Technical Description of our Network

Internet Service Providers and Infrastructure

Our commodity internet bandwidth (currently 3GBit) is purchased through Crown Castle, while our server bandwidth is purchased through the University of Massachusetts via UMASSNET. Redundant connectivity to UMASSNET for each college is provided by the 10-gigabit Five College fiber-optic network. UMASSNET has many redundant connections to the internet. At Hampshire, we have one connection to UMASSNET in the basement of Cole, and one in ASH.

Hampshire's Network

Hampshire's network is a star topology, centered in the basement of Cole. Our core is a 6509-E with all DFC-enabled cards and Sup720's. In general, buildings are connected to the core with ten-gigabit fiber, and have a layer 3 OSPF networking device with an associated VLAN and subnet. This is to increase resiliency, keep traffic local as much as possible, and reduce the size of the broadcast domains on campus. For security and IP conservation reasons, all of these addresses are RFC1918's that get translated at the edge of our network into globally-valid addresses. All connections made concurrently by a single IP inside our network are mapped to the same IP outside. 

We have a ten gigabit physical connection to each of the other four institutions in the Five College Consortium, through the Five College Fiber Network. Any connection initiated from on campus to any of the other four colleges will get routed over this link, meaning we get gigabit speeds between the institutions on the Five College Network. We have firewalls at the edges of our network, one on each link, that perform firewall and NAT functions. On the University of Massachusetts link, this is a Cisco 5525-X, and on the Windstream link, this is a Netgate XG-1541 running pfsense, an open source firewall/router computer software distribution based on FreeBSD.

The College maintains several L2TP/IPSec VPN concentrators for faculty, staff, and student access from remote locations.

The College also maintains Voice-over-IP PBXes for telecommunications and a separate fax portal.

Wireless Networking

Hampshire's wireless network is powered primarily by Unifi 802.11ac Access Points at various locations around the campus, ensuring connectivity in all public areas of the campus, as well as all of the dorm areas.

  • hampguest (public) This network does not require a login and has an entirely separate connection to the Internet. In this way, it is like sitting in an internet cafe; you are not really on Hampshire's network while using this wireless network. This is the network for IoT devices that only need an internet connection and the connection speeds are significantly slower than the other networks on campus. 
  • Frognet (private) This network requires a Hampshire login, and provides full, direct access to on-campus services for community members. 
  • eduroam (private, encrypted) This is a global roaming network provided by many hundreds of institutions worldwide, and anybody at any of those member institutions can log in at any of the others. Sign in with (username)@hampshire.edu and your Hampshire password. 

 

IP Ranges

Hampshire College's public-facing IP ranges are as follows:

  • 64.254.160.0/21 (Various)
  • 144.121.36.224/27 (Commodity Internet through Crown Castle)
  • 192.33.12.0/24 (IT Servers)
  • 192.101.188.0/24 (Academic Servers)

Internally, we use RFC1918 addresses for all end-user devices.

 

Future Projects

  • MultiFactor Authentication for added security (almost done)

Stay In Touch With Information Technology Staff

413.559.5418 FAX: 413.559.5419
This block requires the "Enable floating privacy settings tab and withdraw consent banner" to be enabled in EU Cookie Compliance settings.