Some of the worst infrastructural issues OpenRain has had since inception has been border hardware. We’ve been through all typical COTS models you’d find at Best Buy, but all have had issues with at least one of..
- Dropping inbound traffic due to some stupid “DDoS Protection” feature we couldn’t disable.
- Not passing VPN traffic though to an internal server.
But this latest POS–the Netgear FVS114–really takes the cake. Check it..
- Log in to http://www.workingwithrails.com
- Visit http://www.workingwithrails.com/person/new
- Listen for the sound of everyone simultaneously screaming “WTF!? The ‘net’s down!”
We’ve reproduced this issue with FireFox and Safari from multiple machines inside the network. Way to go, Netgear! (Might want to get on this one.) I’ll be buying some real hardware online in about 15 minutes.
Prior to moving into the new OpenRain office (announcement coming in June), we used OS X’s magical .local addressing to find all our servers. This allowed us to keep almost everything on DHCP, which is trivial to set up and administer. Little did we know, however, that this was being the root cause of many internal issues.
- General network I/O performance (file server access, OpenLDAP-based logins etc.) sucked. Simply using Server Admin or Workgroup Manager across the network would often take 5+ seconds to log in.
- Portable Home Directory (PHD) syncing, VPN and firewall services never seemed to work right, possibly due to nonequivalences between “server.example.com” and “server.local” in SSL and SSH. I’m not completely sure, but stuff broke in more ways than one.
Case in point: do not use bonjour-based DNS for your core network services. Use a proper DNS server from the start. DNS is a cornerstone dependency of all the other services provided by your Leopard server, so any performance issues you introduce at this level will carry through to your entire infrastructure.