|
Thanks Ants posted:For arguments sake let's say you were doing DHCP on switches, if those switches were a Cisco stack with two members, does that automatically make the DHCP service HA, or do you have to pick a stack member for the service to run on? Automagically HA Now let's never speak of this again skooky fucked around with this message at 02:09 on Jan 11, 2015 |
#
?
Jan 11, 2015 02:06
|
|
|
|
| # ? May 22, 2024 18:26 |
|
|
Thanks Ants posted:Actually seeing those four letters together brought back a deeply-buried memory of a previous job where my boss kept massive spreadsheets of static IP addresses for things like printers, scanners, cameras, access points etc. and made the argument against setting static leases of "well, what if the DHCP service fails?". Which I never really understood because the clients wouldn't be doing much at that point and so it wouldn't matter. Speaking of static IP spreadsheets, we recently scuttled ours for GestioIP (  ) and it's pretty nice. Took all of an hour to get going with AD auth. Our infra engineer and vm admin get the most use out of it but it's nice to have if I forget the name of a server and don't have the DNS MMC snapin loaded on the computer I'm using. Infra guy set it to poll all of the subnets so now it's a central list of every IP device out there in a nice organized list. Bonus, it comes with a plain user group so I can give "look, don't touch" access to our more fuckup prone techs.
|
|
#
?
Jan 11, 2015 02:27
|
|
|
Che Delilas posted:next time I suggest getting your recruiting help from Robert Half. Let's not say things we can't take back.
|
|
#
?
Jan 11, 2015 06:01
|
|
|
Lord Dudeguy posted:Can we go back to talking about running DHCP on switches? At least you don't have to worry about CALs.
|
|
#
?
Jan 11, 2015 13:17
|
|
|
Once again I find myself explaining to Comcast that yes, I have a home account and a business account for my home. I have to explain for the umpteenth time that I have a home account for Xfinity TV channels and a business account for my internet and phone bundle that gives me static IP addresses and allows me to run services at my end hassle-free. I recently moved and Comcast gave me this fancy-pants gateway/wireless/switch thingy to replace my old gateway and I realized that I'm constantly broadcasting a SSID called "xfinitywifi" so that any Comcast user who wants to can log into this SSID and use MY BANDWIDTH for free. Isn't that nice of me? gently caress you Comcast. But there's more! I have a Sonicwall NSA4500 that I use for my firewall and to host BGP-enbled VPN connections to the various datacenters and Amazon Regions in which I host gear and when I tried to turn this fancy-pants gateway/wireless/switch thingy into dumb gateway mode to pass my static IP addresses straight to my firewall WAN interface I couldn't find the means to do it. So I call Comcast and was told by the technician NOT TO DO THIS BECUASE YOU WILL BREAK STUFF. When I told him I knew what I was doing and can I please have the same configuration I had at my last house less than a month ago, I was told it wasn't possible. "Bullshit!" I say and then hang up, redialing Comcast to get a different technician. So this technician tells me that all I have to do is disable DHCP and turn off the firewall to enable "Pass-Through mode". Which is also bullshit, because I'd still be using the 10.x.y.z network only now I'd have no DHCP server and no firewall protecting my poo poo. I hang up and call back a third time (and Yes! I DID know that I can look up the status of my account and any outages in my area by going online to Comcast.com! Thanks!) and finally get a technician who looks up from their book-o-scripts long enough to actually listen to my situation and agrees to send out a technician on their dime with a gateway that'll work like it used to work. gently caress you Comcast. edit: Also, gently caress me and my DIY proclivities. "Nah," I say. "I'll wire up my new house with cat-5 and coax myself," I say. "I totally have the free time to climb under and around and through my house to get wires from my cabinet in the (detached) garage to various places throughout the house," I say. "It's not like I have a well-paying full time job that allows me the financial freedom to hire an electrician to do it cleaner, faster and better than I can," I say. So now, is there a tool that allows me to test a network drop to figure out why the gently caress it takes five minutes to auto negotiate and pick up an IP address on any device on this drop, but the drop right next to it negotiates and picks up an IP address is less than a second? All I find on google are cable testers with two female RJ-45 ends to stick a cable in. Is there such thing as a network drop tester? Agrikk fucked around with this message at 19:07 on Jan 11, 2015 |
|
#
?
Jan 11, 2015 19:00
|
|
|
Agrikk posted:So this technician tells me that all I have to do is disable DHCP and turn off the firewall to enable "Pass-Through mode". Which is also bullshit, because I'd still be using the 10.x.y.z network only now I'd have no DHCP server and no firewall protecting my poo poo. This appears to be standard for Comcast dynamic IPs which as it is cheaper is OK I guess, the public IP port forwards everything to the private IP so it is a bit dumb on design.  We have annoying drifting audio lag from Comcast HDTV output which is very annoying and their support are 100% incompetent to resolve it, SDTV works fine, go figure.
|
|
#
?
Jan 11, 2015 19:15
|
|
|
Agrikk posted:So now, is there a tool that allows me to test a network drop to figure out why the gently caress it takes five minutes to auto negotiate and pick up an IP address on any device on this drop, but the drop right next to it negotiates and picks up an IP address is less than a second? All I find on google are cable testers with two female RJ-45 ends to stick a cable in. Is there such thing as a network drop tester? You can use a regular tester with a pair of known good patch cables to test the wall cabling  e: be careful not to accidentally connect a tester to the switch, the voltage might burn out the port on the switch
|
|
#
?
Jan 11, 2015 19:21
|
|
|
MrMoo posted:This appears to be standard for Comcast dynamic IPs which as it is cheaper is OK I guess, the public IP port forwards everything to the private IP so it is a bit dumb on design. I think what happened is that Comcast, being Comcast, gave me a home gateway instead of a business gateway and just set one of my static IP addresses on the WAN side. I wonder how they thought I was going to be able to use my other four statics? mewse posted:You can use a regular tester with a pair of known good patch cables to test the wall cabling Oh. Of course. Duh. Priding myself on never making my own cables I never bought a cable tester, not realizing the other use for it. Thanks for the tip!
|
|
#
?
Jan 11, 2015 19:36
|
|
|
Have everyone seen this yet? http://blogs.technet.com/b/volume-licensing/archive/2014/03/10/licensing-how-to-when-do-i-need-a-client-access-license-cal.aspx In short, you need a CAL to let your Printer or Apple TV get a DHCP from a Windows server.
|
|
#
?
Jan 11, 2015 23:47
|
|
|
Crowley posted:Have everyone seen this yet? They are just trolling at this point.
|
|
#
?
Jan 11, 2015 23:50
|
|
|
Because "the printer replies to the server" you must purchase a CAL, even though it is the server communicating to the printer. Hilarious.
|
|
#
?
Jan 12, 2015 00:36
|
|
|
Agrikk posted:I have a Sonicwall NSA4500 that I use for my firewall and to host BGP-enbled VPN connections to the various datacenters and Amazon Regions in which I host gear and when I tried to turn this fancy-pants gateway/wireless/switch thingy into dumb gateway mode to pass my static IP addresses straight to my firewall WAN interface I couldn't find the means to do it. So I call Comcast and was told by the technician NOT TO DO THIS BECUASE YOU WILL BREAK STUFF. When I told him I knew what I was doing and can I please have the same configuration I had at my last house less than a month ago, I was told it wasn't possible. "Bullshit!" I say and then hang up, redialing Comcast to get a different technician. The new Cisco modems for Comcast business (medium sized black rectangular prism that stands upright) have an "enable bridge mode" idiot button that actually does break everything, and the correct way to hook it up to a firewall is to yell at the tech several times "DO NOT PRESS THE ENABLE BRIDGE MODE BUTTON". Then you tell them to turn on pass through mode "the long way" by turning off DHCP and clearing out all firewall rules. Ask me how I know. I'm not sure what you mean by still being on the 10.x.x.x network - you can set the LAN static IP to whatever you want. Then as long as they've loaded the static properly on their end, it usually works... Happiness Commando fucked around with this message at 00:57 on Jan 12, 2015 |
|
#
?
Jan 12, 2015 00:55
|
|
|
Happiness Commando posted:The new Cisco modems for Comcast business (medium sized black rectangular prism that stands upright) have an "enable bridge mode" idiot button that actually does break everything, and the correct way to hook it up to a firewall is to yell at the tech several times "DO NOT PRESS THE ENABLE BRIDGE MODE BUTTON". Then you tell them to turn on pass through mode "the long way" by turning off DHCP and clearing out all firewall rules. Ask me how I know. If you've got 5 static IPs, you don't want to be NATted through just one of them.
|
|
#
?
Jan 12, 2015 01:02
|
|
|
Crowley posted:Have everyone seen this yet? Figure out the times you'll need CALs for a website with accounts and then ask yourself why anyone would run Windows for this.
|
|
#
?
Jan 12, 2015 01:42
|
|
|
Crowley posted:Have everyone seen this yet?
|
|
#
?
Jan 12, 2015 01:52
|
|
|
I'd have thought that in most environments each user would have a CAL anyway which should cover the printer (and whatever else) too. --- Pissing me off today: trying to remote into my work to do a few tidy up things before I get back next week. Firstly I'd forgotten just how badly our Sonicwall remote access box works - it needs either Java or ActiveX to actually connect and with more modern versions of IE there is the extra hoop of having to add it into the trusted sites list. Secondly I'd forgotten how awful and unresponsive our terminal server is (I'm just sure my cheap as dirt residential ADSL isn't helping any) Thirdly my inbox is full to the brim with requests for various things despite everyone knowing I'll be out of the office until next week
|
|
#
?
Jan 12, 2015 02:13
|
|
|
thelightguy posted:If you've got 5 static IPs, you don't want to be NATted through just one of them. Also, double-NAT can be a bitch of thing.
|
|
#
?
Jan 12, 2015 02:15
|
|
|
Got a server throwing SCSI Abort errors in the VMWare logs, but the RAID status is optimal, and no smart errors. Guess it's time again to phone Dell's useless support dissss posted:I'd have thought that in most environments each user would have a CAL anyway which should cover the printer (and whatever else) too. If you had something like a linux web server for instance you wouldn't be covered by any user cals I don't think. I wonder if anyone has been hosed over on auditing for poo poo like this. theperminator fucked around with this message at 03:23 on Jan 12, 2015 |
|
#
?
Jan 12, 2015 03:15
|
|
|
dissss posted:I'd have thought that in most environments each user would have a CAL anyway which should cover the printer (and whatever else) too. Two huge exceptions: shiftwork sites and schools.
|
|
#
?
Jan 12, 2015 04:19
|
|
|
Why are the instructions to every open source software the shittiest thing? Why do they all say "oh just enter the IP and credentials in the installer and it'll work that's really all there is to it  " and then it doesn't and you go digging through their forums and turns out you have to edit this and configure this (and this isn't like a complicated custom setup, you absolutely have to do this for it to work) and all this poo poo that is literally nowhere in their documentation or wikis? I got it working now, but holy christ it sucked getting it there.vv Hah, yeah, that makes sense. I guess I really should know that, given how much of my time is spent translating poo poo to our users who have no idea what the gently caress about anything (public school system). Dog Fat Man Chaser fucked around with this message at 04:52 on Jan 12, 2015 |
|
#
?
Jan 12, 2015 04:45
|
|
|
Dog Fat Man Chaser posted:Why are the instructions to every open source software the shittiest thing? Why do they all say "oh just enter the IP and credentials in the installer and it'll work that's really all there is to it Because it makes total sense to the engineers who wrote it. Most engineers don't speak end user. Seriously, like half my job is translating poo poo my engineers say.
|
|
#
?
Jan 12, 2015 04:49
|
|
|
ConfusedUs posted:Seriously, like half my job is translating poo poo my engineers say. I already told you, I deal with the goddamn customers so the engineers don't have to! I have people skills! I am good at dealing with people, can't you understand that? What the hell is wrong with you people?
|
|
#
?
Jan 12, 2015 05:04
|
|
|
Che Delilas posted:I already told you, I deal with the goddamn customers so the engineers don't have to! I have people skills! I am good at dealing with people, can't you understand that? What the hell is wrong with you people? I make this joke about once a week.
|
|
#
?
Jan 12, 2015 05:08
|
|
|
Many years ago (before Office Space came out) when I worked at a call center I had an old guy named Earl on the team I supervised. I poo poo you not he had made a board game and was trying to get everyone to try it. I can't remember what it was about but I put up with enough crap at that place that I kept avoiding getting sucked into his product testing. One time I took Saturday off and got a call from work... Earl had had a stroke and got carted out on a stretcher. He returned a few weeks later but he had changed and was sort of pissed off all the time. Which is normal if you work at a call center. When I saw Office Space it felt more like a biography than a comedy, right down to that goddamn banner they put up. 
|
|
#
?
Jan 12, 2015 05:20
|
|
|
Happiness Commando posted:The new Cisco modems for Comcast business (medium sized black rectangular prism that stands upright) have an "enable bridge mode" idiot button that actually does break everything, and the correct way to hook it up to a firewall is to yell at the tech several times "DO NOT PRESS THE ENABLE BRIDGE MODE BUTTON". Then you tell them to turn on pass through mode "the long way" by turning off DHCP and clearing out all firewall rules. Ask me how I know. What I meant was that I'd still be on a RFC 1918 network, and not on a publicly accessible space that routes to my 5 public IP addresses. I'm not sure I understand how turning off DHCP and clearing firewall rules achieves this. I'd still be behind a NAT device. thelightguy posted:If you've got 5 static IPs, you don't want to be NATted through just one of them. This. I want: code:
|
|
#
?
Jan 12, 2015 06:03
|
|
|
That's good to know. Thank you.
|
|
#
?
Jan 12, 2015 06:15
|
|
|
Agrikk posted:I recently moved and Comcast gave me this fancy-pants gateway/wireless/switch thingy to replace my old gateway and I realized that I'm constantly broadcasting a SSID called "xfinitywifi" so that any Comcast user who wants to can log into this SSID and use MY BANDWIDTH for free. Isn't that nice of me? gently caress you Comcast. Agrikk posted:So this technician tells me that all I have to do is disable DHCP and turn off the firewall to enable "Pass-Through mode". Which is also bullshit, because I'd still be using the 10.x.y.z network only now I'd have no DHCP server and no firewall protecting my poo poo. Agrikk posted:I hang up and call back a third time (and Yes! I DID know that I can look up the status of my account and any outages in my area by going online to Comcast.com! Thanks!) and finally get a technician who looks up from their book-o-scripts long enough to actually listen to my situation and agrees to send out a technician on their dime with a gateway that'll work like it used to work. Agrikk posted:edit: Also, gently caress me and my DIY proclivities. F4rt5 fucked around with this message at 06:44 on Jan 12, 2015 |
|
#
?
Jan 12, 2015 06:39
|
|
|
Be a sys admin they said. You'll make a ton of money they said.
|
|
#
?
Jan 12, 2015 10:51
|
|
|
MC Fruit Stripe posted:Be a sys admin they said. You'll make a ton of money they said. It's challenging, to not kill yourself at least.
|
|
#
?
Jan 12, 2015 12:06
|
|
|
Dog Fat Man Chaser posted:Why are the instructions to every open source software the shittiest thing? Why do they all say "oh just enter the IP and credentials in the installer and it'll work that's really all there is to it There's always a bunch of neckbeards at every workplace who come out of the woodwork to somehow whiteknight this aspect of open source software, but the fact of that matter is that being free is a moot point when something sucks up an inordinate amount of time in configuration and maintenance. See: Nagios.
|
|
#
?
Jan 12, 2015 14:33
|
|
|
Dog Fat Man Chaser posted:Why are the instructions to every open source software the shittiest thing? Why do they all say "oh just enter the IP and credentials in the installer and it'll work that's really all there is to it I'm an old linux admin who eventually became an NT and now a modern windows admin. I really love linux, but every time someone suggests I implement linux versions of xyz microsoft product my rear end in a top hat puckers up so hard I can't even pass gas for a month. As much as reading Microsoft documentation sucks, I can usually muddle through about any install they offer in fairly short order. Meanwhile in linuxland I'd probably still be installing the dependencies and oh wait oh poo poo this only works on RHEL 9, and for some reason PHP v 3.4, and the author is a groggy old neckbeard who died of a stroke two years ago and the guys currently maintaining the codebase are hosting a private war on what the new features should be, while one guy is arguing about what GNU like... really means man. I can't be loving bothered.
|
|
#
?
Jan 12, 2015 16:54
|
|
|
Rhymenoserous posted:I'm an old linux admin who eventually became an NT and now a modern windows admin. I really love linux, but every time someone suggests I implement linux versions of xyz microsoft product my rear end in a top hat puckers up so hard I can't even pass gas for a month. As much as reading Microsoft documentation sucks, I can usually muddle through about any install they offer in fairly short order. Meanwhile in linuxland I'd probably still be installing the dependencies and oh wait oh poo poo this only works on RHEL 9, and for some reason PHP v 3.4, and the author is a groggy old neckbeard who died of a stroke two years ago and the guys currently maintaining the codebase are hosting a private war on what the new features should be, while one guy is arguing about what GNU like... really means man. Hi, Linux hasn't had these problems in years. Dependency resolution happens automatically now, the RHEL and Ubuntu LTS lifecycles are long enough that you don't need to worry about distro versioning for software (and there's large enough that every major utility targets them, so they're guaranteed to work with the versions they have), and Linux is a lot more professional in general. I could make a lot of 10-year old complaints about Windows, too, but they're both a lot better than they used to be. NT in particular was a steaming pile. There's no reason to re-invent AD on Linux or anything (and AD is flatly better), but the world is a lot flatter than this. psydude posted:There's always a bunch of neckbeards at every workplace who come out of the woodwork to somehow whiteknight this aspect of open source software, but the fact of that matter is that being free is a moot point when something sucks up an inordinate amount of time in configuration and maintenance. See: Nagios. Nagios sucks, and documentation sucks, but it's better than it used to be. At the very least, having most software on github or similar instead of tracking down a CVS repository to find a README makes it much easier to find a developer (or the appropriate IRC channel) if the docs are bad. And the docs are bad. But they're improving for most projects, and that's got to be worth something.
|
|
#
?
Jan 12, 2015 17:09
|
|
|
psydude posted:There's always a bunch of neckbeards at every workplace who come out of the woodwork to somehow whiteknight this aspect of open source software, but the fact of that matter is that being free is a moot point when something sucks up an inordinate amount of time in configuration and maintenance. See: Nagios. Coincidentally, I was at a conference recently (HECC) and took a class in FOSS, which is where I heard of the thing I've been installing and bitching about in the first place. They also kept bringing up Nagios a lot! new bitch, users straight up lying to me about poo poo, take today for example:  (email) The software we need installed for the testing tomorrow isn't installed at my school's labs, I checked this morning it's not there! (email) Odd, I distinctly remember deploying it last night. Let's see what's happening *checks, software is in fact installed on a random PC* *checks, software is in fact installed on EVERY PC* *checks, shortcut is even on all desktops* *gets mad, checks logs, sees not only has not logged in today, the lab computers haven't even been powered on today* *realizes it's a snow day and hasn't even been here today*Dog Fat Man Chaser fucked around with this message at 17:16 on Jan 12, 2015 |
|
#
?
Jan 12, 2015 17:10
|
|
|
evol262 posted:Nagios sucks, and documentation sucks, but it's better than it used to be. At the very least, having most software on github or similar instead of tracking down a CVS repository to find a README makes it much easier to find a developer (or the appropriate IRC channel) if the docs are bad. And the docs are bad. But they're improving for most projects, and that's got to be worth something. I just have a hard time understanding why we can drop $100,000 on IDS/IPS devices but won't spring for decent network monitoring/management software to track them.
|
|
#
?
Jan 12, 2015 17:14
|
|
|
Nagios is the worst piece of poo poo I've ever used. It's hella useful though.
|
|
#
?
Jan 12, 2015 17:22
|
|
|
psydude posted:I just have a hard time understanding why we can drop $100,000 on IDS/IPS devices but won't spring for decent network monitoring/management software to track them. My experience has been that every network monitoring/alerting system sucks, just that Zabbix sucks the least and Nagios sucks a little harder than most (but it's old, it's flexible, and people are unreasonably attached to it). For just monitoring traffic and graphing, there are a lot of good choices. Something about adding alerting/management drags it into a black hole of suck.
|
|
#
?
Jan 12, 2015 17:29
|
|
|
We used WhatsUp Gold at my last job with the APM plugin and it did a pretty good job. Easy to configure and manage and it had some nice reporting and alerting features.
|
|
#
?
Jan 12, 2015 17:36
|
|
|
Speaking of poo poo/nonshit software, what are people using for documentation? I really like the look/feel of the fortinet document library (http://docs.fortinet.com) but it looks like something custom they did themselves. Would kill to have that kind of functionality in house for us.
|
|
#
?
Jan 12, 2015 17:36
|
|
|
psydude posted:We used WhatsUp Gold at my last job with the APM plugin and it did a pretty good job. Easy to configure and manage and it had some nice reporting and alerting features. A guy that used to work here used it and it seemed alright. I should see if I can get my hands on it again.
|
|
#
?
Jan 12, 2015 17:37
|
|
|
|
| # ? May 22, 2024 18:26 |
|
|
evol262 posted:Hi, Linux hasn't had these problems in years. Dependency resolution happens automatically now, the RHEL and Ubuntu LTS lifecycles are long enough that you don't need to worry about distro versioning for software (and there's large enough that every major utility targets them, so they're guaranteed to work with the versions they have), and Linux is a lot more professional in general. Man, our support guys run into dependency issues daily, so it can't be as automatic as all that.
|
|
#
?
Jan 12, 2015 17:37
|
|