Every 4 years since its start back in 1989, a hacker/security conference takes place in the Netherlands. This summer, the eighth version of this conference, called Still Hacking Anyway 2017 (sha2017.org), will run between the 4th and 8th of August. The conference is not-for-profit and run by volunteers, and this year we’re expecting about 4000 visitors.
For an event like SHA, all the visitors need to connect to a network to access the Internet. A large part of the network is built on Cumulus Linux. In this article, we’ll dive into what the event is and how the network, with equipment sponsored by Cumulus, is being built.
What makes SHA 2017 especially exciting is that it is an outdoor event. All the talks are held in large tents, and they can be watched online through live streams. At the event site, visitors will organize “villages” (a group of tents) where they will work on several projects ranging from security research to developing electronics and building 3D printers.
Attendees will camp on a 40 acre field, but they won’t be off the grid, as wired and wireless networks will keep them connected. The network is designed and implemented by the SHA network team. Cumulus Networks has donated switches from several hardware vendors, and Edge-Core has loaned several switches as well, meaning a large part of the network is running on Cumulus Linux.
A conference like SHA needs a connection to the Internet, so how do people make this connection in the great outdoors? This is one of many challenges in building the network, since the location is quite remote. To resolve this issue, we connected the event through dark fiber with a 100G coherent link to a data center in Amsterdam.
The network has been assigned its own autonomous system number, or ASN — 1150, a temporary /16 IPv4 IP space, and an IPv6 space as well. Every visitor will have a dual stack IPv4/IPv6 connection. This provides the visitors with complete freedom without firewalls or NAT.
Months before the event, a design was made to connect all the campers to the network (see the design below). The network consists of switches running Cumulus Linux, with speeds ranging from 100G down to 1G. Since there will be a large number of physical connections, the access layer is a mix of different vendors. This is accomplished by using all open protocols to make sure that it is all interoperable.
SHA 2017 Logical Network Design
One question that is asked often is “How do you protect the equipment if the conference is outdoors?” Since the conference is open to the elements, the equipment must be kept dry and easily accessible for connections, which we do with “datenklos” (data toilets) — we literally use empty portable toilets to store the equipment. It isn’t exactly glamorous, but it’s what is on the inside that counts.
On top of each datenklo is an access point, which provides the entire field with a wifi network. Above that is a light, which is part decorative, but also part functional: the LED colors indicate the status of the network at that specific location.
Datenklos in Action
A non-standard use case for Cumulus Linux
It’s not everyday that you set up a network in a remote location outdoors. It’s a tricky configuration, but Cumulus Linux makes it easier because it is just a standard Linux environment. By using Ansible playbooks, we can configure the network quickly, which lets the team focus on more time-consuming tasks like the physical deployment over the large event space.
We hope that you will join us at SHA 2017! However, if you can’t attend, you can view a timelapse and live images from the event. Please feel free to contact us if you would like more details on how the network is built and how you can take advantage of the flexibility of Cumulus Linux. If you happen to attend the event itself (or remotely), I’ll be giving a presentation as well.