NAS APPLIANCE  CHIC  

When outfitting NAS appliances, they can't be too thin or too feature-rich
  by Jack Fegreus 

The governing dictum for delivering a winning IT appliance to market is "Good stuff cheap." The appliance construct is simple: Solve an annoying if not complex IT problem with an easy-to-configure black box. Network attached storage (NAS) devices set off the appliance firestorm. Following the NAS success, appliance mania has spread to web servers, cache servers, and firewalls. 
OPENBENCH LABS SCENARIO

 

UNDER EXAMINATION

 • Wireless Linux storage appliance

WHAT WE TESTED

 • Xgate Wireless DSL Server 

www.servelinux.com  

HOW WE TESTED

 • ORiNOCO WiFi Silver card 

www.lucent.com/orinoco

 • DiskAccessNFS for Windows 

www.ssc-corp.com  

KEY FINDINGS

 •   Webmin and SLASH greatly simplify server configuration; however, a base level understanding of Linux is required.

 •   The default configuration neither initiates AppleTalk nor NFS file sharing

.•   The embedded Wireless Access Point can provide 40-bit WEP security, but encryption is not enabled by default

.•   Streaming video performance to wireless clients was exceptional, and the extended range proved to be an added bonus.

   Hand in hand with simplified ease-of-use, an appliance needs to carry a rock-bottom price tag, which makes client-access licenses utterly taboo. That's a prescription for Open Source if there ever was one, which explains why Samba, Apache, and either Linux or FreeBSD underpins virtually every NAS server on the market. As a result, Booz Allen & Hamilton projected that Linux appliance server revenue would be on the order of $3.8B in 2003.

   ServeLinux Networks comes at the appliance market from an interesting perspective. They've been building appliance-like 1U and 2U turnkey rackmount web servers for ISPs. What distinguishes these servers is their browser-based SLASH Console that enables non-technical staff to set up and manage domains and clients for web hosting, as well as configure DNS, FTP, and e-mail.

   Their newest product looks more like a model of the Museo Guggenheim in Bilbao than it does a utilitarian 2U web server. Nonetheless, this chic appliance targeting the SOHO and small business market utilizes a great deal of the software technology originally designed for web-server farms. Sporting a pricetag of under $1,000, this device would be an interesting competitor if all it did was provide file and printer sharing for Windows clients. This is the least of what this appliance can do.

   Dubbed the Xgate Wireless DSL Server, this server provides file sharing for Windows, MacOS, and Unix/Linux clients. For those ubiquitous Windows desktop systems, the Xgate naturally comes with Samba. For Unix clients, as well as PCs and Macs running packages such as DiskAccess from Shaffer Solutions and MacNFS from Thursby Software, there is NFS. The first surprise comes in the form of full support for Mac clients via the Open Source packages netatalk, which shares disk volumes and printer spools via AppleTalk and MacGate, which allows the Xgate to route existing Mac services.

   That's just the starting point. As a standard feature, the Xgate comes with an IEEE 802.11b Wireless Access Point built into the server.

   In its default configuration, that device—wlan0—supports wireless clients on a local subnet that Xgate assigns via DHCP. The 802.11b protocol operates within the 2.4 GHz ISM band with 14 channels. International regulatory agencies such as the FCC in the USA and ETSI in Europe determine which channels are available. Since nearly all countries allow use of channel 10, the latter is the default channel for the Xgate Wireless Access Point. 

   Using standard wireless network cards—we used Lucent ORiNOCO cards—it's quite easy to install an ideal wireless work environment for a department or a small business. As a result, knowledge workers can take full advantage of their portable computers: they can move to where their work takes them while maintaining continuous network access.

   Accessing the Internet via the Xgate, we utilized www.bmwfilms.com to test Xgate's ability to keep streaming video streaming. The access point's signal strength kept transmission at a rock-solid 11 Mb per second throughout our offices. We decided to up the ante by walking out of the office and down a long corridor to the building's central atrium. We didn't miss a frame. So down one flight of stairs we went and out the back door to a patio. At last the Xgate blinked. For a moment, throughput dropped to 4 Mb per second, but then quickly recovered. For a look at traditional file transfer benchmarks over a wireless network, check out "Free The Laptop", p029 in the June issue of Open.
The client access management software for the ORiNOCO wireless Ethernet card was easily able to identify the Xgate access port, which provided a very strong signal. (Click to enlarge) 
   With all this technology, the key question is: Can this appliance be managed by a totally non-technical member of the office staff? The answer to that question is a resounding "not exactly." While a rank amateur will be lost trying to manage the Xgate, a knowledgeable power-user or junior systems administrator will have no problem configuring services that would normally require an expert Linux guru.

   Remarkably, putting the Xgate up on the network in good working order is just as easy as unpacking and plugging in a Mac. ServeLinux Networks pre-installs Turbo Linux on the server and has written an initial three-step install script, which runs on the first boot up. This is the only time that it is necessary to have a keyboard and monitor attached to the server.

   The first screen inquires for the server's local IP address. The install script then suggests entries for the network mask, as well as addresses for a gateway and DNS server. The next screen asks for the full hostname of the server. The third screen asks to confirm the information entered on the first two. That's it. A quick 1, 2, 3 and the server reboots.

Webmin can be used to control a wide variety of server programs, such as FTP, Apache, DHCP, and DNS. In particular, the Bootup and Shutdown Module controls the initialization scripts stored in /etc/rc.d. This is particularly important, since neither NFS nor Appletalk file sharing is configured on the Xgate to start automatically. (Click to enlarge) 
   The tasks are deceptively simple. If you are as untrusting as OpenBench Labs, you'll leave a keyboard, mouse, and monitor plugged into the Xgate for contingencies. That would be a mistake. Leaving a keyboard and mouse plugged in created a resource conflict with our wireless access point software. The access point hardware came up transmitting a very strong signal which had all of the wireless clients synching up at the full 11 Mb per second. Everything appeared to be in order, except the Xgate could not process an access point interrupt.

   Once the Xgate has been configured and the keyboard, mouse, and monitor are unplugged, the appliance can be managed remotely using Telnet, the Open Source browser-based Webmin utility sponsored by Caldera Systems (www.webmin.com), or ServeLinux's browser-based SLASH (ServeLinux Administration Server Help) Console. By default, Xgate boots up with an IPchains-based firewall configured to permit telnet and Webmin access only from the local network.

   The basic requirement to run Webmin is a browser enabled for Java and Java script. For added security, Webmin uses the secure HTTP (HTTPS) protocol. As a result, all communications between the administrator and the server are fully encrypted and secure. 

In theory, any browser that supports tables and forms can be used with Webmin to perform routine system administration tasks. Nonetheless, we were unable to launch the Java applet for the File Manager module on a Mac client running OS X and IE 5.1 for the Mac. As its name implies, this module provides a means to navigate the Xgate's directory tree and edit files. (Click to enlarge)

 

   We did run into one problem using a Mac PowerBook running OS X as a wireless client. One of the most powerful Webmin modules provides a means to browse the server's directory tree and edit files. This is all done within an applet, which is downloaded to the client, when that module is activated. We could not get this applet to launch on a Mac. On a PC running Windows 2000 Professional, we encountered no problems.

   It should be noted that Webmin is not for the neophyte user of Linux. While it greatly simplifies configuration for those who understand what they are doing, the operative words are "for those who know what they are doing." Nonetheless, Webmin makes Xgate an ideal foil for infiltrating a Windows-centric enterprise.

   The software that really unleashes the power of the Xgate is ServeLinux's own SLASH Console. The SLASH Console provides an intelligent browser-based front end with which to configure a number of serious and complex tasks. The SLASH Console does not have complicated commands or syntax to learn. Most operations, including CGI, PHP, and even FrontPage extensions can be done with a mouse click. Because SLASH was created with ISP administration in mind, routine SLASH tasks include managing multiple domains and creating mail accounts, mail redirects, and auto responders with qmail. 

What really sets the Xgate apart from its competition is ServeLinux's SLASH console. On every page of SLASH, an administrator will find the three buttons: Clients, Domains, and Server. This provides the navigation needed to directly access information pertaining to users, any virtual domain defined on the server, or properties related to the server as a whole. In particular, we created distinct virtual web and e-mail hosting domains for each of the 4 lines of CCI's business. (Click to enlarge) 

   When logged into SLASH as an administrator, three buttons are always displayed on every page: Clients, Domains, and Server. These buttons link to the client administration page, the domain management page, and the server management page. This provides the basis for a powerful administration tool.

   For small businesses, this may sound like cracking open a peanut with a sledgehammer. Nothing could be further from the truth. SLASH harnesses the power of Linux and empowers the existing IT staff of a business to manage all their e-mail and hosting requirements in-house. No longer will technical skills be an issue that may limit a company's on-line presence. In a matter of minutes, an in-house administrator can set up multiple domains for multiple lines of business and provide each line of business its own e-mail and web identities.
The SLASH console nicely integrates all data to simplify domain configuration. When e-mail and web hosting data is entered, SLASH will automatically update the configuration of related services such as DNS. In this instance for www.e-open.ws, all of the DNS configuration data was extracted from entries to systems other than DNS.  (Click to enlarge)