We did a survey recently of IT managers and CIOs to find out the areas where
they were planning to invest in the near future. Disaster recovery, workflow
automation, server consolidation, and Voice over IP were some of the areas that
received significant votes. The point to note about these areas is that they all
require a proper and well-managed WAN infrastructure to be really effective.
You don't need a rocket scientist to tell you that you need high-speed and
redundant WAN links for your disaster recovery site. All critical data must be
backed up to the DR site on time so that you don't lose time and money
shifting to it should (God forbid!) a disaster strike. In case of workflow
automation, it isn't just about automating your company's internal business
processes alone. In order for it to be fully effective, the entire eco-system of
your company's suppliers, partners, customers, and even your own branch
offices must be taken into account. This can only happen if you have
well-managed WAN links. For instance, if you need to ensure that email gets
priority over other traffic so that your important customer orders don't get
delayed, you would need to put in place QoS policies for your WAN links.
Moreover, if you want these orders to directly and immediately move into your
manufacturing plant's ERP system, then you need to link it to the head office
with dedicated leased links. You may want to use some WAN acceleration
technology on it so that information moves faster and more efficiently. This is
just one scenario, but as you can imagine, a proper WAN infrastructure is a must
for most workflow scenarios.
Moving to server consolidation, today many organizations are toiling with the
challenge of server proliferation. There are just too many of them in the house,
be it a mail server, proxy server, web server, app server, database server, etc.
Chances are that you might even have too many of them outside the house, i.e.
across your various branches, at the ISP, customer location, etc. A proper
server consolidation strategy is required in this case to centralize the
infrastructure and reduce the number of servers. This saves cost and improves
management. Unfortunately, with centralization, the burden of ensuring seamless
connectivity between remote locations falls on the WAN links. The whole
objective of consolidation fails if the WAN links go down.
Voice over IP is also growing in popularity, and many organizations are
planning to bring it into their IT infrastructure. In order to really benefit
from VoIP, you need to move all voice traffic from your branch offices to it.
For this, you would need QoS policies, low latency, etc on the WAN links. If you
also want to do audio and video conferencing on top of this, then you'll also
need to add more bandwidth. There might also be a case where you want to
centralize not only your servers, but your entire IT infrastructure. You only
want thin clients at the remote locations so that there are no maintenance
hassles there. Here again, you need to calculate how much bandwidth is needed
and what sort of technologies to use on your WAN links for optimum performance.
So if you don't already have a proper and well managed WAN infrastructure,
then you need to start acting now. This story is all about explaining the need
for doing so, the WAN acceleration technologies that are available and their
benefits, as well as some of the products and solutions that can be used for the
job.
WAN Acceleration Tech
WAN acceleration technologies provide quick data availability between offices
spread across distant geographical areas. Branch offices depend heavily on their
head office to get regular data. Using WAN acceleration techniques can solve
this. There are several WAN acceleration appliances available today that offer
these features.
They accelerate the data transfer rate by utilizing a number of techniques
like compression, data reduction, error correction, data caching, etc. Plus,
they also utilize techniques to overcome drawbacks of protocols used over WAN.
Of course not all such appliances would support all the acceleration techniques,
so you'll have to first understand which are the techniques that are used, and
then see the ones that would be suitable for your requirement. WAN acceleration
appliances are deployed on both ends of the link where acceleration is required.
Compression: All incoming and outgoing data passes through them and
appropriate acceleration techniques are applied. The most obvious acceleration
technique is compression, wherein you use various compression algorithms to
shrink the data. This will only work for data that is compressible, such as
spreadsheets, Word documents, etc. This actually improves bandwidth utilization
while transferring data. Files that are already compressed add to the benefit.
Some WAN Acceleration Products |
|
Juniper Networks' WXC Application Acceleration Platform benefits IT staff involved in key business initiatives such as application rollout, data center consolidation and server centralization, disaster recovery and backup, and regulatory compliance. |
SILVER PEAK NX-5500 is a 3RU appliance, equipped with 2 TB of local data stored in a RAID configuration. It supports up to 50 Mbps of WAN traffic, making it ideally suited for medium and large enterprise offices. |
Redundancy reduction: The other major concept of acceleration is to
reduce the data flow over the network. This is done by replacing redundant data
packets by codes. Depending upon the technique used, whole packets or streams of
packets could be scanned for redundant data. Another redundant element is the
packet header, a serious overhead on WAN links. Multiple packets can be merged
under the same header using a technique called packet coalescing. This can save
a lot of bandwidth as packet headers can be upto 60 bytes long.
Caching: This concept is primarily used in proxy servers so that
instead of going to the Internet to hunt for a website, the proxy caches it
locally to save bandwidth. A similar thing can be done here as well. The WAN
accelerators on either end inspect data being transmitted and store all
duplicate data locally on their own cache. This way, every time the WAN
accelerator at the other end asks for this data, only the code for it can be
sent and the other WAN accelerator will simply deliver it locally. This will
actually deliver LAN-speeds over WAN. This can significantly reduce traffic.
Error correction: There is one more reason that can make WAN links
slow besides heavy traffic. This is retransmission due to errors. Bandwidth is
actually being wasted if the appliance has to retransmit data everytime there's
an error. So a technique called Forward Error Correction or FEC is used by these
devices. This enables data correction at the physical layer by adding an
additional data corrective packet.
VoIP: Polycom Communicator C100S |
|
The Polycom Communicator is a high quality speaker phone that connects to a computer for use with Skype's VoIP service. The C100S comes with just a single USB cable that provides both connectivity with a computer as well as powering the device. This means there are no extra cables to There are five buttons on the face of There are many pros to this product like The speakerphone will also show up in The communicator has a sleek and handy |
|
Quick Specs Price: Rs 7,740 (1 yr warranty) Key Specs: Speaker phone, Skype client, powered through USB Contact: Polycom, Delhi Tel: 26207771 E-mail: pv.krishna@polycom.com |
The process of adding an FEC packet is done dynamically, depending upon
channel congestion. Normal protocols usually have the ability to correct at most
one or two data packets if they're lost, but not beyond that. If more packets
are lost, and have to be refetched, then the latency and traffic on the WAN
links increases. FEC prevents data to be retransmitted as it will automatically
generate the correct packet and give it locally.
Protocols over WAN
These include TCP (Transmission Control Protocol), CIFS (Common Internet File
System), and NFS (Network File System). These protocols need to do a number of
round trip requests and acknowledgements before sending the requested document
or files. This can cause serious congestion on the WAN links.
Bandwidth Management with m0n0wall | |
If you are an ISP or a network admin, responsible for allocating bandwidth to a given set of users, bandwidth shaping would surely be one of the challenges for you. Here is a free and easy way to do so using a live CD called m0n0wall available as an ISO image from m0n0.ch/wall/downloads.php. Setting up m0n0wall Shaping the traffic Next we attach this pipe to an IP |
|
Set up inbound/outbound rules from the m0n0wall Web GUI's Traffic Shaper page to control how traffic flows between different systems |
TCP acceleration requires packet resizing for optimal performance, which is
done using TCP window adjustment algorithms. TCP acceleration also requires high
speed TCP management and round trip management to provide correction for more
than one packet loss. Similarly for CIFS and NFS caching techniques are used in
which acceleration devices can generate read-ahead or write-behind requests to
the server to reduce round trip delays.
Another technique used for faster file services over the WAN is WAFS (Wide
Area File Services). This is more of a caching technique than a technology. If
any file or request is made for first time, then that file is cached. If the
same file is requested for again, then it's provided from cached memory.
While this technique can considerably improve performance over the WAN, it
has some concerns as well. One is data protection. How secure is the data lying
in the cache. Second issue is synchronization issues. What if the link goes down
during a file transfer? Later the file it was supposed to send undergoes a
change. Will the appliance send the new file, or will it pick up the old file
from the cache and send it?
Thin Clients and Terminal Services |
As the outsourcing wave takes a firm grip worldwide, thin client traffic is
shaping up to become a significant portion of WAN traffic. So, we have included
thin clients in this section.
The concept of thin clients is not new. All applications are hosted centrally
on the server, and all that the remote thin client does is to pass the mouse,
keyboard, and video signals over the WAN links. All processing is done at the
server end. There are many benefits of this approach. Some of these are:
- Savings in cost of deploying desktop PCs. Thin client devices don't have
much hardware. In fact they don't even have a hard drive or RAM. They just
have flash memory to store the configuration and the thin client software. - Users can access all applications running on different servers
irrespective of platforms that they are hosted on, from one or many thin
client devices. - They give better control over applications and data. With thin client
deployments, you can manage software and applications centrally on the
server. - Easy deployment.
- The data is safe and protected as it resides on the central server instead
of the client machine. Even the communication between thin clients and
servers is encrypted. - Troubleshooting becomes easy for system administrators. In a
network-centric infrastructure, all enterprise applications and software are
delivered through the server. This simplifies administration of the
infrastructure because your IT support staff can focus on a few servers
instead of hundreds of individual desktop PCs. In addition, any new updates
or changes to security software or applications on the server will get
immediately reflected across all thin clients in the enterprise.
Choosing a thin client
Before going for the thin client solution, you should first analyze the need for
it. You need to consider the following parameters before choosing a thin client:
- Whether you are using dumb terminals for accessing existing legacy
applications and need more power and flexibility for users? - If you have multiple offices in remote geographical locations and you want
to share your central IT resources. - You have multiple applications running on multiple platforms and you want
to give access to all these to your employees, sales partner, etc from a
single device. - You have highly sensitive data on your centralized datacenter and you don't
want to create copies of it on the user's desktop, while still giving them
access. - You have interconnected your central and satellite offices and are using
applications on a client-server architecture. Unfortunately, you have to do
frequent updates on application software at central and/or satellite offices
due to process change. - If you have distributed applications and data over a network
- A limited IT staff compared to huge IT resources or if you want to offer
end-user application support remotely.
Types of thin clients
Thin client devices are categorized in four categories-Basic, Robust, PXE and
Mobile.
Basic The basic thin client device has features like RDP, ICA and
optional terminal emulation. It lets you access basic remote terminal services
and applications from Windows or UNIX servers. You can run multi-user Windows on
a centrally managed server using either the Citrix ICA or the Microsoft RDP
protocol to remotely display on a user's desktop, the application running on the
server. This is quite cheap and provides an excellent performance. It does not
require any additional connectors like USB.
Applications of Thin Clients |
Call centers: Call centers can use thin client solutions to get connected to the data center for running applications. This avoids replication of data and keeps it safe at the company's premises and minimizes the chances of data theft. Banks: They use it at their remote Railways: Indian Railways is a good Airlines: Today booking a flight ticket Mobile users: Deploying thin client Work from Home: One just needs an |
Robust These devices have some advanced features as compared to basic
thin clients. They give you features like RDP, ICA, terminal emulation and a
built-in browser. Plus, they also have ability to attach external devices such
as a printer and USB storage.
Nowadays we have Robust thin clients coming with built-in sound card, that
allow users to stream audio files on their end. They have a built-in Web
browser, which lets users to run Web applications without placing any extra
burden on their servers. Because Robust thin clients support Citrix NFuse and
legacy dumb terminal emulations, they offer users access to basic HTML pages and
replace terminal screen.
PXE It converts your existing desktop PC to thin client devices. You
just need to add PXE network cards on all desktops. These desktops get booted
remotely from the remote boot server instead of local hard disks and get
converted into basic thin clients. You can use RDP, ICA or X terminal from them.
So, if you have old desktops lying around, you can convert them into thin
clients and use them. You can use LTSP (Linux Terminal Services Project) for
this.
Mobiles & thin clients
Now-a-days you can access your corporate applications using you mobile devices.
PDAs and mobile phones are coming with thin client plug-ins, which enable users
to access corporate servers remotely when they are on move. PDAs running Windows
CE can use Window Terminal Client or VNC to access Windows Terminal services,
VNC server, etc. Idokorro Mobile Desktop is a client for Windows Terminal
Services, Remote Desktop and Virtual Network Computing (VNC) for Smartphone
devices and BlackBerry. For more details checkout http://remotedesktop.
qarchive.org/downloads. html.
Deploying LTSP |
With PCQLinux 2006, we have created a new install option for implementing
terminal services on PCQLinux. For this we have used latest LTSP (Linux Terminal
Service Project). This is beneficial for those organizations that want to
outsource their business processes and want BPOs to access their datacenters
over thin client infrastructure.
On the client side LTSP requires a minimum of Pentium I with 64 MB and PXE
(Pre boot- eXecutable Environment) LAN interface. It does not require any hard
disk on the client machine, because it boots the thin client from the LTSP
server. This saves lot of cost as well. We recommend using identical hardware on
all your nodes if possible. This will make your life much easier when
configuring for drivers.
HP Compaq t5720 Thin Client | |
This thin client from HP comes in the category of Robust thin clients, because it also has an Internet Explorer browser. You can use this device to access RDP and ICA terminal client solutions. Plus, if you are not using any of the above mentioned terminal services in your office, then also you can use this to access Web-based applications using its browser. The thin client has a heart of AMD Geode NX 1500 1.0 GHz processor, 256 MB RAM and SiS741GX Integrated/UMA graphics with 16 MB shared graphics memory. It also has built-in audio, 6 USB, one serial and parallel port. The device runs on Windows XP Embedded. In addition, you don't have to configure anything for the connections; it's simply a plug and play device. The OS resides on 512 MB flash memory that can be expanded as per user requirements. We have tested this device with both Windows Terminal server and Citrix Presentation server and tried to access both full desktop and individual applications hosted on Citrix. The experience was seamless. We did not have to do any configuration for connecting to the terminal services. However, other thin clients that we have create connections separately. We also checked the audio quality of the devices, by accessing streaming music files from the media player application hosted on Citrix; the quality was pretty decent. |
|
Price: Rs 22,000 (1 yr warranty) Key Specs: AMD Geode NX 1500 1 GHz, SiS741GX Integrated/UMA graphics Contact: HP India, Gurgaon Tel: 9312666760 E-mail: durai-m.singh@hp.com |
Installing from PCQ Linux 2006
Boot a server class machine from the PCQLinux 2006 CD #1 and start the
installation process. Now from the install options select the 'Server'
option and select the 'Terminal Server' option from the Server options
screen. Press next to setup PCQ Linux 2006 server with terminal services. Before
starting the installation, PCQLinux installer will show you the package that you
have selected, here from the package selection list select Network services,
Legacy Network and Gnome and KDE desktop environment with KDE and GNOME
development. Once you are through with the installation, boot the machine in to
GUI and login as root. Make sure, the server on which you are configuring
Terminal Services is connected to Internet. Now, on the GUI console, open a
terminal window and on the terminal console type-in 'ltpsadmin.' This will
open a command line interface for you. Here, select 'Install/Upgrade packages.'
It will directly connect your machine to the Linux Terminal Server Project's
site and download the latest packages for you. Then installer will also ask you
for the install path; type '/opt/ltsp' and press Enter. When prompted,
select additional packages from the list shown pressing 'A' and then 'Q'.
Press Enter to confirm. The packages will be downloaded and installed.
After completing downloads, select 'Configure LTSP' from the installer and
press Enter. Here, you will be shown eleven options, one for each service.
Select all the services one by one and enable them by pressing Enter. It will
automatically configure the selected services.
DHCP server with PXE Boot
Now, you have to configure the DHCP server on PCQLinux 2006, the diskless
clients for IP address assignments. For this edit /etc/dhcpd.conf and add the
following lines as shown below:
ddns-update-style none;
default-lease-time 21600;
max-lease-time 21600;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.3.255;
option routers 192.168.3.1; #<-- Router or Gateway IP
option domain-name-servers 192.168.3.38; #<-- LTSP Server IP
option domain-name "ltsp.pcquest.local"; # <--domain name
option root-path "192.168.3.38:/opt/ltsp/i386";
#<-- NFS Share
option option-128 code 128 = string;
option option-129 code 129 = text;
subnet 192.168.3.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.3.80 192.168.3.253; # <-- DHCP IP Range
filename "/lts/2.4.26-ltsp-3/pxelinux.0";
#<- Boot image File
}
Restart the DHCP server.
# service dhcpd start
Wyse S10 Thin Client |
It's a small, cool looking device and takes very little space. It is also simple to install and use. |
Configuring clients
Now edit /opt/ltsp/i386/etc/ lts.conf file, and confirm the entries are
as given below:
SERVER = 192.168.3.38 (IP address of PCQLinux machine running Terminal service)
XSERVER = auto (Xserver driver for client machine)
X_MOUSE_PROTOCOL = "PS/2"
X_MOUSE_DEVICE = "/dev/psaux"
X_MOUSE_RESOLUTION = 400
X_MOUSE_BUTTONS = 3
USE_XFS = N
RUNLEVEL = 5
X_MODE_0 = 800x600
SCREEN_01 = startx
After this, issue the following commands:
# chown root:root /opt/ltsp/i386/etc/build_x3_cfg
# chmod 0755 /opt/ltsp/i386/etc/build_x3_cfg
In our above configuration, the XSERVER parameter contains the value 'Auto',
because we were using clients having different sets of display. Next step is to
enable GDM services on the terminal server, so that it can serve the GUI to the
client. In order to do so, open /etc/X11/gdm/gdm.conf file and scroll down to
entry and change the following entry as mentioned below:
Enable=true
HonorIndirect= true
MaxPending?= 4
MaxPendingIndirect?= 4
MaxSessions= 16
MaxWait?= 15
MaxWaitIndirect?= 15
DisplaysPerHost= 2
PingIntervalSeconds= 15
Port=177
Willing=/etc/X11/gdm/Xwilling
Save these entries in the gmd.conf and then issue the following commands:
# gdm-safe-restart
# service xfs restart
GIGABYTE Ultra Slim Thin Client | |
This is a hardware based thin client from GIGABYTE. It comes in a small form factor. The heart of the device is a VIA C7 1.0 GHz processor with 1 GB DDR RAM housed on GA-C7V7-ASI-RH-GB1 motherboard. It also has a built-in sound card and 10/100 Mbps LAN card. For display it has VIA UniChrome Pro + MPEG-2 decoder onboard graphics that connect to your monitor. In addition, it has 4xUSB ports for connecting additional USB devices such as USB printer and storage. It has one LPT and COM port. It's a plug and play thin client and very easy to setup. The device runs a stripped down version of Linux and gives a GUI interface once it is booted. On its desktop it shows two tools. One is used to configure the device network, mouse and keyboard settings, adding NFS and SMB shares setting, etc. The other is used to make new thin It supports all the terminal services |
|
Price: Rs 9,000 (1 yr warranty) Key Specs: VIA C7 1.0 GHz processor, 1 GB DDR RAM, 4 USB ports, onboard sound and LAN Contact: Gigabyte Technology, Mumbai Tel: 26526696 E-mail: sales@gigabyte.in |
With this, your LTSP server is ready to serve the diskless nodes. Connect the
diskless nodes to the network and boot them from their PXP LAN card. And in few
seconds you will get a GUI login screen on the nodes.
Give the user name and password to login and you will get default Gnome
interface on the nodes.
Windows 2003 for diskless clients
To configure PCQLinux2006 for serving Windows clients, just open /opt/ltsp/i386/etc/lts.conf
file, and add or change the entries as given below:
RDP_SERVER = 192.168.3.29 #(Windows Terminal
Server)
RUNLEVEL = 7
X_COLOR_DEPTH = 15
SCREEN_01 = rdesktop
2X ThinClient |
Server is a central deployment and thin client management solution. It
happens to be vendor independent software, i.e. at client side you can use any
thin client or you can convert your old computers into a thin client.
It can distribute OS to thin clients from a central location and manage the
thin client and sessions through web management console. All thin client devices
and users connection settings can also be managed via its web management
interface. It shows currently active thin clients and user sessions, generates
reports and includes a centralized database of thin client Syslog events.
At the client side 2X uses a small linux operating system as a ThinClient OS.
The 2X ThinClient OS itself can be retrieved from the TFTP server via PXE or
Etherboot, or it can be booted from a storage device or you can just boot it
through a CD-ROM as a live CD.
Using the LTSP Admin Tool you can watch all the required services that are needed for LTSP |
All connection settings are stored on the management console and upon
boot-up, thin clients connect to the server and retrieve the settings that will
determine how and which terminal server they will connect.
Settings can be applied to an individual thin client (by MAC address), by
username, by group (effectively capturing all the members of the group), or by
organizational unit (OU). The Server software can run on Windows as well as on
Linux.
Deploying 2X
Installing 2X ThinClient Server is simple, once the server is installed launch
it. First it will ask you to create a administrative account. Once it has been
created you can login to 2X's console with it.
When you login for the first time, it will ask you to configure the
connections and provide the 2X ThinClient OS image. Here click on configure
connection button, a new window will open. Here provide a name for the
connection and choose which protocol you want to use.
By default 2X supports its own 2X published applications, Citrix published
applications, ICA and windows RDP protocol. You can also change a protocols
default settings if you want. To do this click on Add Protocol button, a new
window will open here provide a name for new protocol and specify is type i.e.
RDP or ICA etc.
In 2X ThinClient Server, you can customize default protocol settings and choose what kind of encryption, bandwidth, services, display, etc to use |
Now specify settings like how much bandwidth should be used by the protocol,
you can also enable or disable the encryption and you can also customize the
display settings. Now click on Users tab to choose which users will be logging
on from clients, here you can either choose the users from windows active
directory or create local users for 2X.
Once you have added the users and specified the protocol to use, last basic
configuration is left to specify the 2X ThinClient OS image. To do this you need
download 2XThinClient OS image from their website. If you plan to boot your thin
clients through CD, just burn the image and boot your ThinClients with it. If
you plan to use 2XThinClient's inbuilt TFTP server, from its main console
choose ThinClientOS under Thin Clients menu.
In the new window click on Browse button and provide the path of the downloaded
2XThinClient image. Now you can boot your thin clients with PXE boot option and
they will automatically boot through 2XThinClient OS.
After the 2X ThinClientOS has booted, it obtains its connection settings from
the 2X ThinClientServer. These settings are then used to connect to the terminal
server. After 2X ThinClientOS has booted, it obtains the IP address of 2X
ThinClientServer from the network settings returned by the DHCP server.
Once the clients have connected to the server, you can login back into the 2X
management console to manage the thincleint and sessions.
In main console the 'Sessions' node shows you the users that are or have
connected to a terminal server. There are 3 sub-nodes for currently active
sessions, past sessions and erroneous sessions.
To manage a thin client, click on the 'Manage' node under 'Thin Clients'. All
thin clients will be listed in the right pane. Here you can manage things like
Hostname, Printer to be used, input devices, display settings, logging etc.
Deploying Citrix MetaFrame Presentation Server |
|
This is an application virtualization solution from Citrix, available on all major platforms. It allows users to access applications, central business resources or full desktops remotely from the servers. Administrators can manage everything centrally. We implemented Citrix Presentation Server on a Windows 2003 Server. Before deploying it, you require ASP.NET 1.1 and the latest Javaruntime installed. Configuring IIS with ASP Citrix MetaFrame Presentation Server Publishing applications From the left panel select the Using published applications |
|
Citrix MetaFrame Access Suite lets you monitor entire server farms from a single console. This includes network security, alerts, etc |
Anil Chopra, Anindya Roy, Anubhav Verma, Sanjay Majumder, Swapnil Arora and
Vijay Chauhan