lab hardware move/reorg + moving forward

Francis Dupont fdupont at isc.org
Fri Mar 30 09:53:21 UTC 2012 

> I have a need to re-organize and rewire the lab and return at least one box
> to it's original usage.
> 
> The x86 gear:
> 
> are io.lab.bufferbloat.net (the aftr box)
> and ida (one of my laptops) (the sdnat box)
> 
> I can live without io for a while, or the laptop, but not both. (they are
> the only gigE capability I presently have)

=> I have saved the configs, even fixed the DHCPv6 server one which was
bad, so if you can wait Alistair is back with 3 boxes I have no concern.
BTW I have to install my old iMac and primary DNS server replacement
so I don't expect to be active until Monday. I have the HSM mess
on my TODO list next week too (even the critical point was fixed
a long time ago and the customer now knows this :-).

> I'm curious enough about aftr to configure a cerowrt box as an aftr box as
> well, so I can leave up two wndrs for that purpose,
> or leave a wndr box off of io for now and re-re-re-purpose that laptop.
> 
> So A) are both/either these boxes still needed during the rest of ietf? (so
> I can at least rewire)
> and B)...

=> IETF is nearly finished so nothing technical should be done.

As you say rewire I still believe we should not use the wireless in the lab
(hard to debug, basically insecure with easy to use config, so in most
cases a bad idea. BTW please document how to get rid of wireless on WNDRs,
I know only for WRT54G* (remove the antenna)).

> My plan would be to rebuild the aftr/sdnat lab out of the demo gear
> returning, which I assume will be monday(ish)?

=> ask Alistair (as far as I know he won't rush on the first plane)

> Also discussed with francisco today is a build environment that people
> other than I can use. I will conduct a training session at some point, to
> make it easier to just play with stuff on their own gear... and
> 
> Using huchra.bufferbloat.net is certainly ok by me for builds, I will
> gladly grant more accounts on it, but as it has many accounts on it from
> non-isc people, can't be moved within isc's security zones.
> 
> My own security system is basically limited to ssh and my repos are
> outsourced to github (also controlled via ssh). Github works well
> (miniupnpd uses this model too), but I am not the one to convince y'all to
> adopt github en-mass or as enthusiastically as I have! Still... it would
> help to integrate certain of your processes with them, IMHO.
> 
> So a build system needent be a dedicated box, it just requires a reasonably
> modern Linux operating system, about 2GB of disk for the sources,
> and about 40MB per preserved build. It takes about 3 1/2 hours for a full
> build on the 8 core system that is huchra, under 8 minutes for incremental
> builds.

=> BTW 3 1/2 hours are a lot

> An open problem is making the sdnat related package repositories available
> outside isc's security zones. I presently have the one copy (not publicly)
> accesssible living on huchra. I hate having only one copy of anything,
> anywhere...

=> as far as I know there will be another demo in April.

Regards

Francis Dupont <fdupont at isc.org>

More information about the sdcpe-devel mailing list