netcurmudgeon (netcurmudgeon) wrote,

I think one of my engineers is a'gonna kill me.

We have a number of Nortel Contivity VPN boxes (they call them something else now, but everyone still calls them Contivity which we use to securely network the Police substations and the vice & narcotics division with Police HQ. They're good boxes in the sense that they're inexpensive, full-featured, reliable, and very secure. They are not so good boxes that they are picky, painful, and unintuitive to configure.

We have been having problems with the North substation ever since we turned it up. The link goes up and down randomly. Some days it's more down than up. AT&T has tested the T1 line and declared that it's not their problem (and further declared that if we call them on-site to test, and they find that it's still not their problem, they'll charge us for it). We've swapped T1 cards in the original Contivity, and today my engineer tried to swap out the box itself.

I say tried because the Contivity whipped his ass. His approach was to plunk down with the two boxes side-by-side and manually duplicate the configuration of the old box in the new box. But, the Contivity's web management interface has a decidedly non-linear structure. You need to hop from here to there and back to configure things like site-to-site VPN links. Also, with IPSec tunnels providing a Virtual Private Network (VPN) over Frame Relay, itself a virtualized system for connecting across the carrier's network -- witness the fact that one configures Frame Relay Permanent Virtual Circuits (PVCs) on top of the physical T1 line -- you've got layer upon layer of virtualization all in the same box.

Once you get it's quirky gestalt into your head, it starts to flow, but there was no flow for my guy today. Either in the head sense or the packets sense. He came back to the shop with the new unit in tow and the old unit still running at the substation. I think that he may want revenge on me for choosing this platform. The fact that the newer Contivitys have flash memory instead of physical hard disks, which makes the web management interface f*cking crawl, only fuels one's rage when one is already ready to sling the little gray box across the room, and I'm sure that had a hand in today's imbroglio too.

He has a week to cool off: both my engineers will be in training on the Passport 8600 in lovely Santa Clara California next week. One of the contractors and I will take a crack at the problem on Monday. Hopefully we'll get it fixed, and my engineer will have forgotten his ordeal after some golf in the sun with his unindicted-co-conspirator.

  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.