Introduction
An essential element of the network design will be one or more "network servers." These computer systems provide support for the operation of the network itself and can also provide many important centralized services.
A "server" is, as its name implies, a machine that provides services to others. There are many kinds of network servers in use today. For example, Novell systems include one or more servers that offer common disk space and other useful functions for the cluster of "clients" that are authorized to use them. The network server that must be part of the school network plan provides a set of services specifically for TCP/IP networks and related Internet information services.
The TCP/IP network server should be a fairly powerful computer system with a significant amount of disk space and regular operations coverage, such as file backup and problem resolution. The computer should have a multi-tasking operating system so that it can easily handle many functions simultaneously. It is critical that the operating system have reliable and easy to use Internet support programs. A common platform for network servers of this type is a small to modest sized UNIX-based computer system.
While it is possible to operate a small network with a single server, in most cases a set of distributed servers will be more effective, particularly if the servers are used to store large amounts of information specific to individual school sites. In a scenario such as that it would be more efficient to locate servers at each school site. Furthermore, by distributing the servers it is also possible to distribute responsibility for management of the services and information they support.
Figures PDF (36.8KB; 3pp.)
A typical system of distributed servers is shown in Figure 6-1. In this example, it is assumed that the school district office provides network operations (NOC) support for the entire district and that the connection to the Internet terminates in the district offices.
The discussion of server functionality that follows is divided into three components: those server functions which are essential, those that are very useful, and those that may become useful as use of the network grows.
Essential Network Server Services
Certain support services are essential to the operation of a TCP/IP network. These include the basic configuration information about the network and information to aid in problem resolution. In general, these services are best supported by a central organization and are most efficiently managed on a central machine. One successful model is to assign support of these services to the Network Operations Center (NOC) group (Chapter 8 provides additional information on NOC).
The following discussion is somewhat technical but is necessary in order to present sufficient detail about these services and the reasons they are so important.
Domain Name System
The Internet Domain Name System (DNS) is the mechanism for documenting and distributing network specific information, including the name and address of each computer attached to the network (network nodes). The DNS is provided by software that runs on the main network server. It uses a database that is created and maintained by the NOC staff.
An Internet address is the numerical identifier for a node and it must be unique among all nodes associated with the network. Furthermore, if the network is to be part of the global Internet, all addresses must be legitimate within the worldwide Internet system.
Fairly early on, people realized that addresses were fine for machines communication with machines, but humans preferred names. It is hard to talk using addresses (who would say, 'I was connected to 192.112.36.5 yesterday and...'?) and even harder to remember them. Therefore, computers on the Internet were given names for the convenience of their human users. [1]
Associated with each numerical address can be one or more "node names," like www.cde.ca.gov. Although computers have no difficulty remembering numerical addresses, it is often easier for computer users to remember and use the node names. In particular, electronic mail addresses use node names. DNS node names are hierarchical and by appropriately using this hierarchy "subdomains" can be assigned to each school site or district office. [2] In this way, naming can be structured to be flexible as well as meaningful in the context of the whole organization.
A plan for the assignment of IP network addresses and node names should be developed early in the planning for the network installation. Initially the database serving the DNS should reside on the district server so that there is one site at which all assignments are known. As the network grows and expertise is developed, secondary DNS systems can be run on the servers at larger school sites.
The main DNS for the district should be located as close to the Internet connection (topologically) as possible.
Figures PDF (36.8KB; 3pp.)
This proximity is to help ensure that network problems within the district network have minimal impact on access to the server. This design is illustrated in Figure 6-1; the district server is on an ethernet connected directly to the main distribution router.
Connection Information Database
Associated with the assignment of node names and addresses should be a database of specific information about the computers connected to the network. When trying to resolve problems or answer user questions, it is very important to know where the computers and other nodes are located, what type of computer and software are in use, and what type of network connection is installed. With proper software this database can be used to extract the DNS database discussed above.
Electronic Mail Post Office
A key service supported by the network is electronic mail. Just as the United States Postal Service has post offices that provide essential support services, so must each network have one or more electronic post offices. The electronic post office should provide "post office boxes" for most members of the school community, include an electronic mail "postmaster" who will respond to problems or questions about electronic mail, facilitate electronic mail relay services between the district network and external networks, and provide support services to help ensure that any electronic mail software considered for use is compatible with the overall district and Internet systems.
The most efficient way to receive and store electronic mail messages for a large community of users is to provide that function on central servers. Unlike an individual workstation which may be turned off or unable to respond, a central system can be available at all times to receive mail. In addition, information stored on a central system is more likely to be backed up regularly to secondary storage. A central server is particularly important in a community where a given individual may use different workstations at different times to send or retrieve mail.
Storing messages on a central server does not mean that everyone must use the same software to send and read messages. The mail servers can support a variety of access methods and software, from direct login to the server to distributed "client/server" packages. The client/server model allows the workstation user to perceive messages to be "on his/her local machine." Thus, the human interface to the electronic mail can use the paradigms of the particular computer. For example, the Macintosh interface can use the mouse, icons, and menu boxes while the DOS interface could use command lines and interactive methods more familiar to those users.
The district office server in this scenario would provide a global email directory for all community members and would provide email gateway and relay services for all other district email servers. Each school would still have its own email server where email boxes for each local user would be maintained.
One feature of the central system should be special accounts. For example, the electronic mail "postmaster" is a special account to which questions or problems can be addressed. Staff must be assigned to monitor this account and respond to the issues that arise. Typical problems range from questions about electronic mail addresses to queries regarding bounced mail messages. Other special accounts should be set up for generic functions such as "software" for software related questions or "problems" for general trouble reports.
Electronic mail systems often must modify electronic mail addresses associated with messages in order to ensure that they are accurate or complete. For example, a local postmaster might recognize the address "ABC Store, 1234 Main Street" even with the city name missing from the address if the store was famous. However, if the store and the Main Street are in another city than that from which the letter originated, the letter will be undeliverable unless more specific information is given. Similarly, if an email message is destined for another user on the same mail server, a simple form of address might be used. However, if the same recipient is to be reached from a distant system, a more complete address including the mail system server's name would have to be included. Therefore, in order to ensure that mail arrives at its designated recipient, a complex set of rules for checking and correcting electronic mail addresses must be configured on each mail server. One of the most efficient ways to reduce the complexity of this management issue is to route all external mail through the main district server where one set of up-to-date rules can be applied to all messages.
A similar function that the main district server can perform is translation of messages sent between different electronic mail systems. A computer program that translates text or data from the form generated by one format to the format required by another program is called an application level gateway. It is called a "gateway" in the network world because we think of "information flow between two worlds." The "electronic mail gateway" is an example of this where the message and addressing format from one system is translated into the message and addressing format of another system. For example, a message that originates on an IBM mainframe computer might be sent in a form that is incompatible with that expected on a Macintosh computer. The district server can be set up to translate these various forms so that recipients are minimally aware of the incompatibilities.
However, because the electronic mail gateway function is a more complex task than merely correcting an address, the need for such gateways should be minimized whenever possible. Before any new electronic mail system is acquired, system support staff should determine if it is compatible with existing systems and, if not, how difficult it will be to create a gateway for it.
Important Network Server Services
The services described in this section are valuable and important but are not required for basic operation of a network. This distinction is useful because it recognizes that these services can be phased in as resources permit.
Community Member Database
Once the use of email becomes widespread, it will quickly become important to have an electronic directory that includes all members of the school community. The need to be able to determine a particular person's address can be served by such a database. This type of database is often referred to as a "white pages service" because it serves a similar function as the white pages of the telephone directory.
The same community member database can be used to seed a user authentication system as described in Part III, Chapter 9 of this guide (Security and Authentication).
Community Services Database
Another type of central database could contain information about services available via the network or support services available to school community members. Questions that could be answered from such a "yellow pages directory" might include, for example: "Who is the network support person at XXX School?" or "Where is the nearest color PostScript printer?"
Central Information Service
One of the most exciting and valuable resources on any network is online information. The ready accessibility of current and important information can greatly improve the operation of any organization. A central directory or information server can be the starting point for locating information within a system of distributed information servers both within and external to the school district.
A number of electronic information service systems are available today. Each has its particular virtues and no one system will be best for all purposes. The general purpose "bulletin board system" or BBS is intended to be used by anyone who wishes to post or read messages. As a result, the validity or quality of information on the BBS can be inconsistent. On the other hand, managed information archives require staff time in order to prepare, install, and validate the accuracy of items for the BBS. The staff time required to maintain such a managed BBS might delay the availability of information.
The netnews system is an electronic bulletin board that has been in operation for more than a decade. It contains thousands of news categories and postings are made from and received by servers worldwide. In fact, the system is so large that the volume of "news" can exceed 50 megabytes per day if all categories are received. Unfortunately, because the system is not moderated there are a number of news categories that are inappropriate for students. (See Appendix E: Acceptable Use Policies.) For this reason schools must carefully select which categories to receive from external sources. Nonetheless, netnews is a very useful tool for posting short items internally and can be used externally to support student and teacher research, professional development, and other educational projects.
The "gopher" information server system has become extremely popular in recent years. Gopher information is stored in a hierarchy that can span many different servers. Thus from the main district server, the gopher directory can point to gopher servers at each school site for site specific information. The California Department of Education will be supporting gopher servers for a wide range of departmental information as well. Gopher is very easy to set up and use, and software for accessing gopher servers is available for most common computers. The gopher software is available at no cost from the University of Minnesota via the Internet.
Most recently, a technology called World Wide Web (WWW) has been developed that promises to support very sophisticated multimedia information on a "web" of distributed servers. Information typically includes hypertext pointers so that a user can jump from one document to a related document by selecting a particular pointer. For example, while looking at a picture of the Cathedral of Notre Dame, a user might select a particular gargoyle and automatically retrieve a description of that icon from a WWW server in Paris. One popular software package used to retrieve information from WWW servers is called Mosaic and is available at no cost from the National Center for Supercomputer Applications via the Internet. Mosaic can retrieve and display complex formatted text, audio, video, and color graphic information on Macintosh, DOS, or UNIX computers. For additional information on these and other services see Part III, Chapter 7: Internet Services.
Dial-in Modem Service
A critical success factor in developing expertise in using the network is access from home. School staff often have little time during the day to concentrate on learning about the network and the resources it provides. It has been demonstrated in several projects that their expertise can be much more readily developed if they can use a modem and computer from home to dial into the network. In addition, students quickly become accustomed to finding information electronically and will want to do so while doing homework, parents may want to look up the latest school calendar or homework assignments, and administrators may wish to read and respond to their email in the evening or while traveling.
The most cost-efficient way to provide dial-in service to the school district network is to support a central pool of modems for that purpose. Since the network is transparent to applications, any entry point will allow access to all nodes and servers. Thus a central modem pool can provide access to all components of the school network. To be more specific, when you connect to the network in any location, you can reach any other location, barring the presence of intervening security firewalls (see Part III, Chapter 9, Security and Authentication). Dial-up to a central modem pool works because the entry point would be inside any district-level firewall; thus, the caller could reach any computer on the school network without regard to its location.
One cost-effective way to begin a dial-in service might be to have the main district network server provide attachments for supporting a number of modems. However, supporting a large number of such ports can be expensive compared to the use of a special purpose Network Access Server. Such servers can support hundreds of ports with very sophisticated functionality such as IBM terminal emulation or full TCP/IP protocol connections.
A critical aspect of offering dial-in service to the school network is access control. It is considered irresponsible to allow anonymous access to any network and particularly to the Internet because of the potential for illicit or destructive behavior on the part of some people. The community member database described above could be used to support authentication for the dial-in service so that access is granted only to known users (see Part III, Chapter 9: Security and Authentication). Network Access Servers can use this database via software that runs on the main district server.
Network Time Service
A simple but useful service is time synchronization across all network connected computers. A number of systems are available for this purpose. The most sophisticated is the Internet NTP (Network Time Protocol) service that can synchronize itself with very accurate external clock sources and then distribute time data to all local computers.
Additional Network Server Services
There are many more services a network server can support. Included in this section are just a few that may be useful for you to consider when planning your network.
Print Spooling
In order to share printers effectively, it is useful to have a server spool print requests. This allows job control, accounting, and support for a wide variety of printers. For example, a spooler could understand that a PostScript print job would fail on a non-PostScript capable printer and reject the job. Similarly, it could understand that a non-PostScript print request directed to a PostScript printer must have certain information prefixed to the job in order to print. Spooling can also allow different printing systems to share the same printer. For example, a spooling system could enable Macintosh and UNIX systems to share the same LaserWriter.
Print spooling should be a local school site function, however, a local spooler should be able to hand jobs off to another spooler at the district office or even at another school if documents are being widely distributed.
Products are becoming available that offer many of these functions in a stand-alone unit. Such products should be evaluated against the needs of a particular situation. In general, it should be cost effective to start with spooling on a central server, moving to the stand-alone units only if greater capacity is required.
File Server
A very useful function of a network server is common file storage or file sharing. This function allows users of small computers to have working files stored reliably on a centrally managed system. It also allows many users to share a few large disks and have access to their files regardless of which computer they are using. Common file server systems are Novell, AppleShare, and the Network File System (NFS) found in most UNIX systems.
Like print spooling, it is most efficient to have file sharing be a local school site function. The most useful exception to this is to create a common archive of software on the district level server which local sites can access via file sharing.
Software Archives
Managing the distribution and upgrade of software on a large number of distributed computers can be a very labor intensive problem. A network server can help by providing a place to create an archive of common software. Public domain software could be made available without restriction and access to licensed software could be carefully controlled.
A "network license server" or "key server" is a mechanism for sharing licensed software among a community of related users. The server software runs on a centrally managed machine and keeps track of when a licensed software package is being used. For example, if the school system has license to 100 copies of Microsoft Excel, up to 100 users would be allowed to use the software simultaneously. The 101st person would be told to try again later.
Example of a Multi-purpose Network Server
An example of a multi-purpose network server is the BBN Internet Server, previously known as Copernicus, developed by Bolt Beranek & Newman Inc. [3] and used in the NSF-funded National School Network Testbed project. This Unix-based server is designed to support Internet-standard electronic mail, netnews, gopher, World Wide Web, common file archiving, and other services that can be accessed from desktop applications. An easy-to-use Macintosh application has been developed to allow users, without a high level of expertise, to administer and manage the resources on the server. The California Department of Education is participating in the test bed to determine the ease of use in disseminating Department information to schools.
Figures PDF (36.8KB; 3pp.)
Figure 6-2: Example of a multi-purpose network server
Conclusions
The network installation plan must include at least a basic network server to support certain aspects of operation of the network. The same type of computer platform can also support a wide variety of other very useful services. As use of the school network grows and new applications are developed, functions can be added to the existing servers or new types of servers can be added. Planning for this support function now will position the district to move more readily to embrace new opportunities as they arise.
[1] Ed Krol, The Whole Internet , O'Reilly & Associates, July 1993.
[2] See RFC 1480 for a complete discussion of school domain name conventions.
[3] Contact Karen Nelson, Educational Technologies Department, Bolt, Beranek, and Newman, Inc. 150 Cambridge Park Drive, Cambridge, MA 01238 for more information or send e-mail to server-info@copernicus.bbn.com.
