Topics created by FATeknollogee

If you do Security (In-House Mgt Console) and buy 25 licenses, it'll be $1,074.75
$25 less than 22 licenses.

I'm not sure what to look for since I don't have anything that has crashed

@FATeknollogee said in Edgerouter experts: UNMS to gui:

@JaredBusch said in Edgerouter experts: UNMS to gui:

No. Why would you want that anyway? You have the terminal already. If you really need the GUI, drop a quick allow in the firewall rules for your current public IP.

I like to have access to the GUI, I thought there was some "backdoor" way through UNMS.
The firewall rule is good enough, thanks.

It provides access to the CLI, but not to the GUI. If you want GUI access in that way, the trick is to make a remote proxy (a la Nginx) and do it that way, no need for UNMS.

@DustinB3403 said in Cockpit/Spice: connect to VM console:

@JaredBusch said in Cockpit/Spice: connect to VM console:

@DustinB3403 said in Cockpit/Spice: connect to VM console:

@JaredBusch said in Cockpit/Spice: connect to VM console:

@DustinB3403 said in Cockpit/Spice: connect to VM console:

@black3dynamite Can this be set via the CLI of cockpit?

These are not cockpit settings. what good would that do you?

Cockpit is meant to manage the server as a whole, so I would assume with the CLI interface from cockpit you could send the virsh commands to set this.

That is just a terminal session, so of course, not a cockpit CLI (ie a command line for managing cockpit only)

Ah, obviously I didn't explain myself clearly.

I meant using the console to send the virsh commands to set this from within the Cockpit webpage.

Right, that would of course work because it is simply a normal terminal session to the box. Just accessed via the Cockpit GUI instead of SSH or locally.

Upgraded from F29 to 30, also switched to Deepin.
So far, I'm liking the Deepin desktop.

IMG_0747.jpg

@JaredBusch said in Setup: EdgeRouter 4 + co-lo + infrastructure:

@scottalanmiller said in Setup: EdgeRouter 4 + co-lo + infrastructure:

@JaredBusch said in Setup: EdgeRouter 4 + co-lo + infrastructure:

@scottalanmiller said in Setup: EdgeRouter 4 + co-lo + infrastructure:

@Pete-S said in Setup: EdgeRouter 4 + co-lo + infrastructure:

@scottalanmiller said in Setup: EdgeRouter 4 + co-lo + infrastructure:

@Pete-S said in Setup: EdgeRouter 4 + co-lo + infrastructure:

Can't edgerouter do
failover?

As in a live/live cluster? That uses VRRP and yes, they can.

https://help.ubnt.com/hc/en-us/articles/204962174-EdgeMAX-Virtual-Router-Redundancy-Protocol-VRRP-

Then that is the way to go.

I would agree.

It is the best thing to do. Sadly I have never had the leisure to actually test it. I have a pair of ERL in colo but they were put in place long before this feature was added.

Yeah, but I have been authorized to make some upgrades that will free up an ERL for us, and we have an ERL in our colo. So maybe I'll ship one out there to do this soon. That would be an awesome project.

Don't think I would try and live test in colo.

http://www.quickmeme.com/img/08/085260da739d5f8723a626ab23a0da4623be9458998bfc91b38c57cdffec16d4.jpg

@scottalanmiller said in IT legal resources?:

We have an attorney, but he's not specific to IT.

He does know IT?
Best way to proceed?

The problem is this:
On the Meraki side, let's say you have 5 (this can be any number greater than 1) firewalls.
In Meraki speak, if all 5 are in the same "organization", S2S is a few clicks & AutoVPN takes over. No pre-shared secret, no keys.
You turn on VPN, say yes to whatever subnets you want in the vpn & save.

On the ER side, I have to create 5 peers to connect to the Meraki side.
Meraki will only expose one connection for a 3rd party S2S & therein lies the problem.
Not all the tunnels connect & there's no good way to fix it.

@FATeknollogee said in KVM host: refusing connection on ports 22 & 9090:

Still looking for a fix!!

Can you ping out from it? Is the gateway missing or wrong? Subnet missing or wrong?

NTP can take a considerable amount of time (hours) to whip the system clock into submission if it had drifted far off UTC.

You can start the ntpd with an option to force it to change time directly. It used to be that you'd run ntpdate first and then start ntpd but ntpdate has been depreciated.

ntpq -p will show a little more details about the status of ntp sync. First thing to run when troubleshooting ntp.

@dyasny said in Virt-manager: IDE disks:

@scottalanmiller said in Virt-manager: IDE disks:

They need to just get off of my lawn.

LOL, funny how I'd never have understood the joke before moving to NA and buying a house 🙂

HAHAHA

@scottalanmiller said in Replication Options for KVM to DR Site:

But that was my point, what's considered a reasonable, rational risk scenario to an invest bank sounds to normal people to be similar to meteor level extinction events. Hence why the "backups have to cover everything possible" rule can't work, even if you add the caveat of "within rational scope", it is clear that Fortune 100 rational is SMB crazy. And what is F100 crazy, is still Wall St. rational. And what is Wall St crazy, is big government rational.

Backups shouldn't stop being backups based on the impression of rational scope. A backup is a backup, the scope that it covers is its coverage scope. Otherwise no SMB's backups would be a backup to the enterprise, for example. But the viewpoint of the observer should not be the determination of what is or isn't a backup, but rather an intrinsic property of the backup itself. Otherwise, you force a crazy scope to happen and someone mentions meteors - which was my point.

Lets agree on DR solutions being able (or striving to at least) cover disasters of whatever the scoped level is for a given business. With this in mind, avoidance techniques still have to target specific errors, while recovery solutions cover data loss from all of those, plus any other failure (within the scope, yes. Nothing will cover the failure of Earth remaining a livable planet).

@dyasny said in Virt-Manager on multiple pc's:

if you have an ovirt-engine somewhere central, that can reach to all the other locations, you can create a datacentre per location and place standalone hosts in there, using local storage.

Never thought about that. That's a great idea.

@FATeknollogee said in Existing AD...prefer to create New Site?:

@Dashrender said in Existing AD...prefer to create New Site?:

@FATeknollogee said in Existing AD...prefer to create New Site?:

I've got to figure out how I can run in parallel with 2 different network/subnets

Why change the IP scheme?

Preference & it's an easy way to identify "rogue" devices.
Current scheme is 192.168.1.x
I'll do a 10.200.10.x (or something similar)
Which means I should never see any device with a 192.168.1.x address on the network.

This part is simple, you just add the 10.X.X.X to everything and add a rule to route between it and the 192.

You don't care about connectivity at this point.

Everyone will still use the old LoB app on the new network, you jsut might have to teach them to runas or something depending on how it actually runs.

Simplified, but you get the idea.

@FATeknollogee said in Fedora 29 Server (or 28) install is stuck...?:

Update from SM:
"After we perform more test and use a non-widescreen monitor, we can finish installing Fedora 29 on our 4C version MB."

Very odd.

@DustinB3403 said in Fedora WS: (simultaneous) install on multiple pc's:

@coliver said in Fedora WS: (simultaneous) install on multiple pc's:

@DustinB3403 said in Fedora WS: (simultaneous) install on multiple pc's:

@Dashrender said in Fedora WS: (simultaneous) install on multiple pc's:

You could deploy an image using FOG

While this was my initial thought as well, he has asked about doing this simultaneously. Which fog generally isn't "all at once go".

It kind of is...I was using FOG to do multicast imaging 7 years ago. We're talking 30-60 machines at a clip.

Sure it can do it but that doesn't mean that you should do it. It's about network performance and if you're not setup for it you'll encounter massive slowdowns

Mutlicast is the way to go. You can even do it over broadcast domains. It sounds like you didn't have multicast configured correctly? Even doing 60 machines we didn't see any network slowness associated with imaging.

@FATeknollogee said in VOIP Provider: Skyetel:

@scottalanmiller curious question...why are you responding to a post from Dec of 2018 made by a user who only posted that one time?

Also, because @scottalanmiller .......

An in guest back up solution is definitely your best bet to move the workload.

@fateknollogee said in Unifi on Vultr: you 'has mad skillz?:

I don't quite get your answer..does that mean it's too easy or it's not worth the effort?

Basically yes, it is not worth the effort. You can setup apt to update automatically yourself quite trivially.

The same for Let's Encrypt.

Reskimming, I am not sure WTF he is doing with lighttpd I would need to look closer.

But the scripting of the backup to a third party site is going to be totally custom to every install. This is way too complex to setup in a simple script.

It works for him because everything is tied to the Google account.

@pete-s said in Web hosting + (or not) email: keep separate:

This is somewhat ridiculous. The entire premise of Microsoft's offering is vendor lock-in.
Of course you are hostage to Microsoft. Of course they will keep integrating their services until it's impossible for you to change providers. And when they raise their prices you will pay. It doesn't make sense to fool yourself into thinking something else.

If you want separate discrete services you have to stop using O365 because it's already a bundle of services - even without email.

Unless you only want email from them, then it's not too locked in. Just not very good.