NF/ Observatory Networking with Linux
This article describes the network that NF/ Observatory (NFO) uses to remotely control an automatic optical telescope. More information about the observatory can be found at Western New Mexico University's web site at http://www.wnmu.edu/nfo.
Each of the computers in the NFO network uses the Linux operating system. The four primary computers use version 1.2.13 while some of the R & D computers use version 2.0.0. Linux was chosen because of its reliability, versatility, low cost and native support for the large variety of networking types that we use. NFO uses Ethernet, Spread Spectrum wireless, ham radio and telephone modems at various points in the network.
The NF/ Ranch House
This node is located at the NF/ ranch and is the one that uses the antenna shown in Figure 1. When we built the telescope in 1986 there was no telephone service to the ranch. In fact, there wasn't even commercial power to the ranch until 1984! The three media types used here are ham radio, coaxial Ethernet and telephone modem. Ham radio has been in use for 10 years and predates Linux. The radio link receives information used to program the observing list for the telescope. It also transmits the pictures and telemetry from the telescope back to the data reduction computer and the Internet connection in Silver City.
The Digital Relay Dish at NFO
The Automatic Radio Linked Telescope
The ham radio equipment consists of a Terminal Node Controller (MFJ 1270), a TAPR 9600 bps modem (http://www.tapr.org/) and a Motorola MOCOM 70 commercial FM transceiver which we modified to send and receive data. Linux communicates with the TNC via an RS-232 serial link. The relevant portion of scope's /etc/rc.d/rc.local files is:
#!/bin/sh /bin/echo "Setting TNC RS232 speed to 9600" # Also setting clocal to ignore modem control # lines. /bin/stty 9600 clocal < /dev/cua2 /bin/stty -a < /dev/cua2 /bin/echo "Sending commands to TNC" sleep 1 # txdelay /bin/echo -ne "\300\001\020\300" > /dev/cua2 # persist /bin/echo -ne "\300\002\377\300" > /dev/cua2 # slot time /bin/echo -ne "\300\003\004\300" > /dev/cua2 # tail /bin/echo -ne "\300\004\004\300" > /dev/cua2 /bin/echo "Commands to TNC done." /bin/echo "Setting port to AX25 mode." sleep 1 /usr/local/bin/axattach -s 9600 /dev/ttyS2 KC5ZG-2 sleep 1 /usr/local/ax25/etc/axaddarp 220.127.116.11 WY5G-4 /sbin/ifconfig sl0 18.104.22.168 mtu 512 /sbin/route add 22.214.171.124 sl0 /sbin/route add default gw 126.96.36.199 sl0
The Ethernet hardware is an NE2000 clone card that communicates with the dedicated telescope control computer via about 100 feet of RG058 coaxial cable. The two computers communicate using the FTP protocol to move data back and forth. The telescope control computer doesn't use Linux, since it is involved in the real-time control of the CCD camera.
The telephone modem provides a backup link to town. It is rarely used, since it is a long distance call from Silver City to the ranch, and the ham radio link has been quite reliable.
This node is located at 8000 feet near the Continental Divide and can be reached by a jeep trail, if it hasn't snowed lately; otherwise, it is a strenuous but beautiful backpacking trip. The reliability of Linux is important here! In addition to the radio that communicates with the ranch, this site also boasts a 2 Mbs Spread Spectrum link and another ham radio link using a PI2 card instead of a TNC. The /etc/rc.d/rc.local file looks like this:
#! /bin/sh # Attach link to NM2 Node Stack /sbin/axattach -s 9600 /dev/ttyS0 WY5G-8 sleep 1 echo "Ifconfig sl0 to 188.8.131.52" /sbin/ifconfig sl0 184.108.40.206 /sbin/ifconfig sl0 mtu 512 # configure Wavlan Spread Spectrum link. /sbin/ifconfig eth0 220.127.116.11 echo "Adding routes" /sbin/route -n add 18.104.22.168 sl0 /sbin/route -n add 22.214.171.124 sl0 /sbin/route -n add 126.96.36.199 gw 188.8.131.52\ eth0 /sbin/route -n add 184.108.40.206 eth0\ /sbin/route -n add default gw 220.127.116.11 eth0 echo "Configuring PI2 Card Port A" /sbin/ifconfig pi0a 18.104.22.168 /sbin/ifconfig pi0a hw ax25 WY5G-8 /sbin/ifconfig pi0a broadcast 22.214.171.124 /sbin/ifconfig pi0a netmask 255.255.255.0 /sbin/ifconfig pi0a arp mtu 512 up /pi2/piconfig pi0a speed 9600 txdelay 250\ persist 255 squelch 10 slot 1 echo "Configuring PI2 Card Port B" /sbin/ifconfig pi0b 126.96.36.199 /sbin/ifconfig pi0b hw ax25 WY5G7 /sbin/ifconfig pi0b broadcast 188.8.131.52 /sbin/ifconfig pi0b netmask 255.255.255.0 /sbin/ifconfig pi0b arp mtu 512 up /sbin/ifconfig pi0b 184.108.40.206 hw ax25 WY5G-7 up /pi2/piconfig pi0b speed 1200 /sbin/route -/ - add 220.127.116.11 sl0 # /sbin/route -n add 18.104.22.168 gw 22.214.171.124 sl0 /bin/axaddarp 126.96.36.199 kc5zg-2
One point of interest in the above file is that the commands normally sent to configure the TNC are missing. In this case, the TNC is configured by its internal X1J Node software, which also sets the TNC's serial port to communicate in ax25 mode instead of the more usual nrs mode. This configuration allows the Linux computer and the X1J Node to share one transceiver, a Motorola MITREK modified for data transmission.
The Wavelan interface looks like an Ethernet card to Linux. It is configured by an append line in the /etc/lilo.conf, like this:
# LILO configuration file # generated by "liloconfig" # # Start LILO global section boot = /dev/hda # compact and faster, but won't work on all # systems. delay = 50 vga = normal # force sane state ramdisk = 0 # paranoia setting # End LILO global section # Linux bootable partition config ends image = /zImage.wav root = /dev/hda2 label = wavelan append = "ether=0,0x390,0x5280,eth0" read-only
The Wavelan interface is experimental, and doesn't work well enough over the seven mile path to the WNMU Node to be used as our primary link. With improved antennas we expect it to be an excellent high speed link.
The other experimental interface uses a PI2 card to control a radio link on another frequency. So far this link hasn't been used, since it interferes with a nearby ham radio voice repeater.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- The Death of RoboVM
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- BitTorrent Inc.'s Sync
- The Humble Hacker?
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide