IP-KVM
Slack, Michael
michael.slack at dcri.duke.edu
Tue Sep 14 16:50:57 EDT 2004
One feature of note on the Cyclades and Raritan side (I expect with some
other products as well, but I have not looked at them) concerning your
serial connections is a history buffer. You can lose your connection or a
system can go down and you will have a history of what happened before the
incident. (That is, unless I am mistaken, but that is a feature we're
looking at/for.) Helpful for troubleshooting.
Other features that the more expensive solutions provide are redundant power
supplies, modem access, ACLs, shadow sessions, bandwidth throttling, and
more. It really comes down to what you need and what you can get by with.
Also, the Raritan line includes a product called IP-Reach which will put a
"head" on our regular KVMs, and potentially save us money. It demo'd well,
but we still need to investigate it more.
Another question I'd ask is how many concurrent users you expect would need
console level access at the same time. Worst case scenario. That'll factor
into your cost.
--Mike
Michael Slack
Duke Clinical Research Institute
(919) 668-8364
-----Original Message-----
From: Francois Dion [mailto:fdion at atriumwindows.com]
Sent: Tuesday, September 14, 2004 4:13 PM
To: Liyun_Yu at med.unc.edu
Cc: NC*SA Discussion List
Subject: Re: IP-KVM
Liyun Yu wrote:
> Francois Dion wrote:
>
>> What are you trying to achieve? Is this for a Unix, Linux or Windows
>> environment?
>>
> Remote Access to data center and clients running: Linux, Windows,
> Unix, and Mac, via IP.
>
That will complicate things unfortunately. Going thru a few things quickly:
VNC as mentionned before will run on all these, but you cant access
things like the bios on a PC or the system controller on a Sun. You also
need to have X on your Unix box or linux box (several clustered distros
and specialised distros dont have X). I like VNC over encrypted tunnel,
as straight VNC is not safe.
If it was Linux, Unix and Mac (OS X?) then you could simply use SSH
instead of VNC so you dont have to have X installed everywhere (beside
you could tunnel X if you really need a windowed application).
Also, all unix boxes should be able to be controlled by something like this:
http://www.baytech.net/products/dsfseries.shtml
If you have some Unix boxes and some cisco equipment you need to access
remotely then you already have something like that I'm sure. And good
quality intel (or amd) based boxes also offer serial console access,
even of the bios (ie, Sun V65x, V20z etc), ideal access for root on
Solaris x86 or Linux. For those that dont, you can get something like:
http://www.realweasel.com/intro.html
In the case of Sun ultrasparc based boxes (starting with the little V210
on up), you dont even need that, just a plain old ethernet switch and
connect all the network management ports together. Even Sun SAN can be
managed like that. Groovy.
Then there are all the various KVM solutions. There are so many it's not
even funny (beside the 5 already mentionned by others, there are
products by Blackbox, NTI, Aten, Comutis, Minicom, Rose, Lightwave
Matrix, Logical, even Belkin and D-Link). KVM can be a mix of vga, DVI,
Sun, ps/2, usb, serial, and it can be analog or with rasterisation
(basically a KVM switch running something like VNC or a proprietary
software).
IMHO, there is no single solution that works well. I'd tackle the
topology by what type of remote access is possible on any given hardware.
1. All IP manageable (ie. Sun, or those that can be managed with SSH or
over an SSH tunnel) equipment on an ethernet switch
2. All serial console manageable equipment on something like the above
baytech or other serial switch
3. Blades thru the vendor management console
4. The rest (mostly Windows boxes) on either:
-VNC (if you dont need bios access),
-IP KVM switch
-a VNC / KVM bridge ( http://www.realvnc.com/products/KVM-via-IP/ or
http://www.kvmviaip.com/). A VNC/KVM bridge lets you reuse your current
KVM switch(es).
The last step is bringing it all together. And again, that will depend
on how many of the various solutions you have to implement and how
secure you want things to be etc. In my case, I keep all remote access
segregated and slightly convoluted. :)
Oh, and not even going thru the issue of cables...
Hope this helps,
--
Francois Dion
Atrium Windows & Doors
A Division of Atrium Companies
_______________________________________________
ncsa-discussion mailing list
ncsa-discussion at ncsysadmin.org
http://www.ncsysadmin.org/mailman/listinfo/ncsa-discussion
More information about the ncsa-discussion
mailing list