The Cruft Of My Brain

I didn’t see much in the way of review info on the
NORCO RPC-450 4U Rackmount Server Case
.  On top of that, the pics almost always showed a microATX motherboard installed, which was nice for having lots of room left.  However, I had an Extended ATX or EEB motherboard that I wanted to get into this thing so it was  little bit of a gamble when I ordered it.  I’m pretty happy with the results  although there are caveats and some tight areas.  Without further ado, the review:

Newegg shipped this thing double boxed and it arrived in fine condition.  I don’t live very far from the New Jersey distribution warehouse and I’m lucky enough to get stuff from them within a day or two.

From NorcoTek RPC-450

The RPC-450 comes with 2 big 120mm fans up front. Once you remove those you can slide out the drive cages. What’s cool about this is that the drive cages are kind of like 5in3′s. As you can see in this pic the space could support 3 5.25″ drives vertically but with the cages installed there are slots for 5 3.5″ drives. The 2 cages slide in and out using the same locking tabs you’d use for drives.

From NorcoTek RPC-450

On to the motherboard installation. The EEB size motherboard really does fill the space. Making matters worse, the fans and heatsinks for the dual xeons are located way up at the front of the motherboard. Here you can see how close one of the fans is to the frame:

From NorcoTek RPC-450

In this pic you can see my thumb and also how close the installed optical drive is. If the fans are any taller you aren’t getting the optical drive in.

From NorcoTek RPC-450

You can see here that this fan problem also means you can’t put more than 2 hard drives in the middle cage. Anything below that and the plugs would interfere with the fans:

From NorcoTek RPC-450

Just an overhead shot. The power supply fit easily and didn’t get in the way. I didn’t get my hands all hacked up either like is common when I’m working in some cases. Most of the edges really are rolled.

From NorcoTek RPC-450

So, in the end, it works. If you have a smaller motherboard you’ll have almost no problems. I got a second case for my Unraid setup and that used a MicroATX motherboard. Lots of space and the cooling has been excellent. The same setup in a Coolermaster CM690 had the 1TB Hitachi drives hitting 40C+. In this case with the 120mm fans blowing right across them I’m usually in the high 20′s on the Hitachi and only occasionally does it hit 30C. That’s a lot of piece of mind for the life of my drives.

All pics are here http://picasaweb.google.com/mdgeek/NorcoTekRPC450# although the rest are fairly blurry.

I might have mentioned that before.  In case I didn’t…I hate java.  Now, today’s issue didn’t come directly because of java but it was the result, and an obscure one at that.

I’ve been struggling with a client issue that basically boiled down to slow or non-responsive websites that were passing through IOS firewalls.  Most websites would work fine and if we re-routed the traffic to another outbound connection that had an ASA it would work perfectly.  Also, if we connected a laptop directly to these remote site internet connections it would be smooth sailing.  So obviously something was unhappy on the IOS firewall.  I tried changing MTU, MSS, disabling the websense (urlfilter) connection.  All kinds of different things!  Nothing made a bit of difference.

I decided to run the Tweak Test over at dslreports.com to see what the MTU and MSS results would be, thinking that’s still what I needed to fix.  Tweak test is a java applet.  I had someone onsite run it and I happened to be watching the console at the same time.  All of a sudden I start seeing “FW-3-HTTP_JAVA_BLOCK” messages popping up.  WTH!  So, I figure out that java is blocked by default on IOS firewall.  Here’s the fix:

access-list 3 permit any
ip inspect name inspect http java-list 3

Yep, basically add the acl for any and then add java-list to the end of the http inspect.  I also have a urlfilter on the end to maintain the websense checks.  ARGH!  I decided to try my problematic website, of which enterprise.com happens to be one, and it popped right up.  I never got an error message about java before trying to run this app on dslreports.com.  I never saw reference to a Java problem in any of my debugs.

I know this wasn’t java’s fault directly, but if java wasn’t such a piece of garbage it might not have to be blocked by default.

I’ve ordered some rackmount cases from Newegg finally.  They should be arriving today and I’ll try to make a point of posting some pictures with my success (or otherwise!).  I’m getting the Norco RPC-250‘s since they have plenty of space for motherboards and drives and also include two big 120mm fans in the front.  I’ve been running some of the Hitachi 1tb drives in my Unraid and they tend to get a little warm.  My plan is to give them a little more room and hopefully some more cooling.

One of the cases will have a slightly older dual xeon transplanted into it.  I have a small concern about the spacing on this but the case is advertised as supporting EEB or Extended ATX motherboards.  We’ll see and I’ll post pics.  The cpu heatsinks are pretty huge and the processors are all the way at the front of the motherboard.  Could be tight vertically.  This box will be the ESXi server and will run a couple of different things such as some websites (this one) and some customer VM’s for VPN’s.  It’s nice to have a known working config in a VM that you access at the “console” when you need to connect to a non-split-tunnelled VPN.  Also avoids VPN client conflicts.

I had posted previously that I had some issues getting ESXi to install on a Compaq DL360.  Well, I have a slightly newer Intel white box server and it’s installed just fine with that, recognizing some of the older SCSI cards as well.  So, I’ll be implementing this soon and reaping the benefits of a lightweight host OS.

I keep an eye on my logs and for as long as I can remember this post has been the most popular:  http://www.thecruftofmybrain.com/2006/03/14/cisco-router-with-fxo-as-an-asterisk-gateway/

It’s funny that almost 3 years later very little has changed.  I’m running Trixbox CE now but the configuration is still pretty much the same.  I’m pretty happy with how TB has progressed and I’ve stuck with it.  For a while I was running it virtually and while that worked ok it always had problems with the clock slipping.  I’m now running on an older P4 and all’s well.

Regarding my old config, a couple of things seem to come up with the folks that find that post.  First, you don’t want the OPX version of PLAR.  I’m not really sure why Asterisk isn’t happy with it but it has to do with the order of going off-hook.  Just use the regular PLAR and you’ll be fine.  Also, make sure you put the trunk into the proper context on Asterisk.  I say “proper” because everyone will be different.

If someone has a good resource for understanding the proper way to configure contexts, please let me know.  I understand the basic nature of it, after all it’s similar to Partitions and Calling Search Spaces on CallManager.  But it doesn’t seem clear to me that there’s a simple way to manage them.

It’s been a while since I looked at what was formerly known as the Cisco Attendant Console. Color me unimpressed. I found the new version’s install process to be tedious mainly because it’s java based. Key buttons would disappear repeatedly during the install and I had to reboot several times. The original promise of java creating this coding utopia has been completely corrupted by the large volume of incompatibilities between java versions.

Once I got it installed it seemed to work ok, after yet one more reboot.

The funny thing is that Arc is one of those weird companies that likes to do things differently. They just seem to make things more difficult than it needs to be.

But hey, at the end of the day they’re the only game in town so what can you do. I guess it’s nice to be a monopoly.

I now have Win7 installed on my TC1100with only 768mb of ram.  It’s much much better than Vista, which was a dog.  The handwriting recognition also seems somewhat better.  Maybe Win7 really is cool after all!

I followed this post for guidance and the links to the specific files for the drivers worked great.

Gizmo5 is finally the one to break the Skype barrier.  They have a new service now called OpenSky (har) that is essentially a proxy between Gizmo’s SIP network and the Skype network.  I imagine they’re doing something like the non-free Skype Asterisk channels that have been out for a while.  This is cool but it would have been even more interesting when Skype was offering free out-calling.  Now, I’m not sure how big a deal it is.

Ultimately, the SIP world needs to come together, perhaps with XMPP as the discovery mechanism, in order to support universal and open calling.  I’ve been fiddling with IM on domains for Google and it works great!  More of that is needed!

And yes, I’m aware of ENUM but that doesn’t seem to be making progress in North America.  Someone show me that I’m wrong about that.

I had quite a bit of trouble getting this to work the other day.  After some googling I came across this thread over on 6200networks.com.  I had matched up the config he had listed just by chance because I was also enabling an L2L VPN.  However, I still couldn’t get it to work.  The trick was to change the IPSEC transform set to AES-256.  After that it was smooth sailing.  I posted a comment over there but he hasn’t approved it yet.

I’ve discovered ISAKMP profiles too.  Very cool!

I’ve been working on some complex VPN configurations by using GNS3 and PEMU which is built in.  It’s nice to be able to throw together a bunch of devices and get them talking without much fuss.  However, I discovered today that PEMU is really designed to emulate a PIX 525 by default, although supposedly it can also emulate a PIX 506e.

In Cisco’s infinite wisdow it decided that no one would ever want to use something above a 506e as an ezvpn client.  So, they removed the client code and only put in the server code.

Per Cisco:  The PIX 515/515E, PIX 525, and PIX 535 act as Easy VPN Servers only because the capacity of these devices makes them appropriate VPN headends for higher traffic environments.

Umm…gee, thanks for making that decision for me.  And Cisco stopped at PIXOS 6.3 for the 506e.  Yeah.

Do they try to make it harder?