University of St.
Andrews IT Services
SARA Operations
Manual
Version 1
October 1997
This manual is intended for use by IT Services staff involved in the support of SARA; it is not intended for distribution to users. It contains sensitive information which should not normally be known outside IT Services.
Suggestions for
improving this manual are welcome and should be addressed to Bruce Mitchell or Moira Grainger.
SARA allows users to intermittently connect their computers
to the University network using the public telephone network; usually the user
will have a standard analogue telephone circuit and a modem. While connected,
the user’s computer is assigned an IP address and is part of the University
network and hence part of JANET and the Internet. Once connected, the user has
full access to JANET and Internet resources. There are no current plans to
restrict the type or extent of access available to remote users.
The service is based on a Cisco AS5200 access router connected to the public telephone network by a 2 Mbps (E1) circuit provided by ScottishTelecom. This circuit provides the equivalent of 30 telephone channels each of which can support a modem connection or an ISDN connection at 64 kbps.
The SARA connection to the telephone network is digital. This means that SARA has the capability to support ISDN connection; it will also be able to support the emerging 56K modem standard which allows download (SARA à user) speeds up to 56Kbps.
Currently SARA has a bank of 12 modems which conform to the V.34+ standard which supports connection speeds from 2400 bps to 36.6 Kbps in steps of 2400 bps.
The AS5200 can accept an additional E1 circuit without upgrade and can be upgraded to handle up to 60 modems. It is unlikely that it would perform well at maximum configuration
Component
|
Description & function
|
Location(s) |
Cisco AS5200 (SARA) |
Remote access router with ISDN-30 connection to the public telephone network. |
JHB computer room
in equipment cabinet near fibre terminations |
ScottishTelecom circuit |
ISDN-30 (E1) circuit with 30 incoming channels. |
· JHB computer room; 2 white boxes on wall to left and below fibre terminations. · NHX; ST equipment cabinet — also houses ST circuit for PABX. |
Cisco 7000 router (SMDS‑GW) |
Links campus LAN to FaTMAN & JANET via FORE ASX‑200 and ST fibre. |
With AS5200 in equipment cabinet in JHB computer room. |
RADIUS |
Sparcstation 4 workstation running Solaris 2.51. Radius authentication server, logging. |
JHB staff area in Moira’s area. |
3Com 3000 switch |
12-port 3Com ethernet switch; interconnectes SARA, RADIUS and the 7000. Also connects various computers for btm, meg and pmd. |
JHB computer room in equipment cabinet with the 7000 and the AS5200. |
The normal sequence of events when a user connects to SARA is described below; descriptions of sounds refer to sounds the user might hear if her modem loudspeaker is switched on.
1. The user’s computer dials the sara number (438000).
2. sara answers after 1 ring; the user may not hear any dial tone at all.
3. sara recognises the call as digitised analogue (rather than digital or ISDN) and assigns the call to the first free on-board modem. Modems are assigned sequentially in round-robin fashion.
4. The modems at each end of the call negotiate the transmission (baud) rate to be used during the call and other parameters concerning compression and error correction. During this period the user will hear a sequence of varying high-pitched sounds.
5. The transmission speed negotiated will depend on the overall quality of the telephone circuit and is likely to vary from call to call; it is unlikely that a user will achieve the maximum speed every time.
6. If the quality of the circuit changes during the call, the modems may renegotiate a different transmission speed.
7. The PPP software on the user’s computer and on sara enters negotiation. The user supplies a username and password; often these are saved for subsequent use by the user’s dialup software.
8. sara asks radius to check the validity of the username/password combination.
9.
radius
checks its password file and responds to indicate the user should be allowed
access.
Currently the password file on radius
is generated overnight from the sara-users
e-mail list.
Thus a new user registering for sara
will not normally be able to access it until the following day.
10. sara permits access to the user. The user’s computer is assigned an IP address in subnet 8; this address and other TCP/IP information are sent to the user’s computer.
11. The user’s computer and sara establish an IP connection between them and the user can use the usual Internet tools as if she were directly connected to the University network.
Full support is only provided for users with Windows 95 using the built-in TCP/IP and PPP software or Macos 7.5 (or later) using FreePPP version x.x.x with MacTCP or Open Transport TCP/IP. We anticipate providing full support later for Windows 98 and Windows NT. Users with other platforms may use SARA without support. The response to problems reported by such users should be limited to checking that SARA is operating correctly. We can only help with configuration difficulties on the supported platforms.
The service provides Internet-style access (web, ftp, telnet …); users attempting access to fileservers or printers using proprietary protocols (Microsoft, Apple …) do so without support.
The
following SARA documents are available (along with the other Fact Sheets,
Tutorials etc) from IT Services in the John Honey building, and in the computer
classrooms in Psychology and Butts Wynd:
·
Fact Sheet 5.6 St Andrews Remote Access (SARA) service
·
Tutorial Sheet 3.1 Configuring Windows 95 for modem access to
SARA
·
Tutorial Sheet 3.2 Configuring MacOS for modem access to SARA
These documents are also
of relevance:
·
Fact
Sheet 6.4 Suggested software for use with
networking
·
General
Note 6 Electronic mail
·
General
Note 8 The World Wide Web
·
The JANET Acceptable Use Guidelines are available at:
·http://www.ja.net/documents/use.html
When users report difficulty in contacting SARA, check that SARA is operational by following the notes under Troubleshooting. If you get an unexpected batch of problem reports, inform the Network Group by e-mail even if you have confirmed that SARA is operating correctly.
If you can successfully access SARA using both Windows 95 and Macos, it is likely that the user has a configuration problem on her/his computer. Two cases arise:
1. If the user reports a problem which has developed after successful communication with SARA, ask her/him to think carefully about any events affecting their computer since they last successfully used SARA
Significant events might include:
· Installation or removal of software or hardware
· Reconfiguration of any network-related software
· Using their modem for some other purpose such as contacting a commercial Internet Service Provider (ISP) or sending FAXes.
· Someone else (particularly a child) has used the computer
Ask the user to check that her/his software is still correctly configured according to the documentation.
2. The user has not yet successfully communicated with SARA for the first time. Try to ensure that they have followed the instructions in the documentation.
If you cannot
resolve the problem in a reasonable time, ask the user to make an appointment with
the technicians who will attempt to resolve the problem.
These procedures are intended for use by IT Services staff; users should not be asked to follow these procedures. The SARA user documentation gives trouble-shooting procedures which the user should follow before contacting IT Services. In particular, users should not be asked to telnet into sara or radius.
Using a normal telephone, dial the SARA number (01334) 438000; you should get one of the following outcomes:
Þ After a small number of ringing tones (possibly 0), a modem answers; SARA is probably functioning normally. Confidence checks include:
§
The best check is to dial in to SARA and use a browser
to access various web sites. Ensure that
your network access is via the dial-up connection and not via ethernet.
§
You should be able Use the command telnet sara to log onto
the AS5200 using your Sunos username and password. If you succeed in logging
in, this should mean that the Radius authentication service is working
correctly.
Even at this (non-priveleged)
level, there are a number of useful commands available such as show
users and show modem. For a complete list of
commands type ?.
§
You should get a positive response to the commands ping sara
and ping radius.
§
Check that the Radius server is running using:
Radius%
ps
–ef | grep radius
You should see two radius processes
listed.
Þ There
is no answer after a large number of ringing
tones. It is likely that there is a problem with SARA. Inform the Network
Group by telephone and e-mail.
Þ You
obtain a busy tone. This should mean
that all modems are in use. Tell users to try later and inform the Network
Group by e-mail.
Þ There
is a recorded message informing of problems with the circuit. Contact Scottish
Telecom (see below) for information on likely time to repair.
Þ You
get a number unobtainable tone, or some other tone or noise. This
indicates a problem with telephone network connection. Report the fault to
ScottishTelecom’s Network Management Centre and inform the Network Group by
e-mail.
If you suspect that the AS5200 is not functioning properly (e.g. if you can’t telnet into it and can’t ping it and you have confirmed that the Radius server is running), then try rebooting it by powering it off for about 10 seconds and powering it back on again. The AS5200 should have reloaded its software and be ready to answer calls within 10 minutes. Check this using telnet and ping.
If the AS5200 goes down for long enough, the ST exchange automatically drops the line; when the AS5200 is up again check the line using a telephone and contact ST if necessary. Check out the service using a modem.
· To check that the Radius server (daemon) is running:
Radius%
ps
–ef | grep radius
· To stop the Radius server
radius#
/etc/init.d/radius
stop
·
To start the Radius server:
radius#
/etc/init.d/radius
start
·
To start the Radius server with debugging (the –x
flag):
radius#
/etc/radiusd
–d /etc/raddb –a /var/log/radacct –x
–l
/var/log/radacct/syslog
Starting and stopping the Radius server (daemon) is accomplished as above using the script /etc/init.d/radius. This script is as follows:
#! /bin/sh
#
# Start/Stop RADIUS
#
case "$1" in
'start')
if [ -f /etc/radiusd ]; then
echo "RADIUS starting."
/etc/radiusd -d /etc/raddb -a /var/log/radacct -l /var/log/radacct/syslog
#/etc/radiusd -d /etc/raddb -a /var/log/radacct
#/etc/radiusd -d /etc/raddb -a /var/log/radacct -x -l /var/log/radacct/syslog
#
fi
;;
'stop')
PID=`/usr/bin/ps -ef | grep radiusd | awk '{print $2}'`
if [ ! -z "$PID" ] ; then
/usr/bin/kill ${PID} 1> /dev/null 2>&1
fi
;;
*)
echo "Usage: /etc/init.d/radius { start | stop }"
;;
esac
exit 0
If you need to contact the ST Network Management Centre (NMC):
Dial 0845 270 0000. If you cannot get through on this number, use 0345 337799; this is a BT line for use when the NMC cannot be reached via ST lines.
ü Quote circuit number 002/ST/SW/00193.
ü If asked for the equipment id, quote NMX 04/004.
ü Explain clearly your query or request; some examples might be:
¨ You are reporting a problem (e.g. when you dial the SARA number, (01334) 438000, you obtain the number unobtainable tone.
¨ You have reason to suspect the quality of the lines into SARA and are you are asking them to test the circuit (they should be able to do this from their System X exchange).
¨ You are asking them to restart the circuit after a known problem (if the AS5200 has been down due to power failure or engineer work the circuit will be automatically shut off at the ST exchange).
We are entitled to an 8-hour (next day) response to hardware faults. In practice we often get a better response because one of the Chernikeeff engineers lives in Forfar. In general we are not entitled to on-site support for software or configuration problems; support for this type of problem is given by telephone or via the Internet (e.g. by e-mail).
For fault reporting, the main method of communication is via telephone but they can also be contacted via e-mail as support@chernikeeff.co.uk after the call is logged by telephone.
To contact Chernikeef to report a problem with the AS5200:
ü Dial 01932 814800 and ask for Network Support
ü Note carefully the call reference number you are given
ü Explain the problem clearly
ü Follow the advice given by the support engineer
ü Quote the call reference number in any subsequent calls or e-mail.
Normally only members of the Network Group should contact Chernikeeff. In general you should only you should only contact Chernikeeff to report problems in the following circumstances:
1. You are fairly certain that there is a hardware problem with the AS5200.
2. If asked to do so by a member of the Network Group
3. In the extended absence of members of the Network Group or in cases of great urgency.
The Chernikeeff support staff
will generally expect you to be knowledgeable about the AS5200; they may
request information which requires you to use of the enable command and the enable
password. The enable command gives the user full control over the
configuration and operation of the AS5200 and great care must be exercised in
its use.