http://www.vix.com/personalcolo/ http://www.vix.com/personalcolo/ http://www.vix.com/personalcolo/ notes: (1) even in germany they call them "19 inch" racks, thus setting the clock back several decades. (2) i'm very interested in listing more non-US locations (3) i'm interested in listing more locations, period (4) further additions, or any changes, should be sent in HTML source format (5) what a great community -- i've learned a LOT in the last four days!
In message <20040318025316.7345B14CB1@sa.vix.com>, Paul Vixie writes:
http://www.vix.com/personalcolo/ http://www.vix.com/personalcolo/ http://www.vix.com/personalcolo/
notes:
(1) even in germany they call them "19 inch" racks, thus setting the clock back several decades.
(2) i'm very interested in listing more non-US locations
(3) i'm interested in listing more locations, period
(4) further additions, or any changes, should be sent in HTML source format
(5) what a great community -- i've learned a LOT in the last four days!
Thanks -- an excellent resource. One thing you may want to devote a bit more text to: what are typical provisions for remote hands at these places? In the intro, you allude to that as a problem with home-located machines, but I have no idea what the colo facilities do in such cases. Btw -- in Seoul, I noticed that some TV sets there have their screen size measured in inches. The contamination is spreading... --Steve Bellovin, http://www.research.att.com/~smb
Steven M. Bellovin wrote:
One thing you may want to devote a bit more text to: what are typical provisions for remote hands at these places?
I agree, lack of interactive access to a system prior to a functional OS being loaded always seemed like a potential problem area to me, particularly for something based on common PC architecture. I looked a bit deeper in to 1&1's offering (link on Paul's site) and it seems like they have a good setup- instant reboot of a system from a web interface, and also the ability to start some sort of remote recovery tool enabling file system checks and complete system recovery if necessary. The main thing that's always put me off paying for colocation is the threat of attacks against the system, and not so much the integrity of the data (because obviously I wouldn't keep anything important on it) but more the bandwidth liability. 1&1 state clearly that they account for every byte to/from the NIC so just one unfortunate packet flood could see me paying a lot more than their reasonable monthly fee... Chris -- Support bacteria, it's the only culture some people have.
lists@txrx.org (TxRx Lists) writes:
One thing you may want to devote a bit more text to: what are typical provisions for remote hands at these places?
that's one item. others are serial console access, remote power cycle, whether an appointment/escort is required for on-site visits... i can add a row of checkboxes on every entry, but first i'm interested in further normalizing the bandwidth column. and it's looking like i'll need some kind of unpublished e-mail address for each submitter, since a lot of them only advertise phone numbers and i'll need a way to ask for updates when new columns are added. maybe this has to become a database... yipe!
I agree, lack of interactive access to a system prior to a functional OS being loaded always seemed like a potential problem area to me, particularly for something based on common PC architecture.
http://www.realweasel.com/ is your friend. (isc has about a dozen of 'em.)
The main thing that's always put me off paying for colocation is the threat of attacks against the system, and not so much the integrity of the data (because obviously I wouldn't keep anything important on it)
not so obvious. my colo'd boxes have everything i care about, and they copy it between eachother at night by cron entries. my definition of "safe" is multiple copies on diverse power grids.
but more the bandwidth liability. 1&1 state clearly that they account for every byte to/from the NIC so just one unfortunate packet flood could see me paying a lot more than their reasonable monthly fee...
agreed. my preference has been for bandwidth limiting and fixed prices. -- Paul Vixie
In message <g3d67ag03k.fsf@sa.vix.com>, Paul Vixie writes:
I agree, lack of interactive access to a system prior to a functional OS being loaded always seemed like a potential problem area to me, particularly for something based on common PC architecture.
http://www.realweasel.com/ is your friend. (isc has about a dozen of 'em.)
Realweasel is a great idea if you can afford it -- but the PCI version lists for $350, which is as expensive as some used 1U servers on EBay. --Steve Bellovin, http://www.research.att.com/~smb
On Thu, Mar 18, 2004 at 09:07:31AM -0500, Steven M. Bellovin wrote:
In message <g3d67ag03k.fsf@sa.vix.com>, Paul Vixie writes:
I agree, lack of interactive access to a system prior to a functional OS being loaded always seemed like a potential problem area to me, particularly for something based on common PC architecture.
http://www.realweasel.com/ is your friend. (isc has about a dozen of 'em.)
Realweasel is a great idea if you can afford it -- but the PCI version lists for $350, which is as expensive as some used 1U servers on EBay.
Is there an effective alternative? All the intel "servers" these days seem to have one of those handy-dandy (note: sarcasm) ethernet ports variously called "integrated lights-out (ILO)" or "lights-out management (LOM)", etc. I am dismayed that intel-based server vendors haven't noticed the decades-old trend of having serial ports for emergency/remote access. Kelly
On Thu, 18 Mar 2004, Kelly Setzer wrote:
On Thu, Mar 18, 2004 at 09:07:31AM -0500, Steven M. Bellovin wrote:
In message <g3d67ag03k.fsf@sa.vix.com>, Paul Vixie writes:
I agree, lack of interactive access to a system prior to a functional OS being loaded always seemed like a potential problem area to me, particularly for something based on common PC architecture.
http://www.realweasel.com/ is your friend. (isc has about a dozen of 'em.)
Realweasel is a great idea if you can afford it -- but the PCI version lists for $350, which is as expensive as some used 1U servers on EBay.
Is there an effective alternative? All the intel "servers" these days seem to have one of those handy-dandy (note: sarcasm) ethernet ports variously called "integrated lights-out (ILO)" or "lights-out management (LOM)", etc.
I am dismayed that intel-based server vendors haven't noticed the decades-old trend of having serial ports for emergency/remote access.
serial ports work fine for pc consoles in general, once your bootloader takes over you can display pretty much everything over there... some vendors provide options to map the bios display on the serial ports (supermicro) it's doesn't work for the bioses of some raid controllers however, a pc-weasel will handle that condition fine,and the pc-weasel can also do a hardware re-set of the whole machine to restart a hung box... They don't work so well if you only have one pci slot which you need for a raid controller or if as I found out recently someone reconfigures the terminal server and inadvertantly locks you out when you need it most.
Kelly
-- -------------------------------------------------------------------------- Joel Jaeggli Unix Consulting joelja@darkwing.uoregon.edu GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
Hello All , On Thu, 18 Mar 2004, Joel Jaeggli wrote:
On Thu, Mar 18, 2004 at 09:07:31AM -0500, Steven M. Bellovin wrote: ...snip... Is there an effective alternative? All the intel "servers" these days seem to have one of those handy-dandy (note: sarcasm) ethernet ports variously called "integrated lights-out (ILO)" or "lights-out management (LOM)", etc. I am dismayed that intel-based server vendors haven't noticed the decades-old trend of having serial ports for emergency/remote access. serial ports work fine for pc consoles in general, once your bootloader takes over you can display pretty much everything over there... some vendors provide options to map the bios display on the serial ports (supermicro) it's doesn't work for the bioses of some raid controllers however, a pc-weasel will handle that condition fine,and the pc-weasel can also do a hardware re-set of the whole machine to restart a hung box... They don't work so well if you only have one pci slot which you need for a raid controller or if as I found out recently someone reconfigures the terminal server and inadvertantly locks you out when you need it most. Tyan (& another I can't remember now) have console forwarding to
On Thu, 18 Mar 2004, Kelly Setzer wrote: the com1 port . This MB is available in PenguinComputing's 1u & 2u systems . They run *BSD just fine as well . Hth , JimL
-- +------------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | 3542 Broken Yoke Dr. | Give me Linux | | babydr@baby-dragons.com | Billings , MT. 59105 | only on AXP | +------------------------------------------------------------------+
On Thu, 18 Mar 2004, Mr. James W. Laferriere wrote:
Tyan (& another I can't remember now) have console forwarding to the com1 port . This MB is available in PenguinComputing's 1u & 2u systems . They run *BSD just fine as well . Hth , JimL
Many of Intel's server boards support this (or at least did as of several years ago). I had some issues getting Linux to play nice with that feature turned on. I never had one of them sitting around long to figure out the issues before putting them in service (with console redirection turned off). This was the T440BX/NL440BX board, which is kind of dated now. If you have some old Cacheflow boxes sitting around, they probably have this board in them. I don't know if they've done anything to them that would cause problems using it in something other than the cacheflow. ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Thu, 18 Mar 2004 jlewis@lewis.org wrote:
Many of Intel's server boards support this (or at least did as of several years ago). I had some issues getting Linux to play nice with that feature turned on. I never had one of them sitting around long to figure out the issues before putting them in service (with console redirection turned off). This was the T440BX/NL440BX board, which is kind of dated now.
Their server-class 1U/2U boards still do it - either the older (probably soon to be EOL'd) SCB2ATA/SCB2SCSI Pentium III boards and the newer SE7501WV2 Xeon boards. Both of those boards integrates in 1U or 2U, ATA RAID or SCSI, and plays very nicely with FreeBSD. The SRCZCR RAID daughtercard for the SE7501WV2 even has Intel-provided FreeBSD drivers including storage console in the OS (something I've had a hard time finding on FreeBSD from vendors like Adaptec). The serial support also works like a charm all the way through the BIOS into the OS. We've got a ton of these in production and they're rock solid. Tim Wilde -- Tim Wilde twilde@dyndns.org Systems Administrator Dynamic Network Services, Inc. http://www.dyndns.org/
On Thu, 18 Mar 2004, Joel Jaeggli wrote:
On Thu, 18 Mar 2004, Kelly Setzer wrote:
On Thu, Mar 18, 2004 at 09:07:31AM -0500, Steven M. Bellovin wrote:
In message <g3d67ag03k.fsf@sa.vix.com>, Paul Vixie writes:
I agree, lack of interactive access to a system prior to a functional OS being loaded always seemed like a potential problem area to me, particularly for something based on common PC architecture.
http://www.realweasel.com/ is your friend. (isc has about a dozen of 'em.)
Realweasel is a great idea if you can afford it -- but the PCI version lists for $350, which is as expensive as some used 1U servers on EBay.
Is there an effective alternative? All the intel "servers" these days seem to have one of those handy-dandy (note: sarcasm) ethernet ports variously called "integrated lights-out (ILO)" or "lights-out management (LOM)", etc.
I am dismayed that intel-based server vendors haven't noticed the decades-old trend of having serial ports for emergency/remote access.
serial ports work fine for pc consoles in general, once your bootloader takes over you can display pretty much everything over there... some vendors provide options to map the bios display on the serial ports (supermicro) it's doesn't work for the bioses of some raid controllers however, a pc-weasel will handle that condition fine,and the pc-weasel can also do a hardware re-set of the whole machine to restart a hung box... They don't work so well if you only have one pci slot which you need for a raid controller or if as I found out recently someone reconfigures the terminal server and inadvertantly locks you out when you need it most.
The pc-weasel does not work in all motherboards also. K
On Fri, 19 Mar 2004, Krzysztof Adamski wrote:
The pc-weasel does not work in all motherboards also.
It does require a 5volt 32bit pci slot. and a ps/2 keyboard port, and it won't work with an ami-winbios among other things... In many respects the weasel is begining to show it's age, but many other remote management cards I've used or attempted to use over the years (compaq lights-out, ami-megarac) have either gone off the market, required proprietary manangement software or were heavily geared towards mananging windows boxen (I absolutely refuse to remotely co-locate windows machines). The killer feature (that I'm willing to pay monay for for one of these products) is having a unit that can remotely power-cycle the box when the os is totally hung. We used to do this (and still do), with serially controlled power-strips but so many of the machines we sre buying take redundant power sources, so that you end up needing twice as many remote power-strips in order to turn off one box. In all fairness to AMI they have a new management card which I have not evaluated which they claim is 100% os independant, and has additional oob connectivty options and battery backup. it also weighs in around $600.
K
-- -------------------------------------------------------------------------- Joel Jaeggli Unix Consulting joelja@darkwing.uoregon.edu GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
Joel Jaeggli wrote:
The killer feature (that I'm willing to pay monay for for one of these products) is having a unit that can remotely power-cycle the box when the os is totally hung. We used to do this (and still do), with serially
Recent Compaq systems with integrated remote ILO provide a "virtual power button". In fact they also provide full graphical/console access over SSL and even booting of the remote system from a local CD/floppy/.iso image... the client is Java based too. I don't have long term experience with them or anything, it's just that I saw a demo recently and I have to admit to being quite impressed.
At 9:51 AM -0600 on 3/18/04, Kelly Setzer wrote:
On Thu, Mar 18, 2004 at 09:07:31AM -0500, Steven M. Bellovin wrote:
In message <g3d67ag03k.fsf@sa.vix.com>, Paul Vixie writes:
I agree, lack of interactive access to a system prior to a functional OS being loaded always seemed like a potential problem area to me, particularly for something based on common PC architecture.
http://www.realweasel.com/ is your friend. (isc has about a dozen of 'em.)
Realweasel is a great idea if you can afford it -- but the PCI version lists for $350, which is as expensive as some used 1U servers on EBay.
Is there an effective alternative? All the intel "servers" these days seem to have one of those handy-dandy (note: sarcasm) ethernet ports variously called "integrated lights-out (ILO)" or "lights-out management (LOM)", etc.
I am dismayed that intel-based server vendors haven't noticed the decades-old trend of having serial ports for emergency/remote access.
Kelly
Many of the SuperMicro motherboards currently have BIOS-level serial consoles that can be activated, and the Intel 440 series also had it (I have 20 or 30 of them). This means I see the BIOS power-up debugs, can get into the BIOS configuration, I see the SCSI PCI messages, just as if there was a screen and keyboard attached to the machine. I don't know what Intel offers today, but I suspect they kept the serial console capability on their server class systems. I suspect other vendors have similar features, but I don't have a large enough sample to say if it's "common" or not. I suspect that serial consoles are common on "high-end" server motherboards, but probably don't exist on the less expensive models, a difference which I'll chalk up to market pressures. If the server you're evaluating doesn't have serial OOB, then I would have grave suspicions about other aspects of it's construction, as the lack of a serial console indicates lack of "server requirement" clue. This gets back to a previous discussion from quite some time ago about standardized out-of-band configuration interfaces for equipment... The combination of an APC 9210 power cycle device plus a Cisco 2511 or 2509 with an octal serial cable has never failed me, and I'm at the "low end" of the price scale for my personal systems. While I do prefer a "real" serial LOM kit (i.e.: Sun Microsystems) the pricepoint for i386-type 1u servers is difficult to match. I've never had a lockup I couldn't get out of, as long as I've hooked up the cables the right way. All my systems are at least 600 miles away, and some of them are 3500 miles away, so I have to rely completely on my out-of-band network. I converted from Sun to Intel-based systems about two years ago, and I've been very pleased with the performance and price, though I miss the quality and consistency of Sun hardware. For DNS, personal web, mail, and other mundane tasks, I find that I'm able to afford serial OOB-capable Intel-based systems of two or three years ago (PIII) which have enough horsepower to do the trick. RealWeasel is too expensive (even with the hypothetical NANOG discount) though extremely nice. As previously mentioned, I can purchase an entire system with serial console built in for that price. If I had a vendor-specific piece of equipment that simply did not do the Right Thing but was tied to a particular motherboard, then I'd consider a RealWeasel. Continuing the thread of costs for a 1u "personal" co-lo offering, here is a little back-of-the-ebay-napkin surfing: $250 (Cisco 2511 w/cables) + 2x$200 (APC 9210) + 16x$270 (1u Intel PIII 650/2x18gSCSI/1g) = $4970 for 16 remotely-configurable/rebootable machines in 19u of space. Now, double that for 38u (4u short of a full rack) and add a Cisco 3548 at $1600. That turns into $11540 for 34 machines, all remotely manageable with remote power cycle. One of those systems could be an altq traffic shaper/router. Not a bad configuration for a best-effort 1u rental service. The trick of course is getting 32 identically-configured 1u machines at this price, with some spares. It's nice to buy equipment on eBay on a one-by-one basis, it doesn't scale for bulk purchases of identical equipment. Does listing example ebay auctions substitute the legitimacy of posting router configs? Probably not. http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=3081026454&category=1484 http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=3080508042&category=11185 http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=3082713166&category=20315 http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=3082896913&category=28040 JT
On Thu, Mar 18, 2004 at 10:41:53AM -0800, John Todd wrote: [...]
Realweasel is a great idea if you can afford it -- but the PCI version lists for $350, which is as expensive as some used 1U servers on EBay.
Is there an effective alternative? All the intel "servers" these days seem to have one of those handy-dandy (note: sarcasm) ethernet ports
$250 (Cisco 2511 w/cables) + 2x$200 (APC 9210) + 16x$270 (1u Intel PIII 650/2x18gSCSI/1g) = $4970 for 16 remotely-configurable/rebootable machines in 19u of space. Now, double that for 38u (4u short of a full rack) and add a Cisco 3548 at $1600. That turns into $11540 for 34 machines, all remotely manageable with remote power cycle. One of those systems could be an altq traffic shaper/router. Not a bad configuration for a best-effort 1u rental service. The trick of course is getting 32 identically-configured 1u machines at this price, with some spares. It's nice to buy equipment on eBay on a one-by-one basis, it doesn't scale for bulk purchases of identical equipment.
This is relevant, if tangential, to the current discussion on 1U colo for remote ops/looking glass/etc. Summary: 1) One respondent mentioned that Penguin Computing sells a complete system with a serial console/management port. I found the following links on Penguin's site: http://penguincomputing.com/store/relion-130.php (+ other select models) http://penguincomputing.com/support/serial_redirect.php 2) John Todd's excellent price break-down above is useful in the "best-effort" context. 3) Numerous respondents helpfully pointed out that a number of motherboards include a serial management/console port and have for several years. This is useful in environments where self-built systems are acceptable. In corporate environments, warranty and service issues may make that undesirable. 4) One nanog member indicated that I am an idiot. Personally, I recently priced intel server systems from a variety of major vendors including Dell, Compaq/HP, IBM, and Sun (intel-based). All of them offered (proprietary?) ethernet-based remote management. None offered serial management. Thanks to everyone for their responses. Kelly
On Thu, 18 Mar 2004, Kelly Setzer wrote: This is relevant, if tangential, to the current discussion on 1U colo for remote ops/looking glass/etc. [...] 4) One nanog member indicated that I am an idiot. Personally, I recently priced intel server systems from a variety of major vendors including Dell, Compaq/HP, IBM, and Sun (intel-based). All of them offered (proprietary?) ethernet-based remote management. None offered serial management. ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers_pdf/88p9267.pdf Take a look at page 34. http://www.sun.com/products-n-solutions/hardware/docs/html/817-2025-13/chap2... "Idiot" is a strong word. But you do seem to have some reading comprehension issues. matt ghali --matt@snark.net------------------------------------------<darwin>< Flowers on the razor wire/I know you're here/We are few/And far between/I was thinking about her skin/Love is a many splintered thing/Don't be afraid now/Just walk on in. #include <disclaim.h>
John Todd <jtodd@loligo.com> writes:
While I do prefer a "real" serial LOM kit (i.e.: Sun Microsystems) ... RealWeasel is too expensive (even with the hypothetical NANOG discount) though extremely nice. As previously mentioned, I can purchase an entire system with serial console built in for that price. If I had a vendor-specific piece of equipment that simply did not do the Right Thing but was tied to a particular motherboard, then I'd consider a RealWeasel.
Weasel, like the sun implementation, allows remote reboot of wedged machines. This is key, particularly when running on an Intel platform <cough>. If there are any PC serial console implementations that allow one to do this, I'd like to hear about it, since I'm not aware of such. Buying a serial console server *plus* a power cycler fills my heart with hatred. ---Rob
Steven M. Bellovin wrote:
Realweasel is a great idea if you can afford it -- but the PCI version lists for $350, which is as expensive as some used 1U servers on EBay.
It'd be better if it had an ethernet port on it and allowed ssh access to the console, like the remote ILO stuff on compaq boxes. Still, a good idea for sure, if not a little pricey as you say.
On Thu, 18 Mar 2004, Paul Vixie wrote:
http://www.vix.com/personalcolo/ http://www.vix.com/personalcolo/ http://www.vix.com/personalcolo/
As of March 17 2004 Total personal colo listings: 36 Total providers with one or more addresses block listed: 18 The eighteen providers are sometimes listed on more than one list. I've included only the first block list found for each provider's address ranges SPEWS: 7 BLARS: 5 FIVE-TEN-SG: 2 BLIAB: 2 DSBL: 1 A much better ratio than I expected. Only 50% of the providers are using addresses from network blocks on one or more block lists. I did *NOT* check every address in every block, so this may miss additional individual host listings within the provider's address ranges.
participants (15)
-
Chris Brookes -
jlewis@lewis.org -
Joel Jaeggli -
John Todd -
just me -
Kelly Setzer -
Krzysztof Adamski -
Mr. James W. Laferriere -
Paul Vixie -
Paul Vixie -
Robert E. Seastrom -
Sean Donelan -
Steven M. Bellovin -
Tim Wilde -
TxRx Lists