I have an interesting problem for you all!
We have a slightly odd setup at our office for performing remote maintenence on client systems. In the past we used to have a bench of P.Cs on our DMZ subnet, and these were loaded with VPN clients (Cisco, Checkpoint etc..) Our support staff could use them to connect to remote networks, outside of our corporate Lan.
We recently moved offices, and due to the configuration of the building, there were staff spread over 2 floors all requiring access to a DMZ machine.
After tossing a few ideas around, we decided on a solution involving virtual machines.
We purchased the following:
1) Dell server with Win 2K8, 15K SAS drives, Quad-Xeon 3GHz CPU and 8GB of RAM
2) 10x Terminal Services Licenses
3) VMware Workstation
To connect to a remote system, a user can connect to a TS session on this server (which is on the DMZ) and launch an instance of VMware workstation. Once on VMWare workstation, a Virtual Machine is loaded with its own virtual NIC and DMZ ipaddress, and can be used to connect to a remote client as if it were a regular DMZ PC. The advantage is that the only data units being exchanged with the corporate network are RDC packets.
It all works surprisingly well, however, recently, the TS Sessions have been freezing every 10-20 minutes or so, for around 60-120 seconds. Its causing riots in customer services!
Interestingly, it seems to be the TS session that freezes, as when it un-freezes again, the virtual machine jumps forward and remains connected to a VPN, if one has been established.
The freezing happens whether there are many users or few.
The CPU usage never goes above 30%
The Memory usage never goes above 85% (is this high?)
When everything is running, performance is always excellent.
When there is a freeze, it affects everybody
I have monitored the services with a utility to try and catch an offending service when the freezing happens, but nothing jumps out at me.
There are no relevant errors in the event log.
Does anybody have any clues?
BTW, now ESXi and the VMWare infrastructure client are free, we are thinking of going down this route. However, it would be great to solve this as the outlay for the TS CALs and the OS was not insignificant!