1 / 41

ITB Status Report

ITB Status Report. Spring AI3 Meeting 19-21 June 2003 Tokyo, Japan. Observatorium Bosscha. One and the only star observatorium in South East Asia, currently run by Astronomy Dept, ITB Stationed at Lembang, West Java, about 6 km North from Bandung Website : http://www.bosscha.itb.ac.id.

ada
Download Presentation

ITB Status Report

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ITB Status Report Spring AI3 Meeting 19-21 June 2003 Tokyo, Japan

  2. Observatorium Bosscha • One and the only star observatorium in South East Asia, currently run by Astronomy Dept, ITB • Stationed at Lembang, West Java, about 6 km North from Bandung • Website : http://www.bosscha.itb.ac.id

  3. Live Observation at Bosscha • The use of Internet Technology for (near) real-time sky object observation • Input • CCD camera attached to the telescope • Output • Live streaming video using RealPlayer • Periodic Image capture using Webcam Apps • Audience can watch live observation directly from their computer!

  4. Live Observation at Bosscha (cont’d) • Conducted at May 7th 2003, observing Mercury Transit (Mercury will pass through the sun, so looks visible from Earth) • Done with portable telescope, with CCD camera attached • CCD camera output is splitted in two direction by video splitter • For RealProducer, creating Streaming Media files • For Webcam apps (Durgem, http://durgem.sourceforge.net), creating periodic (30 sec) image capture

  5. Live Observation at Bosscha (cont’d) • Bosscha is connected to ITB using 802.11b Wireless Link • Audience can watch video stream and image capture in website http://bosscha-live.ai3.itb.ac.id • Two video stream created : • 56 kbps for Internet audience • 384 kbps for ITB audience (LAN)

  6. Responses about Live Observation at Bosscha • Public Announcement about live observation was made in public mailing list and newspaper • Responses was high at websites : see http://stats.cnrglab.itb.ac.id/bosscha-live.ai3.itb.ac.id/

  7. Results • Cloudy weather makes hard to get good pictures of the Mercury Transit • Thanks to the Durgem, 15 picture out of 300 picture captures the Transit • Astronomers is very delighted about the results • Planned to do live observation in late August, observing Mars at Perihelion (nearest distance to Earth)

  8. PortableTelescope CCD Camera attached to the telescope

  9. Real Producer & Webcam Server Video Splitter Observation site, at the top of the roof Journalists came to the observation site

  10. http://bosscha-live.ai3.itb.ac.id Website and RealPlayer

  11. Image captured using CCD Camera Processed image by Bosscha Astronomer

  12. IPv6 @ ITB • Campus-wide IPv6 Deployment @ ITB • Dual-stack services • Email server • Web server • DNS server • FTP server • SSH and Telnet (remote login)

  13. Campus-wide IPv6 Deployment • Problem : • Campus Backbone is not IPv6-compliant • Cisco Catalyst 6500 Sup1A/MSFC1 • Cisco only released IPv6 on Sup2 and Sup720 • Solutions : • One PC router (IPv6 w/ Zebra routing daemon) on each Catalyst • Each router is connected via IPv6 tunnel • Router connects subnets on each Catalyst using VLAN trunk 802.1q

  14. Campus-wide IPv6 Deployment (cont’d)

  15. Dual-stack Services • DNS server • ns1.itb.ac.id/ns2.itb.ac.id now resolve IPv6 address • Email server • MX.itb.ac.id has IPv6 address, with postfix (IPv6-patched) • Web server • ITB official website (http://www.itb.ac.id) has IPv6 address

  16. FTP Server > uname -a FreeBSD itb2-v6-router.itb.ac.id 4.7-RELEASE FreeBSD 4.7-RELEASE #0: Fri May 9 23:56:42 GMT 2003 admin@itb2-v6-router.itb.ac.id:/usr/source/kame/freebsd4/sys/compile/itb2_v6_router-kame-20030407-freebsd47 i386 > host -t AAAA fileserver.lapi.itb.ac.id fileserver.lapi.itb.ac.id has address 2001:200:830:11:2e0:18ff:fe8c:180a > ftp -6 fileserver.lapi.itb.ac.id Connected to fileserver.lapi.itb.ac.id. 220 fileserver.lapi.itb.ac.id FTP server (Version 6.00LS) ready. Name (fileserver.lapi.itb.ac.id:admin): dikshie 331 Password required for dikshie. Password: 230 User dikshie logged in. Remote system type is UNKNOWN. ftp> pwd 257 "/home/dikshie" is current directory. ftp>

  17. SSH (Remote Login) > uname -a FreeBSD ipv6.ppk.itb.ac.id 4.8-STABLE FreeBSD 4.8-STABLE #1: Sun Apr 6 18:26:06 WIT 2003 dikshie@ipv6.ppk.itb.ac.id:/usr/obj/usr/src/sys/PPK i386 > ssh -6 dikshie@fileserver.lapi.itb.ac.id The authenticity of host 'fileserver.lapi.itb.ac.id (2001:200:830:11:2e0:18ff:fe8c:180a)' can't be established. DSA key fingerprint is 55:cb:3d:b8:cc:08:2d:44:a2:f2:9d:94:36:77:de:2a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'fileserver.lapi.itb.ac.id' (DSA) to the list of known hosts. Password:

  18. TELNET (Remote Login) > uname -a FreeBSD ipv6.ppk.itb.ac.id 4.8-STABLE FreeBSD 4.8-STABLE #1: Sun Apr 6 18:26:06 WIT 2003 dikshie@ipv6.ppk.itb.ac.id:/usr/obj/usr/src/sys/PPK i386 > telnet -6 fileserver.lapi.itb.ac.id Trying 2001:200:830:11:2e0:18ff:fe8c:180a... Connected to fileserver.lapi.itb.ac.id. Escape character is '^]'. Trying SRA secure login: User (dikshie): Password: [ SRA accepts you ]

  19. SMTP (Incoming) Jun 16 21:36:27 ipv6 postfix/smtpd[355]: connect from mx2.itb.ac.id[2001:200:800:3000:202:44ff:fe35:2285] Jun 16 21:36:27 ipv6 postfix/smtpd[355]: 94A2620: client=mx2.itb.ac.id[2001:200:800:3000:202:44ff:fe35:2285] Jun 16 21:36:27 ipv6 postfix/cleanup[328]: 94A2620: message-id=<20030616143613.95944.qmail@web12604.mail.yahoo.com> Jun 16 21:36:27 ipv6 postfix/qmgr[327]: 94A2620: from=<bounce-isp-routing-396359@lists.isp-lists.com>, size=7908, nrcpt=1 (queue active) Jun 16 21:36:27 ipv6 postfix/smtpd[355]: disconnect from mx2.itb.ac.id[2001:200:800:3000:202:44ff:fe35:2285] Jun 16 21:36:27 ipv6 postfix/local[330]: 94A2620: to=<dikshie@ppk.itb.ac.id>, relay=local, delay=0, status=sent (delivered to command: IFS=' ' && exec /usr/bin/procmail -f- || exit 75 #dikshie)

  20. SMTP (Outgoing) Jun 16 21:42:29 ipv6 postfix/pickup[326]: C8C2376: uid=1000 from=<dikshie@ppk.itb.ac.id> Jun 16 21:42:29 ipv6 postfix/cleanup[328]: C8C2376: message-id=<20030616144229.GA543@ppk.itb.ac.id> Jun 16 21:42:29 ipv6 postfix/qmgr[327]: C8C2376: from=<dikshie@ppk.itb.ac.id>, size=1046, nrcpt=1 (queue active) Jun 16 21:42:40 ipv6 postfix/smtp[535]: C8C2376: to=<dikshie@rootshell.be>, relay=mail.rootshell.be[3ffe:8100:200:1fff::25], delay=11, status=bounced (host mail.rootshell.be[3ffe:8100:200:1fff::25] said: 550 5.1.1 <dikshie@rootshell.be>... User unknown (in reply to RCPT TO command))

  21. E-Mail Service Report By mailadm@itb.ac.id

  22. Network Map

  23. Recent Condition (1/2) • All MX-ITB are IPv6 compliant. • mx1.itb.ac.id • Pentium III-1000 MHz 128 MB RAM • Postfix 2.0.7 with tls+ipv6-1.13-pf-2.0.7.patch (migrated from qmail 1.03) • Apache 1.3.27 • mailman 2.1 (migrated from ezmlm) • mx2.itb.ac.id • AMD Duron 750 MHz 128 MB RAM • SMTP-auth using cyrus-sasl-1.5.24 • Postfix 2.0.7 with tls+ipv6-1.13-pf-2.0.7.patch

  24. Recent Condition (2/2) • mx3.itb.ac.id • Pentium III-500 MHz 128 MB RAM • Postfix 2.0.7 with tls+ipv6-1.13-pf-2.0.7.patch • mxout.itb.ac.id • Load balancing server using Cisco Catalyst 6500 (not IPv6 compliant) • Provide outgoing mail server for 167.205.0.0/16

  25. Email Traffic/day on Mei 2003

  26. Top 10 Mailing List @itb.ac.id (by members)

  27. Email Filter Methods • Filtered by RBL • sbl.spamhaus.org (transfer zone) • relays.ordb.org • Filtered by regex • ftp://ftp.worldless.net/pub/postfix/

  28. Known Problems • Mailman @ mx1.itb.ac.id • Queue file corrupt could make mailman stop sending email to the list members • Database file corrupt could make a mailinglist whole configuration lost. • Spamassasin implementation • Failed because of the lackness of resources (CPU+Memory) mx3.itb.ac.id crash within five minutes.

  29. Others • B/W usage http://netmon.cnrglab.itb.ac.id/site/summary?id=10 • Next : • Try using centralized database to maintain spam list • Try combining Postfix smtp-auth with sasl and ldap

  30. ITB Looking Glass • http://ken-arok.cnrg.itb.ac.id • Source code from : ftp://ftp.enterzone.net/looking-lass/CURRENT/with little adjustment

  31. Domain Name Service Report dnsadm@itb.ac.id

  32. Recent Condition [1/2] DNS in ITB Network is handled by : • ns1.itb.ac.id IP Address : 167.205.23.1 202.249.24.65 2001:200:830:0:250:baff:fecb:9fcf Computer Specification : Processor : Intel Pentium 166 MHz 64 MB RAM FreeBSD 4.7-RELEASE BIND 8.4.1 IPv6 Support • ns2.itb.ac.id IP Address : 167.205.22.123 2001:200:830:1:200:21ff:fee0:6d2e Computer Specification : Processor : Intel Pentium 200 MHz 128 MB RAM FreeBSD 4.7-RELEASE BIND 9.2.2 IPv6 Support

  33. Recent Condition [2/2] • ns3.itb.ac.id IP Address : 167.205.48.253 Computer Specification : Processor : Intel Pentium III 730 MHz 128 MB RAM OS : FreeBSD 3.5-RELEASE Software : BIND 9.22

  34. DNS Handling • ns1.itb.ac.id - Handling transfer zone between itb.ac.id domain and The Internet - Organizing domain *.itb.ac.id name server delegation • ns2.itb.ac.id • Master & secondary name server for domain *.itb.ac.id • Master & secondary name server for 167.205.0.0/16 reversed • ns3.itb.ac.id • Master & secondary name server for domain *.itb.ac.id • Master & secondary name server for 167.205.0.0/16 reversed

  35. IPv6 DNS Server • ITB use AAAA addressing, not A6 addressing • ITB does not have its reverse for ipv6, [hopefully, we will get as soon as possible] • ITB use ip6.arpa addressing on reverse, not ip6.int • There are not specific domain for ipv6. if 1 server has ipv6, hostname has 2 ip (or more), ipv6 & ipv4

  36. Load • Traffic in ns2.itb.ac.id • DNS traffic in ai3-indonesia-ether.itb.ac.id DNS traffic is shown in blue color, it’s not significant if it’s compared with other traffics

  37. Known Problems • ITB could not resolved some other domains. solution : DNS administrator in both domain (ITB domain and the troubled domain) would make zone transfer manually between ns1.itb.ac.id and their name server • Delegated name server down for a longtime, thus delegated domain disappeared from The Internet solution : ITB DNS Administrator would take off its delegation and use ns2/ns3 for primary name server of its domain

More Related