Sysadmin Mega Thread

mutation666 · November 9, 2019, 9:32pm

new deployment or upgrade?

oO.o · November 9, 2019, 9:48pm

New deployment, but trying to automate the process.

Automating the switch config is difficult.

mutation666 · November 9, 2019, 9:49pm

You mean like base line minus vlans and what not?

oO.o · November 9, 2019, 9:54pm

I’d like to do everything, but for now, just discovering the switches, enabling ssh, updating firmware, discovering 24v poe devices, changing default admin, setting management vlan and setting static dhcp reservation with fqdn resolving.

mutation666 · November 9, 2019, 9:55pm

Why not just dump baseline on direct plugged in switch? you trying to cable it all up then just auto configure regardless of how many switches? I always remember baselines out the box then tweaking based upon what the device it was replacing before taking out to end site. I cant imagine you are doing huge rollouts

oO.o · November 9, 2019, 9:56pm

Yeah. We’ll see how far I get.

vlycop · November 10, 2019, 9:51pm

Is there a systemd thread somewhere ?
I’m having issue with space in cifs mount unit
With the amount of tips you need to make it work … might as well centralize

SgtAwesomesauce · November 10, 2019, 9:52pm

No specific thread.

You could make one.

vlycop · November 10, 2019, 9:53pm

i maybe should … but not tonight, i have a train early tomorrow and i was about to give up for the night

SgtAwesomesauce · November 10, 2019, 9:55pm

Your call. I’m not super familiar with cifs integrated with systemd.

vlycop · November 10, 2019, 9:57pm

it’s basically calling mount.cifs, but for some reason, the exact command it should build work by itself, and return mount.cifs: bad UNC when run by systemd

i’ll create the topic on the train if there is onbord wifi

SgtAwesomesauce · November 10, 2019, 10:01pm

Hmm that’s really odd. I wonder if it has to do with how systemd isolates processes.

vlycop · November 10, 2019, 10:03pm

\o/ i don’t know, because it’s a space issue, i could also be escaping quote weirdly … i’m trying to find how stuff is organized in github. Maybe reading the code will help

mutation666 · November 10, 2019, 10:14pm

Anyone run Suricata or Snort on their PFsense/OPNsense and have a rough idea on cpu usage? Its on my like of thing to add and not sure my 4130t will be able to handle that and 10gbe when it gets slammed occasionally. Trying to debate upgrading when i do my major network overhaul early next year.

oO.o · November 11, 2019, 5:36am

Do you want to run IDS on 10G? You usually just run it on the gateway/edge.

oO.o · November 11, 2019, 5:40am

I’m having a zsh issue. Is this fixable in the zsh config? I want to be able to run commands with a variable without using eval.

$ zsh
$ thing="echo hello"
$ $thing
zsh: command not found: echo hello
$ eval $thing
hello
$ bash
$ thing="echo hello"
$ $thing
hello

SgtAwesomesauce · November 11, 2019, 7:18am

Not sure. It’s interpreting it as a single command, escaping the space automatically. I’ll play with it tomorrow when I’m at a terminal.

vlycop · November 11, 2019, 8:36am

isn’t command substitution what you’r looking for ?

mutation666 · November 11, 2019, 11:12am

I would be runing it on all links, but the 10gbe is only used really during large file transfers and even then thats not super frequent. So the link isnt usually utilized hard.

oO.o · November 11, 2019, 2:45pm

No, I need to condense a command with several options because I’m going to use it a lot. I don’t want to use an alias because it’s temporary, but maybe I should.

It’s the first time I’ve run into a behavior that breaks functionality between bash and zsh.

Idk, that’s going to be a heavy load though. I believe suricata is better optimized than snort, so I’d go with that. From my experience of running in on WAN, all I can tell you is that you’ll need at least 8gb of memory.