So next time you're drawing up your network diagram be sure to drop in a blood spot or a few footprints
Also via HtP - The CADT Model (Cascade of Attention-Deficit Teenagers).
Some nice tools coming out - Managing Exchange 2007 using PowerGUI. The PowerGUI utility looks really useful for Active Directory admins regardless of wether you use Exchange or not.
Humour - trust the French to put a different spin on the rugby scrum. Their Street French Lessons are good too.
Wow - Upgrade a Mac Mini Core Solo to a Core Duo. Looks stressful!
Interesting software if you have kids - Scratch. Lets you create visual applications by assembling blocks of code. Reminds me of HyperCard crossed with Logo.
Grow the fuck up and have some consideration for your neighbors you bastards!
Oh and we beat the the bastards too. Go the All Blacks!
PS yes yes I'm being passive aggressive - I should go and talk to them reasonably about the issue - but frankly if I have to explicitly explain civilized behavior to people then what has the world come to ?
PPS I'm turning into a grumpy old man faster than I thought
Mobex lets you 'twin' your internal phone extension to any other phone number (usually a mobile phone but it could be an analog phone) - its like a fancy phone forward. Essentially the Mobex server creates a conference call between the two phones so at any time you can transfer or pickup the call on the other twinned phone. Very useful for traveling staff - it also means you can publish a single number on your business card that will get you where-ever you are. The other alternative is to ditch landlines entirely (I'm sure Vodafone or Telecom would love that) but people really don't like to pay for a mobile call - Mobex gives you this flexibility to redirect the phone wherever you like.
Teleworker lets you remote boot a VoIP phone from anywhere on the internet - ideal for people working from home or colocated working through a broadband connection. The phone itself does the QoS (your PC connects via the phone) so it will always prioritise the voice traffic over data if you're in a call. Your phone works exactly the same as an internal extension, you can associate it with any PABX controller and you can even get a local analog breakout module to allow local calls. The sound quality is actually pretty good and the phones boot very quickly - about the only problem is if you are in a phone call any big network file-copies will slow right down.
Interestingly both Mobex and Teleworker are based on CentOS (RedHat derivative) and act as appliances - most configuration is done via a web interface. A bit of a departure from MiTels other add-on application servers which are primarily Windows based.
Our initial 'beach-head' consisted of a diverse fibre data connection (100Mb), a router, out of band management switch (for the IP-KVM & ILO interfaces), data switch (separate vlans for data & san traffic), firewall (even though its all internal - traffic falls into different security zones to keep the auditors happy) and domain controller. We'll supplement this with our prod-SAN, a bunch of app & database servers, our backup server and tape drive + another telco comms circuit.
Some interesting tips if you're thinking of shipping gear offsite -
If you're in a metro area diverse fibre is cheap and fast (two leads into the building coming in from different directions going via different physical circuits).
Setup your equipment as if it were off-site - spin off a vlan at your existing location to simulate the entire off-site network so you can fully test everything before sending it off-site. That way you change IP addresses and spend the next few hours re-establishing your connectivity because you missed something.
Label up absolutely everything and note down all the interfaces and port connections. Keep track of this information in a spreadsheet or visio so you can talk to your host site engineers should they need to troubleshoot anything on your behalf.
If you're allowed (many hosts require you to leave your phone, pda or camera at the door), take a bunch of photo's to complement your diagrams.
Most datacenters have a colour-code for their cables - make sure you follow it or specify they stick to your existing scheme.
Your host will have engineers that can rack and cable everything up much tidier than you could so leave them to it. As long as you tell them where you want stuff they'll take care of the rest. Actually get them your rack layout in advance and they may even have some suggestions about what to put where.
Unless you're filthy rich you can run all your management traffic (IP KVM and ILO) through another switch (a good use for all those old non-PoE 10/100Mb Cisco's). Leave your server data & SAN traffic through a good non-blocking switch (we went with a Cisco 4948 as a big Catalyst enterprise chassis would have been overkill). Ideally we'd have two switches for redundancy and multi-pathing but cost would have been prohibitive and lets face it a $10 Power Supply on a media convertor is more likely to die than a $15k switch.
IP KVM's are cool and supplement ILO/LOM (Integrated Lights Out/Lights Out Management) - if you move to a totally hands-off approach to server provisioning you can get hardware delivered straight to the datacenter and then hooked up to the KVM - you can configure the rest remotely. In fact IBM's RSA II ILO card even lets you boot off a file or remote CD.
You can pick up a multi-port serial adaptor fairly cheaply - stick it into your management server and hook up your switch and SAN console ports for an extra level of low-level access.
Diesel goes 'stale' make sure your host cycles their tanks regularly in addition to running regular generator and UPS tests.
Don't forget to phase your deployment - start small and allow time to bed-down your infrastructure. No point throwing lots of critical gear out in the initial push and discovering a crappy patch lead causes your grief after a couple of days - make sure the basics work well before sending application servers offsite!
Most hosts will charge by the rack - make sure you think carefully about what you send to the datacenter. It might be a good opportunity to consolidate your servers. If you have lots of blades (or storage arrays) you may get hit up for more $$$ as they really suck down power. As your rack fills the host will take regular measurements of the amount of power you're pulling down - if you exceed the 'draw' for a standard rack you may be charged extra.
If you tour the datacenter make sure it has all the good stuff you'd want out of a custom built server hosting facility - hot & cold aisles (so the hot air from one rack doesn't get sucked into the opposite rack), iso-base earthquake damping (nothing like watching the rack jiggle), raised floors, 2+1 (two units plus a spare) redundancy for power, aircon, adequate filtering, UPS, comms etc.
Be sure to go over the financials with a fine tooth comb - you'll find some variation on price and what is and isn't included. If you're anything like us you'll find the host with the simplest price schema is often the best.
Its interesting to look for little things that make life easier - for example a separate Tape library room off the main server room. This means datacenter operators can do their tape changes without having to go anywhere near the servers themselves (we switched from SCSI to fibre-channel to accomodate the 12m cable run from the backup server to the tape drive). Another hosting provider was looking at rack-hoods for blade servers to ensure the air flow wasn't dissipated.
Look out for procedural aspects of datacenter operation that may affect how you currently do things. For example does the datacenter have existing relationships with archive companies so you can cycle your tapes to and from offsite storage ? Do they have a relationship with a specialist courier for shipping IT gear ? Do they have an acclimatisation period (some like 12 hours for new kit to adjust to the datacenter temperature & humidity) for new gear before they rack it and power it up ? Do you need to put contractors on an authorised access list for the site ?
Zoning your internal network seems to be popular with the auditors - use different firewall NIC's to access different parts of your LAN and lock down the rules. We're starting with a very simple configuration - we've split out our management, data and telco traffic. When we shift our DMZ out there we'll add another zone. We also will have an inter-datacenter circuit primarily for SAN replication to our DR/UAT site (due to earthquake risk most NZ datacenters have a presence in a couple of different locations). A recent external security assessment recommended fourteen different zones which was frankly insane for an organisation our size so we'll start small.
Will add updates if anything else of use comes along.