Yes sir. It is called Terminal Services (read: Citrix) and thats how half of our company functions. We even have an awesome 3.2GHz Xeon dual-cpu hyperthreaded xSeries 235 with 6 RAIDED disks, serving many applications to many users as a test server. Looks like we can linearly scale the server's power with the number of users, until the requirements give in and we switch to Sun.
Terminal Services Remote Admin mode comes with Windows 2000/2003/SBS Server, but is limited to 2 simultaneous connections. Terminal Services Application Mode (which you must be using) is basically a subset of Citrix functionality (licensed from them, AFAIK) that supports many more users. Of course, it can be a PITA, seeing as it requires a Terminal Services Licensing Server, an AD Domain, Terminal Services Licenses (unless you're using Win2K or WinXP Pro clients connecting to a Windows 2000 Server), switching the server into install mode to install programs, and some programs need special (read:complicated) installation or may not work.
As for scaling, it really depends on the users, the apps, and the overlap in the apps they use. MS has released some sizing guidelines that you may want to take a look at. In my experience, however, the hardware requirements aren't very steep for normal office user stuff.
Of course, all of this is overkill for the poster's question and for almost all home networks.
Terminal Services come with Windows 2000 Server, but I believe can be seperately installed with Windows2000 pro.
AFAIK, there's no Terminal Services functionality in Windows 2000 Pro. Windows XP Pro, however, does have Remote Desktop Sharing, which is similar but is limited to either 1 client or 1 console session.
Being a Windows admin, sometimes I wonder about the Windows knowledge of the average/.'er. Being a relatively newbie to Linux, this then makes me wonder about the Linux knowledge of the average/.'er. (Note that this isn't directed at you, but rather at the general discussion.)
Just an aside, but Z: should normally not be mapped in a Windows domain, as Win9x uses Z: to map the NETLOGON share to run logon scripts. I realize that Win9x is fading away, and it's possible that the poster doesn't have Win9x, but there's very little reason to use a Z:.
Having done more than a few Netware to Windows and peer-to-peer to domain migrations that were made a good deal more complicated by the presence of a Z:, I 'd like to point out that in Windows environments, it's SOP to use H: as HOME. And I see no reason not to stick with it when possible.
Ummm...that's only going to work if the apps in question are able to be web-enabled. Unless you're talking about VNC or RDP via a webpage, in which case it's simply using an ActiveX object (that probably doesn't work in Linux) instead of connection software.
Remote Admin mode limits to 2 simulataneous connections. And I don't think it's required that an Admin logs on, so you could create normal accounts and just give them appropiate rights.
.That being said, I think it's overkill for the original poster.
Really, the original poster could make do with Windows XP Pro Desktop Sharing or VNC, since he doesn't specify needing multiple connections. The only "issues" would be sharing his local optical drive and connecting to his home directory.
I assume his home directory is on a Linux machine, so Samba would be the solution there. Creating a logon script or just throwing a batch file on the desktop of the Windows machine would be sufficient.
His local optical drive is a little challenging, though, since there's no easy way to know what client he's connecting from. I don't think the Linux Remote Desktop Client has an option to connect local drives (like the Windows client does). My suggestion would be either connect both the Linux and Mac drives all the time, or create 2 batch files on the desktop. A real hack would be to run netstat and grep for the connecting client IP and connect based on that. But I don't feel like figuring that out right now.
FWIW, I run SSH and TightVNC on all my machines and RDP on all my Windows machines. It gives me the best of all worlds. SSH is fast and secure, but is only CLI (short of forwarding X sessions). VNC allows you to actually see what's on the client screen (instead of a new session...AFAIK, XP Pro won't allow RDP connections to the console like Server 2003) and is cross-platform. But, RDP has better compression and is encrypted, and keeps the console available. I normally have 2 or 3 VNC and/or SSH and/or RDP sessions going on whatever PC I'm working from. I use a combination of connecting local drives via RDP, Samba, and SCP for file transfers.
A common trick headhunters use is to leave a message on voicemail, basically along the lines of "I'm checking references for Mr. XYZ. Please call me back only if you'd give a good reference." There's no lawsuit for not returning a call for the previous employer, and if the call is returned, regardless of what is or isn't said during it, the headhunter can assume a good reference.
And, of course, like you point out, phrasing and tone can mean a lot.
I've always wondered why there wasn't something in the OS to force this behaviour, Ie, making sure that App 2 access to the disk is queued until app 1 has finished. Isn't this one of the reasons Windows takes ages to boot? (many processes all competing for the one disk resource?).
AFAIK, the reason Windows used to take ages to boot was that drivers and services were started sequentially and no optimaztion was ever done for the boot process. Windows XP, OTOH, had a goal of less than 30 seconds for a cold boot. In order to achieve this, new BIOS specs were implemented as well as optimization of the boot process. The main things done to speed up the boot process were doing driver and service initialization and disk I/O in parallel, and prefetching. MS claims a 4-5x increase in speed using a chunked read of all boot files, but others disagree and think that prefetching accounts for most of the increase.
With a new PC and a fresh install of XP, it's very possible to get to the desktop in less than 30 seconds. Even with my aging PIII-500MHz laptop (without the BIOS optimizations called for by MS) and with additional startup software, my PC is usable in less than a minute. To be honest, it's the one reason I switched to XP from 2000.
Killing a man, stealing what he earned, etc are all wrong because we believe them to be morally reprehensible and thus created laws to punish those who do it.
The humanitarian point of view would be those actions are wrong because they deprive others of rights.
Gambling, or prostitution, or drug use does not violate anybody else's rights. Therefore, you should be free to do as you wish. There are arguments to be made that these vices contribute to other crimes that do violate others' rights, but the fact of the matter is that those other crimes are already crimes and punishable as such.
Of course, some will argue that gov't is not just to protect rights, but to enforce the majority's idea of a "perfect" society. That's a different argument, though, and one that the US Constitution doesn't make.
The problem is that they get shitty pings when gaming because web, ftp and p2p traffic is swamping the link. The simplest solution is simply to route all gaming traffic out one T1 (by IP) and route everything to every other IP out the other T1 and block p2p with iptables.
If I understand you correctly, then you're talking about simply adding static routes for the gaming servers to the routing table. That would work if the IP addresses of the gaming servers are known in advance.
I kind of misspoke when I mentioned QoS. I was simply referring to the process of marking packets and then routing differently, which is correctly termed policy routing. It's very similar to the process you'd use to mark packets for QoS, which is rather well-documented in Linux, so that's why I referenced that. It doesn't, however, involve setting up traffic queues (unless you want to) or using tc, which traffic shaping requires (and is where most of the complexity is).
The way I see it, you're solution really doesn't accomplish anything greater in terms of more bandwidth for gaming (gaming traffic is only ever going out the one T1 anyway) and requires more processing power on the router. As long as you assume that any traffic to the IP address of the gaming server is going to be gaming traffic, then you maximise the whole T1 using this simpler method.
I think the disconnect we're having here is that I'm not assuming there's a certain amount of fixed IP addresses that the gaming traffic will be going out to. Instead, I'm assuming there's a certain amount of fixed ports that the gaming traffic will be coming from or going to, and the servers will dynamically change based on game being played and host. In that case, you HAVE to use iptables to mark the traffic, because iproute2 doesn't know anything about ports.
As far as processing power, I think a modestly powered box with decent NICs will handle this traffic fine. It's only moderately more expensive in terms of computation than a standard firewall or router.
I simply think the added flexibility of being able to use iptables to select what traffic goes where is worth the added complexity in setting it up. If you do your scenario, there's no way to later route, say SSH traffic out the gaming T1 without setting up my solution. You must know the destination IP address of anything you want to go out the second T1-not reasonable, especially with dynamic DNS, home gaming servers, and round robin DNS.
Yes, by telling it to Download and tell you when there's updates you prevent it from rebooting automatically. Setting it to Download and Update automatically, and then complaining that it does what you told it to do when you told it to do it is stupid. The updates are not installed until a reboot takes place, so in order to pdate automatically, it must reboot. That's why they give you a time and day to choose as well.
Not to mention that it shouldn't be too hard to figure out what's rebooting the server since it liberally writes to the Event Log.
The SNAT option --to is really --to-source. But,you're still only modifying the packet to show that it came from that IP address, not actually routing it out that interface. You'd need iproute2 to actually make the packet go out the correct route.
To be specific, you're looking at doing policy based routing. Normally, routing is only done based on destination network. But, in this case, we want to route based on destination ports (or ToS if these games happen to classify their packets with it). iproute2 can route based on ToS, but not by destination ports. However, it can route on fwmarks as well. And iptables can mangle packets based on an incredible amount of filters (including destination ports) and apply fwmarks.
So, yeah, you're close...but not quite. You're missing the actual routing part. man ip for some of the nitty-gritty details. FWIW, here's a quick shell script that should do the trick:
# !/bin/bash
# Assume default gateway is the gaming T1
# Assume eth0 is internal, eth1 is gaming T1, and eth2 is HTTP T1
IP0="internal ip"; NET0="IP0/mask"
IP1="ip address of gaming T1"; NET1="IP1/mask"; GW1="gateway of gaming T1"
IP2="ip address of HTTP T1"; NET2="IP2/mask"; GW2="gateway of HTTP T1"
# Flush residual routing info
ip route flush table 2
# Add some routes to the new table. It'll be the same as the main table, but with a different default gateway.
# For the local network
ip route add table 2 to $NET0 dev eth0 src $IP0 proto static
# For HTTP T1 network
ip route add table 2 to $NET1 dev eth1 via $GW1 src $IP1 proto static
# For gaming T1 network
ip route add table 2 to $NET2 dev eth2 via $GW2 src $IP2 proto static
# Loopback
ip route add table 2 to 127.0.0.0/8 dev lo src 127.0.0.1 proto static
# The default gateway on this routing table will be the HTTP T1
ip route add table 2 to default dev eth2 via $GW2 src $IP2 proto static
# Select and mangle packets
# Add a fwmark to packets destined for HTTP servers coming in on eth0
iptables -t mangle -A PREROUTING -p tcp --dport 80 -i eth0 -j MARK --set-mark 2
# Select and mangle any other packets that you want to go out the HTTP T1
# Do Source NAT so that replies come back on the right interface
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to-source $IP1
iptables -t nat -A POSTROUTING -o eth2 -j SNAT --to-source $IP2
# Now we'll add the routing rule
# If the packet has a fwmark of 2, then use table 2 to route it, which sends it out the gaming T1
ip rule add fwmark 2 table 2
# Flush the routing cache so our changes take effect
ip route flush cache
You'd probably want to add some firewalling rules in there as well, and I'll leave it up to you to drop P2P, etc., but that should get you started.
P.S. You could skip all the iptables stuff if you just wanted to route based on the stuff iproute2 knows about. IIRC, that would be destination address, source address, ToS, or incoming interface. None of which would help in classifying web traffic, though.
A Linux box with 3 network cards and some IPTables and QoS should do what you're looking for. Take a look at the Linux Advanced Routing and Traffic Control HOWTO for the nitty-gritty QoS details, and here for the routing parts.
Basically, you'd be looking at doing the following things. Multiple outbound providers, which will need another routing table built for the second link. Then you'll need to dive into QoS to split up your traffic into your definitions of bulk (HTTP, FTP), priority (Gaming), and drop (P2P). I notice that you have no default set up, but I leave that up to you. Finally, you can use iptables to mark and NAT your traffic out the right interface.
Under Windows, you would need some advanced routing software I think. ISA may do it, but I doubt your budget allows it. By default, Windows does have the ability to enforce QoS terms, but you'd need something to apply those QoS marks (I doubt that games commonly mark their packets with ToS)...which means a bridge in front of the Windows router. Might as well use a Linux router instead.
If anybody knows of a way to get a Windows box to route based on ports, I'd love to hear it.
Oh, and a simple solution for the exact problem you describe (which I don't think is what you really want) would be a proxy for the HTTP and FTP link, and a router for the other link. All HTTP and FTP requests would be sent out the proxy, everything else would go the default route (to the router) which could be configured to drop P2P and route everything else. Optionally, you could do QoS on the router to prioritize certain traffic. If you go that route, I'm fond of AnalogX Proxy (for Windows) because it's free and simple. Of course, that does require client configuration....unless you use Transparent Proxying.
Check out the car industry for a model of business that is based on both. Most car buyers purchase cars based upon the cars individual merits. On the other hand they attempt to lock you in with leases. It is much easier to just "upgrade" your lease at the end of a lease term, than it is to terminate the lease. The great part is YOU have a choice.
And those cars' technology is protected with patents out the wazoo. And no one is giving away FOSS cars, or even producing them for that matter.
I also fail to see where you don't have a choice between MSFT and FOSS as it stands now. Just because it may be easier to stay with MSFT doesn't make it a forced issue.
MSFT is concerned, and rightfully so, about protecting their IP. As of now, it's the only proven way to make money in the software market.
No hacking was done here. What had happened is a tech left the directories on a shared server that contained Democratic notes unlocked so ANYONE who looked there could see them. Republicans had nothing to do with the screwup on the protection, its just one of there aids found out about it. Nothing illegal was done.
Hmm...with the DMCA, are you sure that it's not illegal? Obviously, the Republican aide knew that they weren't supposed to be there before reading them. What's the difference between trolling a share for files inadvertently placed there and knocking on ports for inadvertent open ones? I don't think the DMCA, or any computer cracking law, has ever made a distinction as to what constitutes reasonable protection.
And, if not illegal, it was definitely unethical. Accessing information which you know you have no legal right to is unethical...especially in matters of public gov't.
IBM's middleware strategy is based on the WebSphere products, which are based on Tomcat, Apache, and Eclipse. That middleware business alone is worth over $11 billion a year, and it is profitable.
Of course, Websphere itself is NOT open source. And, it's really based on Java, which again is NOT open source (though IBM would like it to be). It's HTTP server is based on Apache, but what makes it unique is in Java. And, as IBM has said, Websphere is a commercial product and it would be unrealistic to open source it. And Sun has stated that IBM's idea to open source Java is "bonky".
Red Hat has been able to rack up profitable quarterly results in a very spending averse environment. I'd say they're a bit past figuring out how to make money. Maybe a year or so ago I would've agreed with you but I can't say the same now. Also, circumstantial evidence points to the fact that SuSe was cash flow positive when they were purchased by Novell which further bolsters the case for making money in open source.
It looks to me that Red Hat lost around $6.5 million last year. Add to that the $140 million the year before, and the $86 million before that and I think they're a large black hole...even with the current $8 million profit they're showing. Of course, I didn't say they couldn't make money...I said they're not making a killing...which MSFT is. Add the fact that Red Hat recently dropped their consumer offerings and focused on the enterprise (which is about when they started to make money), and I'd say they're still trying to figure things out. Novell's acquisition of Suse and Ximian show that they're reengineering their strategy as well. Neither has shown that they can compete with MSFT in the desktop or application market.
The Registry is anything but static. Apps write to it all the time. That increases the likelihood that one wrong write will mess up the whole thing.
Apps don't, or shouldn't, be writing to the necessary keys for starting the system all the time. The HARDWARE, SYSTEM and SAM keys are seperate files on disk. MSFT may put some necessary things in SOFTWARE (I've never tried to remove it and reboot...but maybe I will), which apps do write to, but that is an implementation problem-not a design one.
Another one is that there is no isolation between app components. You cannot have two versions of the same app in different file systems, with different registry keys.
Yes, you can. It requires forethought by the app developer, to seperate his keys by version, but the registry does not limit this.
Also, because write access to bits of the registry are restricted to admins, you cannot install anything complex (like a game) without admin access. Which is just silly.
And some config files are not writeable by users. Once again, this is an app problem, not a registry problem. If it requires admin access to install a non system component, then the app is coded wrong. Note that I think DirectX is, and probably should be, a system component, so you may run into trouble there.
Oh, one more thing...If Windows apps would (a)only put meaningful, configurable values in the registry, and (b)cleanly uninstall themselves, the registry would be a lot cleaner and easier to navigate.
1. It is way too complex. There is no way you can understand it all or hand edit it if required.
That's a programmer problem, not a design problem. Not to mention that many config files are way too complex as well. One thing that's nice about config files, however, is that you can include comments. While you could do this with the registry (with the EXPAND_SZ, expand string, type) it's not optimal as it increases the size. And nobody does it. [aside]If programmer's don't want you to change values or the values are meaningless...why make it changeable? Why not hard code it?
A redesign of the registry with a seperate table for comments would be interesting, I think. That way, when using editing tools, the comment table could be referenced. But, when loading or executing software, the comments would not hinder performance.
If it is corrupted, your whole OS won't even boot.
While I somewhat agree on this point, I have to note that corrupted config files will also prevent Linux from booting. I don't know the format that Windows uses for the registry tables, but it should be recoverable. Also note that I've yet to see any registry corruption on Win2000+, except with HW failures. I think the inclusion of something similar to BartPE or ERD Commander would also be a worthwhile replacement to MSFT's extremely limited Recovery Console. And frequent, automated, timed backups of the registry (at least OS configuration) should be done.
3. Its huge! 45MB of my fairly clean XP box.(although it is in a domain and has policies applied to it, etc, etc, but not much software)
My Win2003 server, excluding registry backups and the user.dat portion, is only 23MB. 17MB of that is in HKLM\SOFTWARE (I have a lot of software installed). Perhaps someone handier than me in Linux could tell us what size all of the config files for a normal desktop come to (actual space on disk, ot just data size).
You can't move the registry between machines, let alone between different versions of Windows. I can move my.config file between the 2.4 & 2.6 kernel if necessary, it just ignores what it doesn't know.
While true that you can't move some parts of the registry between machines (parts dealing with hardware and the like), software configuration is easily moved. I don't recommend moving the entire hive, as it would no doubt cause problems, but.REG files can be imported/exported with no problem. And.REG files are pretty portable (and text based), though it does require some editing and checking of data types to move from NT based to 9x based machines. With NT becoming the standard, though, that concern should go away.
Several smaller independent registiries might work better. e.g. one for linux conf, one for X, one for KDE, etc. So each one has a small well definied file for all configs.
Perhaps a DBA could chime in with better info, but I think that you would then be duplicating database structure overhead on each of those files. While I see the concern of a single point of failure for all software in the machine, automated backups and sensible defaults should mitigate that somewhat.
I think the main advantage of the registry is a central location for configurable values. By using a database, you should also have the advantage of database reliability and performance. Of course, the real problem with it would be getting everyone to use it.
Meanwhile, all the big players have realised that free software is the future.
Not very many companies are making a killing on OSS right now. Some, like IBM, are subsidizing it from their HW sales. Others, like Novell, Red Hat, and Ximian, are still trying to figure it out. I'd say it's a bit early to call it won.
Business models based on control will be obsolete in a decade or two.
Just about every business model, not just software, depends on control. That's why businesses spend so much money getting IP protection laws passed. Every business wants locked-in customers, it's a good revenue stream. When OSS companies start playing with the big boys (public investors), they're going to have to find a way to keep them happy.
Unfortuneatly, Microsofts business model - since they do little other than software sales - their model is based completely on control.
Let's see. According to the latest FY2004 1st quarter results (ending on Sept 30, 2003), MSFT gets about 15% of their revenue from segments besides OS and Office sales.
However, if you take the time to read thru their segmentations, you'll notice that Server and Tools also includes MSDN training and tools, certifications, MS Press, consulting services, and Premier PSS - all non software revenue. According to their financial highlights, we can calculate that Consulting and PSS revenue was $231 million, and MSDN and MS Press was $190 million. Their Office segment also includes revenu from LiveMeeting and Professional PSS, but they don't give figures to calculate that portion of it.
Adding those numbers together, we can see that non-software revenue is about 20% of their total revenue. That is also significantly higher than the previous year, while their OS and Office segments have been relatively flat (do you think someone at MSFT might have noticed that?).
Okay, so we can realistically claim that 80% of Microsoft's revenue is from software sales. But, that 20% of non-software revenue (which, again, is growing) is a pretty impressive $1.7 billion (that's with a B) per quarter - that's about $7 billion a year.
To put that into perspective, VA Linux's revenue is $24 million (that's with a M) a year. Red Hat's revenue is $90 million (that's with a M) a year. Novell's revenue is $1.1 billion a year. Sun's revenue is $11 billion per year (but note that they lost money, even discounting non-recurring expenses).
IBM's revenue is a much higher $80 billion a year...but let's take a look at their cost of revenue and expenses. While MSFT earns almost an ungodly 30% profit on its revenue, IBM's profit is a paltry 8% (I didn't include non-recurring expenses)! MSFT nets more profits on it's $30 billion of revenue than IBM does on it's $80 billion! The story is much the same with HP, though their profit is a even smaller 5%.
I think it's safe to say that MSFT's non-software revenue is quite healthy, and ever growing.
While I like FOSS, I've yet to see how it can sustain a viable corporate business. And, until that time comes, investor money will continue to flock to MSFT so that they can make even more $$. And, even if FOSS wins the war, expect MSFT to remain around for quite a long time. Despite what Linux zealots may think, MSFT is not stupid, and they know how to make money. In the game of business, that's what it's all about...not the ideals of FOSS.
I have a sense of humor...thankfully, I just don't have yours.
As for people with "normal intelligence" interpreting the straw "riddle", I think you greatly overestimate the population's college education and time away from college fluid mechanics courses.
Though I'm too lazy to look up facts in support of this, I'd wager a minority of the population has attended and/or graduated from college. Furthermore, I'd wager an even smaller percentage have taken a 2nd level physics class that would possibly expose them to the science of air pressures and vacuums. And, to top it off, I'd guess that a reasonable median of the age of this population would be in the mid-40's. That means that those who did attend college, and who did take a physics course that explained to them air pressure equalization would have had 20+ years in which to forget it all. And, if that wasn't enough, the issue was further confused by replacing the somewhat common term "vacuum" with "negative atmosphere".
Just because you learned something in college doesn't make it something deducible from "normal intelligence". That's why you had to go to college to learn it.
Well, you should have some basic knowledge of speaking English if you are native to the US....I've stumped people a number of times while asking for a 'negative atmosphere liquid transport device'....then, I just point at the straw.
I completely agree that basic knowledge of the English language is a necessity. Which is why it's stupid to call a straw "a negative atmosphere liquid transport device".
Everybody knows what a straw is. Not everybody should be expected to decode some linguist geek's idea of a practical joke for everyday terms.
That's why we come up with names for common items...to prevent everyone calling it whatever they feel like at the moment. It enables us, as a society, to communicate with each other. If you'd rather use [arguably] more precise, scientific language to describe common ideas and terms, perhaps you should only communicate with other obvious prodigies and leave the rest of us normal people alone.
Words and language are meant to effectively communicate ideas. While descriptive language for the purpose of clarifying intent is reasonable, purposefully discombulating the English language as to disguise the idea behind the words is juvenile and mildly retarded.
And it's also quite simplistic, which is why it's nowhere near as humorous as a purported organization supporting the ban of dihydrogen monoxide. A lot of thought and effort went into that practical joke-which is why newspapers are picking up on it and laughing, too. Your straw joke has no one laughing but yourself...except, perhaps, at your notion that you are somehow intellectually superior because of it.
Slashdot Mirror
Terminal Services Remote Admin mode comes with Windows 2000/2003/SBS Server, but is limited to 2 simultaneous connections. Terminal Services Application Mode (which you must be using) is basically a subset of Citrix functionality (licensed from them, AFAIK) that supports many more users. Of course, it can be a PITA, seeing as it requires a Terminal Services Licensing Server, an AD Domain, Terminal Services Licenses (unless you're using Win2K or WinXP Pro clients connecting to a Windows 2000 Server), switching the server into install mode to install programs, and some programs need special (read:complicated) installation or may not work.
As for scaling, it really depends on the users, the apps, and the overlap in the apps they use. MS has released some sizing guidelines that you may want to take a look at. In my experience, however, the hardware requirements aren't very steep for normal office user stuff.
Of course, all of this is overkill for the poster's question and for almost all home networks.
AFAIK, there's no Terminal Services functionality in Windows 2000 Pro. Windows XP Pro, however, does have Remote Desktop Sharing, which is similar but is limited to either 1 client or 1 console session.
Being a Windows admin, sometimes I wonder about the Windows knowledge of the average /.'er. Being a relatively newbie to Linux, this then makes me wonder about the Linux knowledge of the average /.'er. (Note that this isn't directed at you, but rather at the general discussion.)
Having done more than a few Netware to Windows and peer-to-peer to domain migrations that were made a good deal more complicated by the presence of a Z:, I 'd like to point out that in Windows environments, it's SOP to use H: as HOME. And I see no reason not to stick with it when possible.
Ummm...that's only going to work if the apps in question are able to be web-enabled. Unless you're talking about VNC or RDP via a webpage, in which case it's simply using an ActiveX object (that probably doesn't work in Linux) instead of connection software.
.That being said, I think it's overkill for the original poster.
Really, the original poster could make do with Windows XP Pro Desktop Sharing or VNC, since he doesn't specify needing multiple connections. The only "issues" would be sharing his local optical drive and connecting to his home directory.
I assume his home directory is on a Linux machine, so Samba would be the solution there. Creating a logon script or just throwing a batch file on the desktop of the Windows machine would be sufficient.
His local optical drive is a little challenging, though, since there's no easy way to know what client he's connecting from. I don't think the Linux Remote Desktop Client has an option to connect local drives (like the Windows client does). My suggestion would be either connect both the Linux and Mac drives all the time, or create 2 batch files on the desktop. A real hack would be to run netstat and grep for the connecting client IP and connect based on that. But I don't feel like figuring that out right now.
FWIW, I run SSH and TightVNC on all my machines and RDP on all my Windows machines. It gives me the best of all worlds. SSH is fast and secure, but is only CLI (short of forwarding X sessions). VNC allows you to actually see what's on the client screen (instead of a new session...AFAIK, XP Pro won't allow RDP connections to the console like Server 2003) and is cross-platform. But, RDP has better compression and is encrypted, and keeps the console available. I normally have 2 or 3 VNC and/or SSH and/or RDP sessions going on whatever PC I'm working from. I use a combination of connecting local drives via RDP, Samba, and SCP for file transfers.
And, of course, like you point out, phrasing and tone can mean a lot.
AFAIK, the reason Windows used to take ages to boot was that drivers and services were started sequentially and no optimaztion was ever done for the boot process. Windows XP, OTOH, had a goal of less than 30 seconds for a cold boot. In order to achieve this, new BIOS specs were implemented as well as optimization of the boot process. The main things done to speed up the boot process were doing driver and service initialization and disk I/O in parallel, and prefetching. MS claims a 4-5x increase in speed using a chunked read of all boot files, but others disagree and think that prefetching accounts for most of the increase.
With a new PC and a fresh install of XP, it's very possible to get to the desktop in less than 30 seconds. Even with my aging PIII-500MHz laptop (without the BIOS optimizations called for by MS) and with additional startup software, my PC is usable in less than a minute. To be honest, it's the one reason I switched to XP from 2000.
Just use Google (how appropiate) to set your referrer.
The humanitarian point of view would be those actions are wrong because they deprive others of rights.
Gambling, or prostitution, or drug use does not violate anybody else's rights. Therefore, you should be free to do as you wish. There are arguments to be made that these vices contribute to other crimes that do violate others' rights, but the fact of the matter is that those other crimes are already crimes and punishable as such.
Of course, some will argue that gov't is not just to protect rights, but to enforce the majority's idea of a "perfect" society. That's a different argument, though, and one that the US Constitution doesn't make.
If I understand you correctly, then you're talking about simply adding static routes for the gaming servers to the routing table. That would work if the IP addresses of the gaming servers are known in advance.
I kind of misspoke when I mentioned QoS. I was simply referring to the process of marking packets and then routing differently, which is correctly termed policy routing. It's very similar to the process you'd use to mark packets for QoS, which is rather well-documented in Linux, so that's why I referenced that. It doesn't, however, involve setting up traffic queues (unless you want to) or using tc, which traffic shaping requires (and is where most of the complexity is).
I think the disconnect we're having here is that I'm not assuming there's a certain amount of fixed IP addresses that the gaming traffic will be going out to. Instead, I'm assuming there's a certain amount of fixed ports that the gaming traffic will be coming from or going to, and the servers will dynamically change based on game being played and host. In that case, you HAVE to use iptables to mark the traffic, because iproute2 doesn't know anything about ports.
As far as processing power, I think a modestly powered box with decent NICs will handle this traffic fine. It's only moderately more expensive in terms of computation than a standard firewall or router.
I simply think the added flexibility of being able to use iptables to select what traffic goes where is worth the added complexity in setting it up. If you do your scenario, there's no way to later route, say SSH traffic out the gaming T1 without setting up my solution. You must know the destination IP address of anything you want to go out the second T1-not reasonable, especially with dynamic DNS, home gaming servers, and round robin DNS.
Not to mention that it shouldn't be too hard to figure out what's rebooting the server since it liberally writes to the Event Log.
Of course, you can tell it NOT to reboot automatically, you know.
To be specific, you're looking at doing policy based routing. Normally, routing is only done based on destination network. But, in this case, we want to route based on destination ports (or ToS if these games happen to classify their packets with it). iproute2 can route based on ToS, but not by destination ports. However, it can route on fwmarks as well. And iptables can mangle packets based on an incredible amount of filters (including destination ports) and apply fwmarks.
So, yeah, you're close...but not quite. You're missing the actual routing part. man ip for some of the nitty-gritty details. FWIW, here's a quick shell script that should do the trick:
# !/bin/bash
# Assume default gateway is the gaming T1
# Assume eth0 is internal, eth1 is gaming T1, and eth2 is HTTP T1
IP0="internal ip"; NET0="IP0/mask"
IP1="ip address of gaming T1"; NET1="IP1/mask"; GW1="gateway of gaming T1"
IP2="ip address of HTTP T1"; NET2="IP2/mask"; GW2="gateway of HTTP T1"
# Flush residual routing info
ip route flush table 2
# Add some routes to the new table. It'll be the same as the main table, but with a different default gateway.
# For the local network
ip route add table 2 to $NET0 dev eth0 src $IP0 proto static
# For HTTP T1 network
ip route add table 2 to $NET1 dev eth1 via $GW1 src $IP1 proto static
# For gaming T1 network
ip route add table 2 to $NET2 dev eth2 via $GW2 src $IP2 proto static
# Loopback
ip route add table 2 to 127.0.0.0/8 dev lo src 127.0.0.1 proto static
# The default gateway on this routing table will be the HTTP T1
ip route add table 2 to default dev eth2 via $GW2 src $IP2 proto static
# Select and mangle packets
# Add a fwmark to packets destined for HTTP servers coming in on eth0
iptables -t mangle -A PREROUTING -p tcp --dport 80 -i eth0 -j MARK --set-mark 2
# Select and mangle any other packets that you want to go out the HTTP T1
# Do Source NAT so that replies come back on the right interface
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to-source $IP1
iptables -t nat -A POSTROUTING -o eth2 -j SNAT --to-source $IP2
# Now we'll add the routing rule
# If the packet has a fwmark of 2, then use table 2 to route it, which sends it out the gaming T1
ip rule add fwmark 2 table 2
# Flush the routing cache so our changes take effect
ip route flush cache
You'd probably want to add some firewalling rules in there as well, and I'll leave it up to you to drop P2P, etc., but that should get you started.
P.S. You could skip all the iptables stuff if you just wanted to route based on the stuff iproute2 knows about. IIRC, that would be destination address, source address, ToS, or incoming interface. None of which would help in classifying web traffic, though.
I was talking more along the lines of the OP question, which is routing eg. destination port 80 one way and all others another.
Basically, you'd be looking at doing the following things. Multiple outbound providers, which will need another routing table built for the second link. Then you'll need to dive into QoS to split up your traffic into your definitions of bulk (HTTP, FTP), priority (Gaming), and drop (P2P). I notice that you have no default set up, but I leave that up to you. Finally, you can use iptables to mark and NAT your traffic out the right interface.
Under Windows, you would need some advanced routing software I think. ISA may do it, but I doubt your budget allows it. By default, Windows does have the ability to enforce QoS terms, but you'd need something to apply those QoS marks (I doubt that games commonly mark their packets with ToS)...which means a bridge in front of the Windows router. Might as well use a Linux router instead.
If anybody knows of a way to get a Windows box to route based on ports, I'd love to hear it.
Oh, and a simple solution for the exact problem you describe (which I don't think is what you really want) would be a proxy for the HTTP and FTP link, and a router for the other link. All HTTP and FTP requests would be sent out the proxy, everything else would go the default route (to the router) which could be configured to drop P2P and route everything else. Optionally, you could do QoS on the router to prioritize certain traffic. If you go that route, I'm fond of AnalogX Proxy (for Windows) because it's free and simple. Of course, that does require client configuration....unless you use Transparent Proxying.
And those cars' technology is protected with patents out the wazoo. And no one is giving away FOSS cars, or even producing them for that matter.
I also fail to see where you don't have a choice between MSFT and FOSS as it stands now. Just because it may be easier to stay with MSFT doesn't make it a forced issue.
MSFT is concerned, and rightfully so, about protecting their IP. As of now, it's the only proven way to make money in the software market.
Hmm...with the DMCA, are you sure that it's not illegal? Obviously, the Republican aide knew that they weren't supposed to be there before reading them. What's the difference between trolling a share for files inadvertently placed there and knocking on ports for inadvertent open ones? I don't think the DMCA, or any computer cracking law, has ever made a distinction as to what constitutes reasonable protection.
And, if not illegal, it was definitely unethical. Accessing information which you know you have no legal right to is unethical...especially in matters of public gov't.
Of course, Websphere itself is NOT open source. And, it's really based on Java, which again is NOT open source (though IBM would like it to be). It's HTTP server is based on Apache, but what makes it unique is in Java. And, as IBM has said, Websphere is a commercial product and it would be unrealistic to open source it. And Sun has stated that IBM's idea to open source Java is "bonky".
It looks to me that Red Hat lost around $6.5 million last year. Add to that the $140 million the year before, and the $86 million before that and I think they're a large black hole...even with the current $8 million profit they're showing. Of course, I didn't say they couldn't make money...I said they're not making a killing...which MSFT is. Add the fact that Red Hat recently dropped their consumer offerings and focused on the enterprise (which is about when they started to make money), and I'd say they're still trying to figure things out. Novell's acquisition of Suse and Ximian show that they're reengineering their strategy as well. Neither has shown that they can compete with MSFT in the desktop or application market.
Apps don't, or shouldn't, be writing to the necessary keys for starting the system all the time. The HARDWARE, SYSTEM and SAM keys are seperate files on disk. MSFT may put some necessary things in SOFTWARE (I've never tried to remove it and reboot...but maybe I will), which apps do write to, but that is an implementation problem-not a design one.
Yes, you can. It requires forethought by the app developer, to seperate his keys by version, but the registry does not limit this.
And some config files are not writeable by users. Once again, this is an app problem, not a registry problem. If it requires admin access to install a non system component, then the app is coded wrong. Note that I think DirectX is, and probably should be, a system component, so you may run into trouble there.
Oh, one more thing...If Windows apps would (a)only put meaningful, configurable values in the registry, and (b)cleanly uninstall themselves, the registry would be a lot cleaner and easier to navigate.
That's a programmer problem, not a design problem. Not to mention that many config files are way too complex as well. One thing that's nice about config files, however, is that you can include comments. While you could do this with the registry (with the EXPAND_SZ, expand string, type) it's not optimal as it increases the size. And nobody does it. [aside]If programmer's don't want you to change values or the values are meaningless...why make it changeable? Why not hard code it?
A redesign of the registry with a seperate table for comments would be interesting, I think. That way, when using editing tools, the comment table could be referenced. But, when loading or executing software, the comments would not hinder performance.
While I somewhat agree on this point, I have to note that corrupted config files will also prevent Linux from booting. I don't know the format that Windows uses for the registry tables, but it should be recoverable. Also note that I've yet to see any registry corruption on Win2000+, except with HW failures. I think the inclusion of something similar to BartPE or ERD Commander would also be a worthwhile replacement to MSFT's extremely limited Recovery Console. And frequent, automated, timed backups of the registry (at least OS configuration) should be done.
My Win2003 server, excluding registry backups and the user.dat portion, is only 23MB. 17MB of that is in HKLM\SOFTWARE (I have a lot of software installed). Perhaps someone handier than me in Linux could tell us what size all of the config files for a normal desktop come to (actual space on disk, ot just data size).
While true that you can't move some parts of the registry between machines (parts dealing with hardware and the like), software configuration is easily moved. I don't recommend moving the entire hive, as it would no doubt cause problems, but .REG files can be imported/exported with no problem. And .REG files are pretty portable (and text based), though it does require some editing and checking of data types to move from NT based to 9x based machines. With NT becoming the standard, though, that concern should go away.
Perhaps a DBA could chime in with better info, but I think that you would then be duplicating database structure overhead on each of those files. While I see the concern of a single point of failure for all software in the machine, automated backups and sensible defaults should mitigate that somewhat.
I think the main advantage of the registry is a central location for configurable values. By using a database, you should also have the advantage of database reliability and performance. Of course, the real problem with it would be getting everyone to use it.
Not very many companies are making a killing on OSS right now. Some, like IBM, are subsidizing it from their HW sales. Others, like Novell, Red Hat, and Ximian, are still trying to figure it out. I'd say it's a bit early to call it won.
Just about every business model, not just software, depends on control. That's why businesses spend so much money getting IP protection laws passed. Every business wants locked-in customers, it's a good revenue stream. When OSS companies start playing with the big boys (public investors), they're going to have to find a way to keep them happy.
Let's see. According to the latest FY2004 1st quarter results (ending on Sept 30, 2003), MSFT gets about 15% of their revenue from segments besides OS and Office sales.
However, if you take the time to read thru their segmentations, you'll notice that Server and Tools also includes MSDN training and tools, certifications, MS Press, consulting services, and Premier PSS - all non software revenue. According to their financial highlights, we can calculate that Consulting and PSS revenue was $231 million, and MSDN and MS Press was $190 million. Their Office segment also includes revenu from LiveMeeting and Professional PSS, but they don't give figures to calculate that portion of it.
Adding those numbers together, we can see that non-software revenue is about 20% of their total revenue. That is also significantly higher than the previous year, while their OS and Office segments have been relatively flat (do you think someone at MSFT might have noticed that?).
Okay, so we can realistically claim that 80% of Microsoft's revenue is from software sales. But, that 20% of non-software revenue (which, again, is growing) is a pretty impressive $1.7 billion (that's with a B) per quarter - that's about $7 billion a year.
To put that into perspective, VA Linux's revenue is $24 million (that's with a M) a year. Red Hat's revenue is $90 million (that's with a M) a year. Novell's revenue is $1.1 billion a year. Sun's revenue is $11 billion per year (but note that they lost money, even discounting non-recurring expenses).
IBM's revenue is a much higher $80 billion a year...but let's take a look at their cost of revenue and expenses. While MSFT earns almost an ungodly 30% profit on its revenue, IBM's profit is a paltry 8% (I didn't include non-recurring expenses)! MSFT nets more profits on it's $30 billion of revenue than IBM does on it's $80 billion! The story is much the same with HP, though their profit is a even smaller 5%.
I think it's safe to say that MSFT's non-software revenue is quite healthy, and ever growing.
While I like FOSS, I've yet to see how it can sustain a viable corporate business. And, until that time comes, investor money will continue to flock to MSFT so that they can make even more $$. And, even if FOSS wins the war, expect MSFT to remain around for quite a long time. Despite what Linux zealots may think, MSFT is not stupid, and they know how to make money. In the game of business, that's what it's all about...not the ideals of FOSS.
As for people with "normal intelligence" interpreting the straw "riddle", I think you greatly overestimate the population's college education and time away from college fluid mechanics courses.
Though I'm too lazy to look up facts in support of this, I'd wager a minority of the population has attended and/or graduated from college. Furthermore, I'd wager an even smaller percentage have taken a 2nd level physics class that would possibly expose them to the science of air pressures and vacuums. And, to top it off, I'd guess that a reasonable median of the age of this population would be in the mid-40's. That means that those who did attend college, and who did take a physics course that explained to them air pressure equalization would have had 20+ years in which to forget it all. And, if that wasn't enough, the issue was further confused by replacing the somewhat common term "vacuum" with "negative atmosphere".
Just because you learned something in college doesn't make it something deducible from "normal intelligence". That's why you had to go to college to learn it.
I completely agree that basic knowledge of the English language is a necessity. Which is why it's stupid to call a straw "a negative atmosphere liquid transport device".
Everybody knows what a straw is. Not everybody should be expected to decode some linguist geek's idea of a practical joke for everyday terms. That's why we come up with names for common items...to prevent everyone calling it whatever they feel like at the moment. It enables us, as a society, to communicate with each other. If you'd rather use [arguably] more precise, scientific language to describe common ideas and terms, perhaps you should only communicate with other obvious prodigies and leave the rest of us normal people alone.
Words and language are meant to effectively communicate ideas. While descriptive language for the purpose of clarifying intent is reasonable, purposefully discombulating the English language as to disguise the idea behind the words is juvenile and mildly retarded.
And it's also quite simplistic, which is why it's nowhere near as humorous as a purported organization supporting the ban of dihydrogen monoxide. A lot of thought and effort went into that practical joke-which is why newspapers are picking up on it and laughing, too. Your straw joke has no one laughing but yourself...except, perhaps, at your notion that you are somehow intellectually superior because of it.