Sysadmin Mega Thread

Welcome to the collective. It is lonely here. feelsbadman pepeCry

It feels that way sometimes lol, but this was great news. Really happy with the outcome.

Congrats man!

I used to manage the same kind of half-poorly managed infra. Default-deny outbound and a proxy used for network connection. Obviously not set by default in any environment, users had to set it manually. Well, our inbound firewall rules were also pretty good and we did not expose stuff to the outside world that could compromise our internal network. And whatever we had, it was in a DMZ.

But automated scripts, if we were to be hit by them, could not connect to the internet to download other malicious stuff. A basic history command would reveal how the updates were done, so someone who could breach the systems could potentially set the proxy.

Not yet, I plan on buying a Honeycomb LX2K once I save some more money. Unfortunately some other ARM SBCs await me, need a second RockPro64.

Nooooooooooooo!!

Congrats!

I should post more often in this thread.

So i missed this, I think.

This is a massive legal liability that they shifted to you.

If you havent already removed these machines from your house, please take action to get company property locked up on company property. Its not your responsibility to harden your house against theft for your company.

Unless the company wants to pay for it

CFO needs to be talked to about this. Remind him that iXSystems is a premier business and contracts need to be respected.

That should be on the wishlist to fix as well LOL

Hmmm, thats strange.

Youre still running a 2950? Nice!

How many employees? That’s gonna be a tough sell for any reasonably sized company.

Tell them youll get them a deal in exchange for more laptop replacement allocations

You have in the last few months, kicked so much ass you’ve got finance asking you to slow down because they’ll be saving too much on legal. Take a holiday man, you’ve really earned it.

I am back, Guy’s and Gals. I hope you are having a good world holiday today. You ask what holiday; there is no recognized holiday today. Today won’t be recognized as a holiday until some time in the future. So what is the reason today to be considered a holiday in the future? A significant event happened 58 years ago, to be precise, at 3 P.M. September 16, 1964. Is this event as necessary as the birth of Christ or his death? No, but it is close. We still don’t know why today is so important. I will tell you a person was born on September 16, 1964, at 3 P.M. This person, while not as important as Christ, will have a significant impact on the direction of the World (Earth) in the future. If you haven’t guessed by now, today is my 58th birthday—happy future holidays. I will be toasting myself at 3 P.M. if anyone else wants to join me, you are welcome.

Happy birthday. Mine comes up in a few weeks and I always manage to forget by the time it comes around.
Here is a tribute from one of the most Metalist Metal bands ever, just for you.

Wish me luck. I pick up the equipment I need for my new job today. I am looking forward to working from home. I have always had to travel for work. Working from home is going to be a nice change.

I have been trying to land one of those Jobs but unfortunately, things have not aligned correctly to make it a reality.
It is really awesome that you are getting this opportunity. Enjoy and please report back.

Dw its safe

My manager is on holidays so I can’t really discuss it again with him, but the best thing they apparently can do is just pay for a secure locker in my house. Yes, this kept me wide awake during nights multiple times including this one.

Already had the talk about it and thankfully payment was only 2 days overdue because rushed to the DC to have the system up and running the same day I found out about it

Unfortunately not going to happen any time soon. The same company subleasing us the rack space is also our ISP. Also this is like the least of worries for me

Yeah I think the communication just broke down somewhere as it was taking months discussing the DAP and DPP shipping terms between our finance department, Fedex and iXSystems with a mail thread spanning 100+ emails

Haha NOT ANYMORE! It was hard crashed and just eating away power, so unplugged it

Lost count of how many we have right now since we keep burning through new hires rapidly and engineering is bleeding burnt out engineers like a gutted pig. Around 80 to 90 I’d say.

Hahah okay I will

Also found out only 4 hours ago that the company has a business account open with Dell and that we literally have a dedicated Dell account manager, so yaaaay no longer looking for a new vendor and just gotta fill out so much paperwork with Dell

2x3x12 is 72. Youll need at least 3.

Been following this and lurking because I don’t have much to add in the Syadmin thread lol, but this is a legal nightmare waiting to happen. This is bad.

Who is liable for the equipment if your house burns down that they’re using as storage for business purposes? Your homeowners insurance? Their corporate insurance? Same goes for theft, damage, etc. It realistically wouldn’t happen, but theoretically what happens if one of them catches on fire and burns your house down? I guarantee your insurance would fight and refuse to cover it and tell you to fight the business responsible if you’re using a property insured as a residential dwelling for this. Is there written documentation anywhere that they were removed from the premises for storage and not stolen? Etc etc, those are just a few examples of the sort of legal problems you’re looking at, not just finding more space for them.

I know it sounds like you don’t need more stuff to deal with, but you really need a solution and something in writing here that doesn’t involve your house.

Basically all of this.

In general, fuck the concept of corporate having you use your personal property for business uses.

Imagine if there’s a legal issue with the company? The police might wind up getting a warrant to search your home. They might find out you don’t have a screwdriver license and ship you off to the tower of London.

Has there ever been a study done on most commonly used private IPv4 ranges? I assign use 10/8 and assign random 2nd octet values to networks, excluding 0 and 1 (10.0/16 and 10.1/16) but I’ll bet someone somewhere has run the numbers and has stats on the most common ranges.

Don’t know, but I thought about this a long time ago when I was a sysadmin and had to renumber our network in order to have a VPN with a partner company because of network range collisions. I think I just did echo 10.$[$RANDOM%256].$[$RANDOM%256].0 and used that in the end.

Yeah that’s what I and many others do too. I have been tying the 2nd octet to the physical location for better readability, but I may stop doing that. Not like I have 250+ locations to deal with but it’s just so wasteful.

I really need to reboot my ipv6 dual-stack series, where being wasteful is a virtue. I still have ipv6 disabled, I need to experiment with ipv6 somewhere else before I can crap all over my old network 'til I make it work.

I have been restricted from tinkering with both of my networks for now (I technically have 3, but one of them is a single subnet with no network segregation), because I have a large data transfer going on, so no network, routers or computer restarts. Once that is done, I should be able to get back into business and modify configurations.

Well, in all honesty, my ipv4 is not even working as expected either on my hypervisor, even though it was working previously when I tested it. I’m talking about a bridge (let’s call it vmbr2) bridging a vlan interface (let’s call it vmbr0.2) where VMs attached to the bridge are not able to communicate with the rest of the hosts in the vlan (arp is empty). Used to work a week ago before I reboot my hypervisor.

In 5 days, I barely downloaded 40% of the data with zfs-send (about 679GB out of 1.66TB). I was expecting the download to take a month, so if it takes 2 weeks, I’m happy, the faster, the better. So until that is done, I can’t tinker too much with the hypervisor or the network, I don’t want the transfer interrupted or failed. I already wasted 1 or 2 days when I initially did a zfs-send to the wrong zpool, which didn’t have enough space and I had to cancel it (thankfully I noticed before the download failed with out of storage errors, but that was embarrassing even when nobody else was watching).

I tend to use 172 generally.

I’d like to see stats on commonly used /24s in all 3 classes of private IPv4 tbh.