ICT-ISS 2006
ET-CTS (EUDCS) Report
Jean-François Gagnon
Director, Network and Voice Operations
Chief Information Officer Branch
Environment Canada
.
2121 Trans-Canada Highway
Dorval, Québec
Canada, H9P 1J3
514-421-4658
jean-francois.gagnon@ec.gc.ca
ICT-ISS – Genève
September 2006
1
ET Members & ET Meeting participants
Jean-François GAGNON
Canada
Hugues AYINA
ASECNA
Hiroyuki ICHIJO
Japan
Matteo DELL'ACQUA
ECMWF
Ian SENIOR
Australia
Jose Mauro de REZENDE
Brazil
Xiang LI (Ms)
China
Guillaume AUBERT
ECMWF
Remy GIRAUD
France
David BROWN
NCAR
Ilona GLASER (Ms)
Germany
Akihiko NAKAZONO
Japan
Wai-man MA
Hong Kong
Hisashi NAKANO
Japan
Elham FARMAN (Ms)
Iran
Takahiro SAITO
Japan
Kevin ALDER
New Zealand
Yoritsugi OHNO
Japan
Cemal OKTAR
Turkey
Nobue KISHI (Ms)
Japan
Phil CHAMBERLAIN
UK
Tatsuya KIMURA
Japan
Allan DARLING
USA
Jean-Michel RAINER
Secretariat
ICT-ISS – Genève
September 2006
2
ET-CTS Tokyo 25-28 April 2006 Participants
ICT-ISS – Genève
September 2006
3
ET-CTS/EUDCS Discussions, Conclusions and Recommendations
•
•
REVIEW OF THE CURRENT STATUS OF IMPLEMENTATION OF TCP/IP
PROCEDURES AND APPLICATIONS AT GTS CENTRES
RECOMMENDED PRACTICES FOR TCP/IP PROCEDURES AND
APPLICATIONS
– TCP/IP procedures on the GTS (IP address scheme & IPv6)
– TCP/IP based services (Email & web)
– File naming convention
•
RECOMMENDED PRACTICES FOR DATA COMMUNICATION AND DATA
ACCESS PROCEDURES
– OPeNDAP, NetCDF, HDF
•
GUIDANCE FOR IMPLEMENTATION OF DATA COMMUNICATION
FACILITIES (GTS & INTERNET) AT WWW CENTRES
–
–
–
–
Guide on use of FTP and FTP servers at WWW centres
Guide on Information Technology Security (ITS) at WWW centres
Guide on Internet Practices
Guide on Virtual Private Networks (VPN) via the Internet between GTS centres
ICT-ISS – Genève
September 2006
4
REVIEW OF THE CURRENT STATUS OF IMPLEMENTATION OF
TCP/IP PROCEDURES AND APPLICATIONS AT GTS CENTRES
•
Reports from:
–
–
–
–
–
–
–
–
–
–
–
•
•
•
•
•
RTH TOKYO (Nakano San)
RTH Offenbach (I. Glaser)
NMC Ankara (C. Oktar)
RTH Melbourne (I. Senior)
RTH Beijing (Li X.)
RTH Exeter (P. Chamberlain)
IMTN Region III (J.M.de la Rezende)
NMC Hong Kong (W.Ma)
Asecna (H Ayina)
New Zealand (K. Alder)
RTH Tehran (E. Farman)
The ET noted some progress in implementation of TCP/IP procedures around the various regions
especially for smaller sites (major centers had already reported conversion to TCP/IP procedures
at previous meetings).
Internet experience is good and reports on reliability are reassuring.
It is noted however that ideally, Internet is still not recommended as unique method of data
acquisition for mission critical activities.
It was also noted that security is an important concern and requires efforts and strong commitment
by all. It was commented that it is easier to secure FTP connections than sockets.
It was noted that while collection of bulletins via Email often proves to improve communications in
some areas, it also requires a strong quality control at the collecting center as the collected
messages often contain several typing or format mistakes.
ICT-ISS – Genève
September 2006
5
RECOMMENDED PRACTICES FOR TCP/IP PROCEDURES AND
APPLICATIONS
•
TCP/IP procedures on the GTS
–
Work plans and deliverables
•
•
•
–
–
–
–
–
Finalize a new IP address scheme and migration plan to resolve the issue of IP addresses for GTS
links, in close association with the centres that are the main users of the current IP addresses (mid
2005).
Study IPv6 and the possibility of registering IPv6 addresses for WMO purposes (End of 2006).
It is expected that a review of Attachment II.15 should be achieved (preferably before July 2006).
I. Senior reported successful tests of IPv4 "unnumbered" feature on Brisbane, Melbourne
and Tokyo links when using static routing. This feature can help in situations where official
addresses can not be assigned to a link. Difficulties were encountered with BGP routing, but
it is believed that this is just a configuration problem that should be easy to fix.
Reports on the progress of IPv6 deployment in the industry were a bit disappointing.
Although the number of registered addresses is growing, there is also an apparent decline in
official IPv6 deployment activities in the world. For example, earlier plans for IPv6 readiness
in the Japanese government in 2008 are not so precise anymore.
There was some discussion on the possibility of registering a block IPv6 addresses for use
by WMO member countries. No expert could offer advice on how registering bodies would
accept such a request nor if such a block of addresses would actually be useful. The IPv6
addressing schemes should be further studied in order to answer this question.
In the short term, we have options that are more attractive than IPv6 to propose as a solution
to the IP address issue.
The Sept 2005 "provisional arrangement for IP addresses" was reviewed including recent
additions by R. Giraud. The ET agreed on the concepts and principles of the arrangement
and would include this information in a review of Att II.15.
(http://www.wmo.int/web/www/ISS/Guides/IP-addresses-GTS_Prov2005sept.doc)
ICT-ISS – Genève
September 2006
6
RECOMMENDED PRACTICES FOR TCP/IP PROCEDURES AND
APPLICATIONS (cont’d)
• TCP/IP based services
– Reports of Email and web data collection over the web were discussed
(Turkey, Hong Kong, New Zealand, plus a few words from Australia and
UK).
– Again, it was noted that while collection of bulletins via Email often
proves to improve communications in some areas, it also requires a
strong quality control at the collecting center as the collected messages
often contain several typing or format mistakes.
– It was noted that the New Zealand implementation can also forward
messages to the AFTN automatically.
– The Secretariat inquired if the Hong Kong and New Zealand
implementations of web ingest could be made available to requesting
countries as it is the case for the USA. No official response has been
received from these countries. It is expected that the implementations
are tightly linked to other internal procedures and systems.
– Web templates were demonstrated (password protected) at the meeting
by the presenters. These demonstrations might be made available to
requesting bodies.
– The ET concluded that the Email and web procedures information in the
current WMO documentation is adequate at this time.
ICT-ISS – Genève
September 2006
7
RECOMMENDED PRACTICES FOR TCP/IP PROCEDURES AND
APPLICATIONS (cont’d)
•
File-naming conventions
–
work plans and deliverables
•
•
–
–
–
–
–
–
–
b. Finalize the general new file naming convention, in collaboration with the ET-OI (End of 2005).
CBS identified the need for a method to assign unique identifiers to several elements and that a common approach
amongst the different ETs. It also supports that the generation of these unique identifiers should be made as close as
possible to the creation of the elements.
R. Giraud introduced a proposal from MeteoFrance to generate unique identifiers. The proposal favours
introducing a readable format in the identifier, since fields such as the TTAA will not be descriptive enough in
the future.
The ET also discussed a proposal provided by Steve Foreman before the meeting on this topic. This
proposal also meets the CBS needs, but would yield more abstract identifiers compared to the MeteoFrance
proposal.
It was noted that the French proposal is already being adopted by DWD and SIMDAT.
It was therefore felt that the French proposal should be adopted.
The proposal was therefore further developed as part of the review of Att II.15 and is currently available as a
standalone file at http://www.wmo.int/web/www/TEM/ICT-ISS2006/Doc31(1)_filenaming.doc
Japan provided a report of their implementation of the file naming convention. They have noted that the file
extension ".bin" may not describe the file type enough, and added information in the filename freeformat to
that effect (for example by specifying a ".grib" or “.bufr” extension). This has to be further refined.
The issue of the use of upper-lower case letters in the file naming convention was also discussed at length.
It was concluded that the ET would support case insensitivity as it is widely accepted and implemented in
the industry (for example email addresses and URLs). In particular it could be recommended to use the
"canonical form" of file names when processing. In this manner it would be expected that:
•
•
•
•
File names be saved in their original form as received (with any combination of upper-lower case characters)
Files would be saved with lower case characters only for internal processing, comparison, name searches, etc.
Files would be retransmitted with the original saved name to preserve the upper lower case differences.
This keeps the benefits of readability of upper lower case throughout the systems, but provides case independence for
processing and reference.
This precision as yet to be added in the file naming convention.
ICT-ISS – Genève
September 2006
8
RECOMMENDED PRACTICES FOR DATA COMMUNICATION AND
DATA ACCESS PROCEDURES
•
Work plans and deliverables
–
•
•
•
•
•
•
•
Draft recommended practices for data-communication and data access procedures, in particular OPeNDAP,
NetCDF and HDF (Q3 2006).
D. Brown from NCAR presented netCDF, HDF5, OpenDAP and how this relates to TIGGE at
NCAR (NCAR, ECMWF and CMA are archive sites for TIGGE).
netCDF (network common data form) is an interface for array-oriented data access and a library
that provides an implementation of the interface. The netCDF library also defines a machineindependent format for representing scientific data. Together, the interface, library, and format
support the creation, access, and sharing of scientific data.
HDF5 is the storage layer used by netCDF.
OpenDAP (Open-source project for a network data access protocol) makes local data accessible
to remote locations regardless of local storage format.
With respect to TIGGE, it was noted that the daily file transfer requirements when the 3 sites are
running could be very large (~200Gbytes/day).
It was noted that netCDF and HDF5 was used by several organisations in the USA, but as well in
Australia and Brasil and others. NetCDF in particular seems to have wide acceptance in the
general field of environmental sciences.
Although the ET noted with appreciation what these projects and formats were, it was difficult to
arrive at a conclusion regarding their use for access procedures in the context of WMO. This
discussion should probably follow a more in depth study of the requirements of WIS. In terms of
data communication, the formats do not pose any particular problems per say. The volume of
data is of more concern.
ICT-ISS – Genève
September 2006
9
GUIDANCE FOR IMPLEMENTATION OF DATA COMMUNICATION
FACILITIES (GTS & INTERNET) AT WWW CENTRES
•
•
Reference (excerpt from EC-LVII)
Appreciating the guidance material being developed by CBS for the operational use
of the Internet with minimized operational and security risks, and its importance for
smaller NMHSs, the Council requested CBS to actively pursue this task, and urged
NMHSs to contribute their experience and expertise.
Work plans and deliverables
–
•
Finalize the Guide on use of FTP and FTP servers at WWW centres, the Guide on
Information Technology Security (ITS) at WWW centres and review the Guide on Internet
Practices as necessary (End of 2005).
Guide on use of FTP and FTP servers at WWW centres
–
–
–
A. NAKAZONO presented the work done on “the Guide on use of FTP and FTP servers at
WWW centres”. Much progress has been achieved in this guide which now contains all the
essential elements on the topic. However, Mr Nakazono indicated the lack of experience on
Windows (and Internet Info Server, IIS) based servers and requested help from other
volunteers to complete this part of the work. After discussion, it was recommended to drop
the IIS description, and favour a popular free FTP server for Windows. R Giraud will also
communicate minor comments to Mr Nakazono after the meeting and possibly offer help for
suggesting an acceptable free Windows FTP server.
P. Chamberlain also noted that the guide proposed to use the /active and passive” FTP
options in a way different to the current use of the FTP server implemented at the UK
Metoffice.
The guide has been reviewed by Mr. A. Nakazono’s supervision and is available at
http://www.wmo.int/web/www/TEM/ICT-ISS2006/WMO_Guide_Use_FTP-Sep13.doc
ICT-ISS – Genève
September 2006
10
GUIDANCE FOR IMPLEMENTATION OF DATA COMMUNICATION
FACILITIES (GTS & INTERNET) AT WWW CENTRES (cont’d)
• Guide on Information Technology Security (ITS) at WWW centres
– JF Gagnon provided an overview of the Guide on ITS at WWW centres,
highlighting the importance for IT Security in a networked environment.
It was also noted that security will be a growing concern, especially with
the new RMDCN and eventually new IMTN.
– This guide also required completion. Several sections were incomplete.
Section 5.5 was further developed to emphasize the need for detection
and actions to be taken when events are detected.
– The ITS guide was reviewed and completed under Ms I. Glaser’s
supervision and is now available at
http://www.wmo.int/web/www/TEM/ICT-ISS2006/WMO_Guide_ITSrev2006-07-19.doc
• Guide on Internet Practices
– The guide was reviewed after the Tokyo meeting under Mr. W. Ma’s
supervision and is available at http://www.wmo.int/web/www/TEM/ICTISS2006/WMO_Guide_Internet_Practice-rev2006-09-14.doc. No major
changes were introduced, but several editorial changed were performed
as well as an update of references.
ICT-ISS – Genève
September 2006
11
GUIDANCE FOR IMPLEMENTATION OF DATA COMMUNICATION
FACILITIES (GTS & INTERNET) AT WWW CENTRES (cont’d)
•
Guide on Virtual Private Network (VPN) via the Internet between GTS
centres
– Work plans and deliverables
• Update and refine as required the current Guide on Virtual Private Networks (VPN) via
the Internet between GTS centres.
– C. Oktar presented an overview of VPN usage in Ankara. VPN is used there
both for regional offices and for secure remote access. It is not the main means
of communication for all the sites, but a complementary or backup solution.
– After discussion on the topic, it was noted that the Guide on ITS should warn
against the possibility of a remote access PC being a gateway between a secure
network (centre’s network to which the PC is connected via VPN tunnel) and the
internet (to which the PC may allow access as well). It should also explain a
method to guard against the potential threats in that case.
– It was also pointed out that the current guide on VPN does not address the issue
of remote access at all. This should be reviewed.
– Although, Mr. M. Del’Aqua offered to forward further documentation on the VPN
experiments in RA VI after the meeting, his move back to MeteoFrance form
ECMWF has left this work undone. This review is not critical, but is still an action
to complete.
ICT-ISS – Genève
September 2006
12
Review of Attachment II.15 (Use of TCP/IP on the GTS)
• Several discussions in ET-CTS pointed to the need for a review of
Attachment II.15.
• A draft ATT II.15 rev3 was started but not completed
– The foreword, introduction, chapters 1 and 2 and a new annex (High
Level TCP/IP Topology and TCP/IP Data Flows) are reviewed
• objective of making the ATT II.15 more of a TCP/IP reference rather than just
a migration document
• Include due reference to WIS as required
• These updates can probably be approved for ATT II.15 rev 3 as is.
– Chapters 3 to 5 were not reviewed as a whole, but some material is
provided:
•
•
•
•
•
IP address scheme (part of Chapter 3)
File naming (part of Chapter 4)
Secure GTS connection over the Internet using VPN (Annex 4)
This information can probably also be added to ATT II.15 as is.
More review is required for Chapters 3 to 5. It is unclear if this can be
completed and recommended officially by ET-CTS before CBS Ext 06.
ICT-ISS – Genève
September 2006
13
Thanks
• I wish to thank ET-CTS members and the secretariat (JM
Rainer) for their combined efforts in making this work
possible
ICT-ISS – Genève
September 2006
14
Summary of ad-hoc working groups and document
responsibilities
ICT-ISS – Genève
September 2006
15