====== Server ====== On the following pages you find additional information regarding our Server and how to set it up. ===== Remote Access ===== Install [[https://www.zi.uzh.ch/en/support/network/vpn_ISAC.html|UZH VPN]] and follow the guide there to get access to the UZH VPN. Install [[https://sourceforge.net/projects/xming/|Xming]] for a graphical interface between Linux applications and Windows. Install [[https://putty.org/|PuTTY]] to allow tunneling of X11 protocols through SSH connections. Connecting to the server using PuTTY: Go to Start and open PuTTY from there. In the field Host Name (or IP address), type the server's IP: 10.65.117.42. On the left side, expand the SSH option, go to X11, and enable X11 forwarding. Go back to Session on your left side, give your session a name, and click Save. This allows you to simply load your previous settings the next time you want to connect to the server. Click Open. A terminal window should open where you will be asked for the login credentials: * Username: damic * Password: 1rChEL Open the application/software. To open any kind of application, you have to run the executable from the terminal opened by PuTTY. ===== Network configuration ===== The computer is configured to act as a router and a gateway between the internal network connecting all devices of the experimental setup and the rest of the UZH infrastructure. Effectively, devices on the internal network are hidden from the outside, while they can still access the internet. SELinux is not installed while AppArmor, a security policy software does not interfere with normal operations and thus must be left active. To allow remote connection ssh has to be installed: sudo apt install openssh-server sudo nano /etc/ssh/sshd_config uncomment the follogwing lines: Port 22 PermitRootLogin yes PasswordAuthentication yes To allow for replies to ping requests, the system fierwall has to bedisabled: sudo systemctl stop firewalld sudo systemctl disable firewalld sudo systemctl status firewalld The following rules have to also be configured in the iptables service: sudo iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT sudo iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT sudo iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT sudo iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT After these modifications, one must save the settings and restart the network manager: sudo iptables-save sudo systemctl restart NetworkManager To ensure that ICMP is allowed and replies to pings are issued, the following must also be set: sudo sysctl -w net.ipv4.icmp_echo_ignore_all=0 sudo sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=0 If additional debugging is needed, tcpdump is a great utility to monitor traffic on the tcp protocol of all network ports. If not pre-installed, it can be downloaded using zypper: sudo apt update sudo apt install tcpdump Once tcpdump is present, once can continuously monitor traffic by issuing: sudo tcpdump -i any icmp ===== RAID ===== To configure a system in any kind of RAID mode you have to set the jumper like shown here. Then with F8 enter the BIOS settings and change the Main Board to RAID mode. {{ :server:server:raidsetting.png?400|}} ---- The systems will most propably not see the RAID mode, we were unable to localize/solve this issue. The only thing that did work was installing a RAID card. Then the following jumper has to be modified accordingly: {{ :server:server:raid_card.png?400|}} After doing so press Ctrl+A to enter the RAID card settings and set up the Disks accordingly. ----