October 2010 VOLUME 35 NUMBER 5 OPINION Musings 2 RikR FaR ow SYSADMin Teaching System Administration in the Cloud 6 Jan Schaumann THE USENIX MAGAZINE A System Administration Parable: The Waitress and the Water Glass 12 ThomaS a. LimonceLLi Migrating from Hosted Exchange ­Service to In-House Exchange Solution 18 T Roy mckee NETWORKING IPv6 Transit: What You Need to Know 23 mT aT Ryanczak SU EC RITY Secure Email for Mobile Devices 29 B Rian kiRouac Co LUMNS Practical Perl Tools: Perhaps Size Really Does Matter 36 Davi D n. BLank-eDeLman Pete’s All Things Sun: The “Problem” with NAS 42 Pe TeR BaeR GaLvin iVoyeur: Pockets-o-Packets, Part 3 48 Dave JoSePhSen /dev/random: Airport Security and Other Myths 53 RoT BeR G. FeRReLL B OOK reVIEWS Book Reviews 56 El izaBeTh zwicky, wiTh BRanDon chinG anD Sam SToveR US eniX NOTES USA Wins World High School Programming Championships—Snaps Extended China Winning Streak 60 RoB koLSTaD Con FERENCES 2010 USENIX Federated Conferences Week: 2010 USENIX Annual Technical Conference Reports 62 USENIX Conference on Web Application Development (WebApps ’10) Reports 77 3rd Workshop on Online Social Networks (WOSN 2010) Reports 84 2nd USENIX Workshop on Hot Topics in Cloud Computing (HotCloud ’10) Reports 91 2nd Workshop on Hot Topics in Storage and File Systems (HotStorage ’10) Reports 100 Configuration Management Summit Reports 104 2nd USENIX Workshop on Hot Topics in Parallelism (HotPar ’10) Reports 106 The Advanced Computing Systems Association oct10covers.indd 1 9.7.10 1:54 PM Upcoming Events 24th Large InstallatIon system admInIstratIon ConferenCe (LISA ’10) Sponsored by USENIX in cooperation with LOPSA and SNIA november 7–12, 2010, San joSe, Ca, USa http://www.usenix.org/lisa10 aCm/IfIP/USENIX 11th InternatIonaL mIddLeware ConferenCe (mIddLeware 2010) nov. 29–DeC. 3, 2010, bangalore, India http://2010.middleware-conference.org/ 9th USENIX ConferenCe on file and storage teChnoLogIes (FAST ’11) Sponsored by USENIX in cooperation with ACM SIGOPS FebrUary 15–18, 2011, San joSe, Ca, USa http://www.usenix.org/fast11 8th USENIX symPosium on networked systems desIgn and ImplementatIon (NSDI ’11) Sponsored by USENIX in cooperation with ACM SIGCOMM and ACM SIGOPS marCh 30–aprIl 1, 2011, boSton, MA, USa http://www.usenix.org/nsdi11 eUroPean ConferenCe on Computer systems (eUrosys 2011) Sponsored by ACM SIGOPS in cooperation with USENIX aprIl 10–13, 2011, SalzbUrg, AustrIa http://eurosys2011.cs.uni-salzburg.at 13th workshoP on hot topics In oPeratIng systems (hotOS XIII) Sponsored by USENIX in cooperation with the IEEE Technical Committee on Operating Systems (TCOS) may 8–10, 2011, napa, Ca, USa http://www.usenix.org/hotos11 Submissions due: January 15, 2011 2011 USENIX federated ConferenCes week IncludIng USENIX ATC ’11, webapps ’11, and hotCLoUd ’11 June 12–17, 2011, portlanD, OR, USa 20th USENIX securIty symPosium (USENIX securIty ’11) August 10–12, 2011, San Francisco, Ca, USa For a complete list of all USENIX & USENIX co-sponsored events, see http://www.usenix.org/events. oct10covers.indd 2 9.9.10 10:47 AM OPINION Musings 2 Rik FArrOw SYSADMin Teaching System Administration in the Cloud 6 JAN SchAumANN A System Administration Parable: The Waitress and the Water Glass 12 thOmas A. LImoncellI Migrating from Hosted Exchange Service to In-House Exchange Solution 18 contents trOy mckee NETWORKING IPv6 Transit: What You Need to Know 23 Matt ryanczAk SECUritY Secure Email for Mobile Devices 29 brian KirOuAc CoLUMNS Practical Perl Tools: Perhaps Size Really Does Matter 36 DAvid N. Blank-EdeLmAN Pete’s All Things Sun: The “Problem” with NAS 42 Peter Baer GALvIN VOL. 35, #5, Oct Ober 2010 Editor ;login: is the official iVoyeur: Pockets-o-Packets, Part 3 48 Rik Farrow magazine of the DS Ave JO ePhSeN USENIX Association. [email protected] /dev/random: Airport Security and Managing Editor ;login: (ISSN 1044-6397) is Other Myths 53 Jane-Ellen Long published bi-monthly by the Robert G. Ferre LL [email protected] USENIX Association, 2560 Ninth Street, Suite 215, Copy Editor Berkeley, CA 94710. Steve Gilmartin BEook R ViewS Book Reviews 56 [email protected] $90 of each member’s annual Eli zAbeth zwIcky, wIth br andoN chinG dues is for an annual sub- anD sam StOver produCtion scription to ;login:. Subscrip- Casey Henderson tions for nonmembers are Jane-Ellen Long $125 per year. Jennifer Peterson USeniX NOTES USA Wins World High School Programming Periodicals postage paid at Championships—Snaps Extended China typEsEttEr Berkeley, CA, and additional Winning Streak 60 Star Type offices. [email protected] Rob Kolstad POSTMASTER: Send address USEniX assoCiation changes to ;login:, 2560 Ninth Street, USENIX Association, ConFerenCES Suite 215, Berkeley, 2560 Ninth Street, 2010 USENIX Federated Conferences Week: California 94710 Suite 215, Berkeley, 2010 USENIX Annual Technical Conference Phone: (510) 528-8649 CA 94710. FAX: (510) 548-5738 Reports 62 ©2010 USENIX Association http://www.usenix.org USENIX Conference on Web Application http://www.sage.org USENIX is a registered trade- Development (WebApps ’10) Reports 77 mark of the USENIX Associa- 3rd Workshop on Online Social Networks tion. Many of the designations (WOSN 2010) Reports 84 used by manufacturers and sellers to distinguish their 2nd USENIX Workshop on Hot Topics in products are claimed as trade- Cloud Computing (HotCloud ’10) Reports 91 marks. USENIX acknowledges 2nd Workshop on Hot Topics in Storage all trademarks herein. Where those designations appear in and File Systems (HotStorage ’10) this publication and USENIX Reports 100 is aware of a trademark claim, Configuration Management Summit the designations have been Reports 104 printed in caps or initial caps. 2nd USENIX Workshop on Hot Topics in Parallelism (HotPar ’10) Reports 106 ;LOGIN: OctOber 2010 ARTIcLe tItLe 1 OCTOBER_2010_loginarticles_ch.indd 1 9.7.10 2:11 PM As I w As g oIng over the l Ineup of articles for this issue of ;login:, I found my- Rik Fa rrow self thinking about just how cool it is that we have not just virtualization, but services that make it easy to spin up new systems on a moment’s notice. We can use the new “system” for testing, and as soon as we are musings done with it, it is gone. Poof. At the same time, I found myself pondering this Rik is the Editor of ;login:. brave new world, facing the quandaries it creates: [email protected] spinning up VMs is really easy, but how do we manage all these systems? Greybeard I learned system administration the way many people have—through trial and error. I had no mentors, as the people who could manage UNIX systems were still few and far between. I was fortu- nate in one way, though: I was being paid to learn how to manage UNIX systems and to write about it. And the people who were paying me provided systems to play with. I fondly recall sitting in Becca Thomas’s backyard in San Francisco, playing with a Xenix system while drinking a beer. My goal was to understand how dump and restor worked, with a particular focus on dump levels. The man page writer had suggested using a Tower of Hanoi sequence of dump levels, but I wanted, really needed, to know why. I couldn’t just follow some unknown person’s suggestions, as I knew nothing about this person’s reasoning or reputation. I wrote several system manuals for manufacturers of microcomputer-based multi-user UNIX systems, and each time I understood more. Then I ghost- wrote chapters for several books before I started my own. Now that it was my book, I had to use my own computer. I kept it locked inside a special desk that I had designed (lots of ventilation), and added deadbolts with keys for both inside and out to all house doors, to make it more difficult for someone to steal the computer. The physical security seems ridiculous to me today, as the computer really only had value to me—a thief would be hard-pressed to use a UNIX system running System V Release 3 with one megabyte of RAM and 34 megabytes of hard disk. But that was my experimental system, as well as where Thomas and I wrote. Primitive by today’s standards, but a big deal back then. 2 ;LOGIN: vOL. 35, NO. 5 OCTOBER_2010_loginarticles_ch.indd 2 9.7.10 2:11 PM A Wider World I was missing out on a much wider world, but didn’t know it. I also did consulting as a sysadmin, in those few places that needed a small multi-user system. I thought I was working in the real world of UNIX, but individual systems were quickly becoming a thing of the past. When I proposed a title for my book, The Handbook of System Administration, I was stunned to discover that my publisher had contracted with another group to write a similar book, and they had already chosen that name. I later learned that this was Evi Nemeth and friends, whose fourth edition [1] of their book has just arrived, but too late for a review to be included in this issue. Nemeth et al. were taking a very different approach to sysadmin. Their envi- ronment was the University of Colorado in Boulder, and they had access to lots of systems. From my perspective, telling people how to attach vampire taps [2] to thick Ethernet cables seemed far afield from sysadmin, yet this was an important topic in their first edition. And this pointed to something very important that my co-author and I had completely missed. Computers would soon be connected to networks, and only rarely would they be used alone. While our book had an excellent chapter on using UUCP over dialup, they included basic IP networking.