Minutes of ILUGC meet - 19th August 2000

["Suraj.co.in" <sesha_sai_iyengar@xxxxxxxxx>]

**************************************************************************

                                  Minutes of the 19th August Meet
**************************************************************************

The ILUG-Chennai met on the 19th August, 2000 at 16:00 Hours at the
IITM's
Computer Center. Mr. M.K.S. brought his PIII and a C-DAC Gist Terminal
for his
Tamil on Linux Demo. He had Mr. Kumara Shanu and Mr. Bhaskaran by his
side for
assisting him with the demo, assembling stuff.

 The Agendas, as were planned on the mailing list, were:

  1. Tamil-Linux demo by Mr. MKS and team
  2. Talk on RADIUS & RAID by Dr. P.Sriram (will be introduced later(; )

We waited till 1630 for all the "Usual Faces" to appear and then gave up

and started the demo. Mr.MKS was a bit unhappy with GNOME. The machine
froze. Though, the curious lot saw the unofficial demo beforehand, it
was
redemoed for the latecomers (BOMB, etc.,). The "Translucent Beard"
(Zameer)
surprised us all by not making to the meet.

He first showed a few features of the CDAC GIST Terminal. The 17
Language
support, 'switching languages' were a few amongst the features
mentioned.

MKS and his team are working on ANUSARAKA, the Tamil -> Hindi
Translation
project. AKARAM text editor,developed by Chinnaswami Nagoo, a team in
Singapore, India, was shown. This editor uses simple, easy to guess
key-combinations to produce tamil characters. The F10 toggle can be
used to switch between English and Tamil. A small latex poem was typed
using
the Akaram editor. This was compiled to a .ps and shown using gv. The
o/p
was excellent. He mentioned about the Tamil TCSII Font package developed
in
the US.

The most interesting part of the demo was the Tamil-on-Console. He
showed
how one can set the local language settings (such as the LANG env var.)
and
get tamil on the console. Most of the Console o/ps like date, ls -l, cal

had a mind blowing Tamil eqv for the dates. This tarball can be
downloaded
from:
  http://tamil.htmlplanet.com

The Anusaraka project was also discussed. Anusaraka is nothing but a
Language Translation (and also transliteration) program that was
actually
aimed at Tamil <-> English, but ended up translating from Tamil <->
Hindi.

Mr. Kumara Shanu explained how the tamil parser works by splitting the
words
into different parts called "morphenes". These morphenes are the
simplest
units which can be referred into the dictionaries. There was a lot of
humour
flying in the air when we tried to "test" the software with the very
famous
"Nee unga ammavukku ethanayavathu paiyan?". It had some problem
translating
the word amma into Maa (hindi). Instead it ended up transliterating it
to
the same amma (hindi). So we concluded the test saying "Amma" is
unshakeable.

MKS explained the difficulties they had (and have) in this project:

 * Their proj. depends entirely on the GIST Terminal for viewing the
   outputs.
 * PERL being a W-O (Write-Only) language, has caused a pain in the neck

   for debugging.

They are planning to rewrite their code using C. Their current sources
are
GPLed and MKS promised to make them available on the web for download.

There were a few voices asking for GNOME<->Tamil project.

Next was the most awaited talk on RADIUS by Dr. P.Sriram. Hmmm... I
talked
of introing him to you all, right?

now, let me give you a small intro of the famous lot to you all:

 Meet...
  Prabhu... The ILUGC Rep.
  Zameer... The spoonered Amnesiac (-;
  Dr.P.Sriram... The potential CD Maker!  (-;

Sriram started off by Defining RADIUS.

RADIUS - Remote Access Dial In User Services. RADIUS has been around for
a
while (10 years or so) and is used by ISPs, etc., who want to allow
remote
logging and optionally accounting. RADIUS is such a great piece of
software
that works so that no one really knows its there. He explained the
various
scenarios in which RADIUS can be employed.

The NAS (Network Access Server) is the machine that has the various
Serial
lines connect to and is also connected to the network. The NAS is
connected
to the machine that runs RADIUS. RADIUS can be used to authenticate,
Authorise the various users on what services they can run.

He mentioned a few words about the ports (1812->radius,
1813->accounting).
Radius can be configured to run on two APs (Authentication Protocols)
 1. PAP (Password Authentication Protocol) and 2. CHAP (Challenge
 Handshake Authentication Protocol)

When Radius runs on PAP, the passwd entered by the users at his end is
transmitted via the phone line in plain text. The NAS then encrypts this

passwd with a "Shared Secret"_[1] and sends it over to the radius
server.
The radius server decrypts this passwd and looks into the passwd file.
Radius server then responds to the NAS with a YES/NO signal. The NAS
then
takes care of what-to-do-next-stuffs.

But if a user is able to sniff the packets, he can send a YES to the NAS

fooling it to go into the thinking that the Radius had sent it. Another
hole
is that as the passwd from the user end arrives in clear text, it can be

tapped. That's when CHAP came into role.

When the system uses CHAP, The NAS generates a random number and sends
it to
the user in plain text. The user machine then encrypts this and sends it

over to the NAS. The NAS sends this over to the radius along with the
random
number encrypted with the shared secret. radius decrypts these and looks

into the passwd file (plain text). The disadvantage here is that if the
radius file is cracked, all the passwds will be exposed.

Radius is a UDP service because a TCP service would have to wait for the

received signal. This means a lot of waiting would have to be done the
the
NAS. But in UDP the NAS can merely broadcast the msg to all the radius
servers.

radius also offers a user name prefix. This means that depending on the
username the user can be allocated the service for that prefix. It also
allows suffices (like user@md2) This allows the use of many radius
servers,
each for a special zone and yet make mobility of users to other zones.
This
is very similar to what VSNL does. A person in pune can come to chennai
and
will still be able to use his pune account by dialing to the chennai
machines.

The CISCO's solution for radius was TACACS, XTACACS, TACACS+. Though
TACACS
is CISCO's standard for remote authentication, its boxes support both
RADIUS
and (X)TACACS(+).

Radius comes in two flavours. 1. The first ever radius was produced by a

company called Livingston. 2. CISTRON which took up radiusd development
thereafter.

The Current version of radiusd (1.6) is available for download as a
tarball
from freeradius.org

Dr.Sriram explained about the IETF (Internet Engineering Task Force)
which
is working on AAA (Authenticating, Authorization, Accounting). According

to the IETF, the recommended AAA softwares are COPS and DIAMETER (twice
as
good as the Radius!).

DIAS as is implemented in the campus is something like ISDN over HDSL.
This
allows Voice and Data over Normal Telephone lines.

Next was talk on RAID again by Dr.P.Sriram.


RAID : Redundant Array of Inexpencive Disks.

There are two types of RAID. a) Hardware
                             b) Software

RAID evolved when people wanted more disk space than provided by any
single large disk.

Note : In the following "disk" stands for a SCSI HDD.

Linear RAID.
^^^^^^^^^^^
Let there be five Hard-disks. The last byte of the first disk would
point
to the first byte of the Second hard disk and the Last byte of the
second
to the third and so on. The first hard disk is filled up once and the
second after the first is filled and so on. The OS would see this set
as a single big hard drive. Each hard disk would contain one
partition. ( The whole of the medium would be treated as one.) Here
obviously there is no redundancy of data.

Level 0 RAID : Striping.
^^^^^^^^^^^^^^^^^^^^^^^
This is also called Striping. Let us take there are 5 disks in Level 0
RAID. When a file of 5 blocks is to be written then each hard drive is
sent a SINGLE block of data and hence there will be a `5' factor
improvement in write and the same applies to read process. If there are
`n' disks in RAID then there would be an `n' factor improvement in
Read/Write performance.

Note :
a) If one the disk fails ALL the data is lost !

To avoid this the next level of RAID is developed.

Level 1 RAID : Mirroring.
^^^^^^^^^^^^^^^^^^^^^^^^

As the name suggests there is redundancy of data. Lets take there are
two
disks in L1 RAID. When data has to be written, it is written to both the

disks but when the read has to be made it would be done in striping
mode.(
Half from one and Half from other.)
There can be a small decrease in write speed due to "Bus Arbitration". I

didnot understand what that meant.
There would be a speed improvement in the read mode. The advantage  - If

you have `n' disks, (n-1) can fail and the reading process is very fast.

One can have this sort of config for a file server.

Level 4 RAID :
^^^^^^^^^^^^^^
In this if there are five disks, four of them are used as in level 0 and

the fifth one is used to write the Parity bit. If any one of the disk
fails using the parity bit the data can be reconstructed. There will be
a
(n-1) factor improvement in read and write.

Advantage : One disk can fail. The chances that the parity disk fails
are
high as there is max. writing to that disk.


Level 5 RAID :
^^^^^^^^^^^^^^

In this the parity is distributed to all the disks instead of being on
one.

Hotspares : One can have spare disks such that if one of the disk fails
then the spare disk is used and the whole data is reconstructed and the
system is up again.

The config file for RAID. /etc/raidtab
The commands :
$ mkraid : to make raid file system

$ raid {start|stop}
    To start and stop raid daemon.

Raid for swap partition doesnot give any improvement since the same
functionality is provided by the kernel if you provide the same priority

for the swap partitions in the /etc/fstab.

Usually one needs a non-RAID disk to boot the system but Now it is
possible to boot from RAID.

For additional information one can see the Root-RAID HOWTO and the
Software-RAID HOWTO.

Dr.Sriram concluded the talk with a list of Speeds of various devices
available in the market. He explained how FCAL can help one (one in the
sense, as of now, an org) to connect different machines (archs) and
enable using a
large number of disks.

There were a good number of new members to the LUG. Surprisingly one of
them
ended up here after searching for "LUG" in google! The other reported of

spelling mistakes at chennailug.org. Then the webmaster had to say
"We donot have access to chennailug.org, but is expected soon".

Suraj forgot to take the attendance (as usual) and hopes to do it
atleast
by the next meet. There were about 15-18 people.


The meet ended at about 1930 HRS.

 Quote of the Meet (Due to popular demand, back again):

  "Perl is a write only language"
       --Vineet Chaitanya

Thanks to Midhun Kumar for writing the RAID part of this text.

 -Suraj



 [1] Shared Secret is a common string on the NAS and the Radius which is
used
 to encrypt / Decrypt the user passwd.
























_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

---
Visit our home page at: www.chennailug.org
Send e-mail to 'ilugc-request@xxxxxxxxxxxxxxxxxx' with 'unsubscribe' 
in either the subject or the body to unsubscribe from this list.