ITB

1,140 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,140
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

ITB

  1. 1. ITB Status Report Spring AI3 Meeting 19-21 June 2003 Tokyo, Japan
  2. 2. Observatorium Bosscha • One and the only star observatorium in South East Asia, currently run by Astronomy Dept, ITB • Stationed at Lembang, West Java, about 6 km North from Bandung • Website : http://www.bosscha.itb. ac.id
  3. 3. Live Observation at Bosscha • The use of Internet Technology for (near) real-time sky object observation • Input – CCD camera attached to the telescope • Output – Live streaming video using RealPlayer – Periodic Image capture using Webcam Apps • Audience can watch live observation directly from their computer!
  4. 4. Live Observation at Bosscha (cont’d) • Conducted at May 7th 2003, observing Mercury Transit (Mercury will pass through the sun, so looks visible from Earth) • Done with portable telescope, with CCD camera attached • CCD camera output is splitted in two direction by video splitter – For RealProducer, creating Streaming Media files – For Webcam apps (Durgem, http://durgem.sourceforge.net), creating periodic (30 sec) image capture
  5. 5. Live Observation at Bosscha (cont’d) • Bosscha is connected to ITB using 802.11b Wireless Link • Audience can watch video stream and image capture in website http://bosscha- live.ai3.itb.ac.id • Two video stream created : – 56 kbps for Internet audience – 384 kbps for ITB audience (LAN)
  6. 6. Responses about Live Observation at Bosscha • Public Announcement about live observation was made in public mailing list and newspaper • Responses was high at websites : see http://stats.cnrglab.itb.ac.id/bosscha- live.ai3.itb.ac.id/
  7. 7. Results • Cloudy weather makes hard to get good pictures of the Mercury Transit • Thanks to the Durgem, 15 picture out of 300 picture captures the Transit • Astronomers is very delighted about the results • Planned to do live observation in late August, observing Mars at Perihelion (nearest distance to Earth)
  8. 8. Portable Telescope CCD Camera attached to the telescope
  9. 9. Real Producer & Webcam Server Video Splitter Journalists came to the observation site Observation site, at the top of the roof
  10. 10. http://bosscha-live.ai3.itb.ac.id Website and RealPlayer
  11. 11. Image captured using CCD Camera Processed image by Bosscha Astronomer
  12. 12. IPv6 @ ITB • Campus-wide IPv6 Deployment @ ITB • Dual-stack services – Email server – Web server – DNS server – FTP server – SSH and Telnet (remote login)
  13. 13. Campus-wide IPv6 Deployment • Problem : – Campus Backbone is not IPv6-compliant • Cisco Catalyst 6500 Sup1A/MSFC1 • Cisco only released IPv6 on Sup2 and Sup720 • Solutions : – One PC router (IPv6 w/ Zebra routing daemon) on each Catalyst – Each router is connected via IPv6 tunnel – Router connects subnets on each Catalyst using VLAN trunk 802.1q
  14. 14. Campus-wide IPv6 Deployment (cont’d) 802.1q Trunk Access VLAN on Catalyst 6000 each IPv6 Subnet ITB ITB1-v6-router North Campus Tu 802.1q Trunk el G ink n n Tun ig ne L Et l 802.1q Trunk h Tunnel GigEth ITB2-v6-router Link ITB3-v6-router Catalyst 6000 Access VLAN on Catalyst 6000 Access VLAN on each IPv6 Subnet each IPv6 Subnet ITB West Campus ITB South Campus
  15. 15. Dual-stack Services • DNS server – ns1.itb.ac.id/ns2.itb.ac.id now resolve IPv6 address • Email server – MX.itb.ac.id has IPv6 address, with postfix (IPv6-patched) • Web server – ITB official website (http://www.itb.ac.id) has IPv6 address
  16. 16. FTP Server > uname -a FreeBSD itb2-v6-router.itb.ac.id 4.7-RELEASE FreeBSD 4.7-RELEASE #0: Fri May 9 23:56:42 GMT 2003 admin@itb2-v6- router.itb.ac.id:/usr/source/kame/freebsd4/sys/compile/itb2_v6_router- kame-20030407-freebsd47 i386 > host -t AAAA fileserver.lapi.itb.ac.id fileserver.lapi.itb.ac.id has address 2001:200:830:11:2e0:18ff:fe8c:180a > ftp -6 fileserver.lapi.itb.ac.id Connected to fileserver.lapi.itb.ac.id. 220 fileserver.lapi.itb.ac.id FTP server (Version 6.00LS) ready. Name (fileserver.lapi.itb.ac.id:admin): dikshie 331 Password required for dikshie. Password: 230 User dikshie logged in. Remote system type is UNKNOWN. ftp> pwd 257 "/home/dikshie" is current directory. ftp>
  17. 17. SSH (Remote Login) > uname -a FreeBSD ipv6.ppk.itb.ac.id 4.8-STABLE FreeBSD 4.8- STABLE #1: Sun Apr 6 18:26:06 WIT 2003 dikshie@ipv6.ppk.itb.ac.id:/usr/obj/usr/src/sys/PPK i386 > ssh -6 dikshie@fileserver.lapi.itb.ac.id The authenticity of host 'fileserver.lapi.itb.ac.id (2001:200:830:11:2e0:18ff:fe8c:180a)' can't be established. DSA key fingerprint is 55:cb:3d:b8:cc:08:2d:44:a2:f2:9d:94:36:77:de:2a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'fileserver.lapi.itb.ac.id' (DSA) to the list of known hosts. Password:
  18. 18. TELNET (Remote Login) > uname -a FreeBSD ipv6.ppk.itb.ac.id 4.8-STABLE FreeBSD 4.8- STABLE #1: Sun Apr 6 18:26:06 WIT 2003 dikshie@ipv6.ppk.itb.ac.id:/usr/obj/usr/src/sys/PPK i386 > telnet -6 fileserver.lapi.itb.ac.id Trying 2001:200:830:11:2e0:18ff:fe8c:180a... Connected to fileserver.lapi.itb.ac.id. Escape character is '^]'. Trying SRA secure login: User (dikshie): Password: [ SRA accepts you ]
  19. 19. SMTP (Incoming) Jun 16 21:36:27 ipv6 postfix/smtpd[355]: connect from mx2.itb.ac.id[2001:200:800:3000:202:44ff:fe35:2285] Jun 16 21:36:27 ipv6 postfix/smtpd[355]: 94A2620: client=mx2.itb.ac.id[2001:200:800:3000:202:44ff:fe35:2285] Jun 16 21:36:27 ipv6 postfix/cleanup[328]: 94A2620: message- id=<20030616143613.95944.qmail@web12604.mail.yahoo. com> Jun 16 21:36:27 ipv6 postfix/qmgr[327]: 94A2620: from=<bounce-isp-routing-396359@lists.isp- lists.com>, size=7908, nrcpt=1 (queue active) Jun 16 21:36:27 ipv6 postfix/smtpd[355]: disconnect from mx2.itb.ac.id[2001:200:800:3000:202:44ff:fe35:2285] Jun 16 21:36:27 ipv6 postfix/local[330]: 94A2620: to=<dikshie@ppk.itb.ac.id>, relay=local, delay=0, status=se nt (delivered to command: IFS=' ' && exec /usr/bin/procmail -f- || exit 75 #dikshie)
  20. 20. SMTP (Outgoing) Jun 16 21:42:29 ipv6 postfix/pickup[326]: C8C2376: uid=1000 from=<dikshie@ppk.itb.ac.id> Jun 16 21:42:29 ipv6 postfix/cleanup[328]: C8C2376: message-id=<20030616144229.GA543@ppk.itb.ac.id> Jun 16 21:42:29 ipv6 postfix/qmgr[327]: C8C2376: from=<dikshie@ppk.itb.ac.id>, size=1046, nrcpt=1 (queue active) Jun 16 21:42:40 ipv6 postfix/smtp[535]: C8C2376: to=<dikshie@rootshell.be>, relay=mail.rootshell.be[3ffe:810 0:200:1fff::25], delay=11, status=bounced (host mail.rootshell.be[3ffe:8100:200:1fff::25] said: 550 5.1.1 <dikshie@rootshell.be>... User unknown (in reply to RCPT TO command))
  21. 21. E-Mail Service Report By mailadm@itb.ac.id
  22. 22. Network Map
  23. 23. Recent Condition (1/2) • All MX-ITB are IPv6 compliant. • mx1.itb.ac.id – Pentium III-1000 MHz 128 MB RAM – Postfix 2.0.7 with tls+ipv6-1.13-pf-2.0.7.patch (migrated from qmail 1.03) – Apache 1.3.27 – mailman 2.1 (migrated from ezmlm) • mx2.itb.ac.id – AMD Duron 750 MHz 128 MB RAM – SMTP-auth using cyrus-sasl-1.5.24 – Postfix 2.0.7 with tls+ipv6-1.13-pf-2.0.7.patch
  24. 24. Recent Condition (2/2) • mx3.itb.ac.id – Pentium III-500 MHz 128 MB RAM – Postfix 2.0.7 with tls+ipv6-1.13-pf-2.0.7.patch • mxout.itb.ac.id – Load balancing server using Cisco Catalyst 6500 (not IPv6 compliant) – Provide outgoing mail server for 167.205.0.0/16
  25. 25. Email Traffic/day on Mei 2003 350000 Email Traffic 300000 250000 200000 150000 100000 50000 0 ik s e e e ru id nc id af ts s vi Tr u in ou Bo nt d+ nt se se re er ef D
  26. 26. Top 10 Mailing List @itb.ac.id (by members) cdc-itb 4907 itb 696 dokter 561 dosen 421 jobs 385 cdc-hrdstar 341 hindu-dharma 252 sysop-l 203 itb75 159 politeknik 152
  27. 27. Email Filter Methods • Filtered by RBL – sbl.spamhaus.org (transfer zone) – relays.ordb.org • Filtered by regex – ftp://ftp.worldless.net/pub/postfix/
  28. 28. Known Problems • Mailman @ mx1.itb.ac.id – Queue file corrupt could make mailman stop sending email to the list members – Database file corrupt could make a mailinglist whole configuration lost. • Spamassasin implementation – Failed because of the lackness of resources (CPU+Memory) mx3.itb.ac.id crash within five minutes.
  29. 29. Others • B/W usage http://netmon.cnrglab.itb.ac.id/site/summary?id=10 • Next : – Try using centralized database to maintain spam list – Try combining Postfix smtp-auth with sasl and ldap
  30. 30. ITB Looking Glass • http://ken-arok.cnrg.itb.ac.id • Source code from : ftp://ftp.enterzone.net/looking-lass/CURRENT/ with little adjustment
  31. 31. Domain Name Service Report dnsadm@itb.ac.id
  32. 32. Recent Condition [1/2] DNS in ITB Network is handled by : • ns1.itb.ac.id IP Address : 167.205.23.1 202.249.24.65 2001:200:830:0:250:baff:fecb:9fcf Computer Specification : Processor : Intel Pentium 166 MHz 64 MB RAM FreeBSD 4.7-RELEASE BIND 8.4.1 IPv6 Support • ns2.itb.ac.id IP Address : 167.205.22.123 2001:200:830:1:200:21ff:fee0:6d2e Computer Specification : Processor : Intel Pentium 200 MHz 128 MB RAM FreeBSD 4.7-RELEASE BIND 9.2.2 IPv6 Support
  33. 33. Recent Condition [2/2] • ns3.itb.ac.id IP Address : 167.205.48.253 Computer Specification : Processor : Intel Pentium III 730 MHz 128 MB RAM OS : FreeBSD 3.5-RELEASE Software : BIND 9.22
  34. 34. DNS Handling • ns1.itb.ac.id - Handling transfer zone between itb.ac.id domain and The Internet - Organizing domain *.itb.ac.id name server delegation • ns2.itb.ac.id - Master & secondary name server for domain *.itb.ac.id - Master & secondary name server for 167.205.0.0/16 reversed • ns3.itb.ac.id - Master & secondary name server for domain *.itb.ac.id - Master & secondary name server for 167.205.0.0/16 reversed
  35. 35. IPv6 DNS Server • ITB use AAAA addressing, not A6 addressing • ITB does not have its reverse for ipv6, [hopefully, we will get as soon as possible] • ITB use ip6.arpa addressing on reverse, not ip6.int • There are not specific domain for ipv6. if 1 server has ipv6, hostname has 2 ip (or more), ipv6 & ipv4
  36. 36. Load • Traffic in ns2.itb.ac.id • DNS traffic in ai3- indonesia- ether.itb.ac.id DNS traffic is shown in blue color, it’s not significant if it’s compared with other traffics
  37. 37. Known Problems • ITB could not resolved some other domains. solution : DNS administrator in both domain (ITB domain and the troubled domain) would make zone transfer manually between ns1.itb.ac.id and their name server • Delegated name server down for a longtime, thus delegated domain disappeared from The Internet solution : ITB DNS Administrator would take off its delegation and use ns2/ns3 for primary name server of its domain

×