Yesterday we found out a way to enable IPv6 for our Google hosted services such as our English and Finnish blogs.
It seems that while Google only enables IPv6 on its on services by request of the IPv6 service provider or IPv6 block owner, it is possible to enable IPv6 on those Google hosted services which are offered under your own domain name.
Since Arch Red blogs are under our own domain name service (archred.com and archred.fi), we can allow them to be accessed also with IPv6 with a simple change in DNS by changing CNAME for them to point to ghs46.google.com instead of IPv4-only ghs.google.com.
Heikki changed our DNS already yesterday and you should be now able to read even this blog entry over IPv6.
Tuesday, August 24, 2010
Thursday, June 3, 2010
ICT SHOK Future Internet Testbed Architecture v2.0 published
Together with CSC, TUT also had a poster about ICT SHOK Future Internet Testbed here at Terena Networking Conference. Earlier we had only few printed copies of the testbed architecture document available, but now the same document is also published in the Internet at address:
http://www.futureinternet.fi/publications/ict-shok-future-internet-testbed-architecture-v20-web-version.pdf
The central idea with our testbed is that instead of building yet another testbed, we will combine existing and new services into a concept, which is supposed to grow and evolve serving various research programs and cooperation both in Finland and abroad.
If you are interested to learn more about our concept, check the architecture specification or contact either me or CSC's Jari Miettinen or Pekka Savola.
http://www.futureinternet.fi/publications/ict-shok-future-internet-testbed-architecture-v20-web-version.pdf
The central idea with our testbed is that instead of building yet another testbed, we will combine existing and new services into a concept, which is supposed to grow and evolve serving various research programs and cooperation both in Finland and abroad.
If you are interested to learn more about our concept, check the architecture specification or contact either me or CSC's Jari Miettinen or Pekka Savola.
Tuesday, June 1, 2010
Debugging eduroam at TNC2010
Yesterday Matti was having trouble with Helsinki University user accounts and the eduroam network here at TNC2010. Together with few eduroam guys (Stefan Winter and Miroslav Milinovic) and Heikki Vatiainen from our company we tried to find out why the authentication process did not seem to go through. What made it harder was that for example Radiator does not log enough information about failing authentication process unless it clearly ends in success or failure. Increasing log level to debug levels of course helps and we were able to see that the Helsinki University RADIUS server did send response messages to authentication requests even if the process did not go through.
Other servers in Finland worked fine (I have been able to use eduroam the whole time with my TUT accounts) and only difference we first found was that Helsinki University certificate was bigger than the ones in some of the working organisations. This lead us to suspect RADIUS message fragmentation problems somewhere in between European Top Level RADIUS and Matti's device. We then remembered the one Radiator configuration directive, which we found was missing from Helsinki University RADIUS server configuration.
Adding EAPTLS_MaxFragmentSize 1024 solved this problem so if you are having similar problems with eduroam and your home organisation is running Radiator RADIUS, we suggest checking at least this setting found in Radiator manual:
Other servers in Finland worked fine (I have been able to use eduroam the whole time with my TUT accounts) and only difference we first found was that Helsinki University certificate was bigger than the ones in some of the working organisations. This lead us to suspect RADIUS message fragmentation problems somewhere in between European Top Level RADIUS and Matti's device. We then remembered the one Radiator configuration directive, which we found was missing from Helsinki University RADIUS server configuration.
Adding EAPTLS_MaxFragmentSize 1024 solved this problem so if you are having similar problems with eduroam and your home organisation is running Radiator RADIUS, we suggest checking at least this setting found in Radiator manual:
EAPTLS_MaxFragmentSize
For TLS based EAP types such as TLS, TTLS and PEAP, this optional parameter specifies the maximum size in octets permitted for each TLS message fragment. Defaults to 2048, but many EAP clients, routers and wireless Access Points have limitations that require EAPTLS_MaxFragmentSize to be set as low as 1000 or less. Setting this number too small can result in excessive RADIUS request round trips during EAP TLS authentication, slowing down the authentication process. Setting this number too large can result in failure to complete TLS authentication for some types of clients and devices.
Monday, May 31, 2010
Beer and Food in Vilnius
Got feedback from conference participants and at least one Finnish tax payer that they want to see more research coverage on beer and food. :) So even if we have been busy attending sessions, debugging eduroam and in various discussions, we have also been able to research the opportunities Vilnius presents for enjoying good beer and food.
Based on the background research done by Stig and Matti, I have managed to map already few places to enjoy good beer and food after heavy conference day. I will try to update this map during conference and all participants are welcome to contribute if they have clarifications or new places to be added.
Beer places in Vilnius, Lithuania
View Beer places in Vilnius, Lithuania in a larger map
Based on the background research done by Stig and Matti, I have managed to map already few places to enjoy good beer and food after heavy conference day. I will try to update this map during conference and all participants are welcome to contribute if they have clarifications or new places to be added.
Beer places in Vilnius, Lithuania
View Beer places in Vilnius, Lithuania in a larger map
Defining the Y Generation
It is sometimes hard to figure out what is the definition of X generation, Y generation or even millennials. Hannes Lubich's presentation in today's plenary clarified among others what Y generation means and what are the characteristics of this generation.
The interesting thing was that at least I was able to pick up few Y generation characteristics from myself even if I guess I belong more to the previous generation based on my age. Or maybe it is just that I want to find some younger Y generation characteristics in me. :)
The interesting thing was that at least I was able to pick up few Y generation characteristics from myself even if I guess I belong more to the previous generation based on my age. Or maybe it is just that I want to find some younger Y generation characteristics in me. :)
Blogging at Terena Networking Conference 2010
You know that you have done too much Web 2.0 when people invite you to blog about events. This year I am once again participating in Terena Networking Conference and the conference organiser asked if I would interested to blog about the event. Since I am already hanging around here (currently in Juniper's meeting) and taking photos I accepted and here we are, part of Terena Networking Conference 2010 coverage.
To make sure that my time was efficiently used, instead of just watching presentations, blogging and drinking beer :) I am also both invited speaker, paper and poster presenter here, which should keep me busy doing those slides and later by presenting them.
My first presentation is about RadSec/RADIUS based roaming paper and the second invited one is about the Internet bus from Tampere, Netti-Nysse. The poster is about ICT SHOK Future Internet Testbed and I just managed to bring it to conference lobby before coming to this Juniper presentation.
And speaking of presentations, I really have to now upload some placeholders for compatibility testing purposes to the presentation system, so more coverage and even some nice photos about Vilnius will have to wait to the next post. Luckily they have a nice working eduroam Wi-Fi network here complete with both public IPv4 and IPv6 addresses.
To make sure that my time was efficiently used, instead of just watching presentations, blogging and drinking beer :) I am also both invited speaker, paper and poster presenter here, which should keep me busy doing those slides and later by presenting them.
My first presentation is about RadSec/RADIUS based roaming paper and the second invited one is about the Internet bus from Tampere, Netti-Nysse. The poster is about ICT SHOK Future Internet Testbed and I just managed to bring it to conference lobby before coming to this Juniper presentation.
And speaking of presentations, I really have to now upload some placeholders for compatibility testing purposes to the presentation system, so more coverage and even some nice photos about Vilnius will have to wait to the next post. Luckily they have a nice working eduroam Wi-Fi network here complete with both public IPv4 and IPv6 addresses.
Sunday, April 11, 2010
What is eduroam and roaming?
A promotional eduroam video produced by Australia's research and education network (AARnet) explains the concept of eduroam and the benefits of federated roaming:
For you, it is possible to get this technology to your home organisation or even a company by utilising Arch Red products and services to bring your network and users as a part of eduroam or other community networks such as Wireless Tampere (Langaton Tampere).
For you, it is possible to get this technology to your home organisation or even a company by utilising Arch Red products and services to bring your network and users as a part of eduroam or other community networks such as Wireless Tampere (Langaton Tampere).
Subscribe to:
Posts (Atom)
