440 likes | 628 Views
Accounting for Printing. and the Cornell Net-Print Service. Who am I?. Rick Cochran Cornell Information Technologies Systems & Operations Designated Services Cornell Physics ’71 Manager of the Research Computing Facilities of the Cornell Center for Materials Research for c. 20 years
E N D
Accounting for Printing and the Cornell Net-Print Service
Who am I? • Rick Cochran • Cornell Information Technologies • Systems & Operations • Designated Services • Cornell Physics ’71 • Manager of the Research Computing Facilities of the Cornell Center for Materials Research for c. 20 years • Included printer accounting • Joined CIT as software developer for Net-Print in 1998
Road map • The Cornell Net-Print Service – how we do printer accounting at Cornell • Printer accounting philosophy and decision making • Challenges • Future Possibilities • Demos • Questions
The Cornell Net-Print Service How we do it
Net-Print: Non-technical details • Started in 1996 • Laurie Collinsworth and Mike Hojnowski (design and coding) • Carrie Regenstein (politics) • Student labor (coding) • Cornell has no central funding model • Printing allocations must be done on a per-department basis • Students must be able to have multiple printing accounts • Net-Print must be fully cost-recovered • Originally developed for CIT student labs • Extended to departmental “Partner Labs” • The department buys and maintains their own printers and supplies • We do the authentication, print serving, page counting, accounting, and billing • We return 78% of the funds we collect for printing on the department’s printers to the department • The “Hojnowski” effect • You don’t want to be the last lab still offering free printing
CIT Student Lab CIT Student Lab Departmental Partner Lab Departmental Partner Lab Net-Print: Functional diagram Anywhere Dorm room
Net-Print: Technical Details • Spooler: LPRng (http://www.lprng.com) • Database: MySQL • About 1.2GB • Server: IBM Power PC/AIX • Moving to Opteron/Linux soon • Development language: Perl • c. 21k lines • Web server: Apache • CGI
Net-Print: Authentication methods • MacOS X and Unix: LPRng Kerberized LPR protocol • CUPS backend • CUPS Printing Dialog Extension (PDE) for MacOS X • Thanks to NCSU! • Windows: Sidecar - Cornell’s Kerberos authentication scheme • Protocol-independent, out-of-band, call-back, Kerberos authentication method • Workstation sends print job to server • Server does call-back to Sidecar process on workstation to get user’s Kerberos credentials
Net-Print: We are Green • Charging for printing is inherently green • The Net-Print Service will print c. 8 million pages this year – which is about 24 million pages less than would be printed if we were not charging for printing. • That’s about 1,880 trees this year! • Watermark alternative to banner pages • About 100 trees this year! • 100% recycled paper (in CIT Labs) • Duplex printing
Billing examples – April ‘05 • Bursar billing • $117,153 • 8,699 students • $13.47 average • Department Account billing • $1,330 • Course Account billing • $14,521 • Disbursement to Partner Labs • $55,581
Why Charge for Printing? • Because you have to: Printer supply costs will bankrupt you • Charging for printing is the only effective way to make a brain cell fire before someone pushes the “print” button • To reduce usage of natural resources • Environmental awareness is becoming increasingly important • To cover the cost of quality equipment • Quality printers • Color printers • Specialty printers (poster, etc.) • Printer maintenance contracts to make sure that the printers are actually working
Why Not Charge for Printing? • You will be placing yourself between the user and their output • Not comfortable • Page counting is complex • Students are clever • Accounting and billing are complex and expensive
Why Not Charge for Printing? • Refund processing is aggravating • Printing errors are often caused by the user or the application – not the service • You will get weary of listening to excuses • “Somebody else must have printed on my account” • “It never printed” (when you know it did) • “The printing system ate my homework” • Requires a lot of resources (staff, technology, etc.)
How does your institution work? • Is there a central funding model which can be used to provide students with printing allocations? • This determines how obsessive you need to be about page counting accuracy, refunds, etc. • Is there a strong central IT authority? • This determines whether you can dictate client platforms, printer types, etc.
Commercial or in-house • Will a commercial package be flexible enough to meet your institution’s and customers’ needs? • Multiple accounts per user • A networked authentication solution is more convenient for your users than a commercial “money card” or “release station” solution • Do you have the resources to build and maintain an in-house solution?
Client platforms • Which ones to support? • Windows (9X, ME, XP) • MacOS X • Unix • We support Windows XP and MacOS X officially, and Unix unofficially • Single platform is simpler (but less fun!)
Authentication • Not necessary with “money card” solution • Kerberos, LDAP, Active Directory, NDS, PKI • Things to authenticate • Printing • Windows (“login” or “share”) • Custom • Web pages (signup, account management, job management)
Authorization • Who is authorized to • Print • Move or delete print jobs • Submit refund requests • Start or stop print queues • View people’s printing and accounting logs • Add or remove print queues • Create, remove, or modify accounts • Create, remove, or modify people’s authorization • Roles: end user, operator, manager, etc.
Network printing protocols • Client to server • SMB, LPR, IPP • We use SMB and LPR • Windows LPR implementation is flawed • “Push” bits in TCP reduce throughput • Server to printer • LPR, IPP, App socket (port 9100) • We use port 9100 because it’s simpler and bi-directional, but it has problems with Binary PostScript
Server architecture • Central (simpler) or distributed (scales better) • Hardware and software platform
Page counting • Software (on client or server) • Less accurate (assumes the job printed OK) • Requires more CPU resources • Hardware (read the printer’s page counter) • More accurate • Delay between print jobs • Requires printer-dependent code • Requires printer lockdown • IP address restrictions to prevent circumvention of the printing system
Page Description Languages (PDLs) • PostScript • Preferred by professionals • The PostScript Printer Description (PPD) spec provides device-independent support for printer features • Printers without licensed Adobe PostScript engines (HP, Lexmark) may have problems printing documents generated by Adobe applications • PCL • Less problems printing Adobe documents • Limited feature control at the server end • We require PostScript • The “watermark” alternative to banner pages is impossible to implement with PCL
Printer monitoring and security • Printer lockdown requires setting and monitoring printer parameters • Anyone with physical access to the printer can re-configure it • Passwords are required to prevent tampering via the network (near and far) • Vendor-supplied solutions • Lack functionality (printing or exporting data!) • Don’t support other vendors’ printers well • Usually require Windows servers • Are designed to look good in demos so that • You will buy their printers, and • You will buy their printing supplies
Banner pages • It’s important to separate print jobs and identify their owners • Average job size = 4.8 pages waste 17% of paper • Alternative: “watermark” at top of first page of output • User-selectable (default is “watermark”) • Possible only with PostScript
Where are the costs? • It’s not the paper!
Accounting • Real-time vs. batch • Web interface • Types of accounts • Credit (unlimited, billed monthly) • Bursar • Department • Debit (disallow printing when limit is reached) • Cash • Credit card (pre-paid on-line) • Course (allocated by student’s department) • Authorization • Bursar billing eligibility feed • Department account
Refund Processing • Reasons for refunds • Printer failures • Toner outages, printer jams, etc. • Configuration failures • Binary PostScript • Application failures • Page selection in Word • User failures • Blank pages in Excel spreadsheets (record: 969!) • Wrong Web “frame” active • Wanted “6-up” in Powerpoint • Somebody else picked up the output • Forgot to log out • You name it • Only the first category above is the “fault” of the printing service! • We grant refunds for all but “forgot to log out”
Refund Processing (cont.) • If you’re going to offer refunds, the process must be automated • Labor intensive • You need to make sure that all refund requests correspond to actual charges! • Logs and statistics are helpful • For resolving disputes • For determining systematic printing problems
Billing • Bursar feed • Department account feed • Cash management • Security • Requires audit trail • Online credit card • Use a service (eg. VeriSign) which insulates you from liabilities • Billing reports • Who printed how much on this account • We send report spreadsheets as e-mail attachments
Challenge - Authentication • Sidecar is going away • Sidecar is a protocol-independent, out-of-band, call-back, Kerberos authentication scheme • Hence it has inherent vulnerabilities (eg. with NATs) • We would like a Kerberized LPR (or other) protocol “port manager” for Windows. Please email rcc2@cornell.edu if you have one!
Challenge - Duplex page counting • Sheets vs. sides (impressions) • Must charge about the same to print a given document duplexed as for simplexed (you save only 1/3 cent per document page) • The SNMP page counters in Lexmark, HP, and Xerox printers click twice for each duplex page • A three page document costs $.30 simplexed and $.40 duplexed • Xerox Phaser job accounting (to the rescue!) • Counts sheets and sides • Accessible via SNMP • Misbehaved Microsoft apps • IE, Word append a blank page when duplexing an odd number of pages – defeating our sophisticated page counting technology • We will document this and wait for Microsoft to fix it
Challenge - Binary PostScript • Generated by default by some apps – notably Adobe Photoshop, Illustrator, and Pagemaker • Advantage: Half as big as ASCII PostScript • Example: 100MB vs 200MB • When sent via port 9100 causes printers to spew many pages of gibberish • Can be fixed by encoding with TBCP • Works fine for Windows • The MacOS X spooler won’t TBCP encode Photoshop output. • Xerox Phaser printers may be able to deal with Binary PostScript if the port 9100 “filter” option is set to “none” • Needs more research
Future Possibilities • Charging by supply usage instead of by pages • Single printer for both B/W and color • Charges fairly for small vs. full-page images • But: the customer doesn’t get to know their charges in advance • Sell “Printing plans” (like cell phone plans) ??
Future Possibilities • Multiple printers per queue: Load balancing • Current job prints on whichever printer is working/not busy • Resolves problems caused by long jobs and broken printers • Might confuse students: “Where did my output go?”
Future Possibilities • Multiple queues per printer • Separate queues would reduce the confusion involved in choosing duplex or simplex printing • Separate queues would permit different charges for different media • Color printer tray 1 - paper at $.25 • Color printer tray 2 - transparency at $1.00
Future Possibilities • FAX • Specialty printers • Printed card-stock front and back covers • Hot tape binding • Low cost
Future Possibilities • Using a messaging service • Purpose: To inform users that . . . • Their account is empty • Their print job has just printed on printer xx • Currently using e-mail and a printed sheet for error messages • Must be authenticated to avoid spam and security issues