Network and Wireless
CSAIL Network
TIG provides support for the data network throughout the entire Stata Center with the exception of the Student Street and certain areas below ground. The CSAIL wireless network serves all floors in the Gates tower, and all CSAIL areas in the Dreyfoos tower (D5 and below), but does not serve the first-floor classrooms or “student street”. This is very different from most of the rest of campus, which relies entirely on MITNet.
The CSAIL network provides gigabit Ethernet at a density of one port per 25 square feet of office space, for a grand total of about 4,000 gigabit network ports. The network backbone is 100-gigabit Ethernet with two redundant backbone switches; the link between the core switches is 200 Gbit/s. CSAIL has aggregate outside connectivity of 10 Gbit/s. CSAIL’s network also extends to the Massachusetts Green High-Performance Computing Center in Holyoke over a private 10-gigabit link with layer-3 redundancy.
DHCP is provided throughout the network, except in areas where research groups have opted to run their own DHCP server. By default, every blue-colored data jack in offices and open lab areas is “live”, meaning that it is connected to the network, enabled, and will provide an IP address, DNS server info, netmask, and other necessary information via DHCP. In seminar rooms and certain other public spaces, only certain drops are live.
There is no need to register or do anything other than just plug your computer in with an ethernet cable, or connect to CSAIL Wireless. In order to print you need to connect to CSAILPrivate. We can provide an ethernet cable if you don’t have one.
Please also read the MITnet Rules of Use
Firewall
Most of the CSAIL network is behind a stateful firewall. Unlike most organizations, our policy is to permit traffic by default: once you plug your device in or connect to the CSAIL wireless network, it is on the public Internet and will be subject to nearly continuous exploration and attack. We block some services and protocols that cannot practically be secured, or which tend to come by default in an insecure configuration; see port filtering for more information. We also block many known remote login services (including SSH, Windows Remote Desktop, and VNC) in order to limit the number of systems accessible to brute-force attacks; these are allowed for users of the campus VPN. See SSH access for more information on how to configure SSH if you are unable or do not want to use the VPN.
Requesting a static IP address
To request a static IP address, follow the directions in the WebDNS Users Guide to register your desired hostname. WebDNS (CSAIL Login required) will assign you a static IP address. You can then use DHREG (CSAIL Login required) to register your MAC address for the IP address WebDNS gave you.
Using static IP addresses on the CSAILPrivate network
Devices connected to the CSAILPrivate network can have static IP addresses, but those IP addresses must be in the “CSAIL private wireless” address range (128.30.8.0/22). In order to get a static IP address, you must register a domain name for your device in WebDNS (documentation), and then register the IP address WebDNS gives you in DHCP. Then you can configure your device as described above. (CSAIL Login required)
Note that CSAILPrivate uses a different network address range than the old StataCenter wireless network (which just used the “Wireless” range). If you have a device that used to have a static IP address via unauthenticated wireless and you’re switching it to the CSAILPrivate network, you’ll need to delete the old entries for it in WebDNS and dhreg, re-register your device getting a new IP address in the “CSAIL private wireless” range, wait about an hour for the changes to take effect (and perhaps a while longer for them to propagate elsewhere if you’re going to be trying to connect to the device by domain name from outside CSAIL), and then follow the steps above to configure your device.
If you have no preference for domain name, we suggest using something
like yourlogin-devicetype.csail.mit.edu or yourlogin-model.csail.mit.edu. For instance, I (Jay Sekora) might choose names like
jsekora-phone.csail.mit.edu
jsekora-laptop.csail.mit.edu
jsekora-nexus7.csail.mit.edu
jsekora-thinkpad.csail.mit.edu
jsekora-coffeemaker.csail.mit.edu
(No, I don’t have a network-addressible coffeemaker, more’s the pity.) This is optional, but might help us figure out what’s going on or who to contact in case of problems.
DNS
- WebDNS (CSAIL Login required)
- WebDNS Users Guide
- CSAIL Host Registration Policy
- Name Server List
- DNS security
DHCP
- DHCP Registration (CSAIL Login required)
Wireless
- General information about CSAIL Wireless
- Detailed instructions on connecting to the CSAILPrivate wireless network
- Connecting your own wireless access point
Remote Access
- VNC setup from outside CSAIL
- Campus VPN (Note that this will get you a MITnet IP address, not a CSAIL address, and will not completely bypass the firewall: not all applications are automatically permitted from the VPN.)
Phones
If you need a VOIP phone setup in your space, need to update caller ID, or reset pin, email your request to help@csail.mit.edu. We generally only set up one device per office or space but if needed can add additional lines.
For more information on using the MIT VOIP phones see the MITvoip Telephone User Guide