===== Windnet Sitemap ===== This page describes the layout of the Windnet campus network which provides all 106 apartments with access a shared Internet service on an opt-in basis. Windnet has been operational since 2004. As of June 2020, more than 100 apartments at The Windmill have had the service installed at one time or another; there are very few apartments remaining that have not. There are approx 35 active subscriptions, with the remaining apartments using mobile broadband, or one of the main service providers. ==== Overview ==== Each of the 106 apartments at The Windmill has a CAT3 telecoms service cable running from the services box in the apartment hallway to the main building utility box on the ground floor. For apartments 71-72, this cable has two twisted pairs (blue and orange), while apartments 73-106 have three twisted pairs (blue, orange and green). Windnet uses two twisted pairs to deliver 10BASE-T Ethernet to apartments availing of the service. Other apartments are not affected. Windnet developed a small splitter module which fits inside a 1-gang electrical wallbox that can combine telecom voice service with one of the pairs on the main telecoms panel downstairs, and then separate the voice from the Ethernet signal at the apartment end. These custom modules are cost-effective (approx €5 each) and were the original basis for deploying Windnet as a low-cost Internet scheme. However, since the service was initially introduced, most residents have moved to mobile as their preferred voice communications method, retaining landline service only when needed to support DSL broadband. Consequently, we have been phasing out adapters on a case-by-case basis, when trouble-shooting connection issues with new residents. Apartments 73-106 have two spare pairs available (orange & green) and so do not use the splitter modules; they leave the blue pair alone for voice service. In principle, such apartments could have both Windnet and a traditional DSL service installed, though in practise nobody appears to be doing this. In each building hallway, the individual apartment connections are linked to an Ethernet managed switch. For economy, the original Windnet plan used one switch for every two hallways -- the hallway without its own switch used multiple CAT5 cables routed via the underground carpark to extend the CAT3 signals to the neighbouring hallway where the switch was located. The updated Windnet 2020 plan places a managed switch in each hallway. This reduces the length of cable run for upper story apartments, improving signal strength. The existing CAT5 cables interconnecting adjacent buildings are redeployed to provide one or two redundant Gigabit links between the hallway switches. In the past, there have been some occasional (though rare) outages due to rodents chewing cables, so having redundant links available is helpful. Block_A:1-8, Block_A:17-24 and Block_A:25-30 are linked back to Block_A:19-16, which in turn is linked to a central junction box in the underground carpark. Block_B:65-72 and Block_B:81-88 also have trunk links to the underground carpark, as does Block_E:43-48 and Block_F:31-36. These five trunk links were originally patched directly to five uplinks running from the carpark to Block C, where the Windnet central hub is located. In June 2020, a dedicated managed switch was installed in the carpark to separate CCTV VLAN traffic from the trunks onto its own dedicated link to Block C, with the other Internet traffic occupying a separate trunk link for Internet traffic only. The remaining links remain as spares. The lift room in Block C houses a small cupboard which contains the Windnet firewall, along with two PCs used for maintenance and remote management, as well as CCTV access. The lift room also houses two high-speed Virgin Media cable modems (Cable1 and Cable2). Cable1 connects to Virgin's residential Internet service at 350 Mbps, while Cable2 connects to their business service at 250 Mbps. Thus there is a combined aggregate speed of 600 Mbps. This can in principle keep up to 60 apartments running at 10 Mbps simultaneously, though in practise that would be a very rare occurrance. ==== CCTV ==== The Windnet infrastructure is used to deliver images from 14 CCTV cameras located around the campus. The load this places on the network is significant, and was one of the drivers behind upgrading the Windnet intrastructure from 100 Mbps to Gigabit. CCTV cameras are connected via IP to the nearest available network switch, and their traffic then travels on a dedicated CCTV VLAN back to Block C where images are recorded on a NAS drive array. ==== Network architecture ==== There are 106 VLANs in use on Windnet, with VLAN1 reserved for management access to the network switches and related equipment. VLANs 2-106 correspond to equivalently numbered apartments. Each apartment is connected to its own private VLAN, and receives a DHCP address in the range 192.168..2-254, with 192.168..1 being the firewall itself. It is *not* possible for individual apartments to communicate with each other via Windnet, though this could be facilitate by firewall configuration if it was requested. The Windmill firewall is OpenBSD, and has been running trouble-free for many years. It currently runs on a mini-ITX Intel-based embedded PC with a solid state hard drive. There have been a couple of hardware failures over the years, all related to either fan failure or power supply failure. These are thankfully rare. The firewall has a number of custom scripts which are used to manage apartment access and do minor load-balancing by moving apartment traffic between Cable1 and Cable2. There are also two older DSL lines, now used primarily for management and trouble-shooting: ADSL1 and VDSL2. Both of these lines are quite slow (12-16 Mbps) and so while they used to carry live traffic for some apartments, we no longer use them for this purpose.