KVM over IP Suggestions?

Daniel Senie dts at senie.com
Tue Aug 23 04:54:47 UTC 2005


At 12:41 PM 8/22/2005, Aaron Glenn wrote:

>On 8/22/05, Simon Hamilton-Wilkes <simon at jettis.com> wrote:
> >
> > They support P/S2 / USB / Sun and serial - though are a very expensive
> > way to do serial.
>
>And (last time I looked, at least) they required an expensive,
>proprietary, Windows-only authentication server (DSView) in addition
>to the client software licenses and hardware costs.

Avocent makes several products in the KVM/IP space. Not all of them 
are tied to Windows Server authentication. At the low end, they've 
got a sub-$1000 single port box that works nicely for front-ending 
existing KVM switches that have on-screen controls.

We've used and tested 4 or 5 products in this "single port" space. 
Results have been fair, bad and ugly. I would not consider any of 
them to be acceptable or better.

There are several issues. As someone else noted, these usually push a 
viewer to you over either Java or Active-X. The little Avocent uses 
Active-X, so I have to remember to load up IE before accessing it.

Internal authentication is, in my experience, essential. After all, 
if you're connecting in to deal with the server that's doing your 
authentication, you're screwed, yes, there are likely expensive ways 
to avoid that situation.

Serial redirection and terminal servers are an option, but only if 
all of your servers support that.

VNC isn't an option, unless you like your terminal sessions going 
over unencrypted pipes or set everything up to tunnel over SSH or VPN.

Solutions that use VNC direct to the target server are insufficient. 
If you can't talk to the BIOS of a server that's not feeling well, 
what's the point? Once a server is actually up, SSH into the server 
gets you all you need, or VNC over SSH if you must do some graphics.

Mouse control: all of the KVM/IP products we've tested have had 
serious issues with mouse control. With Windows boxes, we generally 
do our best to get boxes far enough up to use RDP, and switch to that 
because it's much cleaner. With Linux machines we find this less of 
an issue as we don't run consoles in graphics mode, thus bypassing 
the mouse sync issue.

For the original poster, if you want to have the ability to let 
customers at the console of their server, but not others, you're 
going to be stuck using expensive equipment, with the ability to 
handle multiple simultaneous users, or go with servers that have 
KVM/IP as an on-board option (Intel's is the one I'm personally 
familiar with. Someone else mentioned Dell has such too).

We made the move to KVM/IP and APC power cycling/control equipment a 
few years back and have never regretted doing so.

Dan 




More information about the NANOG mailing list