Tuesday, 20 March 2007

Extracting the 2950 from the dog house

Our upgrade to the Manchester server looked like being a bit of a damp squib this morning, after a good start with our new 2950 Draytek firewall router dropping straight in as a replacement for the 2900 things were not turning out to be as reliable as I had hoped. Twice the previous day the link from my house to Manchester had locked up and then Nigel had a similar problem when his tunnel locked up, the outlook did not look good.

However after having a pootle around on the Draytek forums and not really coming up with a lot I had a moment of inspiration, the problem is that if one of the pub routers drops its connection its too stupid to realise and doesn't try to dial back into the main host every time. So the solution is surely to remove the responsibility for dialling from the slightly less clever routers and put the main super efficient router in control. In a nutshell get Manchester to dial the pubs instead of the other way round, this way Manchester should know that a connection is dropped (using the power of its dedicated VPN processor) and simply dial it up again. One other thing to be aware of if anyone is trying this is that the default timeout on Draytek 2600's is a lowly 300 seconds and should be reduced to zero :o(

So after reprogramming all of our routers and having a major rejig of the Manchester end of things it all looks a lot happier, of course its not as simple as checking they are all connected and I won't really know until a few days have passed. Tomorrow I will rejig our Nagios server to test these connections and I should start getting an idea of how good this configuration is going to be quite soon. As an aside when searching for 'Damp Squib' on Google images this is what comes up, call me a fool but that dead cow don't look too damp to me :o)

No comments:

A view from the rack is the personal blog of an IT manager who works for a pub company - hence beer