We have a decent out of band remote access setup here at work. That’s basically a backup way of connecting to our network just in case something so catastrophic should happen that our entire edge and core network become unavailable from the outside, we can still connect through other means to administer devices through an internal subnet.
Basically, this is just a DSL connection from a different (and much bigger) ISP. While this is probably good enough for just about anything that I could possibly imagine, I think it could still be improved on.
Basically, I can think of three major failure modes: power loss, internal layer 2 network failure, and layer 3 transit failure. All three could be caused by operator error, a break in an infrastructural component, or some combination of failures likely to happen in the event of a major catastrophe.
If something should go awry, three things need to be in place in order to connect back: remote access devices need to have electrical power, they need to function as intended (i.e. the configuration should be as idempotent as possible), and they need to be able to reach the devices they’re there to manage.
At first I’m thought of something like this:
However, I think I could probably improve on this in a few ways:
- Reduce complexity by using some kind of embedded box rather than a full-blown computer. They draw a lot less power and they have less components to fail.
- Increase power redundancy by using a dual-feed switch to both feeds on both machines. I suppose this eliminates the failure mode of one power feed failure in combination with all transit and just one POTS provider going down
- Greater layer 2 interconnection to many different parts of the network rather than just two points of interconnection