Opuwo Network Project

The one semi-regular reader of my blog may be forgiven for thinking there is a lot of stuff on here about travelling around, partying, the neverending problem of water and attending VSO things but little in the way of substance about work I’ve actually done.

Someone less generous than yourself dear reader may naively assume this is because my life consists purely of travelling, partying, meetings and moaning about water. You of course know the truth is I am constantly busy with all sorts of wonderful technical projects and programs as well as providing high quality training to all and sundry. On alternate Thursdays anyway.

So to address the blogpost work/life balance here is some information about the Great Network Project in Opuwo.

Non IT readers may wish to stop reading now and visit eBay instead. IT readers may also wish to stop reading now and go find some lolcats instead.

Background / Phase Zero

The previous VSO IT volunteer here at the Ministry had managed to get an ADSL broadband link provisioned from Namibia Telecom along with a D-Link wireless router, some wireless cards and some cabling kit (crimpers and RJ-45 ends).

He had installed about 5 PCs in WiFi range with the cards and all were surfing happily away on the internet. Unfortunately his placement (6 months) ended before any further work could be completed.

After he had left yet another brave VSO volunteer came up on loan from the Ministry of Education and suggested the purchase of some trunking and much more CAT5e cable which was duly purchased but was delivered long after he had gone from Opuwo.

So when I arrived I found the existing ADSL modem/router, wireless router and 5 clients working along with 4000 feet of CAT5 cable and lots of trunking. I call this situation Phase Zero (by reference to me anyway).

MoHSS Opuwo March 2009 Phase 0 Overview

Phase 0 Network - Wireless Access Only

Preparations for Project

Because I hate crimping cables and am no good at it I justified the purchasing of a RJ-45 patch panel, numerous sockets and a punch tool. This was my first experience of the mighty economising committee and ordering process but my kindly benefactors in the logistics office helped me through.

At some point (possibly post Phase 1 but who cares) I also stopped using double-NAT. The setup as I found it was ADSL modem/router (acting as a NAT router) plugged into the WAN port of the D-Link wireless router (also acting as a NAT router). This gave us two SPOFs and the D-Link didn’t seem to be too happy keeping routing going for a long time. So I switched DHCP off, configured it with an IP on the ADSL router’s internal range, plugged that into the LAN side and made it purely an access point.

Phase One: Making a Mess

Our network centre for the regional office (call it comms room, data center or our video conferencing room that happens to have a strong door as you will) is about 1/3 of the way along our main corridor (we have another side to the regional offices but more on that later).

The first phase therefore was to put up trunking along the 2/3 length of the corridor, mount the patch panel, drill cable access holes through walls and run the first cable.

I covered this a bit at the time in the post “network networked“.

Not to cover old ground too much (read the original post and see the pretty pictures) but we had a few issues such as there being a break-in the night before the work, the walls turning out to be worse than we could imagine (foot thick very solid concrete with seemingly more lintels than plain wall) and my general uselessness at anything practical. Luckily Segube (the hero of the entire project) worked around me and we got it done.

At the end of a day of actual work we’d managed to run trunking down the long end of the corridor, run a solitary cable and cover everything in sight in concrete dust and plastic shavings. The cleaners were very impressed with me on monday. So much so they made a special effigy of me and stuck pins in it, no doubt some sort of local custom to show praise.

Phase Two: Networking People Other Than Me

In Phase Two we mainly concentrated on using the trunking and holes in the walls to run cables to identified “key” offices along the RMT long corridor.

This made us very popular with some people (those who got internet access) and very unpopular with those offices not identified as “key” that we just worked on past. Not my choice as to who is what though.

Phases Three and Four: More Mess, More Cables

Three and Four were expansionist phases involving trunking being installed the other way on the corridor and then to the outside, up and over our entrance archway and a toilet block then into the finance corridor.

Not only did this give us a continuous cable route to the false ceiling in the finance block but once again created plenty of mess to keep the cleaners happy. As part of one of these phases a Linux server (watson) was commissioned and put into our comms room to provide DNS services for the network (telecom’s DNS servers being a bit flaky) as well as a central file share.

Phase Five: The Big One

By now we actually had a network sort of taking shape but there was also contact from National Level people wanting to connect us to the National Government Network allowing use of centralised finance and HR systems from our offices.

Following a preliminary visit some plans were drawn up for offices to cable, computers to be installed and locations for a rack. We hoped to keep our internet link and separate the traffic with a routing rule but this turned out to be against policy so in the end we split our network into two.

The plan for phase 5 was to accomplish the following:

  • Put in proper routing and proxy to our internet-connected LAN via the watson server
  • Cable all remaining “key” regional offices
  • Install WAN link to Windhoek for government network
  • Install Fibre link the length of the hospital to Opuwo District offices
  • Cable some offices at Opuwo District
  • Install half-height rack in Regional Offices
  • Install 4U wall mount rack in District Offices
  • Cable all HR officer desks and install thin clients
  • Install second server on internet-connected network for WiFi access, DNS and SMB/CIFS (cavell)
  • Install and configure numerous new PCs and printers for various functions

Because, naturally and sensibly, I am not trusted with fibre optic cables and their associated frikkin’ lazer beams the national level bods arranged for some cabling contractors to come in to do the fibre link and one or two of the offices.

When the IT team arrived there was a comedy of errors (well I would have laughed if I wasn’t too busy crying) when we couldn’t find any keys for the room, they had turned up a day earlier than expected so not all the cabling was finished and it turned out they wanted some different offices done than originally specified. Fun.

So we worked tirelessly for a few days just ahead of the technical team putting in the cabling just-in-time for them to install and start configuring the PCs.

In the end it all worked out ok though and all the systems were commissioned correctly. The LAN move to a proper router configuration and secondary server for DNS and WiFi went fine as well.

MoHSS Opuwo Phase V Twin Network Overview

Post Phase Five: Twin Networks at Opuwo


Tags: , , , , , , , ,

%d bloggers like this: