KVM over IP Suggestions?
Daniel Senie
dts at senie.com
Tue Aug 23 04:54:47 UTC 2005
At 12:41 PM 8/22/2005, Aaron Glenn wrote:
>On 8/22/05, Simon Hamilton-Wilkes <simon at jettis.com> wrote:
> >
> > They support P/S2 / USB / Sun and serial - though are a very expensive
> > way to do serial.
>
>And (last time I looked, at least) they required an expensive,
>proprietary, Windows-only authentication server (DSView) in addition
>to the client software licenses and hardware costs.
Avocent makes several products in the KVM/IP space. Not all of them
are tied to Windows Server authentication. At the low end, they've
got a sub-$1000 single port box that works nicely for front-ending
existing KVM switches that have on-screen controls.
We've used and tested 4 or 5 products in this "single port" space.
Results have been fair, bad and ugly. I would not consider any of
them to be acceptable or better.
There are several issues. As someone else noted, these usually push a
viewer to you over either Java or Active-X. The little Avocent uses
Active-X, so I have to remember to load up IE before accessing it.
Internal authentication is, in my experience, essential. After all,
if you're connecting in to deal with the server that's doing your
authentication, you're screwed, yes, there are likely expensive ways
to avoid that situation.
Serial redirection and terminal servers are an option, but only if
all of your servers support that.
VNC isn't an option, unless you like your terminal sessions going
over unencrypted pipes or set everything up to tunnel over SSH or VPN.
Solutions that use VNC direct to the target server are insufficient.
If you can't talk to the BIOS of a server that's not feeling well,
what's the point? Once a server is actually up, SSH into the server
gets you all you need, or VNC over SSH if you must do some graphics.
Mouse control: all of the KVM/IP products we've tested have had
serious issues with mouse control. With Windows boxes, we generally
do our best to get boxes far enough up to use RDP, and switch to that
because it's much cleaner. With Linux machines we find this less of
an issue as we don't run consoles in graphics mode, thus bypassing
the mouse sync issue.
For the original poster, if you want to have the ability to let
customers at the console of their server, but not others, you're
going to be stuck using expensive equipment, with the ability to
handle multiple simultaneous users, or go with servers that have
KVM/IP as an on-board option (Intel's is the one I'm personally
familiar with. Someone else mentioned Dell has such too).
We made the move to KVM/IP and APC power cycling/control equipment a
few years back and have never regretted doing so.
Dan
More information about the NANOG
mailing list