MDM Observatory Network Guide

Updated: 2005 Aug 17 [rwp/osu]

MDM is connected to the Internet via Kitt Peak over a T1 connection to the Kitt Peak summit.

In addition to the observatory computers, MDM provides a number of network addresses for guest computers. The main connection points for visitor machines are the 4-port 10/100 ethernet switches located in the observing rooms at the 2.4-m and 1.3-m telescopes, and the routers located in the common areas at both domes (the living room of the 2.4m and the library of the 1.3m). These latter provide both wired and wireless ethernet with a fairly restricted range.

Network Overview

MDM provides a number of dynamically allocated (DHCP) IP numbers for visitor laptops. These are automatically assigned when you connect to the network.

Computers connected directly to the local network via the control room wired switches will be assigned addesses on the 140.252.83 subnet.
Computers connected via the living-area routers will be assigned private network addresses that map to 140.252.83 addresses via the routers.

To connect a laptop, you will need a standard wired ethernet adapter that can take an Cat5 cable using RJ45 (fat phone plug) connectors. Loaner cables are available from the mountain personnel on request. Users with standard 802.11b/g wireless network hardware can connect using the wireless routers when within range (usually just the living areas and weakly outside).

The staff can offer only limited assistance, so it is expected that you already know how to connect your laptop to a guest network in general (this is a very common practice, and hardly needs to be described in detail anymore). If not, you should learn before coming to MDM...

Security Issues

The MDM computer network is inside of the KPNO firewall. The only machine visible to the outside world for *incoming* remote network connections is the MDM server machine, "mdm". This machine will only accept encrypted ssh, scp, and sftp connections, as well as unecrypted http (web) access. No unencrypted interactive methods (e.g., telnet or ftp, anonymous or otherwise) are supported.

All outgoing traffic from the MDM subnet is open.

Other Services

While on the mountain network, your laptop has access to other network services:

Network Printers

Each of the control rooms have networked laser printers capable of single- and double-sided printing. Signs over the printers give their IP addresses and pointers for downloading drivers if you wish to print from your laptop while here. However, please be careful not to waste paper or toner.

printer driver for WinXP

Readonly Data Access via SAMBA

The data-taking machines provide readonly SAMBA services for local machines, using the observing accounts. A special SAMBA password is used (see the whiteboard in each control room for the current usernames and passwords). If you know how to use SAMBA on your Windows, Linux, or Mac, you can connect your computer to the data-taking machine's disk drives directly (without using slow ssh/scp) to make it easier to copy data onto your personal machines.

In order to protect the data-taking machines, the SAMBA mounts are currently read-only: you can copy data from the data-taking machines, but you may not write to them or delete files. For writing data, please use secure methods like ssh or scp.

Updated: 2005 August 17 [rwp/osu]