In simple terms, the best way to improve the wireless air quality for each wireless zone on campus is to offer more lanes. We can do this by deploying more access points containing 802.11ac capable radios on campus, which can choose from 25 Lanes (channels) rather than the 3 Lanes offered when using older WiFi protocols. In addition, having multiple 802.11ac radios in the same classroom splits the load over different lanes (channels) and improves Air Quality and download speeds. In 2018, ITS significantly increased the number of 802.11ac radios on campus from 2,000 to 2,900 (45% increase) by deploying new access points and upgrading older access points to new cutting edge models which have two 802.11ac capable radios built in rather than one. In 2016 Carleton University was one of the first Universities in Canada to take advantage of the Cisco 2802 model, effectively giving us “two for one” 802.11ac radios in each new access point. This cost effective approach allowed us to accelerate our 802.11ac radio density on campus.
3. Signal Strength
Having a wireless access point close enough to you so that your device maintains a strong signal is vital. Think of yelling across the room, and having to repeat yourself when you aren’t heard. This is not very efficient…and the same goes for wireless. If one person is too far away from an access point, communication is lost, repeated, and performance goes down for every person connected to the access point.
What upgrades did we do?
The main method to improve signal strength is to ensure that our laptops and phones are never too far away from a wireless access point. By adding more access points in each area, we decrease this distance. During Summer 2018, ITS deployed 700 new access points, significantly increasing the number of access points on campus from 1900 to 2600 (37% increase). Being closer and having stronger signal means less repeating, better HD video streaming, and faster download speeds.
4. Dedicated Routing Infrastructure
While the number of wired machines on campus have leveled off at around 14,000 devices, wireless continues to grow and is responsible for the majority of the internet usage on campus. Unlike your home wireless router which supports only a few wireless devices, the wireless network at Carleton University must support more than 19,000 wireless devices at the same time. This requires some heavy lifting when it comes to routing that traffic!
It’s important to take into account Carleton’s History on this one. Historically, as part of Carleton’s major Campus Network Upgrade (CNU) Project design, each building was paired with a “sister” building, and they were assigned two dedicated distribution routers to handle the traffic for the pair. As this plan was implemented before the explosive growth of wireless, CU-Wireless traffic relied on shared routers which were primarily used by Carleton’s DMZ systems and not specific for wireless.
What upgrades did we do?
In 2018, the routing infrastructure serving wireless has been completely redesigned. A new pair of Nexus VDC routers were deployed specifically for wireless. Given that wireless traffic now likely exceeds the wired traffic from all campus buildings combined, this was a necessary move to take load off of the DMZ routers and allow further growth of our wireless user base for years to come. In addition security has also been improved, since the previous routing design did not allow wireless traffic to be fully monitored for virus, malware, and copyright threats originating from the wireless network.
5. Powerful Controllers & Instant Redundancy
Home wireless networks usually involve one manually configured access point using one frequency/channel at time. In comparison, Carleton’s enterprise network involves over 2,600 access points which must all be managed, configured, and assigned channels from a central source called a wireless controller. Thanks to intelligent controllers, when an access point fails all surrounding access points increase power levels dynamically to avoid an outage to that particular zone. When outside interference from sources such as microwaves or cordless phones cause problems, controllers dynamically change the affected access points to a more clear channel. The campus wireless controllers also aggregate all campus wireless traffic centrally before it can be routed.
What upgrades did we do?
In 2018, Carleton’s legacy wireless controllers (WISM modules) were replaced with Cisco’s largest and most advanced controller on the market. The new more powerful 8540 external Cisco controllers increase the number of access points we can support on campus from 2,000 to 6,000 (200% increase) and give the University ample headroom for upcoming growth. In addition, the new controllers support a feature called Single Sign On (SSO), which provides instant failover of access points from the primary to backup unit in the case of a controller failure. In the past, controller failures on campus would lead to 5-15 minutes of downtime for a wireless user. This downtime has now been eliminated.
In Conclusion…So what changed with wireless in 2018?
Pretty much everything! All 5 key components of the campus wireless infrastructure were replaced, upgraded or redesigned from the ground up. These 5 key major improvements have already significantly reduced the number of wireless complaints, and provide room for future growth and demand by our students, staff & faculty. Due to extensive and careful planning, Carleton’s in-house staff (Chris Murray & Mike Milne) deployed all of these new systems concurrently, and migrated users in August 2018 with virtually no impact or visibility to the user community.