Difference between revisions of "CTWUG Rules 2013"
| Line 91: | Line 91: | ||
| ==Transit Routers at Backbone high sites== | ==Transit Routers at Backbone high sites== | ||
| 3.3.1. Must be managed by [[Wug Management System]], and administrative access granted to [[CTWUG Admin]].<br/> | 3.3.1. Must be managed by [[Wug Management System]], and administrative access granted to [[CTWUG Admin]].<br/> | ||
| − | 3.3.2. Internet interfaces must be approved by [[CTWUG Admin]] prior to instatement.<br/> | + | 3.3.2. Must run the [[#CTWUG recommended operating system version]], or later.<br/> | 
| − | 3.3. | + | 3.3.3. Internet interfaces must be approved by [[CTWUG Admin]] prior to instatement.<br/> | 
| − | 3.3. | + | 3.3.4. Firewall and NAT rules must be approved by [[CTWUG Admin]] prior to instatement.<br/> | 
| + | 3.3.5. Area high sites are optionally exempt from section 3.3.<br/> | ||
| ==Backbone links== | ==Backbone links== | ||
| Line 105: | Line 106: | ||
| 3.5.1.3. Disabling of routing protocols when leaving them active would otherwise cause instability across the greater CTWUG network.<br/> | 3.5.1.3. Disabling of routing protocols when leaving them active would otherwise cause instability across the greater CTWUG network.<br/> | ||
| 3.5.2. All other changes at private high sites must be approved in advance in writing by the site owner or caretaker.<br/> | 3.5.2. All other changes at private high sites must be approved in advance in writing by the site owner or caretaker.<br/> | ||
| + | |||
| + | ==CTWUG recommended operating system version== | ||
| + | 3.6.1. MikroTik: RouterOS 5.17. | ||
Revision as of 18:35, 7 May 2013
!!! WORK IN PROGRESS !!!
Contents
Glossary
1.1 Please consult the CTWUG Glossary for definitions to some of the terms used in this document.
Everyday WUG Use
Network Access
2.1.1. There is one class of Wugger on the CTWUG network.  All Wuggers have equal network priority, meaning no Wugger will have traffic priority over another Wugger.
2.1.2. Whether expressly implied or otherwise, under no circumstances are there any guarantees of network or service availability on the CTWUG network.  It is run by volunteers in their own time, and failures will be attended to as time, money, and motivation permits.  Do not harass Wuggers or flood the forums regarding this.
2.1.3. IEEE 802.11 wireless network equipment does not offer consistent or guaranteed performance.  As a result, a Wugger's access speed and reliability may vary over time and in different parts of the network.  CTWUG can not guarantee against these factors.
Node Database
2.2. Every Wugger must have a node entry in WiND that accurately reflects the state of their connectivity to the network. It is every Wugger's duty to ensure all his assigned IP addresses have working forward-confirmed reverse DNS by adding address names to the relevant WiND node. If a Wugger has been assigned a /29 of address space, there are 8 IP addresses that require DNS entries. This is true regardless of how many of these addresses might be in use on the Wugger's network at any point in time. Wuggers must consult CTWUG Admin staff or fellow Wuggers if help is needed with WiND, and must persevere with such until their node's configuration is accurate and confirmed working.
Game Time
2.3. CTWUG maintains a system of bandwidth management called Game Time. This is a period of time during which gaming related traffic enjoys maximum priority on the network by aggressively shaping non-game related traffic in an effort to reduce network latency to a minimum. Game Times have been voted the following:
- Monday - Thursday: 20:00 - 00:00
- Friday: 19:00 - 03:00
- Saturday: 15:00 - 03:00
- Sunday: 17:00 - 00:00
It is the responsibility of CTWUG Admin to maintain and respond to Game Time failures. It is the duty of Wuggers to respect these times and not subvert the bandwidth limits for non-game related traffic.
IRC
The CTWUG IRC channel, #CTWUG, has a few rules that must be adhered to:
2.4.1. Respect other users.
2.4.2. Avoid CAPS usage.  It is considered SHOUTING to use CAPS, and rude to use it all the time.
2.4.3. Official channel languages are English and Afrikaans.  Other languages, including "leet" speak, MXit/SMS speak, are not allowed.
2.4.4. No blasphemy or excessive use of crude language.
2.4.5. Keep the topics family friendly.
2.4.6. No talk of software piracy. This includes the tools used to obtain pirated software.
2.4.7. Ops have a right to private message you and/or kick/ban you at their discretion.
2.4.8. If you use the /away command, make sure that your client does not spam channels with your away status.
2.4.9. Bottie is the only bot permitted in the channel.
Some of these rules are relaxed in #CTWUG-Lounge. Please join there for more freedoms. Your WUG IP address must have working forward-confirmed reverse DNS to join the Lounge.
Wuggers are also free to create their own channels where they can define their own rules.
Responsibilities of Wuggers
2.5. It is Wuggers' responsibility to:
2.5.1. Protect themselves and their private networks from digital threats that may arise from being connected to the network.  This includes (but is not limited to) use of antivirus software, firewalls and password security.
2.5.2. Provide content on the CTWUG network, and this is the sole responsibility of Wuggers.  CTWUG is not responsible for any content on the network other than that of the official group website and servers owned by the group.
2.5.3. Participate in communication and voting that takes place at General Meetings held by the Committee as defined in the Constitution.
2.5.4. Donate money to CTWUG to assist growth and maintenance of the network.
2.5.5. Purchase equipment for use on the network only when its suitability for use has been ascertained.  CTWUG is not responsible for costs incurred by Wuggers obtaining equipment that is unable to connect to the network.
2.5.6. Deal directly with sellers of network equipment at their own risk and cost.
Unacceptable WUG activities
2.6.1. Network scans of any kind are forbidden unless all owners of affected equipment have given approval prior.  This includes use of TheDude, port scans, security scans, password and/or brute force scans.  Ping sweeps across IP ranges are acceptable if limited to <64 byte ICMP messages, and does not amount to a Denial of Service.
2.6.2. Flooding and Denial of Service attacks are forbidden.
2.6.3. Traffic sniffing at transit points that reveals packet payloads is forbidden.
2.6.4. Hacking, cracking, and brute force attempts against any equipment or service on the WUG is forbidden, unless arranged prior between all involved parties.
2.6.5. IP address spoofing and hijacking is forbidden.
2.6.6. Advertising is restricted to personal classifieds on the CTWUG forum.  Any other advertising, spam, or solicitation is forbidden unless approved in advanced by the Committee.
2.6.7. Operation of commercial, paid-for network services on the WUG is forbidden.  This includes commercial Internet access.
2.6.8. Racism, hate speech, repeated excessive aggression, harassment, and threats against Wuggers is forbidden.
High Site Setup and Maintenance
General
3.1.1. All high sites must follow the CTWUG Naming Convention.  High sites not following this must rectify their configuration in a timely manner, or grant CTWUG Admin to rectify it on their behalf.
3.1.2. Point-to-Point links must use a single /30 IP address block.
3.1.3. Wireless links must be planned in co-operation with other nearby high sites so as to avoid interference, and optimise network routing.
3.1.4. All IP addresses bound to high site network devices must have working forward-confirmed reverse DNS.
CTWUG owned High Sites
General
3.2.1.1. Must be constructed in accordance with CTWUG High Site Topologies.
3.2.1.2. May only be maintained and managed in full by CTWUG Admin staff and/or the Committee.
3.2.1.3. During maintenance, CTWUG Admin staff may engage non-admins for assistance, or for the purpose of education.
3.2.1.4. CTWUG Admin must grant administrative access on relevant routers to admins from peer high sites on request.
3.2.1.5. Changes:
3.2.1.5.1. involving temporary down time must be published 12 hours in advance on the CTWUG Forums.
3.2.1.5.2. involving long-term down time must be published 14 days in advance on the CTWUG Forums.
3.2.1.5.3. requiring configuration changes by peer high sites must be announced to and acknowledged by all relevant peers 48 hours in advance.
3.2.1.5.4. requiring configuration changes by clients must be published 14 days in advance on the CTWUG Forums.
3.2.1.5.5. requiring hardware changes by peer high sites must be planned and executed in full co-operation with the relevant peers.
3.2.1.5.6. requiring hardware changes by clients must be published 6 months in advance on the CTWUG Forums.
Client Sectors
3.2.2.1. Must be limited to 6 clients if standard IEEE 802.11 protocols are used.
3.2.2.2. Must be limited to 8 clients if Nv2 or Airmax is used.
3.2.2.3. Signal strengths must exceed -73 dBm for new clients to connect.
3.2.2.4. Signal strengths must exceed -75 dBm for existing clients to remain connected.
3.2.2.5. Clients must maintain a 95th percentile CCQ of 60% in both directions to remain connected.
Transit Routers at Backbone high sites
3.3.1. Must be managed by Wug Management System, and administrative access granted to CTWUG Admin.
3.3.2. Must run the #CTWUG recommended operating system version, or later.
3.3.3. Internet interfaces must be approved by CTWUG Admin prior to instatement.
3.3.4. Firewall and NAT rules must be approved by CTWUG Admin prior to instatement.
3.3.5. Area high sites are optionally exempt from section 3.3.
Backbone links
3.4.1. Must achieve 24 Mbps of throughput upstream and downstream simultaneously.
3.4.2. Must maintain a 95th percentile CCQ of 80% or higher in both directions.
CTWUG Administrators
3.5.1. May not make unauthorized changes at private high sites, with exceptions:
3.5.1.1. Disabling of routing protocols and/or adjustment of routes in the case of a poorly performing link provided traffic flow resumes through alternate paths.
3.5.1.2. Disabling of routing protocols and/or adjustment of routes as a last resort in defending against network abuse.
3.5.1.3. Disabling of routing protocols when leaving them active would otherwise cause instability across the greater CTWUG network.
3.5.2. All other changes at private high sites must be approved in advance in writing by the site owner or caretaker.
CTWUG recommended operating system version
3.6.1. MikroTik: RouterOS 5.17.
Network Management
IP address allocations
4.1.1. May only be allocated from CTWUG's master pool by CTWUG Admin.
4.1.2. The smallest IPv4 allocation from CTWUG's master pool is a /25.
4.1.3. High sites requiring less than a /25 must obtain a sub allocation from its nearest peer high site.
4.1.4. Sub allocations must be documented on the parent allocation's high site wiki page.
IP address assignments
4.2.1. No wugger will be assigned less than a /29 address block.
4.2.2. High site administrators must assign sufficient addresses to meet a Wugger's network needs, and avoid the use of NAT.
4.2.3. Assignments must be documented on the high site's wiki page and/or WiND node.
Breach
5.1. Any wugger in breach of these rules may be liable to Committee actioned recourse in the form of corrective action, warnings, bans, and WUG disconnection, whichever is most appropriate for the breach in question.
5.2. Any high site in breach of these rules must be corrected in a timely manner, or must have permission and access granted to CTWUG Admin to carry out corrective action.
