revisiting apan services 2 n.
Skip this Video
Download Presentation
Revisiting APAN Services #2

Loading in 2 Seconds...

play fullscreen
1 / 12

Revisiting APAN Services #2 - PowerPoint PPT Presentation

  • Uploaded on

Revisiting APAN Services #2. Yoshikata Hattori, Pensri A., Lee, Jaehwa, APAN NOC 19 th APAN Meeting, Bangkok. What Are APAN Services?. WWW and DNS and

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Revisiting APAN Services #2' - lindley

Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
revisiting apan services 2

Revisiting APAN Services #2

Yoshikata Hattori,

Pensri A.,

Lee, Jaehwa,


19th APAN Meeting, Bangkok

what are apan services
What Are APAN Services?
  • WWW
    • and
  • DNS
    • and
  • E-mail/mailing lists
  • Distributed among/operated by APAN-KR/ANF and APAN-JP NOC’s
why revisiting
Why Revisiting?
  • These are the most important services for us
    • to get information from APAN thru WWW
    • to communicate with others thru e-mail/mailing lists
    • based on the APAN DNS
  • So they need
    • correctness of information
    • reliability and stability of operation/monitoring
  • And they are naturally based upon the network architecture/operation.
  • Now APAN network architecture/operation has changed greatly which requires revisiting the services.
    • 24x7 operation/monitoring
    • GbE connection between JP and KR
previous problems
(Previous) Problems
  • WWW
    • Contents of and have 4 hours’ difference -> Harmful
  • DNS
    • No backup of primary database(KR) -> Dangerous
  • E-mail/mailing lists
    • No backup of mailing lists(KR) -> Dangerous
  • Operated/monitored jointly by APAN-KR/ANF and APAN-JP NOC’s
    • No 24x7 operation/monitoring on KR side
new scheme
New Scheme
  • Servers distributed among JP and KR
    • Controlled/operated/monitored by APAN NOC
    • Redundancy/reliability
  • Information correctness, reliability, and stability
    • NFS between servers for WWW
    • Backup of data for WWW, DNS, Mailing Lists
    • Servers location independence of the sec.
current status follow up
Current Status/Follow-up
  • WWW servers, =
    • 2 official servers(JP and KR) with 1 hidden server( in Sec./TH)
      • Sec controls the contents
    • Hidden server is rcync’ed by JP server (with a reliable backup) in every 4 hours
      • Sec must have a way to trigger rsync
    • KR server NFS-mounting JP server contents
      • KR must have a local copy : local copy of NFS-mounted contents
    • Need performance test for this scheme
  • DNS servers
    • Primary server moved to APAN NOC from KAIST, but it’s hidden now
    • The same 2 servers(secondary) seen from outside
    • 1 hidden server + 2 servers or just 2 servers?
  • Mail server/mailing lists reconfiguration
    • Still pending
      • Should follow WWW servers scheme – 2 official mail exchangers
      • Sec must control ML lists
  • Is it worth trying anycast for these services?
current status on kr side
Current Status on KR Side
  • KOREN/APAN-KR NOC has moved to Seoul with servers
    • I(JH Lee) am working for Convergence Lab., KT in Seoul
  • Our new servers (still going on)
    • 2 redundant 1-u servers for WWW, DNS, mail servers w/ storage servers
      • These will host the APAN servers/services
    • Planning to have specialized servers for tunnel broker, AG bridge servers, SNMP servers, etc.
  • Only in 6 years we’re going to have many new servers
figure of apan web servers relocation by mr hattori
Figure of APAN WebServers Relocationby Mr.Hattori

Domain Name Servers of




Secretariats can edit and update web contents on



These A records and CNAME record realize round robin service.

JHLee-san sent CD-Rs to Pensri-san. They contain the whole web contents of And Pensri-san has uploaded them on



Old KR web server

Previous rsync configuration between old KR server and JP had deleted.




Mounted with NFSReal-time updating can be done

Synchronizing the contents by SSH-wrapped rsync every 4 hours

master.apan.net203.159.31.33 www.apan.net203.181.248.30 www.apan.net203.255.255.86

$ cat rsyncd.confhosts allow = chroot = nomax connections = 4syslog facility = local5# pid file = /var/run/rsyncd.pidtimeout = 6000[www] path = /usr/local/src/www/html/ lock file = /home/inetapan/rsyncd.lock uid = inetapan gid = users read only = true

Users can access JP or KR server using or result of DNS query determines which server will be selected.

%crontab –l20 */4 * * * /usr/home/httpd/cron/wwwsync/ /usr/home/httpd/cron/wwwsync/!/bin/sh/usr/local/bin/rsync -e ssh -aqz /home/httpd/

Results of DNS query are round robin.

1st time




2nd time




3rd time




This crontab with script on JP server remotely runs rsyncd command wrapped by SSH every 4 hours. Then rsync checks the updated contents on and transfers them to JP server.

This rsyncd.conf on allows rsync accessing from JP server.

redundancy for web service
Redundancy for Web Service
  • How to build redundancy for and
    • Synchronize contents from TH to JP and from JP to KR
    • Allocate 2 IP addresses (KR: and JP: for and
    • Use round robin DNS
  • How to synchronize the web contents
    • The bandwidth and RTT of TH-JP and KR-JP are taken into account
    • KR-JP use NFS, enough bandwidth and good RTT
    • TH-JP use SSH-wrapped rsync because of limited bandwidth
building kr jp synchronization by nfs
Building KR-JP Synchronization by NFS
  • NFS for synchronization between KR and JP, and he led the implementation
    • NFS has already showed enough performance within Korea
    • Fortunately, there is enough bandwidth between KR and JP
    • JP server, exports the web contents as read-only NFS server only to KR server
    • KR server remotely mounted them as NFS client
  • Destination is from JP to KR
  • Need further tests for NFS/WWW performance
new services
New Services
  • NTP
  • Information/Routing Registry
  • H.323/SIP
  • APAN Observatory
  • LDAP
  • Any services members want to have