Bandwidth Test Controller (BWCTL) Speaker: Shin-Fu Huang Date: 2009/10/08 1.

Slides:

Advertisements

Similar presentations

Presentation Heading – font Arial

Advertisements

OpenQM Martin Phillips Ladybridge Systems Ltd Data Security.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

Race Condition Zutao Zhu 10/09/09. Outline Race Condition –Some functions –File format of /etc/passwd and /etc/shadow –Input Redirection Format-string.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

Chapter 10 File System Security. Security Policies security policies are doors maintain a balance between total access and total security UNIX has two.

Linux+ Guide to Linux Certification, Second Edition

Security SIG: Introduction to Tripwire Chris Harwood John Ives.

1 CSE 380 Computer Operating Systems Instructor: Insup Lee and Dianna Xu University of Pennsylvania Fall 2003 Lecture Note: Protection Mechanisms.

Linux+ Guide to Linux Certification, Second Edition

Network Performance Toolkit (NPToolkit) A Knoppix Live-CD Rich Carlson Tools Tutorial 12/4/06.

Terminal Server © N. Ganesan, Ph.D.. Reference Thin-Client Concept Thin-Client concept tutorial.

Linux File Security. What is Permission ? Specifies what right are granting to users to access the resources available in the computer. So that important.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

APACHE SERVER By Innovationframes.com »

Installing Samba Vicki Insixiengmay Jonathan Krieger.

UNIT - III. Installing Samba Windows uses Sever Message Block(SMB) to communicate with each other using sharing services like file and printer. Samba.

2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

CH 12 Securing Windows Server Objectives Understand the security enhancements included in Windows Server 2008 Understand how Windows Server 2008.

Tripwire Enterprise Server Rule Sets Vincent Fox, Doreen Meyer, and Paul Singh UC Davis, Information and Educational Technology July 25, 2006.

2007/01/031 Bandwidth Test Controller Speaker ： Po-Chou Chen Cheng-Lin Tsai Advisor ： Quincy Wu Date ： 2008/01/03.

Session 5: Working with MySQL iNET Academy Open Source Web Development.

Help session: Unix basics Keith 9/9/2011. Login in Unix lab  User name: ug0xx Password: ece321 (initial)  The password will not be displayed on the.

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.

CSC 2720 Building Web Applications Cookies, URL-Rewriting, Hidden Fields and Session Management.

BWCTL March 10 th 2011, OSG All Hands Meeting, Network Performance Jason Zurawski – Internet2.

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

Linux+ Guide to Linux Certification, Second Edition

Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.

COMP1321 Digital Infrastructure Richard Henson February 2014.

1. Insert the Resource CD into your CD-ROM drive, click Start and choose Run. In the field that appears, enter F:\XXX\Setup.exe (if “F” is the letter of.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

Module 4 - File Security. Security Overview File Ownership Access to Files and Dircetories Changing File and Directory Ownership Changing File and Directory.

Linux+ Guide to Linux Certification, Third Edition

BWCTL August 9 th 2011, OSG Site Admin Workshop Jason Zurawski – Internet2 Research Liaison.

Lesson 9-Setting and Using Permissions. Overview Describing file permissions. Using execute permissions with a file. Changing file permissions using mnemonics.

ACCESS CONTROL MANAGEMENT Project Progress (as of March 3) By: Poonam Gupta Sowmya Sugumaran.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.

Windows 2000 Certificate Authority By Saunders Roesser.

Managing Users  Each system has two kinds of users:  Superuser (root)  Regular user  Each user has his own username, password, and permissions that.

05-Apr-2006 OWAMP and BWCTL: Installation and Configuration Jeff Boote Network Performance Workshop.

10-Jun-2005 OWAMP and BWCTL: Installation and Configuration Jeff Boote Network Performance Workshop.

Linux Security. Authors:- Advanced Linux Programming by Mark Mitchell, Jeffrey Oldham, and Alex Samuel, of CodeSourcery LLC published by New Riders Publishing.

CPS Computer Security Tutorial on Creating Certificates SSH Kerberos CPS 290Page 1.

NEES Cyberinfrastructure Center at the San Diego Supercomputer Center, UCSD George E. Brown, Jr. Network for Earthquake Engineering Simulation Analyzing.

Hepix LAL April 2001 An alternative to ftp : bbftp Gilles Farrache In2p3 Computing Center

1 Iperf Adviser ： Quincy Wu Speaker ： Ying Shun Lin Nov.30 ， 2005.

Windows 2000 Security Yingzi Jin. Introduction n Active Directory n Group Policy n Encrypting File System.

Free Powerpoint Templates Page 1 Free Powerpoint Templates Users and Documents.

SCSC 455 Computer Security Chapter 3 User Security.

CSC414 “Introduction to UNIX/ Linux” Lecture 6. Schedule 1. Introduction to Unix/ Linux 2. Kernel Structure and Device Drivers. 3. System and Storage.

Lecture 02 File and File system. Topics Describe the layout of a Linux file system Display and set paths Describe the most important files, including.

10-Jun-05 BWCTL (Bandwidth Test Control) Jeff Boote Network Performance Workshop.

Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.

Managing Users CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.

Connect communicate collaborate Performance Metrics & Basic Tools Robert Stoy, DFN EGI TF, Madrid September 2013.

BWCTL August 10 th 2010, OSG Site Admin Workshop - Network Performance Jason Zurawski, Internet2.

COMP1321 Digital Infrastructure Richard Henson March 2016.

This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group Module 14 Managing.

2Operating Systems  Program that runs on a computer  Manages hardware resources  Allows for execution of programs  Acts as an intermediary between.

BWCTL (Bandwidth Test Control)

FTP Lecture supp.

Implementing TMG Server Publishing

Cisco Real Exam Dumps IT-Dumps

(bandwidth control) Jeff Boote Internet2

BWCTL (Bandwidth Test Control)

Configuring Internet-related services

Presentation transcript:

Bandwidth Test Controller (BWCTL) Speaker: Shin-Fu Huang Date: 2009/10/08 1

Outline Architecture of BWCTL Building BWCTL Applications of BWCTL – BWCTLD(bwctld.conf, bwctld.limits, bwctld.keys) – BWCTL Reference 2

Architecture of BWCTL Source : 3

Architecture of BWCTL(Cont.) Source : 4

Building the Application tar –zxvf bwctl-1.3.tar.gz cd bwctl-1.3./configure --prefix=/ami – --prefix is only needed if you don't like the default – (/usr/local on most systems) make make install 5

Applications of BWCTL bwctl (Client) bwctld (Deamon) 6

BWCTLD bwctld.conf – Configuration file for the bwcltd daemon bwctld.limits – Authentication(who) – Authorization(what) bwctld.keys – Be used to hold the identity/AES keys pairs needed for bwctld to authenticate users 7

bwctld.conf var_dir – Directory where bwctld.pid file is stored user – Specifies the uid the bwctld process will run as group – Specifies the gid the bwctld process will run as 8

bwctld.limits allow_open_mode (on) – This limit is only useful if the class is assigned to a netmask. It is used to limit specific IP/netmask identities to only encrypted or authenticated mode transactions or to allow open mode. allow_tcp (on) – Allow TCP Iperf tests for userclass. allow_udp (off) – Allow UDP Iperf tests for userclass. – Security issue(UDP no congestion control) 9

bwctld.limits(Cont.) bandwidth – Maximum amount of bandwidth to allow userclass to use in a UDP Iperf test. 0 indicates unlimited by policy, but remember this is checked all the way to the root of the hierarchy. – If you want an unlimited userclass, your root must be unlimited, and the whole path down to the given userclass. 10

bwctld.limits(Cont.) Hierarchical Limitclasses root allow_udp=on ncnu allow_udp=off jailregularlocal 11

bwctld.limits(Cont.) root: – limit root with \ bandwidth=900m, \ allow_udp=on, \ allow_tcp=on, \ allow_open_mode=off 12

bwctld.limits(Cont.) default: – limit regular with parent=root, \ duration=30, \ allow_tcp=on, \ allow_udp=off, \ allow_open_mode=on 13

bwctld.limits(Cont.) ncnu: – limit ncnu with parent=root, \ allow_open_mode=on, \ allow_udp=off, \ allow_tcp=on 14

bwctld.limits(Cont.) Assign – assign default regular – net subnet assign net /16 ncnu assign net 2001:e10:6840::/48 ncnu assign net 2001:288:c001::/48 ncnu – user user Assign a specific user to a given userclass. The user must be defined in the bwctld.keys file. assign user xinfu root 15

bwctld.keys Username and AES Key Rules: – Usernames are limited to 16 characters – AES key is a 128 bit session key – AES key is not encrypted in the keys file, use UNIX permissions to protect it – Can use a pass phrase to generate the AES key – Use aespasswd to add pass phrase generated keys into the keys file – Client: application prompts user for pass phrase 16

bwctld.keys(Cont.) aespasswd – To create a new key file use the ‘-n’ option aespasswd -n -f bwctld.keys xinfu – Add User aespasswd -f bwctld.keys ccc – Delete User aespasswd -d -f bwctld.keys ccc 17

BWCTL(Cont.) SYNOPSIS – bwctl [options] -c recvhost -s sendhost From sendhost to recvhost – bwctl [options] -c recvhost Send to recvhost – bwctl [options] -s sendhost Receive from sendhost 18

BWCTL(Cont.) Testing Authentication Options – Within a single authentication domain bwctl -A AE AESKEY myname -s hostA -c hostB – Between different authentication domains bwctl -s hostA AE AESKEY myname -c hostB AE AESKEY othername 19

BWCTL(Cont.) OPTIONS -u – UDP test. -T tool (iperf) – Specify which throughput tester to use: iperf, thrulay, nuttcp -b bandwidth (1Mb) – Limit UDP send rate to bandwidth (bits/sec). 20

BWCTL(Cont.) -l len – length of read/write buffers (bytes). -P nStreams (1) – Number of concurrent streams for the test. -t time (10) – Duration of test (seconds). 21

BWCTL(Cont.) Output Arguments -f units – Specify the units for the tool to use when displaying the results. – Iperf: k (Kilobits per second) K (Kilobytes per second) m (Megabits per second) M (Megabytes per second) 22

Reference Bandwidth Test Controller (BWCTL) – 23