USENIX - LISA 2000

Tutorials: Overview | By Day (Sunday, Monday, Tuesday) | By Instructor | All in One File

Monday, December 4, 2000

Full-Day Tutorials
M1 Network Design for High Availability NEW
Vincent C Jones, Networking Unlimited, Inc.
M2 System and Network Performance Tuning
Marc Staveley, Soma Networks, Inc.
M3 Sendmail Configuration and Operation (Updated for Sendmail 8.11)
Eric Allman, Sendmail, Inc.
M4 Auditing--Enlisting Management Support for Change
Geoff Halprin, The SysAdmin Group
M5 Windows NT and UNIX Integration: Problems and Solutions
Phil Cox, SystemExperts Corporation
M6 Linux Systems Administration
Bryan C. Andregg, Red Hat, Inc.
M7 Internet Security for UNIX & Linux System Administrators
Ed DeHart, Prism Servers, Inc.
M8 Topics in Windows NT/2K Systems Administration: Hot & Cool NEW
Aeleen Frisch, Exponential Consulting

Half-Day Tutorials - Morning
M9 Exploring the Potential of LDAP NEW
Gerald Carter, VA Linux Systems
M10 Introduction to Domain Name System Administration
William LeFebvre, CNN Internet Technologies
M11 Communicating with Everybody NEW
Stephen Johnson, Transmeta; Dusty White, Consultant

Half-Day Tutorials - Afternoon
M12 Deploying a Console Server Application NEW
David K. Z. Harris and Bryan Stansell, Certainty Solutions
M13 Intermediate Topics in Domain Name System Administration
William LeFebvre, CNN Internet Technologies
M14 Dealing with Difficult People
Stephen Johnson, Transmeta; Dusty White, Consultant

M1 Network Design for High Availability NEW
Vincent C Jones, Networking Unlimited, Inc.

Who should attend: System and network designers and administrators who want to improve the availabiity of their network infrastructure and Internet access, and anyone looking for a survey of how IP networks can fail and techniques for keeping critical network services available despite failures. Attendees should already be familiar with basic network terminology and concepts, TCP/IP protocols, and the role of routers and switches. (This tutorial is designed to complement Tutorial S1, "Designing Resilient Distributed Systems--High Availability.")

No matter how the price is measured, downtime impacts the bottom line. As organizations grow ever more dependent upon computers and their support networks, hardware and software failures that interfere with business operations are increasingly seen to be unacceptable. Availability has become a key network performance metric, commensurate with throughput and delay.

We will discuss how to select and configure appropriate redundancy for common production network needs. The emphasis will be on how to take advantage of standard capabilities to make the network more reliable and to minimize the need for emergency manual intervention. Proven solutions based on open standards and protocols will be provided for a wide range of application requirements.

Topics include:

Providing bullet-proof network access to servers
Forcing dial backup calls on soft as well as hard link failures
Tuning popular routing protocols to speed up failure recovery
Building very large hub and spokes networks with small spoke routers
Routing around firewall failures without sacrificing security
Making Internet connectivity immune to the loss of a router, link, or ISP
Continuing to provide services despite loss of an entire facility

Vincent C. Jones (M1) is the founder and principal con sultant of Networking Unlimited, Inc., a network design consulting firm specializing in network performance and reliability enhancement. Vince has been applying the theory of networking to the solution of real-world problems for almost three decades and is the author of High Availability Network Design, to be published later this year by Addison-Wesley.

M2 System and Network Performance Tuning
Marc Staveley, Soma Networks, Inc.

Who should attend: Novice and advanced UNIX system and network administrators, and UNIX developers concerned about network performance impacts. A basic understanding of UNIX system facilities and network environments is assumed.

We will explore techniques for tuning systems, networks, and application code. Starting from a single-system view, we'll examine how the virtual memory system, the I/O system, and the file system can be measured and optimized. We'll move on to Network File System tuning and performance strategies. Detailed treatment of network performance problems, including network design and media choices, will lead to examples of network capacity planning. Application issues, such as system call optimization, memory usage and monitoring, code profiling, real-time programming, and controlling response time will be covered. Many examples will be given, along with guidelines for capacity planning and customized monitoring based on your workloads and traffic patterns. Analysis periods for particular situations will be provided.

Topics include:

Performance tuning strategies
- Practical goals
- Monitoring intervals
- Useful statistics
- Tools, tools, tools
Server tuning
- Filesystem and disk tuning
- Memory consumption and swap space
- System resource monitoring
NFS performance tuning
- NFS server constraints
- NFS client improvements
- NFS over WANs
- Automounter and other tricks
Network performance, design, and capacity planning
- Locating bottlenecks
- Demand management
- Media choices and protocols
- Network topologies: bridges, switches, routers
- Throughput and latency
- Modeling resource usage
Application tuning
- System resource usage
- Memory allocation
- Code profiling
- Job scheduling and queuing
- Real-time issues
- Managing response time

Marc Staveley (M2) recently left Sun Microsystems Enterprise Services to join a start-up, where he is applying his 16 years of experience with UNIX development and administration. Previously Marc was an independent consultant and has held positions at NCR, Princeton University, and the University of Waterloo. He is a frequent speaker on the topics of standards-based development, multi-threaded programming, systems administration, and performance tuning.

M3 Sendmail Configuration and Operation (Updated for Sendmail 8.11)
Eric Allman, Sendmail, Inc.

Who should attend: System administrators who want to learn more about the sendmail program, particularly details of configuration and operational issues (this tutorial will not cover mail front ends). This will be an intense, fast-paced, full-day tutorial for people who have already been exposed to sendmail. This tutorial describes the latest release of Berkeley sendmail, version 8.11.

We begin by introducing a bit of the philosophy and history underlying sendmail.

Topics include:

The basic concepts of configuration: mailers, options, macros, classes, keyed files (databases), and rewriting rules and rulesets
Configuring sendmail using the m4 macro package
Day-to-day management issues, including alias and forward files, "special" recipients (files, programs, and include files), mailing lists, command-line flags, tuning, and security
How sendmail interacts with the Domain Name System

Eric Allman (M3, T9) is the original author of sendmail. He is the author of syslog, tset, the -me troff macros, and trek. He was the chief programmer on the INGRES database management project, designed database user and application interfaces at Britton Lee,and contributed to the Ring Array Processor project at the International Computer Science Institute. He is a former member of the USENIX Board of Directors.

M4 Auditing--Enlisting Management Support for Change
Geoff Halprin, The SysAdmin Group

Who should attend: System administrators who are responsible for developing strategy for their sites, performing system reviews, planning improvements, or proposing expenditures to improve practices, and consultants wishing to develop their skills in planning work and communicating with clients.

As a system administrator, you know when there is a problem. But how can you convince the higher-ups that something needs to be done? The audit is the most valuable tool in your arsenal when it comes to dealing with management, because it forces a rigorous assessment of the current situation, evaluates alternatives, and results in a document that cogently addresses the problems. Audits also have the side effect of uncovering problems you didn't even know existed! An audit enables you to prove your point and also cover your back. It should be your primary tool for:

Convincing management that a problem exists
Educating management as to the true nature and complexity of your role, and how much effort is involved in doing that job well
Planning technical improvements to a site, including obtaining management sign-off on these projects

Audits come in many shapes and sizes. They are a basic mechanism for system review and control over entropy. This tutorial introduces the concepts and principles of audits and will examine in detail how to conduct an audit, including interviews and system inspections, and how to present the results of that work to management in the form of a formal audit report.

Topics include:

What an audit is
Audit concepts and terminology
Three audit perspectives
The 4-step audit process
The 5-step controlled improvement process
A detailed look at interviews, site inspections, and tools
The audit report

Geoff Halprin (M4) is the principal consultant at The SysAdmin Group. He has been a system administrator for the past 15 years and a consulting system administrator for over 10. Geoff specializes in data security and systems management disciplines and in the evaluation and improvement of systems management practices. He has acted as consultant to a wide variety of organizations, including government, large corporations, and several major ISPs. Geoff is also the vice-president of the System Administrators Guild of Australia (SAGE-AU) and is a member of the SAGE Executive Committee.

M5 Windows NT and UNIX Integration: Problems and Solutions
Phil Cox, SystemExperts Corporation

Who should attend: System administrators who are responsible for heterogeneous WinNT- and UNIX-based systems. Attendees should have user-level knowledge of both OSes, and, preferably, systems administration experience in at least one of them.

Today's organizations choose computing solutions from a variety of vendors. Often, integrating the solutions into a seamless enterprise is a task left up to system administrators. This course covers specific issues in administering a mixture of NT and UNIX-based systems. The focus will be on practical solutions to real administration problems.

Topics include:

Overview of NT and UNIX
- Basic homogeneous setups
- Services: what's offered, and how
- Similarities
- Differences
- Potential sticking points
Areas of interest
- Electronic mail
- Web servers
- User authentication
- File serving
- Printing
- Faxes and modems
- Host-to-host connectivity
- Remote administration
- Backup and restore

For each of the areas we will cover:

Current uses in homogeneous environments
Where integration can happen
Integration solutions, how to choose one, some useful tools
Security considerations

Phil Cox (M5, T2) is a consultant for SystemExperts Corporation, a consulting firm that specializes in system security and management. Phil frequently writes and lectures on issues bridging the gap between UNIX and Windows NT. He is a featured columnist in ;login;, the USENIX Association Magazine and has served on numerous USENIX program committees. Phil holds a B.S. in computer science from the College of Charleston, South Carolina.

M6 Linux Systems Administration
Bryan C. Andregg, Red Hat, Inc.

Who should attend: This tutorial is directed at system administrators who are planning on implementing a Linux solution in a production environment. Course attendees should be familiar with the basics of systems administration in a UNIX/Linux environment: user-level commands, administration commands, and TCP/IP networking. The novice administrator and the guru should both leave the tutorial having learned something.

From a single server to a network of workstations, the Linux environment can be a daunting task for administrators knowledgeable about other platforms. Starting with a single server and ending with a multi-server 1000+ user environment, case studies will provide practical information for using Linux in the real world.

Topics include (with a special emphasis on security):

Installation features
Disk partitioning and RAID
Networking
User accounts
Services
NFS and NIS
High-availability environments
The workplace
Up and coming in the Linux world (CODA, LVM, etc.)

Upon completion of the course, attendees should feel confident in their ability to set up and maintain a secure and useful Linux network. The tutorial allows for questions at all times.

Bryan C. Andregg (S6, M6) works for Red Hat, Inc. In the past three years Bryan has worked in or with almost every position at the company, sometimes to a good end. His current projects include Coffee Making 101 and Linux for Land Rovers. Prior to Red Hat, Bryan was the systems and network administrator for an ISP. His current title is "Smoke Jumper."

M7 Internet Security for UNIX & Linux System Administrators
Ed DeHart, Prism Servers, Inc.

Who should attend: UNIX and Linux system and network administrators and operations/support staff. After completing the tutorial, you should be able to establish and maintain a site that allows the benefits of Internet connectivity while protecting your organization's information.

You will learn strategies to reduce the threat of Internet intrusions and to improve the security of your UNIX and Linux systems connected to the Internet, as well as how to set up and manage Internet services appropriate to your site's mission.

Topics include:

Latest news on security problems
UNIX and Linux system security
TCP/IP network security
Site security policies

Ed DeHart (S13, M7) is a former member of Carnegie Mellon University's CERT Coordination Center, which he helped found in 1988. Ed has also owned an ISP, Pittsburgh OnLine Inc., which operated several UNIX servers. Currently, Ed is President of Prism Servers, Inc., a manufacturer of Internet firewalls and UNIX-based Internet servers.

M8 Topics in Windows NT/2K Systems Administration: Hot & Cool NEW
Aeleen Frisch, Exponential Consulting

Who should attend: System administrators responsible for Windows servers.

Topics include:

What's new in Windows 2000: An overview of the new features from a system administrator's point of view.
Effective group policies: How to use the new group policies in Windows 2000 as a powerful management and security tool
Disk management and optimizing I/O performance, including:
- NTFS version 4 vs. 5
- Fault tolerance and volume management features
- Monitoring/tuning I/O performance
Automating administrative tasks: We will consider several levels, ranging from unattended OS installations, through the automation facilities included with the OS, to creating your own scripts and services.
Securing and monitoring: Windows 2000's initial release included a security vulnerability during installation. We'll look at what's needed to secure a Windows NT/2000 system and ways of monitoring to keep it secure.

Aeleen Frisch (M8, T6) has been a system administra tor for over 15 years. She currently looks after a very heterogeneous network of UNIX and Windows NT systems. She is the author of several books, including Essential Windows NT System Administration.

M9 Exploring the Potential of LDAP NEW
Gerald Carter, VA Linux Systems

Who should attend: Administrators and programmers interested in the potential of the Lightweight Directory Access Protocol (LDAP) and in exploring issues related to deploying an LDAP infrastructure. This tutorial is not designed to be a how-to for a specific LDAP server, nor is it an LDAP developers' course. Rather, it is an evaluation of the potential of LDAP to allow the consolidation of existing deployed directories. No familiarity with LDAP or other Directory Access Protocols will be assumed.

System administrators today run many directory services, though they may be called by such names as DNS and NIS. LDAP, the up-and-coming successor to the X500 directory, promises to allow administrators to consolidate multiple existing directories into one. Vendors across operating-system platforms are lending support.

Topics include:

The basics of LDAP
Current technologies employing LDAP services
Replacing NIS using LDAP
LDAP interoperability with other proprietary Directory Services, such as Novell's NDS and Microsoft's Active Directory
Programming tools and languages available for implementing LDAP support in applications

Gerald Carter (S5, M9) has been a member of the Samba Team since 1998 and is employed by VA Linux Systems. He is currently working with O'Reilly Publishing on a guide to LDAP for system administrators. He holds a master's degree in computer science from Auburn University, where he was also previously employed as a network and systems administrator. Gerald has published articles with various Web-based magazines such as Linuxworld and has authored instructional course for companies such as Linuxcare. He acted as the lead author of Teach Yourself Samba in 24 Hours (Sams Publishing.)

M10 Introduction to Domain Name System Administration
William LeFebvre, CNN Internet Technologies

Who should attend: System or network administrators who have been exposed to the Domain Name System only as users. A basic understanding of the IP protocols, TCP and UDP, data encapsulation, and the seven-layer model will be beneficial.

DNS, the primary method the Internet uses to name and number machines, is used to translate names like "www.usenix.org" into addresses like 131.106.3.253. Any site that is serious about joining the Internet community will need to understand how to configure and administer DNS.

This tutorial will describe the basic operation of DNS and will provide instructions and guidelines for the configuration and operation of DNS on UNIX platforms using the BIND software distribution. This class is designed for the beginner and is intended to provide a foundation for the tutorial on "Intermediate Topics in Domain Name System Administration."

Topics include:

DNS and BIND
The DNS Name Hierarchy
The four components of DNS
Iterative vs. recursive querying
Essential resource records: SOA, A, PTR, CNAME, NS
Zone transfers and secondaries
Vendor-specific differences

William LeFebvre (M10, M13) has been using UNIX and Internet technologies since 1983. He has written many articles on UNIX, networking, and systems administration issues. Currently he writes the monthly "Daemons & Dragons" column for UNIX Review. William is the editor of the SAGE series "Short Topics in System Administration." He has taught tutorials since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS Training Institute, IT Forum, and Great Circle Associates, and he is a certified Cisco Systems Instructor. William is the primary programmer for the popular UNIX utility top and has contributed to several widely used UNIX packages, including Wietse Venema's logdaemon package. He can be reached at wnl@groupsys.com or via https://www.groupsys.com/.

M11 Communicating with Everybody NEW
Stephen Johnson, Transmeta; Dusty White, Consultant

Who should attend: Managers and prospective managers, people who deal with a large customer base, and anyone who is interested in how people communicate and how to communicate more effectively.

When you communicate with people, do you wait for them to meet you halfway? Are you disappointed and feel at a loss if they don't? This course gives some simple-to-learn but powerful techniques to help you communicate better with everyone, even those who don't want to communicate with you. The techniques are easy and practical--we'll demonstrate them in class, then you can go practice during the conference.

Topics include:

Rapport: what it is and how to get it
Different ways people organize information, and how to communicate using each kind of representation
How to organize written or spoken material to be most easily understood by all kinds of people
Giving feedback, positive and negative
Intention and responsibility for communication

Stephen Johnson (M11, M14, T11, T14) has been a technical manager on and off for nearly two decades, in both large and small companies. At AT&T, he is best known for writing Yacc, Lint, and the Portable C Compiler. He served as the head of the UNIX Languages Department at AT&T's Summit Labs. He has also been involved in a number of Silicon Valley startup companies. He served for ten years on the USENIX Board of Directors, four of them as president. He presented an invited talk on management at LISA three years ago, he has taught USENIX tutorials on technical subjects, and he has led management training seminars at LISA and the USENIX Annual Conference, as well as at Transmeta.

M12 Deploying a Console Server Application NEW
David K. Z. Harris and Bryan Stansell, Certainty Solutions

Who should attend: System administrators supporting many UNIX hosts; network administrators with large, distributed networks; security architects looking for alternative ways to control secure devices; senior administrators looking for mentoring and collaboration tools, or just trying to do more with less.

The serial console port on a host or device can give you valuable security data and allow configuration you cannot access via the operating system on most devices. Using standard equipment and the free Conserver application, you can provide your site with managed, secure remote access to the serial consoles of your hosts, network equipment, and even non-networked devices. This class will cover implementation models and Conserver installation and configuration. It will take the mystery out of hooking most serial devices up to your terminal servers.

Topics include:

Why use serial consoles?
Why use terminal servers?
What a client-server solution can do for you
How to mine information from logs
How to install and configure Conserver
How to connect all of your devices to your terminal servers

David K. Z. Harris (M12) has been a network plumber "for more than a decade," and he
likes many kinds of puzzles. He's been a member of the Technical Staff at GNAC for nearly three years. Connecting various devices together (like making networks work, or hooking up serial consoles) is just another interesting puzzle.

Bryan Stansell (M12) was one of the first members of the GNAC staff and is the current keeper of the Conserver code tree, as an extension of his love of computers and programming.

M13 Intermediate Topics in Domain Name System Administration
William LeFebvre, CNN Internet Technologies

Who should attend: Network administrators with a basic understanding of DNS and its configuration, those whose need to learn how to create and delegate subdomains, and administrators planning to install BIND8. Attendees are expected either to have prior experience with DNS, including an understanding of basic operation and zone transfers, or to have attended the "Introduction to Domain Name System Administration" tutorial.

Attendees will move beyond the basics into a more thorough understanding of the overall design and implementation of DNS.

Topics include:

Subdomains and delegation
Resource records: NS, RP, MX, TXT, AAAA
Migration to BIND8
DNS management tools
DNS design
DNS and firewalls

William LeFebvre (M10, M13) has been using UNIX and Internet technologies since 1983. He has written many articles on UNIX, networking, and systems administration issues. Currently he writes the monthly "Daemons & Dragons" column for UNIX Review. William is the editor of the SAGE series "Short Topics in System Administration." He has taught tutorials since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS Training Institute, IT Forum, and Great Circle Associates, and he is a certified Cisco Systems Instructor. William is the primary programmer for the popular UNIX utility top and has contributed to several widely used UNIX packages, including Wietse Venema's logdaemon package. He can be reached at wnl@groupsys.com or via https://www.groupsys.com/.

M14 Dealing with Difficult People
Stephen Johnson, Transmeta; Dusty White, Consultant

Who should attend: Anyone who needs to deal with difficult people on the job, especially managers and those who deal with difficult clients.

Difficult co-workers may be clients, employees, peers, or managers. This tutorial will discuss what makes people difficult, and how you can deal more easily with them without knuckling under.

Topics include:

Reaching agreement with negative people
Fitting loners into your group
Dealing with people who do not like to plan or attend meetings
Giving feedback constructively
Dealing with difficult bosses
How to know when to disengage from difficult people