Skip to main content

USB-over-IP goes mainstream

I've been into virtualization for a long, long time, so I was familiar with the USB-over-IP concept. It has always been the preferred way to bring USB into a virtual machine, because it doesn't limit the flexibility of virtualization: live migration (vMotion), failover (HA), fault tolerance, ... can all handle USB-over-IP.
But I was still surprised to find a cheap USB-over-IP device in a local computer store: the Belkin Network USB Hub, NUH for short. 100 USD list price, became EUR 90 retail price here in Belgium. Not the greatest deal around, but no reason to feel grumpy.
Now let's see what this baby can do: the test setup consists of the Belkin NUH and two clients: a Windows Vista 32-bit laptop connected over WiFI and a Windows 2008 R2 64-bit VM on VMware vSphere connected over wired GigE. Then I gathered a diverse set of USB devices: USB memory sticks, USB hard drives, a USB smartcard reader, and a USB CD/DVD writer.
The NUH gets a DHCP address by default (can be changed to a fixed IP). The Belkin software on each client detects the NUH on the LAN, shows you which USB devices are plugged in, and which system name is using each USB device.
Claiming a device is easy, and after installing a suitable driver, the device is ready to use. I didn't encounter problems using any device I tested !
So all in all, it works very well, and as easy as can be. However, as a virtualization user, I've got to consider home use as well. And I have to be honest: this device is probably not for production use. Why ? Let's look at both sides of the medal:
  • 5 USB ports can each be used by a different system
  • Easy setup
  • Wide compatibility. Every USB device that I tested worked. Even a webcam worked, even though Belkin says they don't guarantee the functionality of webcams and some other devices
  • Relatively cheap. I've seen solutions 3 to 5 times more expensive, including some with less functionality.
  • Windows only. That's a pity. The NUH runs an embedded OS (doesn't seem to be Linux however), and the protocol is probably Belkin-specific (I guess?).
  • Security aimed at home use: no passwords, no authentication. Every computer on the network can connect, see which USB devices are there, see who's using them, and connect to unused devices. True, the NUH can firewall (allow or deny) a couple of IP ranges, but anyone who can reprogram his own IP address on the LAN, can circumvent that. Using one NUH per OS and allowing just that one single IP address is the most secure option, but not the cheapest, nor the most manageable one.
  • Not that fast. I saw a sustained 3MBps from a client to the NUH, which is not the peak performance a USB disk can do.


Popular posts from this blog

Volkswagen UHV bluetooth touch adapter & its problems

My Volkswagen car has the "universal cellphone preparation" UHV built-in. This is the main part of a car kit, but requires an additional adapter for connecting to a cellphone. At first, I was using an adapter for my good old Nokia 6310, even after I changed to the Nokia E71. Connecting was easy: pair the phone with the "VW UHV" bluetooth entity, and done. This has the phone connected to the car kit at all times, so even non-call-related functions use the car audio system (e.g. voice recognition).
But progress will have its way, no matter what happens. So in comes the "bluetooth touch adapter". Instead of a phone-specific adapter, this is a small touchscreen device that slots into the UHV dashboard mount. Connecting a phone is very different now:
the Bluetooth Touch Adapter connects to the "VW UHV" device via bluetooth
the phone connects to "Touch Adapter" device, also via bluetoothThe device doesn't allow step 2 if step 1 didn't s…

How to solve "user locked out due to failed logins" in vSphere vMA

In vSphere 6, if the vi-admin account get locked because of too many failed logins, and you don't have the root password of the appliance, you can reset the account(s) using these steps:

reboot the vMAfrom GRUB, "e"dit the entry"a"ppend init=/bin/bash"b"oot# pam_tally2 --user=vi-admin --reset# passwd vi-admin # Optional. Only if you want to change the password for vi-admin.# exitreset the vMAlog in with vi-admin These steps can be repeated for root or any other account that gets locked out.

If you do have root or vi-admin access, "sudo pam_tally2 --user=mylockeduser --reset" would do it, no reboot required.

Multiple VLANs on a Synology NAS

Synology, like other SOHO/SMB NAS vendors, touts VLAN functionality with their current DSM 4.1 software. However, the web interface just lets you specify one VLAN tag to use over each eth interface (or bond interface).
Manual approachIn the busybox environment that you can ssh into as root (after enabling ssh through the webinterface), there's all the tools you need to use multiple VLANs over one link (eth or bond), however:
First you insert the 802.1q module into the Linux kernel:
 /sbin/lsmod | /bin/grep -q 8021q || /sbin/insmod /lib/modules/8021q.koThen you add each VLAN you need to every interface (bond0 in this example)
 /sbin/vconfig add bond0 4And finally you can configure IP addresses on every interface.vlan combination (bond0.4 in this example)
 /sbin/ifconfig bond0.4 broadcast netmask same type of script would work on a QNAP NAS too, by the way. They offer 8021q.ko and vconfig in their commandline environment as well.
Packets from…