<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:"Bookman Old Style";
panose-1:2 5 6 4 5 5 5 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Bookman Old Style","serif";
color:black;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-family:"Bookman Old Style","serif";color:black'>Depends on your specific needs, but for run-of-the-mill, the easiest way to accomplish this with standard equipment is a subnet: <a href="http://en.wikipedia.org/wiki/Subnetwork">http://en.wikipedia.org/wiki/Subnetwork</a><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Bookman Old Style","serif";color:black'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-family:"Bookman Old Style","serif";color:black'>Very simplistically, all computers have an IP address. All computers that talk to each other are on the same subnet (if a computer’s IP address is 192.168.0.5, the subnet is “0”). If you setup your Wi-Fi router/access point to distribute addresses to Wi-Fi computers on a separate subnet (say 192.168.1.5, the subnet is “1”), then any computers with the different 0/1 subnets cannot talk to each other. <br><br><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Bookman Old Style","serif";color:black'>This configuration is greatly different depending on your hardware, but usually you can do it without spending a lot of money on expensive equipment. Here’s a more complicated explanation with graphics: <a href="http://superuser.com/questions/569710/how-to-create-a-separate-subnet-for-wireless-access">http://superuser.com/questions/569710/how-to-create-a-separate-subnet-for-wireless-access</a><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Bookman Old Style","serif";color:black'><o:p> </o:p></span></p><div><p class=MsoNormal><span style='font-family:"Bookman Old Style","serif";color:black'>Christian Dunham<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Bookman Old Style","serif";color:black'>Caro Area District Library<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Bookman Old Style","serif";color:black'>989-673-4329 x 106<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Bookman Old Style","serif";color:black'>christian@carolibrary.org<o:p></o:p></span></p></div><p class=MsoNormal><span style='font-family:"Bookman Old Style","serif";color:black'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri","sans-serif"'>From:</span></b><span style='font-size:11.0pt;font-family:"Calibri","sans-serif"'> michlib-l-bounces@mcls.org [mailto:michlib-l-bounces@mcls.org] <b>On Behalf Of </b>Mimi Herrington<br><b>Sent:</b> Thursday, April 9, 2015 8:53 PM<br><b>To:</b> Helen Dewey; Bruce MacDonald<br><b>Cc:</b> Michlib-l<br><b>Subject:</b> Re: [Michlib-l] segmenting public and staff networks<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><div><div><p class=MsoNormal><span style='font-size:13.5pt;font-family:"Calibri","sans-serif";color:black'>We were provided a free internet drop by Comcast because we’re a library. We used that drop for wi-fi to the public for laptops and devices and it was separate from our internet to the public and staff computers. The public and staff internet connection is a static IP and the public wi-fi is not.</span><span style='font-size:14.0pt;font-family:"Calibri","sans-serif";color:black'><o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:14.0pt;font-family:"Calibri","sans-serif";color:black'> <o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:14.0pt;font-family:"Calibri","sans-serif";color:black'>Mimi Herrington, Director<br>Bad Axe Area District Library<br>200 S. Hanselman Street<br>Bad Axe, MI 48413<br>989.269.8538 (Phone)<br>989.269.2411 (Fax)<br><a href="http://www.badaxelibrary.org">www.badaxelibrary.org</a><o:p></o:p></span></p></div><div><div><div><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> <o:p></o:p></span></p></div><div><div><p class=MsoNormal style='background:whitesmoke'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> <a href="mailto:rhdewey@charter.net" title="rhdewey@charter.net">Helen Dewey</a> <o:p></o:p></span></p></div><div><p class=MsoNormal style='background:whitesmoke'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'>Sent:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> Thursday, April 09, 2015 6:13 PM<o:p></o:p></span></p></div><div><p class=MsoNormal style='background:whitesmoke'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'>To:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> <a href="mailto:bmacdona@gmail.com" title="bmacdona@gmail.com">Bruce MacDonald</a> <o:p></o:p></span></p></div><div><p class=MsoNormal style='background:whitesmoke'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'>Cc:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> <a href="mailto:michlib-l@mcls.org" title="michlib-l@mcls.org">Michlib-l</a> <o:p></o:p></span></p></div><div><p class=MsoNormal style='background:whitesmoke'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'>Subject:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> Re: [Michlib-l] segmenting public and staff networks<o:p></o:p></span></p></div></div></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'> <o:p></o:p></span></p></div></div><div><div><div><div><p class=MsoNormal><span style='color:black'>Bruce,<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='color:black'>I have been trying to find a way to separate the staff network from the public network, but I have not found a solution which lets us use only one broadband cable feed. When I tried a switch and 2 routers (diagram I found online), the 2 networks were fighting each other for the Internet network feed.<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='color:black'>I would greatly appreciate being pointed to information which would help me segment the networks.<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='color:black'> <o:p></o:p></span></p></div><div><p class=MsoNormal><span style='color:black'>Helen Dewey<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='color:black'>Accidental Techie<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='color:black'>and<br>Benzonia Public Library Board Treasurer<br><a href="mailto:rhdewey@charter.net">rhdewey@charter.net</a><o:p></o:p></span></p></div><div><div><div><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> <o:p></o:p></span></p></div><div><div><p class=MsoNormal style='background:whitesmoke'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> <a href="mailto:bmacdona@gmail.com" title="bmacdona@gmail.com">Bruce MacDonald</a> <o:p></o:p></span></p></div><div><p class=MsoNormal style='background:whitesmoke'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'>Sent:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> Thursday, April 09, 2015 4:00 PM<o:p></o:p></span></p></div><div><p class=MsoNormal style='background:whitesmoke'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'>To:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> <a href="mailto:shermandirector@winntel.net" title="shermandirector@winntel.net">Ms. TJ Smith</a> <o:p></o:p></span></p></div><div><p class=MsoNormal style='background:whitesmoke'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'>Cc:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> <a href="mailto:michlib-l@mcls.org" title="michlib-l@mcls.org">Michlib-l</a> <o:p></o:p></span></p></div><div><p class=MsoNormal style='background:whitesmoke'><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'>Subject:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:black'> Re: [Michlib-l] torrenting wireless policies/suggestions?<o:p></o:p></span></p></div></div></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'> <o:p></o:p></span></p></div></div><div><div><div><div><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-family:"Calibri","sans-serif";color:black'>Using your connection to pirate movies not only slows your network, but could land a library in hot water with the RIAA, who can report the activity to your internet service provider.<o:p></o:p></span></p></div><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-family:"Calibri","sans-serif";color:black'>Even though our wifi requires no password, we do have a "captive portal" system in place to display our wireless policy. There are many other options to do this.<br><a href="http://www.securedgenetworks.com/security-blog/Why-is-captive-portal-important-for-wireless-guest-access" target="_blank">http://www.securedgenetworks.com/security-blog/Why-is-captive-portal-important-for-wireless-guest-access</a><br><br>In the mean-time, you can dig into the settings in your wireless router. I believe you will be able to disable torrenting. Even though there are some legit uses for torrenting files, the vast majority is not traffic you want on your network, and you can possibly deal with exceptions as they come up (if they come up at all).<br><a href="http://kb.netgear.com/app/answers/detail/a_id/20483/~/set-up-a-netgear-router-to-block-access-to-certain-websites" target="_blank">http://kb.netgear.com/app/answers/detail/a_id/20483/~/set-up-a-netgear-router-to-block-access-to-certain-websites</a><o:p></o:p></span></p></div><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-family:"Calibri","sans-serif";color:black'>It sounds as though your staff machines are maybe using the same network connection and hardware as your public machines, and wifi. This could also create security headaches, and you have already seen with bandwidth needs for your ILS strained. Your network should be segmented, with each segment inaccessible to the other. This can be done virtually or physically. There are expensive and inexpensive ways to do it.<br><a href="https://www.techsoupforlibraries.org/cookbook-3/networking-and-security/bandwidth-management" target="_blank">https://www.techsoupforlibraries.org/cookbook-3/networking-and-security/bandwidth-management</a><o:p></o:p></span></p><div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'>Regards,<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'>Bruce<o:p></o:p></span></p></div><div><div><div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'> <o:p></o:p></span></p></div><div><div><div><div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'>Bruce A. MacDonald<br>Assistant Director / Head of Circulation<br>Peter White Public Library<br>Marquette, Michigan<o:p></o:p></span></p></div></div></div></div></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'> <o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'>On Thu, Apr 9, 2015 at 10:40 AM, Ms. TJ Smith <<a href="mailto:shermandirector@winntel.net" target="_blank">shermandirector@winntel.net</a>> wrote:<o:p></o:p></span></p><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in'><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'>We have been seeing a large increase in internet traffic and our wireless setup is simply not holding up. A particular problem is patrons using our wireless for torrents. Do any of you have policies in place regarding a limit on high-bandwidth activities? It is frustrating for our other patrons, many of whom are using the connection for schooling and business purposes, not to mention the staff trying to use VERSO.<br><br>We currently have 6MB service through our provider (the highest package offered in our area) connected to an old router and switch. We have 5 public computers, one catalog computer, and one staff station all direct-wired through the switch and at any given time 2-10 wireless devices attached. Our current router is a Netgear N300 WNR2000v2. We're looking to upgrade and add a wireless access point to allow us better control, but that does not make our current situation any easier to handle.<br><br>I've been setting the lowest priority QoS for the torrent users when possible to try to make the connection usable by other patrons. Does anyone have any tips on how we can better get by in the meantime?<br><br><br>Ms. TJ Smith<br><br>Library Director<br><br>Sherman Township Library<br><br><a href="mailto:shermandirector@winntel.net" target="_blank">shermandirector@winntel.net</a><br><br>(989) 644-5131<br><br><br><br>_______________________________________________<br>Michlib-l mailing list<br><a href="mailto:Michlib-l@mcls.org" target="_blank">Michlib-l@mcls.org</a><br><a href="http://mail2.mcls.org/mailman/listinfo/michlib-l" target="_blank">http://mail2.mcls.org/mailman/listinfo/michlib-l</a><o:p></o:p></span></p></blockquote></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'> <o:p></o:p></span></p></div></div></div></div></div></div><div class=MsoNormal align=center style='text-align:center'><span style='font-family:"Calibri","sans-serif";color:black'><hr size=2 width="100%" align=center></span></div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'>_______________________________________________<br>Michlib-l mailing list<br><a href="mailto:Michlib-l@mcls.org">Michlib-l@mcls.org</a><br><a href="http://mail2.mcls.org/mailman/listinfo/michlib-l">http://mail2.mcls.org/mailman/listinfo/michlib-l</a><o:p></o:p></span></p></div></div></div><div class=MsoNormal align=center style='text-align:center'><span style='font-family:"Calibri","sans-serif";color:black'><hr size=2 width="100%" align=center></span></div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif";color:black'>_______________________________________________<br>Michlib-l mailing list<br><a href="mailto:Michlib-l@mcls.org">Michlib-l@mcls.org</a><br><a href="http://mail2.mcls.org/mailman/listinfo/michlib-l">http://mail2.mcls.org/mailman/listinfo/michlib-l</a><o:p></o:p></span></p></div></div></div></div></body></html>