IP-KVM

Slack, Michael michael.slack at dcri.duke.edu
Tue Sep 14 16:50:57 EDT 2004 

One feature of note on the Cyclades and Raritan side (I expect with some
other products as well, but I have not looked at them) concerning your
serial connections is a history buffer.  You can lose your connection or a
system can go down and you will have a history of what happened before the
incident.  (That is, unless I am mistaken, but that is a feature we're
looking at/for.)  Helpful for troubleshooting.

Other features that the more expensive solutions provide are redundant power
supplies, modem access, ACLs, shadow sessions, bandwidth throttling, and
more.  It really comes down to what you need and what you can get by with.

Also, the Raritan line includes a product called IP-Reach which will put a
"head" on our regular KVMs, and potentially save us money.  It demo'd well,
but we still need to investigate it more.

Another question I'd ask is how many concurrent users you expect would need
console level access at the same time.  Worst case scenario.  That'll factor
into your cost.

--Mike

Michael Slack
Duke Clinical Research Institute
(919) 668-8364

-----Original Message-----
From: Francois Dion [mailto:fdion at atriumwindows.com] 
Sent: Tuesday, September 14, 2004 4:13 PM
To: Liyun_Yu at med.unc.edu
Cc: NC*SA Discussion List
Subject: Re: IP-KVM

Liyun Yu wrote:

> Francois Dion wrote:
>
>> What are you trying to achieve? Is this for a Unix, Linux or Windows 
>> environment?
>>
> Remote Access to data center and clients running: Linux, Windows, 
> Unix, and Mac, via IP.
>
That will complicate things unfortunately. Going thru a few things quickly:

VNC as mentionned before will run on all these, but you cant access 
things like the bios on a PC or the system controller on a Sun. You also 
need to have X on your Unix box or linux box (several clustered distros 
and specialised distros dont have X). I like VNC over encrypted tunnel, 
as straight VNC is not safe.

If it was Linux, Unix and Mac (OS X?) then you could simply use SSH 
instead of VNC so you dont have to have X installed everywhere (beside 
you could tunnel X if you really need a windowed application).

Also, all unix boxes should be able to be controlled by something like this:
http://www.baytech.net/products/dsfseries.shtml
If you have some Unix boxes and some cisco equipment you need to access 
remotely then you already have something like that I'm sure. And good 
quality intel (or amd) based boxes also offer serial console access, 
even of the bios (ie, Sun V65x, V20z etc), ideal access for root on 
Solaris x86 or Linux. For those that dont, you can get something like: 
http://www.realweasel.com/intro.html

In the case of Sun ultrasparc based boxes (starting with the little V210 
on up), you dont even need that, just a plain old ethernet switch and 
connect all the network management ports together. Even Sun SAN can be 
managed like that. Groovy.

Then there are all the various KVM solutions. There are so many it's not 
even funny (beside the 5 already mentionned by others, there are 
products by Blackbox,  NTI, Aten, Comutis, Minicom, Rose, Lightwave 
Matrix, Logical, even Belkin and D-Link). KVM can be a mix of vga, DVI, 
Sun, ps/2, usb, serial, and it can be analog or with rasterisation 
(basically a KVM switch running something like VNC or a proprietary 
software).

IMHO, there is no single solution that works well. I'd tackle the 
topology by what type of remote access is possible on any given hardware.

1. All IP manageable (ie. Sun, or those that can be managed with SSH or 
over an SSH tunnel) equipment on an ethernet switch
2. All serial console manageable equipment on something like the above 
baytech or other serial switch
3. Blades thru the vendor management console
4. The rest (mostly Windows boxes) on either:
-VNC (if you dont need bios access),
-IP KVM switch
-a VNC / KVM bridge ( http://www.realvnc.com/products/KVM-via-IP/  or 
http://www.kvmviaip.com/). A VNC/KVM bridge lets you reuse your current 
KVM switch(es).

The last step is bringing it all together. And again, that will depend 
on how many of the various solutions you have to implement and how 
secure you want things to be etc. In my case, I keep all remote access 
segregated and slightly convoluted. :)

Oh, and not even going thru the issue of cables...

Hope this helps,

-- 
Francois Dion
Atrium Windows & Doors
A Division of Atrium Companies


_______________________________________________
ncsa-discussion mailing list
ncsa-discussion at ncsysadmin.org
http://www.ncsysadmin.org/mailman/listinfo/ncsa-discussion

More information about the ncsa-discussion mailing list