Tuesday 27 March 2007

Completing the VPN

For the past couple of years our VPN has been somewhat of a work in progress, although it has been providing a useful service it has never been quite finished, one of those 95% projects. Well I am sure you will all be excited to learn that tomorrow it looks like we will finally be able to stand back and say that the network is one project that is 100% complete in every way (for now).

All sites and key personnel are connected, our co location facility is connected, we have finally finished putting all the head office connections onto the Draytek 3300V and we have the RADIUS server running for mobile workers. Added to this we have upgraded the head office switches to managed Gigabit switches and tomorrow we should be activating the load balancing system so that if our leased line goes off the ADSL line will try to pick up the pieces and vice versa.

One of the major improvements has been the recently discovered need to reverse all the connections so that now both the co location router and the head office router are in charge of the connections to the remote locations. Quite why this never occured to anyone before will remain a mystery but hey ho :o) Of course the big question was which way should the connection be configured to connect between Manchester and Head office now we have 2 very clever VPN brains at each end, well the odd coincidence is that you can set then up to dial each other! It is not immediately obvious whether this will cause them to get in a knot at some point but we can always toss a coin and switch off one link if it does.

The main visible improvement has been the state of our comms cabinet or spaghetti junction as it was known, when we have disposed of our old ADSL router and installed the super VPN pass through modem we should finally have a perfectly organised rack of kit with no dangly encoutrements for once. I will take a piccie tomorrow to illustrate but unfortunately I don't have a before picture to give the true contrast.

I watched an interesting webinar last week about steelhead WAN link optimisers from riverbed which can allow network applications to be run from the datacentre so maybe this could be the way forward for the network, phase 2 if you will. Just need to find a couple on ebay running at a bit of a discount as they are a bit expensive. Maybe terminal services will be a better bet but if anyone wants to bin a couple of steelheads do call :o)

Tuesday 20 March 2007

Extracting the 2950 from the dog house

Our upgrade to the Manchester server looked like being a bit of a damp squib this morning, after a good start with our new 2950 Draytek firewall router dropping straight in as a replacement for the 2900 things were not turning out to be as reliable as I had hoped. Twice the previous day the link from my house to Manchester had locked up and then Nigel had a similar problem when his tunnel locked up, the outlook did not look good.

However after having a pootle around on the Draytek forums and not really coming up with a lot I had a moment of inspiration, the problem is that if one of the pub routers drops its connection its too stupid to realise and doesn't try to dial back into the main host every time. So the solution is surely to remove the responsibility for dialling from the slightly less clever routers and put the main super efficient router in control. In a nutshell get Manchester to dial the pubs instead of the other way round, this way Manchester should know that a connection is dropped (using the power of its dedicated VPN processor) and simply dial it up again. One other thing to be aware of if anyone is trying this is that the default timeout on Draytek 2600's is a lowly 300 seconds and should be reduced to zero :o(

So after reprogramming all of our routers and having a major rejig of the Manchester end of things it all looks a lot happier, of course its not as simple as checking they are all connected and I won't really know until a few days have passed. Tomorrow I will rejig our Nagios server to test these connections and I should start getting an idea of how good this configuration is going to be quite soon. As an aside when searching for 'Damp Squib' on Google images this is what comes up, call me a fool but that dead cow don't look too damp to me :o)

Thursday 15 March 2007

Instant gratification

No sooner had I posted about my declining traffic due to lack of blog fodder than I get 30 visitors in the same day, I am wondering whether this means that people have subscribed using RSS readers and therefore I can generate as much traffic as I want simply by bombarding you all with posts!

Our 2950 arrived last week and was immediately dispatched to Manchester where it has now been installed, its early days yet to get an idea of whether it is going to provider a better and more reliable service but so far so good. Although the 2950 is quite different to the 2900 it is replacing, and as such you cannot simply export the configuration and move it across, the setup screens are pretty similar so it was easy to copy the configuration page by page. We have about 20 VPN tunnels hard coded into the config and one thing which would be great in a further revision of Drayteks new operating system would be to duplicate an entry in the profiles page because it can be a bit of a drag, just in case anyone from Draytek ever trip over this.

One other little happening which I found very interesting is that Google have created a little program for Pocket PC's which runs Google maps. I must say that my HTC PDA is becoming more and more useful now that I can get my email, it is a phone, it syncs with my Gcal over the air thanks to goosync and now Google maps as well! I feel quite spoilt.







With all this in mind I found it very interesting to note that HTC have got a new version of my favourite toy coming out. I would guess that they are watching the IPhone with some trepidation because although apple will have a lot of work to do to create something as functional as the STC S710 I think we can all be confident that OSX on the IPhone will be slicker than Windows Mobile 6. So like the technology lemming that I am when the contracts on the phones are up for renewal I shall be torn between these two new and probably slightly flaky but 'oh so cool' toys and once again spend the duration of the contract getting it just right in time for the next one.

Tuesday 13 March 2007

Google Apps cntd.

I have been progressing with lots of odds and ends this week and last which has meant no blogging, you can't force it after all. Unfortunately this means my traffic has nosedived so its a good job I am not dependant upon the income from my blog like Rob is ;o) (see previous post)

Which illustrates a point I wanted to make - should anyone read this and think 'Hey that looks like a cool thing to do that blogging lark' the only advice I would give is to get a Google analytics account because otherwise is pretty dull. As you can see I have visitors from all over the world when I can actually work up a little blog fodder but otherwise I have had no feedback at all, so praise Google for keeping beerbytes online!

So I am sure you have all been waiting with baited breath for an update on the Google calendar situation, well we have had some movement - spanning sync is out of beta and ready for deployment. Hooray! I really must congratulate spanning sync for producing just about the only calendar syncing software which works, I have been running it now for about 4 weeks and whilst syncmycal was merrily trashingmycal, spanningsync has just worked which is all we ask.

Another piece of software which also seems to be working is a little system called goosync which is syncing my Google calendar over-the-air with my HTC Pocket PC. This means now that the Mac side of things is perfect, Ical Syncs my calendar both ways with Google, my PDA does likewise and Ical also displays the rest of the offices calendars via .ics addresses.

This last point brings me onto a bit of a gripe with Google Apps. On paper Google apps is great but I have steadily been whittling away at the features which are actually useful to an organisation like ours. 2 weeks ago I closed the premier account because it was not bringing anything to the table over and above a standard Google apps for domains account and this afternoon I have had to walk away from even this because the calendaring system on these accounts does not allow private Ical feeds! Big mistake - I have had to spend some time this afternoon manually setting up standard Google accounts because syncmycal on the PC is not very happy with the Google apps calendaring feeds which seem to be slightly different from standard Google feeds and Outlook 2007 cannot plug into the Ical feeds on Google Apps.

So I am short of only 2 things now, Goosync is struggling to work on our Nokia 6233's but I am sure we can sort this and I need to get Outlook publishing to Google which syncmycal can allegedly do as long as your not on Apps.

Other news, Joost is still very cool but the content has been suspiciously stagnant since I first went on possibly indicating an Achilles heel, is it difficult to get the established networks to part with their premium content? And/or is it difficult to circulate new content around the Joost network? Maybe they need to take at look at the youtube way of doing things and get the public to contribute, I am not talking about the 240x180 endless rips of Simpson's funnies but seriously good quality video from Jo public. something along the line of a bit torrent network where people can submit content recorded on proper video cameras to make good quality but amateur videos which will play full screen. These could be vetted and categorised by Joost thereby avoiding the lawyers making a fat buck or two and allowing a huge variety of content to be available.

Friday 2 March 2007

I've seen the future - and it's Joost

I am going off topic, as in this has nothing to do with IT and business, but for anyone else who thinks that TV in the UK is a bit poor at present I have just seen the future and its truly exciting and scary in equal measure......

A perfect Friday night, I got a pass from the missus for an hour at the local, they were in the middle of a barrel of Jennings Mountain Man which is nectar, and I get home to find out that I have been admitted to a rather exclusive club. I am a Joost beta tester!

Now for those of you who don't know (I can hardly remember quite how I ended up signing up for Joost myself) but Joost is a new online TV station. Online TV is one of those technologies which has promised so much in the past but never lived up to the hype, I am sure we have all tried some of those poor real player feeds in the past and frankly if you have real network shares take my advice and sell sell sell! Joost is a quick download, I was genuinely very pleased to find a Mac version for a change, so I installed it on the ol' mac book, logged in and just watched half an episode of fifth gear full screen with no buffering. Seriously.

Vicky Butler-Henderson never looked so good, although I suppose she never sat on my knee whilst presenting fifth gear before :o) I am such a nerd sometimes...

The choice of programming even in beta is far superior to HDTV even f the quality isn't, its full screen though, its on demand, they have programmes from national geographic, channel 5, MTV, I even heard tell of a Viacom deal yesterday and you can tell that the choice is going to be truly staggering on an international scale. I cannot emphasise this enough, sign up now because in 6 months time your digi box is going to look pretty dull, and that is the scary part. I dislike TV, I like gardening, I am a frustrated smallholder (in that I haven't got one) and I think people should be tilling the soil rather than vegging on the sofa and I quite like having an excuse to turn off the TV when nothing is on. In a Joost world there is always going to be something on you would like to watch, maybe land will become cheaper because all the smallholders will be watching Joost and then I can make my move.... sweet.

Thursday 1 March 2007

Delving further into Google Apps

Last week I set up a Google apps account to investigate the potential for using it as a replacement for Microsoft Exchange, given that we only really rely on Exchange to share calendars. Today I finally got chance to properly look into the fixtures and fittings of Google apps and I must say that my initial impression is very positive.

Although I had used Google Calendars before, and found the user experience to be a very positive one, especially for a browser based application, I had not really investigated the other aspects of the apps suite and that was the aim of this afternoon. Google apps is actually a very simple system and that is one of the things that appeals to me about it, the manual for exchange is about a foot thick and I would say that its a typical case of Microsoft over engineering. It is quite unfair in some ways to compare these 2 products because Exchange does lots of things that apps does not, however as a small office I would say Google is closer to fulfilling our requirement for information sharing.

So to the details, there are only 3 elements of apps which really interest me at present and these are in order of importance, calendars, email and finally the personalised start page. Of course each of these elements have been available on an individual basis for sometime but the new apps for domains approach allows one person to administer these systems for an entire office. The first thing you have to do is provide the domain, it would have been possible to sign over our existing brunningandprice domain and then link back to the website and use Gmail as our primary email system but I am not quite ready to take a jump like that so I got a new one for a mighty £2 pa :o)

One of the really nice features becomes apparent at this point, if you want to create user accounts for 20 odd people you can simply fill in an excel spreadsheet and Google will quite happily auto generate your user accounts. Easy. You can even set a global setting to ask all your new users to change their password when they first log on and preset their sharing options to allow everyone access to each other calendars. At this point if we were happy to use online systems the job is done, everyone has an account, email, calendar and even instant messaging.

The next thing I wanted to look at was the personalised start page, everyone in our office almost without exception uses Google as their start page anyway so to have the opportunity to add their calendar and email to this was quite appealing. It turns out that this system is again very simple to use and I simply popped our logo on the top of the page and dropped in each users calendar, email preview, to-do list and even a link our internal applications. I think we will get compadre Rob to use a bit of his design magic on this page if the idea takes off.


So far so good, the task for tomorrow is to make a decision about how best to approach using the email, should we simply have one pop3 account or route the existing mail via Gmail, my initial reaction is no however Gmail is a rather nifty web mail system compared to our existing service... tempting. Also its time to start throwing some larger calendars up and seeing what happens to performance, I'll keep you posted.

A view from the rack is the personal blog of an IT manager who works for a pub company - hence beer