OIT Ethernet Service allows University faculty and staff to connect devices to the campus data network via an Ethernet interface. The service may be available to University students in some locations upon request.
The service is available in practically every building on campus, including academic buildings, administrative buildings, dormitories, some apartment buildings, and graduate annex buildings. It is also available in all eating clubs.
Within dormitory buildings, apartment buildings, and graduate annex buildings, availability of the service inside of the individual dormitory rooms, apartments, and rooms in graduate annexes varies; when and where available, it may be available only on request.
In general, OIT Ethernet Service is intended to be available only to devices registered in the Princeton University Host Database.
OIT Ethernet Service usually appears in the form of an RJ-45 Ethernet port (socket) into which you plug an Ethernet cable. These sockets are often referred to an "OIT Wallbox Ports," because each socket is often located in a box, sometimes mounted on a wall. A single OIT wallbox may provide more than one wallbox port; some of these wallbox ports may be OIT Ethernet ports, some may be analog telephone ports, some may be analog video ports, or other kinds of ports.
In these locations, OIT has already installed OIT Ethernet ports in many places where customers are likely to desire Ethernet connections. These ports are normally installed with the Ethernet port disabled (turned off) until someone contacts OIT to request that the service be turned on and to provide an account number to pay for the service.
Additional OIT Ethernet ports (e.g. more wallboxes) may also be installed as needed upon request.
To request that OIT activate existing OIT Ethernet ports or install additional ports contact the OIT Support and Operations Center. See How to request a port activation with active IP address for more information.
In all buildings, 1 Gbps connections are standard. (These connections also support 100 Mbps and 10 Mbps; they auto-negotiate.)
To disable an active OIT Ethernet port, or request a change to an active OIT Ethernet port, contact the OIT Support and Operations Center.
Information about all OIT Ethernet wallbox ports appears in the OIT Network Atlas. Every OIT Ethernet port is identified by its wallbox number and socket within the wallbox (typically a letter). The OIT Network Atlas shows each OIT Ethernet wallbox port that is currently activated, its location, and the name of a contact at the time the port was activated. It also shows the OIT Ethernet switch port to which the wallbox port is wired.
In these locations, once enabled, an OIT Ethernet port normally remains enabled until someone contacts OIT to request that the port be disabled.
Keep in mind that not all OIT Ethernet wallbox ports in these locations are turned on. Unless someone has has contacted OIT to request that the wallbox port be turned on, the wallbox port remains disabled. For examples, most offices space has one or more Ethernet wallbox ports installed, but each is disabled unless someone has contacted OIT to enable it.
OIT Ethernet Service is installed in the following buildings which operate as dormitories, apartments, and Graduate Annexes: all undergraduate dormitories, all Eating Clubs, the Old Graduate College, the New Graduate College, Lawrence Apartments, Wyman House, 11 Dickinson Street, 15 Dickinson Street, 16 Dickinson Street, 24 Dickinson Street, 24 Dickinson Street, 27 Edwards Place, 29 Edwards Place, 31 Edwards Place, 35 University Place, and 45 University Place.
For locations in these buildings that are not inside a dormitory room, inside an apartment, or inside a room in a graduate annex, see instead the section above entitled In Any Location Other than inside a Dormitory Room, Apartment, Graduate Annex room. Spaces in those buildings that are not inside those kinds of rooms are treated like other University office and academic space with regard to OIT Ethernet Service.
Inside of dormitory rooms, apartment rooms, and inside rooms in a graduate annex, availability of OIT Ethernet Service varies. Where available, it may be available only upon request. See SN@P KB001087: Connecting Devices to the Internet from Your Dorm Room for more information about availability and how to place a request.
When the service is provided, 1 Gbps connections are standard. (These connections also support 100 Mbps and 10 Mbps; they auto-negotiate.)
OIT Ethernet wallbox ports in these locations are listed in the OIT Network Atlas. Every OIT Ethernet port is identified by a unique combination of wallbox number and socket within the wallbox (typically a letter). The database shows each OIT Ethernet wallbox port and its location. (It also shows the OIT Ethernet switch port to which the wallbox port is wired.) The OIT Network Atlas does not provide contact information for ports inside dormitory rooms, apartments, and inside graduate annex rooms.
To be eligible for OIT Ethernet Service, a device must meet the following requirements:
As described in Which Devices Must be Registered in the Host Database?, practically every device attached to OIT Ethernet Service must be registered in the Host Database. (For students, "subscribing the device to Dormnet" causes it to be registered in the Host Database.)
OIT normally configures 1000Base-TX ports to autonegotiate speed and duplex. In this situation, the clients must be configured to perform autonegotiation of speed and duplex. In this situation, 10Base-TX clients will negotiate 10 Mbps service; 100Base-TX and 10/100Base-TX clients will negotiate 100 Mbps service; 1000Base-TX, 10/100/1000Base-TX, and 10/100/1000Base-TX clients will negotiate 1000 Mbps service. If the client supports full-duplex operation, it will negotiate full-duplex service. If the client does not support full-duplex operation, it will negotiate half-duplex serivce.
If the customer who requested the 1000Base-TX service specified that the OIT Ethernet switch port should be configured not to autonegotiate speed and duplex, but instead to be set for a specific speed and duplex, then to work properly,the client must be configured to operate at the same speed and duplex as the switch port, and to not perform autonegotiation of speed or duplex. Clients that do not support that mode of operation will not work properly when connected to a switch port configured to not to autonegotiate speed and duplex.
Each physical Ethernet connection (for example, between a client's Ethernet port and an OIT Ethernet switch port) sometimes is referred to as a link. When both of these Ethernet ports are "up," the link is said to be "up." Otherwise the link is "down."
For example, if your computer is configured to use its Ethernet interface, when you power on your Ethernet-attached computer, at some point during the start-up process, your computer probably turns on its Ethernet port and (if all goes well), the Ethernet link between your computer's Ethernet port and the OIT switch's Ethernet port comes "up." Later when you power off your computer, that Ethernet link goes "down." The Ethernet link would also go down if you were to disconnect the Ethernet cable. Some devices take down their Ethernet links when they go into a sleep (low power) state; others keep the Ethernet links up.
OIT expects to see Ethernet links go up and down across campus as a normal part of the network's operation, reflecting devices powering up, powering down, cables being plugged in and unplugged, and so on.
An Ethernet link that appears to be going down and up at an excessive rate is sometimes said to be "flapping."
Ethernet link flapping is a problem for multiple reasons:
That contributes unnecessary broadcast traffic to the local network and places unnecessary load on the campus DHCP/BootP service.
Excessive Ethernet link flapping places unecessary load on monitoring systems, and can impede our ability to use those systems to detect and troubleshoot other network problems.
Excessive Spanning Tree Protocol events adds processing load for the Ethernet switches. At high enough levels, this degrades or disrupts network service.
Additionally, some Spanning Tree Protocol events require switches to rapidly age out their bridge tables entries; that can cause very poor network service while unicast layer 2 traffic is flooded instead of switched until the switches repopulate their bridge table entries.
If your device's Ethernet link toggles on and off at an excessive rate, you may be asked to reconfigure/fix your device to reduce that rate to an acceptable level.
We treat six cycles/hour (six pairs of Ethernet link on/off events) as an acceptable long-term average rate. This corresponds to a device which turns its Ethernet interface on and off every ten minutes for many hours or days at a time. Higher long-term rates (for example, a device which cycles its Ethernet link every five minutes) are treated as unacceptable.
We recognize that over short periods, a device will legitimately toggle its Ethernet interface more often than six cycles/hour. For example, a device being rebooted manually as part of installing software or troubleshooting a problem might toggle its Ethernet interface a few time per minute for an hour or so. That's fine, and we take no action when that happens. But when this continues for hours or days at a time, it's no longer treated as acceptable.
Very high rates (for example, cycling every second), even for a short period such as an hour, also are treated as unacceptable.
Somewhat elevated rates are sometimes caused by misconfigured sleep cycles on client devices. High rates are typically caused by buggy Ethernet interface firmware or drivers on the client device, buggy sleep software on the client device, the use of a "Wake on LAN" feature on a client device, use of a malfunctioning "Energy Efficient Ethernet" (EEE) feature on the client device's Ethernet interface, damaged Ethernet cables, damaged Ethernet interfaces, damaged Ethernet switch ports, damaged Ethernet wallbox ports, and malfuncioning private Ethernet switches or repeaters.
Common causes of excessive Ethernet link flapping include the following; the most common causes are listed first:
Some devices' sleep/lower power software/firmware is buggy, causing the devices to keep toggling their Ethernet links while the devices are in a sleep/low power state.
Other times the software is not buggy, but it will behave this way due to the use of a "Wake on LAN" feature.
Buggy sleep/lower power software/firmware, or Wake on LAN is nearly always the cause when the flapping happens on a schedule that coincides with device sleep/low power use.
OIT's experience is that a variety of common devices do encounter these issues. Some examples include:
In most of these cases, the problem is associated with the use of power savings/sleep modes and/or "Wake on LAN" features. In some cases, updates to Ethernet drivers and/or reconfigurations of various Ethernet driver, BIOS, or Windows settings may work around the problem.
Usually this is due to use the use of power savings/sleep modes and/or "Wake on LAN/Wake for network access" features. Reconfiguration of these settings may work around the problem.
For example, sometimes a USB, Thunderbolt, Firewire, or other device causes the device to wake from sleep each time the devices goes to sleep. Sometimes the device involved is an external network interface (e.g., a dongle), or a docking station.
In some cases, reconfiguration of power savings/sleep features may work around the problem.
In some cases, when an external docking station is involved, reconfiguration of power savings/sleep features alone might not always work around the problem. In those case, also switching from the docking station to a simpler external network interface (e.g., a dongle) may work around the issue.
We do not know if these are example of the "low power/sleep" issue above, of problem with the device's use of sleep/low power, or if it is some other issue.
Our experience is that it is practically never caused by a problem with the device's Ethernet interface, the Ethernet drop cable, the OIT Ethernet wallbox port, or the OIT Ethernet switch port.
We are not aware of any fix.
We do not know if these are example of case of the "low power/sleep" issue above, or if it is some other issue.
Ethernet splitter/joiner devices are suitable only when the devices at at least one end of the Ethernet link is limited to speeds of 100 Mbps or slower.
Eliminate the use of the splitter, or reconfigure at least one of the devices at either ends of the link (the client device, or the OIT Ethernet switch port) to limit it to speeds of 100 Mbps or slower.
This is the Ethernet port in the OIT Ethernet switch elsewhere in the customer's building, in a wiring closet.
If the customer's device has properly-functioning "Energy Efficient Ethernet" software (or no EEE software), then EEE will not cause the problem. OIT's Ethernet switch ports presently have EEE disabled, so any properly-functioning customer device supporting EEE will not use EEE. (EEE is only used the devices on both sides of an Ethernet link support it and have it enabled. As OIT's Ethernet switches do not have it enabled, even a customer's device that supports EEE and has it enabled will not use EEE.)
Solutions for a number of common causes are documented in the OIT SN@P Knowledge Base article Network Port Flapping on Windows and Mac computers - Common Solutions.
(That OIT SN@P Knowledge Base article is accessible only to persons who are SN@P fulfillers.)
Sometimes when customers are advised that their device is experiencing Ethernet link flapping, they try to work around the issue by inserting a private Ethernet switch/hub/repeater/bridge between their device and the OIT Ethernet switch port.
This is a not a good workaround.
Usually this stops the Ethernet link flapping seen by the OIT Ethernet switch port; the link between the OIT Ethernet switch port and the customer's private Ethernet switch/hub/repeater/bridge does not experience link flapping. But the Ethernet link flapping remains ongoing, only now it on the link between the customer's private Ethernet switch/hub/repeater/bridge and the customer's device. While this does eliminate the Ethernet link flapping observed by the OIT Ethernet switch port, it doesn't eliminate the Ethernet link flapping experienced by the client's device.
If the Ethernet link flapping the client's device is continuing to experience is also causing the client's device to experience any other issues (side-effects of the Ethernet link flapping), OIT will continue to see those other issues. (A common example is certain patterns of excessive DHCP traffic from the client's device.) When OIT previously saw those issues, OIT was able to also see the Ethernet link flapping between the client's device and the OIT Ethernet switch port. When we were able to determine that the other issues (e.g., excessive DHCP traffic) were caused by Ethernet link flapping, we treated the Ethernet link flapping as the cause, and opened a ticket only for the Ethernet link flapping (and not for the side-effects). But with a private Ethernet switch/hub/repeater/bridge hiding the Ethernet link flapping from OIT, we will see only side-effect(s) of the hidden Ethernet link flapping, and not the Ethernet link flapping. As a result, OIT will be forced to open a ticket for the side-effect(s) (the excessive DHCP traffic from your DHCP client, for example). You would be forced to figure out on your own that the DHCP traffic is only a side-effect of Ethernet link flapping between your client and your Ethernet repeater/bridge/switch. If you could not figure that out and address it, OIT likely would need to disable the OIT Ethernet switch port.
It is sometimes possible for someone to intercept traffic sent to or from your computer via Ethernet networking. Modification of the traffic is also possible is some circumstances.
OIT Ethernet Service does not provide your traffic with any security; it does not encrypt your data, nor prevent your data from being deliberately modified in-transit.
As you cannot rely on the network to prevent interception or modification of your data, if your data is sensitive, you would be prudent to take steps to ensure that anyone who might intercept your traffic would find it of little value, and that make it difficult for an interloper to modify your traffic in-transit. For example, instead of using applications that send and receive your data in the clear, use applications that use strong encryption before placing your data on the network. (E.g. avoid cleartext telnet, ftp, and rlogin; instead use ssh, scp, and/or sftp. Do not send sensitive data to web sites unless the web site connection is using strong encryption.)
OIT Ethernet Service normally provides a dedicated Ethernet switch (not repeater) port to each connection. That is, each OIT Ethernet port is normally wired to a unique port on an OIT Ethernet switch. The portion of the campus Ethernet maintained by OIT is a fully-switched environment; it does not rely on Ethernet repeaters, or on Ethernet bridges that lack switch capabilities.
An OIT Ethernet port that provides 1000Base-TX service provides a 1000 Megabit per second full-duplex or half-duplex connection (depending on the client device's capabilities) between the client's Ethernet interface and the OIT Ethernet switch. (If auto-negotiation negotiates 100 Mbps or 10 Mbps instead, the service provides that negotiated speed between the client's Ethernet interface and the OIT Ethernet switch.)
There are anywhere between 24 and 240 OIT Ethernet ports connected to a single OIT Ethernet switch. That "closet" Ethernet switch is typically connected to higher-capacity Ethernet switch (typically the building's "Point of Entry" Ethernet switch); that connection typically operates at 1 Gbps full-duplex or 10 Gbps full-duplex. The building's "Point of Entry" Ethernet switch connects to the core of the campus network at 1 Gbps full-duplex or 10 Gbps full-duplex.
The core of the campus data network (CDN) is in turn attached to the Internet and Internet2 (via multiple ISPs). For an overview of the University's Internet connections, see Internet Service.
One should understand that a 1000 Mbps OIT Ethernet port does not guarantee the client a 1000 Mbps connection to anywhere on campus or the Internet. It only provides a dedicated 1000 Mbps connection between the client and OIT Ethernet switch to which it is attached. The amount of bandwidth available to the client beyond that first-hop OIT Ethernet switch will vary depending on how much bandwidth is being used by other traffic traversing the same path. For example, if there are 30,000 devices simultaneously attached to the campus network, each with 1000 Mbps service, clearly they all cannot simultaneusly obtain 1000 Mbps of bandwidth to the Internet. Insteach, each device that is presently communicating with the Internet will obtain some fraction of the University's Internet capacity. This relies on the fact that at any given instant, most devices are not communicating with the Internet, and those that are communicating with the Internet are usually not doing so at the maximum possible speed of their individual Ethernet connections.
OIT discourages, but does not forbid customers from connecting private Ethernet repeaters, bridges, or switches to OIT Ethernet Service See Connecting a Private Ethernet Repeater, Bridge, or Switch to the Campus Network for more details.
In many buildings, individuals are not permitted to attach to the campus network any device operating as a Wireless Access Point. In other buildings, doing so it permitted only with authorization. And in others, doing so is permitted, but strongly discouraged by OIT. See Connecting a Private Wireless Access Point to the Campus Network for more details.
OIT discourages, but does not forbid customers from connecting Network Address Translators (a.k.a. NATs, or NAT Routers) to OIT Ethernet Service See Connecting a Private Network Address Translator to the Campus Network for more details.
OIT Ethernet Service provides IP service to those devices that are registered in the Princeton University Host Database specifying that an IP address should be assigned to the device. (The IP-SUBNET-OR-ADDRESS field is specified.)
When attached to its home network, the device network interface receives OIT Static IP Service.
If device meets the eligibility requirements for OIT Mobile IP Service, the device's network interface may also visit other OIT networks (other than its "home network") and continue to receive IP service. When it attaches via a network other than its "home network", the network interface receives OIT Mobile IP Service, not OIT Static IP Service.
Note that some network interfaces are registered in the Host Database with a "home network" that doesn't correspond to any real physical network on campus. Some of these networks include: driftnet, recyclenet, wirelessnet. These network interfaces rely on OIT Mobile IP Service; they don't receive OIT Static IP Service since it's impossible to attach them to their "home network".
In some locations where two Ethernet connections are needed where only a single OIT Ethernet wallbox port is available, OIT Technology Operations sometimes installs a pair of Ethernet splitters/joiners to provide two connections sharing one wallbox port, rather than installing an additional wallbox port.
Each of these devices is about the size of a packet of cigarettes. They are always used in pairs; one device joins two two-pair cables to form a single four-pair cable, and the other device splits a single four-pair cable to form two two-pair cables. They are used to run two (non-standard) two-pair Ethernet connections over a single four-pair Ethernet cable and wallbox port.
Each of these devices has three connections. One connection is an RJ-45 Ethernet connection in which all four pairs of wires (eight wires) are live. Inside the device, those pairs are split, resulting in two pairs (four wires) going to one connection, and two pairs (four wires) going to a second connection. Depending on your perspective, the device is "splitting" four-pair Ethernet cable into two (non-standard) two-pair Ethernet connections, or it is "joining" two (non-standard) two-pair Ethernet connections so they may ride over a four-pair Ethernet cable.
OIT Technology Operations installs one of these devices at the OIT Ethernet switch. (As OIT Ethernet switches are typically in wiring closets, this device is not ordinarily apparent to the customer.) Each of the device's two two-pair sockets is plugged into a different OIT Ethernet switch port. Inside the device, the two two-pairs are joined together to form four pairs. The device's four-pair socket is plugged into the cable running through the building to the customer's wallbox port.
OIT Technology Operations installs a second of these devices at the customer's wallbox port. (The device typically is visible to the customer, hanging outside the wallbox.) The device's four-pair connection is plugged into the corresponding OIT Ethernet wallbox port; often this end of the device has a permanently-attached Ethernet cable ending in an RJ-45 plug. The device's two RJ-45 Ethernet sockets each provides non-standard two-pair Ethernet service, allowing the customer to attach two devices to the splitter.
These splitter/joiner devices rely on the fact that 10 Mbps and 100 Mbps copper Ethernet service only uses two of the four pairs of wires in a standard Ethernet cable, plug, and socket. The splitter/joiner devices use the "spare" pair of wires to carry a second Ethernet connection.
As 1 Gbps copper Ethernet service uses all four pairs of wires, 1 Gbps (and faster) copper Ethernet service will not function properly using these splitters. Even if all the devices support Ethernet auto-negotiation of speed, service still may not work properly (or may work, but poorly). The auto-negotiation mechanism used by Ethernet devices to choose a speed at which to operate was not designed to detect the presence of such splitter/joiner devices. If the OIT Ethernet switch port is configured to support 1 Gbps (or faster) service, and the customer device is configured to support 1 Gbps (or faster) service, and there are such splitter/joiner devices in the path between the two, the Ethernet service might not function, or might function poorly. To cause the Ethernet service to function properly in the presence of such a splitter, it is necessary for the OIT Ethernet switch port (or the customer's device) to be configured so it will not try to support 1 Gbps (and higher speed) service, but instead will use only 10 Mbps and/or 100 Mbps service.
The use of the splitter/joiners for 10 Mbps and/or 100 Mbps service is non-standard, but the service typically will work. (The use of two separate connections over a single cable might, for example, result in increased crosstalk on the connection, degrading the service.)
If you have questions or need assistance with any of the procedures in this document, please contact the OIT Support and Operations Center.