Search results

  1. O

    Ceph Storage with OpenNebula or OpenStack

    We're running a production CEPH + OpenNebula (KVM) cluster - nothing mission critical yet though. All SuperMicro, compute and storage are separate machines. We're very happy with CEPH. We've made a couple pretty silly mistakes as we learned how to manage it, we've abused the crap out of it as...
  2. O

    EonNas and High availability with ZFS

    To avoid repeating myself, here are a few of my posts about Infortrend (note; not the same product line you're requesting but the most egregious issues were with how the company handled our issues):
  3. O

    Build a 100 TB Enterprice Class SAN for $50k?

    I hope you guys suggesting/using Infortrend are talking about their basic EonStor stuff - it's totally fine. Run away as fast as you can from their ESVA equipment and/or anything you expect good support on from them. We bought an "HA" ESVA (not cheap, btw) and it was the worst POS unit and...
  4. O


    We use Vipre on hundreds of workstations. It's MEH (which I sadly think is about the best you can expect). It has so-so detection rates (it catches the common stuff), OK management (with some awesome bugs where you eat 2, 3, 4, ++ licenses with one system sometimes - though they aren't...
  5. O

    Cable Internet (Is a local area network really private)

    On our Comcast Fiber 'Business Ethernet' DIA circuit the firewall blocks massive numbers of local IP addresses headed to our public NTP pool servers. I called them out on NANOG and half a dozen engineers talked to me about it for couple weeks or so, starting off with "FU, NO WAY!", fading to...
  6. O

    question about accesslist

    Your printer absolutely can be an attack surface (even just printing to it - many accept new firmware via a print job!). Make sure it's firmware is up-to-date.
  7. O

    How does bitdefender know if a password is weak?

    Passwords less than 15 characters are trivial to crack the hash on (IE instant) - it might as well be plain text on the machine. It's been a gaping hole in Windows security for a long time and no one seems to notice/care.
  8. O

    Anyone use ownCloud?

    We use it rather successfully as an FTP replacement at work. Relatively easy GUI, we set it to auto-expire share links after a week, wrote scripts to email managers what files in their employee's user accounts to make sure users don't put sensitive files there, and can allow anonymous/auth free...
  9. O

    Advice needed: server for 48 SSDs (professional project)

    So whatever is feeding the initial data to the drives is apparently SAS connected? That's a lot better than what I was envisioning... there are products that you plug bare SSDs into (and sometimes use outdoors) that record lots of data to them and then you're expected to take that bare SSD and...
  10. O

    Advice needed: server for 48 SSDs (professional project)

    This sounds like an awkward workflow. Do they screw in the drives to the hot-swap trays and then load them, copy, remove them, and repeat? I'm guessing the device they're getting their initial data from isn't using the same hot swap bays as any server solution like the SuperMicro. SATA...
  11. O

    Quick question: Can pfSense be booted & ran off of a USB memory stick?

    If you use good SSDs you can run a full installation with heavy logging just fine. I've had Intel 320 SSDs in a very large HA setup (~200mbps flowing through it during business hours protecting several networks including a public /24) that have been alive for a couple years no issue. That said...
  12. O

    ZFS cluster: anyone tried RSF-1?

    We have a license with our Nexenta. It works well in testing - we haven't had to rely on it in a failure (yet).
  13. O

    Supermicro - what's your experience?

    I find them more reliable than our HP servers and the VAR we buy from is far more reliable, kind, and reasonable with warranties - if I tell them a part is bad they ship me the part overnight immediately without hours of diagnostics or disagreements we often get from HP. They cost about half...
  14. O

    VMware license question...

    So we just got our renewal quotes from VMware... Not much change in pricing except they're telling us that our 2x VMware Essentials Plus clusters will now require us to also pay 2x support contracts for VSA to go with them - something we've never used, don't require, and don't want. It doubles...
  15. O

    ZFS ZIL Question

    I haven't tested the S3700 but (massively) "short stroking" the Intel 320's provided nearly double the I/Os when I set a few systems up a few years ago.
  16. O

    syslog storage from ESXi 5.5

    We're very happy with ELSA : We collect millions of logs every day from dozens of sources.
  17. O

    big zfs ssd problem - zil/l2arc max 2500 iops

    You should search the forum for posts by Nex7 - who is/was a Nexenta employee. He goes over why SSDs get less IOPS than you expect and why multiple SSDs do not help (much). He has thorough answers but the jist is; The ZIL is essentially a QD1 write pattern, and worse than an average benchmark...
  18. O

    Password policy

    We use this on a 6 month rotation. We're working toward 2-factor auth everywhere so we can drop the 15 character requirement and bring it back down to a more sane 7-8 characters. Unfortunately our hand was forced on the 15-character requirement as a stop gap (LM-hash issues that still exist...
  19. O

    HP Procurve 1810g v2 (version 2)?

    Since the thread was ressurected, I have one more comment about the 1810's; They are garbage if you want to collect SNMP data. We started collecting a lot more with Nagios (port speeds, traffic metrics) and it brings their management interface to it's knees. We're going to have to replace...
  20. O

    48+ port switches

    I have a large number of Netgear GS105 and GS108 switches in peoples offices/cubes. It's relatively common that they die and grenade the entire network segment they're on. I'd guesstimate we have ~80-100 of them in service and around once every 4-6 months we have a blowout. They're cheap and...
  21. O

    Software RAID6 vs Hardware

    Often but definitely not always. This entirely depends on what you use. If you use MDADM or ZFS that is simply not true. In fact one of the biggest reasons to NOT use a Hardware raid controller is you need the EXACT same card if it fails. A good software raid (again MDADM/ZFS/etc) you can...
  22. O

    Automatically switch DNS servers based on IP?

    You'll need to tell us what kind of VPN you're using and what program or setup you're using to connect to it. For example; my OpenVPN configurations specify a DNS server, which are only used when the VPN is connected to alleviate this problem - however ALL DNS traffic flows over the VPN when...
  23. O

    Intel SSD --- G1 & G2 --- Usage Report

    I've got a few 300gb 320's that have been heavily used for ZIL's (not exactly what you asked, but shows some longevity). The one with by far the most writes isn't plugged in, but the other is doing pretty well too: Power On Hours: 11300 Power Cycles: 4 Written: 16TB Read: 348MB Wear...
  24. O

    Proprietary connector in Mac Pro?

    It remains to be seen if TB is sufficient. Do the 6 ports do 20gb total (likely)? If they do 40gb, then your gfx cards cut directly into that, when you use them. If you're going to run retna displays you'll be eating a lot of your 20gb bandwidth with that. If you want to capture 4k video, there...
  25. O

    3Tb and ZFS reliablity question

    Take a look at this:
  26. O

    Looking for a service similar to Dropbox does many enterprise things dropbox doesn't (much better user management). We switched a while back because of security concerns with dropbox, as well as some serious bugs that they seemed to have no interest in fixing. At LISA a few years ago I brought up several bugs to a dropbox...
  27. O

    SSD for ZIL

    The most important factor is capacitors for your ZIL. Please search the forum about it, you'll find many posts (by me and others). That DC S3700 might be a good option (I haven't tested one I got yet). Most MLC is actually fine at this point if you under-provision it, unless you plan to...
  28. O

    Multiple NAS's - HD Streaming - One-to-Many Replication

    Easily the worst vendor issue I've experienced in my career was with Infortrend. We were rather happy with the EONstor units in the past, but trying 'new' products was awful, both from a support perspective (they fired all of their in-house US support/sales team a couple years ago), and a...
  29. O

    Submitting Sessions for VMworld?

    I went 2 years ago and found it to be one of the least useful conferences I've attended. It's great to stroke your e-peen if you're a VCX, but as a (relatively) small customer, hoping to learn (not be used-car-style sold on how rosey shit is)... it was extremely mediocre. Some of the talks...
  30. O

    SuperSSpeed S301 or Intel 313 for zil

    I've never seen/heard of the SSS S301. It claims to have a supercap, making it the clear winner, on top of the claimed write IOPS being 17x higher being a huge advantage. The Intel 313 is not a very good ZIL. That said, it might be a POS, being a no-name brand.
  31. O

    Cisco # of Active TCP Connections

    Export netflows to another device.
  32. O

    VPN for iOS, Android, Windows.

    Very poor advice. PPTP is considered completely insecure at this point. Use OpenVPN, L2TP/IPSec, or an SSL VPN solution. <-- " PPTP is (as of Oct 2012) considered cryptographically broken and its use is no longer...
  33. O

    HP 1810G-24 + an 1810G-24v2 = problems?

    Note there are actually several different models being discussed in this thread: AFAIK the 1810G-24 is the "old" HP switch, which went EOL, but apparently is being brought back according to this link (news to me!) - probably because some people simply wont buy the 3COM lineup...
  34. O

    Why did my cable suddenly double in speed?

    So they can charge you more. Mine doubled (nearly) too, but I also noticed their "list price" for the speed tiers went up. My bill hasn't changed, but I fully expect Comcast to change my price (up) without notice eventually.
  35. O

    ZFS as ESXi datastore

    The SSD controller needs to know it lost power so it can flush its cache.
  36. O

    SonicWALL TZ 210 or Cisco ASA 5510?

    I have this. My supermicro servers are overnight 3yr warranties and I stock really common parts on the shelf. I have a support contract with bsdperimeter - which I rarely need, but sometimes (ab)use to save time or verify best practice.
  37. O

    Supermicro: 6047r-e1r72l 72 drives in 4U

    It uses backplanes (all of the SM servers like this do afaik) -- if you click "parts list" at the bottom of the page it shows you the model and information about the backplanes.
  38. O

    A small datacenter build and other projects

    We've got Nagvis on top of our Icinga and it does heat mapping.
  39. O

    What are you deploying as router solutions?

    I haven't had to deal with that (yet). We have dedicated circuits for our VPNs with fail over to our other lines via Quagga. VOIP is the primary use, but a lot of AD/minor filesharing/etc flows over the line and we've never had a complaint about VOIP, even when under moderate load. Does it...
  40. O

    What are you deploying as router solutions?

    In my current gig, all pfSense (multi-location, 'medium'-sized business). I installed them when I was working for a consulting firm and I'm damn glad I did. My previous consulting firm was installing Junipers that were a serious PITA to manage (especially with no staff specializing) and...