Revisiting apan services 2
1 / 12

Revisiting APAN Services #2 - PowerPoint PPT Presentation

  • Uploaded on

Revisiting APAN Services #2. Yoshikata Hattori, [email protected] Pensri A., [email protected] Lee, Jaehwa, [email protected] APAN NOC 19 th APAN Meeting, Bangkok. What Are APAN Services?. WWW and DNS and

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' Revisiting APAN Services #2' - lindley

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Revisiting apan services 2

Revisiting APAN Services #2

Yoshikata Hattori, [email protected]

Pensri A., [email protected]

Lee, Jaehwa, [email protected]


19th APAN Meeting, Bangkok

What are apan services
What Are APAN Services?

  • WWW

    • and

  • DNS

    • and

  • E-mail/mailing lists


  • Distributed among/operated by APAN-KR/ANF and APAN-JP NOC’s

Why revisiting
Why Revisiting?

  • These are the most important services for us

    • to get information from APAN thru WWW

    • to communicate with others thru e-mail/mailing lists

    • based on the APAN DNS

  • So they need

    • correctness of information

    • reliability and stability of operation/monitoring

  • And they are naturally based upon the network architecture/operation.

  • Now APAN network architecture/operation has changed greatly which requires revisiting the services.

    • 24x7 operation/monitoring

    • GbE connection between JP and KR

Previous problems
(Previous) Problems

  • WWW

    • Contents of and have 4 hours’ difference -> Harmful

  • DNS

    • No backup of primary database(KR) -> Dangerous

  • E-mail/mailing lists

    • No backup of mailing lists(KR) -> Dangerous

  • Operated/monitored jointly by APAN-KR/ANF and APAN-JP NOC’s

    • No 24x7 operation/monitoring on KR side

New scheme
New Scheme

  • Servers distributed among JP and KR

    • Controlled/operated/monitored by APAN NOC

    • Redundancy/reliability

  • Information correctness, reliability, and stability

    • NFS between servers for WWW

    • Backup of data for WWW, DNS, Mailing Lists

    • Servers location independence of the sec.

Current status follow up
Current Status/Follow-up

  • WWW servers, =

    • 2 official servers(JP and KR) with 1 hidden server( in Sec./TH)

      • Sec controls the contents

    • Hidden server is rcync’ed by JP server (with a reliable backup) in every 4 hours

      • Sec must have a way to trigger rsync

    • KR server NFS-mounting JP server contents

      • KR must have a local copy : local copy of NFS-mounted contents

    • Need performance test for this scheme

  • DNS servers

    • Primary server moved to APAN NOC from KAIST, but it’s hidden now

    • The same 2 servers(secondary) seen from outside

    • 1 hidden server + 2 servers or just 2 servers?

  • Mail server/mailing lists reconfiguration

    • Still pending

      • Should follow WWW servers scheme – 2 official mail exchangers

      • Sec must control ML lists

  • Is it worth trying anycast for these services?

Current status on kr side
Current Status on KR Side

  • KOREN/APAN-KR NOC has moved to Seoul with servers

    • I(JH Lee) am working for Convergence Lab., KT in Seoul

  • Our new servers (still going on)

    • 2 redundant 1-u servers for WWW, DNS, mail servers w/ storage servers

      • These will host the APAN servers/services

    • Planning to have specialized servers for tunnel broker, AG bridge servers, SNMP servers, etc.

  • Only in 6 years we’re going to have many new servers

Figure of apan web servers relocation by mr hattori
Figure of APAN WebServers Relocationby Mr.Hattori

Domain Name Servers of




Secretariats can edit and update web contents on



These A records and CNAME record realize round robin service.

JHLee-san sent CD-Rs to Pensri-san. They contain the whole web contents of And Pensri-san has uploaded them on



Old KR web server

Previous rsync configuration between old KR server and JP had deleted.




Mounted with NFSReal-time updating can be done

Synchronizing the contents by SSH-wrapped rsync every 4 hours

master.apan.net203.159.31.33 www.apan.net203.181.248.30 www.apan.net203.255.255.86

$ cat rsyncd.confhosts allow = chroot = nomax connections = 4syslog facility = local5# pid file = /var/run/rsyncd.pidtimeout = 6000[www] path = /usr/local/src/www/html/ lock file = /home/inetapan/rsyncd.lock uid = inetapan gid = users read only = true

Users can access JP or KR server using or result of DNS query determines which server will be selected.

%crontab –l20 */4 * * * /usr/home/httpd/cron/wwwsync/ /usr/home/httpd/cron/wwwsync/!/bin/sh/usr/local/bin/rsync -e ssh -aqz [email protected]::www /home/httpd/

Results of DNS query are round robin.

1st time




2nd time




3rd time




This crontab with script on JP server remotely runs rsyncd command wrapped by SSH every 4 hours. Then rsync checks the updated contents on and transfers them to JP server.

This rsyncd.conf on allows rsync accessing from JP server.

Redundancy for web service
Redundancy for Web Service

  • How to build redundancy for and

    • Synchronize contents from TH to JP and from JP to KR

    • Allocate 2 IP addresses (KR: and JP: for and

    • Use round robin DNS

  • How to synchronize the web contents

    • The bandwidth and RTT of TH-JP and KR-JP are taken into account

    • KR-JP use NFS, enough bandwidth and good RTT

    • TH-JP use SSH-wrapped rsync because of limited bandwidth

Building kr jp synchronization by nfs
Building KR-JP Synchronization by NFS

  • NFS for synchronization between KR and JP, and he led the implementation

    • NFS has already showed enough performance within Korea

    • Fortunately, there is enough bandwidth between KR and JP

    • JP server, exports the web contents as read-only NFS server only to KR server

    • KR server remotely mounted them as NFS client

  • Destination is from JP to KR

  • Need further tests for NFS/WWW performance

New services
New Services

  • NTP

  • Information/Routing Registry

  • H.323/SIP

  • APAN Observatory

  • LDAP

  • Any services members want to have