Besides the regular ethereal suggestions if you're trying to do something on the cheap consider installing a lightweight Snort on each of the clients. If something is up it's bound to at least trigger some sort of Snort log. And it'll cluster around your incidents. Although, hands down, Ethereal on a span port or network tap is a better option. -Pk
No, that didn't happen. With DNS there was the problem of bogus entries being added even though the settings were only domain computers were to be automagically added. And that was slightly disheartening but never easily reproducible, it'd just 'happen' sometimes.
WINS wouldn't seem to flush old entries even when you tried to force it. So if you have/had a netbios alias on a system in the registry, you couldn't ever get rid of it easily. It would linger until some seemingly arbitrary day/time and it'd go away.
Did you actually get FRS working on large volumes without eating itself? I ended up with problems with permissions and stability of the service. No lost data but it wasn't staying up on our larger volumes (> 100GB). Any pointers? -Pk
In AD you don't have a PDC versus BDC concept. Just domain controllers. I'd consider investigating having a W2K and W2K3 server. In the past year I've worked with W2K3 quite a bit and I've had great as well as frightening experiences. In the past ~4 months or so the availability of good W2K3 documentation has increased significantly, the MS support too.
I find W2K3 to be quicker and have more nifty options and features. It also depends on your client population, with XP being more easily manages under W2K3 with the stock GPO, copies, and templates provided.
At the same time I've had problems with W2K3 as a DNS/WINS server. And a DFS server. It took a long time and lots of digging to resolve those issues and it looked like it was the first time MS had come across a lot of the issues we had when we got in touch with them. Eventually worked out but it's never fun to be the first to find a bug in a critical service.
The other annoyance we've had with W2K3 is it's control over W2K clients. Things like IE settings that'd be pushed from our old domain controller or from IEAK stuff stopped working or worked oddly in W2K3. It would store security settings in two files, push only one, confuse clients, etc.
If I had to do it all over again ~today~ I'd go W2K3 because I've found the past few months worth of documentaiton and support to be much better than a year ago.
I should note that the first network I deployed W2K3 in was ~80 nodes. It was critical, 24 hour operation, Engineering intense, lots of storage, license servers, etc. So it wasn't trivial but it's not a University sized environment, not that many thousands of clients.
In conclusion.. I don't have a conclusion. I think I'd have to hear what services besides AD you'd want to run off of it. Do you run DNS, DFS, SFU, Licenses, TS, etc. off of the same servers?
Oh, if you do go W2K3, install the Resource Kit bundle right away, it's priceless for administration and scripting.
Not exactly what you are discussing but there was a lot of hoopla around Sardonix many months back and it doesn't appear WireX has done anything real with it yet. I'm on the mailing list and it sounds of crickets.
Another thing to remember is that there are decent references out there, some quite well known, that people could follow and use but simply don't (Viega's book, and number of HOWTOs, etc.).
In anycase, you might want to approach WireX and see what, if anything, can be done to resurrect Sardonix. Cheers, -Pk
Hrmm. I recall John Mashey posting a big paper on the Origin 3000 series when they first were released (~July 2000).
In it he talked about an extra ASIC being thrown in to allow the use of Itanium. There was some speculation the ASIC would have to be re-worked for McKinnly but anyhow...
I also recall the bricks for the MIPS procs having plenty of extra space, it was rumoured the extra space was since Itanium would us the same basic brick and needed a lot more space for cooling or what-not.. anyhow (again)..
Point being, SGI could possibly be considering a Linux version of Fuel since it is basically a single-processor O3000. Perhaps they intend to have an IA-64 version w/ a special version of Linux on it.
That'd be awfully neat IMO... not sure if it's a great business plan but it occurred to me it seems technical feasible and likely already in somebody's mind at SGI.
-Pl
First off, I don't think RHN was ~ever~ $30/mo. They may have new services at $30/mo (which I didn't find) but it was $19.95/mo (~$240/yr) and gets discounted significatly at 5+ systems until it drops a bit more than 50%.
2nd, those who don't want to pay just don't understand what will happen. There has to be an OSS company to progress at any reasonable rate (and some people would argue the rate of progression has been slow).
I'm not just talking about Linux but the companies that support Apache, Perl, etc.
Whether it's Mandrake, RH, SuSE, Connectiva or whatver.. support them financially as best you can. Drop a few bucks in the PayPal accounts of those OSS developers who post the link. Buy 'em a beer or a CD.
If you can, throw a bit of money at the EFF, FSF, Perl Foundation, etc. OSS and digital rights organizations.
Every little bit helps... and that is just financially.
If you can dive into code, submit proper bug reports, thanks the developers on occasion, educate yourself beyond the meaningless banter on boards, IRC, USENET.... (It's not all meaningless but the signal to noise ration is getting worse.)
Just go out and support these companies and organizations or eventually, they just won't be there for us. Sure the software, as is, will always be around but the number of active projects, the support of HW, etc. will just fall off into nothingness if we're not careful. And it isn't spectacular now as it stands...
Best wishes, -Pk
The 'Workgroup' service at ~$240/yr provides a proxy and satellite service. Providing features are you describe... but you'd still need to get the subs for ea. box (the cost comes down ~50% in any real volume)...
Or you can try to use "current" which is a RHN server clone w/o all the bells and whistles. Hit Freshmeat.net if you want...
Slashdot Mirror
Besides the regular ethereal suggestions if you're trying to do something on the cheap consider installing a lightweight Snort on each of the clients. If something is up it's bound to at least trigger some sort of Snort log. And it'll cluster around your incidents. Although, hands down, Ethereal on a span port or network tap is a better option. -Pk
WINS wouldn't seem to flush old entries even when you tried to force it. So if you have/had a netbios alias on a system in the registry, you couldn't ever get rid of it easily. It would linger until some seemingly arbitrary day/time and it'd go away.
Cheers, -Pk
Did you actually get FRS working on large volumes without eating itself? I ended up with problems with permissions and stability of the service. No lost data but it wasn't staying up on our larger volumes (> 100GB). Any pointers? -Pk
I find W2K3 to be quicker and have more nifty options and features. It also depends on your client population, with XP being more easily manages under W2K3 with the stock GPO, copies, and templates provided.
At the same time I've had problems with W2K3 as a DNS/WINS server. And a DFS server. It took a long time and lots of digging to resolve those issues and it looked like it was the first time MS had come across a lot of the issues we had when we got in touch with them. Eventually worked out but it's never fun to be the first to find a bug in a critical service.
The other annoyance we've had with W2K3 is it's control over W2K clients. Things like IE settings that'd be pushed from our old domain controller or from IEAK stuff stopped working or worked oddly in W2K3. It would store security settings in two files, push only one, confuse clients, etc.
If I had to do it all over again ~today~ I'd go W2K3 because I've found the past few months worth of documentaiton and support to be much better than a year ago.
I should note that the first network I deployed W2K3 in was ~80 nodes. It was critical, 24 hour operation, Engineering intense, lots of storage, license servers, etc. So it wasn't trivial but it's not a University sized environment, not that many thousands of clients.
In conclusion.. I don't have a conclusion. I think I'd have to hear what services besides AD you'd want to run off of it. Do you run DNS, DFS, SFU, Licenses, TS, etc. off of the same servers?
Oh, if you do go W2K3, install the Resource Kit bundle right away, it's priceless for administration and scripting.
Anyhow, good luck, Cheers, -Pk
There are also any number of cert. based authentication like Permeo.com and Aventail.com. Cheers, -Pk
Another thing to remember is that there are decent references out there, some quite well known, that people could follow and use but simply don't (Viega's book, and number of HOWTOs, etc.).
In anycase, you might want to approach WireX and see what, if anything, can be done to resurrect Sardonix. Cheers, -Pk
Hrmm. I recall John Mashey posting a big paper on the Origin 3000 series when they first were released (~July 2000).
In it he talked about an extra ASIC being thrown in to allow the use of Itanium. There was some speculation the ASIC would have to be re-worked for McKinnly but anyhow...
I also recall the bricks for the MIPS procs having plenty of extra space, it was rumoured the extra space was since Itanium would us the same basic brick and needed a lot more space for cooling or what-not.. anyhow (again)..
Point being, SGI could possibly be considering a Linux version of Fuel since it is basically a single-processor O3000. Perhaps they intend to have an IA-64 version w/ a special version of Linux on it. That'd be awfully neat IMO... not sure if it's a great business plan but it occurred to me it seems technical feasible and likely already in somebody's mind at SGI. -Pl
And BTW, RHN is still FREE for _one_ system. You just won't get some of the extra features (like ISO bits)... -Pk
BTW, for those who already haven't seen Gabber has GPG support. This should surely make some ppl happier, full-blown GPG in IM. -Pk
First off, I don't think RHN was ~ever~ $30/mo. They may have new services at $30/mo (which I didn't find) but it was $19.95/mo (~$240/yr) and gets discounted significatly at 5+ systems until it drops a bit more than 50%. 2nd, those who don't want to pay just don't understand what will happen. There has to be an OSS company to progress at any reasonable rate (and some people would argue the rate of progression has been slow). I'm not just talking about Linux but the companies that support Apache, Perl, etc. Whether it's Mandrake, RH, SuSE, Connectiva or whatver.. support them financially as best you can. Drop a few bucks in the PayPal accounts of those OSS developers who post the link. Buy 'em a beer or a CD. If you can, throw a bit of money at the EFF, FSF, Perl Foundation, etc. OSS and digital rights organizations. Every little bit helps... and that is just financially. If you can dive into code, submit proper bug reports, thanks the developers on occasion, educate yourself beyond the meaningless banter on boards, IRC, USENET.... (It's not all meaningless but the signal to noise ration is getting worse.) Just go out and support these companies and organizations or eventually, they just won't be there for us. Sure the software, as is, will always be around but the number of active projects, the support of HW, etc. will just fall off into nothingness if we're not careful. And it isn't spectacular now as it stands... Best wishes, -Pk
The 'Workgroup' service at ~$240/yr provides a proxy and satellite service. Providing features are you describe... but you'd still need to get the subs for ea. box (the cost comes down ~50% in any real volume)...
Or you can try to use "current" which is a RHN server clone w/o all the bells and whistles. Hit Freshmeat.net if you want...
-Pk