80 likes | 177 Views
LAL Site Report. Michel Jouvin LAL / IN2P3 jouvin@lal.in2p3.fr. 100 Go. Alpha PWS500. FC. FC. Alpha ES47. ESA12000 1,5 TB. HDS 9570 1,5 TB. Electronic CAD (Sun + Cadence). Alpha Experiments (8 CPUs). Linux Experiments (40 CPUs). Mac (100). Xterm. PC (250). Main Resources.
E N D
LAL Site Report Michel Jouvin LAL / IN2P3 jouvin@lal.in2p3.fr
100 Go Alpha PWS500 FC FC Alpha ES47 ESA12000 1,5 TB HDS 9570 1,5 TB Electronic CAD (Sun + Cadence) Alpha Experiments (8 CPUs) Linux Experiments (40 CPUs) Mac (100) Xterm PC (250) Main Resources DS20 • NFS • SMB • Appletalk • www • Mail • Print DS20e Gb Ethernet 100 Mb LSF Cluster (batch + interactive) 10 Mb LAL Site Report - HEPix - Vancouver 2003
Main Resources Changes • More Linux CPUs • 10 dual P4 Xeon on order (Dell PE 1750, 1U) • More TBs • HDS 9570V : 1.5 TB • Running very well • Less budget… • Budget uncertainty (always changing) • No OS upgrade since last meeting LAL Site Report - HEPix - Vancouver 2003
Mail Service • Virus/Spam filtering production • Spam Assassin + MimeDefang • Message tags still processed by clients • Less efficient since September… • Late with all our main projects for mail service • SIEVE for filtering at message delivery (server based) • Upgrade IMAP server to Cyrus v2 • Required for SIEVE filtering • Authenticated SMTP LAL Site Report - HEPix - Vancouver 2003
Windows Infrastructure • IN2P3 forest in production • 7 labs in production • 4 labs should join shortly (by the end of ’03) • No problem so far, even if master domain not reachable • 1 global catalog per site • Forest management not to heavy • Domain management delegated to labs • Move of LAL domain to IN2P3 forest delayed • Planned in November • Back to NT4 domain and reupgrade to ActiveDirectory LAL Site Report - HEPix - Vancouver 2003
Blaster/Lovesan… • Not too much affected • Ports attacked filtered in border router • 7 PCs, infected outside LAL • Continuing… • Main tool : SMS • Rapid deployment of fixes • 2nd alert (Sept 10th) : 90% of running PCs patched in 2 hours • Detection of infected PCs based on inventory • Can take 3 days to detect an infected PC • Investigate automatic isolation of weak/infected PCs LAL Site Report - HEPix - Vancouver 2003
VPN Server • Based on solution presented by CERN at FNAL • Windows 2000 server • Authentication server : AD controller • No need for a separate account • Tunneling : PPTP + CHAP/MS-CHAP • Encryption : MPPE (RSA/RC4) • Works with Macintosh (tested) and Linux (not tested) • Now in production • Current service : access to ActiveDirectory, management (RDP, SMS…) • Plan to investigate RADIUS authentication • Performance impact unclear (WAN vs server) LAL Site Report - HEPix - Vancouver 2003
Miscellaneous Projects • Unattended Linux installation server • Currently based on PXE + Kickstart • Plan to investigate WP4 Quattor • Servers and desktops • Web content management • Zope abandoned • Home made solution (J. Charbonnel) • EDG/LCG/EGEE • Strong LAL involvement (3 persons) LAL Site Report - HEPix - Vancouver 2003