Working with PYSNMP con’t – SNMP simple SETs

So inspired by @KirkByers blog on SNMP which I wrote about here using Python 3, I decided that I wanted to go past just reading SNMP OIDs and see how PYSNMP could be used to set SNMP OIDs as well.  As with anything, it’s best to start with the docs and apply the KISS principle.

Why SNMP?

Although RESTful APIs are definitely an easier, more human readable, way to get data in and out of a network device, not all network devices support modern APIs. For a lot of the devices out there, you’re still stuck with good ol’ SNMP.

Tools

SNMP is a horrible human readable language. We have MIBS to translate those nasty strings of digits into something that our mushy brains can make sense of. Thats known as a MIB Browser. There are a lot of MIB browsers out there, which one you use doesn’t matter much, but I would HIGHLY recommend that you get one if you’re going to start playing with SNMP.

http://www.ireasoning.com has a free version that works great on Windows and supports up to 10 MIBs loaded at the same time.

The Goal

There are a lot of powerful actions available through the SNMP interface, but I wanted to keep it simple.  For this project, I wanted to go after something simple. For this project, I wanted to use SNMP to change the SYSCONTACT and SYSLOCATION fields.

For those of you who are used to a CLI, the section of the config I’m looking after resembles this.

 snmp-agent sys-info contact contact

 snmp-agent sys-info location location

 

The Research

So I know what I want to change, but I need to know how I access those values though SNMP. For this, I’ll use the MIB Browser

 

Using the MIB Browser, I was able to find the SYSLOCATION MIB which is identified as .1.3.6.1.2.1.1.6.0

Screen Shot 2014 11 28 at 1 37 36 PM

I was also able to find the SYSCONTACT MIB which is identified as .1.3.6.1.2.1.1.4.0

Screen Shot 2014 11 28 at 1 37 14 PM

 

So now I’ve got the two OIDs that I’m looking for.

The Code

Looking through the PYSNMP documentation, there’s an example there of how to do an  SNMP SET. But they threw in a couple of options there that I didn’t want, specifically, I didn’t want to use the lookupNames option. So I changed the lookupNames option to False and then I was able to use the OIDs above directly without having to find the names of the MIBs.

So looking through the code below, you can see that I’ve created a function which will take an input syscontact and use it as the variable to set the MIB object  .1.3.6.1.2.1.1.4.0 which corresponds to the

SNMP-AGENT SYSCONTACT …  in the configuration of the device.

from pysnmp.entity.rfc3413.oneliner import Camden

cmdGen = cmdgen.CommandGenerator()

#using PYSNMP library to set the network devices SYSCONTACT field using SNMP
def SNMP_SET_SYSCONTACT(syscontact):
errorIndication, errorStatus, errorIndex, varBinds = cmdGen.setCmd(cmdgen.CommunityData(‘private’),cmdgen.UdpTransportTarget((‘10.101.0.221’, 161)),(cmdgen.MibVariable(‘.1.3.6.1.2.1.1.4.0’), syscontact), lookupNames=False, lookupValues=True)
# Check for errors and print out results
if errorIndication:
print(errorIndication)
else:
if errorStatus:
print(‘%s at %s’ % (errorStatus.prettyPrint(),errorIndex and varBinds[int(errorIndex)-1] or ‘?’))
else:
for name, val in varBinds:
print(‘%s = %s’ % (name.prettyPrint(), val.prettyPrint()))

 

 Running the Code

Now we run the code

>>>
>>> SNMP_SET_SYSCONTACT(‘test@lab.local’)
1.3.6.1.2.1.1.4.0 = test@lab.local
>>>

Looking back at the MIB Browser we can see that the SYSCONTACT location has been changed to the new value above.

Screen Shot 2014 11 28 at 2 24 50 PM

And when we log back into the network device

 snmp-agent sys-info contact test@lab.local

 snmp-agent sys-info location location

 

Wrap Up

This is just a small proof-of-contact code that shows, although RESTful APIs are definitely sweeter to work with, they are not the only way to programatically interface with network devices.

Comments or Questions?  Feel free to comment below

 

@netmanchris

 

 

 

Advertisements

Playing with Solarwinds Orion NPM – How to recover from a corrupted database

I can’t believe it’s been that long, but I recently realized that my Solardwinds SCP has actually slipped. The SCP was one of the first certifications focused on network management and, as I’m sure you can imagine, I was in there as an early adopter. The training was really good ( I still miss Josh Stevens!) and the test was one of the best tests I’ve every taken in IT. It had some REALLY evil questions on there. You know the kind… the ones that prove you either know your stuff or you don’t.  No messing around with ambiguities. Ahh… good times.  On to the present though.

Open Disclosure

I’m assuming because of the major focus of my blog is network management, I was approached by Solarwinds and offered an NFR license for a couple of their products to run in my labs. As with them, I think it’s important for my readers to understand that I work for HP and sometimes find myself in competition directly against these products. I do also find myself giving some guidance to customers who are using Solarwinds products and trying to manage their HP Networking products through the Orion console. It’s the experience of using NPM and NCM to manage HP Networking equipment that I’m going to try to focus on.  Please don’t ask me to compare products.  I told you where I get paid and you can guess what my official opinion is going to be. 🙂

Orion NPM

The first product I wanted to play with is Solarwinds NPM. Solarwinds has a great following and has been around for a lot of years. There were some things that I really didn’t like about this a few years back when I passed the SCP and it will be interesting to see how the product has improved overtime and whether my old issues have been fixed.

Specifically, I was never happy with the half-enabled web-console.  The fact that I had to bounce back and forth between the windows console and the web browser to get anything done was frustrating to say the least. I know there were a lot of improvements made in Orion 10, and I’ve heard good things about 10.5 specifically.  I downloaded 10.5 and will be upgrading to the 10.6 with hot fix 3 tonight. I’m really excited to see the improvements that Solarwinds has made in the years since I last had my hands dirty with the platform.  WIsh me luck!

Before we get started…

So this is detailing some the issues I had getting NPM up and running.  To say the least, I had some issues. ( as detailed below ).  I’ve written down the symptoms and the fixes that I went through, but to be honest, this was just a REALLY bad Windows build. Sometimes, there’s just nothing you can do when the base operating system gets corrupted right from the initial install.

 

Installing

To be honest, I had some issues getting it running. The licensing actually crashed and somehow it was assigned in the Solarwinds system, but never applied to my system. I also made the mistake of downloading the package that didn’t have SQL installed ( wasn’t clear and I didn’t read the documentation closely enough ).  On the bright side, Solarwinds support actually helped me through this one in about 24 hours. Sometimes thing happen during an install, so I can’t complain too much. Plus, I should have paid more attention when flipping through the documentation. My bad.

Unscheduled Interuption.

Ahhh… well… Sometimes things don’t go as planned.  I had an unscheduled power outage tonight and it seems something has gone wrong with my installation.

NewImage

Google didn’t come up with anything. So I’m off to follow the SQL Management studio where the SolarWindsOrion database is marked as suspect…. hmmm… that’s not good.

A couple of scooby snacks and some super-sluething later and I come up with this link

In a nutshell, it looks my SQL database has been corrupted somehow and it’s now showing up as suspect in the Microsoft SQL server management console. ( While I was banging my head against this problem, I didn’t take a good screen capture. So this is where I ask you to imagine a big yellow exclamation mark of DOOM over the SolarwindsOrion database in the following image.  )

NewImage

Looks like the power outage REALLY messed up the SQL database.  But GoogleTechnician to the rescue!

Solarwinds Configuration Wizard – Attempt #1

So now I’m off to the Solarwinds Configuration tool ( on the console of the windows server ). For this attempt, I run the database configuration only. Thinking, I’ve got a database, issue, let’s just run the database configuration wizard and that should fix it, right?

NewImage

Nope… doesn’t look like this is going to work either

NewImage

Solarwinds Configuration Wizard – Attempt #2

So now I’m off to the Solarwinds database.  Hmm.. nothing on this error.

At this point, I just try what any good network guy does. I start clicking things and seeing if anything will work.

So this is what I did

  •  Logged into the Microsoft SQL Management console and reset the password on the SolarWindsOrionDatabaseUser account to something I knew.
  • Re-ran the Solarwinds Configuration Wizard. This time, instead of just the database, I’m going to re-run this for the Database, Web Site, and the Services.

note: Normally at this point, I would pull the plug, call the patient dead and re-install. But this was supposed to be a learning experience, right? We’re certainly learning now, aren’t we?

NewImage

Look like I’m back in business! Good to go right?

NewImage

Nope. now it’s time to remove the license, delete the VM and start from scratch. I don’t want a known corrupted system monitoring my network, even in a lab.

Hopefully, this blog will help someone with a production Solarwinds deployment who gets this same nasty SQL suspect database error.

Lesson to Learn

In a lab, sometimes things happen. Take the opportunity for the full learning experience when things go wrong. It’s always fun to see if we can bring a system back from the dead. But remember, once you’re done with the learning. Scrap it. This is not the system that I want to be evaluating as I will always be wondering “Hmmm… I wonder if this is normal or if this is a result of that bad install.”

Things go wrong. Known good clone images just have something funky. I’ve seen registry issues on brand new windows installation. SQL strangeness etc… None of which I feel like dealing with for longer than necessary. With how easy it is now to deploy a new VM from a template. There’s just no need to subject myself to this kind of long term pain.

So before I go to bed tonight, I’m going to start cloning a new windows image so that I can re-do the entire install tomorrow night on a clean VM.

FOR THE RECORD :  I’m 100% sure this is not a normal Solarwinds Orion NPM installation tale. I just happened to be the lucky one who was hand-selected by the universe as it thought ” Hmmm…  who can I REALLY mess with today? “.

Can’t wait for tomorrow.

@netmanchris

Cisco Phones on HP Comware Switches

I ran into this again last week and I thought it might be a good idea to put this in writing for people who have made the choice to move to HP switches and still want to use the Cisco UC&C platform.  This is the HP Comware platforms configuration, I hope to hit the lab and write up a ProVision configuration as well in the near future. This is ONE way of doing this. For anyone considering implementing this, or any other technology, please read the documentation and try and understand what you’re typing in. There are a couple of different ways to get this to work, this is just the one I prefer as it’s easy for legacy Cisco folk to understand what’s been done in the configuration.

 

Debunking the Myths

Cisco Phones need Cisco PoE

It’s true that Cisco was the first vendor to release Power Over Ethernet Switches. Inline power ( as it was called in those days ) was first released on the Cisco 3500XL switches back in the day. This was different and proprietary version of the 802.3af standard that we all know and love today. Fortunately for Cisco, and unfortunately for many customers, the second generation of Cisco Phones, the 7940/7960 era was only powered by Cisco’s Inline Power standard. They just wouldn’t come up with standards-based 802.3af power.

This means that many customers had no choice but to buy the Cisco switches to support the Cisco phones. You always had the option of buying a power brick per phone at a cost of about 60$ a piece. Management nightmare. I only saw one customer ever do that. ( twitch twitch… twitch twitch… ok. I’m ok now )

There are a LOT of customers who still have those device in their environments, So the question becomes:

Can I still use HP switches if I have old Cisco phones? Cisco told me that my Cisco phones don’t work on HP switches.

The answer is: Yes. They will absolutely work!   HP has done the work to get older phones to work on both the Comware and ProVision devices. This blog is Comware focused, but I’ll try to get back with a ProVision configuration soon!

Configuring your HP Comware Switch to deliver PoE to Cisco Phones

On a Comware based switch, the commands you’ll need to use to get this working are the following at the global level

[HP_E5500EI]poe legacy enable pse 4

At the port level, you may also have to enable PoE on the port

[HP_E5500EI-GigabitEthernet1/0/1]poe enable 


Cisco Phones need CDP to work

Once upon a time, CDP was the only neighbour discovery protocol in town. Cisco needed a way to push the voice vlan to their pre-standard phones, and CDP became the easiest way for them to do this. Most other vendors at this time were using specific DHCP options in a standards based environment. Then along came LLDP and LLDP-MED.  Other than the isolated cases where the customer still has the original second generation Cisco Phones in place, there is virtually no reason to be using CDP for the voice vlan today. LLDP works great and is supported by all the leading telephony vendors, including Cisco phones since around 2007. (You might need newer firmware on your phones.)

So the question is:

How do I setup my HP switch to send the right voice vlan to my cisco phone using LLDP? And what about my older phones? Are you telling me I have to buy all new phones to move to HP?

The answer: Yes, we can use lldp, and No, you don’t have to buy new phones. 

Especially in an era of Microsoft Lync, I’m starting to see more and more customers with a mobile work force who are starting to abandon the traditional handset mentality. Or in some cases, it’s even better for the business because employees are actually bringing in their own mobile devices and installing the Microsoft Lync client. Who would have thought we would ever be happy having to buy our own phones for work? 🙂

So on to the configuration, I’m going to do two configurations here and it will quickly become clear why.  For older Cisco CDP phones, HP Comware switches use the MAC Address  OUI (object unique identifier ) which is basically the first half of the MAC address that is assigned to a specific vendor.  What this means is that for some Cisco environments who have been buying phones over a few years, you could end up having to manage a TON of MAC addresses OUIs in your switch configurations. The first example will be the quick way, although arguably slightly less insecure, to assign Voice VLANs to legacy Cisco Phones.  Although arguably, if you’re concerned about security in your environment, I would recommend that you replace all your legacy Cisco phones anyways considering the ( Legacy Cisco Phones allowed a packet capture on the PC port to capture Voice VLAN traffic as well.  ) 

For those who really want to do this the “right way”, you’ll still need to run the undo commands and replace the single voice clan mac-address statement in this configuration snippet with the 128 lines included at the end of this blog. ( Anyone know why Cisco burned through so many? Seriously? That’s a LOT of OUIs! I’m SURE they could have handled this with a lot less!). 

 VLAN leaking issues.

The Environment

 

Screen Shot 2012 10 31 at 12 16 02 AM

As you can see this is a pretty simple environment. CCM in VLAN10 connected to a HP 5500EI switch. The phone is directly connected to the switch on interface gigabit 1/0/5 and the PC is plugged into the phone.  The Phone should be sending all Voice traffic tagged on VLAN 20 and the PC should be sending all traffic untagged on VLAN 30.

Any questions?

 

Configuring your HP Comware Switch to deliver the Voice VLAN to Cisco Phones

The following commands are all performed at the global level.

  • #The following commands are used to disable the factory mac-address OUIs.
  • undo voice vlan mac-address 0001-e300-0000
  • undo voice vlan mac-address 0003-6b00-0000
  • undo voice vlan mac-address 0004-0d00-0000
  • undo voice vlan mac-address 0060-b900-0000
  • undo voice vlan mac-address 00d0-1e00-0000
  • undo voice vlan mac-address 00e0-7500-0000
  • undo voice vlan mac-address 00e0-bb00-0000
  • #These command creates a couple of  mac-oui’s which will respond to any LLDP-MED or CDP capable phone plugs into the network. 
  • voice vlan mac-address 0000-0000-0000 mask ff00-0000-0000
  • voice vlan mac-address 8000-0000-0000 mask ff00-0000-0000
  • undo voice vlan security enable

 

note: We need the large “any oui” wildcards to support the number of non-contiguous and broad range of Cisco Prefixes. 

  • # You must Globally enable LLDP
  • lldp enable
  • # You must enable LLDP for CDP Compliance mode
  • lldp compliance cdp

 

As you can see above, instead of having hundreds of voice vlan mac-address… with all of the Cisco OUI  ( scroll to the bottom for a list of the different Cisco specific mac-address OUIs that my peers and I have collected over the years ),  you can instead put in a single statement that will allow you to send out the voice VLAN when any Cisco phone plugs into the network.

Now for the interface specific commands

 

  • interface GigabitEthernet1/0/5
  • port link-mode bridge    <–  Switchport, Could be a routed port, but that won’t work here.
  • port link-type trunk    <–  Turns the port into a dot1q trunk. You need this to carry a tagged VLAN across the wire
  • port trunk pvid vlan 30    <–  Tells the port that it’s untagged VLAN is 30.
  • undo port trunk permit vlan 1    <– Removes VLAN 1  from the trunk port. Not necessary for this to work.
  • port trunk permit vlan 20 30    <– Allows the trunk to carry traffic from both the designated Voice and the Data VLANs.  
  • undo voice vlan mode auto   <– Turns off voice clan auto mode. 
  • voice vlan 20 enable       <– Tells the switch to advertise dot1q VLAN 20 as the Voice VLAN via LLDP-MED and CDP on this port.
  • broadcast-suppression pps 3000
  • undo jumboframe enable
  • apply poe-profile index 1   <– This calls to a centrally defined PoE profile.
  • stp edged-port enable   <– similar to port fast in Cisco terms.
  • lldp compliance admin-status cdp txrx    <– Allows read/write of CDPv2 packets on this port.

 

 

The Right Way vs. Reality

 

As most of you already know, the real world is messy. There are very often tradeoffs in the world, mostly in the way of time. The method I showed above does indeed work, and it removes the operation burden of having to keep track of Cisco’s unique mac-address OUIs. Is it the most secure method in the world? Probably not, but security is always a tradeoff between how difficult it is to implement and operate and how important it is to secure the information asset in question. 

 

Most phone calls just aren’t that important to be honest. 

 

But… for those of you who really insist on doing this the “right way”, I’ve included this non exhaustive list of the unique mac-address OUIs that Cisco has put on their phone models over the years. This is something that my peers and I have put together over the years and hopefully it might help someone out there.  If anyone does have additional Cisco Phone OUIs that are not included in this list. Please post them in the comments and I would be happy to update them here! 

 

Hopefully someone will find this helpful. If you do notice that something has changed and this configuration doesn’t work for you; Please feel free to drop me a line and let me know. I’ll be happy to update my blog. I’d rather be wrong and someone tell me than just thinking I’m right. : )

 

@netmanchris

 

List of Cisco Phone Mac-address OUIs

  • voice vlan mac-address 0002-B900-0000
  • voice vlan mac-address 0003-6B00-0000
  • voice vlan mac-address 0003-E300-0000
  • voice vlan mac-address 0005-3200-0000
  • voice vlan mac-address 0005-9A00-0000
  • voice vlan mac-address 0005-9B00-0000
  • voice vlan mac-address 0006-D700-0000
  • voice vlan mac-address 0007-0E00-0000
  • voice vlan mac-address 0007-5000-0000
  • voice vlan mac-address 0008-2100-0000
  • voice vlan mac-address 000B-5F00-0000
  • voice vlan mac-address 000B-BE00-0000
  • voice vlan mac-address 000B-BF00-0000
  • voice vlan mac-address 000c-ce00-0000
  • voice vlan mac-address 000D-2900-0000
  • voice vlan mac-address 000D-6500-0000
  • voice vlan mac-address 000D-BC00-0000
  • voice vlan mac-address 000D-ED00-0000
  • voice vlan mac-address 000E-3800-0000
  • voice vlan mac-address 000E-8400-0000
  • voice vlan mac-address 000E-D700-0000
  • voice vlan mac-address 000F-2300-0000
  • voice vlan mac-address 000F-3400-0000
  • voice vlan mac-address 000F-8F00-0000
  • voice vlan mac-address 0011-2000-0000
  • voice vlan mac-address 0011-2100-0000
  • voice vlan mac-address 0011-5C00-0000
  • voice vlan mac-address 0011-9300-0000
  • voice vlan mac-address 0011-BB00-0000
  • voice vlan mac-address 0012-0000-0000
  • voice vlan mac-address 0012-7F00-0000
  • voice vlan mac-address 0013-1900-0000
  • voice vlan mac-address 0013-1A00-0000
  • voice vlan mac-address 0013-7F00-0000
  • voice vlan mac-address 0013-8000-0000
  • voice vlan mac-address 0013-C300-0000
  • voice vlan mac-address 0013-C400-0000
  • voice vlan mac-address 0014-1C00-0000
  • voice vlan mac-address 0014-6900-0000
  • voice vlan mac-address 0014-6A00-0000
  • voice vlan mac-address 0014-A900-0000
  • voice vlan mac-address 0014-F200-0000
  • voice vlan mac-address 0015-6200-0000
  • voice vlan mac-address 0015-2B00-0000
  • voice vlan mac-address 0015-F900-0000
  • voice vlan mac-address 0015-FA00-0000
  • voice vlan mac-address 0016-4600-0000
  • voice vlan mac-address 0016-4700-0000
  • voice vlan mac-address 0016-C800-0000
  • voice vlan mac-address 0017-0E00-0000
  • voice vlan mac-address 0017-5900-0000
  • voice vlan mac-address 0017-5A00-0000
  • voice vlan mac-address 0017-9400-0000
  • voice vlan mac-address 0017-9500-0000
  • voice vlan mac-address 0017-E000-0000
  • voice vlan mac-address 0018-1800-0000
  • voice vlan mac-address 0018-1900-0000
  • voice vlan mac-address 0018-1D00-0000
  • voice vlan mac-address 0018-7300-0000
  • voice vlan mac-address 0018-B900-0000
  • voice vlan mac-address 0018-BA00-0000
  • voice vlan mac-address 0019-0600-0000
  • voice vlan mac-address 0019-2F00-0000
  • voice vlan mac-address 0019-3000-0000
  • voice vlan mac-address 0019-AA00-0000
  • voice vlan mac-address 0019-E700-0000
  • voice vlan mac-address 0019-E800-0000
  • voice vlan mac-address 001A-2F00-0000
  • voice vlan mac-address 001A-6D00-0000
  • voice vlan mac-address 001A-A100-0000
  • voice vlan mac-address 001A-A200-0000
  • voice vlan mac-address 001B-0C00-0000
  • voice vlan mac-address 001B-2A00-0000
  • voice vlan mac-address 001B-5300-0000
  • voice vlan mac-address 001B-5400-0000
  • voice vlan mac-address 001B-D400-0000
  • voice vlan mac-address 001B-D500-0000
  • voice vlan mac-address 001C-5800-0000
  • voice vlan mac-address 001D-4500-0000
  • voice vlan mac-address 001D-A200-0000
  • voice vlan mac-address 001E-1300-0000
  • voice vlan mac-address 001E-4A00-0000
  • voice vlan mac-address 001E-7A00-0000
  • voice vlan mac-address 001E-F700-0000
  • voice vlan mac-address 001F-6C00-0000
  • voice vlan mac-address 001F-9E00-0000
  • voice vlan mac-address 0021-1B00-0000
  • voice vlan mac-address 0021-5500-0000
  • voice vlan mac-address 0021-A000-0000
  • voice vlan mac-address 0022-5500-0000
  • voice vlan mac-address 0022-9000-0000
  • voice vlan mac-address 0023-0400-0000
  • voice vlan mac-address 0023-5E00-0000
  • voice vlan mac-address 0023-EB00-0000
  • voice vlan mac-address 0024-9700-0000
  • voice vlan mac-address 0025-8400-0000
  • voice vlan mac-address 0026-0B00-0000
  • voice vlan mac-address 0026-9900-0000
  • voice vlan mac-address 0026-CB00-0000
  • voice vlan mac-address 0030-9400-0000
  • voice vlan mac-address 04C5-A400-0000
  • voice vlan mac-address 04FE-7F00-0000
  • voice vlan mac-address 0817-3500-0000
  • voice vlan mac-address 081F-F300-0000
  • voice vlan mac-address 108C-CF00-0000
  • voice vlan mac-address 18EF-6300-0000
  • voice vlan mac-address 1C17-D300-0000
  • voice vlan mac-address 2893-FE00-0000
  • voice vlan mac-address 3037-A600-0000
  • voice vlan mac-address 5475-D000-0000
  • voice vlan mac-address 58BC-2700-0000
  • voice vlan mac-address 6416-8D00-0000
  • voice vlan mac-address 68BD-AB00-0000
  • voice vlan mac-address 68EF-BD00-0000
  • voice vlan mac-address 6C50-4D00-0000
  • voice vlan mac-address 9CAF-CA00-0000
  • voice vlan mac-address A40C-C300-0000
  • voice vlan mac-address A8B1-D400-0000
  • voice vlan mac-address B414-8900-0000
  • voice vlan mac-address B4A4-E300-0000
  • voice vlan mac-address B8BE-BF00-0000
  • voice vlan mac-address D057-4C00-0000
  • voice vlan mac-address DC7B-9400-0000
  • voice vlan mac-address E804-6200-0000
  • voice vlan mac-address EC44-7600-0000
  • voice vlan mac-address ECC8-8200-0000
  • voice vlan mac-address F025-7200-0000
  • voice vlan mac-address FCFB-FB00-0000





 

Rethinking the UPoE value proposition

First, full disclosure: I am an HP Networking employee. All of the opinions comments and general snarkiness in this blog are my own though. I am writing this from my own personal perspective, not as an HP employee, but I think it's important that anyone reading this knows that I do have some skin in the game, at least in the big picture.

 

So a couple of weeks ago, I was having a conversation with someone at an HP event about VDI, UPoE, Thin Clients etc.. and I said “Yes! We've been talking to customers about the total solutions for Months! ”

Not many people realize how truly broad the HP portfolio is when you look at the entire company. So we have been talking for months about the ability to put together a complete VDI solution from HP.

Basically, you pick your flavour of Virtualization and then pick the appropriate Virtual System configuration. For those of you who don't know, Virtual System is an HP validated configuration specifically for different virtualization workloads. You do have options, either Xenserver on Hyper-V or VMWare View.

Then you can choose the appropriate HP Networking switch for your infrastructure, then you just need to attach one of the HP Thin Clients to connect your users to your applications.

So what does this have to do with rethinking the value prop of UPoE. When I first saw the 60 Watts per port blades that Cisco released on the 4500E last year, I thought

” Wow… I wonder how hot those cables will be?”

After I got past that though, I started thinking about what applications or devices would start to appear in the market to take advantage of these new capabilities? There were some examples out there, but I've noticed something interesting in the last year: Devices are using LESS power, not MORE power.

Do you remember when 802.11n access points first came out? They were one of the first devices that actually justified powering up to 803.3at devices. If you wanted 11n, you needed either power injectors or AT switches. Fast forward and today you can buy 3×3 MIMO with 3 spacial stream access points that will work on 11af Poe ports @ 15.4 watts or less. That's right, they will work on the same switches that you've probably had for years. No need to upgrade your infrastructure to support a new device. Just buy the new access points, get more throughput on your wireless and life is good.

The HP t410 All-in-one Thin Client

So a couple of weeks later, I was invited to a meeting with someone from the personal systems group division of HP to talk about how we had been evangelizing the products and then amazingly… he offered me a HP t410 AIO unit to play with!

I, of course, said

Heck yeah!!!

One week later, a couple of customer meetings and a skeptical twitter conversation, and it seems there's a lot of interest on the t410 at the moment. Mostly around the disbelief that anyone could get an all-in-one Thin client to actually run below 15.4 watts!

So I have collected some pictures of the experience to show you how easy this thing was to setup which was SILLY easy. I didn't include a picture of the box, but I think we've all seen an 18″ monitor and the link above also had some nice pictures of the unit. It's got a small foot print and a nice screen.

So without further ado…

1) Here's a picture of the Unit's Model Name. ( This was the last picture I took, but it's the one I have with the model name ).

Image 12

2) After I took it out of the box and plugged it into an old 3Com 4120 9 port PoE switch ( it's what I had ).

I got the following login page. From what I've read, if I had a “real” vdi solution that was broadcasting it's services, it would automatically detect the connection type and then connect to the server broadcasting the available sessions I think – No VDI in my home lab ( yet ) though so I get to manually select which type of VDI I would like to connect to. ( I chose RDP7 for a window 2008R2 server)

Image

3) It now prompts me for the Server name or address.

Image 1

4) I put in my username and password. ( I didn't need the other options ) and seconds later, I'm logged in.

Image 3

 

Pretty cool, right? (I'll save you the screen cap of a windows server desktop. ). I didn't get to test out the internal speakers since the VM I was connecting against had no sound cards.

 

So what about the PoE part? This is the awesome part.

Screen Shot 2012 09 28 at 10 10 54 PM

 

yup. That's right 10.6 watts while fully operating. Max of 13 watts, Average of 10.9 watts. Can you see why I question UPoE? Somehow the guys in the PC division at HP actually managed to put together a full all-in-one thin client with monitor and left JUST enough power for the keyboard, mouse, and the speakers as well ( I presume on the last one, never tested it ).

Caveats

Are the tradeoffs here? Of course! I've only playing with this for a few hours now, but so far. It's great. No issues at all. According to the data sheet, there are a few things that you will sacrifice in PoE mode though.

Specifically, there's the speed drop from Gig to 10/100. But in the case of a thin client, most of the streams are less than 2Mb +/-, so the whole speed drop is PROBABLY not going to cause anyone any issues.

The other thing, which I haven't experienced, is that the screen brightness will actually come down in the event that there's not enough power budget left on the switch to be able to fully power the unit.

 

Final Thoughts

This is a nice unit. It's got a small foot print. Nice screen. The out-of-box setup was extremely easy and the fact that it only draws 13 watts of power ( I'm using the max draw value I saw ) is absolutely AMAZING to me. It would have been easy for HP to start making Thin Clients that consumed more and more power to try and drive customers into purchasing new switches. Instead, HP threw some engineers at the problem and instead came out with a product that will work in customers existing environments without a costly upgrade.

As an HP Networking pre-sales engineer, I have to say it would be nice to have another reason for our customers to upgrade their switches, but as a human being, it makes me proud to work for a company that does the right thing for their customer and the environment.