Hi folks,
I wonder if anyone has good experiences to share with out-of-band hardware?
I'm looking for a good OOB hardware vendor. I need to manage my routers/switches/firewalls in a datacenter located overseas, and I'm looking to setup a good serial console server via an OOB link.
I've been looking at Lantronix, OpenGear, Raritan...but they all seem to have the same basic features. I'm having trouble really differentiating them.
I'm interested in analog modem, cellular options for my OOB link. Or even a secondary internet circuit either wired or wifi if the DC has that option available.
Any good suggestions or experiences with a current OOB solution out there? What are you doing for your OOB management?
thanks,Hank
Opengear's stuff works great; I believe they have models that support
modem on serial port to complement the built-in cell connection. I
really like the cell stuff; you can have the device keep the data side
of the cell interface down for security and send it a text message to
bring it hot so you can ssh in. It supports key-based auth,
firewalling, you can chain a serial hub to it if you need a whole bunch
of ports, you can map ssh ports to serial ports so you can just ssh
directly to the device you need to talk to, etc. On the newer devices,
and this is not 'officially supported' but you can do it yourself or
even pay them to do it, you can set the different Ethernet ports on the
device to different subnets, or even do vlan tagging since it's all just
linux when it comes down to it. We use their ACM5500 series to get
cell-based out of band for our serial devices and also stick it on four
different vlans so that it can get to things that require network-based
management even if there's a routing issue.
If you're in a noisy data center, or one that has thick walls, I've
found a high gain antenna makes a world of difference, but takes some
playing around with the web interface to watch your signal levels while
you turn the antenna to find the strongest tower to point it in the
direction of.
David
We have both lantronix and opengear hardware and use the og brand almost
exclusively now. Good price, extremely reliable. We have about 200 of
them.
Lantronix is pretty solid if it doesn't have issues with your hardware.
I have a bunch of older Dell boxes where turning on virtual media makes them stall indefinitely on the boot prompt.
Though, for serial only stuff -- it should be pretty good.
Using open gear exclusively now...no real issues with it.
Same here, dozens of opengear devices deployed, about half with cellular,
only issue we ever had 1 DOA (not totally dead, but behaving really badly)
unit and they sent an overnight replacement since we were on the road
visiting a remote site.
Thinklogical Sentinel is great. CLI access via ssh, web access, modem for
dial in and two ethernet ports for redundant network access, supports up to
32 devices and is dc/ac http://www.thinklogical.com/sentinel
We're really pleased with the Perle IOLAN line. They even have a gigabit
port without a $10k price tag. Amazing!
It really dumbfounds me why so many vendors are still putting 10/100
Ethernet ports on their OOB management (looking at you OpenGear).
Especially a PITA today since many switchports today don't support links
speeds less than a gigabit.
-richard
OpenGear's newer stuff is Gigabit (SFP even).
I've not seen any real switch made in the last decade that has a problem with 100Mb/s connections. Ancient cisco, maybe had issues.
thanks,
-Randy
There's several devices that are 1/10Gb and do NOT support 10/100Mb. Cisco Nexus 5000/5500s, Brocade VDX series stuff, etc.
In our new data center, the only 10/100 ports are a couple blades in our Nexus 7018s put there just to provide these lower-speed connections to devices that needed them. Expensive options in a fully loaded chassis just for a couple lower-end devices that could easily justify a couple dollars more to get a Gig PHY instead of the older 100Mb PHY chip.
Jeremy "TheBrez" Bresley
There is no technical reason why subrateSFP and subrateSFP+ couldn't exist,
which is 1GE or 10GE towards host and offers 10/100/1000 towards client.
Obviously the optic would be significantly more expensive than normal optic,
as it needs to do lot more, including buffering. But if 1GE optic costs 10EUR,
this subrate optic could easily cost 100EUR.
Just needs some optic vendor to figure out if there is sufficient market for
it.
Randy suggested it is untypical these days to find kit which does not
understand multirate, my experience is the opposite, it's getting rarer to
find multirate support.
Even in cases when they do it, it's often supposedly mode in SGMII where it
can be instructed to send same bit 10 times, allowing cheap 1/10th rate.
We used old fashioned Cisco 2500's with octal cables. Old school for small deployments.
We have toyed with the idea of trying to obtain OOB access via 3G/4G instead of using a dialup modem. Has anyone tried that and if so, what hardware would you recommend?
We're using VerizonWireless CradlePoints, Fortigate 80C firewalls, and Digi CM32's for our OOB solution.
There were a few times when VerizonWireless went down, but at those times we did not have the emergency need to be on the OOB network.
It's a simple setup and not too costly. We got the CM32s on eBay for $50/ea, not too bad.
We also have one site with a 2500 and octal cables, which is rock solid.
Lately I've been getting a lot of SPAM for 3rd party OOB management solutions. So there seem to be plenty of alternatives to a good OOB setup.
Petter Bruland | Network Engineer
Allegiant Travel Company
8360 S. Durango Drive, Las Vegas, NV 89113
Phone: (702) 874-3332 | Cell: (702) 286-6549
petter.bruland@allegiantair.com
http://www.allegiantair.com
OpenGear's newer stuff is Gigabit (SFP even).
I've not seen any real switch made in the last decade that has a problem with 100Mb/s connections. Ancient cisco, maybe had issues.
there are a substantial number of 10Gb/s switch that cannot do tri-rate
on copper sfps.
in previous $job oob--ilo-ports doing WOL/ and cdu(s) were the annoying
100Mbs/s only devices. terminal servers (all advocent in this case) made
the jump aleady.
Cisco 1921 w/ LTE WAN interface have worked fantastic us.
Dell - Internal Use - Confidential
Just ran into that exact problem with Cisco Nexus 2232TM-E FEX's. They only do 10Gb/1Gb and won't step down to 100Mb. Couldn't connect some newer gear's Ethernet management ports to the management network as a result and have to get a different model FEX like the 2248TP-E just for that. The devices in question are current generation too and only support 100Mb for the management ports. My question was less about why the 2232TM-E's couldn't step down to 100Mb, but rather why in this day and age do we have something that doesn't do 1Gb, even on a management port?
-Vinny
From: Vinny_Abello@Dell.com [mailto:Vinny_Abello@Dell.com]
Just ran into that exact problem with Cisco Nexus 2232TM-E FEX's. They only
do 10Gb/1Gb and won't step down to 100Mb. Couldn't connect some newer
gear's Ethernet management ports to the management network as a result
and have to get a different model FEX like the 2248TP-E just for that. The
devices in question are current generation too and only support 100Mb for
the management ports. My question was less about why the 2232TM-E's
couldn't step down to 100Mb, but rather why in this day and age do we have
something that doesn't do 1Gb, even on a management port?
It's not just you guys at Dell. HP are still doing the same thing with iLO ports (for dedicated iLO ports anyway, shared ports (which are a whole new level of WTF were you thinking?) are normally 1gb and will operate just fine at that connection rate).
Jamie
Dell - Internal Use - Confidential
Just to clarify, it wasn't a Dell product I was referring to, but rather the Ethernert management port of a Brocade fibre channel switch... which again, why only 100Mb? Is there that much of a cost difference when mass producing this stuff?
Dedicated ports on our iDRACs are 1Gb for OOB on the iDRAC7 (latest generation), but everything prior was 100Mb, I think. Dell does shared ports as well, but I personally always use the dedicated ports. That being said, I have nothing to do with any group in the hardware side of Dell at all.
-Vinny
You sent me this by mistake.
I have deleted all of the instances of it that know of.
Why does the NANOG forwarder forward these things?