Minutes of Working Group Meeting

CSO Base Facility, Hilo

March 13, 2003

Present:

• Mac Cooper (SMA)
• Tony Denault (IRTF)
• Nick Johnson (Gemini)
• Laurie Bass (Gemini)
• Miranda Hawarden-Ogata (IfA/IRTF)
• Ruisheng Peng (CSO)
• Pui Hin Rhoads (IfA)
• Kiaina Schubert (Subaru)
• Henry Stilmack (JAC)
• Tony Sylvester (VLBA)
• Kanoa Willington (CFHT)
• Hiroshige Yoshida (CSO)

Absent:

• Keck
• UH

Minutes

Current Network Status

Between Jan 22nd and Jan 29th, we saw several network problems; mostly caused by SQL worms announced by CERT on the 26th.

Jan 22 - Jim Kennedy reported routing problems to Chile which lasted a couple of hours.


Jan 24 - Routing problems were found between Maui and Hilo; lasted about 10 minutes.

Jan 25 - More of the same problems occurred; they lasted a couple of hours.

Jan 26 - More routing problems occurred. By then, the SQL Server Slammer Worm was announced by CERT. It was reported to be much more powerful than the Code Red Worm of 2001. UH-ITS network staff while combating attacks on the UH networks, inadvertently filtered off four computers serving as DNS and Web servers within the MKOCN for almost a 24 hours period. UH-ITS staff was asked to contact Miranda and the observatory support staff directly in the future for urgent matters if Pui Hin cannot be reached.

Jan 29 - Both primary and secondary links to the commodity Internet and I2 were down for about an hour due to routing problems. It was not clear whether this incident was related also to SQL worms.

The network has been problem free since Jan 29th. Connection to the commodity Internet has improved since DREN has switched from AT&T to WorldCom.


Secondary DNS at HP

The secondary DNS at HP is in place, currently we have received zone information from Keck, CFHT and Gemini; and Gemini is not allowing zone transfer.

We need from the following from everyone that wants to participate:

• Contents of their named.conf or named.boot for older version.
• IP of their primary DNS.
• Permission on their firewall and DNS for zone transfer.

Wireless connection for the Visitor Center

In January, fibers connecting the MK Visitor Center to the HP main building were damaged during construction work on the old solar panel. The damage was between the HP Utility room and the HP main building. After careful assessment, it was determined that patching the fibers will introduce additional optical loss to a link that was working marginally before this incident. The damaged fibers are old and don't meet today's standards. Pulling completely new fibers will be difficult due to the conduit conditions between the Utility room and the Visitor Center. Other options were considered, and the wireless technology looks very attractive other than the concern for RFI potentials. Antony Schinckel, who was helping in assessing the fiber damage pointed out that HP is six miles away from the summit and that he is in support of the implementation. Pui Hin has also contacted VLBA, and VLBA was in the process of performing a propagation analysis.

Pui Hin asked all present to consult with their directors on this issue.

Pui Hin wished to thank SMA, in particular Antony Schinckel and Keith Brian for their help in assessing the fiber damage, and Mac Cooper for his help on a possible wireless implementation.

Fiber Damage - risk analysis

Nick Johnson of Gemini suggested a need to perform a risk analysis for the MKOCN fibers to mitigate the effect of similar incidents in the future that might affect other connections including the summit.

Pui Hin explained that for this particular incident, there is no as-built for the segment of fibers affected. It was known that the fiber path is within the area under construction. Pui Hin will work with Ron Koehler on this issue.

Pui Hin went on to clarify that even though MKOCN fibers run alongside the Visitor Center fibers between the HP utility room and the HP main building, connection for the summit would not have been disrupted even if this segment of the MKOCN fibers were damaged.

The MKOCN consists of MKOCN private fibers and Verizon fibers:

• Private fibers consist of a logical star centered at the summit communication room branching out to each of the telescope summit facilities and HP. The branch to HP passes through the HP utility room.
• Verizon fibers consists of a similar star, and a bundle of fibers running between the summit and Humuula where it meets up with the cross-saddle fibers for connection to Hilo and Waimea.

Connections from the summit to Hilo and Waimea run along the Verizon fiber bundle, which is a different bundle of fibers than that that goes to HP.

Further, most observatories have a DS3 service between their summit and base facilities which again runs on Verizon fibers. A Verizon T1 serves as a backup from HP to UH Manoa. For Verizon fibers, an emergency plan was worked out with Verizon -- which was GTE Hawaiian Tel in 1998. For the details of this emergency plan, please refer to the URL:

19980904.html

Possibility of a facility-wide WLAN at Hale Pohaku

This agenda item was initiated by Henry Stilmack of JAC. The interest for a HP facility-wide WLAN was echoed by everyone present other than Tony Sylvester from VLBA, who expressed reservations. Again Pui Hin asked all present to consult with their directors and report back if there are any concerns. The implementation will cover the HP main buildings as well as the dormitories which currently have no network connections.

A discussion on how to implement a facility-wide WLAN followed. It was recognised that security is a big concern for wireless connections. Henry Stilmack suggested separating the wireless from the rest of the network so that bandwidth can be restricted if necessary and facilities can configure their firewalls to treat the subnet as unsecured. Users of the wireless connection should recognise the security issues and treat it accordingly.

SMA connection to Research Park fiber

Construction is underway for the SMA Hilo facility. Mac Cooper would like to consult with the working group on connection within the Park and to the Internet. Connection in the Park predated the IfA building and was a community effort. It consists of a fiber panel donated by JAC installed in the communication handhole outside of the Subaru building. MKO observatories tenants of the park pulled their own fibers to the fiber panel. In February of 2000, IfA joined the community, and with equipment provided through the Gemini network grants, provided Internet access for the Park. To join the network, SMA would need to pull their own fibers to the fiber panel. Provision already exists at the IfA side for the connection.

However, Pui Hin pointed out that even though the Hilo LAN is working fine for now, we will need to consider moving the connection point from the handhole into the IfA building. Being outdoors in the wet Hilo climate, the fiber panel is rusting. The move will involve pulling new fibers from each facility into the IfA building. Mac Cooper pointed out that SMA will be working with Verizon on their private DS3 connection from the summit to their new facility. The connection will need fiber connection from their new building to Verizon equipment already installed in the IfA building. There might be an opportunity to work out something with Verizon for the rest of the Hilo LAN.

Next Meeting

Thursday, June 12th, 10:00am at JAC, Hilo