Eight miles straight up downtown somewhere.

[reddragdiva]

Dear Lazyweb,

I beg the assistance of your expertise. Please tell me what I need to know about remote serial console servers. We have seven Suns at present and would just go for a null modem cable on some PC's serial port at this stage — this was certainly all I and my laptop, a.k.a. Expensive Serial Console, needed at Ericsson — but we might be getting quite a few more Sun boxes minus vidyer cards (ew) and need something for them. I have been asked to write up a shiny consultant document. At what stage do you need one, what brands or models did you like or need to stay away from and what sorta cash did you fork out?

(Four of the Suns have graphical consoles [ew]. This question only came up because the three new ones don't.)

Comments

[bob]

i really like our cyclades t2000.
it takes normal ethernet and they will sell you the right adapters for your machines.

Weve got ours setup so we can ssh to it. it rocks.
we also have amodem attached so we conenct even if the netowrking has gone down.

http://www.cyclades.co.uk/

[bob]

make sure anything you buy is sun break safe. like the cyclades.
dont buy what black box sell as terminal server.
cisco wont admit to it but you can make one their things work as one. however they are lots of money.

Since you already have about 7 you need a terminal server already imho.
the fun of being able to power up and down machines remotely never becomes boring.

I think we paid about 2k for our cyclades

[reddragdiva]

Yeah, I think a console server is a better idea, though we presently have four of the boxes on ... graphical console. (ew.) Dialing in is already in place, so connecting to the console server from that should be no problem. Being Sun break-safe is the sort of thing I needed to know that hadn't occurred to me!

Local government is its own little world and technology frequently passes it by. One of my functions is to be an emissary from the world of current knowledge. Crikey!

[hellsop.livejournal.com]

Most successful terminal server I've heard of lately was a BSD box, a multiport serial board, and conserver.

This program provides a convenient way to manage many remote serial
consoles for machines. A server (conserver(8)) runs on each server
machine and it connects to the specified serial port. It can log,
provide shared access to remote consoles, etc. If there are multiple
machines running conserver(8), a master conserver(8) can be run to
connect to all the slave servers, providing a single point of access
to the entire cluster.

This is very handy for remote unattended OpenBSD servers. It can
send serial break signals (if the driver supports it, cy does not!)
which is useful for breaking into DDB on hung machines.

[reddragdiva]

I did consider that! Depends what sort of cost it is to do it Properly. The hard part is a serial card with enough ports — they're not the sort of thing that grows on trees these days. Mind you, a 486 with six ISA serial cards would make a perfectly good twelve-port console server — it's hardly a CPU- or memory-intensive application (modulo SSH).

[http://users.livejournal.com/_nicolai_/]

Yeah, but there's much more to go wrong. Serial console servers are sold because they're tested and reliable.

[reddragdiva]

Yeah. This is a good reason to do it properly if we're going to bother at all.

[ewen]

There are still a bunch of companies making multi-port serial cards. Even as PCI cards. They're definitely not cheap (last time I priced it, a reasonable new PC and a 16-port PCI serial card cost about the same as a console server), but they do exist.

If you're willing to use ISA -- ie, actually have hardware you still trust to stay running that has ISA ports -- you can probably pick up a bunch of 4-port serial cards on eBay or similar for almost nothing. (Last one I bought was about NZ$20 - about GBP7. Of course now I have no machines with ISA left in use...)

The main thing I'd say is make sure the machine has enough CPU to do ssh reasonably. 'cause being a console you're going to be sending root passwords, etc, through it, and it'd be best not to do that over the network in the clear.

Ewen

[ewen]

For example:

http://www.digiboard.com/products/multiportserialcards/

is pretty well known for mutli-port serial cards. And they've still got a bunch there. (They also make terminal servers these days, although I've not looked at the details of those.)

Ewen

[ewen]

As someone else observed, beware of the serial break signal that gets sent (or at least perceived by a Sun system) and causes a Sun system to drop into its boot rom, waiting for someone to type "go", anytime the thing at the other end of the serial port resets. Many -- but not all -- serial console servers have a work around for this issue. But a random PC at the other end of a null modem cable may well cause that sort of behaviour.

And FWIW at seven Suns, I'd say you already need a serial console server. They're really very handy. If you get one that supports "connect to TCP port and you see output of serial port" (and vice versa), then you can use something like conserver to manage and monitor the ports. It runs persistently so you can connect and "replay" what happened. Very handy for dealing with messages spat out to the console that no one was there to see. (And "console MACHINENAME" is much more handy than having to go cable something up.)

As for brands, I'm not really sure what to recommend that's current. I've tended to use old Equinox terminal servers, which while they're not ideal, had the advantage of being very cheap second hand :-) Being able to ssh to your console server would definitely be a win though.

I've heard of ghetto setups which have a USB hub and a bunch of USB-serial devices in them, and then use conserver or something like that to manage it all. But I'm not sure how they do on the supressing-unwanted-breaks front.

Ewen

[http://users.livejournal.com/_nicolai_/]

Some USB->serial devices can't send breaks, they're the cheap ones aimed at serial-connected PDA users. They suck.
Keyspan USA19-HS is the way to go for USB serial ports, every time.

[http://users.livejournal.com/_nicolai_/]

Cyclades seems to mostly work, if you get the right connectors. It's got a million knobs to twiddle for each serial connection, which is mostly bad but might be useful.
You need the right connector and making them by using the hand-assembled RJ45 to DB9 connectors is hard to get right (i.e., I couldn't get it working), so you have to buy them from Cyclades at 6 quid a pop.
Ciscos with async cards don't have this problem, and as you can now set the alternate break character easily on solaris you may as well use them. If you already have a cisco, that may be an easier way to go.

[lithiana.livejournal.com]

i like our logical solutions box. its quite pricey though. (but sun break safe).

we have cyclades at yahoo, and they seem to work, except there doesn't seem to be any kind of buffer when you aren't connected, which makes it hard to see why a machine died.

[http://users.livejournal.com/_nicolai_/]

Um, according to the manual of the one we've got, you can have a circular buffer, or linear (blocks more data with flow control on the serial port until the buffer contents are written someplace), and have them log the data to syslog.

[lithiana.livejournal.com]

hmm, it's probably a configuration thing then - we only get to use these, not manage them...

[sbp.livejournal.com]

Yeah, I set that up on the Cyclades I was using at the last place. Works quite well and is dead useful. e.g. to capture someone's session when they've logged in as root on the console.

[simonb.livejournal.com]

We've got a couple of DigiCM's at work and I've been pretty happy with them - having 48 RJ45 serial consoles in a 1U box is nice. Its basically an embedded Linix server with support for things like modem dial-in et al.

WRT my usage, useful features they provide are:

• Supports ssh with different consoles being on different ports - thus I've got ours configured so that port 2001 is the first console port, port 2002 is the second, etc. That combined with some DNS abuse and some sh means that I can type console avon and get the console of the server avon.
• Supports public key auth for ssh
• The RJ45 ports are wired so that with modern Cisco kit and Suns which have an RJ45 console you can use a standard patch cable
• Support the use of setting an escape code to send a BREAK

They also have a five year warrenty which is useful.

We got ours from a company called Entrix. The prices range from around £970 for the 8 port version up to around £2600 for the 48 port version. Those are prices based on us being a charity (or a learning centre, or an educational place, or ..... (we use whichever gets the best discount!)).

[bramsmits.livejournal.com]

cyclades tends to work and doesn't have too many tentacles. I've also had decent luck with Avocent. Some creativity with cisco kit (fr'ex a lots-of-serials 2500) can be a cheapo alternative if you happen to have that kind of stuff gathering dust.

At what stage you need them is up to you; personally I feel that having to swap cables and traipse down to the data room gets old real fast so my answer would be "more than 2 or 3 of them, especially if there's more than one admin and/or they're out of arms reach". If the willingness to cough up money is there, why not make your (coworkers) life easier?

[mikewd]

If they're going for new Suns it's probably worth recommending they go for ones with the network accessible Lights Out Management modules. That way you don't need to support any more serial ports then your already have.

The only issue is they only support telnet access, so for security you may need an isolated management network and something on it to do SSH to Telnet conversion, but that could be any old Cisco router with a crypto image.

[usufructer.livejournal.com]

First time I've ever seen anyone other than jwz do the lazyweb thing and have it work. Congratulations.

[reddragdiva]

Know Your Audience. There are enough BOFHs here who jump on any opportunity to pontificate on hardware crapness versus tolerability. _nicolai_ is reliably good value for this, for instance. I lured half these people onto LJ in the first place, or lured on the person who lured them on.

[arkady.livejournal.com]

And I lured you on. :-)

[reddragdiva]

Now you know why to maintain an extensive friends list ;-)

[arkady.livejournal.com]

Indeed. And just keep spreading the virus love....

[zonereyrie.livejournal.com]

When I worked at Livingston there were a number of people doing this with PortMasters. And PMs can be hard for dirt cheap now on eBay, etc.

[rbarclay.livejournal.com]

PM 2E's were what we used back at $ISP. Not coincidentally, it's also what we got for our current gig.

[vatine]

We used to use a wild and varied assortment of console servers, but we certainly didn't have Suns on the other end. Trust me, a linux box on stock PC hardware (or a Cisco router or switch) doesn't, in general, care much if you spew serial breaks down the line (IIRC, it's short short-circuit of the send and receive lines).

Sun break safety

[matt-trout.livejournal.com]

I have (don't ask why) a win2k server box acting as occasional console onto the Netra here; having finally come to the conclusion that there was no way I was going to make the bugger not send break signals at inopportune moments, I did a little asking about and ending up with the following line in rc.local -

kdb -a disable # disables STOP-A stupidity. waswas, I love you

at which point you can stick any damn console you like onto the thing and it won't do the 'ok prompt' dance unexpectedly - and if you still need the LOM ~. (or whatever the break sequence has been set to) will still get to it.

Re: Sun break safety

[reddragdiva]

Ah yes, switching off break could be most useful!