Pete Boynton wrote:
> Another reason I want to keep it out of
> band is because if the device fails, we would be dead in the water
> right? Or does it matter? My understanding is if an OOB CAS fails
> users can still logon the network if you want to design it that way
> of course. Please let me know if I am wrong.

You are correct, the device fails closed. In virtual-gateway mode you
can replace the failed CAS with a patch cable temporarily. Real-IP mode
requires a bit of router rearrangement. OOB setups can fail open if you
so choose. Our switch gear not being Cisco-branded, in-band was our only
choice.

For what it's worth, we haven't had many hardware failures in five
years, none of which interrupted service (drive failures within a RAID 1
array, mostly). The only failures that affected service were fixed with
a reboot of the CAS, but those have been more frequent.
> 
> Hey my sister graduated from Oberlin two years ago and loved it!
> Sounds like a great school.

We are biased, of course ;-)  Thanks for the kind words. I have enjoyed
my tenure here.

-- 
Celebrating the 150th anniversary of the publication of the Origin of
Species.
-- Cal Frye, Network Administrator, Oberlin College
   Mudd Library, x.56930 -- CIT will NEVER ask you for your password!

   www.calfrye.com,  www.pitalabs.com

"An eye for an eye only ends by making the whole world blind. --Mohandas
K Gandhi.