AAA for Wired and Wireless Campus Area Internet Users @IOE Pulchowk

Center for Information Technology of IOE Pulchowk campus has been managing Internet Users over WINNT Domain. It has been 4 years since I have been working as system/network administrator managing different servers of IOE.EDU.NP domain and SOI System under WIDE Project. During this run, several improvement have been done like IOE Mail, bandwidth management, power management, network management and hardware update etc.. But it’s a universal truth that clients never satisfy with the service.

As a consequence, I tried to remove all the domain controllers with old P2 Dell server and replace the authentication through radius users over Quad Core 2Ghz Dell Server. I found radius authentication the best one solution for wired/wireless and dialup users. So that through a single database server can control all kinds of user’s authentication though LDAP is also another solution. IOE Pulchowk has more than 2000 users on its LAN, so it’s not the easy task to maintain more than 1500 machines enabled with internet. Virtual LANs on the central backbone switch, two Transparent Proxies, and two Radius servers enabled the system a bit manageable.
Chillispot is a wireless captive portal mostly suitable on wireless internet, though it can be used in wired LAN (UAM technique). I designed to have a concept of utilizing chillispot on wired as well as wireless LAN. Chilli-Radius Authentication with appropriate firewall and bandwidth control is the current implementation as new authentication system in IOE Pulchowk Campus. But performance is another major issue whether the new system might have shown improvement in internet access or not.
The central authentication system is supposed to have some benefits like:
•Users can be captured with their MAC/IP address
•MAC authentication can be implemented
•Fraud users can be identified
•Users with unnecessary site access can be easily traced.
•All the users request is passed through transparent proxy: performance is supposed to be improved
•Public IP block Saved (private Class B IP addressing has been implemented)
•Web based password change option

There is still difficulty in wireless user’s authentication in case of using wireless routers. Normal Wireless router doesn’t have authentication within itself. But due to over traffic chilli and firewall process seems not working properly. Symptoms of frequent connectivity breakdown may need more research and test.




authentication system

The basic authentication and internet system is as follows:
•When a client browse the internet, the gateway servers running chilli and proxy provides authentication page to clients.
•Client supply the username and password which is forwarded to radius servers for the users validation.
•Radius server replies with the validation information to chilli, then the users are authenticated and the subsequent request of users would be forwarded to transparent proxy.
•Users can be seen online until he/she logged out.




Lists of users with their machines IP/MAC address accessing internet

My First Attempt: Paper Presentation in an International Conference & IT Park Visit

“International Conference on Electronic Commerce in the 21^st Century” was the main title of the conference held in June 2 to 4 at Soaltee Crown Plaza, Kathmandu Nepal. When I appeared in SIGCOMM 2007 conference at Kyoto Japan, I was really surprised with the environment. I hadn’t had expected that environment on this conference though I was curious about the situation because I had to present my paper there. What if I could not answer expert’s questions!! :O. I was a bit afraid as the hall was full of foreigner and locals. My English is not good so far though I had already prepared somehow to cover up my 30mins presentation time.

The organizer had mistakes in formatting my paper which could easily be pointed out from the wrong mail address and wrong picture placement. Any way I felt really comfortable with presentation and as per my knowledge, I easily tackled the questions at the end.

Australian professor Kuzic was a bit funny and impressive. Almost Asian guys especially Indians were presenting their paper just reading slides. Kuzic commented it out that just to explain what we would understand...no need to read line by line. Another professor Leon from Luxemburg wanted to start his session with European Style (keep the audiences relaxed ...like provide them beer, whisky…). Sometimes the hall was disturbed with mobile ring during middle of the presentation…ha ha...it’s a Nepalese Style.

The last day of the conference was already planned for foreigner to visit to IT Park. By the way, I had never got a chance to visit IT park of Nepal which was located alone at Banepa. This was my opportunity having trip with foreign professors to IT Park. The member secretary and full time member of HLCIT briefly described about the environment and technology currently implemented in IT Park. One thing what they focused with proudly was about finger print verification to permit into the room. Ha ha ha...it was already old and nothing for foreigner. Hence Australian professor frankly commented that not to be proud of our work but be focused what we could do and approached with vision to Indian and Chinese which are the two major IT industries of the world. I appreciated his comment.

Discussion meeting at IT-Park, Banepa

Group photo on the IT-Park premise

The trip to Bhaktapur Durbar Square was also quite interesting. I had to visit friends in the evening for software development and outsourcing plan. So I just separated from the group who had next plan to visit to Pashupati around 5:15PM from Quoteshwor. Thanks much to Dr. Tank Dhamala (Head, TU Central Department of Computer Science) for such a nice trip and for the successful completion of the conference.

Guest Lecture on “Introduction to IPv6 Networking” to TU M.Sc. Computer Science Students @IOE

Last Friday, Asst. Prof. Jivan Kumar Pant sir discussed with me about to give one lecture on IPv6 Networking and demonstration of IOE Pulchowk campus’s System/Network. As per the discussion the class had been set on Sunday morning at 7:30AM. I was in hurry up at that time preparing slides for conference presentation. I had to meet prof. sashi sir anyhow as soon as possible. My work load was just increased by the guest lecture too. Whole day on Saturday I started preparing slides for guest lecturing and planned for system/network demonstration too.

I was a bit felt uneasy to have lecture with M. Sc. Computer Science Students though I am teaching e-Commerce to masters student at Acme Engineering College. But it’s a way to disseminate knowledge. Teaching learning process doesn’t indicate senior/junior. I thought my slides were too summarized. The presentation just covered the introduction, addressing mechanism, current scenario of IPv6 in the world and transition mechanisms. I had prepared some IPv6 practical activities like unicast and multicast routing in my laptop with VMWare server.

When the day came, i had started my lecture and during the time, I surprised that the professor of computer network at TU central department of computer science himself was listening my lecture sitting behind the chair with students. I felt a bit happy that the way I delivered my lecture was more than sufficient for students. IPv6 is still new in Nepal though other countries have implemented on some network. The resource to study about IPv6 is really limited in Nepal. That’s why professor himself was expecting some input about IPv6 from me. When I did my research thesis with IPv6 Networking, my confidence toward IPv6 is drastically increased and the practical networking environment with IOE IPv6 network really makes me more confident.

After completing the lecture, professor and students both were seems happy with the contents what I delivered and it really felt me happy. With my co-worker Manish Singh, The demonstration of both IPv4 and IPv6 network was successfully completed. I hope this lecture and demonstration will help students encouraged towards networking and system administration.

Why did I share this feeling with my blog?? Really I did one mistake in my presentation slides. I had included one slide which compared header structure of IPv4 and IPv6 protocol. When I just reviewed my slides today, the version field for IPv4 must specify 4 and for IPv6 must be 6. But on both header structure, 4 was indicated. Hassssssssssssssss…what a mistake. Sorry students and professor, u didn’t indicate my mistake. Hope you correct that mistake.

Do You Like Piano?? Make your Computer Keyboard a Piano

There is no one in this world who hates music. Piano is a typical Musical Instrument which is frequently used to play while we become offset or we come into tension. Hence this device is used to play for peacefulness and coolness.

During my Masters study, I have developed a software package using Visual Basic as a project categorized under Multimedia which was an elective subject. Teacher suggested us to create a group and build a project which must cover objective of what we were studying in Multimedia Subject. Responsibility went to me to create a project anyhow. I thought to build a piano which is helpful to everyone because anybody if he has a computer, he could simulate the principle of Piano by his computer keyboard.

Some of the keys of computer keyboard are taken as piano keys. It is similar like real piano. If you are perfect in playing a piano, I confirmed that you will really enjoy with this software. Let me give you tips about how to install and play:

You can download a pianosetup.doc and serialkey.txt (key: 1111111111) from the following link:

http://baburamdawadi.tripod.com/project/pianosetup.doc

http://baburamdawadi.tripod.com/project/serialkey.txt

(alternetive technique to download: copy these links to Browser's address bar and enter, if you could not download directly)

after download is complete, first rename the pianosetup.doc file to pianosetup.exe (you can run that file only after renaming to pianosetup.exe)

Just run the setup file and supply serial key what I have provided with.

After installation is complete, go to program file>>Easy Piano>> Projectmultimedia

You can see the following main screen and choose tools>>Piano

And start playing (note* your speakers connected to your computer must be working)

Enjoy Piano!!!!!!! ;)

From NGO-Profile to DNF-Profile to DNET-Profile

When I was working as lecturer in Acme Engg. College, I became so tedious in teaching. Though teaching is a nice job which improves our level of confidence in mass communication as well as enhances our knowledge what we studied in B.E.

I know I am computer engineer. I thought my job must be either software programming or system/network administration in parallel with teaching. Programming only is also a tedious job (continuous programming>> monotonous).

During these teaching periods, I roamed for programming job after 2PM onwards after finishing morning shift class on the college. I like database programming. One of my friends, coworker at Acme proposed me for part time program at Compro Computers Pvt. Ltd. Hence my part-time programming life started since February 2006. The first project was Finance Model 1.0 developed for NGO-Federation of Nepal. It was an accounting package in replace of quickbooks (famous accounting software). I was afraid how could I generate balance sheet, laser, trial balance, Journal Vourcher etc…etc…though I programmed until 9PM night daily with the help of Auditor on the side.

During this programming period, I got a chance to meet mercantile programmer and we developed that first software as a joint effort. My inspiring friend Prabhat, IT manager of NGO-Federation, helped me a lot and taught me about firing trigger and writing procedure in MS-SQL Server. Due to this hard work, I became the system architect for the next project called Prime Minister Office Project (PMO). During the PMO project development, our team started the project enthusiastically from the beginning at Prime Minister’s office at singadurbar (interview,DB design….there was vice chair person Kirtinidihi Bist in Prime Minister’s post). The time was the time when king gyanendra seized the country and ruled by himself. We became unlucky that the project was closed due to country’s political instability and king’s over enthusiasm (I hate politics).

After that I became the IT-Consultant of Ngo-Federation when IT manager of NGO-Federation went for abroad study. During the consultancy I handled the entire project running on NGO with NGO-Profile which was developed on MS-SQL Server, Crystal Report, and ASP with Nepali Unicode format. After successful completion as IT consultant in NGO-Federation, I got a second contract on Dalit NGO Federation of Nepal (DNF) to create profile of Dalit NGOs. It is really interesting to program in ASP/MS-SQL server with Nepali Unicode as front end. Hence I developed data entry and analysis for DNF-Profile. Some of the snapshots are:


Data entry form for DNF-Profile


Record Search form for DNF-Profile


Data in Unicode format, in SQL Server

From that Unicode programming, my confidence level towards programming increased more. I just used these templates and created IOE Entrance Management System too. Now I am writing program for DNET-Profile (Development Network Pvt. Ltd.) using the ASP and MS-SQL. Interaction with the data entry operators, writing code, refining the wrong entry makes me quite sharp with more experiences in software developing. Some snapshots from this DNET-Profile:


Data Entry Form


Record Update Form


Database of DNET-Profile

IT-Consultancy enables us to be social, interactive and forwarding in the IT field…….this is just my way towards creating profile on NGOs/Consultancy Offices

Experience: AI3 Bridge Configuration & troubleshooting

Last time the satellite transmission station for TU had just been shifted from AIT to SFC Japan. The major steps to be done for successful switchover was checking the satellite signal Eb/No. and changing the route configuration on FreeBSD router (our BDL gateway). What I had to do was just change configuration on serial interface of AI3 Bridge.

I got a bit trouble regarding the bridge configuration because I hadn’t have access to AI3 Bridge. Someone else had already set password of our SOI Bridge. No problem, I just reset the bridge (CISCO 1700 series router) password and kept backup of all bridge configuration. The bridge has two interfaces (fastethernet0>>LAN interface and serial0>>satellite interface). I just changed the configuration on serial interface like this (which is given by Husni-san from SFC)

interface Serial0
description satellite
no ip address
no ip route-cache
no ip mroute-cache
no keepalive
no fair-queue
ignore-dcd
serial restart-delay 0
bridge-group 1
bridge-group 1 spanning-disabled
hold-queue 16 out

By the way, this configuration didn’t work. I couldn’t see neighboring bridge. I used the command “show bridge” and “show cdp neighbor”. Both commands displays nothing on the hyperterminal. But the magic part was: all signal status were up with serial0 interface.

DCD=up DSR=up DTR=up RTS=up CTS=up.

I just roamed and wait response from Husni-san. Husni conformed that the problem should be on link. Finally Abazh and Me started troubleshooting online over the link. As per the suggestion from Abazh-san, I just removed the ignore-dcd (Data Carrier Detect) and no keepalive line from the configuration. Then it works ha ha ha…. Due to this problem TU-SFC connectivity was down more than a week. Hence, it indicates that I must have more experiences regarding bridge configuration (what each line of configuration do?).

Memory: From My Japan Diary

When I got back from Japan on 22 October, I became too much busy in writing my thesis. I found that research is really tough. I already planned to complete my thesis until April. But my supervisor is really an inspiring person for me. Thanks to Purushottam sir, my office director for your encouragement to complete my thesis. Due to that I successfully defended my midterm. I am waiting for my Final defense. I am still in struggle to finalize my thesis. During this time, I felt I have to write something about my remembrance on my blog.
During my three months stay in Japan, I had gained a lot of experience about the technology, culture, education etc... I felt something differences with me after returning back from Japan. First difference is my picture. Here I just compared my own picture just after arrival in Japan and just before departure from Japan.

Arrival

Departure

These two picture clearly told that I became more thinner (but I felt, I became stronger and no more change in weight...as it is but these pictures were taken from different camera).
During my stay, I had continued writing my diary. At my final presentation, I also committed that I would complete my Japan Diary and will send one copy to SFC room. But due to my thesis and other official works, I am still unable to complete my diary yet. Though, I want to copy some memorable notes from my diary on my blog.
From the Abstract……..Study is the main part of my stay in Japan; in addition to this I had some fun with Japanese peoples and cultures which is a necessary part for a foreigner. And I also became lucky that I got chance to be in Kyoto city which is the beautiful ancient city of Japan with world’s big conference named SIGCOMM2007 and Mozilla 24hr Event in Tokyo……………………..

July 25 Wednesday to 29 Saturday (first week)
It was my first time going to abroad. As Nepal is a developing country, I don’t have much more idea to be familiar with machine. I heard that Japan is a well developed country. I am one of the poor family members of Nepal. So I become little afraid that how could I handle freeze, washing machine, microwave oven etc…
……….I dropped on Narita airport around 7:30PM JST, after having custom check, I caught limousine bus to Yokohama terminal where I met funya-san and after thirty minutes we welcomed Mr. Raden Arif from Indonesia. We directly came to campus. i was really excited with the campus environment, its furnishing and lab setup……

July 30 to august 4 (2^nd week)
We had to conduct one day IPv6 only workshop for forty-three participants between July 31^st to October 16. Abazh guided us to handle the workshop properly. Handling the Virtual Machine and during the workshop was quite interesting like watching user’s activities and suggested during mistakes……
……On the Saturday, we went to Akihabara to purchase camera and laptop. Me, Abazh, Arif and another Indonesian friend, Dedy went to Akihabara. First I really surprised by seeing the big train terminal. We reached Akihabara changing train on Yokohama and Shinagawa. Ohhh another big city, full of electronic gadgets. We all were foreigner, so sometimes we lost inside Akihabara and finally we got the shop for my camera. I had already set my mind to purchase Finepix S6000 FD model by FujiFilm Company……

August 5 to august 18 (3^{rd &} 4^th week)
On these two weeks, I just tried to learn Japanese language myself. But I felt that the katakana as well as hiragana scripts are not so complex but kanji symbols were found to be complex to understand…… I had travelers check of American express. I hadn’t known about how to change that check. I tried to get idea about it by funya and kotaro. They suggested me to goto banks around Shonandai. But it would be difficult for me to find bank on shonandai………
…..Some days before while we were in Shonandai where we went there just for shopping, I saw an office named Softbank. I just thought in mind that “ohhh this is the bank which might change my money”. On the following day, SFC was closed due to special occasion. I grabbed that office time and went to Shonandai by myself, entered into that office and requested for money exchange by showing the travelers check. Ha ha ha.they laughed and just got surprised. Suddenly one officer (she was a gal) typed something in her computer and wrote a sentence in a paper that “it is not a bank here”. Might be she just translated her Japanese language into English and wrote to me. Ohhhh..i laughed then..ha ha……

August 26 to September 1 (6^th week)
We two (Arif and me) had to come to Kyoto by bullet train on Sunday, 26^th august. We were somehow afraid about whether we loss inside the transit, what could we do?? By the way, it was so easy to reach to the Kyoto city. Bullet train (NOZOMI-SHINKANSEN)!!! 300Km/hr, Wowww I cant imagine how Japanese build such a system/technology…….
… I am very much thankful to Keiko-san for such a nice opportunity to appear on this world’s top conference related to computer network. During this 5 days conference I met 3 Microsoft Researchers, FreeBSD Developer, CISCO managers and professors form different universities. By the way I became lucky that I got mail-id from almost all presenters. This is my big achievement and experience about to participate in such a conference and acquiring latest information about network/routing from IETF members, Microsoft researchers and professors. What I found that it is really incomparable about the learning technique of Nepal with other countries……
Preparation for the Mozilla 24hr events on Mita campus Tokyo
We were already informed by Funya that we had to support in the Mozilla event. So our major responsibilities were

• to create 5 minutes cultural video

• to control VIC/RAT of all SOI-ASIA partners and

• other technical as well as management support for the event

On 8^th September, Abazh, Arif, Funya and me went to Akihabara city to take some videos. Travelling along the city on that day was quite interesting; we took several videos and pictures and entered into a café for the coffee break……

September 16 to September 22 (9^th week)
There was problem in TU-RR as it was already notified by my staff at TU. But due to lack of time I was unable to give him time and also the time to meet him was not matching…. The problem was quite magic that the downstream interface of RR was not working. I requested him to send the rc.conf file through mail…. Then I suspected that there might be problem in IPv4 address assignment line in rc.conf file. Wauuu I found that there was a big mistake (typo error) on that line. I found the line as:
Ifconfig_fxp1="inet 202.249.24.209 netmask 255.255.255.248"

But it should be:

ifconfig_fxp1="inet 202.249.24.209 netmask 255.255.255.248"

The letter “I” became capital during typing.

Oct. 7 to oct 13 (12^th week)
On Sunday, we four interns went to Akihabara to purchase some electronic goods. This is my 3^rd visit to Akihabara where I purchased watch, camera and USB HDD for my laptop…….As it couldnot find booting information for OS so stuck after loading BIOS. I got tension..ufff I had several packages intalled on my note, specially I was analyzing VMware, what could I do?? Any way I couldnot recover my note and finally I installed fress XP and reinstalled my all necessary packages on Monday……

Oct 14 to Oct 21 (13th week, last)
Now I entered into last week of my three months internship period. This week was a buffer week for me to be prepared for final presentation together with problem analysis of VMware………. I had to reduce the slides drastically to not more than 40 slides. By the way, on Wednesday, my supervisor Abazh suggested me to present only the additional task and experiences. Thanks god! I prepared slides of my additional task and three months experiences on Japan…..

……Monday morning, my time to left Japan came. I left Leo-Palace on 8AM saying bye bye to Japan and caught the train to reach to Yokohama and got back to my country around 5PM from Narita Airport by Thai Airways successfully.