[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OOB

Subject: OOB
From: paul4004 at gmail.com (PC)
Date: Wed, 27 Jul 2011 14:42:29 -0600
In-reply-to: <CAL9jLaZ0So34Am_JLddtSsGbVSXVK=aW6uyoWcY8XTNGwMv4iw@mail.gmail.com>
References: <CAB_zYd+Dswo=+YXSDz9qW4EKXX0LZE8i66rYDjFH+hXmhDpH5g@mail.gmail.com> <018501cc4b9c$bdb1f6c0$3915e440$@org> <CAL9jLaYN5g=UTHWtSE-v34Y-eTqgtthEejE49q9Hck1CNKiWDw@mail.gmail.com> <[email protected]> <CAL9jLaZ0So34Am_JLddtSsGbVSXVK=aW6uyoWcY8XTNGwMv4iw@mail.gmail.com>

If you can make a phone call, it generally works acceptable enough for a
basic SSH session.  Lock the session at 1xrtt (if using CDMA) if you still
have problems (slow) and it will use what amounts to a voice channel.  In
the USA, Verizon 4g LTE also offers some better in-building penetration
simply due to the spectrum used (700mhz).

On the 3g deployment I did, I built an ipsec vpn to the provider and have a
private IP assigned directly to the cellular device instead of individual
VPNs per-console server.

As for Equinox in particular, you might be able to use the house wifi
instead for your VPN...

Many vendors have 3g/wifi console servers (or both) that auto-vpn home.  I
can't see a good reason to use analog lines anymore unless 3g isn't
serviceable at the location.  If you can't afford a 3g device, you can roll
your own with any cheap router running DD-WRT or OpenWRT + usb ports +
usr/serial dongles.  Use "ser2net" to handle the interface between TCP and a
serial port (but one could connect and use screen/whatever if they wanted).

On Tue, Jul 26, 2011 at 8:33 PM, Christopher Morrow <morrowc.lists at gmail.com
> wrote:

> On Tue, Jul 26, 2011 at 5:34 PM, M?ns Nilsson <mansaxel at besserwisser.org>
> wrote:
> > Subject: Re: OOB Date: Tue, Jul 26, 2011 at 10:14:21AM -0400 Quoting
> Christopher Morrow (morrowc.lists at gmail.com):
> >> On Tue, Jul 26, 2011 at 10:03 AM, Paul Stewart <paul at paulstewart.org>
> wrote:
> >> > We do everything in-band with strict monitoring/policies in place.
> >>
> >> what do you do if your in-band fails? if a router/switch/ROADM is
> >> isolated from the rest of your network?
> >> (isn't that the core point of the OP?)
> >
> > Vendor C sells nice small routers with something like CAB-OCTAL-ASYNC
> > _and_ a 3G modem instead of the BRI port. The 3G modem keeps its
> > connection up (our telecom provider has true flat rate on domestic 3G,
> > YMMV) and VPN's to the head office much like any other telecommuter. This
> > cuts through all telco stupidity with firewalled or NAT'ed 3G phones
> > etc, especially if one uses the break-out-from-hotel-LAN functions of
> > the VPN system. The router of course actively keeps the VPN up and
> > reestablishes it if needed.
>
> how well does that work inside a big metal box like equinix?
>
> You are, of course, just making a singular point: "Find something to
> make yourself an OOB network, hey this thing does vpn over 3g, neato!"
> I agree, it's neat.. it may not fit all square holes, sometimes you
> need a round or triangle shaped plug.
>
>

References:
- OOB
  - From: harbor235 at gmail.com (harbor235)
- OOB
  - From: paul at paulstewart.org (Paul Stewart)
- OOB
  - From: morrowc.lists at gmail.com (Christopher Morrow)
- OOB
  - From: mansaxel at besserwisser.org (Måns Nilsson)
- OOB
  - From: morrowc.lists at gmail.com (Christopher Morrow)

Prev by Date: dynamic or static IPv6 prefixes to residential customers
Next by Date: Comcast Bussiness Class and GRE Tunnels
Previous by thread: OOB
Next by thread: OOB
Index(es):
- Date
- Thread