From sage-members-owner@usenix.org Sat Jan 1 18:33:07 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j022X5n3013607 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 1 Jan 2005 18:33:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j022X5MF013606 for sage-members-outgoing; Sat, 1 Jan 2005 18:33:05 -0800 (PST) Received: from smta04.mail.ozemail.net (smta04.mail.ozemail.net [203.103.165.80]) by usenix.org (8.12.10/8.12.10) with ESMTP id j022Wun2013600 for ; Sat, 1 Jan 2005 18:33:02 -0800 (PST) Received: from [127.0.0.1] ([203.61.135.121]) by smta04.mail.ozemail.net with ESMTP id <20050102023247.IHZG590.smta04.mail.ozemail.net@[127.0.0.1]>; Sun, 2 Jan 2005 02:32:47 +0000 Message-ID: <41D75D3A.2070409@ndietsch.com> Date: Sun, 02 Jan 2005 13:32:26 +1100 From: Nathan Dietsch User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Doug Hanks CC: Doug Hughes , sage-members@sage.org Subject: Re: [SAGE] Lotus Domino design exercise References: <82a71f8a041228144475b6c8dc@mail.gmail.com> <82a71f8a04122820265e29aa0d@mail.gmail.com> In-Reply-To: <82a71f8a04122820265e29aa0d@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Hello Doug (Hanks), Sorry for chiming in late on this, but I just saw it now. Doug Hanks wrote: >On Tue, 28 Dec 2004 22:06:23 -0600 (CST), Doug Hughes > wrote: > > >>Dtrace doesn't make applications faster, it makes debugging system >>performance problems faster by allowing you to tie together information >>across subsystems in a unified way (I/O, CPU, memory, truss, network, >> >> > >Right - it allows you to watch the application execute and you can see >where it spends most of its time. For things like Oracle I would >consider it useless. Oracle doesn't give a hoot about your dtrace >output, unless you have a very very odd error that they aren't able to >figure out. > >I could see dtrace being very useful for application development. I >used it when I was developing sudosh. It's pretty much a development >tool. Doesn't belong in production. > > I think you are missing the point about DTrace. Whether or not DTrace is integrated with Oracle is besides the point. While DTrace allows you to watch the performance or system usage of individual applications, ala truss(1m), it goes beyond that. DTrace allows you to watch the system as a whole, at a much deeper level than say prstat or the generic top command. If you were debugging a problem with sudosh (which, by the way, is very cool), you could use either truss or DTrace as the problem is focused on one particular application. However, DTrace will allow you to see the effect on the system as a whole, which relates to Doug's holistic comments. What I have said is very generic, but for a specific example, DTrace allows a sys-admin to view the per process I/O load on a system, something which was very hard to do on Solaris previously. The author of the iosnoop script, Brendan Gregg, has many other such scripts at [0] I would look at the DTrace information available at Sun [1] before judging it based on an executive briefing done by Sales guys. Kind Regards, Nathan Dietsch [0] http://users.tpg.com.au/adsln4yb/dtrace.html [1] http://www.sun.com/bigadmin/content/dtrace/ >That's interesting about UFS+. I've never heard of it. I will do >some reading on it - thanks for the note! > > > From sage-members-owner@usenix.org Mon Jan 3 09:42:47 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03Hgkn3020109 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 09:42:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j03Hgk44020108 for sage-members-outgoing; Mon, 3 Jan 2005 09:42:46 -0800 (PST) Received: from mail-yellow.research.att.com (mail-dark.research.att.com [192.20.225.112]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03Hghn2020102 for ; Mon, 3 Jan 2005 09:42:44 -0800 (PST) Received: from [135.207.39.163] (castle7163.research.att.com [135.207.39.163]) by bigmail.research.att.com (8.11.6+Sun/8.11.6) with ESMTP id j03HgVN13599 for ; Mon, 3 Jan 2005 12:42:35 -0500 (EST) Mime-Version: 1.0 (Apple Message framework v619) Content-Transfer-Encoding: 7bit Message-Id: Content-Type: text/plain; charset=US-ASCII; format=flowed To: sage-members@usenix.org From: Andrew Hume Subject: [SAGE] simple database problem Date: Mon, 3 Jan 2005 12:42:39 -0500 X-Mailer: Apple Mail (2.619) Sender: owner-sage-members@usenix.org Precedence: bulk i have an application which needs to maintain a mapping of (name,md5sum) to pathname for 10k-1000k mappings. currently, we convert the key to a string, and use gdbm (or ndbm). (the application runs on Linux, FreeBSD, MacOSX, Solaris and Irix.) 30% of the time, we add a single mapping, 20% of teh time we delete a mapping, and 50% of the time, we print out all mappings. rarely, we add or delete a largish number of mappings. the problem is that on Linux (actually, i could just stop here, couldn't I?), the 'print all' operation can take 30mins or more on a busy machine, (busy here means lots of I/O) as opposed to the normal 2-3secs, apparently because of the random seeking around in the database file. performance is significantly helped by simply running 'wc db.dbm' just prior to using the database. is there a better way to implement this databse that will not be prone to this kind of 'failure' (and make no mistake, taking 30mins is for all intents and purposes, a failure)? of course, this does not manifest itself on any of our other platforms, but Linux performance has always been unusually fragile with respect to the contents of teh buffer cache. ---- Andrew Hume (best -> Telework) +1 732-886-1886 andrew@research.att.com (Work) +1 973-360-8651 AT&T Labs - Research; member of USENIX and SAGE From sage-members-owner@usenix.org Mon Jan 3 10:31:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03IVXn3021284 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 10:31:34 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j03IVXGF021283 for sage-members-outgoing; Mon, 3 Jan 2005 10:31:33 -0800 (PST) Received: from out003.verizon.net (out003pub.verizon.net [206.46.170.103]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03IVVn2021278 for ; Mon, 3 Jan 2005 10:31:32 -0800 (PST) Received: from shamet.sub1.dsl.verizon.net ([70.16.201.181]) by out003.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20050103183126.NAQR1106.out003.verizon.net@shamet.sub1.dsl.verizon.net>; Mon, 3 Jan 2005 12:31:26 -0600 Received: from shamet.sub1.dsl.verizon.net (localhost [127.0.0.1]) by shamet.sub1.dsl.verizon.net (Postfix) with ESMTP id CA96B9B339; Mon, 3 Jan 2005 13:33:07 -0500 (EST) X-Mailer: exmh version VERSION 01/15/2001 with nmh-1.1-RC1 To: Andrew Hume Cc: sage-members@usenix.org, maddog@li.org Subject: Re: [SAGE] simple database problem In-Reply-To: Message from Andrew Hume of "Mon, 03 Jan 2005 12:42:39 EST." References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 03 Jan 2005 13:33:07 -0500 From: Jon maddog Hall Message-Id: <20050103183307.CA96B9B339@shamet.sub1.dsl.verizon.net> X-Authentication-Info: Submitted using SMTP AUTH at out003.verizon.net from [70.16.201.181] at Mon, 3 Jan 2005 12:31:26 -0600 Sender: owner-sage-members@usenix.org Precedence: bulk Andrew, A little more information would be helpful: Is this machine dedicated to the database (I have a feeling it is not, since the buffer cache seems to be trashed by other "things" running)? > performance is significantly helped by simply running 'wc db.dbm' How much real memory does this machine have? Could you sustain the entire database in real memory while also running these other programs? mlock(2) might fix your problems. > apparently because of the random seeking around in the database file. I assume that you have the sources to the database, so you could make changes to it. Is it easy to read the database serially, tossing away records that are not active, rather than randomly, for your "print all"? Thanks, maddog -- Jon "maddog" Hall Executive Director Linux International(R) email: maddog@li.org 80 Amherst St. Voice: +1.603.672.4557 Amherst, N.H. 03031-3032 U.S.A. WWW: http://www.li.org Board Member: Uniforum Association, USENIX Association (R)Linux is a registered trademark of Linus Torvalds in several countries. (R)Linux International is a registered trademark in the USA used pursuant to a license from Linux Mark Institute, authorized licensor of Linus Torvalds, owner of the Linux trademark on a worldwide basis (R)UNIX is a registered trademark of The Open Group in the USA and other countries. From sage-members-owner@usenix.org Mon Jan 3 10:44:05 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03Ii4n3021972 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 10:44:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j03Ii4xE021971 for sage-members-outgoing; Mon, 3 Jan 2005 10:44:04 -0800 (PST) Received: from e-c-group.com (mail.e-c-group.com [216.128.192.246]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03Ii2n2021965 for ; Mon, 3 Jan 2005 10:44:03 -0800 (PST) Received: from [216.128.150.156] (account lindsey [216.128.150.156] verified) by e-c-group.com (CommuniGate Pro SMTP 4.2.6) with ESMTP id 21194819; Mon, 03 Jan 2005 13:43:51 -0500 Received-SPF: none receiver=e-c-group.com; client-ip=216.128.150.156; envelope-from=lindsey@acm.org In-Reply-To: References: Mime-Version: 1.0 (Apple Message framework v619) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <7EB56C3D-5DB7-11D9-AD79-0003937621C6@acm.org> Content-Transfer-Encoding: 7bit Cc: sage-members@usenix.org From: "Mark R. Lindsey" Subject: Re: [SAGE] simple database problem Date: Mon, 3 Jan 2005 13:44:27 -0500 To: Andrew Hume X-Mailer: Apple Mail (2.619) Sender: owner-sage-members@usenix.org Precedence: bulk Not that it helps a lot, but you've just classified your application as having timing requirements, i.e., deadlines -- and therefore it meets the formal definition for a real-time process. So why aren't you using a real-time operating system? ;^) . On Jan 3, 2005, at 12:42 PM, Andrew Hume wrote: > is there a better way to implement this databse that will not be prone > to this kind of 'failure' (and make no mistake, taking 30mins is for > all intents > and purposes, a failure)? From sage-members-owner@usenix.org Mon Jan 3 11:12:49 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03JCnn3022894 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 11:12:49 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j03JCm90022893 for sage-members-outgoing; Mon, 3 Jan 2005 11:12:49 -0800 (PST) Received: from ithilien.qualcomm.com (ithilien.qualcomm.com [129.46.51.59]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03JCkn3022888 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 11:12:47 -0800 (PST) Received: from crowley.qualcomm.com (crowley.qualcomm.com [129.46.61.151]) by ithilien.qualcomm.com (8.12.10/8.12.5/1.0) with ESMTP id j03JCZeD007048; Mon, 3 Jan 2005 11:12:36 -0800 (PST) Received: from grose1.qualcomm.com (vpn-10-50-16-6.qualcomm.com [10.50.16.6]) by crowley.qualcomm.com (8.12.10/8.12.5/1.0) with ESMTP id j03JCXbb016487 (version=TLSv1/SSLv3 cipher=DES-CBC3-SHA bits=168 verify=NOT); Mon, 3 Jan 2005 11:12:34 -0800 (PST) Message-Id: <6.1.2.0.2.20050103110743.0811e378@203.30.171.17> X-Sender: ggr2@203.30.171.17 X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Mon, 03 Jan 2005 11:12:33 -0800 To: Andrew Hume From: Greg Rose Subject: Re: [SAGE] simple database problem Cc: sage-members@usenix.org In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk At 12:42 2005-01-03 -0500, Andrew Hume wrote: > i have an application which needs to maintain a mapping of >(name,md5sum) to pathname for 10k-1000k mappings. >currently, we convert the key to a string, and use gdbm (or ndbm). >(the application runs on Linux, FreeBSD, MacOSX, Solaris and Irix.) >30% of the time, we add a single mapping, 20% of teh time we delete >a mapping, and 50% of the time, we print out all mappings. >rarely, we add or delete a largish number of mappings. > > the problem is that on Linux (actually, i could just stop here, > couldn't I?), >the 'print all' operation can take 30mins or more on a busy machine, >(busy here means lots of I/O) as opposed to the normal 2-3secs, >apparently because of the random seeking around in the database file. >performance is significantly helped by simply running 'wc db.dbm' >just prior to using the database. > > is there a better way to implement this databse that will not be > prone >to this kind of 'failure' (and make no mistake, taking 30mins is for all >intents >and purposes, a failure)? of course, this does not manifest itself on >any of our other platforms, but Linux performance has always been >unusually fragile >with respect to the contents of teh buffer cache. It shouldn't need to be seeking all over the database simply to read out all the contents. You aren't perchance sorting the keys, and then accessing the elements, are you? From perl, the difference between: foreach $i in keys %db and foreach $i in sort keys %db (where %db has been associated with the dbm file) can be extreme. Basically, you should access the database elements in whatever order dbm wants to give them to you, then sort them later if that's what you want. (Note: my experience with this is very dated... it may have changed since the mid-90s. :-) Greg. From sage-members-owner@usenix.org Mon Jan 3 11:24:16 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03JOGn3023560 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 11:24:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j03JOGdl023559 for sage-members-outgoing; Mon, 3 Jan 2005 11:24:16 -0800 (PST) Received: from mail-yellow.research.att.com (mail-dark.research.att.com [192.20.225.112]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03JOAn2023552 for ; Mon, 3 Jan 2005 11:24:14 -0800 (PST) Received: from [135.207.39.163] (castle7163.research.att.com [135.207.39.163]) by bigmail.research.att.com (8.11.6+Sun/8.11.6) with ESMTP id j03JO1N17945; Mon, 3 Jan 2005 14:24:01 -0500 (EST) In-Reply-To: <7EB56C3D-5DB7-11D9-AD79-0003937621C6@acm.org> References: <7EB56C3D-5DB7-11D9-AD79-0003937621C6@acm.org> Mime-Version: 1.0 (Apple Message framework v619) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <0A87F7D8-5DBD-11D9-8B11-000D93C2E218@research.att.com> Content-Transfer-Encoding: 7bit Cc: sage-members@usenix.org From: Andrew Hume Subject: Re: [SAGE] simple database problem Date: Mon, 3 Jan 2005 14:24:09 -0500 To: "Mark R.Lindsey" X-Mailer: Apple Mail (2.619) Sender: owner-sage-members@usenix.org Precedence: bulk maybe, but i hadn't thought so. i just need more predictability about runtimes. i can cope with variability of 1:100; but 1:1000 is too hard. i reiterate that we do not see similiar slowdowns with any other OS we use; just linux. On Jan 3, 2005, at 1:44 PM, Mark R.Lindsey wrote: > Not that it helps a lot, but you've just classified your application > as having timing requirements, i.e., deadlines -- and therefore it > meets the formal definition for a real-time process. > > So why aren't you using a real-time operating system? ;^) > > > > > . > On Jan 3, 2005, at 12:42 PM, Andrew Hume wrote: > >> is there a better way to implement this databse that will not be >> prone >> to this kind of 'failure' (and make no mistake, taking 30mins is for >> all intents >> and purposes, a failure)? > > ---- Andrew Hume (best -> Telework) +1 732-886-1886 andrew@research.att.com (Work) +1 973-360-8651 AT&T Labs - Research; member of USENIX and SAGE From sage-members-owner@usenix.org Mon Jan 3 12:16:43 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03KGgn3025000 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 12:16:42 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j03KGgXf024999 for sage-members-outgoing; Mon, 3 Jan 2005 12:16:42 -0800 (PST) Received: from yorktown.nielsenmedia.com (yorktown.nielsenmedia.com [206.113.192.17]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03KGbn2024990 for ; Mon, 3 Jan 2005 12:16:37 -0800 (PST) Received: from nmrflimg2.enterprisenet.org (nmrflimg2.enterprisenet.org [10.38.67.65]) by yorktown.nielsenmedia.com (8.12.10/8.12.8) with ESMTP id j03KCS3x017580 for ; Mon, 3 Jan 2005 15:12:28 -0500 (EST) Received: from nmr001oldOWA01.enterprisenet.org (unverified) by nmrflimg2.enterprisenet.org (Content Technologies SMTPRS 4.3.14) with ESMTP id ; Mon, 3 Jan 2005 15:16:28 -0500 Received: from NMR001OLDMSX02.enterprisenet.org ([10.38.67.59]) by nmr001oldOWA01.enterprisenet.org with Microsoft SMTPSVC(6.0.3790.211); Mon, 3 Jan 2005 15:16:28 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [SAGE] simple database problem Date: Mon, 3 Jan 2005 15:15:42 -0500 Message-ID: <6DE7EF7CCA44104F9A605106252E974102A7068F@NMR001OLDMSX02.enterprisenet.org> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] simple database problem Thread-Index: AcTxyFPT1kGA4N2jQyKdi7UtUdhTrAACCwUQ From: "Epps, Alan" To: "Greg Rose" , "Andrew Hume" Cc: X-OriginalArrivalTime: 03 Jan 2005 20:16:28.0072 (UTC) FILETIME=[1B3DF280:01C4F1D1] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id j03KGdn2024995 Sender: owner-sage-members@usenix.org Precedence: bulk (Lots of detail deleted....) > > is there a better way to implement this databse > that will not > >be prone to this kind of 'failure' (and make no mistake, > taking 30mins > >is for all intents and purposes, a failure)? of course, this > does not > >manifest itself on any of our other platforms, but Linux performance > >has always been unusually fragile with respect to the > contents of teh > >buffer cache. > > It shouldn't need to be seeking all over the database simply > to read out all the contents. You aren't perchance sorting > the keys, and then accessing the elements, are you? > > From perl, the difference between: > foreach $i in keys %db > and > foreach $i in sort keys %db > (where %db has been associated with the dbm file) can be extreme. > > Basically, you should access the database elements in > whatever order dbm wants to give them to you, then sort them > later if that's what you want. > > (Note: my experience with this is very dated... it may have > changed since the mid-90s. :-) > Greg, Nope, that is still the way Perl functions in v5.x, not sure about v6....anyone?.... Alan -------------------------------------------------------------------- All opinions expressed are my own, not my employer's. Alan S. Epps alan.epps@nielsenmedia.com From sage-members-owner@usenix.org Mon Jan 3 12:26:44 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03KQin3025692 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 12:26:44 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j03KQiTf025691 for sage-members-outgoing; Mon, 3 Jan 2005 12:26:44 -0800 (PST) Received: from mail-yellow.research.att.com (mail-dark.research.att.com [192.20.225.112]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03KQgn2025685 for ; Mon, 3 Jan 2005 12:26:42 -0800 (PST) Received: from [135.207.39.163] (castle7163.research.att.com [135.207.39.163]) by bigmail.research.att.com (8.11.6+Sun/8.11.6) with ESMTP id j03KQXN10155; Mon, 3 Jan 2005 15:26:33 -0500 (EST) In-Reply-To: <20050103183307.CA96B9B339@shamet.sub1.dsl.verizon.net> References: <20050103183307.CA96B9B339@shamet.sub1.dsl.verizon.net> Mime-Version: 1.0 (Apple Message framework v619) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit Cc: sage-members@usenix.org From: Andrew Hume Subject: Re: [SAGE] simple database problem Date: Mon, 3 Jan 2005 15:26:26 -0500 To: Jon maddog Hall X-Mailer: Apple Mail (2.619) Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 3, 2005, at 1:33 PM, Jon maddog Hall wrote: > > Is this machine dedicated to the database (I have a feeling it is not, > since > the buffer cache seems to be trashed by other "things" running)? no. there is a lot going on. > >> performance is significantly helped by simply running 'wc db.dbm' > > How much real memory does this machine have? Could you sustain the > entire > database in real memory while also running these other programs? > mlock(2) > might fix your problems. we have plenty of memory (4GB). the database is modest in size (20MB of data; 160MB on disk). mlock won't work because it is not a server based program; rather, each time the access program runs, it opens the gdbm database and does its business. >> apparently because of the random seeking around in the database file. > > I assume that you have the sources to the database, so you could make > changes > to it. Is it easy to read the database serially, tossing away records > that are not active, rather than randomly, for your "print all"? i use the standard gdbm traverse function (first and next); i know of no other way to traverse a gdbm-style database. all records are active. i presumably can get the gdbm sources; i;m not sure i want to invest the necessary effort to "fix" them. > > Thanks, > maddog ---- Andrew Hume (best -> Telework) +1 732-886-1886 andrew@research.att.com (Work) +1 973-360-8651 AT&T Labs - Research; member of USENIX and SAGE From sage-members-owner@usenix.org Mon Jan 3 13:59:29 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03LxSn3027706 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 13:59:28 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j03LxSiR027705 for sage-members-outgoing; Mon, 3 Jan 2005 13:59:28 -0800 (PST) Received: from mail3.bitpusher.com (monitor.bitpusher.com [64.127.99.32]) by usenix.org (8.12.10/8.12.10) with ESMTP id j03LxRn2027699 for ; Mon, 3 Jan 2005 13:59:27 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail3.bitpusher.com (Postfix) with ESMTP id 6249630C5 for ; Mon, 3 Jan 2005 13:59:15 -0800 (PST) Received: from mail3.bitpusher.com ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 26395-10 for ; Mon, 3 Jan 2005 13:59:13 -0800 (PST) Received: from mail3.bitpusher.com (localhost [127.0.0.1]) by mail3.bitpusher.com (Postfix) with ESMTP id AF6722BED for ; Mon, 3 Jan 2005 13:59:13 -0800 (PST) Received: from 66.150.251.142 (SquirrelMail authenticated user michael@halligan.org); by mail3.bitpusher.com with HTTP; Mon, 3 Jan 2005 13:59:13 -0800 (PST) Message-ID: <50119.66.150.251.142.1104789553.squirrel@mail3.bitpusher.com> Date: Mon, 3 Jan 2005 13:59:13 -0800 (PST) Subject: [SAGE] Reverse DNS, the new spam? From: "Michael T. Halligan" To: sage-members@sage.org User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at bitpusher.com Sender: owner-sage-members@usenix.org Precedence: bulk Maybe I'm slow on this one, but has anybody noticed a trend of reverse dns being used for spamming log files? Specifically, I just looked at web log analysis page for the first time in about 6 months, and found that I had received several thousand hits, all from reverse signatures that seem to be trying to advertise to me. I'm curious if the state of spamming is so desperate that they do such pathetic things, or is this more of a search engine situation? I could see trying to create hundreds of links by hoping that people allow their web stats programs to be indexed by google or overture (or if there are any non-google or overture search engine sites still in existance).. ------------------- BitPusher, LLC http://www.bitpusher.com/ 1.888.9PUSHER (415) 724.7998 - Mobile From sage-members-owner@usenix.org Mon Jan 3 16:22:26 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j040MQn3000081 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 16:22:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j040MQgC000080 for sage-members-outgoing; Mon, 3 Jan 2005 16:22:26 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j040MIn3000075 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 16:22:19 -0800 (PST) Received: from [192.168.2.201] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j040M54j086649; Mon, 3 Jan 2005 19:22:10 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Tue, 4 Jan 2005 01:20:58 +0100 To: Andrew Hume From: Brad Knowles Subject: Re: [SAGE] simple database problem Cc: sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 12:42 PM -0500 2005-01-03, Andrew Hume wrote: > the problem is that on Linux (actually, i could just stop here, > couldn't I?), the 'print all' operation can take 30mins or more > on a busy machine, (busy here means lots of I/O) as opposed to > the normal 2-3secs, apparently because of the random seeking around > in the database file. performance is significantly helped by simply > running 'wc db.dbm' just prior to using the database. I must confess that I don't know a whole lot about *dbm, all I know is that it has always seemed to be slow and non-scalable for the sorts of things I've tried to do with it in the past, in comparison to Berkeley DB. In my own experiences, with a million e-mail addresses in a *dbm file, the system becomes dead-dog slow when you try to handle an operational e-mail load. Substitute db instead, and you can't slow the system down with 10 million e-mail addresses and a much higher load. I even threw 100 million e-mail addresses at the problem, and the system was not measurably degraded over 10 million. Of course, they weren't 100 million real e-mail addresses, so db may have been able to exploit the random methods I was using to generate the input in order to optimize performance at those levels, but the difference between *dbm and db on just one million real addresses was quite extreme. Now, I'm sure that this sounds like a case of "if you only have a hammer", but I'm curious to know why you choose to use *dbm instead of Berkeley DB? Among other things, I know that db will try to cache the entire database in memory, which may or may not be a good thing, depending on your application (although in your case, I think it would probably be good). I also know that db gives you lots of options in terms of storage methods used, and b-tree may be best for some applications, while a hash may be better for others. Contrariwise, *dbm doesn't give you any storage method choices that I know of. Anyway, I don't think that I have any solutions to your specific problems, but I am curious to know why *dbm was chosen over Berkeley DB. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Mon Jan 3 19:03:37 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0433bn3002031 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 19:03:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0433bAH002029 for sage-members-outgoing; Mon, 3 Jan 2005 19:03:37 -0800 (PST) Received: from out002.verizon.net (out002pub.verizon.net [206.46.170.141]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0433Zn2002024 for ; Mon, 3 Jan 2005 19:03:35 -0800 (PST) Received: from shamet.sub1.dsl.verizon.net ([70.20.35.24]) by out002.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20050104030329.OSLR12052.out002.verizon.net@shamet.sub1.dsl.verizon.net>; Mon, 3 Jan 2005 21:03:29 -0600 Received: from shamet.sub1.dsl.verizon.net (localhost [127.0.0.1]) by shamet.sub1.dsl.verizon.net (Postfix) with ESMTP id 964D09B33B; Mon, 3 Jan 2005 22:05:11 -0500 (EST) X-Mailer: exmh version VERSION 01/15/2001 with nmh-1.1-RC1 To: Andrew Hume Cc: Jon maddog Hall , sage-members@usenix.org Subject: Re: [SAGE] simple database problem In-Reply-To: Message from Andrew Hume of "Mon, 03 Jan 2005 15:26:26 EST." References: <20050103183307.CA96B9B339@shamet.sub1.dsl.verizon.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 03 Jan 2005 22:05:11 -0500 From: Jon maddog Hall Message-Id: <20050104030511.964D09B33B@shamet.sub1.dsl.verizon.net> X-Authentication-Info: Submitted using SMTP AUTH at out002.verizon.net from [70.20.35.24] at Mon, 3 Jan 2005 21:03:28 -0600 Sender: owner-sage-members@usenix.org Precedence: bulk Andrew, First of all I would try Greg Rose's suggestion, which is basically another way of doing what I suggested.....extracting the keys and sorting them into disk address order. If that does not work, and seeing that you do not want to make too much "investment" into it, you might try simply dedicating a system to the database to cut down on the I/O buffer and disk contention that you see. andrew@research.att.com said: > we have plenty of memory (4GB). the database is modest in size (20MB > of data; 160MB on disk). mlock won't work because it is not a server > based program; rather, each time the access program runs, it opens > the gdbm database and does its business. Another way of treating this might be to create a RAM-based file system to "shadow" your disk-based one and do all of your reading from that? On booting you can load the database off disk into the ram-based filesystem. All writes and updates would go to both filesystems. andrew@research.att.com said: > i reiterate that we do not see similiar slowdowns with any other OS we use; > just linux. You have had the same load, including all of the other applications, on the same hardware with the same file layout with a different OS? You talked about lack of buffer cache. I can not speak for all of the different operating systems but Digital Unix had a shared VM and buffer I/O pool. As the needs for real, physical memory went up from the VM subsystem, the I/O buffer pool got smaller. As the need for real memory went down, the I/O buffer could grow. All of this was within limits set by the administrator in installing it, but even the default settings allowed for a great set of range, and of course with larger real memory sizes the flexibility got even larger. It is possible that the other operating systems either had this type of mechanism or had their I/O buffer pool configured to a larger size so that the database did not thrash against itself. Since you have the sources for the Linux kernel, you could probably try bumping up the size of the I/O buffer and see if that helps. md -- Jon "maddog" Hall Executive Director Linux International(R) email: maddog@li.org 80 Amherst St. Voice: +1.603.672.4557 Amherst, N.H. 03031-3032 U.S.A. WWW: http://www.li.org Board Member: Uniforum Association, USENIX Association (R)Linux is a registered trademark of Linus Torvalds in several countries. (R)Linux International is a registered trademark in the USA used pursuant to a license from Linux Mark Institute, authorized licensor of Linus Torvalds, owner of the Linux trademark on a worldwide basis (R)UNIX is a registered trademark of The Open Group in the USA and other countries. From sage-members-owner@usenix.org Mon Jan 3 20:23:57 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j044Nvn3003117 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 20:23:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j044Nu1l003116 for sage-members-outgoing; Mon, 3 Jan 2005 20:23:56 -0800 (PST) Received: from q7.q7.com (IDENT:+3ghEp4pq0tY9cQrIgvv1y+8N+/Wghrg@q7.q7.com [207.173.201.42]) by usenix.org (8.12.10/8.12.10) with ESMTP id j044Nsn3003111 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 3 Jan 2005 20:23:55 -0800 (PST) Received: from q7.q7.com (localhost [127.0.0.1]) by q7.q7.com (8.12.8/8.12.8) with ESMTP id j044NdW1030148 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 3 Jan 2005 20:23:39 -0800 Received: from localhost (joey@localhost) by q7.q7.com (8.12.8/8.12.8/Submit) with ESMTP id j044NdP5030144 for ; Mon, 3 Jan 2005 20:23:39 -0800 X-Authentication-Warning: q7.q7.com: joey owned process doing -bs Date: Mon, 3 Jan 2005 20:23:39 -0800 (PST) From: Joe Pruett X-X-Sender: joey@q7.q7.com To: sage-members@usenix.org Subject: Re: [SAGE] simple database problem In-Reply-To: <20050104030511.964D09B33B@shamet.sub1.dsl.verizon.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-sage-members@usenix.org Precedence: bulk i didn't pay attention to the full initial description, but have you tried tweaking with gdbm_setopt? you can change cache sizes and other flags that might impact your performance. i had a similar situation and changing the cachesize option made all the difference. From sage-members-owner@usenix.org Tue Jan 4 05:58:07 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j04Dw6n3021831 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 05:58:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j04Dw63v021830 for sage-members-outgoing; Tue, 4 Jan 2005 05:58:06 -0800 (PST) Received: from f1n1.spenet.wfu.edu (f1n1.sp2net.wfu.edu [152.17.8.11]) by usenix.org (8.12.10/8.12.10) with ESMTP id j04Dw3n2021825 for ; Tue, 4 Jan 2005 05:58:04 -0800 (PST) Received: from f1n11.sp2net.wfu.edu (f1n11.sp2net.wfu.edu [10.1.16.121]) by f1n1.spenet.wfu.edu (8.11.6p2/8.11.6) with SMTP id j04Dvp746134; Tue, 4 Jan 2005 08:57:51 -0500 X-Authentication-Warning: f1n1.spenet.wfu.edu: f1n11.sp2net.wfu.edu [10.1.16.121] didn't use HELO protocol Message-ID: <41DAA0DD.2030008@wfu.edu> Date: Tue, 04 Jan 2005 08:57:49 -0500 From: John Borwick Organization: Wake Forest University User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.3) Gecko/20041110 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Brad Knowles CC: Andrew Hume , sage-members@usenix.org Subject: Re: [SAGE] simple database problem References: In-Reply-To: X-Enigmail-Version: 0.89.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brad Knowles wrote: [snip] | Among other things, I know that db will try to cache the entire | database in memory, which may or may not be a good thing, depending on | your application (although in your case, I think it would probably be | good). I also know that db gives you lots of options in terms of | storage methods used, and b-tree may be best for some applications, | while a hash may be better for others. Contrariwise, *dbm doesn't give | you any storage method choices that I know of. [snip] A DB_CONFIG file can control how much of the database is cached in memory and on disk. It gives you other tunables as well, many of which I'm not familiar with. If you use OpenLDAP with a BDB backend, for example, you *must* have one of these files to control your LDAP server's performance. See recommended OpenLDAP settings at http://www.stanford.edu/services/directory/openldap/configuration/bdb-config.html Yours, John - -- ~ John Borwick ~ System Administrator ~ Wake Forest University | web http://www.wfu.edu/~borwicjh ~ Winston-Salem, NC, USA | GPG key ID 0x797326D5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFB2qDd/81sF3lzJtURAhooAJ9oW7dT5NlriL4aO83LLIBrEAM6dACfaC8b ScOVJJJ+Nawllr9jZXs3bNs= =1wv+ -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Tue Jan 4 11:48:36 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j04Jman3027393 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 11:48:36 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j04Jma1j027392 for sage-members-outgoing; Tue, 4 Jan 2005 11:48:36 -0800 (PST) Received: from gsd.harvard.edu (thoth.gsd.harvard.edu [128.103.170.103]) by usenix.org (8.12.10/8.12.10) with ESMTP id j04JmYn2027384 for ; Tue, 4 Jan 2005 11:48:34 -0800 (PST) Received: from LAPIS.gsd.harvard.edu (lapis [128.103.170.16]) by gsd.harvard.edu (8.12.6/8.12.6) with ESMTP id j04JEISR015978 for ; Tue, 4 Jan 2005 14:14:19 -0500 (EST) Message-Id: <6.1.2.0.2.20050104134159.03491a38@mail.gsd.harvard.edu> X-Sender: betsys@mail.gsd.harvard.edu (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Tue, 04 Jan 2005 14:15:01 -0500 To: sage-members@sage.org From: Betsy Schwartz Subject: [SAGE] incoming file transfers, and collaborative environments in general Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Filter-Version: 1.11a (thoth) X-Virus-Scanned: clamd / ClamAV version 0.67-1, clamav-milter version 0.67a Sender: owner-sage-members@usenix.org Precedence: bulk A specific problem: I've been asked to think about ways to allow "friends of friends" to upload files to our servers. Obviously we don't want to enable anonymous incoming FTP or anything like that - nor do we want to be creating accounts for these users. I think ideally we'd use our existing authentication system to give a user a "ticket" they could give to the sender. Are there any existing systems that allow something like this? In general" what are interesting sites or books to learn about collaborative environments? I know about WebDav and wikis, but beyond that I'm finding a bewildering variety of information (and much hype). I need to become a Subject Matter Expert in this and I'm not quite sure where to start. Our users are architects, landscape architects, urban planners, and other sorts of designers, with a few random Pure Design and Industrial Design and other such folks in the mix. In general they are interested in collaborating on web sites and exchanging Very Large image files, not so much in fancy interactive whiteboards etc (although it would be good to learn more about all that too...) thanks for any pointers Betsy PS for the file transfer, this looks good, but I suspect it's proprietary. I'm waiting to hear back: http://www-db.embl.de/jss/servlet/de.embl.bk.wwwTools.TicketFileStore Betsy Schwartz email: betsys@gsd.harvard.edu Unix Systems Administrator,CRG voice: 617-495-5947 Harvard Graduate School of Design fax: 617-496-5866 From sage-members-owner@usenix.org Tue Jan 4 11:55:49 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j04Jtmn3027883 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 11:55:48 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j04JtmLR027882 for sage-members-outgoing; Tue, 4 Jan 2005 11:55:48 -0800 (PST) Received: from jas.peak.org (peak-colo-196-137.peak.org [69.59.196.137] (may be forged)) by usenix.org (8.12.10/8.12.10) with ESMTP id j04Jtkn3027871 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO) for ; Tue, 4 Jan 2005 11:55:47 -0800 (PST) Received: from sechrest (helo=jas.peak.org) by jas.peak.org with local-esmtp (Exim 4.34) id 1ClumL-0002b6-43; Tue, 04 Jan 2005 11:55:41 -0800 To: Betsy Schwartz Cc: sage-members@sage.org Subject: Re: [SAGE] incoming file transfers, and collaborative environments in general In-reply-to: Your message of Tue, 04 Jan 2005 14:15:01 EST. <6.1.2.0.2.20050104134159.03491a38@mail.gsd.harvard.edu> Date: Tue, 04 Jan 2005 11:55:41 -0800 From: John Sechrest Message-Id: Sender: owner-sage-members@usenix.org Precedence: bulk At some level, you need to authenticate and authorize the people who can post a file. You might take a look at Drupal (drupal.org) and see how they are approaching sharing login data. You want to have a source of authentication/authorization data. The other choice is to use some kind of key exchange. Betsy Schwartz writes: % A specific problem: I've been asked to think about ways to allow "friends % of friends" to upload files to our servers. Obviously we don't want to % enable anonymous incoming FTP or anything like that - nor do we want to be % creating accounts for these users. I think ideally we'd use our existing % authentication system to give a user a "ticket" they could give to the % sender. Are there any existing systems that allow something like this? % % In general" what are interesting sites or books to learn about % collaborative environments? I know about WebDav and wikis, but beyond that % I'm finding a bewildering variety of information (and much hype). I need to % become a Subject Matter Expert in this and I'm not quite sure where to % start. Our users are architects, landscape architects, urban planners, and % other sorts of designers, with a few random Pure Design and Industrial % Design and other such folks in the mix. In general they are interested in % collaborating on web sites and exchanging Very Large image files, not so % much in fancy interactive whiteboards etc (although it would be good to % learn more about all that too...) % % thanks for any pointers % Betsy % % PS for the file transfer, this looks good, but I suspect it's proprietary. % I'm waiting to hear back: % http://www-db.embl.de/jss/servlet/de.embl.bk.wwwTools.TicketFileStore % % Betsy Schwartz email: % betsys@gsd.harvard.edu % Unix Systems Administrator,CRG voice: 617-495-5947 % Harvard Graduate School of Design fax: 617-496-5866 % % % % ----- John Sechrest . Helping people use . computers and the Internet . more effectively . . Internet: sechrest@peak.org . . http://www.peak.org/~sechrest From sage-members-owner@usenix.org Tue Jan 4 12:27:12 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j04KRCn3029165 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 12:27:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j04KRCVD029164 for sage-members-outgoing; Tue, 4 Jan 2005 12:27:12 -0800 (PST) Received: from f1n1.spenet.wfu.edu (f1n1.sp2net.wfu.edu [152.17.8.11]) by usenix.org (8.12.10/8.12.10) with ESMTP id j04KRAn2029158 for ; Tue, 4 Jan 2005 12:27:10 -0800 (PST) Received: from f1n11.sp2net.wfu.edu (f1n11.sp2net.wfu.edu [10.1.16.121]) by f1n1.spenet.wfu.edu (8.11.6p2/8.11.6) with SMTP id j04KQr7146826; Tue, 4 Jan 2005 15:26:53 -0500 X-Authentication-Warning: f1n1.spenet.wfu.edu: f1n11.sp2net.wfu.edu [10.1.16.121] didn't use HELO protocol Message-ID: <41DAFC0B.3070708@wfu.edu> Date: Tue, 04 Jan 2005 15:26:51 -0500 From: John Borwick Organization: Wake Forest University User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.3) Gecko/20041110 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Betsy Schwartz CC: sage-members@sage.org Subject: Re: [SAGE] incoming file transfers, and collaborative environments in general References: <6.1.2.0.2.20050104134159.03491a38@mail.gsd.harvard.edu> In-Reply-To: <6.1.2.0.2.20050104134159.03491a38@mail.gsd.harvard.edu> X-Enigmail-Version: 0.89.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Betsy Schwartz wrote: [snip] | In general" what are interesting sites or books to learn about | collaborative environments? I know about WebDav and wikis, but beyond | that I'm finding a bewildering variety of information (and much hype). I | need to become a Subject Matter Expert in this and I'm not quite sure | where to start. Our users are architects, landscape architects, urban | planners, and other sorts of designers, with a few random Pure Design | and Industrial Design and other such folks in the mix. In general they | are interested in collaborating on web sites and exchanging Very Large | image files, not so much in fancy interactive whiteboards etc (although | it would be good to learn more about all that too...) Open Source CMS will let you try out a bunch of the more popular free CMSes. I have recently grown to like Plone , based on Zope . I don't know of many solutions that are made for file transfer, but maybe they could give you some idea of what to look for. Yours, John - -- ~ John Borwick ~ System Administrator ~ Wake Forest University | web http://www.wfu.edu/~borwicjh ~ Winston-Salem, NC, USA | GPG key ID 0x797326D5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFB2vwL/81sF3lzJtURAnFZAJ9NwsUscK2rD9kEgH1/FLdGdY2l/wCffOgT eK1j9Oz+FiqEsmwIHJYXhsQ= =W0ZQ -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Tue Jan 4 15:41:26 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j04NfPn3029293 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 15:41:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j04NfPBM029292 for sage-members-outgoing; Tue, 4 Jan 2005 15:41:25 -0800 (PST) Received: from rider.ipom.net (dsl81-phil3.usc.edu [128.125.81.146]) by usenix.org (8.12.10/8.12.10) with ESMTP id j04NfMn3029269 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Tue, 4 Jan 2005 15:41:23 -0800 (PST) Received: from rider.ipom.net (localhost [127.0.0.1]) by rider.ipom.net (8.13.2/8.13.2/Debian-1) with ESMTP id j04NfHa5022267 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 4 Jan 2005 15:41:17 -0800 Received: (from phil@localhost) by rider.ipom.net (8.13.2/8.13.2/Submit) id j04NfHLB022266 for sage-members@usenix.org; Tue, 4 Jan 2005 15:41:17 -0800 Date: Tue, 4 Jan 2005 15:41:17 -0800 From: Phil Dibowitz To: sage-members@usenix.org Subject: [SAGE] Nagios Front-ends and such... Message-ID: <20050104234117.GA21194@ipom.com> Mail-Followup-To: sage-members@usenix.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.6+20040907i Sender: owner-sage-members@usenix.org Precedence: bulk Hey folks, I have two Nagios (nagios.org) related questions for you. 1. Have any thoughts on Nagat vs. NaWui for a Web-GUI front-end for it? Yes, I know config files are better/faster/easier - but I have lots of people who are non-UNIX folks who will need to be modifying Nagios. 2. A few months ago, I found something that I think was called the "supergroup patch" for Nagios. It was a patch that modified the sidebar to support an extra level of grouping in the display. This would be very useful where I work, but unfortunately, even after much googling, I can no longer find it. Anyone know what I'm talking about, or where it is? Thanks... -- Phil Dibowitz phil@ipom.com Freeware and Technical Pages Insanity Palace of Metallica http://www.phildev.net/ http://www.ipom.com/ "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin, 1759 From sage-members-owner@usenix.org Tue Jan 4 19:21:26 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j053LQn3015116 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 19:21:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j053LQlO015115 for sage-members-outgoing; Tue, 4 Jan 2005 19:21:26 -0800 (PST) Received: from mx.starshine.org (www.starshine.org [216.240.40.167]) by usenix.org (8.12.10/8.12.10) with ESMTP id j053LKn2015105 for ; Tue, 4 Jan 2005 19:21:21 -0800 (PST) Received: from mercury.starshine.org (mercury.starshine.org [216.240.40.182]) by mx.starshine.org (Postfix) with ESMTP id 5B8FA2F02B6; Wed, 5 Jan 2005 03:00:27 +0000 (UTC) Received: by mercury.starshine.org (Postfix, from userid 1000) id E870820003; Tue, 4 Jan 2005 19:14:20 -0800 (PST) Date: Tue, 4 Jan 2005 19:14:20 -0800 To: Betsy Schwartz Cc: sage-members@sage.org Subject: Re: [SAGE] incoming file transfers, and collaborative environments in general Message-ID: <20050105031420.GA9987@starshine.org> References: <6.1.2.0.2.20050104134159.03491a38@mail.gsd.harvard.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <6.1.2.0.2.20050104134159.03491a38@mail.gsd.harvard.edu> User-Agent: Mutt/1.5.6+20040907i From: jimd@starshine.org (Jim Dennis) Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, Jan 04, 2005 at 02:15:01PM -0500, Betsy Schwartz wrote: > A specific problem: I've been asked to think about ways to allow "friends > of friends" to upload files to our servers. Obviously we don't want to > enable anonymous incoming FTP or anything like that - nor do we want to be > creating accounts for these users. I think ideally we'd use our existing > authentication system to give a user a "ticket" they could give to the > sender. Are there any existing systems that allow something like this? I used to use "dark" directories for a small scale approach to this. Basically I'd have certain directories on my FTP site which were not readable to the FTP users. The were traversable, (x bit was set) but not readable (r bit was cleared). Thus someone could cd into any directory there under, if they knew or could guess the name. However, they couldn't read the name is a listing. Obviously the incoming directories were were also not readable (so you could drop files into them but neither see nor read what was already there). Disadvantages: * *some* users of GUI FTP clients couldn't cope with these * obvioulsy these hidden directory names, like any sort of shared "password" will leak out, end up in Google caches, etc. (Therefore they should be relatively short lived). * vulnerable to name guessing attacks (like any passwords, but unmitigated by exponential back off delays --- though I suppose a hacked FTP daemon could support them) * confusing to most users and some admins; hard to explain. Advantages: * No special software required on the client or server side * Relatively transparent to most software and users; support mostly amounts to: "connect to $SERVER and cd to $DIRECTORY" * Relatively low maintenance overhead. It's wise to create 'at' jobs to chmod 000 each of these dirs after an expiration date. Whatever script creates the directory should schedule the at job immediately. * You can create custom scripts for all authorized users to create and maintain these directories. Have the "expiration" at jobs send them e-mail, too! Caveats: * This should not be construed as a secure way to distribute valuable files. * Think of this as a way to limit the abuse to your bandwidth that server disk space and other resources would be caused by public "incoming" and other directories. * Valuable data should be encrypted and signed (GPG or better). > In general" what are interesting sites or books to learn about > collaborative environments? I know about WebDav and wikis, but beyond that > I'm finding a bewildering variety of information (and much hype). I need to > become a Subject Matter Expert in this and I'm not quite sure where to > start. Our users are architects, landscape architects, urban planners, and > other sorts of designers, with a few random Pure Design and Industrial > Design and other such folks in the mix. In general they are interested in > collaborating on web sites and exchanging Very Large image files, not so > much in fancy interactive whiteboards etc (although it would be good to > learn more about all that too...) > thanks for any pointers > Betsy I'll be interested in a summary of your conclusions after you've read all the responses to this thread, searched around and evaluated a few of your options. -- Jim Dennis From sage-members-owner@usenix.org Tue Jan 4 19:39:21 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j053dLn3015687 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 19:39:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j053dLS4015686 for sage-members-outgoing; Tue, 4 Jan 2005 19:39:21 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j053dJn2015681 for ; Tue, 4 Jan 2005 19:39:19 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j053dAOO020690; Tue, 4 Jan 2005 21:39:10 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id VAA10246; Tue, 4 Jan 2005 21:39:08 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Tue, 4 Jan 2005 21:39:08 -0600 (CST) From: Doug Hughes To: Jim Dennis cc: Betsy Schwartz , Subject: Re: [SAGE] incoming file transfers, and collaborative environments in general In-Reply-To: <20050105031420.GA9987@starshine.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, 4 Jan 2005, Jim Dennis wrote: > On Tue, Jan 04, 2005 at 02:15:01PM -0500, Betsy Schwartz wrote: > > A specific problem: I've been asked to think about ways to allow "friends > > of friends" to upload files to our servers. Obviously we don't want to > > enable anonymous incoming FTP or anything like that - nor do we want to be > > creating accounts for these users. I think ideally we'd use our existing > > authentication system to give a user a "ticket" they could give to the > > sender. Are there any existing systems that allow something like this? > > I used to use "dark" directories for a small scale approach to this. > Basically I'd have certain directories on my FTP site which were > not readable to the FTP users. The were traversable, (x bit was set) > but not readable (r bit was cleared). > > Thus someone could cd into any directory there under, if they knew > or could guess the name. However, they couldn't read the name is > a listing. > > Obviously the incoming directories were were also not readable (so you > could drop files into them but neither see nor read what was already > there). > > Disadvantages: > * *some* users of GUI FTP clients couldn't cope with these > * obvioulsy these hidden directory names, like any sort of shared > "password" will leak out, end up in Google caches, etc. (Therefore > they should be relatively short lived). > * vulnerable to name guessing attacks (like any passwords, but > unmitigated by exponential back off delays --- though I suppose a > hacked FTP daemon could support them) > * confusing to most users and some admins; hard to explain. > > Advantages: > * No special software required on the client or server side > * Relatively transparent to most software and users; support > mostly amounts to: "connect to $SERVER and cd to $DIRECTORY" > * Relatively low maintenance overhead. It's wise to create 'at' > jobs to chmod 000 each of these dirs after an expiration date. > Whatever script creates the directory should schedule the at job > immediately. > * You can create custom scripts for all authorized users to create > and maintain these directories. Have the "expiration" at jobs > send them e-mail, too! > > Caveats: > * This should not be construed as a secure way to distribute valuable > files. > * Think of this as a way to limit the abuse to your bandwidth that > server disk space and other resources would be caused by public > "incoming" and other directories. > * Valuable data should be encrypted and signed (GPG or better). > > > In general" what are interesting sites or books to learn about > > collaborative environments? I know about WebDav and wikis, but beyond that > > I'm finding a bewildering variety of information (and much hype). I need to > > become a Subject Matter Expert in this and I'm not quite sure where to > > start. Our users are architects, landscape architects, urban planners, and > > other sorts of designers, with a few random Pure Design and Industrial > > Design and other such folks in the mix. In general they are interested in > > collaborating on web sites and exchanging Very Large image files, not so > > much in fancy interactive whiteboards etc (although it would be good to > > learn more about all that too...) > > > thanks for any pointers > > Betsy > > I'll be interested in a summary of your conclusions after you've > read all the responses to this thread, searched around and evaluated > a few of your options. > > I've used a twist on this where you set the ftp server (usually wietse's, and usually with the -u flag) to set it so that the owner (ftp) could not read the file once it was put. Thus, external people could drop of files to internal people, but no other external people could then subsequently fetch the files. This avoids the 'warez' problem because they quickly realize that while they can store stuff there, it doesn't do them any good because they can't fetch it afterwards. Of course, this may not suit the requirements at all, but I though I'd offer it just in case. Doug From sage-members-owner@usenix.org Tue Jan 4 20:06:09 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j05468n3016349 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 20:06:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j054683q016347 for sage-members-outgoing; Tue, 4 Jan 2005 20:06:08 -0800 (PST) Received: from mail.skiltech.com (bunning.skiltech.com [216.235.79.240]) by usenix.org (8.12.10/8.12.10) with ESMTP id j05466n3016342 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 20:06:07 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.skiltech.com (Postfix) with ESMTP id 6854612128F; Tue, 4 Jan 2005 23:06:00 -0500 (EST) Received: from mail.skiltech.com ([127.0.0.1]) by localhost (bunning.skiltech.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 53280-06; Tue, 4 Jan 2005 23:06:00 -0500 (EST) Received: from [192.168.0.2] (rdu88-253-032.nc.rr.com [24.88.253.32]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by mail.skiltech.com (Postfix) with ESMTP id 0C698121288; Tue, 4 Jan 2005 23:05:59 -0500 (EST) In-Reply-To: <6.1.2.0.2.20050104134159.03491a38@mail.gsd.harvard.edu> References: <6.1.2.0.2.20050104134159.03491a38@mail.gsd.harvard.edu> Mime-Version: 1.0 (Apple Message framework v619) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <1AE1DA59-5ECF-11D9-92CE-000393C3212A@lunenburg.org> Content-Transfer-Encoding: 7bit Cc: sage-members@sage.org From: "H. Wade Minter" Subject: Re: [SAGE] incoming file transfers, and collaborative environments in general Date: Tue, 4 Jan 2005 23:05:58 -0500 To: Betsy Schwartz X-Pgp-Agent: GPGMail 1.0.2 X-Mailer: Apple Mail (2.619) X-Virus-Scanned: by amavisd-new at skiltech.com Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Jan 4, 2005, at 2:15 PM, Betsy Schwartz wrote: > A specific problem: I've been asked to think about ways to allow > "friends of friends" to upload files to our servers. Obviously we > don't want to enable anonymous incoming FTP or anything like that - > nor do we want to be creating accounts for these users. I think > ideally we'd use our existing authentication system to give a user a > "ticket" they could give to the sender. Are there any existing systems > that allow something like this? I don't know if anything has been implemented, but it seems like this would be a great place to authenticate based on a PGP-type "web of trust". If this friend-of-a-friend has a key signed by a trusted person, they can get in. Again, I haven't seen anything like this actually in use, but it looks like something that could be doable, possibly through a web form as opposed to system authentication. - --Wade -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (Darwin) iD8DBQFB22emo4DwsyRGDscRAkIaAKDMOxmHPms84X/WpiiDYIoN2w2/JQCg2dGX QFxz9ZjeNcv/FrOPXzuCU3g= =o8ck -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Tue Jan 4 22:16:31 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j056GVn3018136 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 22:16:31 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j056GVDl018135 for sage-members-outgoing; Tue, 4 Jan 2005 22:16:31 -0800 (PST) Received: from ace.DELOS.COM (ace.DELOS.COM [192.65.171.163]) by usenix.org (8.12.10/8.12.10) with ESMTP id j056GSn3018119 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 22:16:29 -0800 (PST) Received: from ace.DELOS.COM (localhost [127.0.0.1]) by ace.DELOS.COM (8.12.9/8.12.9) with ESMTP id j056GMJI055732 for ; Tue, 4 Jan 2005 23:16:22 -0700 (MST) (envelope-from kolstad@ace.DELOS.COM) Received: (from kolstad@localhost) by ace.DELOS.COM (8.12.9/8.12.9/Submit) id j056GMf3055731 for sage-members@usenix.org; Tue, 4 Jan 2005 23:16:22 -0700 (MST) Received: from suricate.otoh.org (suricate.otoh.org [64.81.247.155]) by usenix.org (8.12.10/8.12.10) with ESMTP id j053k2n3016147 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 4 Jan 2005 19:46:02 -0800 (PST) Received: from 64.81.247.155 (suricate.otoh.org [64.81.247.155]) by suricate.otoh.org (Postfix) with SMTP id 06A667DC93C for ; Tue, 4 Jan 2005 19:45:57 -0800 (PST) Received: by suricate.otoh.org (Postfix, from userid 1001) id 7CD027DC922; Tue, 4 Jan 2005 19:45:56 -0800 (PST) Date: Tue, 4 Jan 2005 19:45:56 -0800 From: Paul Armstrong To: sage-members@sage.org Subject: Re: [SAGE] incoming file transfers, and collaborative environments in general Message-ID: <20050105034556.GO90386@suricate.otoh.org> References: <20050105031420.GA9987@starshine.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on suricate.otoh.org X-Spam-Level: X-Spam-Status: No, hits=0.1 required=5.5 tests=AWL autolearn=ham version=2.64 Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, Jan 04, 2005 at 09:39:08PM -0600, Doug Hughes wrote: > I've used a twist on this where you set the ftp server (usually wietse's, > and usually with the -u flag) to set it so that the owner (ftp) could > not read the file once it was put. > > Thus, external people could drop of files to internal people, but > no other external people could then subsequently fetch the files. > This avoids the 'warez' problem because they quickly realize that > while they can store stuff there, it doesn't do them any good > because they can't fetch it afterwards. A similar thing I've seen done on occaision is to have a cron job come in and move the file to another point on the same disk. As you've got a filehandle open for that file and you're staying on the same disk it doesn't (or at least shouldn't) effect files being written. Of course, this also comes under the title of "cheap hack"... Paul From sage-members-owner@usenix.org Wed Jan 5 08:16:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j05GGYn3004519 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 5 Jan 2005 08:16:34 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j05GGYk2004517 for sage-members-outgoing; Wed, 5 Jan 2005 08:16:34 -0800 (PST) Received: from mailhost.nmt.edu (mailhost.NMT.EDU [129.138.4.52]) by usenix.org (8.12.10/8.12.10) with ESMTP id j05GGVn3004512 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 5 Jan 2005 08:16:32 -0800 (PST) Received: from [129.138.88.153] (marcopolo.nmt.edu [129.138.88.153]) (authenticated bits=0) by mailhost.nmt.edu (8.13.0/8.13.0) with ESMTP id j05GGTfE020983 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 5 Jan 2005 09:16:32 -0700 Message-ID: <41DC12DB.2010808@nmt.edu> Date: Wed, 05 Jan 2005 09:16:27 -0700 From: Ruth Milner Reply-To: rmilner+sage@nmt.edu User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040514 X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@usenix.org Subject: Re: [SAGE] incoming file transfers, and collaborative environments in general References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Doug Hughes wrote: > I've used a twist on this where you set the ftp server (usually wietse's, > and usually with the -u flag) to set it so that the owner (ftp) could > not read the file once it was put. > > Thus, external people could drop of files to internal people, but > no other external people could then subsequently fetch the files. > This avoids the 'warez' problem because they quickly realize that > while they can store stuff there, it doesn't do them any good > because they can't fetch it afterwards. If the original poster is looking for a simple solution to allow file drops from external people, this arrangement works very well. They just use anonymous ftp. A common setup is to have an "incoming" subdirectory, which the ftpd config file specifies as the only place where anonymous writes are allowed. As Doug says, it is critical to make sure that files cannot subsequently be retrieved via anonymous ftp. Warez adherents are well aware of this technique, and in my experience generally put a test file there when they find the site; if retrieval fails, they move on.[1] A variation on this is to have individual subdirectories for staff members beneath the incoming area, where the files intended for them are deposited. If they own the subdirectory (group ftp needs write privileges), then they can retrieve the files directly via cp from an NFS- or samba-mounted path (e.g. /home/ftp/incoming/ or \\\ftp\incoming\). It is trivial then to have standardized, simple instructions for both parties to the file exchange. Your staff can also - but won't always :-) - delete the files after they've copied them. Be sure to warn everyone about the possibility of malware showing up there, and check the area for viruses regularly: distribution of pirated software is not the only malicious use of writeable anonymous ftp areas. Any time you have an open service, you need to be vigilant about monitoring it. Make sure you get a regular report of incoming (and preferably also outgoing) ftp traffic. This makes it easier to spot anomalous activity that might result from, say, ftpd misconfiguration. Ruth Milner [1] Be aware that occasionally they may get pissed off about it. One of my former employer's ftp servers was the target of a DDoS which began shortly after someone tried a put/get of an obviously pirated program and was unable to retrieve the file. Of course, it may have been a coincidence, though we couldn't think of any other motivation besides random malice; a typo is unlikely since the attack followed the name rather than the IP. The server was totally unavailable for over a week while we tried to stem the flood. We were able to get a response from a few of the larger organizations whose systems were being used in the usual sort of hacked-drone DDoS network, and ultimately one of the sysadmins was able to restore general access by denying connections to large IP ranges covering most of the hundreds of offending systems (the ranges later had to be tweaked to allow a grand total of three legitimate users to retrieve files). But it's worth noting that while the bombardment declined over time, three years later there were still some systems attempting to flood the server; so sometimes these drone networks are activated and then forgotten. It's another demonstration that running any service entails risk, although I don't think this was a typical Warez case: many, many ftp servers are configured the same way without being targeted in this manner. From sage-members-owner@usenix.org Wed Jan 5 10:17:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j05IHkn3006741 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 5 Jan 2005 10:17:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j05IHkt6006740 for sage-members-outgoing; Wed, 5 Jan 2005 10:17:46 -0800 (PST) Received: from chopin.co-prosperity.org (chopin.co-prosperity.org [24.196.66.98]) by usenix.org (8.12.10/8.12.10) with ESMTP id j05IHhn3006725 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Wed, 5 Jan 2005 10:17:44 -0800 (PST) Received: from chopin.co-prosperity.org (chopin [127.0.0.1]) by chopin.co-prosperity.org (8.12.5/8.12.5) with ESMTP id j05IMZAw026291 for ; Wed, 5 Jan 2005 12:22:35 -0600 Received: from localhost (nmedbery@localhost) by chopin.co-prosperity.org (8.12.5/8.12.5/Submit) with ESMTP id j05IMZcZ026288 for ; Wed, 5 Jan 2005 12:22:35 -0600 X-Authentication-Warning: localhost.localdomain: nmedbery owned process doing -bs Date: Wed, 5 Jan 2005 12:22:35 -0600 (CST) From: nmedbery@museverte.net X-X-Sender: nmedbery@localhost.localdomain To: sage-members@sage.org Subject: Re: [SAGE] incoming file transfers, and collaborative environments in general In-Reply-To: <6.1.2.0.2.20050104134159.03491a38@mail.gsd.harvard.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-sage-members@usenix.org Precedence: bulk Betsy, If you are able or willing to spend some money, there are a number of file transfer solutions out there that incorporate strong authentication and varying levels of back-end integration. These tend to focus on *secure* transfers and have the option (or requirement) of public/private keys. One such application that I have a small amount of experience with is Valicert SecureTransport (oh wait, now it's Tumbleweed). This is actually based on a number of open source projects (OpenSSH, OpenLDAP, ProFTPD I think), plus the company's glue code and web administration tools. http://www.tumbleweed.com/products/securetransport_form.html At my last job, I was involved with getting that up and running so that it would authenticate against an existing LDAP account store (Novell eDirectory, but you could use almost anything). It was a reasonably impressive product, though required some hacking in a few areas to make it do what we needed. The project leader ended up writing quite a bit of Perl glue code to make the authentication and groups work to our liking. That flexibility is nice, though the developers were not always willing to change some things for us that seemed pretty basic. I have also used Syntrex BDE. http://www.syntrex.com/products/BDE.shtml This was a decent product, though a little rougher around the edges. The company was also in trouble in '02, closing it's US office. Development was based out of Italy. I am really not sure what's going on with them now. These may be overkill or more complicated than you would like, but I figured I would throw them out there. -Nate On Tue, 4 Jan 2005, Betsy Schwartz wrote: > A specific problem: I've been asked to think about ways to allow "friends > of friends" to upload files to our servers. Obviously we don't want to > enable anonymous incoming FTP or anything like that - nor do we want to be > creating accounts for these users. I think ideally we'd use our existing > authentication system to give a user a "ticket" they could give to the > sender. Are there any existing systems that allow something like this? > > In general" what are interesting sites or books to learn about > collaborative environments? I know about WebDav and wikis, but beyond that > I'm finding a bewildering variety of information (and much hype). I need to > become a Subject Matter Expert in this and I'm not quite sure where to > start. Our users are architects, landscape architects, urban planners, and > other sorts of designers, with a few random Pure Design and Industrial > Design and other such folks in the mix. In general they are interested in > collaborating on web sites and exchanging Very Large image files, not so > much in fancy interactive whiteboards etc (although it would be good to > learn more about all that too...) > > thanks for any pointers > Betsy > > PS for the file transfer, this looks good, but I suspect it's proprietary. > I'm waiting to hear back: > http://www-db.embl.de/jss/servlet/de.embl.bk.wwwTools.TicketFileStore > > Betsy Schwartz email: > betsys@gsd.harvard.edu > Unix Systems Administrator,CRG voice: 617-495-5947 > Harvard Graduate School of Design fax: 617-496-5866 > > > > From sage-members-owner@usenix.org Wed Jan 5 10:31:29 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j05IVTn3007419 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 5 Jan 2005 10:31:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j05IVThW007418 for sage-members-outgoing; Wed, 5 Jan 2005 10:31:29 -0800 (PST) Received: from yorktown.nielsenmedia.com (yorktown.nielsenmedia.com [206.113.192.17]) by usenix.org (8.12.10/8.12.10) with ESMTP id j05IVPn2007413 for ; Wed, 5 Jan 2005 10:31:26 -0800 (PST) Received: from NMRUSDUNSXG10.nmrlan.net (nmrusdunsxg10.nmrlan.net [10.38.67.44]) by yorktown.nielsenmedia.com (8.12.10/8.12.8) with ESMTP id j05IRC3x001723 for ; Wed, 5 Jan 2005 13:27:12 -0500 (EST) Received: from nmr001oldOWA01.enterprisenet.org (unverified) by NMRUSDUNSXG10.nmrlan.net (Content Technologies SMTPRS 4.3.14) with ESMTP id ; Wed, 5 Jan 2005 13:31:14 -0500 Received: from NMR001OLDMSX02.enterprisenet.org ([10.38.67.59]) by nmr001oldOWA01.enterprisenet.org with Microsoft SMTPSVC(6.0.3790.211); Wed, 5 Jan 2005 13:31:14 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [SAGE] incoming file transfers, and collaborative environments in general Date: Wed, 5 Jan 2005 13:31:10 -0500 Message-ID: <6DE7EF7CCA44104F9A605106252E974102C50B99@NMR001OLDMSX02.enterprisenet.org> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] incoming file transfers, and collaborative environments in general Thread-Index: AcTylsTNjojOCcGyRDm3xMhIMn6LrQAvbpbQ From: "Epps, Alan" To: "Betsy Schwartz" , X-OriginalArrivalTime: 05 Jan 2005 18:31:14.0272 (UTC) FILETIME=[BCC00600:01C4F354] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id j05IVQn2007414 Sender: owner-sage-members@usenix.org Precedence: bulk All, I just realized that I did a direct reply, rather than list reply, sorry. Alan -----Original Message----- From: Epps, Alan Sent: Tuesday, January 04, 2005 3:19 PM To: 'Betsy Schwartz' Subject: RE: [SAGE] incoming file transfers, and collaborative environments in general Betsy, The way we implemented it in a past life was to set up a system that allowed someone to go to a web page and request the ability to drop off a file on a particular site. This web front-end required a valid email address, and a valid email address for the recipient. The system would generate a one-time password with a limited time to live and send it to the email address that the requestor entered on the web front end. With the one time password the requestor could then authenticate to web front-end, drop off up to 10 files, and log out. The drop-off point was hidden from the requestors entirely, and was write only. At a scheduled interval a cron job moved the files from the drop-off point to another pick-up directory, and notified the recipient, including the one-time password and web path for the files. The pick-up process was exactly the same as the drop off process, but read-only. After a certain time the pick-up directory was cleaned out via cron and code. This system worked in both directions, and was all written in-house in under a man month. We re-used an old end-of-life server, hardened the OS, and stuck it in a dmz. This was cheap, flexible, and usable by anyone. We logged every transaction, and wrote code to validate the drop-off/pick-up logging, and flagged us if anything was dropped off without pickup, so we could track down the disconnect as needed. Alan -------------------------------------------------------------------- All opinions expressed are my own, not my employer's. Alan S. Epps alan.epps@nielsenmedia.com From sage-members-owner@usenix.org Wed Jan 5 16:31:29 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j060VSn3013223 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 5 Jan 2005 16:31:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j060VRhF013222 for sage-members-outgoing; Wed, 5 Jan 2005 16:31:28 -0800 (PST) Received: from www.sterlingcgi.com (www.scgiservices.com [198.107.3.66]) by usenix.org (8.12.10/8.12.10) with ESMTP id j060VKn2013217 for ; Wed, 5 Jan 2005 16:31:21 -0800 (PST) Received: by www.sterlingcgi.com (Postfix, from userid 30) id 2BAD03C0AC; Wed, 5 Jan 2005 16:31:14 -0800 (PST) Received: from dyn189.CONET.OUS.EDU (dyn189.CONET.OUS.EDU [140.211.15.189]) by www.scgiservices.com (Horde) with HTTP for ; Wed, 5 Jan 2005 16:31:14 -0800 Message-ID: <20050105163114.blfw9qnuh5340k84@www.scgiservices.com> Date: Wed, 5 Jan 2005 16:31:14 -0800 From: Anthony Brock To: Phil Dibowitz Cc: sage-members@usenix.org Subject: Re: [SAGE] Nagios Front-ends and such... References: <20050104234117.GA21194@ipom.com> In-Reply-To: <20050104234117.GA21194@ipom.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.0-RC1) Sender: owner-sage-members@usenix.org Precedence: bulk Quoting Phil Dibowitz : > 2. A few months ago, I found something that I think was called the > "supergroup patch" for Nagios. It was a patch that modified the > sidebar to support an extra level of grouping in the display. This > would be very useful where I work, but unfortunately, even after much > googling, I can no longer find it. Anyone know what I'm talking > about, or where it is? I remember a discussion on the Nagios mailing list related to this type of activity. You can find the related discussion at: https://sourceforge.net/mailarchive/message.php?msg_id=9250334 https://sourceforge.net/mailarchive/message.php?msg_id=8671997 https://sourceforge.net/mailarchive/message.php?msg_id=8665264 I don't know if these are specifically what you want, but they should point you in the right direction. BTW, does anyone else hate the mailing list search engine at sourceforge? *sigh* Tony From sage-members-owner@usenix.org Thu Jan 6 09:51:11 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06HpBn3003267 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Jan 2005 09:51:11 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j06HpBIv003266 for sage-members-outgoing; Thu, 6 Jan 2005 09:51:11 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06Hp8n2003241 for ; Thu, 6 Jan 2005 09:51:09 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j06HolIi019006 for ; Thu, 6 Jan 2005 11:50:47 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id LAA11520 for ; Thu, 6 Jan 2005 11:50:45 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Thu, 6 Jan 2005 11:50:44 -0600 (CST) From: Doug Hughes To: sage-members@sage.org Subject: [SAGE] HP/Compaq DL140 advice Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk Anybody out there with HP/Compaq DL140 that has successfully used wake-on-lan with it? I'm having a devil of a time getting it to work. I've got the 7.0.1 broadcom NetXtreme boot agent and wake-on-lan is set in the boot agent/chip bios, but it doesn't wake. I've tried etherwake and amd Magic Packet.. I can see the packets on the local net. THey are in the right format. I've got the correct MAC address (verified). The machine boots by itself, just doesn't seem to want to wake. Reply offlist. thanks. From sage-members-owner@usenix.org Thu Jan 6 14:29:57 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06MTvn3009784 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Jan 2005 14:29:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j06MTvV5009782 for sage-members-outgoing; Thu, 6 Jan 2005 14:29:57 -0800 (PST) Received: from netmeister.org (netmeister.org [64.81.200.34]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06MTtn2009777 for ; Thu, 6 Jan 2005 14:29:55 -0800 (PST) Received: by netmeister.org (Postfix, from userid 1000) id 07DD5E805F; Thu, 6 Jan 2005 17:32:38 -0500 (EST) Date: Thu, 6 Jan 2005 17:32:37 -0500 From: Jan Schaumann To: sage-members@sage.org Subject: [SAGE] number of eggs in a basket Message-ID: <20050106223237.GK18275@netmeister.org> Mail-Followup-To: sage-members@sage.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I'd like to get some opinions regarding best practices for mission critical systems with multiple services. I have a system that basically is a single point of failure: if it's down, nothing goes. The services on that machine are WWW, NIS, NFS and mail. Mail is delivered to ~/.mail so mail can be read via NFS and need not be fetched. I do not like having all my eggs in this one basket, but on the other hand distributing the services to several machines seems to complicate things and increase the likeliness of one of the services failing. So... what are your comments/experiences? How many eggs do you keep in your basket(s)? - -Jan - -- You can blame it all on the Internet. Larry Wall -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (NetBSD) iD8DBQFB3bx1fFtkr68iakwRAmREAKCZTFFPZ06WfFxyji7zldZz+VdL7gCfeR+q sw9PGKJ8CuL27XyzayqbWXU= =8Z/P -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Thu Jan 6 14:45:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06Mjkn3010743 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Jan 2005 14:45:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j06MjkRU010741 for sage-members-outgoing; Thu, 6 Jan 2005 14:45:46 -0800 (PST) Received: from jas.peak.org (peak-colo-196-137.peak.org [69.59.196.137] (may be forged)) by usenix.org (8.12.10/8.12.10) with ESMTP id j06Mjhn3010735 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO) for ; Thu, 6 Jan 2005 14:45:44 -0800 (PST) Received: from sechrest (helo=jas.peak.org) by jas.peak.org with local-esmtp (Exim 4.34) id 1CmgNs-0007f5-H7; Thu, 06 Jan 2005 14:45:36 -0800 To: Jan Schaumann Cc: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket In-reply-to: Your message of Thu, 06 Jan 2005 17:32:37 EST. <20050106223237.GK18275@netmeister.org> Date: Thu, 06 Jan 2005 14:45:36 -0800 From: John Sechrest Message-Id: Sender: owner-sage-members@usenix.org Precedence: bulk As I have done work, I have moved more and more to seperate machines/instances -> one per service. I am starting to use UML virtual instances to take this to a further extreme. It does increase complexity. However, if you use some form of configuration management language like cfengine, bcfg, lcfg, ..... then it makes little difference if you have 10 or 100 machines. Jan Schaumann writes: % -----BEGIN PGP SIGNED MESSAGE----- % Hash: SHA1 % % Hi, % % I'd like to get some opinions regarding best practices for mission % critical systems with multiple services. % % I have a system that basically is a single point of failure: if it's % down, nothing goes. The services on that machine are WWW, NIS, NFS and % mail. Mail is delivered to ~/.mail so mail can be read via NFS and need % not be fetched. % % I do not like having all my eggs in this one basket, but on the other % hand distributing the services to several machines seems to complicate % things and increase the likeliness of one of the services failing. % % So... what are your comments/experiences? How many eggs do you keep in % your basket(s)? % % - -Jan % % - -- % You can blame it all on the Internet. % Larry Wall % -----BEGIN PGP SIGNATURE----- % Version: GnuPG v1.2.3 (NetBSD) % % iD8DBQFB3bx1fFtkr68iakwRAmREAKCZTFFPZ06WfFxyji7zldZz+VdL7gCfeR+q % sw9PGKJ8CuL27XyzayqbWXU= % =8Z/P % -----END PGP SIGNATURE----- ----- John Sechrest . Helping people use . computers and the Internet . more effectively . . Internet: sechrest@peak.org . . http://www.peak.org/~sechrest From sage-members-owner@usenix.org Thu Jan 6 14:48:41 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06Mmfn3011112 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Jan 2005 14:48:41 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j06MmeBW011108 for sage-members-outgoing; Thu, 6 Jan 2005 14:48:41 -0800 (PST) Received: from yfandes.cs.wisc.edu (yfandes.cs.wisc.edu [128.105.162.24]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06Mmdn2011101 for ; Thu, 6 Jan 2005 14:48:39 -0800 (PST) Received: from yfandes.cs.wisc.edu (localhost [127.0.0.1]) by yfandes.cs.wisc.edu (8.13.1/8.13.1) with ESMTP id j06MmWn6007584; Thu, 6 Jan 2005 16:48:32 -0600 Message-Id: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> To: Jan Schaumann cc: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket In-Reply-To: Message from Jan Schaumann of "Thu, 06 Jan 2005 17:32:37 EST." <20050106223237.GK18275@netmeister.org> Date: Thu, 06 Jan 2005 16:48:32 -0600 From: David Parter Sender: owner-sage-members@usenix.org Precedence: bulk > I'd like to get some opinions regarding best practices for mission > critical systems with multiple services. .... > I do not like having all my eggs in this one basket, but on the other > hand distributing the services to several machines seems to complicate > things and increase the likeliness of one of the services failing. > > So... what are your comments/experiences? How many eggs do you keep in > your basket(s)? We believe very strongly in only one service per server. I am not sure why you think that "distributing the services to several machines seems to complicate things and increase the likeliness of one of the services failing." I am speculating -- but I could see two causes for that: 1) the services are so interdependent anyway, that separating them increases the complexity If that is the case, you need to see if you can simplify the software 2) the basic server platform is unstable, and the OS crashes and/or hardware failures are likely, so with more than one server, there is an increased likelyhood of crashes If that is the case, you have a hardware/OS management problem that needs to get fixed! With only one service per server, we can isolate problems, and never run into the situation where one service can't be upgraded because something else on the same server has an incompatable requirement, or where one service really needs the server to reboot (ouch!) but that would take out another service that is otherwise ok. it also lets up work on reliability solutions on a per-service basis: some services can be replicated, others need hot-standby, etc. The other advantage of one-service-per-server is that you can often get by with many smaller, less-expensive servers. This has many advantages: 1) you can upgrade/add resources as needed for the appropriate service (one service might need a faster CPU, another more memory..) 2) you can upgrade as needed: upgrading a few smaller servers is cheaper than upgrading ONE BIG SERVER 3) you can afford to have a spare -- if you have 5 small servers, 4 in use, and 1 spare, then you can probably get through a hardware failure. You probably can't afford a spare BIG SERVER good luck, --david From sage-members-owner@usenix.org Thu Jan 6 14:50:39 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06Mobn3011415 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Jan 2005 14:50:38 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j06Mobf1011414 for sage-members-outgoing; Thu, 6 Jan 2005 14:50:37 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06MoZn2011403 for ; Thu, 6 Jan 2005 14:50:36 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j06MoOIi001161; Thu, 6 Jan 2005 16:50:24 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id QAA11691; Thu, 6 Jan 2005 16:50:22 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Thu, 6 Jan 2005 16:50:22 -0600 (CST) From: Doug Hughes To: Jan Schaumann cc: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket In-Reply-To: <20050106223237.GK18275@netmeister.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, 6 Jan 2005, Jan Schaumann wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > > I'd like to get some opinions regarding best practices for mission > critical systems with multiple services. > > I have a system that basically is a single point of failure: if it's > down, nothing goes. The services on that machine are WWW, NIS, NFS and > mail. Mail is delivered to ~/.mail so mail can be read via NFS and need > not be fetched. > > I do not like having all my eggs in this one basket, but on the other > hand distributing the services to several machines seems to complicate > things and increase the likeliness of one of the services failing. > > So... what are your comments/experiences? How many eggs do you keep in > your basket(s)? > I like to keep my eggs in a quantum state hovering between two baskets, but unlike Schrodinger's cat, if you look in the one basket, you can guarantee they'll be in the other. Anyway, service redundancy/failover is a good thing if available. In NIS, that's easy, you can have slaves. (if the master is down for a period, it 'can' be a non-issue with the right architecture) with mail - have a backup MX server in case the primary is down. with things like cyrus/murder, you can have a lot of redundancy with the addition of a little complication and architecture. There are lots of options. If you have a SAN or network disk space, you can always take over mail service via cold failover to another machine. If not, have parts ready to do cold swapping of disks/cables etc. with WWW, the top end is load balancers that are auto-detecting of failure. Then there's replication of content, clustering, and cold sparing. Have a plan for what to do if the web service is unavailable. Things like freeHA (hi Phil) would be a good thing for this too. NFS - for read-only, NFS is much easier than read-write. In some operating systems you can have automatic failover if a read-only NFS server fails. For read-write, you're more apt to have a problem with stale file handles. Those can be difficult to deal with. have a good raid solution and resilient hardware (redundant power supplies, parity ram banks (not chips - ecc chips are good though) if available, multipathing network is ~free these days in many OS. Have parts available. Not to say that that requires you to have 6 machines. It might be that you have one master machine for each services and then one 'spare parts'. Or you might have one for each service, or clusters. Figure out which services are most important to you and your users and start beefing them up one by one. Which one stops business? Which one is merely inconvenient? Many places can suffer a 10 minute mail outage without a hue and cry. Internal vs external (cust facing) web makes a big difference. NIS is resilient out of the box with slaves (particularly if you don't have frequent updates). There's no one answer. Do your risk analysis. Try some of the low hanging fruit first (e.g. NIS). More machines doesn't have to be complicated. Have a good distributed management plan. Make use of things like jumpstart/kickstart/fai/etc. automate. Even with a minimal budget you can have really good uptimes. From sage-members-owner@usenix.org Thu Jan 6 15:26:20 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06NQKn3013279 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Jan 2005 15:26:20 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j06NQK6u013278 for sage-members-outgoing; Thu, 6 Jan 2005 15:26:20 -0800 (PST) Received: from smtp.fulcrummicro.com (smtp.fulcrummicro.com [65.119.15.67]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06NQHn2013268 for ; Thu, 6 Jan 2005 15:26:18 -0800 (PST) Received: from [10.0.0.45] (saladin.internal.avlsi.com [10.0.0.45]) by smtp.fulcrummicro.com (Postfix) with ESMTP id 962B62A2B29; Thu, 6 Jan 2005 15:26:07 -0800 (PST) Message-ID: <41DDC90F.6000505@fulcrummicro.com> Date: Thu, 06 Jan 2005 15:26:07 -0800 From: "Bevan C. Bennett" User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040806 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Jan Schaumann Cc: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket References: <20050106223237.GK18275@netmeister.org> In-Reply-To: <20050106223237.GK18275@netmeister.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Jan Schaumann wrote: > So... what are your comments/experiences? How many eggs do you keep in > your basket(s)? As others have noted, I prefer to run one service (or interrelated set of services) per physical system instance. Where the services support such things I also set up backup/secondaries/failovers, but there are still several services that either don't easily support having a backup or where the clients don't failover nicely. For those services I prefer to build the best basket I can, so as to include as much redundancy as possible within the system itself. So, RAID1 or RAID5 for critical harddrives, redundant power supplies where possible, etc. At the very least I'll try to keep a 'spare' system with the same hardware around and doing something non-critical as a potential source of immediate spare parts... on at least two occassions I've brought a more critical system back to life by transferring the hard drive into a 'hot spare' chassis and rebooting. Since everything depends on our main NFS server so much, we spent the extra money to get a nice, highly internally redundant, fully service-contracted NetApp. We also have ~6TB of what I call "scratch" filespace using less expensive (and less reliable) filesevers, which gives people room to store and analyze results but doesn't force everything to a screaming halt when something goes wrong. From sage-members-owner@usenix.org Thu Jan 6 15:29:25 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06NTLn3013616 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Jan 2005 15:29:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j06NTLqg013615 for sage-members-outgoing; Thu, 6 Jan 2005 15:29:21 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j06NTIn3013606 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Jan 2005 15:29:19 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j06NT1bR031016; Thu, 6 Jan 2005 18:29:05 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050106223237.GK18275@netmeister.org> References: <20050106223237.GK18275@netmeister.org> Date: Fri, 7 Jan 2005 00:28:53 +0100 To: Jan Schaumann From: Brad Knowles Subject: Re: [SAGE] number of eggs in a basket Cc: sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 5:32 PM -0500 2005-01-06, Jan Schaumann wrote: > I'd like to get some opinions regarding best practices for mission > critical systems with multiple services. If it's mission critical, then I believe it should be replicated, distributed, and set up for N+M load-balancing/fail-over/fault-resilience, where N is how many machines you need to handle your maximum projected peak load, and M is the number of machines you need to be able to lose and still handle that load. > I have a system that basically is a single point of failure: if it's > down, nothing goes. The services on that machine are WWW, NIS, NFS and > mail. Mail is delivered to ~/.mail so mail can be read via NFS and need > not be fetched. Personally, I'd split these services. Put the NFS stuff on a dedicated NetApp NFS cluster -- unless you're AOL, you can't afford to build your own NFS boxes that can provide better price/performance, nor can you make them easier to manage. I have my problems with NetApp, but they're mostly to do with the company, and there are relatively few criticisms that I can level at the products -- so long as you stick to NFS. From that cluster, mount the NFS home directories everywhere you need. You can do mail on NFS -- Nick Christensen showed us how to do that in a scalable and reliable fashion in his paper "A Highly Scalable Electronic Mail Service Using Open Systems" at . I would not be inclined to try to do IMAP on NFS, unless you're interesting in taking a shot at writing the next chapter in "Design and Implementation of Highly Scalable E-mail Systems" at . > I do not like having all my eggs in this one basket, but on the other > hand distributing the services to several machines seems to complicate > things and increase the likeliness of one of the services failing. If you can't afford to use a NetApp cluster, then you could do a lower-cost cluster with a SAN and a cluster-aware filesystem, and roll your own NFS cluster. It won't be as reliable or easy to manage as a NetApp cluster, but you may be able to live with that, since the result would probably still be an improvement over what you've got now. Once the NFS service is moved over to a cluster, the rest of the parts are easily de-composed into their own groups for distribution across clusters. Or, you could stick with the cluster-aware filesystem over a SAN and dispense with NFS entirely, having the other application servers read/write directly from/to the cluster filesystem. Keep in mind that you can use lower-end servers for the clusters, and still wind up with higher overall system throughput. Of course, if you try to cut too many corners with the cluster servers, you'll wind up with excessive complexity, failures, and downtime, and you'll wish you hadn't gone down that road. Stick with server-grade components, regardless of whatever platform and OS you choose. > So... what are your comments/experiences? How many eggs do you keep in > your basket(s)? I prefer to have at least one basket for each egg. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Thu Jan 6 22:02:42 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0762gn3019355 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Jan 2005 22:02:42 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0762gV1019354 for sage-members-outgoing; Thu, 6 Jan 2005 22:02:42 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0762en2019349 for ; Thu, 6 Jan 2005 22:02:40 -0800 (PST) Received: (qmail 80768 invoked by uid 18647); 7 Jan 2005 06:02:35 -0000 Date: Thu, 6 Jan 2005 22:02:35 -0800 From: Philip Brown To: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket (sun NFS please read) Message-ID: <20050106220235.A65305@bolthole.com> Mail-Followup-To: sage-members@sage.org References: <20050106223237.GK18275@netmeister.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from doug@eng.auburn.edu on Thu, Jan 06, 2005 at 04:50:22PM -0600 Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, Jan 06, 2005 at 04:50:22PM -0600, Doug Hughes wrote: > > NFS - for read-only, NFS is much easier than read-write. In some > operating systems you can have automatic failover if a read-only > NFS server fails. Speaking of which... I just found out something really, really annoying about sun. Sun's NFS client failover is broken. Has been for years. At least since solaris 8, probably longer. Furthermore, sun has KNOWN ABOUT IT for over a year, but wont fix it, because "its too much work". On top of that, their NFS engineering staff had the gall to tell me, "well the documentation doesnt explicitly SAY it behaves [the way anyone here would expect it to], so that isnt a bug, thats just undocumented behaviour. We'll _fix_the_documentation_". The problem: Take an NFS client, configured to do readonly failover between servers "nfs1" and "nfs2" make nfs1 unavailable reboot your NFS client (or manually unmount and remount filesystem) bring nfs1 back up take nfs2 offline. No problem, right? because after all, you never had less than one nfs server available at all times, right? Wrong. Your NFS client is now dead in the water. It will NOT failover to nfs1, since it was not up at the time you did the mount of the NFS fileystem. So in other words, if "hypothetically", half of your datacenter crashed, and all of your low-load clients happened to come up before your big beefy NFS server... and then your other NFS server happened to go offline for whatever reason... you now have half of your datacenter out of action again. Good thing this sort of thing never happens twice in one month. Oh, yeah. BugID 4931782. Open since at least Aug 2003, I'm told. For anyone who has a gold level contract, would you please take a minute to file an escalation on this bugid, and also note that as an enterprise customer, you are shocked that sun is deliberately choosing to not fix this bug. We have already filed escalation. But apparently, only one customer filing a support ticket, against an issue that has taken 30 production servers offline, isnt seen as something that's worth fixing at the code level by sun. its a publically visible bug, btw: http://sunsolve.sun.com/search/document.do?assetkey=1-1-4931782-1 The last sentance of the pre-existing bug report is particularly succinct: "Basically, the end result is that the -ro failover is only useful when both servers remain up at all times, which defeats the purpose." From sage-members-owner@usenix.org Fri Jan 7 07:29:30 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07FTTn3005616 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 07:29:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07FTTqw005615 for sage-members-outgoing; Fri, 7 Jan 2005 07:29:29 -0800 (PST) Received: from hexogen.explosive.net (hexogen.explosive.net [216.27.184.5]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07FTQn3005609 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 7 Jan 2005 07:29:28 -0800 (PST) Received: by hexogen.explosive.net (Postfix, from userid 518) id 812DAEBFA0; Fri, 7 Jan 2005 07:29:12 -0800 (PST) Subject: [SAGE] Free access to X/Open's Single Unix Spec (Version 3) To: sage-members@usenix.org (SAGE Members) Date: Fri, 7 Jan 2005 10:29:12 -0500 (EST) From: "Adam S. Moskowitz" Reply-To: adamm@menlo.com X-Mailer: ELM [version 2.5 PL6] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20050107152912.812DAEBFA0@hexogen.explosive.net> Sender: owner-sage-members@usenix.org Precedence: bulk I *STRONGLY* urge every SAGE member to "get" a copy of the X/Open Single Unix Spec: It may not be the de jure standard for Unix-like systems, but it's based on the IEEE/ISO standard and is probably the "most definitive" standard for the areas not covered by POSIX. Best of all, it's free! Go here: http://www.unix.org/version3/online.html and click the link for: Register to read or download the specification You'll be asked for your name, email address, and country; except for maybe a confirmation of my registration I don't think I've received a single piece of email from X/Open. (I'm sure they have a privacy policy somewhere but I didn't bother to read it.) It can take a little while to get used to reading standards, and at first it may be hard to find what you're looking for. I suggest starting with the alphabetical index. Watch out: The detailed tables of contents are quite long and will take a while to load. AdamM From sage-members-owner@usenix.org Fri Jan 7 07:57:44 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07Fvhn3006407 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 07:57:43 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07FvgG0006406 for sage-members-outgoing; Fri, 7 Jan 2005 07:57:42 -0800 (PST) Received: from out2.smtp.messagingengine.com (out2.smtp.messagingengine.com [66.111.4.26]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07Fven2006401 for ; Fri, 7 Jan 2005 07:57:41 -0800 (PST) Received: from frontend2.messagingengine.com (frontend2.internal [10.202.2.151]) by frontend1.messagingengine.com (Postfix) with ESMTP id 8FA14C4AA28; Fri, 7 Jan 2005 10:57:32 -0500 (EST) X-Sasl-enc: 0s/VlGJUuUTKCJo6YzNY5A 1105113451 Received: from [192.168.4.140] (h-67-100-8-110.nycmny83.covad.net [67.100.8.110]) by frontend2.messagingengine.com (Postfix) with ESMTP id 517F056F785; Fri, 7 Jan 2005 10:57:30 -0500 (EST) Message-ID: <41DEB16A.7070303@thathat.com> Date: Fri, 07 Jan 2005 10:57:30 -0500 From: Xev Gittler User-Agent: Mozilla Thunderbird 1.0 (Macintosh/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: David Parter Cc: Jan Schaumann , sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket References: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> In-Reply-To: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk David Parter wrote: > We believe very strongly in only one service per server. > > > That works on a small scale. However, it can be extraordinarily wasteful in the large scale. Given the size of even the smallest machines, a single service can use a minuscule amount of the CPU. While this won't make much of a difference on one machine, 1000 machines each running at a trivial utilization level, is an expensive waste of resources, regardless of how cheap each piece of hardware is. Clearly, you need to balance service requirements vs. criticality vs. stability, etc, but managing services, and running multiple ones on a machine, perhaps migrating them as necessary is a more effective use of resources. I don't want to suggest that you should do this on huge, expensive machines, but there is a sweet spot for this hardware, and it is more capacity than most services require. Xev From sage-members-owner@usenix.org Fri Jan 7 08:44:02 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07Gi2n3007407 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 08:44:02 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07Gi26H007406 for sage-members-outgoing; Fri, 7 Jan 2005 08:44:02 -0800 (PST) Received: from parhelion.firedrake.org (mail@parhelion.firedrake.org [193.201.200.77]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07Ghwn2007398 for ; Fri, 7 Jan 2005 08:44:00 -0800 (PST) Received: from phil by parhelion.firedrake.org with local (Exim 3.35 #1 (Debian)) id 1CmxDD-0007fB-00 for ; Fri, 07 Jan 2005 16:43:43 +0000 Date: Fri, 7 Jan 2005 17:43:43 +0100 From: Phil Pennock To: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket Message-ID: <20050107164343.GA29076@parhelion.globnix.org> Mail-Followup-To: sage-members@sage.org References: <20050106223237.GK18275@netmeister.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050106223237.GK18275@netmeister.org> Sender: owner-sage-members@usenix.org Precedence: bulk On 2005-01-06 at 17:32 -0500, Jan Schaumann wrote: > I have a system that basically is a single point of failure: if it's > down, nothing goes. The services on that machine are WWW, NIS, NFS and > mail. Mail is delivered to ~/.mail so mail can be read via NFS and need > not be fetched. > > I do not like having all my eggs in this one basket, but on the other > hand distributing the services to several machines seems to complicate > things and increase the likeliness of one of the services failing. How many fires do you want to fight at once? If you only have to worry about one service, you have more flexibility in fixing things. Particularly if you want to do something like reboot to test that everything now comes up cleanly on reboot: it's easier to justify "this service has been down anyway, I'm only extending the outage by 4 minutes" than "there's going to be another outage of all these other services". If you want to split just one off and there's no direct business/performance reason to choose any particular one, then the question I have is, "Where do you keep your design notes and bug-fix notes, or reports on how past problems were dealt with?" Split that one off such that it's not dependent on the rest, because not only is it now less likely to fail (or be broken into and vandalised thanks to a hole elsewhere) but you also now have access to all the history and information needed to speed up bringing the other services back. Eg, if you use email for this, keep email separate. If a Wiki/thingy-du-jour, split WWW off instead. All this assumes that you don't have CGI scripts or the like on WWW. If you do, I advise that you split that one off, and fast, because it should be treated as a different security profile to the others. NIS and NFS very definitely don't run arbitrary code of extremely low quality on the server (contentious, I know), and with Mail just being an NFS mount, that doesn't either. -- P: Well, what do we have as a diagnostic tool? J: Customers From sage-members-owner@usenix.org Fri Jan 7 09:01:03 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07H12n3008075 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 09:01:03 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07H12qW008074 for sage-members-outgoing; Fri, 7 Jan 2005 09:01:02 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07H10n3008069 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 09:01:01 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j07H0pCd088658; Fri, 7 Jan 2005 12:00:52 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <41DEB16A.7070303@thathat.com> References: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> <41DEB16A.7070303@thathat.com> Date: Fri, 7 Jan 2005 18:00:37 +0100 To: Xev Gittler From: Brad Knowles Subject: Re: [SAGE] number of eggs in a basket Cc: David Parter , Jan Schaumann , sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 10:57 AM -0500 2005-01-07, Xev Gittler wrote: > David Parter wrote: > >> We believe very strongly in only one service per server. > > That works on a small scale. However, it can be extraordinarily wasteful > in the large scale. It works well on a large scale, too. AOL was living proof, at least as of the time I was there. Pournelle's Law was "At least one CPU per person", and AOL adapted that to be "At least N+M systems per service". AOL also set up multiple separate "pods", each of which could potentially operate as a totally separate completely contained AOL system, or at least all the necessary front-end bits that are required to handle the client connections, which then connect via load-balanced/fault-tolerant cluster systems for the back-end services. Put a couple of pods in Europe, and that's all that's needed to handle up to a million-plus customers, talking to the AOL back-end systems in Reston and Springfield, Virginia. Put a couple of pods in Japan, too. > Given the size of even the smallest machines, a > single service can use a minuscule amount of the CPU. Depends on the service, and how your systems are designed. If the CPU is always 100% idle, that may not be a problem -- so long as you're keeping the network I/O pipes filled. > While this won't > make much of a difference on one machine, 1000 machines each running at > a trivial utilization level, is an expensive waste of resources, > regardless of how cheap each piece of hardware is. Maybe. It might be "cheap at any price", due to the extreme imbalance between CPU speeds and I/O speed, and the way off-the-shelf systems are designed. YMMV. > Clearly, you need to balance service requirements vs. criticality vs. > stability, etc, As far as that goes, I agree. > but managing services, and running multiple ones on a > machine, perhaps migrating them as necessary is a more effective use > of resources. I don't want to suggest that you should do this on huge, > expensive machines, but there is a sweet spot for this hardware, and > it is more capacity than most services require. The key is to do a proper cost/benefits analysis, and do what is right for you. What is right for AOL or Google may not be right for Mom & Pop Ltd, and vice-versa. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Fri Jan 7 09:17:13 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07HHCn3008741 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 09:17:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07HHCZa008740 for sage-members-outgoing; Fri, 7 Jan 2005 09:17:12 -0800 (PST) Received: from smtp.fulcrummicro.com (smtp.fulcrummicro.com [65.119.15.67]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07HHAn2008735 for ; Fri, 7 Jan 2005 09:17:10 -0800 (PST) Received: from [64.30.203.90] (64-30-203-90.dsl.linkline.com [64.30.203.90]) by smtp.fulcrummicro.com (Postfix) with ESMTP id 158932A2B29; Fri, 7 Jan 2005 09:17:00 -0800 (PST) Message-ID: <41DEC349.30204@fulcrummicro.com> Date: Fri, 07 Jan 2005 09:13:45 -0800 From: Bevan C Bennett User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Xev Gittler Cc: David Parter , Jan Schaumann , sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket References: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> <41DEB16A.7070303@thathat.com> In-Reply-To: <41DEB16A.7070303@thathat.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Xev Gittler wrote: > David Parter wrote: > >> We believe very strongly in only one service per server. > That works on a small scale. However, it can be extraordinarily wasteful > in the large scale. Given the size of even the smallest machines, a > single service can use a minuscule amount of the CPU. While this won't > make much of a difference on one machine, 1000 machines each running at > a trivial utilization level, is an expensive waste of resources, > regardless of how cheap each piece of hardware is. In what sort of crazy environment would you need to implement 1000 different services? Even if you're assuming maximum redundancy and throwing 2 servers at each service (which, if their load is 'trivial' isn't needed for load balancing) that's still 500 different services! Normally I see more on the order of 12-20 different services, and I'm having a hard time trying to come up with a plausible scenario that would use more than 30 truly distinct services. Even in large enterprises, it's primarily the number of clients that scales up, not the number of services being provided, so I don't see this as being a valid argument. > Clearly, you need to balance service requirements vs. criticality vs. > stability, etc, but managing services, and running multiple ones on a > machine, perhaps migrating them as necessary is a more effective use of > resources. I don't want to suggest that you should do this on huge, > expensive machines, but there is a sweet spot for this hardware, and it > is more capacity than most services require. I absoultely agree that you need to balance your particular needs when setting out the number of baskets, and doubling up on 'lightweight' services is of course a more efficient use of your hardware, if that is important to your situation. However, having the services separate is generally a much for efficient use of -you- (and your time), as others have already explained. In all my places of employment so far, when I came in there were one or two servers that were running every service all together. Over time I slowly acquire additional (often smaller) server hardware and separate out the services onto dedicated hardware and, as I have done so, debugging and maintainance has -always- gotten easier. As an added bonus, doing this properly helps to harden your network against attacks, as each box has fewer possible points of entry, and an exploit in a particular service will only effect that service. From sage-members-owner@usenix.org Fri Jan 7 10:28:15 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07ISFn3010302 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 10:28:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07ISFtH010301 for sage-members-outgoing; Fri, 7 Jan 2005 10:28:15 -0800 (PST) Received: from sj-iport-3.cisco.com (sj-iport-3-in.cisco.com [171.71.176.72]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07ISDn2010291 for ; Fri, 7 Jan 2005 10:28:13 -0800 (PST) Received: from sj-core-5.cisco.com (171.71.177.238) by sj-iport-3.cisco.com with ESMTP; 07 Jan 2005 11:39:20 +0000 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id j07IS0jw023201; Fri, 7 Jan 2005 10:28:01 -0800 (PST) Received: from cisco.com ([10.25.20.84]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AGW79892; Fri, 7 Jan 2005 10:27:59 -0800 (PST) Message-ID: <41DED4B0.1090506@cisco.com> Date: Fri, 07 Jan 2005 10:28:00 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Bevan C Bennett CC: Xev Gittler , David Parter , Jan Schaumann , sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket References: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> <41DEB16A.7070303@thathat.com> <41DEC349.30204@fulcrummicro.com> In-Reply-To: <41DEC349.30204@fulcrummicro.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk If you are virtual web hoster you might have a seperate web 'service' for each client. (Some web service providers give you your own real or virtual machine to play in/keep you isolated from others). If you have a big enough business, it's quite conceivable that you could have a thousand services running. The definition of 'distinct service' varies depending on the business that you're in. There's easily a thousand different services running in just one of the Data Centres that I work in (and there are four more DCs with that level of complexity just in our San Jose campus). Fortunately, only a limited number of the services require redundancy, and some of the redundancy is necessary for scaling (as in www.cisco.com) as well as failure tolerance. Yes, we're a 'large enterprise'. (:-) - Richard Chycoski (Cisco Systems, Inc.) Bevan C Bennett wrote: > Xev Gittler wrote: > >> David Parter wrote: >> >>> We believe very strongly in only one service per server. >> >> That works on a small scale. However, it can be extraordinarily >> wasteful in the large scale. Given the size of even the smallest >> machines, a single service can use a minuscule amount of the CPU. >> While this won't make much of a difference on one machine, 1000 >> machines each running at a trivial utilization level, is an expensive >> waste of resources, regardless of how cheap each piece of hardware is. > > > In what sort of crazy environment would you need to implement 1000 > different services? Even if you're assuming maximum redundancy and > throwing 2 servers at each service (which, if their load is 'trivial' > isn't needed for load balancing) that's still 500 different services! > > Normally I see more on the order of 12-20 different services, and I'm > having a hard time trying to come up with a plausible scenario that > would use more than 30 truly distinct services. > > Even in large enterprises, it's primarily the number of clients that > scales up, not the number of services being provided, so I don't see > this as being a valid argument. > >> Clearly, you need to balance service requirements vs. criticality vs. >> stability, etc, but managing services, and running multiple ones on a >> machine, perhaps migrating them as necessary is a more effective use >> of resources. I don't want to suggest that you should do this on >> huge, expensive machines, but there is a sweet spot for this >> hardware, and it is more capacity than most services require. > > > I absoultely agree that you need to balance your particular needs when > setting out the number of baskets, and doubling up on 'lightweight' > services is of course a more efficient use of your hardware, if that > is important to your situation. However, having the services separate > is generally a much for efficient use of -you- (and your time), as > others have already explained. > > In all my places of employment so far, when I came in there were one > or two servers that were running every service all together. Over > time I slowly acquire additional (often smaller) server hardware and > separate out the services onto dedicated hardware and, as I have done > so, debugging and maintainance has -always- gotten easier. As an > added bonus, doing this properly helps to harden your network against > attacks, as each box has fewer possible points of entry, and an > exploit in a particular service will only effect that service. From sage-members-owner@usenix.org Fri Jan 7 10:49:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07In1n3011113 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 10:49:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07In15V011112 for sage-members-outgoing; Fri, 7 Jan 2005 10:49:01 -0800 (PST) Received: from jeffenstein.dyndns.org (lsne-catv-dhcp-15-178.urbanet.ch [80.238.15.178]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07Imwn2011106 for ; Fri, 7 Jan 2005 10:48:59 -0800 (PST) Received: by jeffenstein.dyndns.org (Postfix, from userid 500) id CABDFD38F1; Fri, 7 Jan 2005 19:51:43 +0100 (CET) Date: Fri, 7 Jan 2005 19:51:43 +0100 From: Jeff Fisher To: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket Message-ID: <20050107185143.GD14687@frogger.jeffnet> Mail-Followup-To: sage-members@sage.org References: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> <41DEB16A.7070303@thathat.com> <41DEC349.30204@fulcrummicro.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41DEC349.30204@fulcrummicro.com> User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 07, 2005 at 09:13:45AM -0800, Bevan C Bennett wrote: > > In what sort of crazy environment would you need to implement 1000 > different services? Even if you're assuming maximum redundancy and > throwing 2 servers at each service (which, if their load is 'trivial' > isn't needed for load balancing) that's still 500 different services! > > Normally I see more on the order of 12-20 different services, and I'm > having a hard time trying to come up with a plausible scenario that > would use more than 30 truly distinct services. Depends entirely on the business. I work for a small telco in a small country, and we are already way past 30 in applications, not even counting windows front-ends. However, if you mean distinct services, then there is only really two in the entire company; billing and HR/Financials; everything else is somehow related to these, and even these two islands are have many interconnections. For our parent company (bigger country, lots more clients), it's even worse. They have thousands of servers for just about as many applications. > Even in large enterprises, it's primarily the number of clients that > scales up, not the number of services being provided, so I don't see > this as being a valid argument. What I've seen more is the number of applications increasing, or newer versions of software having bigger hardware requirements. However, I've never worked for a company with the Internet as it's primary business, so I don't know what it's like there... > ... However, having the services separate is > generally a much for efficient use of -you- (and your time), as others > have already explained. We've found that consolidating saves us quite a bit on this. Most troubleshooting in this environment is application issues, which are generally dealt with on development servers. By the time it gets to a shared production server, most applications are well understood, and relatively well behaved. For production, the limitation on consolidation has more to do with service levels and risk rather than horsepower. What it saves us is not only hardware costs, but SAN ports, LAN ports, maintenance, number of administrators, etc... When a new application is ready for production or starts in development, we don't (generally) need to purchase a new server; request facilities to run new fibers and lan cables; request new network ports, san ports, power connections; request new IP address and DNS entries; install the OS; modify the vendor maintenance contract; setup a new server in the backup schedule (only a new filesytem or database), etc... The application can be running in a week or two instead of two or three months. > In all my places of employment so far, when I came in there were one or > two servers that were running every service all together. Over time I > slowly acquire additional (often smaller) server hardware and separate > out the services onto dedicated hardware and, as I have done so, > debugging and maintainance has -always- gotten easier. As an added > bonus, doing this properly helps to harden your network against attacks, > as each box has fewer possible points of entry, and an exploit in a > particular service will only effect that service. > Hmmm... Where I've worked, there has always been a seperate group to debug application problems. When they do come to the sysadmins for help, I haven't seen much interaction between two applications that aren't directly related. Sometimes applications will take down the whole server, but they generally have their own dedicated server because they don't behave. System problems are seperate from application problems, and application<->system problems can almost always be reproduced on development servers without affecting the other applications on the production servers. Can't speak for security; I have done very little with internet-facing services, and most I have seen haven't been very secure despite layering, firewalls, etc... So far as layering internal networks, well, you have to let all the important stuff through the firewall anyway, so it only slows down the viruses that you aren't patched against. The developers seem to do a lot more damage than any hackers, and they're supposed to be on the servers. -- jeff@jeffenstein.dyndns.org At the University of Texas, one of the physics professors would often include bonus questions of a quasi-silly nature on his tests. On one test, he asked the question "What is the speed of light through Jello?" The only student to get credit for answering the question was the one who wrote: "What flavor?" From sage-members-owner@usenix.org Fri Jan 7 10:57:27 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07IvRn3011624 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 10:57:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07IvQVk011623 for sage-members-outgoing; Fri, 7 Jan 2005 10:57:26 -0800 (PST) Received: from gwyn.tux.org (ident-user@gwyn.tux.org [199.184.165.135]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07IvOn3011618 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Fri, 7 Jan 2005 10:57:25 -0800 (PST) Received: from gwyn.tux.org (ident-user@localhost.localdomain [127.0.0.1]) by gwyn.tux.org (8.12.11/8.12.11) with ESMTP id j07IvIWx029665; Fri, 7 Jan 2005 13:57:18 -0500 Received: (from jsdy@localhost) by gwyn.tux.org (8.12.11/8.12.11/Submit) id j07IvIZq029664; Fri, 7 Jan 2005 13:57:18 -0500 Date: Fri, 7 Jan 2005 13:57:18 -0500 From: Joseph S D Yao To: Richard Chycoski Cc: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket Message-ID: <20050107135718.F13650@gwyn.tux.org> Mail-Followup-To: Richard Chycoski , sage-members@sage.org References: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> <41DEB16A.7070303@thathat.com> <41DEC349.30204@fulcrummicro.com> <41DED4B0.1090506@cisco.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <41DED4B0.1090506@cisco.com>; from rac@cisco.com on Fri, Jan 07, 2005 at 10:28:00AM -0800 X-Accepted-File-Formats: ASCII X-Virus-Scanned: ClamAV 0.80/622/Wed Dec 8 08:36:53 2004 clamav-milter version 0.80j on gwyn.tux.org X-Virus-Status: Clean Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 07, 2005 at 10:28:00AM -0800, Richard Chycoski wrote: > If you are virtual web hoster you might have a seperate web 'service' > for each client. ... ... The original poster mentioned "services" such as ... Web, DNS, NIS, and NFS. By this definition, the above qualifies as one, or part of one. However, different Web apps might (MIGHT) qualify as different services. As I think you said, it depends on your business. -- /*********************************************************************\ ** ** Joe Yao jsdy@tux.org - Joseph S. D. Yao ** \*********************************************************************/ From sage-members-owner@usenix.org Fri Jan 7 11:19:09 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07JJ9n3012337 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 11:19:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07JJ9w9012336 for sage-members-outgoing; Fri, 7 Jan 2005 11:19:09 -0800 (PST) Received: from sj-iport-3.cisco.com (sj-iport-3-in.cisco.com [171.71.176.72]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07JJ7n2012331 for ; Fri, 7 Jan 2005 11:19:07 -0800 (PST) Received: from sj-core-5.cisco.com (171.71.177.238) by sj-iport-3.cisco.com with ESMTP; 07 Jan 2005 12:30:14 +0000 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id j07JIsjw021321; Fri, 7 Jan 2005 11:18:55 -0800 (PST) Received: from cisco.com ([10.25.20.84]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AGW84862; Fri, 7 Jan 2005 11:18:54 -0800 (PST) Message-ID: <41DEE09E.6000708@cisco.com> Date: Fri, 07 Jan 2005 11:18:54 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Joseph S D Yao CC: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket References: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> <41DEB16A.7070303@thathat.com> <41DEC349.30204@fulcrummicro.com> <41DED4B0.1090506@cisco.com> <20050107135718.F13650@gwyn.tux.org> In-Reply-To: <20050107135718.F13650@gwyn.tux.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk In a large organisation, any of these individual services can become multiples - for instance we have more than 20 NIS+ domains, all running as separate services. Five of the masters are hosted in one DC. DNS can also become multiple if different servers support different domains or subdomains. Computational resources are often divided at the machine (or cluster of machine) level for different groups of engineers, and each is treated as a separate service. Databases are usually separate servers, and we have hundreds of database servers. Different web services really are different services - sometimes out of the necessity of isolating the environment for each web service. Distinct services should be defined by their distinct environments - running multiple instances of a single kind of service (that each require their own environment and/or redundancy) is the same as running multiple *kinds* of services, except that you should be able to scale better if you plan the services properly (e.g., if you have 20 virtual web environments each running on a dozen different servers, you may only need one or two extra servers for redundancy rather than another dozen). - Richard Joseph S D Yao wrote: >On Fri, Jan 07, 2005 at 10:28:00AM -0800, Richard Chycoski wrote: > > >>If you are virtual web hoster you might have a seperate web 'service' >>for each client. ... >> >> > >... > >The original poster mentioned "services" such as ... Web, DNS, NIS, and >NFS. By this definition, the above qualifies as one, or part of one. > >However, different Web apps might (MIGHT) qualify as different services. >As I think you said, it depends on your business. > > > From sage-members-owner@usenix.org Fri Jan 7 12:31:21 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07KVLn3013727 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 12:31:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07KVLG8013726 for sage-members-outgoing; Fri, 7 Jan 2005 12:31:21 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07KVIn3013721 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 12:31:19 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j07KV6Zw098429; Fri, 7 Jan 2005 15:31:07 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <41DED4B0.1090506@cisco.com> References: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> <41DEB16A.7070303@thathat.com> <41DEC349.30204@fulcrummicro.com> <41DED4B0.1090506@cisco.com> Date: Fri, 7 Jan 2005 20:57:17 +0100 To: Richard Chycoski From: Brad Knowles Subject: Re: [SAGE] number of eggs in a basket Cc: Bevan C Bennett , Xev Gittler , David Parter , Jan Schaumann , sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 10:28 AM -0800 2005-01-07, Richard Chycoski wrote: > If you are virtual web hoster you might have a seperate web 'service' > for each client. (Some web service providers give you your own real or > virtual machine to play in/keep you isolated from others). If you have > a big enough business, it's quite conceivable that you could have a > thousand services running. Those are virtual services. That's not the same thing, at least not in my book. However, they do also break down, distribute, replicate, and work in fault-tolerant manners according to the same rules discussed so far. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Fri Jan 7 12:51:02 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07Kp2n3014429 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 12:51:02 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07Kp12N014428 for sage-members-outgoing; Fri, 7 Jan 2005 12:51:02 -0800 (PST) Received: from chopin.co-prosperity.org (chopin.co-prosperity.org [24.196.66.98]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07Koxn3014404 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Fri, 7 Jan 2005 12:51:00 -0800 (PST) Received: from chopin.co-prosperity.org (chopin [127.0.0.1]) by chopin.co-prosperity.org (8.12.5/8.12.5) with ESMTP id j07Ku9Aw029286; Fri, 7 Jan 2005 14:56:09 -0600 Received: from localhost (nmedbery@localhost) by chopin.co-prosperity.org (8.12.5/8.12.5/Submit) with ESMTP id j07Ku9Fc029283; Fri, 7 Jan 2005 14:56:09 -0600 X-Authentication-Warning: localhost.localdomain: nmedbery owned process doing -bs Date: Fri, 7 Jan 2005 14:56:09 -0600 (CST) From: nmedbery@museverte.net X-X-Sender: nmedbery@localhost.localdomain To: Richard Chycoski cc: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket In-Reply-To: <41DEE09E.6000708@cisco.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-sage-members@usenix.org Precedence: bulk Not to mention that even one service (whether it be web, nis, etc. or different instances of one of those) will usually have multiple environments for development, acceptance testing, and production. At least the acceptance environment should have the same redundancy as production to make sure the given application/service functions in that specific configuration. This may have been touched on already, sorry if I missed it. At my last job, we had such a three tier system and redundancy was built into both acceptance and production (duh). We had a large room full of machines providing roughly the 12-20 services referred to by other people. I swear they were breeding down there! And that was with redundancy for a select few services! -Nate On Fri, 7 Jan 2005, Richard Chycoski wrote: > In a large organisation, any of these individual services can become > multiples - for instance we have more than 20 NIS+ domains, all running > as separate services. Five of the masters are hosted in one DC. > > DNS can also become multiple if different servers support different > domains or subdomains. Computational resources are often divided at the > machine (or cluster of machine) level for different groups of engineers, > and each is treated as a separate service. Databases are usually > separate servers, and we have hundreds of database servers. > > Different web services really are different services - sometimes out of > the necessity of isolating the environment for each web service. > > Distinct services should be defined by their distinct environments - > running multiple instances of a single kind of service (that each > require their own environment and/or redundancy) is the same as running > multiple *kinds* of services, except that you should be able to scale > better if you plan the services properly (e.g., if you have 20 virtual > web environments each running on a dozen different servers, you may only > need one or two extra servers for redundancy rather than another dozen). > > - Richard > > > Joseph S D Yao wrote: > > >On Fri, Jan 07, 2005 at 10:28:00AM -0800, Richard Chycoski wrote: > > > > > >>If you are virtual web hoster you might have a seperate web 'service' > >>for each client. ... > >> > >> > > > >... > > > >The original poster mentioned "services" such as ... Web, DNS, NIS, and > >NFS. By this definition, the above qualifies as one, or part of one. > > > >However, different Web apps might (MIGHT) qualify as different services. > >As I think you said, it depends on your business. > > > > > > > From sage-members-owner@usenix.org Fri Jan 7 13:01:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07L1Xn3014951 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 13:01:34 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07L1Xfj014950 for sage-members-outgoing; Fri, 7 Jan 2005 13:01:33 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07L1Un3014943 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 13:01:31 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j07L06ca099903; Fri, 7 Jan 2005 16:00:22 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Fri, 7 Jan 2005 21:59:56 +0100 To: nmedbery@museverte.net From: Brad Knowles Subject: Re: [SAGE] number of eggs in a basket Cc: Richard Chycoski , sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 2:56 PM -0600 2005-01-07, nmedbery@museverte.net wrote: > At > least the acceptance environment should have the same redundancy as > production to make sure the given application/service functions in that > specific configuration. Ideally, yes. In reality, most places probably won't be able to afford to do that. I know that AOL had enough parts of different systems that they could configure pretty complete replicas of various different parts of production systems one at a time, but didn't have enough components to be able to simulate the entire production online service at the same time. They also had several different versions of different components that they needed to be able to run, in order to support other parts of the system, or other customers (e.g., for the period of time that Apple still had eWorld). There were some Stratus modules that were dedicated to mail on the production systems but which had to be shared for the Test/QA systems, and sometimes they had to be taken down and reconfigured for use with some of the other groups. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Fri Jan 7 13:07:42 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07L7gn3015431 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 13:07:42 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07L7goh015430 for sage-members-outgoing; Fri, 7 Jan 2005 13:07:42 -0800 (PST) Received: from mxsf21.cluster1.charter.net (mxsf21.cluster1.charter.net [209.225.28.221]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07L7en2015424 for ; Fri, 7 Jan 2005 13:07:40 -0800 (PST) Received: from mxip11.cluster1.charter.net (mxip11a.cluster1.charter.net [209.225.28.141]) by mxsf21.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id j07L7SHt023990 for ; Fri, 7 Jan 2005 16:07:29 -0500 Received: from 24.247.214.232.bay.mi.chartermi.net (HELO lokkur.dexter.mi.us) (24.247.214.232) by mxip11.cluster1.charter.net with ESMTP; 07 Jan 2005 16:07:29 -0500 X-Ironport-AV: i="3.88,109,1102309200"; d="scan'208"; a="710375129:sNHT91808992" Received: by lokkur.dexter.mi.us (Postfix, from userid 1000) id 2766216CEC0; Fri, 7 Jan 2005 22:46:45 -0500 (EST) Date: Fri, 7 Jan 2005 22:46:45 -0500 From: Steve Simmons To: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket Message-ID: <20050108034645.GA7081@lokkur.dexter.mi.us> References: <20050106223237.GK18275@netmeister.org> <20050107164343.GA29076@parhelion.globnix.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050107164343.GA29076@parhelion.globnix.org> User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk On 2005-01-06 at 17:32 -0500, Jan Schaumann wrote: > I have a system that basically is a single point of failure: if it's > down, nothing goes. The services on that machine are WWW, NIS, NFS and > mail. Mail is delivered to ~/.mail so mail can be read via NFS and need > not be fetched. The answer is "it depends." :-) Services that can fail over automaticly to moderately easily are perfectly reasonable to put on a pair of servers -- one's the primary, ones' the backup. If the primary fails, cut over to the backup. (Hand wave, hand wave - it's rarely quite that easy). Other services depend a lot on just how you've got them deployed. Take DNS and web service as examples. With DNS, any machine that has a copy of the zone files and can do virtual IP interfaces will work just fine. When primary DNS dies, you activate a virtual interface with the address of the DNS server and manually start DNS. Instant restoration of service, cheap and easy. With web service, it depends strongly on whether your raw HT files are on the local disk or a server, if you access thru a DB or not, what kinds of certificates you need, what kind of software you might have that is or isn't too expensive to duplicate, ya-da, ya-da. But assuming these aren't insurmountable difficulties, the principle is the same -- bring up a virtual interface, start up httpd on the second server, and you're off. Things get a bit more complex but still manageable when you start putting multiple services on a single machine and still want to fail them over. In a case like that, I'd allocate a name and address for each service: dns, www, dhcp, etc. Then have the primary server put up one virtual interface for each service. If an individual service dies (db corruption, lose the spindle with DNS data but not the HT files, etc) you can even have both machines running at the same time -- provided they don't both try to provide the same service, of course. With a situation like that, you put as many services on a pair of machines as they can handle. The services that can't be paired you put on individual machines. Some other downsides to one server per service: Most of us have or will soon have limited power and cooling capacity in our server rooms. One server per service can suck up a fair amount of capacity. Server-class machines aren't cheap. But if you can run a bunch of services on a pair of machines, you don't need server-class machines. Just machines fast enough for those services. Conversely, if you put those services on old PCs running Linux, they'll have all the reliability of old PCs. IMHO better to buy a couple of good ones. Fewer machines to maintain and admin means lower cost. Granted, it may not be a *lot* lower, depending on the rest of your environment. But it will be lower. YMMV, offer only available to adults over 18, not valid where explicitly prohibited by law, etc, etc. Steve -- "There's a lot of my personality in my characters. I think that's why smart-asses are over-represented." Christopher Moore, in http://www.chrismoore.com/world_domination.htm From sage-members-owner@usenix.org Fri Jan 7 13:44:32 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07LiVn3016421 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 13:44:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07LiVsS016420 for sage-members-outgoing; Fri, 7 Jan 2005 13:44:31 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07LiSn3016415 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 13:44:30 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j07LiK2K002150; Fri, 7 Jan 2005 16:44:21 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050108034645.GA7081@lokkur.dexter.mi.us> References: <20050106223237.GK18275@netmeister.org> <20050107164343.GA29076@parhelion.globnix.org> <20050108034645.GA7081@lokkur.dexter.mi.us> Date: Fri, 7 Jan 2005 22:44:12 +0100 To: Steve Simmons From: Brad Knowles Subject: Re: [SAGE] number of eggs in a basket Cc: sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 10:46 PM -0500 2005-01-07, Steve Simmons wrote: > With DNS, any machine that has a copy of the zone files and can do > virtual IP interfaces will work just fine. When primary DNS dies, > you activate a virtual interface with the address of the DNS server > and manually start DNS. Instant restoration of service, cheap and > easy. It depends on what you mean by "dies". There are certain kinds of failures that may happen within the application which would be propagated to all the secondaries, and would not necessarily be detectable by the monitoring system. Also keep in mind that you will have ARP cache timeout issues when you activate the virtual IP address. Better to have multiple service IP addresses that are advertised via servers which are designed for this kind of failure, and a monitoring/fail-over system that can help minimize the ARP cache timeout issues, etc.... When you're talking about this sort of thing, you really want to use dedicated nameserver boxes if at all possible. Being a nameserver can be a very heavy load on a machine, even if it seems that the machine isn't actually doing much work. This can seriously impact the other services on the machine, if you try to run it on a shared box. > With web service, it depends strongly on whether your raw HT files > are on the local disk or a server, if you access thru a DB or not, > what kinds of certificates you need, what kind of software you might > have that is or isn't too expensive to duplicate, ya-da, ya-da. Any time you start talking about databases, NIS, etc... being shared across the network, you have to be real careful when you talk about putting NFS into that mix. For one thing, Berkeley DB (and most other database systems) tend to use mmap() system calls for maximum performance, and mmap() cannot be used on NFS. This can cause problems in all sorts of unexpected areas. For example, Cyrus can't be used on NFS, because it stores the mailbox meta-data indexes in Berkeley DB, which uses mmap(). You can't store diablo USENET news server indexes on NFS, because it also uses mmap() for speed (storing the articles on NFS is a different matter, but does have it's own issues). NIS, LDAP, and other network information database systems may also make use of Berkeley DB as the back-end, or otherwise make use of mmap(). Note that MySQL can also use Berkeley DB as the back-end (which is how they achieve full ACID compliance for their MaxSQL product). Anyway, it all comes down to this -- YMMV. You need to do the cost/benefit analysis and figure out what works best for you. > Things get a bit more complex but still manageable when you start > putting multiple services on a single machine and still want to > fail them over. In a case like that, I'd allocate a name and > address for each service: dns, www, dhcp, etc. That works up to the point where you need to reboot the box, at which point all these things go down at once. Server partitioning schemes (e.g., such as found on certain types of Sun Enterprise class servers for Solaris 9 and in Solaris 10 for a wider array of boxes) can help make this process easier by allowing you to reboot the virtual box while the physical hardware will hopefully remain operational. Again, that only works to a point. The next step would be to go to blade systems, where you really do get entirely separate machines that all share a common chassis. Of course, that has its own failure modes. > With a situation like that, you put as many services on a pair of > machines as they can handle. The services that can't be paired > you put on individual machines. That assumes that a pair of machines is sufficient to handle the load, and the second machine wouldn't melt if the primary died. This may be a valid assumption in some cases, but not in others. > Most of us have or will soon have limited power and cooling capacity > in our server rooms. One server per service can suck up a fair > amount of capacity. The bigger server-class machines can also suck up a lot of power and cooling. You need to find out what is the right balance for you. > Server-class machines aren't cheap. But if you can run a bunch of > services on a pair of machines, you don't need server-class machines. > Just machines fast enough for those services. They may be a lot more expensive to own and operate, as well as to upgrade. You need to look at all the pieces in the cost/benefit equation and decide what works best for you. > Conversely, if you put those services on old PCs running Linux, they'll > have all the reliability of old PCs. IMHO better to buy a couple of > good ones. Server-grade machines doesn't necessarily mean Sun boxes. You can get server-grade PCs, too. You just have to look harder. > Fewer machines to maintain and admin means lower cost. Granted, it > may not be a *lot* lower, depending on the rest of your environment. > But it will be lower. Maybe. It might raise your costs. It all depends on your particular situation. > YMMV, offer only available to adults over 18, not valid where explicitly > prohibited by law, etc, etc. That's the key -- YMMV. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Fri Jan 7 14:13:24 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07MDMn3017247 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 14:13:23 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07MDMd3017246 for sage-members-outgoing; Fri, 7 Jan 2005 14:13:22 -0800 (PST) Received: from sj-iport-5.cisco.com (sj-iport-5.cisco.com [171.68.10.87]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07MDKn2017241 for ; Fri, 7 Jan 2005 14:13:21 -0800 (PST) Received: from sj-core-4.cisco.com (171.68.223.138) by sj-iport-5.cisco.com with ESMTP; 07 Jan 2005 14:14:02 -0800 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-4.cisco.com (8.12.10/8.12.6) with ESMTP id j07MD71X021543; Fri, 7 Jan 2005 14:13:08 -0800 (PST) Received: from cisco.com ([10.25.20.84]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AGW99741; Fri, 7 Jan 2005 14:13:07 -0800 (PST) Message-ID: <41DF0973.9090704@cisco.com> Date: Fri, 07 Jan 2005 14:13:07 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Brad Knowles CC: Steve Simmons , sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket References: <20050106223237.GK18275@netmeister.org> <20050107164343.GA29076@parhelion.globnix.org> <20050108034645.GA7081@lokkur.dexter.mi.us> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk There are many different kinds of mechanisms for building failsafe systems, and which one to choose for a particular service depends on how critical the service is, how much of an outage you can stand (none, seconds, minutes), and how much money you have. For many web services, you can use hardware or software products that allow you to have multiple hosts providing the service, and when one host goes down there is no outage whatsoever (other than possibly a lost transaction-in-progress). I can, of course, recommend the hardware solutions built by my own company, but there's lots of viable competition in this market (:-). Services like DNS have inherent redundancy capabilities, but failover usually takes about 4 seconds to point at a secondary server, and that may be too much for some applications. Again, hardware load sharing devices can be used to split the load and automatically fail over if necessary. As Steve points out, however, if the data gets corrupted and replicated to all of the servers, this kind of redundancy will not keep you running - the same is true with clustered file servers. Other methods of testing and non-clustered backups are needed if you suffer from the fat-finger or other data corruption problem. The ARP cache problem can be avoided by adding a hardware ethernet interface and zapping the MAC address to match the failed service (or playing tricks with software products like VMware to do the same for a virtual machine), but there are other gotchas - if you are connected to a network switch, there may still be a small outage while the switch realises that this MAC address has move to a new port. You can also play tricks by broadcasting an ARP reply that convinces all of the hosts to move to your new MAC address - a technique that can be used for good or evil... I agree with Steve's recommendation for the use of dedicated nameservers. Start watching the instantaneous CPU and packet loads on such servers (don't look at one- or five- minute averages) and you'll see some real peaks, especially at 'witching hours' if you have a lot of machines with cron jobs that are too well synced. (I just finished working on such a problem in our own environment - default 'systat' cron jobs on hundreds of Linux servers that all go off every 10 minutes, on the 10 minute marker, all insisting on grabbing the 'group' map across the network simultaneously - yuckk!) - Richard Brad Knowles wrote: > At 10:46 PM -0500 2005-01-07, Steve Simmons wrote: > >> With DNS, any machine that has a copy of the zone files and can do >> virtual IP interfaces will work just fine. When primary DNS dies, >> you activate a virtual interface with the address of the DNS server >> and manually start DNS. Instant restoration of service, cheap and >> easy. > > > It depends on what you mean by "dies". There are certain kinds of > failures that may happen within the application which would be > propagated to all the secondaries, and would not necessarily be > detectable by the monitoring system. > > Also keep in mind that you will have ARP cache timeout issues when > you activate the virtual IP address. Better to have multiple service > IP addresses that are advertised via servers which are designed for > this kind of failure, and a monitoring/fail-over system that can help > minimize the ARP cache timeout issues, etc.... > > When you're talking about this sort of thing, you really want to > use dedicated nameserver boxes if at all possible. Being a nameserver > can be a very heavy load on a machine, even if it seems that the > machine isn't actually doing much work. This can seriously impact the > other services on the machine, if you try to run it on a shared box. > >> With web service, it depends strongly on whether your raw HT files >> are on the local disk or a server, if you access thru a DB or not, >> what kinds of certificates you need, what kind of software you might >> have that is or isn't too expensive to duplicate, ya-da, ya-da. > > > Any time you start talking about databases, NIS, etc... being > shared across the network, you have to be real careful when you talk > about putting NFS into that mix. For one thing, Berkeley DB (and most > other database systems) tend to use mmap() system calls for maximum > performance, and mmap() cannot be used on NFS. > > This can cause problems in all sorts of unexpected areas. For > example, Cyrus can't be used on NFS, because it stores the mailbox > meta-data indexes in Berkeley DB, which uses mmap(). You can't store > diablo USENET news server indexes on NFS, because it also uses mmap() > for speed (storing the articles on NFS is a different matter, but does > have it's own issues). > > NIS, LDAP, and other network information database systems may also > make use of Berkeley DB as the back-end, or otherwise make use of > mmap(). Note that MySQL can also use Berkeley DB as the back-end > (which is how they achieve full ACID compliance for their MaxSQL > product). > > > Anyway, it all comes down to this -- YMMV. You need to do the > cost/benefit analysis and figure out what works best for you. > >> Things get a bit more complex but still manageable when you start >> putting multiple services on a single machine and still want to >> fail them over. In a case like that, I'd allocate a name and >> address for each service: dns, www, dhcp, etc. > > > That works up to the point where you need to reboot the box, at > which point all these things go down at once. > > Server partitioning schemes (e.g., such as found on certain types > of Sun Enterprise class servers for Solaris 9 and in Solaris 10 for a > wider array of boxes) can help make this process easier by allowing > you to reboot the virtual box while the physical hardware will > hopefully remain operational. Again, that only works to a point. > > The next step would be to go to blade systems, where you really do > get entirely separate machines that all share a common chassis. Of > course, that has its own failure modes. > >> With a situation like that, you put as many services on a pair of >> machines as they can handle. The services that can't be paired >> you put on individual machines. > > > That assumes that a pair of machines is sufficient to handle the > load, and the second machine wouldn't melt if the primary died. This > may be a valid assumption in some cases, but not in others. > >> Most of us have or will soon have limited power and cooling capacity >> in our server rooms. One server per service can suck up a fair >> amount of capacity. > > > The bigger server-class machines can also suck up a lot of power > and cooling. You need to find out what is the right balance for you. > >> Server-class machines aren't cheap. But if you can run a bunch of >> services on a pair of machines, you don't need server-class machines. >> Just machines fast enough for those services. > > > They may be a lot more expensive to own and operate, as well as to > upgrade. You need to look at all the pieces in the cost/benefit > equation and decide what works best for you. > >> Conversely, if you put those services on old PCs running Linux, they'll >> have all the reliability of old PCs. IMHO better to buy a couple of >> good ones. > > > Server-grade machines doesn't necessarily mean Sun boxes. You can > get server-grade PCs, too. You just have to look harder. > >> Fewer machines to maintain and admin means lower cost. Granted, it >> may not be a *lot* lower, depending on the rest of your environment. >> But it will be lower. > > > Maybe. It might raise your costs. It all depends on your > particular situation. > >> YMMV, offer only available to adults over 18, not valid where >> explicitly >> prohibited by law, etc, etc. > > > That's the key -- YMMV. > From sage-members-owner@usenix.org Fri Jan 7 14:53:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07Mrjn3018239 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 14:53:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j07MrjVQ018238 for sage-members-outgoing; Fri, 7 Jan 2005 14:53:45 -0800 (PST) Received: from ace.DELOS.COM (ace.DELOS.COM [192.65.171.163]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07Mrfn3018231 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 14:53:44 -0800 (PST) Received: from ace.DELOS.COM (localhost [127.0.0.1]) by ace.DELOS.COM (8.12.9/8.12.9) with ESMTP id j07MrYJI076641 for ; Fri, 7 Jan 2005 15:53:34 -0700 (MST) (envelope-from kolstad@ace.DELOS.COM) Received: (from kolstad@localhost) by ace.DELOS.COM (8.12.9/8.12.9/Submit) id j07MrYJV076640 for sage-members@usenix.org; Fri, 7 Jan 2005 15:53:34 -0700 (MST) Received: from mailhost.nmt.edu (mailhost.NMT.EDU [129.138.4.52]) by usenix.org (8.12.10/8.12.10) with ESMTP id j07LAan3015718 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 7 Jan 2005 13:10:37 -0800 (PST) Received: from [129.138.88.153] (marcopolo.nmt.edu [129.138.88.153]) (authenticated bits=0) by mailhost.nmt.edu (8.13.0/8.13.0) with ESMTP id j07LARde030639 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 7 Jan 2005 14:10:28 -0700 Message-ID: <41DEFAD1.2080009@nmt.edu> Date: Fri, 07 Jan 2005 14:10:41 -0700 From: Ruth Milner Reply-To: rmilner@nmt.edu User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040514 X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@usenix.org Subject: Re: [SAGE] number of eggs in a basket References: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> In-Reply-To: <200501062248.j06MmWn6007584@yfandes.cs.wisc.edu> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk David Parter wrote: > I am not sure why you think that > "distributing the services to several machines seems to complicate > things and increase the likeliness of one of the services failing." > [...] > 2) the basic server platform is unstable, and the OS crashes and/or > hardware failures are likely, so with more than one server, there is > an increased likelyhood of crashes Any system goes down from time to time, whether planned or not, due to hardware/software/power upgrades/failures/etc. If you distribute 10 services across 10 servers instead of one, it is 10 times more likely that some sort of hardware or system software problem will take out a service. The clients will therefore see more outages overall. Of course, with modern computers, that probability for a single system is very small; but it may go from negligible to measurable when multiplied by 10 or more. The trick is to lessen the impact of such service outages. The balancing point may be whether the service is a critical one (i.e. if it's down, the clients are dead in the water too). If you have more than one such service, putting them all on a single more reliable server may make sense, to minimize the number of critical failures. You can then distribute the less critical ones on separate systems for management flexibility. Interdependencies can actually be reduced by separating services. E.g. if you have two service packages that depend on some other utility (shall we say, perl), and upgrading one service requires upgrading the utility, then putting both services on the same server may force you to upgrade them in tandem - something that is usually preferable to avoid if it isn't fundamentally necessary. There are any number of valid shades of grey in the answers to this question of centralized vs decentralized services, and they evolve because they depend on many factors. Ruth Milner From sage-members-owner@usenix.org Fri Jan 7 17:55:40 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j081ten3022403 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 17:55:40 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j081teJa022402 for sage-members-outgoing; Fri, 7 Jan 2005 17:55:40 -0800 (PST) Received: from quark.cs.earlham.edu (cs.earlham.edu [159.28.230.3]) by usenix.org (8.12.10/8.12.10) with ESMTP id j081tan3022397 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 17:55:37 -0800 (PST) Received: from quark.cs.earlham.edu (localhost.cs.earlham.edu [127.0.0.1]) by quark.cs.earlham.edu (8.13.1/8.12.9) with ESMTP id j081tVAx088929 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 20:55:31 -0500 (EST) (envelope-from skylar@cs.earlham.edu) Received: (from skylar@localhost) by quark.cs.earlham.edu (8.13.1/8.12.9/Submit) id j081tVpW088928 for sage-members@sage.org; Fri, 7 Jan 2005 19:55:31 -0600 (CST) (envelope-from skylar@cs.earlham.edu) X-Authentication-Warning: quark.cs.earlham.edu: skylar set sender to skylar@quark.cs.earlham.edu using -f Date: Fri, 7 Jan 2005 19:55:31 -0600 From: Skylar Thompson To: sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket Message-ID: <20050108015531.GA88766@quark.cs.earlham.edu> Reply-To: Skylar Thompson Mail-Followup-To: sage-members@sage.org References: <20050106223237.GK18275@netmeister.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050106223237.GK18275@netmeister.org> User-Agent: Mutt/1.4.2.1i X-Sender: "Skylar Thompson" X-Accept-Primary-Language: en X-Accept-Secondary-Language: es SMTP-Mailing-Host: quark.cs.earlham.edu X-Operating-System: FreeBSD 4.11-PRERELEASE X-Uptime: 7:55PM up 22 days, 17:02, 14 users, load averages: 0.30, 0.25, 0.20 X-Editor: VIM - Vi IMproved 6.3 (2004 June 7, compiled Aug 26 2004 10:37:04) Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, Jan 06, 2005 at 05:32:37PM -0500, Jan Schaumann wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > > I'd like to get some opinions regarding best practices for mission > critical systems with multiple services. > > I have a system that basically is a single point of failure: if it's > down, nothing goes. The services on that machine are WWW, NIS, NFS and > mail. Mail is delivered to ~/.mail so mail can be read via NFS and need > not be fetched. > > I do not like having all my eggs in this one basket, but on the other > hand distributing the services to several machines seems to complicate > things and increase the likeliness of one of the services failing. > > So... what are your comments/experiences? How many eggs do you keep in > your basket(s)? Depending on your staffing, I can see two ways to approach this problem: 1. You have a small, or part-time, staff. This means that it can be advantageous to concentrate all your services in as few machines as possible, and make those machines as reliable as possible. What you lose in reliablity you gain in simplicity, making the admins' jobs easier. 2. You have a larger, or full-time, staff. This makes the idea of one-service-per-machine more realistic, because an admin can concentrate on one recalcitrant machine while the others keep the workflow moving. -- -- Skylar Thompson (skylar@cs.earlham.edu) -- http://www.cs.earlham.edu/~skylar/ From sage-members-owner@usenix.org Fri Jan 7 18:20:02 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j082K2n3023097 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 18:20:02 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j082K2mp023096 for sage-members-outgoing; Fri, 7 Jan 2005 18:20:02 -0800 (PST) Received: from jas.peak.org (peak-colo-196-137.peak.org [69.59.196.137] (may be forged)) by usenix.org (8.12.10/8.12.10) with ESMTP id j082K0n3023091 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO) for ; Fri, 7 Jan 2005 18:20:00 -0800 (PST) Received: from sechrest (helo=jas.peak.org) by jas.peak.org with local-esmtp (Exim 4.34) id 1Cn6Cp-00020g-6Z; Fri, 07 Jan 2005 18:19:55 -0800 To: rmilner@nmt.edu Cc: sage-members@usenix.org Subject: Re: [SAGE] number of eggs in a basket In-reply-to: Your message of Fri, 07 Jan 2005 14:10:41 MST. <41DEFAD1.2080009@nmt.edu> Date: Fri, 07 Jan 2005 18:19:55 -0800 From: John Sechrest Message-Id: Sender: owner-sage-members@usenix.org Precedence: bulk Ruth Milner writes: % Any system goes down from time to time, whether planned or not, % due to hardware/software/power upgrades/failures/etc. If you % distribute 10 services across 10 servers instead of one, it is 10 % times more likely that some sort of hardware or system software % problem will take out a service. The clients will therefore see % more outages overall. Of course, with modern computers, that % probability for a single system is very small; but it may go % from negligible to measurable when multiplied by 10 or more. We know from Pattersons work that 90% of outages are a result of mis-steps by system administrators. So adding 10 times the hardward does not mean that the number of outages will go up by a factor of 10. And if you simplify the configuration issues by eliminating interdependencies, then in fact while the hardware oriented outages may go up by a factor of 10, the over all outages may actually go down. So this is more complex than presented. ----- John Sechrest . Helping people use . computers and the Internet . more effectively . . Internet: sechrest@peak.org . . http://www.peak.org/~sechrest From sage-members-owner@usenix.org Fri Jan 7 19:06:23 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0836Nn3023867 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 19:06:23 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0836NPM023866 for sage-members-outgoing; Fri, 7 Jan 2005 19:06:23 -0800 (PST) Received: from mxsf09.cluster1.charter.net (mxsf09.cluster1.charter.net [209.225.28.209]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0836Kn2023861 for ; Fri, 7 Jan 2005 19:06:21 -0800 (PST) Received: from mxip06.cluster1.charter.net (mxip06a.cluster1.charter.net [209.225.28.136]) by mxsf09.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id j083687s002031 for ; Fri, 7 Jan 2005 22:06:09 -0500 Received: from 24.247.214.232.bay.mi.chartermi.net (HELO lokkur.dexter.mi.us) (24.247.214.232) by mxip06.cluster1.charter.net with ESMTP; 07 Jan 2005 22:06:08 -0500 X-Ironport-AV: i="3.88,110,1102309200"; d="scan'208"; a="527804769:sNHT13572852" Received: by lokkur.dexter.mi.us (Postfix, from userid 1000) id 5F58016CEC0; Sat, 8 Jan 2005 04:45:29 -0500 (EST) Date: Sat, 8 Jan 2005 04:45:29 -0500 From: Steve Simmons To: Brad Knowles Cc: Steve Simmons , sage-members@sage.org Subject: Re: [SAGE] number of eggs in a basket Message-ID: <20050108094529.GC8033@lokkur.dexter.mi.us> References: <20050106223237.GK18275@netmeister.org> <20050107164343.GA29076@parhelion.globnix.org> <20050108034645.GA7081@lokkur.dexter.mi.us> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 07, 2005 at 10:44:12PM +0100, Brad Knowles wrote: > > With DNS, any machine that has a copy of the zone files and can do > > virtual IP interfaces will work just fine . . . > It depends on what you mean by "dies". There are certain kinds > of failures that may happen within the application which would be > propagated to all the secondaries, and would not necessarily be > detectable by the monitoring system. Of course, hence my 'hand wave, hand wave' earlier in the note. The goal may be seamless failover, but most places settle for very short minimum TTR - where the R stands for 'Restore The Service', not 'Repair'. And for DNS, the scheme works -- if the DNS server really crashes, by the time you are convinced and put the backup on-line, the ARP caches are largely timed out anyway. Note also that I'm not talking about secondary DNS servers, but restoration of a primary. The backup machine has full copies of the zone files, so it can step into the primarys IP address and most machines don't even know the service went away. > Anyway, it all comes down to this -- YMMV. You need to do the > cost/benefit analysis and figure out what works best for you. Absolutely. > -- Benjamin Franklin (1706-1790), reply of the Pennsylvania > Assembly to the Governor, November 11, 1755 > > SAGE member since 1995. See for more info. Benjamin Franklin was a Sage member? :-) -- "There's a lot of my personality in my characters. I think that's why smart-asses are over-represented." Christopher Moore, in http://www.chrismoore.com/world_domination.htm From sage-members-owner@usenix.org Fri Jan 7 20:10:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j084Akn3024762 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 20:10:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j084AjQN024761 for sage-members-outgoing; Fri, 7 Jan 2005 20:10:45 -0800 (PST) Received: from mdev.river.com (yampa.river.com [206.168.112.68]) by usenix.org (8.12.10/8.12.10) with ESMTP id j084Ain2024756 for ; Fri, 7 Jan 2005 20:10:44 -0800 (PST) Received: from localhost (v13.river.com [206.168.117.188]) by mdev.river.com (Postfix) with ESMTP id D132123F46; Fri, 7 Jan 2005 21:10:30 -0700 (MST) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050106223237.GK18275@netmeister.org> References: <20050106223237.GK18275@netmeister.org> Date: Fri, 7 Jan 2005 21:09:34 -0700 To: Jan Schaumann From: "Richard Johnson" Subject: Re: [SAGE] number of eggs in a basket Cc: sage-members@sage.org Content-Type: text/plain; charset="us-ascii" Sender: owner-sage-members@usenix.org Precedence: bulk At 17:32 -0500 on 2005-01-06, Jan Schaumann wrote: > I have a system that basically is a single point of failure: if it's > down, nothing goes. The services on that machine are WWW, NIS, NFS and > mail. Mail is delivered to ~/.mail so mail can be read via NFS and need > not be fetched. I watched folks at my day job make just that mistake. One stolen password later, and they were rebuilding every single workstation in the department as well. Setuid binary "mistakes" like the one used to compromise the workstations are easy to make when you let users log in to an NFS server... That kind of oops converts a compromise of just one basket into a multi-basket deal, and likely makes your organization into a basket case. If you must use NFS, don't let users onto the server, and make sure that the clients all mount safely. For similar reasons, you probably don't want user accounts on a web server either. Put 'em on a publishing server instead, and push the files over. The goal for anyone who has been through what my coworkers had to do swiftly becomes one of minimizing the number of baskets they have to rebuild on an emergency basis. ;-) Richard From sage-members-owner@usenix.org Fri Jan 7 20:39:58 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j084dwn3025491 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 20:39:58 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j084dwXF025490 for sage-members-outgoing; Fri, 7 Jan 2005 20:39:58 -0800 (PST) Received: from mailhost.nmt.edu (mailhost.NMT.EDU [129.138.4.52]) by usenix.org (8.12.10/8.12.10) with ESMTP id j084dtn3025485 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 7 Jan 2005 20:39:56 -0800 (PST) Received: from [129.138.88.153] (marcopolo.nmt.edu [129.138.88.153]) (authenticated bits=0) by mailhost.nmt.edu (8.13.0/8.13.0) with ESMTP id j084dmEl022339 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 7 Jan 2005 21:39:49 -0700 Message-ID: <41DF6422.2040007@nmt.edu> Date: Fri, 07 Jan 2005 21:40:02 -0700 From: Ruth Milner Reply-To: rmilner@nmt.edu User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040514 X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@usenix.org Subject: Re: [SAGE] number of eggs in a basket References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk John Sechrest wrote: > We know from Pattersons work that 90% of outages are a result > of mis-steps by system administrators. > So adding 10 times the hardward does not mean that the > number of outages will go up by a factor of 10. What I said was that it was "10x more likely that some sort of hardware or *system software* problem will take out a service". I didn't put a number on the overall *total* number of failures, only that it would increase (which is absolutely the case). The cause doesn't really matter, though: if you have 10x the number of machines for sysadmin missteps to be made on, then the overall total failure incidents are likewise going to increase - though not necessarily linearly. > if you simplify the configuration issues by eliminating > interdependencies Or, to phrase it as I did: Interdependencies can actually be reduced by separating services. We are not in disagreement AFAICT. > So this is more complex than presented. Well, I did say a little more than just that one quoted paragraph. :-) My point in that bit was where the idea might come from that the number of failures would increase by decentralizing, which at least one respondent had questioned. This does not make decentralization bad; as everyone has been saying (including me), it's a complex issue. The point is that decentralization also has costs that shouldn't be glossed over, especially in a small shop. Ruth Milner From sage-members-owner@usenix.org Fri Jan 7 22:08:32 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0868Wn3026464 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 7 Jan 2005 22:08:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0868WXm026463 for sage-members-outgoing; Fri, 7 Jan 2005 22:08:32 -0800 (PST) Received: from metro.dst.or.us (pyrite.metro-region.org [67.138.101.226]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0868Pn2026458 for ; Fri, 7 Jan 2005 22:08:31 -0800 (PST) Received: from MetCen-MTA by metro.dst.or.us with Novell_GroupWise; Fri, 07 Jan 2005 22:08:14 -0800 Message-Id: X-Mailer: Novell GroupWise Internet Agent 6.5.2 Date: Fri, 07 Jan 2005 22:07:55 -0800 From: "John Miller" To: Subject: [SAGE] number of eggs in my inbox Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-sage-members@usenix.org Precedence: bulk I don't know about anyone else, but all these eggs in my inbox are getting mixed in with SPAM.... Mr. Bun (Eric Idle): Morning. Waitress (Terry Jones): Morning. Mr. Bun: What have you got, then? Waitress: Well, there's egg and bacon; egg, sausage, and bacon; egg and SPAM; egg, bacon, and SPAM; egg, bacon, sausage and SPAM; SPAM, bacon, sausage, and SPAM; SPAM, egg, SPAM, SPAM, bacon, and SPAM; SPAM, SPAM, SPAM, egg, and SPAM; SPAM, SPAM, SPAM, SPAM, SPAM, SPAM, baked beans, SPAM, SPAM, SPAM, and SPAM; or lobster thermidor aux crevettes with a mornay sauce garnished with truffle pate, brandy, and a fried egg on top and SPAM. --- Next we can all sing, "He's a lumberjack and he's OK!" Good sysadmin theme song. From sage-members-owner@usenix.org Sat Jan 8 01:33:39 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j089Xcn3001104 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 8 Jan 2005 01:33:39 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j089XctW001103 for sage-members-outgoing; Sat, 8 Jan 2005 01:33:38 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j089Xan3001098 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 8 Jan 2005 01:33:37 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j089X8Ju038984; Sat, 8 Jan 2005 04:33:15 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <41DF6422.2040007@nmt.edu> References: <41DF6422.2040007@nmt.edu> Date: Sat, 8 Jan 2005 10:28:19 +0100 To: rmilner@nmt.edu From: Brad Knowles Subject: Re: [SAGE] number of eggs in a basket Cc: sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 9:40 PM -0700 2005-01-07, Ruth Milner wrote: > What I said was that it was "10x more likely that some sort of > hardware or *system software* problem will take out a service". I'm not convinced. If you have N+M load-balanced/fail-over clusters, the probability of the entire service being taken out by a single hardware or system software failure should approach zero. > I didn't put a number on the overall *total* number of failures, > only that it would increase (which is absolutely the case). The > cause doesn't really matter, though: if you have 10x the number > of machines for sysadmin missteps to be made on, then the overall > total failure incidents are likewise going to increase - though > not necessarily linearly. If you're using the right admin tools, a site with 100,000 machines may have a lower overall probability of an "admin oops" taking out a significant chunk of the system as compared to a smaller site with just 100 machines or even just one machine, if they don't have the right tools. > Well, I did say a little more than just that one quoted paragraph. > :-) My point in that bit was where the idea might come from that > the number of failures would increase by decentralizing, which at > least one respondent had questioned. The total potential number of failures may go up, but if the system is designed correctly, those should be accounted for and should not be a visible impact on the overall services being provided. You should be able to take a hit overnight (or over the weekend), get notified by e-mail, and then fix it whenever you feel like getting around to it the next working day. At least, for most types of hits. > This does not make decentralization bad; as everyone has been > saying (including me), it's a complex issue. The point is that > decentralization also has costs that shouldn't be glossed over, > especially in a small shop. Fair enough. YMMV, definitely. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Sat Jan 8 09:01:35 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j08H1Zn3011634 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 8 Jan 2005 09:01:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j08H1Z7J011633 for sage-members-outgoing; Sat, 8 Jan 2005 09:01:35 -0800 (PST) Received: from mxsf24.cluster1.charter.net (mxsf24.cluster1.charter.net [209.225.28.224]) by usenix.org (8.12.10/8.12.10) with ESMTP id j08H1Wn2011628 for ; Sat, 8 Jan 2005 09:01:33 -0800 (PST) Received: from mxip12.cluster1.charter.net (mxip12a.cluster1.charter.net [209.225.28.142]) by mxsf24.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id j08H1CNR001113 for ; Sat, 8 Jan 2005 12:01:16 -0500 Received: from 24.247.214.232.bay.mi.chartermi.net (HELO lokkur.dexter.mi.us) (24.247.214.232) by mxip12.cluster1.charter.net with ESMTP; 08 Jan 2005 12:01:12 -0500 X-Ironport-AV: i="3.88,110,1102309200"; d="scan'208"; a="714956553:sNHT16724476" Received: by lokkur.dexter.mi.us (Postfix, from userid 1000) id 206F616CEC0; Sat, 8 Jan 2005 18:40:52 -0500 (EST) Date: Sat, 8 Jan 2005 18:40:52 -0500 From: Steve Simmons To: Brad Knowles Cc: rmilner@nmt.edu, sage-members@usenix.org Subject: Re: [SAGE] number of eggs in a basket Message-ID: <20050108234051.GA5650@lokkur.dexter.mi.us> References: <41DF6422.2040007@nmt.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk On Sat, Jan 08, 2005 at 10:28:19AM +0100, Brad Knowles wrote: > At 9:40 PM -0700 2005-01-07, Ruth Milner wrote: > > > What I said was that it was "10x more likely that some sort of > > hardware or *system software* problem will take out a service". > > I'm not convinced. If you have N+M load-balanced/fail-over > clusters, the probability of the entire service being taken out by a > single hardware or system software failure should approach zero. I think you're both right, you're just talking about different sized clients. Few companies are rich enough or large enough to justify the N+M model for N+M > 3. AOLs schema is frigging brilliant, but they're far and away a different beast from the 100-person programming shop. Very few small shops has services that require absolutely-by-God-must- be-there-7x24x60x60 service availability. In the few cases where they do require such a service, I'd bet that the majority are some sort of web site. In those cases, they ought to be farming out the hosting and connectivity to a well-qualified, well-vetted service. The rest of the shops can survive 15 minutes of downtime just fine. Servers that you manually fail over can give you that in most cases, tho file service is probably an exception. N+M is great in the right place. For places that can afford 15 minutes of downtime 4 times a year, it's overkill. As Ruth and others have said (including me), everybody's mileage varies. From sage-members-owner@usenix.org Sun Jan 9 13:30:04 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j09LU3n3003800 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 9 Jan 2005 13:30:03 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j09LU3aj003799 for sage-members-outgoing; Sun, 9 Jan 2005 13:30:03 -0800 (PST) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.200]) by usenix.org (8.12.10/8.12.10) with ESMTP id j09LU1n2003794 for ; Sun, 9 Jan 2005 13:30:02 -0800 (PST) Received: by rproxy.gmail.com with SMTP id 40so12504rnz for ; Sun, 09 Jan 2005 13:29:52 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=qkpUC22dNiMaxGANFhbCVHuN+qNH59ZG4tUYbBf7HBfE4e77WHNLPQJTTRR91nDyPP17cPmsUrFR/xy1KuJMK6vXB/3ve/dZvfzC7lMfX4K/gizzTClYkiQGCTEI/xzF0SBZ20YA9MCXCtxx93GQOL9GeRJhhTxFvMH6hofr13w= Received: by 10.38.8.52 with SMTP id 52mr176502rnh; Sun, 09 Jan 2005 13:29:52 -0800 (PST) Received: by 10.38.179.78 with HTTP; Sun, 9 Jan 2005 13:29:52 -0800 (PST) Message-ID: <82a71f8a05010913297aa5f1f6@mail.gmail.com> Date: Sun, 9 Jan 2005 13:29:52 -0800 From: Doug Hanks Reply-To: Doug Hanks To: SAGE Members Subject: [SAGE] Lex and Yacc Experts? Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Any Lex and Yacc experts? I'm trying to figure out how to create a parser that would read bind-like configuration files. I have the lex and yacc book and found several online examples, but I am not having a lot of luck. An example included with the lex and yacc files would be much appreciated. -- - Doug Hanks = dhanks(at)gmail(dot)com From sage-members-owner@usenix.org Mon Jan 10 12:52:24 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0AKqNn3027207 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 10 Jan 2005 12:52:24 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0AKqNGp027206 for sage-members-outgoing; Mon, 10 Jan 2005 12:52:23 -0800 (PST) Received: from mail3.bitpusher.com (monitor.bitpusher.com [64.127.99.32]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0AKqMn2027200 for ; Mon, 10 Jan 2005 12:52:22 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail3.bitpusher.com (Postfix) with ESMTP id 896543259 for ; Mon, 10 Jan 2005 12:52:04 -0800 (PST) Received: from mail3.bitpusher.com ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 06792-02 for ; Mon, 10 Jan 2005 12:52:01 -0800 (PST) Received: from mail3.bitpusher.com (localhost [127.0.0.1]) by mail3.bitpusher.com (Postfix) with ESMTP id 89139321D for ; Mon, 10 Jan 2005 12:52:01 -0800 (PST) Received: from 66.150.251.142 (SquirrelMail authenticated user michael@halligan.org); by mail3.bitpusher.com with HTTP; Mon, 10 Jan 2005 12:52:01 -0800 (PST) Message-ID: <53545.66.150.251.142.1105390321.squirrel@mail3.bitpusher.com> Date: Mon, 10 Jan 2005 12:52:01 -0800 (PST) Subject: [SAGE] DC area datacenter recommendations? From: "Michael T. Halligan" To: sage-members@sage.org User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at bitpusher.com Sender: owner-sage-members@usenix.org Precedence: bulk Can anybody recommend a good carrier-neutral facility in the DC area? ------------------- BitPusher, LLC http://www.bitpusher.com/ 1.888.9PUSHER (415) 724.7998 - Mobile From sage-members-owner@usenix.org Mon Jan 10 13:56:16 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0ALuFn3028537 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 10 Jan 2005 13:56:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0ALuFQM028536 for sage-members-outgoing; Mon, 10 Jan 2005 13:56:15 -0800 (PST) Received: from yes.devclue.com (yes.devclue.com [69.55.238.167]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0ALuDn3028531 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Mon, 10 Jan 2005 13:56:14 -0800 (PST) Received: from yes.devclue.com (HELO yes) (69.55.238.167) by yes.devclue.com (qpsmtpd/0.28-dev) with ESMTP; Mon, 10 Jan 2005 13:56:06 -0800 Date: Mon, 10 Jan 2005 13:56:04 -0800 (PST) From: sabrina downard X-X-Sender: viv@yes.devclue.com Reply-To: viv@ziggurat.org To: sage-members@sage.org Subject: [SAGE] Chicago local SAGE forming! Come join us. Message-ID: <20050106133005.T88340@yes.devclue.com> X-JHP-Quote: I don't mind sexual depravity -- but I just can't stomach poor spelling. X-GPG-Public-key: http://ziggurat.org/sabrina/misc/viv.pub.asc MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk If you're in Chicago or nearabouts, please come join us (and tell all your friends) as we get together the first chi-sage local meeting in, oh, five years or so. :-) Our mailing list is available as well, and you can find it at https://listhost.uchicago.edu/mailman/listinfo/chi-sage We'll be meeting on Tuesday, the 25th of January, at 6 PM, at the University of Chicago GSB Gleacher Center, located at 450 N. Cityfront Plaza Drive -- between the Tribune Tower and NBC Tower, downtown. Map: http://gsbwww.uchicago.edu/maps/gleacherupper.html Our speaker will be John Valdes, system administrator at the U of C Astronomy and Astrophysics Department, with an introduction to using cfengine. The talk will begin at 6:15 and run until approximately 7, and it will be followed by general discussion until 8PM. If you can't join us immediately after work, consider stopping by the Billy Goat on lower Michigan after the meeting, for a cheeseborger, beer, and socializing with colleagues who'll get your "what was your username, again?" jokes. Feel free to get in touch if you have any questions or comments! --sabrina :) From sage-members-owner@usenix.org Mon Jan 10 16:01:40 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0B01en3001553 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 10 Jan 2005 16:01:40 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0B01e1q001552 for sage-members-outgoing; Mon, 10 Jan 2005 16:01:40 -0800 (PST) Received: from kira.monsoonwind.com ([198.144.196.116]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0B01cn2001547 for ; Mon, 10 Jan 2005 16:01:38 -0800 (PST) Received: from hamner.monsoonwind.com (hamner.monsoonwind.com [192.168.128.2]) by kira.monsoonwind.com (8.12.10/8.12.9) with ESMTP id j0B04Mqk021347 for ; Tue, 11 Jan 2005 00:04:22 GMT Received: from ssl.monsoonwind.com (localhost [127.0.0.1]) by hamner.monsoonwind.com (8.12.9/8.12.9) with ESMTP id j0B01KjJ000504 for ; Tue, 11 Jan 2005 00:01:20 GMT Received: from 192.55.4.36 (SquirrelMail authenticated user lanning); by ssl.monsoonwind.com with HTTP; Mon, 10 Jan 2005 16:01:20 -0800 (PST) Message-ID: <38004.192.55.4.36.1105401680.squirrel@192.55.4.36> In-Reply-To: References: Date: Mon, 10 Jan 2005 16:01:20 -0800 (PST) Subject: Re: [SAGE] number of eggs in my inbox From: "Robert Hajime Lanning" To: sage-members@usenix.org User-Agent: SquirrelMail/1.5.1 [CVS] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Spam-Score: 0.704 () PRIORITY_NO_NAME X-Scanned-By: MIMEDefang 2.39 Sender: owner-sage-members@usenix.org Precedence: bulk [snip] > SPAM, SPAM, SPAM, and SPAM; You forgot the Vikings!!!!! "Oh wonderful SPAM!" > Next we can all sing, "He's a lumberjack and he's OK!" > Good sysadmin theme song. Don't know on that, it might go against those transvestites among us. :) -- END OF LINE -MCP From sage-members-owner@usenix.org Tue Jan 11 06:57:51 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0BEvpn3025936 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 11 Jan 2005 06:57:51 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0BEvpk1025935 for sage-members-outgoing; Tue, 11 Jan 2005 06:57:51 -0800 (PST) Received: from chat.adphila.org (mail.adphila.org [64.9.9.72]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0BEvnn2025929 for ; Tue, 11 Jan 2005 06:57:49 -0800 (PST) Received: by chat.adphila.org (Postfix, from userid 503) id CB73A31BD6; Tue, 11 Jan 2005 09:57:30 -0500 (EST) Received: from gw1.adphila.org (mail.adphila.org [172.19.2.123]) by chat.adphila.org (Postfix) with ESMTP id 2161B31B66 for ; Tue, 11 Jan 2005 09:57:27 -0500 (EST) Received: from AOC-MTA by gw1.adphila.org with Novell_GroupWise; Tue, 11 Jan 2005 09:57:13 -0500 Message-Id: X-Mailer: Novell GroupWise Internet Agent 6.5.2 Date: Tue, 11 Jan 2005 09:56:44 -0500 From: "John Boris" To: Subject: [SAGE] Looking for help with SCO Open Server Print Services X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on chat.adphila.org X-Spam-Level: X-Spam-Status: No, hits=-4.8 required=4.3 tests=AWL,BAYES_00 autolearn=ham version=2.63 X-Sanitizer: AOC-ITS Mail Filter MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-sage-members@usenix.org Precedence: bulk I have a problem that cleared up by itself on one of my servers but is still occurring on another. I have a group of servers located around the county that talk back to my office via our WAN over TCP/IP. They are all SCO OpenServer 5.0.6 boxes. For what ever reason last week two of these servers could no longer print to the server in my office. The lpstat output says that server1 lost connection to server2. and server3 lost connection to server2. It also says that it is waiting for server 2 to come up. I can ssh to the boxes that can't print. Nothing changed on these servers and from what I can see in the logs there aren't any messages except for the lost connection message. While troubleshooting this the one server just started printing. So I moved to the next one trying to repeat my troubleshooting steps but to no avail. There is a firewall between these servers and the rules haven't been changed. We looked there and even reloaded the rules. Searching SCO's Knowledge Center is no help. Are there any other SCO users on the list that have seen this. John J. Boris, Sr. JEN-A-SyS Administrator Archdiocese of Philadelphia 222 North 17th Street Philadelphia, Pa. 19103 Tel: 215-965-1714 Fax: 215-587-3525 "Remember! That light at the end of the tunnel Just might be the headlight of an oncoming train!" From sage-members-owner@usenix.org Tue Jan 11 10:59:20 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0BIxJn3029512 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 11 Jan 2005 10:59:20 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0BIxJas029511 for sage-members-outgoing; Tue, 11 Jan 2005 10:59:19 -0800 (PST) Received: from shire.hbsrx.com (firewall.hbsrx.com [207.87.39.194]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0BIxGn2029504 for ; Tue, 11 Jan 2005 10:59:17 -0800 (PST) Received: (from tom@localhost) by shire.hbsrx.com (8.11.6/8.11.6) id j0BIx6v29240 for sage-members@sage.org; Tue, 11 Jan 2005 13:59:06 -0500 Date: Tue, 11 Jan 2005 13:59:05 -0500 From: Thomas J Pinkl To: sage-members@sage.org Subject: [SAGE] Re: Looking for help with SCO Open Server Print Services Message-ID: <20050111135905.A28553@shire.hbsrx.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from jboris@adphila.org on Tue, Jan 11, 2005 at 09:56:44AM -0500 Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, Jan 11, 2005 at 09:56:44AM -0500, John Boris wrote: > I have a problem that cleared up by itself on one of my servers but is > still occurring on another. > I have a group of servers located around the county that talk back to > my office via our WAN over TCP/IP. They are all SCO OpenServer 5.0.6 > boxes. For what ever reason last week two of these servers could no > longer print to the server in my office. The lpstat output says that > server1 lost connection to server2. and server3 lost connection to > server2. It also says that it is waiting for server 2 to come up. I can > ssh to the boxes that can't print. Nothing changed on these servers and > from what I can see in the logs there aren't any messages except for the > lost connection message. > While troubleshooting this the one server just started printing. So I > moved to the next one trying to repeat my troubleshooting steps but to > no avail. > There is a firewall between these servers and the rules haven't been > changed. We looked there and even reloaded the rules. > Searching SCO's Knowledge Center is no help. Are there any other SCO > users on the list that have seen this. John, I've had similar issues with network printing on OpenServer 5.0.5. I have no experience with 5.0.6 or 5.0.7. While I don't know the root cause (other than a buggy lpd server), I've been able to restore print services by killing all of the "lpd" processes and then restarting the lpd server with "/usr/lib/lpd -l". -- Thomas J. Pinkl 738 Louis Drive Unix Systems Programmer Warminster, Pa 18974 Health Business Systems, Inc. (215) 442-9300 x9260 From sage-members-owner@usenix.org Tue Jan 11 11:43:21 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0BJhKn3000792 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 11 Jan 2005 11:43:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0BJhKSA000791 for sage-members-outgoing; Tue, 11 Jan 2005 11:43:20 -0800 (PST) Received: from chat.adphila.org (mail.adphila.org [64.9.9.72]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0BJhJn2000784 for ; Tue, 11 Jan 2005 11:43:19 -0800 (PST) Received: by chat.adphila.org (Postfix, from userid 503) id 7299631BC8; Tue, 11 Jan 2005 14:43:06 -0500 (EST) Received: from gw1.adphila.org (mail.adphila.org [172.19.2.123]) by chat.adphila.org (Postfix) with ESMTP id 97C2231BEE for ; Tue, 11 Jan 2005 14:43:03 -0500 (EST) Received: from AOC-MTA by gw1.adphila.org with Novell_GroupWise; Tue, 11 Jan 2005 14:42:45 -0500 Message-Id: X-Mailer: Novell GroupWise Internet Agent 6.5.2 Date: Tue, 11 Jan 2005 14:42:21 -0500 From: "John Boris" To: Cc: Subject: [SAGE] Re: Looking for help with SCO Open Server Print Services X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on chat.adphila.org X-Spam-Level: X-Spam-Status: No, hits=-3.4 required=4.3 tests=AWL,BAYES_00,BigEvilList_RX, NO_EXPERIENCE autolearn=no version=2.63 X-Sanitizer: AOC-ITS Mail Filter MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-sage-members@usenix.org Precedence: bulk Tom, Thanks for the reply but that didn't fix it. John J. Boris, Sr. JEN-A-SyS Administrator Archdiocese of Philadelphia 222 North 17th Street Philadelphia, Pa. 19103 Tel: 215-965-1714 Fax: 215-587-3525 "Remember! That light at the end of the tunnel Just might be the headlight of an oncoming train!" >>> Thomas J Pinkl 1/11/2005 1:59:05 PM >>> On Tue, Jan 11, 2005 at 09:56:44AM -0500, John Boris wrote: > I have a problem that cleared up by itself on one of my servers but is > still occurring on another. > I have a group of servers located around the county that talk back to > my office via our WAN over TCP/IP. They are all SCO OpenServer 5.0.6 > boxes. For what ever reason last week two of these servers could no > longer print to the server in my office. The lpstat output says that > server1 lost connection to server2. and server3 lost connection to > server2. It also says that it is waiting for server 2 to come up. I can > ssh to the boxes that can't print. Nothing changed on these servers and > from what I can see in the logs there aren't any messages except for the > lost connection message. > While troubleshooting this the one server just started printing. So I > moved to the next one trying to repeat my troubleshooting steps but to > no avail. > There is a firewall between these servers and the rules haven't been > changed. We looked there and even reloaded the rules. > Searching SCO's Knowledge Center is no help. Are there any other SCO > users on the list that have seen this. John, I've had similar issues with network printing on OpenServer 5.0.5. I have no experience with 5.0.6 or 5.0.7. While I don't know the root cause (other than a buggy lpd server), I've been able to restore print services by killing all of the "lpd" processes and then restarting the lpd server with "/usr/lib/lpd -l". -- Thomas J. Pinkl 738 Louis Drive Unix Systems Programmer Warminster, Pa 18974 Health Business Systems, Inc. (215) 442-9300 x9260 From sage-members-owner@usenix.org Tue Jan 11 12:30:09 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0BKU9n3002173 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 11 Jan 2005 12:30:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0BKU9b2002172 for sage-members-outgoing; Tue, 11 Jan 2005 12:30:09 -0800 (PST) Received: from chat.adphila.org (mail.adphila.org [64.9.9.72]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0BKU7n2002165 for ; Tue, 11 Jan 2005 12:30:07 -0800 (PST) Received: by chat.adphila.org (Postfix, from userid 503) id C861C31BEE; Tue, 11 Jan 2005 15:29:54 -0500 (EST) Received: from gw1.adphila.org (mail.adphila.org [172.19.2.123]) by chat.adphila.org (Postfix) with ESMTP id 3305631BDF for ; Tue, 11 Jan 2005 15:29:54 -0500 (EST) Received: from AOC-MTA by gw1.adphila.org with Novell_GroupWise; Tue, 11 Jan 2005 15:29:45 -0500 Message-Id: X-Mailer: Novell GroupWise Internet Agent 6.5.2 Date: Tue, 11 Jan 2005 15:29:30 -0500 From: "John Boris" To: Cc: Subject: [SAGE] Re: Looking for help with SCO Open Server Print Services X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on chat.adphila.org X-Spam-Level: X-Spam-Status: No, hits=-3.4 required=4.3 tests=AWL,BAYES_00,BigEvilList_RX, NO_EXPERIENCE autolearn=no version=2.63 X-Sanitizer: AOC-ITS Mail Filter MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-sage-members@usenix.org Precedence: bulk Tom, I got it to work I stopped and started lpd on the server that managed the printer and things started working. Thanks for the tip. >>> Thomas J Pinkl 1/11/2005 1:59:05 PM >>> On Tue, Jan 11, 2005 at 09:56:44AM -0500, John Boris wrote: > I have a problem that cleared up by itself on one of my servers but is > still occurring on another. > I have a group of servers located around the county that talk back to > my office via our WAN over TCP/IP. They are all SCO OpenServer 5.0.6 > boxes. For what ever reason last week two of these servers could no > longer print to the server in my office. The lpstat output says that > server1 lost connection to server2. and server3 lost connection to > server2. It also says that it is waiting for server 2 to come up. I can > ssh to the boxes that can't print. Nothing changed on these servers and > from what I can see in the logs there aren't any messages except for the > lost connection message. > While troubleshooting this the one server just started printing. So I > moved to the next one trying to repeat my troubleshooting steps but to > no avail. > There is a firewall between these servers and the rules haven't been > changed. We looked there and even reloaded the rules. > Searching SCO's Knowledge Center is no help. Are there any other SCO > users on the list that have seen this. John, I've had similar issues with network printing on OpenServer 5.0.5. I have no experience with 5.0.6 or 5.0.7. While I don't know the root cause (other than a buggy lpd server), I've been able to restore print services by killing all of the "lpd" processes and then restarting the lpd server with "/usr/lib/lpd -l". -- Thomas J. Pinkl 738 Louis Drive Unix Systems Programmer Warminster, Pa 18974 Health Business Systems, Inc. (215) 442-9300 x9260 From sage-members-owner@usenix.org Wed Jan 12 11:12:45 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CJCin3029293 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 11:12:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CJCi4i029291 for sage-members-outgoing; Wed, 12 Jan 2005 11:12:44 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CJCgn2029286 for ; Wed, 12 Jan 2005 11:12:43 -0800 (PST) Received: (qmail 77792 invoked by uid 18647); 12 Jan 2005 19:12:33 -0000 Date: Wed, 12 Jan 2005 11:12:33 -0800 From: Philip Brown To: sage-members@sage.org Subject: [SAGE] web form handling software Message-ID: <20050112111233.C68082@bolthole.com> Mail-Followup-To: sage-members@sage.org References: <20050106223237.GK18275@netmeister.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from brad@stop.mail-abuse.org on Fri, Jan 07, 2005 at 12:28:53AM +0100 Sender: owner-sage-members@usenix.org Precedence: bulk Would anyone have a recommendation for free, or at minimum cheap (to universities) software, for handling web forms? What I think we need, is something that makes the following easy(er): 1. creation and adjustment of web based forms, by non-techies 2. handles collection of actual data by people clicking "submit" on the form I'm pessimistic as to our options, so I would be interested in hearing about something free even if it only meets #1. But it has to be usable by true "non-techies", eg: web-gui. No, "perl templating makes it 'easy' to make forms in an editor", please :-) From sage-members-owner@usenix.org Wed Jan 12 11:20:17 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CJKHn3029586 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 11:20:17 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CJKHiV029584 for sage-members-outgoing; Wed, 12 Jan 2005 11:20:17 -0800 (PST) Received: from mail.reptiles.org (mail.reptiles.org [198.96.119.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CJKFn2029579 for ; Wed, 12 Jan 2005 11:20:15 -0800 (PST) Received: from mail.reptiles.org([198.96.119.1] port=1381) (1616 bytes) by mail.reptiles.org([198.96.119.1] port=25) via TCP with esmtp (sender: ) id for ; (dest:remote)(R=bind_hosts)(T=inet_zone_bind_smtp) Wed, 12 Jan 2005 14:20:05 -0500 (EST) (Smail-3.2.0.118 2004-May-31 #3 built 2004-Oct-14) Date: Wed, 12 Jan 2005 14:20:02 -0500 (EST) From: Cat Okita To: Philip Brown cc: sage-members@sage.org Subject: Re: [SAGE] web form handling software In-Reply-To: <20050112111233.C68082@bolthole.com> Message-ID: <20050112141850.Y35130@skink.reptiles.org> References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 12 Jan 2005, Philip Brown wrote: > Would anyone have a recommendation for free, or at minimum cheap > (to universities) software, for handling web forms? > What I think we need, is something that makes the following easy(er): > > 1. creation and adjustment of web based forms, by non-techies > 2. handles collection of actual data by people clicking "submit" on the > form It's a bit sideways, but depending on the data that you need to collect, you might take a look at RT (http://www.bestpractical.com/rt), which has some pretty nice roll-your-own setups at a user level. cheerS! ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." From sage-members-owner@usenix.org Wed Jan 12 11:43:04 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CJh4n3000690 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 11:43:04 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CJh3IH000689 for sage-members-outgoing; Wed, 12 Jan 2005 11:43:03 -0800 (PST) Received: from mxsf04.cluster1.charter.net (mxsf04.cluster1.charter.net [209.225.28.204]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CJh2n2000680 for ; Wed, 12 Jan 2005 11:43:02 -0800 (PST) Received: from mxip11.cluster1.charter.net (mxip11a.cluster1.charter.net [209.225.28.141]) by mxsf04.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id j0CJgkBo016537 for ; Wed, 12 Jan 2005 14:42:48 -0500 Received: from cpe-24-107-225-41.ma.charter.com (HELO smtp.charter.net) (24.107.225.41) by mxip11.cluster1.charter.net with SMTP; 12 Jan 2005 14:42:46 -0500 X-Ironport-AV: i="3.88,118,1102309200"; d="scan'208"; a="723120473:sNHT17071400" Received: (nullmailer pid 29698 invoked by uid 1000); Wed, 12 Jan 2005 19:42:46 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <16869.32182.48902.263230@smtp.charter.net> Date: Wed, 12 Jan 2005 14:42:46 -0500 From: John Stoffel To: Philip Brown Cc: sage-members@sage.org Subject: Re: [SAGE] web form handling software In-Reply-To: <20050112111233.C68082@bolthole.com> References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> X-Mailer: VM 7.19 under Emacs 21.3.1 Sender: owner-sage-members@usenix.org Precedence: bulk Philip> Would anyone have a recommendation for free, or at minimum Philip> cheap (to universities) software, for handling web forms? There's tons of software out there for this type of stuff, whether it does what you want is debatable. Doing forms in HTTP is *hard*, especially if you want to be useable across a wide range of browsers. Philip> 1. creation and adjustment of web based forms, by non-techies I think this is where you're going to run into problems. Would it be ok to have a techie come up with the base form, and then have the users tweak it as needed? Philip> 2. handles collection of actual data by people clicking Philip> "submit" on the form This is not a good definition of a need. Does the data need to get inserted into a DB? Or put into an email message and sent to someone? How is the data to be sanitized and bounds checking done, etc? Philip> I'm pessimistic as to our options, so I would be interested in Philip> hearing about something free even if it only meets #1. But it Philip> has to be usable by true "non-techies", eg: web-gui. You won't find it sorry. IAt least I don't think you'll find it easily, since I was looking for something like this about a year ago and didn't find anything that came close. I ended up writing all my code in PHP, and I still don't have a data entry form working the way I want. Philip> No, "perl templating makes it 'easy' to make forms in an Philip> editor", please :-) You'll probably end up this route at some point no matter what. I was trying to do a basic, normalized database of children's publishers. Take a look at http://directory.mwa.org if you're interested. The schema of the data meant that there was just a few fixed fields, and then the rest could have varying numbers of entries. Very much like those record album databases used as examples in alot of web programming books. Including the O'Reilly mSQL/MySQL book. Unfortunately, writing a dynamic form to add/subtract fields dynacmically before the data is submitted is really hard. Or you have to break it down into sub-forms, etc. A pain. The closest I found was the PEAR::HTML_QuickForm, and the devlopers were pretty responsive. Take a look at: http://pear.php.net/package/HTML_QuickForm And you might find something there that will help you. Good luck, it's not an easy problem to solved due to the horrible limitations of the HTTP protocol. John From sage-members-owner@usenix.org Wed Jan 12 12:04:30 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CK4Tn3001779 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 12:04:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CK4TFb001778 for sage-members-outgoing; Wed, 12 Jan 2005 12:04:29 -0800 (PST) Received: from postoffice7.mail.cornell.edu (postoffice7.mail.cornell.edu [132.236.56.22]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CK4Rn2001771 for ; Wed, 12 Jan 2005 12:04:27 -0800 (PST) Received: from [128.253.64.63] (murmer.cit.cornell.edu [128.253.64.63]) by postoffice7.mail.cornell.edu (8.12.10/8.12.6) with ESMTP id j0CK4Iec028252 for ; Wed, 12 Jan 2005 15:04:19 -0500 (EST) Mime-Version: 1.0 X-Sender: tco2@postoffice7.mail.cornell.edu Message-Id: In-Reply-To: <20050112111233.C68082@bolthole.com> References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> Date: Wed, 12 Jan 2005 15:06:37 -0500 To: sage-members@sage.org From: Todd Olson Subject: Re: [SAGE] web form handling software Content-Type: text/plain; charset="us-ascii" Sender: owner-sage-members@usenix.org Precedence: bulk At 11:12 -0800 2005-01-12, Philip Brown wrote: >Would anyone have a recommendation for free, or at minimum cheap >(to universities) software, for handling web forms? >What I think we need, is something that makes the following easy(er): > >1. creation and adjustment of web based forms, by non-techies >2. handles collection of actual data by people clicking "submit" on the > form Perhaps FileMaker Pro (now in version 7) will do the job. http://www.filemaker.com/ It is not free but the time savings in creating the sort of things you seem to be after would be substantial. Regards, Todd Olson From sage-members-owner@usenix.org Wed Jan 12 12:21:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CKL1n3002586 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 12:21:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CKL0qO002583 for sage-members-outgoing; Wed, 12 Jan 2005 12:21:00 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CKKxn2002567 for ; Wed, 12 Jan 2005 12:20:59 -0800 (PST) Received: (qmail 61357 invoked by uid 18647); 12 Jan 2005 20:20:45 -0000 Date: Wed, 12 Jan 2005 12:20:44 -0800 From: Philip Brown To: sage-members@sage.org Subject: Re: [SAGE] web form handling software Message-ID: <20050112122044.A53380@bolthole.com> Mail-Followup-To: sage-members@sage.org References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> <16869.32182.48902.263230@smtp.charter.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <16869.32182.48902.263230@smtp.charter.net>; from john@stoffel.org on Wed, Jan 12, 2005 at 02:42:46PM -0500 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Jan 12, 2005 at 02:42:46PM -0500, John Stoffel wrote: > > Philip> Would anyone have a recommendation for free, or at minimum > Philip> cheap (to universities) software, for handling web forms? > ... > > Philip> 1. creation and adjustment of web based forms, by non-techies > > I think this is where you're going to run into problems. Would it be > ok to have a techie come up with the base form, and then have the > users tweak it as needed? Yes I think so. But does that really allow me to now evaluate a product? Please name one, if so :-) > > Philip> 2. handles collection of actual data by people clicking > Philip> "submit" on the form > > This is not a good definition of a need. Does the data need to get > inserted into a DB? Or put into an email message and sent to someone? > How is the data to be sanitized and bounds checking done, etc? At this point, I'll take ANY fulfilment of this description. even if it's as trivial as "saves it to a directory somewhere, in some format that can be reasonably read". [hi ex-CT folks!] Saving into a database would be the ultimate. but I'm not holding my breath. > > Good luck, it's not an easy problem to solved due to the horrible > limitations of the HTTP protocol. > It cant be that bad. Some webhosting companies already have 100% HTTP "create/edit your own web pages" web front ends. And some of them seem reasonable. (Trouble is, they're all custom to that ISP) Possibly even a "wiki" style of editing would be acceptible. eg: okay, still kinda in a "text editor", but the syntax is not like HTML or perl or ... dokuwiki has the following format for tables, for example: ^header1 ^header2 ^header3 ^ |col1 | col2 | col3 | I think even a non-techie could deal with that :-) f From sage-members-owner@usenix.org Wed Jan 12 12:26:48 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CKQln3003080 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 12:26:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CKQlY9003079 for sage-members-outgoing; Wed, 12 Jan 2005 12:26:47 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CKQkn2003074 for ; Wed, 12 Jan 2005 12:26:46 -0800 (PST) Received: (qmail 66914 invoked by uid 18647); 12 Jan 2005 20:26:36 -0000 Date: Wed, 12 Jan 2005 12:26:34 -0800 From: Philip Brown To: sage-members@sage.org Subject: Re: [SAGE] web form handling software Message-ID: <20050112122634.B53380@bolthole.com> Mail-Followup-To: sage-members@sage.org References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from tco2@cornell.edu on Wed, Jan 12, 2005 at 03:06:37PM -0500 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Jan 12, 2005 at 03:06:37PM -0500, Todd Olson wrote: > At 11:12 -0800 2005-01-12, Philip Brown wrote: > >Would anyone have a recommendation for free, or at minimum cheap > >(to universities) software, for handling web forms? > >What I think we need, is something that makes the following easy(er): > > > >1. creation and adjustment of web based forms, by non-techies > >2. handles collection of actual data by people clicking "submit" on the > > form > > Perhaps FileMaker Pro (now in version 7) will do the job. > http://www.filemaker.com/ > It is not free > but the time savings in creating the sort of things you seem to be after > would be substantial. Hey, that looks kinda slick. Any other competitors in this space that you know of? From sage-members-owner@usenix.org Wed Jan 12 12:37:19 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CKbIn3003720 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 12:37:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CKbITD003719 for sage-members-outgoing; Wed, 12 Jan 2005 12:37:18 -0800 (PST) Received: from diomedes.noc.ntua.gr (diomedes.noc.ntua.gr [147.102.222.220]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CKbFn2003713 for ; Wed, 12 Jan 2005 12:37:16 -0800 (PST) Received: from theseas.softlab.ece.ntua.gr (theseas.softlab.ece.ntua.gr [147.102.1.1]) by diomedes.noc.ntua.gr (8.13.1/8.13.1) with ESMTP id j0CKatNp084960; Wed, 12 Jan 2005 22:36:55 +0200 (EET) (envelope-from zvr@softlab.ece.ntua.gr) Received: from theseas.softlab.ece.ntua.gr (zvr@localhost [127.0.0.1]) by theseas.softlab.ece.ntua.gr (8.12.3/8.12.3/Debian-7.1) with ESMTP id j0CKasM5025584 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Wed, 12 Jan 2005 22:36:55 +0200 Received: (from zvr@localhost) by theseas.softlab.ece.ntua.gr (8.12.3/8.12.3/Debian-7.1) id j0CKasos025582; Wed, 12 Jan 2005 22:36:54 +0200 Date: Wed, 12 Jan 2005 22:36:54 +0200 From: Alexios Zavras To: John Stoffel Cc: Philip Brown , sage-members@sage.org Subject: Re: [SAGE] web form handling software Message-ID: <20050112203654.GA10783@softlab.ece.ntua.gr> References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> <16869.32182.48902.263230@smtp.charter.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <16869.32182.48902.263230@smtp.charter.net> User-Agent: Mutt/1.3.28i X-Mail-Address: P.O. Box 24071, GR-111 10 Athens, GREECE X-Home-Address: 13, Lykoudi St., GR-111 41 Athens, GREECE X-Work-Phone: +30-2108203900 X-Work-Fax: +30-2108203909 X-Home-Phone: +30-2102010669 X-Home-Fax: +30-2102010669 Sender: owner-sage-members@usenix.org Precedence: bulk John Stoffel wrote [edited]: > Philip> 1. creation and adjustment of web based forms, by non-techies [...] > Philip> [it] has to be usable by true "non-techies", eg: web-gui. [...] > Unfortunately, writing a dynamic form to add/subtract fields > dynacmically before the data is submitted is really hard. Or you have > to break it down into sub-forms, etc. A pain. One of the best such implementations I've seen it's the Opera Show Generator -- where you do exactly that: you fill a form (add/subtract fields, move them around, etc.). All client-based. Its result, btw, after "submit" is a HTML/CSS/Javascript-based presentation that can be run in Opera (and, I think, recent Mozilla implementations). And of course it can be just shown on the Web. Saved a lot of our non-techies from Powerpoint bloat, actually. Main link: http://my.opera.com/community/dev/operashow/ The generator: http://my.opera.com/community/dev/operashow/generator.html -- zvr -- ps. mind you, I've never actually used the generator with Internet Explorer, so this particular implementation may not be the end-all solution... -- -- zvr -- -- +---------------------------+ Alexios Zavras (-zvr-) | H eytyxia den exei enoxes | zvr@pobox.com +-----------------------zvr-+ From sage-members-owner@usenix.org Wed Jan 12 12:45:21 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CKjLn3004240 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 12:45:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CKjLfw004239 for sage-members-outgoing; Wed, 12 Jan 2005 12:45:21 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CKjJn2004234 for ; Wed, 12 Jan 2005 12:45:20 -0800 (PST) Received: (qmail 84340 invoked by uid 18647); 12 Jan 2005 20:45:11 -0000 Date: Wed, 12 Jan 2005 12:45:11 -0800 From: Philip Brown To: sage-members@sage.org Subject: Re: [SAGE] web form handling software Message-ID: <20050112124511.A75148@bolthole.com> Mail-Followup-To: sage-members@sage.org References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> <16869.32182.48902.263230@smtp.charter.net> <20050112203654.GA10783@softlab.ece.ntua.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20050112203654.GA10783@softlab.ece.ntua.gr>; from zvr@pobox.com on Wed, Jan 12, 2005 at 10:36:54PM +0200 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Jan 12, 2005 at 10:36:54PM +0200, Alexios Zavras wrote: > John Stoffel wrote [edited]: > > Philip> 1. creation and adjustment of web based forms, by non-techies > [...] > > Philip> [it] has to be usable by true "non-techies", eg: web-gui. > [...] > > Unfortunately, writing a dynamic form to add/subtract fields > > dynacmically before the data is submitted is really hard. Or you have > > to break it down into sub-forms, etc. A pain. > > One of the best such implementations I've seen > it's the Opera Show Generator -- where you do exactly that: > you fill a form (add/subtract fields, move them around, etc.). > All client-based. Err.. doesnt seem to quite be the same thing as what I'm requesting. As far as I can see, you fill out a "survey", and that does the creation of a predefined presentation. The content of the presentation is fixed. This seems similar to the "cssgarden" site, where it has the same content, but you just pick your favourite css wrapper to fit your styling. We need something that can change the actual "content". We want our (HR department/planning department/whoever) to be able to create lots of different forms for themselves, and modify them themselves. Not to mention we need something that will definately work for multiple browsers. From sage-members-owner@usenix.org Wed Jan 12 13:00:06 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CL06n3004909 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 13:00:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CL06xM004907 for sage-members-outgoing; Wed, 12 Jan 2005 13:00:06 -0800 (PST) Received: from mxsf41.cluster1.charter.net (mxsf41.cluster1.charter.net [209.225.28.173]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CL04n2004898 for ; Wed, 12 Jan 2005 13:00:04 -0800 (PST) Received: from mxip15.cluster1.charter.net (mxip15a.cluster1.charter.net [209.225.28.145]) by mxsf41.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id j0CKxptB031145 for ; Wed, 12 Jan 2005 15:59:51 -0500 Received: from cpe-24-107-225-41.ma.charter.com (HELO smtp.charter.net) (24.107.225.41) by mxip15.cluster1.charter.net with SMTP; 12 Jan 2005 15:59:50 -0500 X-Ironport-AV: i="3.88,118,1102309200"; d="scan'208"; a="693755562:sNHT21021658" Received: (nullmailer pid 29851 invoked by uid 1000); Wed, 12 Jan 2005 20:58:49 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <16869.36745.722992.495539@smtp.charter.net> Date: Wed, 12 Jan 2005 15:58:49 -0500 From: John Stoffel To: Alexios Zavras Cc: John Stoffel , Philip Brown , sage-members@sage.org Subject: Re: [SAGE] web form handling software In-Reply-To: <20050112203654.GA10783@softlab.ece.ntua.gr> References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> <16869.32182.48902.263230@smtp.charter.net> <20050112203654.GA10783@softlab.ece.ntua.gr> X-Mailer: VM 7.19 under Emacs 21.3.1 Sender: owner-sage-members@usenix.org Precedence: bulk >>>>> "Alexios" == Alexios Zavras writes: Alexios> One of the best such implementations I've seen it's the Opera Alexios> Show Generator -- where you do exactly that: you fill a form Alexios> (add/subtract fields, move them around, etc.). All Alexios> client-based. Alexios> Its result, btw, after "submit" is a Alexios> HTML/CSS/Javascript-based presentation that can be run in Alexios> Opera (and, I think, recent Mozilla implementations). And of Alexios> course it can be just shown on the Web. I didn't work for me when running Galeon 1.3.18 under Fedora Core 3. Alexios> Saved a lot of our non-techies from Powerpoint bloat, actually. This is also doesn't address the issue of people designing data acquisition forms, which have more issues than just "non-techies need to be able to create forms easily" since the data validation issues are even more important. Remember: Gi-go. Garbage in - garbage out. John From sage-members-owner@usenix.org Wed Jan 12 13:01:53 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CL1qn3005257 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 13:01:52 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CL1qqM005254 for sage-members-outgoing; Wed, 12 Jan 2005 13:01:52 -0800 (PST) Received: from nspapmdf-2.edwardjones.com (nspamail-rs.edwardjones.com [167.80.244.199]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CL1on2005240 for ; Wed, 12 Jan 2005 13:01:51 -0800 (PST) Received: from nspdmail-3.edwardjones.com (nspdmail-3.edwardjones.com [172.17.162.210]) by nspapmdf-2.edwardjones.com (PMDF V6.2-X17 #30672) with ESMTP id <0IA800H872EPDO@nspapmdf-2.edwardjones.com> for sage-members@usenix.org; Wed, 12 Jan 2005 15:01:37 -0600 (CST) Received: from localhost (root@localhost) by nspdmail-3.edwardjones.com (8.8.8p2+Sun/8.8.8) with ESMTP id PAA15735 for ; Wed, 12 Jan 2005 15:01:37 -0600 (CST) Content-return: prohibited Date: Wed, 12 Jan 2005 15:01:37 -0600 From: Scott.Link@edwardjones.com Subject: [SAGE] Intellisync in an enterprise for Palm and Win [CE|PPC] devices To: sage-members@usenix.org Message-id: MIME-version: 1.0 Content-type: text/plain; NAME=BDY.TXT; charset=US-ASCII Content-transfer-encoding: 7BIT Content-disposition: inline; filename=BDY.TXT; Creation-Date="Wed, 12 Jan 2005 15:01:37 -0600" X-OpenMail-Hops: 1 Sender: owner-sage-members@usenix.org Precedence: bulk Greetings, Just checking the temperature for Intellisync Enterprise. Looking at Activesync for the Windows devices, but we also have a pretty good sized Palm userbase that I'd like to take care of, too. Anyone try out Intellisync Enterprise? Can you lock out e-mail sync and just allow tasks/to-dos, contacts, and calendar syncronization? If I put one instance of the app on a workstation and will it work w/minimum of fuss and bother for Palm and WinCE/PPC users of that same workstation. I.E., one day a Palm user plugs in their cradle and PDA and can sync and the next day a different user w/a WinCE plugs in their cradle and PDA and can sync... Cheers, Scott Link "If you expect someone else to guide you, you'll be lost." --James Earl Jones From sage-members-owner@usenix.org Wed Jan 12 14:05:48 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CM5ln3006859 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 14:05:48 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CM5lDO006857 for sage-members-outgoing; Wed, 12 Jan 2005 14:05:47 -0800 (PST) Received: from hamhock.hoovers.com (hamhock-outbound.hoovers.com [66.179.38.26]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CM5kn2006852 for ; Wed, 12 Jan 2005 14:05:46 -0800 (PST) Received: from exchange.hoovers.com (gamma.hoovers.com [66.179.38.8]) by hamhock.hoovers.com (HamHock-OUTBOUND) with ESMTP id 7AB07F8562; Wed, 12 Jan 2005 16:05:31 -0600 (CST) Received: from localhost ([66.179.38.59]) by exchange.hoovers.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2657.72) id CPT2XYHT; Wed, 12 Jan 2005 16:05:30 -0600 Date: Wed, 12 Jan 2005 16:05:30 -0600 From: Frank Smith To: Philip Brown , sage-members@sage.org Subject: Re: [SAGE] web form handling software Message-ID: <3C4F9E23F5965F1BA067D82E@k6.artair.com> In-Reply-To: <20050112122634.B53380@bolthole.com> References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> <20050112122634.B53380@bolthole.com> X-Mailer: Mulberry/3.1.6 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-sage-members@usenix.org Precedence: bulk --On Wednesday, January 12, 2005 12:26:34 -0800 Philip Brown wrote: > On Wed, Jan 12, 2005 at 03:06:37PM -0500, Todd Olson wrote: >> At 11:12 -0800 2005-01-12, Philip Brown wrote: >> > Would anyone have a recommendation for free, or at minimum cheap >> > (to universities) software, for handling web forms? >> > What I think we need, is something that makes the following easy(er): >> > >> > 1. creation and adjustment of web based forms, by non-techies >> > 2. handles collection of actual data by people clicking "submit" on the >> > form >> >> Perhaps FileMaker Pro (now in version 7) will do the job. >> http://www.filemaker.com/ >> It is not free >> but the time savings in creating the sort of things you seem to be after >> would be substantial. > > Hey, that looks kinda slick. Any other competitors in this space that you > know of? If you decide on FileMaker, please don't use a version prior to 7, it had a very weak security model: Client: I need to log in. Sever: Here are all of the usernames and passwords. Is it one of these? Client: Yes. Server: OK, you can have access. Supposedly that's all been fixed in v7. Frank From sage-members-owner@usenix.org Wed Jan 12 14:20:51 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CMKpn3007527 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 14:20:51 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CMKpxN007526 for sage-members-outgoing; Wed, 12 Jan 2005 14:20:51 -0800 (PST) Received: from mail2.cray.com (mail2.cray.com [136.162.64.100]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CMKnn3007520 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 14:20:49 -0800 (PST) Received: from relayc.wc.cray.com (relayc.us.cray.com [192.168.226.146]) by mail2.cray.com (8.13.1/8.13.1/gw-1.9) with ESMTP id j0CMKZmc014646 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 14:20:36 -0800 (PST) Received: from berlin.wc.cray.com (berlin.wc.cray.com [172.28.17.35]) by relayc.wc.cray.com (8.13.1/8.13.1/hub-1.10) with ESMTP id j0CMKVqY018664 for ; Wed, 12 Jan 2005 14:20:31 -0800 (PST) Received: from localhost (berlin.wc.cray.com [172.28.17.35]) by berlin.wc.cray.com (8.13.1/8.13.1/berlin-1.5) with ESMTP id j0CMKT8o022928 for ; Wed, 12 Jan 2005 14:20:31 -0800 (PST) Date: Wed, 12 Jan 2005 14:20:28 -0800 From: Brian Connolly Reply-To: Brian Connolly To: sage-members@sage.org Subject: Re: [SAGE] web form handling software Message-ID: <02AD429BA5A0B32CCA4A8514@BRIANC-XP-LAP1.americas.cray.com> In-Reply-To: <3C4F9E23F5965F1BA067D82E@k6.artair.com> References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> <20050112122634.B53380@bolthole.com> <3C4F9E23F5965F1BA067D82E@k6.artair.com> X-Mailer: Mulberry/3.1.6 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Cray-VirusStatus: clean Sender: owner-sage-members@usenix.org Precedence: bulk If you are looking at FileMaker, you should probably also look at Microsoft Access. I know, I know, I know.... it is a MS product, but Access and FileMaker are direct competitors and atleast for right now, Access has a much larger install base (which may or may not mean that it is a superior tool). -Brian PS There is a mailing list/newsgroup somewhere dedicated to making Access forms (and the underlying database) accessible via http. PSS I am not advocating Access, but if you are going to investigate FileMaker, you should also take a peek at Access, for throughness --On Wednesday, January 12, 2005 4:05 PM -0600 Frank Smith wrote: > --On Wednesday, January 12, 2005 12:26:34 -0800 Philip Brown > wrote: > >> On Wed, Jan 12, 2005 at 03:06:37PM -0500, Todd Olson wrote: >>> At 11:12 -0800 2005-01-12, Philip Brown wrote: >>> > Would anyone have a recommendation for free, or at minimum cheap >>> > (to universities) software, for handling web forms? >>> > What I think we need, is something that makes the following easy(er): >>> > >>> > 1. creation and adjustment of web based forms, by non-techies >>> > 2. handles collection of actual data by people clicking "submit" on >>> > the form >>> >>> Perhaps FileMaker Pro (now in version 7) will do the job. >>> http://www.filemaker.com/ >>> It is not free >>> but the time savings in creating the sort of things you seem to be after >>> would be substantial. >> >> Hey, that looks kinda slick. Any other competitors in this space that you >> know of? > > If you decide on FileMaker, please don't use a version prior to 7, it had > a very weak security model: > > Client: I need to log in. > Sever: Here are all of the usernames and passwords. Is it one of these? > Client: Yes. > Server: OK, you can have access. > > Supposedly that's all been fixed in v7. > > Frank > > From sage-members-owner@usenix.org Wed Jan 12 15:01:33 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CN1Wn3008690 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 15:01:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CN1WrE008689 for sage-members-outgoing; Wed, 12 Jan 2005 15:01:32 -0800 (PST) Received: from postoffice7.mail.cornell.edu (postoffice7.mail.cornell.edu [132.236.56.22]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CN1Un2008684 for ; Wed, 12 Jan 2005 15:01:31 -0800 (PST) Received: from [128.253.64.63] (murmer.cit.cornell.edu [128.253.64.63]) by postoffice7.mail.cornell.edu (8.12.10/8.12.6) with ESMTP id j0CN1NV1027742 for ; Wed, 12 Jan 2005 18:01:23 -0500 (EST) Mime-Version: 1.0 X-Sender: tco2@postoffice7.mail.cornell.edu Message-Id: In-Reply-To: <20050112122634.B53380@bolthole.com> References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> <20050112122634.B53380@bolthole.com> Date: Wed, 12 Jan 2005 18:03:41 -0500 To: sage-members@sage.org From: Todd Olson Subject: Re: [SAGE] web form handling software Content-Type: text/plain; charset="us-ascii" Sender: owner-sage-members@usenix.org Precedence: bulk At 12:26 -0800 2005-01-12, Philip Brown wrote: >On Wed, Jan 12, 2005 at 03:06:37PM -0500, Todd Olson wrote: >> At 11:12 -0800 2005-01-12, Philip Brown wrote: >> >Would anyone have a recommendation for free, or at minimum cheap >> >(to universities) software, for handling web forms? >> >What I think we need, is something that makes the following easy(er): >> > >> >1. creation and adjustment of web based forms, by non-techies >> >2. handles collection of actual data by people clicking "submit" on the >> > form >> >> Perhaps FileMaker Pro (now in version 7) will do the job. >> http://www.filemaker.com/ >> It is not free >> but the time savings in creating the sort of things you seem to be after >> would be substantial. > >Hey, that looks kinda slick. Any other competitors in this space that you >know of? I heard mention of the following when people were discussing migration to filemaker 7 from filemaker 6 ... mentioned because v7 is so much different than v6. see http://www.macintouch.com/databases02.html I've not used any of the following. http://www.servoy.com/ http://www.omnis.net/ http://www.qilan.com/ (??) http://www.helixtech.com/1Product/index.html (might not have web) http://www.provue.com/ (might not have web) Regards, Todd Olson From sage-members-owner@usenix.org Wed Jan 12 15:45:27 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CNjQn3009800 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 15:45:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CNjQLS009799 for sage-members-outgoing; Wed, 12 Jan 2005 15:45:26 -0800 (PST) Received: from mail1.tradebeam.com (mail1.tradebeam.com [66.238.14.9]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CNjOn2009793 for ; Wed, 12 Jan 2005 15:45:25 -0800 (PST) Received: from mail pickup service by mail1.tradebeam.com with Microsoft SMTPSVC; Wed, 12 Jan 2005 15:43:29 -0800 Received: from [10.128.2.11] ([10.128.2.11]) by mail1.tradebeam.com with Microsoft SMTPSVC(5.0.2195.6713); Wed, 12 Jan 2005 15:43:28 -0800 Mime-Version: 1.0 (Apple Message framework v619) In-Reply-To: <20050112122634.B53380@bolthole.com> References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> <20050112122634.B53380@bolthole.com> Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: "Guy B. Purcell" Subject: Re: [SAGE] web form handling software Date: Wed, 12 Jan 2005 15:45:07 -0800 To: sage-members@sage.org X-Mailer: Apple Mail (2.619) X-CTCH-ID: _5BE4CA78-47AB-4885-95DA-4699559347B6_ X-CTCH-RefID: 0 X-CTCH-Action: Ignore X-OriginalArrivalTime: 12 Jan 2005 23:43:28.0902 (UTC) FILETIME=[8459F260:01C4F900] Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 12, 2005, at 12:26, Philip Brown wrote: > On Wed, Jan 12, 2005 at 03:06:37PM -0500, Todd Olson wrote: >> At 11:12 -0800 2005-01-12, Philip Brown wrote: >>> Would anyone have a recommendation for free, or at minimum cheap >>> (to universities) software, for handling web forms? >>> What I think we need, is something that makes the following easy(er): >>> >>> 1. creation and adjustment of web based forms, by non-techies >>> 2. handles collection of actual data by people clicking "submit" on >>> the >>> form >> >> Perhaps FileMaker Pro (now in version 7) will do the job. >> http://www.filemaker.com/ >> It is not free but the time savings in creating the sort of things >> you seem to be after >> would be substantial. > > Hey, that looks kinda slick. And, if you're in a university, it may be free (same holds for its competitor, Access, too), in that the university may have purchased a site license for it. Universities like site licenses. -Guy From sage-members-owner@usenix.org Wed Jan 12 15:47:32 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CNlWn3010067 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 15:47:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0CNlWFu010066 for sage-members-outgoing; Wed, 12 Jan 2005 15:47:32 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0CNlUn2010058 for ; Wed, 12 Jan 2005 15:47:31 -0800 (PST) Received: (qmail 71543 invoked by uid 18647); 12 Jan 2005 23:47:20 -0000 Date: Wed, 12 Jan 2005 15:47:20 -0800 From: Philip Brown To: sage-members@sage.org Subject: Re: [SAGE] web form handling software Message-ID: <20050112154720.D6660@bolthole.com> Mail-Followup-To: sage-members@sage.org References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from tco2@cornell.edu on Wed, Jan 12, 2005 at 03:06:37PM -0500 Sender: owner-sage-members@usenix.org Precedence: bulk On the free side, I was privatedly emailed about a couple of sourceforge contenders. the one that seems better, is phpFormGenerator : http://phpformgen.sourceforge.net/ It looks initially promising. Although the demo does not seem to have all features desired, there seems to be indication that the demo is not actually set up right :-) Additionally, it features a light level of mysql integration in the forms it generates. filemakerpro has a leg up on paper, in that everthing appears to be fully GUI driven, including the actual back-end database. But we'll see how things look in more depth. From sage-members-owner@usenix.org Wed Jan 12 16:06:55 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0D06tn3011070 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 16:06:55 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0D06sb6011069 for sage-members-outgoing; Wed, 12 Jan 2005 16:06:54 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0D06qn2011064 for ; Wed, 12 Jan 2005 16:06:52 -0800 (PST) Received: (qmail 90639 invoked by uid 18647); 13 Jan 2005 00:06:40 -0000 Date: Wed, 12 Jan 2005 16:06:40 -0800 From: Philip Brown To: sage-members@usenix.org Subject: Re: [SAGE] Re: sage-members-digest V2 #1703 Message-ID: <20050112160640.F6660@bolthole.com> Mail-Followup-To: sage-members@usenix.org References: <200412281000.iBSA01s2009086@voyager.usenix.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from andrew@research.att.com on Wed, Dec 29, 2004 at 03:44:24AM -0500 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Dec 29, 2004 at 03:44:24AM -0500, Andrew Hume wrote: > ...as to the case below, where you should "ignore the words", > call them on it. ask why it is that although you're told you're doing > great, > you get crappy raises? where is the inconsistency coming in? Some places are 'consistent' about it, though. Some places do performance evals, just because some HR consulting firm told them years ago, "you must do yearly performance evalutions, to keep your employees happy", but were either never told, or chose to ignore, the part about, "and REWARD your employees when they are shown to have superior performance!" So the are "consistent" in that they treat all employees equally badly when it comes to raises :-> hence the "ignore all the words" advice. From sage-members-owner@usenix.org Wed Jan 12 22:03:20 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0D63Kn3015551 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 12 Jan 2005 22:03:20 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0D63KXC015549 for sage-members-outgoing; Wed, 12 Jan 2005 22:03:20 -0800 (PST) Received: from pop.snert.net (pop.snert.net [193.41.72.72]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0D63Gn3015544 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=FAIL) for ; Wed, 12 Jan 2005 22:03:18 -0800 (PST) Received: from [192.168.1.33] (dyn-213-36-184-152.ppp.tiscali.fr [213.36.184.152]) (authenticated bits=0) by pop.snert.net (8.13.2/8.13.0) with ESMTP id j0D62tpa028267 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO) for ; Thu, 13 Jan 2005 07:03:07 +0100 Message-ID: <41E60F16.2010009@snert.com> Date: Thu, 13 Jan 2005 07:03:02 +0100 From: Anthony Howe Organization: Snert User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041217 X-Accept-Language: en, fr MIME-Version: 1.0 To: SAGE Members Subject: Re: [SAGE] web form handling software References: <20050106223237.GK18275@netmeister.org> <20050112111233.C68082@bolthole.com> <16869.32182.48902.263230@smtp.charter.net> <20050112122044.A53380@bolthole.com> In-Reply-To: <20050112122044.A53380@bolthole.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Philip Brown wrote: > On Wed, Jan 12, 2005 at 02:42:46PM -0500, John Stoffel wrote: > >>Philip> Would anyone have a recommendation for free, or at minimum >>Philip> cheap (to universities) software, for handling web forms? >>Philip> 2. handles collection of actual data by people clicking >>Philip> "submit" on the form >> >>This is not a good definition of a need. Does the data need to get >>inserted into a DB? Or put into an email message and sent to someone? >>How is the data to be sanitized and bounds checking done, etc? > > > At this point, I'll take ANY fulfilment of this description. even if it's > as trivial as "saves it to a directory somewhere, in some format that can > be reasonably read". Below is what I use in PHP on a per site basis. It formats the URL encoded output into a human readable email. It avoids issues that plague some form scripts that passed parameters via the form that spammers love to abuse, by embedding the destination address in the script itself. If you modify this to send a copy of the form to the sumbmitter of the form, then you will be abused by spammers who will relay spam via your form if they find it and if it has a general comment field. So that is NOT recommended. ----sendform.php---- $value) { if ($maxWidth < strlen($name)) $maxWidth = strlen($name); } foreach ($_POST as $name => $value) { if ($maxWidth < strlen($name)) $maxWidth = strlen($name); } $body = ''; $fmt = "%{$maxWidth}s: %s\n"; foreach ($_GET as $name => $value) { $body .= sprintf($fmt, $name, $value); } foreach ($_POST as $name => $value) { $body .= sprintf($fmt, $name, $value); } mail($SEND_TO, $SUBJECT, $body); /////////////////////////////////////////////////////////////////////// // MODIFY THE HTML BELOW /////////////////////////////////////////////////////////////////////// ?>
Thank you.
-- Anthony C Howe +33 6 11 89 73 78 http://www.snert.com/ ICQ: 7116561 AIM: Sir Wumpus "Once...we were here." - Last of The Mohicans From sage-members-owner@usenix.org Fri Jan 14 12:05:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0EK51n3000387 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 14 Jan 2005 12:05:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0EK50fC000385 for sage-members-outgoing; Fri, 14 Jan 2005 12:05:01 -0800 (PST) Received: from smtp1.utdallas.edu (smtp1.utdallas.edu [129.110.10.12]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0EK4xn2000380 for ; Fri, 14 Jan 2005 12:04:59 -0800 (PST) Received: from spartacus.utdallas.edu (spartacus.utdallas.edu [129.110.3.11]) by smtp1.utdallas.edu (Postfix) with ESMTP id 09513389E81 for ; Fri, 14 Jan 2005 14:04:45 -0600 (CST) Date: Fri, 14 Jan 2005 14:04:45 -0600 (CST) From: amos+lists.sage@utdallas.edu X-X-Sender: amos@spartacus.utdallas.edu To: sage-members@usenix.org Subject: [SAGE] mirapoint? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk Anybody here have any experience with the Mirapoint products? Any opinions that you care to share? I did some digging on this list and didn't see it mentioned, but maybe my searching wasn't aggressive enough.... Responses off-line are fine. Amos From sage-members-owner@usenix.org Fri Jan 14 12:46:19 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0EKkIn3001257 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 14 Jan 2005 12:46:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0EKkIFi001256 for sage-members-outgoing; Fri, 14 Jan 2005 12:46:18 -0800 (PST) Received: from mail.ituitive.com (mail.ituitive.com [216.234.52.66]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0EKkGn3001251 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 14 Jan 2005 12:46:16 -0800 (PST) Received: (qmail 401 invoked by uid 1011); 14 Jan 2005 20:46:51 -0000 Received: from 216.234.51.37 by random.ituitive.com (envelope-from , uid 1011) with qmail-scanner-1.24 (clamdscan: 0.80/545. spamassassin: 2.63. Clear:RC:1(216.234.51.37):. Processed in 0.05249 secs); 14 Jan 2005 20:46:51 -0000 X-Qmail-Scanner-Mail-From: sfulton@esoteric.ca via random.ituitive.com X-Qmail-Scanner: 1.24 (Clear:RC:1(216.234.51.37):. Processed in 0.05249 secs) Received: from youare.connection.ca (HELO ?216.234.51.37?) (sfulton@esoteric.ca@216.234.51.37) by mail.ituitive.com with SMTP; 14 Jan 2005 20:46:51 -0000 Message-ID: <41E82F8B.7070308@esoteric.ca> Date: Fri, 14 Jan 2005 15:46:03 -0500 From: Stephen Fulton User-Agent: Mozilla Thunderbird 0.9 (Windows/20041103) X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@usenix.org Subject: [SAGE] Veritas VCS and MySQL Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Hi all, I'm evaluating Veritas' VCS to be used to provide fail-over capability for our MySQL Server, and I'm curious if anyone has any experience or tips they could share, either about VCS in general or VCS with MySQL? Thanks, -- Stephen. From sage-members-owner@usenix.org Fri Jan 14 16:10:12 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0F0ACn3005094 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 14 Jan 2005 16:10:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0F0ABsA005093 for sage-members-outgoing; Fri, 14 Jan 2005 16:10:11 -0800 (PST) Received: from zappy.catbert.org (zappy.catbert.org [70.85.16.91]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0F0A9n2005087 for ; Fri, 14 Jan 2005 16:10:10 -0800 (PST) Received: by zappy.catbert.org (Postfix, from userid 2000) id D90BA1A847; Fri, 14 Jan 2005 19:10:00 -0500 (EST) Date: Fri, 14 Jan 2005 19:10:00 -0500 From: Dan Foster To: amos+lists.sage@utdallas.edu Cc: sage-members@usenix.org Subject: Re: [SAGE] mirapoint? Message-ID: <20050115001000.GA4557@catbert.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk Hot Diggety! amos+lists.sage@utdallas.edu was rumored to have written: > Anybody here have any experience with the Mirapoint products? Any > opinions that you care to share? I did some digging on this list and > didn't see it mentioned, but maybe my searching wasn't aggressive > enough.... Depends on what kind of size / needs your organization has. We've had some Mirapoint units. I've got some mixed feelings about them. The below is a very frank technical critique of the product and company. Mostly factual, and I've labelled the few parts that has personal opinions (which themselves are based on facts or experience). On one hand, the product itself is a pretty nice (my opinion) appliance - has a ssh CLI (custom shell), easy to monitor data via CLI, web, SNMP, etc... even has an API (and can be called through simple perl routines) that you can hook into for provisioning stuff -- we use that to very good effect. On the other hand, I'm not all that enamored with the pricing -- it seems a little over the top to me. (And that's a personal opinion, based on experience with pricing a wide range of products over the years.) When we were thinking about buying a newer generation of Mirapoint units, we needed a way of moving the old data off (configs, actual mailboxes, etc). Mirapoint quoted about $25,000 (if memory serves) to do the migration for a small box -- not including the cost of new hardware, of course. That basically killed any management interest in going for newer Mirapoint products. Too bad, because the current products did look nice. (My opinion.) This also raised concerns about this being an effective attempt at vendor lock-in. That kind of tactic just doesn't work here. :) (We're constantly migrating services to newer hardware and software, over time, as needs changes... lock-in is the last thing we would ever want.) A few years ago, our security team was running a scan. The security person whom was running the scan was pretty flabbergasted when he was dropped into an actual root shell prompt, and not the normal CLI shell -- without entering a root password. :) That was the only time where a scan ever had that result, for any of our systems and appliances, in the past 12 years. Turns out that at the time, Mirapoint had shipped boxes with rsh enabled and no root password (presumably for tech support remote debugging?). We discovered that it was (at the time, years ago) a FreeBSD 2.1.5 (as I seem to recall) system and some custom mods to the boot stuff -- could be booted off the internal hard drives or a LS120 'floppy' with some special/custom stuff (maybe special drivers or init script?). I administer some FreeBSD boxes at home, and started with 2.1.5, so was familiar with that stuff... as was the security person whom did the scan (long-time BSD user from the earliest days). But one of my concerns was that we had no way of knowing if Mirapoint had released software patches to address specific FreeBSD vulnerabilities that might apply to the Mirapoint as they came out... and of course, when you run an old version long enough, you'll eventually not get any more patches, leaving you in a dicey situation short of getting newer hardware/software or moving to something else. (This is a generic issue for appliances; especially since they can easily be used for a far longer period of time than a typical server. So, to be fair, that concern wasn't a Mirapoint-specific issue per se.) What was telling was Mirapoint's rather lackluster (my opinion) response when we called in this root-has-no-password issue... we had to spend an hour or so in a rather contentious teleconference to convince them that it was an extremely serious security issue. For the better part of that, they just didn't believe that it was serious and spent some time belittling us. Guess I was just far more disappointed than offended. (I've had the same kind of conversation regarding a serious password exposure vulnerability with Sun security, silence from Apple security on a different and potentially serious password exposure issue. So it's not unheard of for vendors to blow off critical reports, so... At least, in Mirapoint's case, they *did* something about it... I'm not sure if Sun ever fixed that hole, and I think Apple later silently slipped in the fix in a later version of MacOS X.) To their credit, once they understood the seriousness, they immediately gave us a software patch that fixed that particular hole. And I should note that this was perhaps five or six years ago, so the issue has long since been fixed. Still, the fact that such a gaping hole was in the product, and the response... well, it wasn't that confidence inspiring. Also my opinion. With the boxes we had, it took several days to do a single level 0 dump even on a fast ethernet network, and we only had a small disk array! That really complicated plans to transition to other equipment with a minimum of downtime. There was also a bug with dump where it was possible for the dump process to hang forever (and was not killable), requiring a reboot to retry the dump run. No idea if fixed now, but possibly? I have also heard of and seen credible evidence that the password scheme (at least, for the old boxes we have) is a variation on the Vignere cipher. It will not be trivial for someone unschooled in cryptography to crack it, but there are general public tools (but not Mirapoint-specific) easily found via a web search to crack Vignere ciphers. So this falls into the category of 'security by obscurity'. I might describe a Vignere cipher as being a fancy version of ROT-13. Fancy, but still ROT-13ish. (Description of cipher being a fancy ROT-13ish is my opinion.) It's hard for most people to crack it, but if someone was sufficiently knowledgeable, then all passwords are laid bare. I'm not interested in going into any further details -- I only hope that Mirapoint has chosen a stronger scheme for their current shipping products such as SHA or MD5. I'm not schooled in cryptography (and have yet to read Mr. Schneier's seminal book, alas) but it seems to me that even with password guessing tools (e.g. Jack the Ripper), DES would be an improvement over a Vignere cipher, if the passwords were well-chosen. And obviously, one of the modern ciphers would be even better. I also always wished that the Mirapoint supported an external hook to user-supplied tools via some sort of API that would allow us to enforce passwords according to site-specific policy. That would, for instance, allow us to run passwords through a basic sanity filter such as Cracklib. All bets are off with such a weak cipher, though -- figure out the exact cipher algorithm, then it won't matter how good the password may be. More useful if it was protected by DES, MD5, SHA, whatever -- by their nature, they can't be easily reversed short of dictionary attacks. (Though I'm sure the NSA has non-dictionary attacks that works with DES, as hinted in the book _The Cuckoo's Egg_.) Anything like a substitution cipher, XOR, etc... are easily reversible once you know how it was generated and maybe a minute or two of computing time to find the right 'ranges'. The Vignere cipher, as I understand it, was designed to defeat simple frequency analysis... but with a theoretical custom-made program and at least one known password as a point of comparison, it would probably be possible for a determined and knowledgeable attacker to soon figure out details. No, neither I nor anyone I know has written such a tool -- this is just theory, though I have indeed seen our Mirapoint passwords cracked and have some knowledge of how it was done. I have only a binary, so someone has already done it. (Source code was, unfortunately, not found on the server.) Once the attacker figures out the exact algorithm and ranges involved for the cipher variant, it's just an extremely trivial program in any language to decode every single Mirapoint password. Perhaps a little harder if coding in INTERCAL (aka the world's worst and most maddeningly difficult and impossible programming language known in human history. :-) ) >From my limited understanding of Vignere ciphers, a program to decode is trivial if you know particulars of the exact variant's cipher (and understand how Vignere ciphers themselves work). What the Mirapoint customer has going for them is that: a) it may be possible they no longer use the Vignere cipher variant, and b) a successful attack requires the attacker: - is aware of your Mirapoint unit - has an interest in compromising it - knows your Mirapoint unit is not protected by a sufficiently restrictive network ACL (but don't discount the possibility that you could block external ssh access, but attacker could come in through an internal machine that does have access!) - has access to your Mirapoint to trigger a level 0 dump - has access to a second box somewhere (local or remote) to receive the dump data (which would also yield users' mailboxes too) - has the Administrator password (social engineering, sniffing, etc) - knows at least one and preferrably two Mirapoint users' passwords (which can be obtained through social engineering or capturing plaintext network traffic) - knows cryptography, or at least, details of how a Vignere cipher works - can figure out the variant that Mirapoint uses (used?) So the bar is somewhat 'high' enough that this is not very likely in normal operation... but once someone, anyone, figures out the algorithm and can meet all of the prereqs, the kingdom can be lost in short order (so to speak). We also had issues with how the unit responded once the queue got large. Can't really tell but it almost seemed like a single large queue because performance seemed to exponentially drop once the incoming queue got large enough. A multi-tiered hashed directory scheme or something would probably go a very long way... but then again, this was with an older software version so they could very well have had fixed that performance issue long ago. A really large mailbox (245 MB, IIRC) also made performance crawl, too. It took a few hours to delete all the messages in that mailbox, as I seem to recall. :) So I would summarize it as having real mixed feelings: I like most of the product, save for a few points. I've had so-so dealings with the company. Nothing that would prevent me from seriously considering them for new purchases -- which we did recently consider. But given the technical and security issues I've seen with that product, as well as the pricing... I'm just not comfortable in recommending it unless one really has wheelbarrows of money and can lock it down *tight*. Maybe they offer more reasonable pricing to other people, who knows? :) I should also note that it is entirely possible that Mirapoint has become much more security conscious and responsive, as well as beefed up the internal protections (eg password scheme) with their current products. If that is indeed the case, then the only real issue I would have is with their pricing. I don't believe it provides the best bang-for-the-buck or value relative to cost, even if the appliance is pretty nice on the whole. My opinion, based on the numbers they've given to us... which could potentially be significantly better for other Mirapoint customers. So... I don't necessarily want to discourage anyone from checking out the Mirapoint offerings; I only suggest that you do so very carefully to determine if it meets your needs. Wouldn't hurt to ask them questions about various technical and security issues to see if they've cleaned up these issues by now. And I'll leave the judgement of price vs value to the individual potential customer, especially since the numbers they quote may very well (my guess) vary between various customers. As with most anything, it (the product and the company) has its good points and bad points. I just wish I had more reasons to be enthusiastic for what is mostly a decent product. I have high standards! I'd just like to see Mirapoint live up to these high standards. Then I could perhaps recommend the product without all the caveats. -Dan From sage-members-owner@usenix.org Fri Jan 14 18:19:45 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0F2Jjn3006815 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 14 Jan 2005 18:19:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0F2JiPo006814 for sage-members-outgoing; Fri, 14 Jan 2005 18:19:44 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0F2Jgn3006809 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 14 Jan 2005 18:19:43 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0F2JU2r031793; Fri, 14 Jan 2005 21:19:31 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050115001000.GA4557@catbert.org> References: <20050115001000.GA4557@catbert.org> Date: Sat, 15 Jan 2005 03:12:32 +0100 To: Dan Foster From: Brad Knowles Subject: Re: [SAGE] mirapoint? Cc: amos+lists.sage@utdallas.edu, sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 7:10 PM -0500 2005-01-14, Dan Foster wrote: > We also had issues with how the unit responded once the queue got large. > > Can't really tell but it almost seemed like a single large queue because > performance seemed to exponentially drop once the incoming queue got > large enough. My understanding is that they were running a slightly modified version of sendmail, at least for a while, and this is a typical problem with older sendmail versions and newer ones if you don't configure them for a mail queue hashing scheme. > A really large mailbox (245 MB, IIRC) also made performance crawl, too. > It took a few hours to delete all the messages in that mailbox, as I > seem to recall. :) ISTR that they were running a slightly hacked version of a fairly well known POP3/IMAP server (UW-IMAP?) and that it used 7th edition mbox format, which is known to have scaling issues once the mailboxes get large. > But given the technical and security issues I've seen with that product, > as well as the pricing... I'm just not comfortable in recommending it > unless one really has wheelbarrows of money and can lock it down *tight*. > Maybe they offer more reasonable pricing to other people, who knows? :) Personally, I think you could build your own box and run Sendmail SAMS or Stalker Communigate Pro, spend less money, and get a more scalable solution. > I should also note that it is entirely possible that Mirapoint has > become much more security conscious and responsive, as well as beefed up > the internal protections (eg password scheme) with their current products. At the very least, if you're running a vendor product on top of your own box, you can deal with all the box security issues yourself, and the vendor only has to worry about their software. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Fri Jan 14 18:36:04 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0F2a4n3007409 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 14 Jan 2005 18:36:04 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0F2a3NH007408 for sage-members-outgoing; Fri, 14 Jan 2005 18:36:03 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0F2a2n2007403 for ; Fri, 14 Jan 2005 18:36:02 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j0F2Zq9o011666; Fri, 14 Jan 2005 20:35:52 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id UAA09376; Fri, 14 Jan 2005 20:35:50 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Fri, 14 Jan 2005 20:35:50 -0600 (CST) From: Doug Hughes To: Brad Knowles cc: amos+lists.sage@utdallas.edu, Subject: Re: [SAGE] mirapoint? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On Sat, 15 Jan 2005, Brad Knowles wrote: > At 7:10 PM -0500 2005-01-14, Dan Foster wrote: > > > We also had issues with how the unit responded once the queue got large. > > > > Can't really tell but it almost seemed like a single large queue because > > performance seemed to exponentially drop once the incoming queue got > > large enough. > > My understanding is that they were running a slightly modified > version of sendmail, at least for a while, and this is a typical > problem with older sendmail versions and newer ones if you don't > configure them for a mail queue hashing scheme. > > > A really large mailbox (245 MB, IIRC) also made performance crawl, too. > > It took a few hours to delete all the messages in that mailbox, as I > > seem to recall. :) > > ISTR that they were running a slightly hacked version of a fairly > well known POP3/IMAP server (UW-IMAP?) and that it used 7th edition > mbox format, which is known to have scaling issues once the mailboxes > get large. fwiw: they definitely use a maildir format, and I'm pretty sure it's cyrus based upon certain user interface features that are telling. (obdisclosure: dan and I work at the same place) From sage-members-owner@usenix.org Sun Jan 16 08:48:07 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0GGm6n3026035 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 16 Jan 2005 08:48:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0GGm6G8026033 for sage-members-outgoing; Sun, 16 Jan 2005 08:48:06 -0800 (PST) Received: from absinthe.tinho.net (absinthe.tinho.net [166.84.5.228]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0GGm1n2026027 for ; Sun, 16 Jan 2005 08:48:05 -0800 (PST) Received: by absinthe.tinho.net (Postfix, from userid 102) id 919E01BF97F; Sun, 16 Jan 2005 11:47:46 -0500 (EST) Date: Sun, 16 Jan 2005 11:47:46 -0500 From: Matthew Crosby To: sage-members@usenix.org Subject: [SAGE] Check your domains! Message-ID: <20050116164746.GA44502@marthon.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i Sender: owner-sage-members@usenix.org Precedence: bulk Yesterday morning, the domain for one of the oldest ISP's around (panix.com) was somehow hijacked to a new registrar, new IP's & so on. Both the old and new registrars apparently aren't being very co-operative in fixing it. (Does anyone know anyone who works for Melbourne IT? They are folks who it was transferred to). I can't comment on any more of the details (not being involved except as a panix customer), but I think this illustrates some lessons that we should all consider. If it can happen to them, it can happen to anyone, and the repercussions are downright scary to think about. Make sure your domains are locked. Keep an eye on your expiry dates. (I don't think that's what happened here, but there have been some famous cases where it DID, so It's worth mentioning). Try and get involved in fixing what is broken system. From sage-members-owner@usenix.org Sun Jan 16 10:40:52 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0GIeqn3000741 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 16 Jan 2005 10:40:52 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0GIeqWn000739 for sage-members-outgoing; Sun, 16 Jan 2005 10:40:52 -0800 (PST) Received: from wingfoot.org (caduceus.wingfoot.org [64.32.179.50]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0GIeon2000734 for ; Sun, 16 Jan 2005 10:40:50 -0800 (PST) Received: from localhost (localhost.wingfoot.org [127.0.0.1]) by wingfoot.org (Postfix) with ESMTP id 4538B1F44AC for ; Sun, 16 Jan 2005 13:40:40 -0500 (EST) Received: from wingfoot.org ([127.0.0.1]) by localhost (wingfoot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 30513-04 for ; Sun, 16 Jan 2005 13:40:39 -0500 (EST) Received: from [127.0.0.1] (unknown [64.32.179.50]) by wingfoot.org (Postfix) with ESMTP id 330681F44A0 for ; Sun, 16 Jan 2005 13:40:39 -0500 (EST) Message-ID: <41EAB507.7090002@wingfoot.org> Date: Sun, 16 Jan 2005 13:40:07 -0500 From: Glenn Sieb User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041206 Thunderbird/1.0 Mnenhy/0.6.0.104 X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@sage.org Subject: [SAGE] Panix news.. X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at wingfoot.org Sender: owner-sage-members@usenix.org Precedence: bulk From panix shell hosts motd: . panix.net usable as panix.com (marcotte) Sat Jan 15 10:44:57 2005 . . Until we resolve the issue of the domain "panix.com", we have set up . the domain "panix.net" to include the same names and addresses as . "panix.com". . . You may use this as a temporary solution for access to mail, webpages, . etc. Wherever you would use "panix.com", you can replace it with . "panix.net". Snagged from NANOG, not sure of the overlap between there and here, but figured I'd pass on some more info... Best, --Glenn -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." ~Benjamin Franklin, Historical Review of Pennsylvania, 1759 From sage-members-owner@usenix.org Sun Jan 16 11:47:56 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0GJlun3001768 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 16 Jan 2005 11:47:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0GJltGD001766 for sage-members-outgoing; Sun, 16 Jan 2005 11:47:55 -0800 (PST) Received: from lnscu5.lns.cornell.edu (lnscu5.lns.cornell.edu [128.84.44.111]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0GJlqn3001761 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=FAIL) for ; Sun, 16 Jan 2005 11:47:54 -0800 (PST) Received: from lnxcu9.lns.cornell.edu (lnxcu9.lns.cornell.edu [128.84.46.100]) by lnscu5.lns.cornell.edu (8.12.10/8.12.10) with ESMTP id j0GJlgsH030891 for ; Sun, 16 Jan 2005 14:47:42 -0500 (EST) Received: from lnxcu9.lns.cornell.edu (localhost.localdomain [127.0.0.1]) by lnxcu9.lns.cornell.edu (8.12.8/8.12.2) with ESMTP id j0GJlgkX015526 for ; Sun, 16 Jan 2005 14:47:42 -0500 Received: (from dsr@localhost) by lnxcu9.lns.cornell.edu (8.12.8/8.12.8/Submit) id j0GJlegP015522; Sun, 16 Jan 2005 14:47:40 -0500 X-Authentication-Warning: lnxcu9.lns.cornell.edu: dsr set sender to dsr@mail.lns.cornell.edu using -f To: sage-members@usenix.org Subject: Re: [SAGE] Check your domains! References: <20050116164746.GA44502@marthon.org> From: Dan Riley Date: 16 Jan 2005 14:47:40 -0500 In-Reply-To: <20050116164746.GA44502@marthon.org> Message-ID: Lines: 20 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2 Sender: owner-sage-members@usenix.org Precedence: bulk Matthew Crosby writes: > Yesterday morning, the domain for one of the oldest ISP's around (panix.com) > was somehow hijacked to a new registrar, new IP's & so on. Both the old and > new registrars apparently aren't being very co-operative in fixing it. This is being actively discussed in NANOG--archives are at http://www.merit.edu/mail.archives/nanog/ , most of the relevant discussion has "panix" in the subject. > Try and get involved in fixing what is broken system. Along those lines, see http://www.merit.edu/mail.archives/nanog/msg04272.html and other posts by the same author for one perspective on what's broken and why. -- The 10/8 that can be pinged is not the true 10/8. From sage-members-owner@usenix.org Sun Jan 16 12:23:51 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0GKNpn3002604 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 16 Jan 2005 12:23:51 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0GKNotO002603 for sage-members-outgoing; Sun, 16 Jan 2005 12:23:50 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0GKNnn2002598 for ; Sun, 16 Jan 2005 12:23:49 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j0GKNc9o015045; Sun, 16 Jan 2005 14:23:38 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id OAA10275; Sun, 16 Jan 2005 14:23:35 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Sun, 16 Jan 2005 14:23:35 -0600 (CST) From: Doug Hughes To: Dan Riley cc: sage-members@usenix.org Subject: Re: [SAGE] Check your domains! In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On 16 Jan 2005, Dan Riley wrote: > Along those lines, see > > http://www.merit.edu/mail.archives/nanog/msg04272.html > > and other posts by the same author for one perspective on what's > broken and why. > that post seriously needs a glossary. If he wants newspapers to carry that information, a rewrite in plain English would be a prerequisite. Requiring a M.E. in "Registry/Registrar" is a serious hurdle. Doug From sage-members-owner@usenix.org Tue Jan 18 09:27:27 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0IHRRn3012179 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 18 Jan 2005 09:27:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0IHRRqP012178 for sage-members-outgoing; Tue, 18 Jan 2005 09:27:27 -0800 (PST) Received: from yfandes.cs.wisc.edu (yfandes.cs.wisc.edu [128.105.162.24]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0IHRPn2012173 for ; Tue, 18 Jan 2005 09:27:25 -0800 (PST) Received: from yfandes.cs.wisc.edu (localhost [127.0.0.1]) by yfandes.cs.wisc.edu (8.13.1/8.13.1) with ESMTP id j0IHRFYq010495 for ; Tue, 18 Jan 2005 11:27:15 -0600 Message-Id: <200501181727.j0IHRFYq010495@yfandes.cs.wisc.edu> To: sage-members@sage.org Subject: [SAGE] January MAD-SAGE: Change is coming: Are you ready? Date: Tue, 18 Jan 2005 11:27:15 -0600 From: David Parter Sender: owner-sage-members@usenix.org Precedence: bulk For those in the Madison, Wisconsin area... or if you know a sysadmin in our area, please pass this on: Date: Thursday, January 20, 2005 Time: 6:00 PIZZA and "networking" 6:30 Technical Program: Change is coming: Are you ready? Speaker: Jesse Trucks From the single SA shop, to the international organization, Change Management is critical to operations. Find out why you need Change Management and what level of documentation and procedure is right for your situation. The presentation is from the perspective of an SA who has been the only SA, smaller organizations with only a handful of people in an informal setting, and a national corporate environment. Everyone is welcome, and questions about your situation are encouraged. Location: Epic Systems, 5301 Tokay Blvd (see the web site for more details) www.mad-sage.org From sage-members-owner@usenix.org Tue Jan 18 09:54:40 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0IHsen3013159 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 18 Jan 2005 09:54:40 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0IHseeo013158 for sage-members-outgoing; Tue, 18 Jan 2005 09:54:40 -0800 (PST) Received: from slick.sigje.org (rdns.222.240.218.216.fre.communitycolo.net [216.218.240.222]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0IHscn3013140 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Tue, 18 Jan 2005 09:54:38 -0800 (PST) Received: from sigje (helo=localhost) by slick.sigje.org with local-esmtp (Exim 4.33) id 1CqxYd-0007Cm-CZ for sage-members@sage.org; Tue, 18 Jan 2005 09:54:23 -0800 Date: Tue, 18 Jan 2005 09:54:23 -0800 (PST) From: Jennifer Davis To: sage-members@sage.org Subject: [SAGE] BayLISA - Jan 20, 2005 - Solaris 10 Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk For those in the Silicon Valley area: Date: Thursday, January 20, 2005 Time: 7:30-9:30 Location: Apple Campus, Cupertino http://www.baylisa.org/locations/current.shtml Topic: Solaris 10 Speaker: Alan DuBoff Alan will be talking about Sun's latest OS, Solaris 10. Alan will show some of the features of Solaris 10, along with key points of what is included in this release. Some of the features include DTrace, N1 Grid Containers, ZFS, X server(s), Java Desktop Systems, PXE install for x86/AMD64, StarOffice, as well as differences between this release and some of the previous releases. Solaris 10 supports SPARC processors as well as 32-bit x86 processors and 64-bit AMD64 processors. Mark C. Langston will also briefly discuss the evolutionary arms race between packet sniffers, sniffer detectors, and sniffer detector evasion. For more information about BayLISA, http://www.baylisa.org. From sage-members-owner@usenix.org Tue Jan 18 13:33:27 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0ILXRn3018444 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 18 Jan 2005 13:33:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0ILXRm6018443 for sage-members-outgoing; Tue, 18 Jan 2005 13:33:27 -0800 (PST) Received: from cc0eb005.schwab.com (cc0eb005.schwab.com [162.93.253.117]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0ILXPn3018430 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Tue, 18 Jan 2005 13:33:25 -0800 (PST) Received: from s0743cdc.schwab.com (s0743cdc.schwab.com [162.93.239.70]) by cc0eb005.schwab.com (Switch-3.1.2/Switch-3.1.0) with ESMTP id j0ILXAS3006935 for ; Tue, 18 Jan 2005 16:33:10 -0500 Received: (from root@localhost) by sendmail.cf s0743cdc id j0ILX9LL015677 for sage-members@sage.org; Tue, 18 Jan 2005 16:33:09 -0500 Received: ( Schwab Email ) by copymail.cf s0743cdc with SMTP id j0ILX9kv015653; for ; Tue, 18 Jan 2005 16:33:09 -0500 Received: From n1121smx.nt.schwab.com ([10.0.50.65]) by n2110pmx.nt.schwab.com (WebShield SMTP v4.5 MR1a P0803.345); id 1106083981904; Tue, 18 Jan 2005 14:33:01 -0700 Received: by n1121smx.nt.schwab.com with Internet Mail Service (5.5.2657.72) id <467R6K6J>; Tue, 18 Jan 2005 13:33:04 -0800 Message-ID: From: "Carlson, Scott" To: sage-members@sage.org Subject: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale Date: Tue, 18 Jan 2005 13:33:01 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain Sender: owner-sage-members@usenix.org Precedence: bulk Hey all, I'm looking for some script reuse assistance from the group. We've created an opportunity (!!) within my company here that I need to renumber (read UID and GID's) approximately 3000 UNIX accounts across 2000 aix/solaris/redhat machines. Rather then spend time writing sets of scripts to do this, or worry if I got my find parameters right, I'm hoping that someone out there will have this exact thing sitting in their script repository. Anyone care to share anything that has worked miracles for them when they've renumbered accounts in this manner? I'll be either running this script from a central management node or on each server individually and I can provide with this info, /etc/passwd, /etc/group and all associated file permissions would need to be changed for a user, and then likewise for GID changes. Any takers/sharers ? Thanks everyone, Scott Carlson "You might not get what you want, but if you look, you may get what you need." Technical Director - Technology Infrastructure Services, Availability (v) 602-977-4456 (p) 888-603-5865 Warning: All email sent to this address will be received by the Charles Schwab email system and is subject to Archival and review by someone other than the recipient From sage-members-owner@usenix.org Tue Jan 18 13:54:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0ILs0n3019293 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 18 Jan 2005 13:54:00 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0ILs06I019292 for sage-members-outgoing; Tue, 18 Jan 2005 13:54:00 -0800 (PST) Received: from mxsf05.cluster1.charter.net (mxsf05.cluster1.charter.net [209.225.28.205]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0ILrwn2019287 for ; Tue, 18 Jan 2005 13:53:59 -0800 (PST) Received: from mxip03.cluster1.charter.net (mxip03a.cluster1.charter.net [209.225.28.133]) by mxsf05.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id j0ILrexM007690 for ; Tue, 18 Jan 2005 16:53:40 -0500 Received: from 24.247.214.232.bay.mi.chartermi.net (HELO lokkur.dexter.mi.us) (24.247.214.232) by mxip03.cluster1.charter.net with ESMTP; 18 Jan 2005 16:53:40 -0500 X-Ironport-AV: i="3.88,135,1102309200"; d="scan'208"; a="562583994:sNHT13633008" Received: by lokkur.dexter.mi.us (Postfix, from userid 1000) id 4778416CEE5; Tue, 18 Jan 2005 16:37:52 -0500 (EST) Date: Tue, 18 Jan 2005 16:37:52 -0500 From: Steve Simmons To: "Carlson, Scott" Cc: sage-members@sage.org Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale Message-ID: <20050118213752.GA17955@lokkur.dexter.mi.us> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, Jan 18, 2005 at 01:33:01PM -0800, Carlson, Scott wrote: > We've created an opportunity (!!) within my company here that I need to > renumber (read UID and GID's) approximately 3000 UNIX accounts across 2000 > aix/solaris/redhat machines. > > Rather then spend time writing sets of scripts to do this, or worry if I got > my find parameters right, I'm hoping that someone out there will have this > exact thing sitting in their script repository. Anyone care to share > anything that has worked miracles for them when they've renumbered accounts > in this manner? *Long* ago there was a wonderful little utility called 'uidswap' that did just what you describe, fast and efficient. I dunno where it went to, but hey, google is your friend... -- "There's a lot of my personality in my characters. I think that's why smart-asses are over-represented." Christopher Moore, in http://www.chrismoore.com/world_domination.htm From sage-members-owner@usenix.org Wed Jan 19 05:15:40 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0JDFdn3023325 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 19 Jan 2005 05:15:39 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0JDFdPW023324 for sage-members-outgoing; Wed, 19 Jan 2005 05:15:39 -0800 (PST) Received: from clas.ufl.edu (minotaur.clas.ufl.edu [128.227.148.248]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0JDFWn2023319 for ; Wed, 19 Jan 2005 05:15:32 -0800 (PST) X-Envelope-From: allan@cookie.org Received: from [128.227.148.121] (allan-g4.clas.ufl.edu [128.227.148.121]) by clas.ufl.edu (8.11.7p1+Sun/8.11.7/clas1.22) with ESMTP id j0JDF2X25013; Wed, 19 Jan 2005 08:15:03 -0500 (EST) Message-ID: <41EE5D56.4020505@cookie.org> Date: Wed, 19 Jan 2005 08:15:02 -0500 From: Allan West User-Agent: Mozilla Thunderbird 0.9 (Macintosh/20041103) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Steve Simmons CC: "Carlson, Scott" , sage-members@sage.org Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale References: <20050118213752.GA17955@lokkur.dexter.mi.us> In-Reply-To: <20050118213752.GA17955@lokkur.dexter.mi.us> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Steve Simmons wrote: > On Tue, Jan 18, 2005 at 01:33:01PM -0800, Carlson, Scott wrote: > > >>We've created an opportunity (!!) within my company here that I need to >>renumber (read UID and GID's) approximately 3000 UNIX accounts across 2000 >>aix/solaris/redhat machines. >> >>Rather then spend time writing sets of scripts to do this, or worry if I got >>my find parameters right, I'm hoping that someone out there will have this >>exact thing sitting in their script repository. Anyone care to share >>anything that has worked miracles for them when they've renumbered accounts >>in this manner? > > > *Long* ago there was a wonderful little utility called 'uidswap' that did > just what you describe, fast and efficient. I dunno where it went to, but > hey, google is your friend... Don't forget to check file ownerships. If you chown and chgrp files as you update uids you're less likely to wind up with files owned by the wrong user. This is expecially important for root directory files which allow the user to log in, but it's more difficult to keep track of for files in shared spaces (web folders, mail spools, etc.) as you change the uids. From sage-members-owner@usenix.org Wed Jan 19 06:59:39 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0JExcn3025100 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 19 Jan 2005 06:59:39 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0JExcqI025099 for sage-members-outgoing; Wed, 19 Jan 2005 06:59:38 -0800 (PST) Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0JExan2025094 for ; Wed, 19 Jan 2005 06:59:36 -0800 (PST) Received: from sj-core-4.cisco.com (171.68.223.138) by sj-iport-4.cisco.com with ESMTP; 19 Jan 2005 07:00:25 -0800 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-4.cisco.com (8.12.10/8.12.6) with ESMTP id j0JEx21M003110; Wed, 19 Jan 2005 06:59:02 -0800 (PST) Received: from cisco.com ([10.25.20.84]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHD11287; Wed, 19 Jan 2005 06:59:00 -0800 (PST) Message-ID: <41EE75B3.309@cisco.com> Date: Wed, 19 Jan 2005 06:58:59 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Allan West CC: Steve Simmons , "Carlson, Scott" , sage-members@sage.org Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale References: <20050118213752.GA17955@lokkur.dexter.mi.us> <41EE5D56.4020505@cookie.org> In-Reply-To: <41EE5D56.4020505@cookie.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk It needs to be at least a two step process: Get the uid and gid information for every file on the system. Go back and apply the new uid/gid to every file. You can't safely walk the filesystem changing uids and gids, unless you know *absolutely* that no mounts or links are going to get you into a loop. It's safer to take a complete inventory of files and then apply the necessary changes. You can apply the changes to the authentication data before or after the filesystem changes, but it is important that nobody is signed on (except your job that is modifying the filesystem) during the changes. This isn't something that you can easily do in phases. We've done this when bringing groups of servers into the company (yes, we do like our acquistions :-). We don't have a comprehensive automatic tool to do it - but 'find' with a little Perl behind it will do most of the filesystem work. The authentication data (passwd & group files/maps) are a separate issue for us, as we never put the 'old' data into our systems at all - we build new authentication data (often including new usernames to prevent clashes with the existing accounts) and then only attach the 'new' filesystems once they have had their uids and gids converted. Note that it you have scripts that refer to explicit uids or gids, or if you are changing usernames as well, there will always be some manual work to do after the conversion. - Richard Allan West wrote: > Steve Simmons wrote: > >> On Tue, Jan 18, 2005 at 01:33:01PM -0800, Carlson, Scott wrote: >> >> >>> We've created an opportunity (!!) within my company here that I need to >>> renumber (read UID and GID's) approximately 3000 UNIX accounts >>> across 2000 >>> aix/solaris/redhat machines. >>> >>> Rather then spend time writing sets of scripts to do this, or worry >>> if I got >>> my find parameters right, I'm hoping that someone out there will >>> have this >>> exact thing sitting in their script repository. Anyone care to share >>> anything that has worked miracles for them when they've renumbered >>> accounts >>> in this manner? >> >> >> >> *Long* ago there was a wonderful little utility called 'uidswap' that >> did >> just what you describe, fast and efficient. I dunno where it went >> to, but >> hey, google is your friend... > > > Don't forget to check file ownerships. If you chown and chgrp files as > you update uids you're less likely to wind up with files owned by the > wrong user. This is expecially important for root directory files > which allow the user to log in, but it's more difficult to keep track > of for files in shared spaces (web folders, mail spools, etc.) as you > change the uids. From sage-members-owner@usenix.org Thu Jan 20 17:37:39 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0L1bcn3028638 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 20 Jan 2005 17:37:38 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0L1bcU2028637 for sage-members-outgoing; Thu, 20 Jan 2005 17:37:38 -0800 (PST) Received: from mx.starshine.org (www.starshine.org [216.240.40.167]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0L1bQn2028630 for ; Thu, 20 Jan 2005 17:37:26 -0800 (PST) Received: from mercury.starshine.org (mercury.starshine.org [216.240.40.182]) by mx.starshine.org (Postfix) with ESMTP id 0E8392F0411; Fri, 21 Jan 2005 01:14:02 +0000 (UTC) Received: by mercury.starshine.org (Postfix, from userid 1000) id A802220003; Thu, 20 Jan 2005 17:36:55 -0800 (PST) Date: Thu, 20 Jan 2005 17:36:55 -0800 To: Allan West Cc: Steve Simmons , "Carlson, Scott" , sage-members@sage.org Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale Message-ID: <20050121013655.GC2444@starshine.org> References: <20050118213752.GA17955@lokkur.dexter.mi.us> <41EE5D56.4020505@cookie.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41EE5D56.4020505@cookie.org> User-Agent: Mutt/1.5.6+20040907i From: jimd@starshine.org (Jim Dennis) Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Jan 19, 2005 at 08:15:02AM -0500, Allan West wrote: > Steve Simmons wrote: >>On Tue, Jan 18, 2005 at 01:33:01PM -0800, Carlson, Scott wrote: >>> We've created an opportunity (!!) within my company here that I need to >>> renumber (read UID and GID's) approximately 3000 UNIX accounts across 2000 >>> aix/solaris/redhat machines. >>> Rather then spend time writing sets of scripts to do this, or worry if I >>> got my find parameters right, I'm hoping that someone out there will >>> have this exact thing sitting in their script repository. Anyone care >>> to share anything that has worked miracles for them when they've renumbered >>> accounts in this manner? I wrote such a script long ago, but I fear it wasn't terribly generalized and I've long since thrown it away. I remember that it did handle any SUID/SGID files correctly (saving the mode first, and then restoring them); though it also emitted warnings about them (since such user executables are worth investigation). Remember that chown strips the SUID bit from files on many systems! Of than that it was designed to find a suitable number of unused UIDs (starting at some offset) and move everyone and all their files to it. I tried to make it reasonably efficient, but still need to do it in two passes (the first pass to get all the UIDs into a high range and the other to move them back down to the 100+ range --- not necessary for any technical reason but its what my boss wanted). As I recall it was further complicated by the need to merge in the accounts of a newly acquired company, detecting any name conflicts and resolving those, too. Sort of dizzying, when you have both name and UID overlaps; so we did the first UID remap of "them", then the name collision resolution (forcing name changes among "them" in most cases) then the merge (having ensured no overlap/collision among names nor UIDs) and finally the last UID remap. Luckily it was only a small number of servers! -- Jim Dennis From sage-members-owner@usenix.org Fri Jan 21 07:55:57 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LFtvn3028371 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 07:55:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LFtvsI028370 for sage-members-outgoing; Fri, 21 Jan 2005 07:55:57 -0800 (PST) Received: from smilodon.rfc822.net (adsl-68-92-27-201.dsl.rcsntx.swbell.net [68.92.27.201]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LFttn2028365 for ; Fri, 21 Jan 2005 07:55:55 -0800 (PST) Received: by smilodon.rfc822.net (Postfix, from userid 100) id 83DDB1B738; Fri, 21 Jan 2005 09:55:40 -0600 (CST) Date: Fri, 21 Jan 2005 09:55:40 -0600 From: Pete Ehlke To: sage-members@sage.org Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale Message-ID: <20050121155540.GA6130@rfc822.net> Mail-Followup-To: sage-members@sage.org References: <20050118213752.GA17955@lokkur.dexter.mi.us> <41EE5D56.4020505@cookie.org> <20050121013655.GC2444@starshine.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050121013655.GC2444@starshine.org> User-Agent: Mutt/1.4.1i X-Message-Flag: OUTLOOK ERROR: Message contains Win32.Dumb.Outlook.Behaviour virus. Sender: owner-sage-members@usenix.org Precedence: bulk On Thu Jan 20, 2005 at 17:36:55 -0800, Jim Dennis wrote: > > I wrote such a script long ago, but I fear it wasn't terribly > generalized and I've long since thrown it away. > Tobi Oetiker has such a beast available at http://isg.ee.ethz.ch/tools/isgtc/index.cgi?page=module;module=uidrenumerator I've not used it myself, but it does look like it has a lot of promise. -Pete From sage-members-owner@usenix.org Fri Jan 21 12:49:47 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LKnln3004005 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 12:49:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LKnloa004004 for sage-members-outgoing; Fri, 21 Jan 2005 12:49:47 -0800 (PST) Received: from mail1.tradebeam.com (mail1.tradebeam.com [66.238.14.9]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LKnjn2003999 for ; Fri, 21 Jan 2005 12:49:45 -0800 (PST) Received: from mail pickup service by mail1.tradebeam.com with Microsoft SMTPSVC; Fri, 21 Jan 2005 12:47:21 -0800 Received: from [10.128.2.11] ([10.128.2.11]) by mail1.tradebeam.com with Microsoft SMTPSVC(5.0.2195.6713); Fri, 21 Jan 2005 12:47:21 -0800 Mime-Version: 1.0 (Apple Message framework v619) Content-Transfer-Encoding: 7bit Message-Id: Content-Type: text/plain; charset=US-ASCII; format=flowed To: sage-members@sage.org From: "Guy B. Purcell" Subject: [SAGE] 2-post vs. 4-post racks Date: Fri, 21 Jan 2005 12:49:29 -0800 X-Mailer: Apple Mail (2.619) X-CTCH-ID: _5BE4CA78-47AB-4885-95DA-4699559347B6_ X-CTCH-RefID: 0 X-CTCH-Action: Ignore X-OriginalArrivalTime: 21 Jan 2005 20:47:21.0259 (UTC) FILETIME=[674357B0:01C4FFFA] Sender: owner-sage-members@usenix.org Precedence: bulk I now work for a company that has nothing but 2-post racks in their production colo. They have a ton of 1U Intel/Linux servers stacked on shelves in those racks, but also an entire rack with Sun V280Rs on shelves, and a Sun L1000 tape library on a shelf about chest-high. This is the first time I've seen 2-post racks used for anything more than network gear and small servers (eg. Sun Netras). It looks dangerous to me. Anyone have experience with using 2-post racks with large equipment? Is it safe, or will these things twist & buckle in the next earthquake? -Guy From sage-members-owner@usenix.org Fri Jan 21 13:07:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LL7Xn3004609 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 13:07:33 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LL7Wf9004608 for sage-members-outgoing; Fri, 21 Jan 2005 13:07:32 -0800 (PST) Received: from fmsfmr002.fm.intel.com (fmr14.intel.com [192.55.52.68]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LL7Vn2004602 for ; Fri, 21 Jan 2005 13:07:31 -0800 (PST) Received: from fmsfmr101.fm.intel.com (fmsfmr101.fm.intel.com [10.1.192.59]) by fmsfmr002.fm.intel.com (8.12.10/8.12.10/d: major-outer.mc,v 1.1 2004/09/17 17:50:56 root Exp $) with ESMTP id j0LL785O028022; Fri, 21 Jan 2005 21:07:08 GMT Received: from fmsmsxvs041.fm.intel.com (fmsmsxvs041.fm.intel.com [132.233.42.126]) by fmsfmr101.fm.intel.com (8.12.10/8.12.10/d: major-inner.mc,v 1.2 2004/09/17 18:05:01 root Exp $) with SMTP id j0LL73Zl025322; Fri, 21 Jan 2005 21:07:08 GMT Received: from fmsmsx332.amr.corp.intel.com ([132.233.42.148]) by fmsmsxvs041.fm.intel.com (SAVSMTP 3.1.2.35) with SMTP id M2005012113070731368 ; Fri, 21 Jan 2005 13:07:07 -0800 Received: from fmsmsx402.amr.corp.intel.com ([132.233.42.200]) by fmsmsx332.amr.corp.intel.com with Microsoft SMTPSVC(6.0.3790.211); Fri, 21 Jan 2005 13:07:07 -0800 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [SAGE] 2-post vs. 4-post racks Date: Fri, 21 Jan 2005 13:07:07 -0800 Message-ID: <1B954E6DDFED0D41957388EB06FCB1D206F7FD61@fmsmsx402.amr.corp.intel.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] 2-post vs. 4-post racks Thread-Index: AcT//A3BFizte93NQRaBwRlTs/BPHwAAIxPA From: "Bailey, Glenn R" To: "Guy B. Purcell" , X-OriginalArrivalTime: 21 Jan 2005 21:07:07.0736 (UTC) FILETIME=[2A755D80:01C4FFFD] X-Scanned-By: MIMEDefang 2.44 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id j0LL7Vn2004604 Sender: owner-sage-members@usenix.org Precedence: bulk Hi! Well, not being a structural engineer, I can say that our company's safety engineer made it a rule to not put anything but telecom equipment in telcom racks (2-post). So no large/deep servers like v280Rs. If you have them, they better be solidly attached top and bottom. Glenn Bailey (I don't speak for the company - but I work for) Intel Corporation -----Original Message----- From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of Guy B. Purcell Sent: Friday, January 21, 2005 12:49 PM To: sage-members@sage.org Subject: [SAGE] 2-post vs. 4-post racks I now work for a company that has nothing but 2-post racks in their production colo. They have a ton of 1U Intel/Linux servers stacked on shelves in those racks, but also an entire rack with Sun V280Rs on shelves, and a Sun L1000 tape library on a shelf about chest-high. This is the first time I've seen 2-post racks used for anything more than network gear and small servers (eg. Sun Netras). It looks dangerous to me. Anyone have experience with using 2-post racks with large equipment? Is it safe, or will these things twist & buckle in the next earthquake? -Guy From sage-members-owner@usenix.org Fri Jan 21 13:08:06 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LL86n3004681 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 13:08:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LL86k4004680 for sage-members-outgoing; Fri, 21 Jan 2005 13:08:06 -0800 (PST) Received: from tigris.renesys.com (tigris.renesys.com [69.84.130.136]) by usenix.org (8.12.10/8.12.10) with SMTP id j0LL84n2004674 for ; Fri, 21 Jan 2005 13:08:04 -0800 (PST) Received: (qmail 9030 invoked from network); 21 Jan 2005 21:07:46 -0000 Received: from localhost (HELO ?10.1.0.2?) (127.0.0.1) by tigris.renesys.com with SMTP; 21 Jan 2005 21:07:46 -0000 Message-ID: <41F16F1C.1090301@cnetwork.com> Date: Fri, 21 Jan 2005 16:07:40 -0500 From: Robert Haskins User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] 2-post vs. 4-post racks References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk The setup you describe is not uncommon at all, though I don't work in a seismically active area. Assuming you are using well constructed racks and correct racks/shelving for the weight load in question, you should be set. The rating information should be available online or from the colo provider. A former employer had a number of Sun E450's (and similar sized equipment) in two post racks and proper shelving without a problem. A diferent former employer had similar sized equipment but it had the seismically add-on braces, etc. that worked well too. I don't recall if that was a 2-post or 4-post rack system though. Guy B. Purcell wrote: > I now work for a company that has nothing but 2-post racks in their > production colo. They have a ton of 1U Intel/Linux servers stacked on > shelves in those racks, but also an entire rack with Sun V280Rs on > shelves, and a Sun L1000 tape library on a shelf about chest-high. This > is the first time I've seen 2-post racks used for anything more than > network gear and small servers (eg. Sun Netras). It looks dangerous to me. > > Anyone have experience with using 2-post racks with large equipment? Is > it safe, or will these things twist & buckle in the next earthquake? > > -Guy > > From sage-members-owner@usenix.org Fri Jan 21 13:11:11 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLBBn3005395 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 13:11:11 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LLBBi9005391 for sage-members-outgoing; Fri, 21 Jan 2005 13:11:11 -0800 (PST) Received: from bb0eb005.cdc.schwab.com (bb0eb005.schwab.com [162.93.195.149]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLB8n3005363 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Fri, 21 Jan 2005 13:11:09 -0800 (PST) Received: from s0743cdc.schwab.com (s0743cdc.schwab.com [162.93.239.70]) by bb0eb005.cdc.schwab.com (Switch-3.1.2/Switch-3.1.0) with ESMTP id j0LLAp9R018854 for ; Fri, 21 Jan 2005 16:10:51 -0500 Received: (from root@localhost) by sendmail.cf s0743cdc id j0LLAp1I002577 for sage-members@sage.org; Fri, 21 Jan 2005 16:10:51 -0500 Received: ( Schwab Email ) by copymail.cf s0743cdc with SMTP id j0LLAotQ002550; for ; Fri, 21 Jan 2005 16:10:50 -0500 Received: From n1121smx.nt.schwab.com ([10.0.50.65]) by n2110pmx.nt.schwab.com (WebShield SMTP v4.5 MR1a P0803.345); id 1106341834479; Fri, 21 Jan 2005 14:10:34 -0700 Received: by n1121smx.nt.schwab.com with Internet Mail Service (5.5.2657.72) id <467R79HM>; Fri, 21 Jan 2005 13:10:36 -0800 Message-ID: From: "Carlson, Scott" To: Pete Ehlke , sage-members@sage.org Subject: RE: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale Date: Fri, 21 Jan 2005 13:10:37 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain Sender: owner-sage-members@usenix.org Precedence: bulk I was very excited about this script when I started looking at it. Unfortunately, it requires a couple of special CPAN modules and a certain version of perl. We have been unfortunate enough not to have standardized my version of perl+modules across these 2000+ servers, so I'm out of luck with this. I think I'll have to continue looking for a generic sh/ksh thing that will run on all of my os's Thanks for all of the responses so far with advice on things I need to watch out for. Scott -----Original Message----- From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of Pete Ehlke Sent: Friday, January 21, 2005 8:56 AM To: sage-members@sage.org Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale On Thu Jan 20, 2005 at 17:36:55 -0800, Jim Dennis wrote: > > I wrote such a script long ago, but I fear it wasn't terribly > generalized and I've long since thrown it away. > Tobi Oetiker has such a beast available at http://isg.ee.ethz.ch/tools/isgtc/index.cgi?page=module;module=uidrenumerato r I've not used it myself, but it does look like it has a lot of promise. -Pete From sage-members-owner@usenix.org Fri Jan 21 13:15:27 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLFQn3005950 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 13:15:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LLFQkK005949 for sage-members-outgoing; Fri, 21 Jan 2005 13:15:26 -0800 (PST) Received: from metro.dst.or.us (pyrite.metro-region.org [67.138.101.226]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLFPn2005940 for ; Fri, 21 Jan 2005 13:15:25 -0800 (PST) Received: from [192.168.70.36] (ironside [192.168.70.36]) by metro.dst.or.us; Fri, 21 Jan 2005 13:15:01 -0800 Message-ID: <41F170D4.9080807@metro.dst.or.us> Date: Fri, 21 Jan 2005 13:15:00 -0800 From: John Miller User-Agent: Mozilla Thunderbird 0.9 (X11/20041103) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Guy B. Purcell" CC: sage-members@sage.org Subject: Re: [SAGE] 2-post vs. 4-post racks References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Guy B. Purcell wrote: > I now work for a company that has nothing but 2-post racks in their > production colo. They have a ton of 1U Intel/Linux servers stacked on > shelves in those racks, but also an entire rack with Sun V280Rs on > shelves, and a Sun L1000 tape library on a shelf about chest-high. This > is the first time I've seen 2-post racks used for anything more than > network gear and small servers (eg. Sun Netras). It looks dangerous to me. > > Anyone have experience with using 2-post racks with large equipment? Is > it safe, or will these things twist & buckle in the next earthquake? Sounds a little like our machine room. Chatsworth racks. We have 'ladders' running overhead for cables and anchored to the walls for seismic stability. Just think about covering each row of racks that way. We have some heavy duty shelves for big items. They are not strapped to the shelves. Not very satisfying, but most of our servers are are 2-post mountable, either flush with the rack, or midway balanced. We figure we're hosed anyway if an earthquake big enough to shake the things off the shelves happens. We have a beowulf cluster taking up 3 racks, with UPSes on the bottom, a netapp with 3 disk shelves. All but the UPSes are screwed on. Kind of a mixed bag. No one needs to tell me I'm nuts, thank you. :^) JM From sage-members-owner@usenix.org Fri Jan 21 13:32:55 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLWtn3006749 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 13:32:55 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LLWtmK006748 for sage-members-outgoing; Fri, 21 Jan 2005 13:32:55 -0800 (PST) Received: from sj-iport-5.cisco.com (sj-iport-5.cisco.com [171.68.10.87]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLWqn2006742 for ; Fri, 21 Jan 2005 13:32:53 -0800 (PST) Received: from sj-core-4.cisco.com (171.68.223.138) by sj-iport-5.cisco.com with ESMTP; 21 Jan 2005 13:35:28 -0800 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-4.cisco.com (8.12.10/8.12.6) with ESMTP id j0LLWV1M020153; Fri, 21 Jan 2005 13:32:32 -0800 (PST) Received: from cisco.com ([10.25.20.84]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHE91858; Fri, 21 Jan 2005 13:32:31 -0800 (PST) Message-ID: <41F174EA.8050908@cisco.com> Date: Fri, 21 Jan 2005 13:32:26 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Robert Haskins CC: sage-members@sage.org Subject: Re: [SAGE] 2-post vs. 4-post racks References: <41F16F1C.1090301@cnetwork.com> In-Reply-To: <41F16F1C.1090301@cnetwork.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Telco companies regularly use two-post racks for very large gear. You do need to make sure that the racks are rated correctly and properly installed, and that any shelving or brackets that you are using are rated for the proper load. - Richard Robert Haskins wrote: > The setup you describe is not uncommon at all, though I don't work in > a seismically active area. Assuming you are using well constructed > racks and correct racks/shelving for the weight load in question, you > should be set. The rating information should be available online or > from the colo provider. > > A former employer had a number of Sun E450's (and similar sized > equipment) in two post racks and proper shelving without a problem. A > diferent former employer had similar sized equipment but it had the > seismically add-on braces, etc. that worked well too. I don't recall > if that was a 2-post or 4-post rack system though. > > Guy B. Purcell wrote: > >> I now work for a company that has nothing but 2-post racks in their >> production colo. They have a ton of 1U Intel/Linux servers stacked >> on shelves in those racks, but also an entire rack with Sun V280Rs on >> shelves, and a Sun L1000 tape library on a shelf about chest-high. >> This is the first time I've seen 2-post racks used for anything more >> than network gear and small servers (eg. Sun Netras). It looks >> dangerous to me. >> >> Anyone have experience with using 2-post racks with large equipment? >> Is it safe, or will these things twist & buckle in the next earthquake? >> >> -Guy >> >> From sage-members-owner@usenix.org Fri Jan 21 13:48:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLmkn3007483 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 13:48:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LLmkRH007482 for sage-members-outgoing; Fri, 21 Jan 2005 13:48:46 -0800 (PST) Received: from smtp.fulcrummicro.com (smtp.fulcrummicro.com [65.119.15.67]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLmin2007477 for ; Fri, 21 Jan 2005 13:48:45 -0800 (PST) Received: from [10.0.0.45] (saladin.internal.avlsi.com [10.0.0.45]) by smtp.fulcrummicro.com (Postfix) with ESMTP id C6B1B2A2B29; Fri, 21 Jan 2005 13:48:27 -0800 (PST) Message-ID: <41F178AB.1020500@fulcrummicro.com> Date: Fri, 21 Jan 2005 13:48:27 -0800 From: "Bevan C. Bennett" User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20041020 X-Accept-Language: en-us, en MIME-Version: 1.0 To: John Miller Cc: "Guy B. Purcell" , sage-members@sage.org Subject: Re: [SAGE] 2-post vs. 4-post racks References: <41F170D4.9080807@metro.dst.or.us> In-Reply-To: <41F170D4.9080807@metro.dst.or.us> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk > Sounds a little like our machine room. Chatsworth racks. We have > 'ladders' running overhead for cables and anchored to the walls for > seismic stability. Just think about covering each row of racks that way. > > We have some heavy duty shelves for big items. They are not strapped to > the shelves. Not very satisfying, but most of our servers are are > 2-post mountable, either flush with the rack, or midway balanced. We > figure we're hosed anyway if an earthquake big enough to shake the > things off the shelves happens. > > We have a beowulf cluster taking up 3 racks, with UPSes on the bottom, a > netapp with 3 disk shelves. All but the UPSes are screwed on. Kind of a > mixed bag. No one needs to tell me I'm nuts, thank you. :^) The contents at least sound familiar. :) I was feeling a bit more paranoid when we specced out our current machine room (and am on the 2nd floor of a building in southern CA), so we have two rows of 'standard' APC 4-post racks bolted to the subfloor and braced to each other with overhead cable ladders. This is definately something you'll need to work out tailored to both your local codes and your own comfort level. Three and a half racks are full of 1U and 2U linux compute servers. The others have the apparantly ubiquitous 3 disk shelf NetApp and a collection of Suns (including a V880 'minifridge' that I don't think you could put in a 2-post rack...). I generally prefer the more solid mounting of having 4-posts and rails, and it lets me mount networking switches on the 'cable side' where appropriate. Especially with equipment that's only 1U thin, front post mount only always leaves me with a disquieting sense of sagging and torque. From sage-members-owner@usenix.org Fri Jan 21 13:53:06 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLr6n3007955 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 13:53:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LLr6iH007954 for sage-members-outgoing; Fri, 21 Jan 2005 13:53:06 -0800 (PST) Received: from bb0eb005.cdc.schwab.com (bb0eb005.schwab.com [162.93.195.149]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLr4n3007947 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Fri, 21 Jan 2005 13:53:04 -0800 (PST) Received: from s0743cdc.schwab.com (s0743cdc.schwab.com [162.93.239.70]) by bb0eb005.cdc.schwab.com (Switch-3.1.2/Switch-3.1.0) with ESMTP id j0LLql9R026100 for ; Fri, 21 Jan 2005 16:52:47 -0500 Received: (from root@localhost) by sendmail.cf s0743cdc id j0LLqkZP013122 for sage-members@sage.org; Fri, 21 Jan 2005 16:52:46 -0500 Received: ( Schwab Email ) by copymail.cf s0743cdc with SMTP id j0LLqktQ013086; for ; Fri, 21 Jan 2005 16:52:46 -0500 Received: From n1121smx.nt.schwab.com ([10.0.50.65]) by n2110pmx.nt.schwab.com (WebShield SMTP v4.5 MR1a P0803.345); id 1106344357933; Fri, 21 Jan 2005 14:52:37 -0700 Received: by n1121smx.nt.schwab.com with Internet Mail Service (5.5.2657.72) id <467R70H9>; Fri, 21 Jan 2005 13:52:41 -0800 Message-ID: From: "Carlson, Scott" To: Nick Stoughton Cc: Pete Ehlke , sage-members@sage.org Subject: RE: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale Date: Fri, 21 Jan 2005 13:52:34 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain Sender: owner-sage-members@usenix.org Precedence: bulk Unfortunately, the majority of what I have is pre-5.006 perl on my Sun Platform. That's because we've never upgraded perl besides what comes with the OS there as we've never had a need to... (until now). Version Servers -------- -------- This is perl, version 5.003 with EMBED 6 This is perl, version 5.004_04 built for sun4-solaris 15 This is perl, version 5.005_02 built for sun4-solaris 3 This is perl, version 5.005_03 built for sun4-solaris 402 Scott -----Original Message----- From: Nick Stoughton [mailto:nick@msbit.com] Sent: Friday, January 21, 2005 2:34 PM To: Carlson, Scott Cc: Pete Ehlke; sage-members@sage.org Subject: RE: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale On Fri, 2005-01-21 at 13:10, Carlson, Scott wrote: > I was very excited about this script when I started looking at it. > Unfortunately, it requires a couple of special CPAN modules and a certain > version of perl. > It needs perl 5.006 OR LATER ... there are very few places left that don't have this. I'd be very surprised if you have any pre-5.006 versions of perl on your 2,000+ servers. As for the CPAN modules .. these are *very* easy to install; do you have anything like automounts or other ways of sharing data across all the systems? The two modules (Getopt::Long and Pod::Usage) are some of the most commonly used modules anyway, so there is quite a good chance you'll have them, and (at a quick glance) they affect about ten lines of code (all in the "main" sub, right up at the top) that would take about ten minutes to recode to use some other mechanism if you *really* don't want to use these prepackaged solutions. A possibly more serious problem with this script is that it assumes that all your systems are in NIS+ domains ... something far less likely to be true! So, I suspect that this script is not going to work for you, but not for the reasons you thought! > We have been unfortunate enough not to have standardized my version of > perl+modules across these 2000+ servers, so I'm out of luck with this. I > think I'll have to continue looking for a generic sh/ksh thing that will run > on all of my os's > > Thanks for all of the responses so far with advice on things I need to watch > out for. > > Scott > > -----Original Message----- > From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] > On Behalf Of Pete Ehlke > Sent: Friday, January 21, 2005 8:56 AM > To: sage-members@sage.org > Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change > group GID & re-permission files on large scale > > On Thu Jan 20, 2005 at 17:36:55 -0800, Jim Dennis wrote: > > > > I wrote such a script long ago, but I fear it wasn't terribly > > generalized and I've long since thrown it away. > > > Tobi Oetiker has such a beast available at > http://isg.ee.ethz.ch/tools/isgtc/index.cgi?page=module;module=uidrenumerato > r > > I've not used it myself, but it does look like it has a lot of promise. > > -Pete From sage-members-owner@usenix.org Fri Jan 21 13:55:39 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLtcn3008299 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 13:55:39 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LLtbEY008298 for sage-members-outgoing; Fri, 21 Jan 2005 13:55:38 -0800 (PST) Received: from eldwist.darkuncle.net (root@eldwist.darkuncle.net [66.33.218.20]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLtZn3008279 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 13:55:36 -0800 (PST) Received: from eldwist.darkuncle.net (sfrancis@localhost.darkuncle.net [127.0.0.1]) by eldwist.darkuncle.net (8.12.11/8.12.9) with ESMTP id j0LLtgDJ004085 for ; Fri, 21 Jan 2005 13:55:42 -0800 (PST) Received: (from sfrancis@localhost) by eldwist.darkuncle.net (8.12.11/8.12.11/Submit) id j0LLtgFg018757 for sage-members@sage.org; Fri, 21 Jan 2005 13:55:42 -0800 (PST) Date: Fri, 21 Jan 2005 13:55:41 -0800 From: Scott Francis To: sage-members@sage.org Subject: [SAGE] cabinet vendor recommendations Message-ID: <20050121215541.GY18856@darkuncle.net> Mail-Followup-To: sage-members@sage.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Operating-System: OpenBSD X-PGP-Fingerprint: 7429 F75D D3F5 FA45 C6D7 D25B 59A0 7B8C 5537 F527 X-PGP-Key: http://darkuncle.net/pubkey.asc X-PGP-Notice: encryption subkey 2048g/0CEFEA3C has been revoked - please use 2048R/18A88182 instead (available at above URL) X-What-Happen: Somebody set up us the bomb. Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm positive this has come up here before, but I can't seem to find it in my archives, so: which vendors are any of you using for cabinets/rackmount enclosures, and which are you happy with? I'm looking for something full-sized that locks, with good airflow and (optionally) fans installed to help keep things flowing. If you'd rather respond off-list, I will summarize later. thanks, - -- Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 Less and less is done until non-action is achieved when nothing is done, nothing is left undone. -- the Tao of Sysadmin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (OpenBSD) iD8DBQFB8XpXWaB7jFU39ScRAiZUAJsHOHKj+CZKT/hJHG4iazkyC53JvACaAyjx 2rt/OtWbHWK/PoH10eGwVPg= =5Zve -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Fri Jan 21 14:00:59 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LM0wn3008917 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 14:00:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LM0wEV008916 for sage-members-outgoing; Fri, 21 Jan 2005 14:00:58 -0800 (PST) Received: from eldwist.darkuncle.net (root@eldwist.darkuncle.net [66.33.218.20]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LM0un3008907 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 14:00:57 -0800 (PST) Received: from eldwist.darkuncle.net (sfrancis@localhost.darkuncle.net [127.0.0.1]) by eldwist.darkuncle.net (8.12.11/8.12.9) with ESMTP id j0LM16QX002892 for ; Fri, 21 Jan 2005 14:01:06 -0800 (PST) Received: (from sfrancis@localhost) by eldwist.darkuncle.net (8.12.11/8.12.11/Submit) id j0LM15pG014009 for sage-members@sage.org; Fri, 21 Jan 2005 14:01:06 -0800 (PST) Date: Fri, 21 Jan 2005 14:01:05 -0800 From: Scott Francis To: sage-members@sage.org Subject: Re: [SAGE] cabinet vendor recommendations Message-ID: <20050121220105.GZ18856@darkuncle.net> Mail-Followup-To: sage-members@sage.org References: <20050121215541.GY18856@darkuncle.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050121215541.GY18856@darkuncle.net> User-Agent: Mutt/1.4.1i X-Operating-System: OpenBSD X-PGP-Fingerprint: 7429 F75D D3F5 FA45 C6D7 D25B 59A0 7B8C 5537 F527 X-PGP-Key: http://darkuncle.net/pubkey.asc X-PGP-Notice: encryption subkey 2048g/0CEFEA3C has been revoked - please use 2048R/18A88182 instead (available at above URL) X-What-Happen: Somebody set up us the bomb. Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Jan 21, 2005 at 01:55:41PM -0800, darkuncle@darkuncle.net said: > I'm positive this has come up here before, but I can't seem to find it in my > archives, so: > > which vendors are any of you using for cabinets/rackmount enclosures, and > which are you happy with? I'm looking for something full-sized that locks, > with good airflow and (optionally) fans installed to help keep things > flowing. > > If you'd rather respond off-list, I will summarize later. figures that the first post I've made in months would be done before reading the day's mail and noticing that I could merely have piggy-backed it on a similar existing thread. :) Chatsworth was the name I was trying to recall, but I'm still interested in any other recommendations. thanks folks, - -- Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 Less and less is done until non-action is achieved when nothing is done, nothing is left undone. -- the Tao of Sysadmin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (OpenBSD) iD8DBQFB8XuRWaB7jFU39ScRAkzQAKDFzv+pZOUjgDSEIKtOwxWnd9vJmQCgmV2v Z0cxtpe0sidDKt62G0Z0RJ4= =Vf9B -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Fri Jan 21 14:11:16 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LMBGn3009629 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 14:11:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LMBGe7009627 for sage-members-outgoing; Fri, 21 Jan 2005 14:11:16 -0800 (PST) Received: from mail3.bitpusher.com (support.bitpusher.com [64.127.99.30]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LMBEn2009621 for ; Fri, 21 Jan 2005 14:11:14 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail3.bitpusher.com (Postfix) with ESMTP id A664B38B2; Fri, 21 Jan 2005 14:10:57 -0800 (PST) Received: from mail3.bitpusher.com ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 06220-04; Fri, 21 Jan 2005 14:10:55 -0800 (PST) Received: from mail3.bitpusher.com (localhost [127.0.0.1]) by mail3.bitpusher.com (Postfix) with ESMTP id EC7D91EDC; Fri, 21 Jan 2005 14:10:54 -0800 (PST) Received: from 66.150.251.135 (SquirrelMail authenticated user michael@halligan.org); by mail3.bitpusher.com with HTTP; Fri, 21 Jan 2005 14:10:54 -0800 (PST) Message-ID: <39004.66.150.251.135.1106345454.squirrel@mail3.bitpusher.com> In-Reply-To: <20050121215541.GY18856@darkuncle.net> References: <20050121215541.GY18856@darkuncle.net> Date: Fri, 21 Jan 2005 14:10:54 -0800 (PST) Subject: Re: [SAGE] cabinet vendor recommendations From: "Michael T. Halligan" To: "Scott Francis" Cc: sage-members@sage.org User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at bitpusher.com Sender: owner-sage-members@usenix.org Precedence: bulk Scott, I've been very happy with the cabinets from WrightLine lately. One of my customers spoiled me by letting me purchase 6 of their PARAM cabinets, which are 96" tall, 30" wide, and 40" deep. The base cabinet was $800.28, and the 19" rail kit (since they are actually 30" wide cabinets) were $426.82 .. These are 4-post cabinets, but they have equivalents with doors and walls. Having this much space is very nice, you can do a great job with clean cabling and with air-flow on them. We've got 200 dell servers, and even have space to use their cable-management arms (which was a first for me). Michael > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I'm positive this has come up here before, but I can't seem to find it in > my > archives, so: > > which vendors are any of you using for cabinets/rackmount enclosures, and > which are you happy with? I'm looking for something full-sized that locks, > with good airflow and (optionally) fans installed to help keep things > flowing. > > If you'd rather respond off-list, I will summarize later. > > thanks, > - -- > Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 > Less and less is done > until non-action is achieved > when nothing is done, nothing is left undone. > -- the Tao of Sysadmin > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.2 (OpenBSD) > > iD8DBQFB8XpXWaB7jFU39ScRAiZUAJsHOHKj+CZKT/hJHG4iazkyC53JvACaAyjx > 2rt/OtWbHWK/PoH10eGwVPg= > =5Zve > -----END PGP SIGNATURE----- > ------------------- BitPusher, LLC http://www.bitpusher.com/ 1.888.9PUSHER (415) 724.7998 - Mobile From sage-members-owner@usenix.org Fri Jan 21 14:16:55 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LMGtn3010177 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 14:16:55 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LMGtgi010176 for sage-members-outgoing; Fri, 21 Jan 2005 14:16:55 -0800 (PST) Received: from wingfoot.org (caduceus.wingfoot.org [64.32.179.50]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LMGqn2010168 for ; Fri, 21 Jan 2005 14:16:52 -0800 (PST) Received: from localhost (localhost.wingfoot.org [127.0.0.1]) by wingfoot.org (Postfix) with ESMTP id 6AE661F446D for ; Fri, 21 Jan 2005 17:16:39 -0500 (EST) Received: from wingfoot.org ([127.0.0.1]) by localhost (wingfoot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 41602-09 for ; Fri, 21 Jan 2005 17:16:38 -0500 (EST) Received: from [127.0.0.1] (unknown [64.32.179.50]) by wingfoot.org (Postfix) with ESMTP id 50CC81F446C for ; Fri, 21 Jan 2005 17:16:38 -0500 (EST) Message-ID: <41F17F4A.7010403@wingfoot.org> Date: Fri, 21 Jan 2005 17:16:42 -0500 From: "Glenn E. Sieb" User-Agent: Mozilla Thunderbird 1.0 (Macintosh/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] cabinet vendor recommendations References: <20050121215541.GY18856@darkuncle.net> <39004.66.150.251.135.1106345454.squirrel@mail3.bitpusher.com> In-Reply-To: <39004.66.150.251.135.1106345454.squirrel@mail3.bitpusher.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at wingfoot.org Sender: owner-sage-members@usenix.org Precedence: bulk Michael T. Halligan wrote: >Scott, > > >I've been very happy with the cabinets from WrightLine lately. One of my >customers spoiled me by letting me purchase 6 of their PARAM cabinets, >which are 96" tall, 30" wide, and 40" deep. The base cabinet was $800.28, >and the 19" rail kit (since they are actually 30" wide cabinets) were >$426.82 .. These are 4-post cabinets, but they have equivalents with doors >and walls. > >Having this much space is very nice, you can do a great job with clean >cabling and with air-flow on them. We've got 200 dell servers, and even >have space to use their cable-management arms (which was a first for me). > > > I have to agree.. We originally had purchased Chatsworths from Graybar when I started at Lumeta. They didn't have any floor models, we bought them anyway, they were shipped, and that was it. Done. Enjoy your new racks. Then we bought a Wrightline cabinet. The salesguy showed up the next day to show us how to use the rack, and the various mounting styles. We just bought one here at Cibernet, and same deal--we had a question, he was there that week to show us how to do what we wanted. Best, --Glenn From sage-members-owner@usenix.org Fri Jan 21 14:31:43 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LMVgn3011094 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 14:31:42 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LMVg9a011092 for sage-members-outgoing; Fri, 21 Jan 2005 14:31:42 -0800 (PST) Received: from mail3.panix.com (mail3.panix.com [166.84.1.74]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LMVen2011087 for ; Fri, 21 Jan 2005 14:31:41 -0800 (PST) Received: from panix2.panix.com (panix2.panix.com [166.84.1.2]) by mail3.panix.com (Postfix) with ESMTP id B2CEE9819C; Fri, 21 Jan 2005 17:31:28 -0500 (EST) Received: from localhost (milburn@localhost) by panix2.panix.com (8.11.6p3/8.8.8/PanixN1.1) with ESMTP id j0LMVSM14373; Fri, 21 Jan 2005 17:31:28 -0500 (EST) Date: Fri, 21 Jan 2005 17:31:28 -0500 (EST) From: "Shane B. Milburn" To: Scott Francis Cc: sage-members@sage.org Subject: Re: [SAGE] cabinet vendor recommendations In-Reply-To: <20050121215541.GY18856@darkuncle.net> Message-ID: References: <20050121215541.GY18856@darkuncle.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk We have been really happy with General Devices. http://www.generaldevices.com/ We have even customized our racks based on how we use them. For instance all copper feeds into the Network cabinets on the right side and all fiber for the uplinks comes in on the left. So we had the tray on the right made wider so that all the copper fits when you have a 6513 stuff full of 6148 cards. The pricing is pretty good too. Once we refined our design they even gave us a part number so all we have to do is call up and order the part number and they'll make the rack according to our specs. There some nice features we have added in over the years like a laptop shelf so you can set you laptop on something and type while you work on a switch. I've used Chatsworth racks as well but I prefer the GD cabinets. cheers, -shane -- Shane B. Milburn Email: milburn@panix.com Sr Security & Network Engineer GPG Key ID: 9DA907DA On Fri, 21 Jan 2005, Scott Francis wrote: > -----pgpenvelope processed message----- > > I'm positive this has come up here before, but I can't seem to find it in my > archives, so: > > which vendors are any of you using for cabinets/rackmount enclosures, and > which are you happy with? I'm looking for something full-sized that locks, > with good airflow and (optionally) fans installed to help keep things > flowing. > > If you'd rather respond off-list, I will summarize later. > > thanks, > -- > Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 > Less and less is done > until non-action is achieved > when nothing is done, nothing is left undone. > -- the Tao of Sysadmin > > -----pgpenvelope information----- > Hash: SHA1 > Version: GnuPG v1.2.2 (OpenBSD) > > gpg: Signature made Fri Jan 21 16:55:35 2005 EST using DSA key ID 5537F527 > gpg: Can't check signature: public key not found > > pgpenvelope_decrypt: message processed at Fri Jan 21 17:25:02 2005 > > -----end pgpenvelope information----- > From sage-members-owner@usenix.org Fri Jan 21 15:19:09 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LNJ8n3012452 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 15:19:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LNJ8Lq012451 for sage-members-outgoing; Fri, 21 Jan 2005 15:19:08 -0800 (PST) Received: from ace.DELOS.COM (ace.DELOS.COM [192.65.171.163]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LNJ6n3012445 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 15:19:07 -0800 (PST) Received: from ace.DELOS.COM (localhost [127.0.0.1]) by ace.DELOS.COM (8.12.9/8.12.9) with ESMTP id j0LNIsJI086708 for ; Fri, 21 Jan 2005 16:18:54 -0700 (MST) (envelope-from kolstad@ace.DELOS.COM) Received: (from kolstad@localhost) by ace.DELOS.COM (8.12.9/8.12.9/Submit) id j0LNIssq086707 for sage-members@usenix.org; Fri, 21 Jan 2005 16:18:54 -0700 (MST) Received: from collie.msbit.com (nfw.msbit.com [64.170.147.162]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LLYWn3006971 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 13:34:32 -0800 (PST) Received: from localhost (collie-local [127.0.0.1]) by collie.msbit.com (8.12.8/8.12.8) with ESMTP id j0LLYGBN008549; Fri, 21 Jan 2005 13:34:16 -0800 Subject: RE: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale From: Nick Stoughton To: "Carlson, Scott" Cc: Pete Ehlke , sage-members@sage.org In-Reply-To: References: Content-Type: text/plain Message-Id: <1106343255.31285.208.camel@collie> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Fri, 21 Jan 2005 13:34:15 -0800 Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, 2005-01-21 at 13:10, Carlson, Scott wrote: > I was very excited about this script when I started looking at it. > Unfortunately, it requires a couple of special CPAN modules and a certain > version of perl. > It needs perl 5.006 OR LATER ... there are very few places left that don't have this. I'd be very surprised if you have any pre-5.006 versions of perl on your 2,000+ servers. As for the CPAN modules .. these are *very* easy to install; do you have anything like automounts or other ways of sharing data across all the systems? The two modules (Getopt::Long and Pod::Usage) are some of the most commonly used modules anyway, so there is quite a good chance you'll have them, and (at a quick glance) they affect about ten lines of code (all in the "main" sub, right up at the top) that would take about ten minutes to recode to use some other mechanism if you *really* don't want to use these prepackaged solutions. A possibly more serious problem with this script is that it assumes that all your systems are in NIS+ domains ... something far less likely to be true! So, I suspect that this script is not going to work for you, but not for the reasons you thought! > We have been unfortunate enough not to have standardized my version of > perl+modules across these 2000+ servers, so I'm out of luck with this. I > think I'll have to continue looking for a generic sh/ksh thing that will run > on all of my os's > > Thanks for all of the responses so far with advice on things I need to watch > out for. > > Scott > > -----Original Message----- > From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] > On Behalf Of Pete Ehlke > Sent: Friday, January 21, 2005 8:56 AM > To: sage-members@sage.org > Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change > group GID & re-permission files on large scale > > On Thu Jan 20, 2005 at 17:36:55 -0800, Jim Dennis wrote: > > > > I wrote such a script long ago, but I fear it wasn't terribly > > generalized and I've long since thrown it away. > > > Tobi Oetiker has such a beast available at > http://isg.ee.ethz.ch/tools/isgtc/index.cgi?page=module;module=uidrenumerato > r > > I've not used it myself, but it does look like it has a lot of promise. > > -Pete From sage-members-owner@usenix.org Fri Jan 21 15:33:50 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LNXon3013178 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 15:33:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0LNXoSl013176 for sage-members-outgoing; Fri, 21 Jan 2005 15:33:50 -0800 (PST) Received: from mail1.tradebeam.com (mail1.tradebeam.com [66.238.14.9]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LNXjn2013169 for ; Fri, 21 Jan 2005 15:33:47 -0800 (PST) Received: from mail pickup service by mail1.tradebeam.com with Microsoft SMTPSVC; Fri, 21 Jan 2005 15:31:21 -0800 Received: from [10.128.2.11] ([10.128.2.11]) by mail1.tradebeam.com with Microsoft SMTPSVC(5.0.2195.6713); Fri, 21 Jan 2005 15:31:20 -0800 Mime-Version: 1.0 (Apple Message framework v619) In-Reply-To: <20050121220105.GZ18856@darkuncle.net> References: <20050121215541.GY18856@darkuncle.net> <20050121220105.GZ18856@darkuncle.net> Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: "Guy B. Purcell" Subject: Re: [SAGE] cabinet vendor recommendations Date: Fri, 21 Jan 2005 15:33:29 -0800 To: sage-members@sage.org X-Mailer: Apple Mail (2.619) X-CTCH-ID: _5BE4CA78-47AB-4885-95DA-4699559347B6_ X-CTCH-RefID: 0 X-CTCH-Action: Ignore X-OriginalArrivalTime: 21 Jan 2005 23:31:20.0990 (UTC) FILETIME=[503323E0:01C50011] Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 21, 2005 at 01:55:41PM -0800, darkuncle@darkuncle.net said: > which vendors are any of you using for cabinets/rackmount enclosures, > and > which are you happy with? I'm looking for something full-sized that > locks, > with good airflow and (optionally) fans installed to help keep things > flowing. The best cabinets I've ever worked with were from Rittal . They were rock solid--even when empty. The ones we had came with dual locking sealing doors, and a giant fan on the rear one to suck out the hot air. That setup worked well for the mid-1990s equipment we had in there; I'm sure they have mesh doors for today's hotter equipment. -Guy From sage-members-owner@usenix.org Fri Jan 21 20:21:41 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0M4Len3017400 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 20:21:40 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0M4Lexm017399 for sage-members-outgoing; Fri, 21 Jan 2005 20:21:40 -0800 (PST) Received: from dave.net (dave.net [64.174.207.130]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0M4Lbn3017393 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 21 Jan 2005 20:21:38 -0800 (PST) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by dave.net (8.12.11/8.12.11) with ESMTP id j0M4LPfT025660 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 20:21:25 -0800 Received: (from dave@localhost) by localhost.localdomain (8.12.11/8.12.11/Submit) id j0M4LP1Q025659 for sage-members@sage.org; Fri, 21 Jan 2005 20:21:25 -0800 Date: Fri, 21 Jan 2005 20:21:24 -0800 From: David Good To: sage-members@sage.org Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale Message-ID: <20050122042124.GA25614@fred.dave.net> Mail-Followup-To: David Good , sage-members@sage.org References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Received-SPF: pass (dave.net: domain of dave@localhost.localdomain designates 127.0.0.1 as permitted sender) Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 21, 2005 at 01:52:34PM -0800, "Carlson, Scott" wrote: > Unfortunately, the majority of what I have is pre-5.006 perl on my Sun > Platform. That's because we've never upgraded perl besides what comes with > the OS there as we've never had a need to... (until now). > > Version > Servers > -------- > -------- > This is perl, version 5.003 with EMBED 6 > This is perl, version 5.004_04 built for sun4-solaris 15 > This is perl, version 5.005_02 built for sun4-solaris 3 > This is perl, version 5.005_03 built for sun4-solaris 402 One way to get around this is to use PAR to build an executable out of the perl script. I've used it on Solaris 7 for scripts using a large number of CPAN modules (including DBI and DBD::Oracle) and distributed the executables other systems, even Solaris 8 systems. Works great. -- David Good dave@dave.net This space intentionally left blank. From sage-members-owner@usenix.org Fri Jan 21 22:03:00 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0M62xn3019086 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 22:03:00 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0M62x1K019085 for sage-members-outgoing; Fri, 21 Jan 2005 22:02:59 -0800 (PST) Received: from ace.DELOS.COM (ace.DELOS.COM [192.65.171.163]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0M62vn3019080 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 21 Jan 2005 22:02:58 -0800 (PST) Received: from ace.DELOS.COM (localhost [127.0.0.1]) by ace.DELOS.COM (8.12.9/8.12.9) with ESMTP id j0M62iJI003671 for ; Fri, 21 Jan 2005 23:02:44 -0700 (MST) (envelope-from kolstad@ace.DELOS.COM) Received: (from kolstad@localhost) by ace.DELOS.COM (8.12.9/8.12.9/Submit) id j0M62i1g003670 for sage-members@usenix.org; Fri, 21 Jan 2005 23:02:44 -0700 (MST) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.197]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0LMZun2011651 for ; Fri, 21 Jan 2005 14:35:57 -0800 (PST) Received: by rproxy.gmail.com with SMTP id y7so162054rne for ; Fri, 21 Jan 2005 14:35:44 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:user-agent:x-accept-language:mime-version:content-type:to:subject:references:in-reply-to:from; b=I7j9RPh9pTVeuPFbnRtMJ0cnMkESb3hgaHSQkIp5odAcT9X+e1WNOGBcNUlzwPJ0joOr7vZCZ4PAkeOP+oeMaQaYwumPOckdR8b3FKAdZV+34vjntDh/YWDMdDO/ApDHrVijsUgeZ5C9/gQVG7XalMkt1E5XmXO+fycz17b9+4M= Received: by 10.38.181.40 with SMTP id d40mr22350rnf; Fri, 21 Jan 2005 14:35:44 -0800 (PST) Received: from ?10.61.6.127? ([63.96.188.88]) by smtp.gmail.com with ESMTP id 57sm887rnc.2005.01.21.14.35.44; Fri, 21 Jan 2005 14:35:44 -0800 (PST) Message-ID: <41F183C3.1020200@whatexit.org> Date: Fri, 21 Jan 2005 17:35:47 -0500 User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 To: sage-members@sage.org Subject: Re: [SAGE] cabinet vendor recommendations References: <20050121215541.GY18856@darkuncle.net> <39004.66.150.251.135.1106345454.squirrel@mail3.bitpusher.com> <41F17F4A.7010403@wingfoot.org> In-Reply-To: <41F17F4A.7010403@wingfoot.org> From: Tom Reingold Sender: owner-sage-members@usenix.org Precedence: bulk Glenn E. Sieb wrote: > I have to agree.. We originally had purchased Chatsworths from Graybar > when I started at Lumeta. They didn't have any floor models, we bought > them anyway, they were shipped, and that was it. Done. Enjoy your new > racks. > > Then we bought a Wrightline cabinet. The salesguy showed up the next day > to show us how to use the rack, and the various mounting styles. We just > bought one here at Cibernet, and same deal--we had a question, he was > there that week to show us how to do what we wanted. > > Best, > --Glenn A Wrightline salesman once helped me tremendously in my job. He took my requirements back to his office and had someone do a CAD drawing of a proposed layout for my lab. It included an airflow plan throughout the whole room. He also hooked me up with vendors of UPS's and cabling systems. And he was a low pressure salesman. All of this was free, so of course, I gave him my business, and I feel I got my money's worth. We have recently started buying APC racks, and they seem fine. I do like the Dell racks a lot, too. They snap together really well, without a single handtool, such as a screwdriver! Tom From sage-members-owner@usenix.org Sat Jan 22 06:28:41 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0MESen3018946 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 22 Jan 2005 06:28:40 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0MESeQZ018945 for sage-members-outgoing; Sat, 22 Jan 2005 06:28:40 -0800 (PST) Received: from blue.stonehenge.com (_postfix@blue.stonehenge.com [209.223.236.162]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0MEScn2018940 for ; Sat, 22 Jan 2005 06:28:39 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by blue.stonehenge.com (Postfix) with ESMTP id ACB4D2E202; Sat, 22 Jan 2005 06:28:20 -0800 (PST) Received: from blue.stonehenge.com ([127.0.0.1]) by localhost (blue.stonehenge.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 14771-01-20; Sat, 22 Jan 2005 06:28:19 -0800 (PST) Received: by blue.stonehenge.com (Postfix, from userid 1001) id 1E12E2E1F8; Sat, 22 Jan 2005 06:28:19 -0800 (PST) To: "Carlson, Scott" Cc: Nick Stoughton , Pete Ehlke , sage-members@sage.org Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale References: From: merlyn@stonehenge.com (Randal L. Schwartz) Date: 22 Jan 2005 06:28:18 -0800 In-Reply-To: Message-ID: <86llalpmgt.fsf@blue.stonehenge.com> Lines: 22 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-sage-members@usenix.org Precedence: bulk >>>>> "Carlson," == Carlson, Scott writes: Carlson,> This is perl, version 5.003 with EMBED 6 You realize that 5.003 has known buffer-overflow exploits? And given that the exploits are known, keeping 5.003 on any system where privilege escalation is a problem would be knowingly operating a system in a dangerous way, and could be trouble for you if something happened. 5.004 was systematically and thoroughly purged of buffer overflows, and no buffer overflows have been discovered since then. That was roughly 8 *years* ago. No excuse to be running known buggy software on machines, at least not one that the attorney for the plaintiff will buy. :) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! From sage-members-owner@usenix.org Sat Jan 22 07:18:05 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0MFI5n3019907 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 22 Jan 2005 07:18:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0MFI5mJ019905 for sage-members-outgoing; Sat, 22 Jan 2005 07:18:05 -0800 (PST) Received: from thumper.siliconbunny.com (thumper.siliconbunny.com [194.193.44.105]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0MFI0n3019899 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Sat, 22 Jan 2005 07:18:02 -0800 (PST) Received: from host-84-9-64-75.bulldogdsl.com ([84.9.64.75] helo=[192.168.13.216]) by thumper.siliconbunny.com with esmtp (TLSv1:RC4-SHA:128) (Exim 3.22 #9) id 1CsN1D-0004LO-00 for sage-members@sage.org; Sat, 22 Jan 2005 15:17:43 +0000 Mime-Version: 1.0 (Apple Message framework v619) In-Reply-To: <86llalpmgt.fsf@blue.stonehenge.com> References: <86llalpmgt.fsf@blue.stonehenge.com> Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Tom Kranz Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale Date: Sat, 22 Jan 2005 15:17:39 +0000 To: sage-members@sage.org X-Mailer: Apple Mail (2.619) Sender: owner-sage-members@usenix.org Precedence: bulk On 22 Jan 2005, at 14:28, Randal L. Schwartz wrote: > 5.004 was systematically and thoroughly purged of buffer overflows, > and no buffer overflows have been discovered since then. That was > roughly 8 *years* ago. No excuse to be running known buggy software > on machines, at least not one that the attorney for the plaintiff > will buy. :) Really? At my current contract I have some SunOS 4 and Solaris 2.5.1 machines. Early bug ridden releases of perl are the least of their problems. And yet I've got a stack of exception forms signed off by the legal and security teams, with an audit trail going all the way to board level, *demanding* that those machines are kept at those levels to support some embedded systems that are in the field. In fact, if I patched them, I'd lose my job. Any new admin coming in, with that sort of attitude - "It's old and bug ridden and full of exploits - my first job must be to patch it" would be in serious trouble. Those embedded systems bring in a lot of money from clients, and will continue to do so for many years to come. They are used in environments where buffer overflows and remote root exploits are just not possible. Just because something is old and buggy doesn't necessarily mean there is no reason for it to be on a machine, or that it should be purged as soon as possible. There are often lots of perfectly valid business reasons why bug-ridden cruft must be allowed to continue to be used. Cheers, TOM -- "Tell them we are not Gods, but Sysadmins, which is the next best thing." From sage-members-owner@usenix.org Sat Jan 22 08:51:47 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0MGpkn3021312 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 22 Jan 2005 08:51:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0MGpkf2021311 for sage-members-outgoing; Sat, 22 Jan 2005 08:51:46 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0MGpin3021305 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 22 Jan 2005 08:51:45 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0MGpO9p011022; Sat, 22 Jan 2005 11:51:26 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <86llalpmgt.fsf@blue.stonehenge.com> Date: Sat, 22 Jan 2005 17:43:15 +0100 To: Tom Kranz From: Brad Knowles Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale Cc: sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 3:17 PM +0000 2005-01-22, Tom Kranz wrote: > Those embedded systems bring in a lot of money from clients, and will > continue to do so for many years to come. They are used in environments > where buffer overflows and remote root exploits are just not possible. For example, virtually all the chip lithography systems in the field use ancient, ancient controller machines, most of which you would be lucky to find are running on such modern OSes as Solaris 2.5.1. Leading vendors of chip lithography equipment might be able to sell most new systems with controllers using OSes as new as Solaris 8. However, a lot of their customers are going to have enough of these machines that they're going to want all of their old and new ones to be identical, and when you're spending tens of millions of dollars and many man-years of time invested on a single chip lithography system, you don't casually throw those kinds of customers away. You wanna shut down all chip manufacturing plants around the world? IBM, Hynix, Infineon, TSMC, etc...? Or drive them to spend many years slowly switching their entire production line over to your major competitor, because *NOTHING* in this field happens quickly? > Just because something is old and buggy doesn't necessarily mean there > is no reason for it to be on a machine, or that it should be purged as > soon as possible. There are often lots of perfectly valid business > reasons why bug-ridden cruft must be allowed to continue to be used. Yup. Imagine a company that had over 250 trillion Euro of annual turnover (an average of more than one trillion Euro turnover per workday), and over twelve trillion Euro of assets under management. You don't make quick changes to whales of that size. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Mon Jan 24 11:45:22 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0OJjMn3000394 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 24 Jan 2005 11:45:22 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0OJjL0k000393 for sage-members-outgoing; Mon, 24 Jan 2005 11:45:21 -0800 (PST) Received: from cliff.niehs.nih.gov (cliff.niehs.nih.gov [157.98.192.45]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0OJjGn2000385 for ; Mon, 24 Jan 2005 11:45:16 -0800 (PST) Received: from cliff.niehs.nih.gov (localhost.localdomain [127.0.0.1]) by cliff.niehs.nih.gov (8.12.11/8.12.11/tx-1.16) with ESMTP id j0OJil71014784; Mon, 24 Jan 2005 14:44:48 -0500 Received: from splat.niehs.nih.gov (ip071023.niehs.nih.gov [157.98.71.23]) by cliff.niehs.nih.gov (8.12.11/8.12.11/rx-1.12) with ESMTP id j0OJijLe014771; Mon, 24 Jan 2005 14:44:45 -0500 Received: from [157.98.71.23] (ip071023.niehs.nih.gov [157.98.71.23]) (authenticated bits=0) by splat.niehs.nih.gov (8.12.11/8.12.11) with ESMTP id j0OJiiQV021125 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 24 Jan 2005 14:44:44 -0500 Message-ID: <41F5502B.3070508@niehs.nih.gov> Date: Mon, 24 Jan 2005 14:44:43 -0500 From: "Lance A. Brown" User-Agent: Mozilla Thunderbird 1.0 (X11/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Guy B. Purcell" CC: sage-members@sage.org Subject: Re: [SAGE] cabinet vendor recommendations References: <20050121215541.GY18856@darkuncle.net> <20050121220105.GZ18856@darkuncle.net> In-Reply-To: X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Guy B. Purcell wrote: > The best cabinets I've ever worked with were from Rittal > . They were rock solid--even when empty. The > ones we had came with dual locking sealing doors, and a giant fan on the > rear one to suck out the hot air. That setup worked well for the > mid-1990s equipment we had in there; I'm sure they have mesh doors for > today's hotter equipment. We use Rittal racks here with square-hole rigging. Dell's Poweredge rack rails snap right in and work great. The racks themselves have mesh doors and are still rock solid. --[Lance] -- Lance A. Brown Contractor, SysAdmin Task of the LMIT ITSS Contract for National Institute of Environmental Health Sciences 919.361.5444x420 From sage-members-owner@usenix.org Mon Jan 24 20:56:32 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0P4uWn3019452 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 24 Jan 2005 20:56:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0P4uVp0019450 for sage-members-outgoing; Mon, 24 Jan 2005 20:56:31 -0800 (PST) Received: from fed1rmmtao03.cox.net (fed1rmmtao03.cox.net [68.230.241.36]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0P4uQn2019442 for ; Mon, 24 Jan 2005 20:56:30 -0800 (PST) Received: from [192.168.1.3] (really [68.107.45.218]) by fed1rmmtao03.cox.net (InterMail vM.6.01.04.00 201-2131-117-20041022) with ESMTP id <20050125045609.RWZY8778.fed1rmmtao03.cox.net@[192.168.1.3]> for ; Mon, 24 Jan 2005 23:56:09 -0500 Message-ID: <41F5D168.8040806@gmail.com> Date: Mon, 24 Jan 2005 20:56:08 -0800 From: Mike Noble User-Agent: Mozilla Thunderbird 1.0 (X11/20050119) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Sage Members Subject: [SAGE] Redundant Email server X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am working at a company who is wanting redundant email serves where if one fails the other one will take over. I am looking for ideas that others have used and what you did. It would be nice to keep this as cheep as possible but that is not the highest priority. I have been thinking about having a raid5 storage on a separate system which feeds /var/spool/mail to two different mail clients. The problem that I can see here is what is to keep someone from possibly connecting to both machines at the same time or having some connected to one and others connected to the other. All recommendations are welcome. Thanks, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFB9dFolJFYJP/fwTsRAqGUAJ40NqPsLTY7k17mC2prjccNA+PuygCbB0Mq PW1Y+jkHS4x+WEDUPpd1Mpk= =pDXS -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Mon Jan 24 21:53:32 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0P5rNn3020484 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 24 Jan 2005 21:53:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0P5rMrE020483 for sage-members-outgoing; Mon, 24 Jan 2005 21:53:22 -0800 (PST) Received: from nirmala.opentrend.net (nirmala.opentrend.net [65.39.131.100]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0P5rLn2020477 for ; Mon, 24 Jan 2005 21:53:21 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by nirmala.opentrend.net (Postfix) with ESMTP id 65510FDB3 for ; Tue, 25 Jan 2005 00:50:29 -0500 (EST) Received: from nirmala.opentrend.net ([127.0.0.1]) by localhost (nirmala.opentrend.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 01058-02 for ; Tue, 25 Jan 2005 00:50:26 -0500 (EST) Received: by nirmala.opentrend.net (Postfix, from userid 1003) id 4BA9AFDB2; Tue, 25 Jan 2005 00:50:26 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by nirmala.opentrend.net (Postfix) with ESMTP id 4627BFDAD for ; Tue, 25 Jan 2005 05:50:26 +0000 (GMT) Date: Tue, 25 Jan 2005 05:50:26 +0000 (GMT) From: Robert Brockway To: Sage Members Subject: Re: [SAGE] Redundant Email server In-Reply-To: <41F5D168.8040806@gmail.com> Message-ID: <20050125053414.F348@nirmala.opentrend.net> References: <41F5D168.8040806@gmail.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: amavisd-new at opentrend.net Sender: owner-sage-members@usenix.org Precedence: bulk On Mon, 24 Jan 2005, Mike Noble wrote: > I am working at a company who is wanting redundant email serves where if > one fails the other one will take over. I am looking for ideas that > others have used and what you did. It would be nice to keep this as It really depends on what you want to achieve. Is this for incoming mail, internal mail only or the box that contains the mail boxes? The obvious solution to many mail redundancy requirements is to run 2 boxes at MX 10 or one at MX 10 & one at MX 20. This can be done internally through split dns (ie, MXs that are only internally visible). This is not a perfect solution as a box can die with mail in the queue, and there it stays until the box comes up (or worse, it goes to never-never land with the disk). This is not a huge problem overall - most of the mail that gets stuck will already be delayed for some other reason. Multiple levels of redundancy are ok. A few years back I setup TLS enabled MTAs for a government Agency in Australia. 2 x Ultra Enterprise 250s running Solaris. With 6 disks each - / and swap were mirrored while /var was RAID5 over 5 drives. / and /var also had the 6th disk as a hot spare. Each box had 2 power supplies. > cheep as possible but that is not the highest priority. I have been > thinking about having a raid5 storage on a separate system which feeds > /var/spool/mail to two different mail clients. The problem that I can It sounds like the intention is for users to make imap or pop connections. If so you may wish to consider a cluster. Linux clustering has gone ahead in leaps and bounds in recent years and may provide an inexpensive solution. Rob -- Robert Brockway B.Sc. Senior Technical Consultant, OpenTrend Solutions Ltd. Phone: 416-669-3073 Email: rbrockway@opentrend.net http://www.opentrend.net OpenTrend Solutions: Reliable, secure solutions to real world problems. Contributing Member of Software in the Public Interest (www.spi-inc.org) From sage-members-owner@usenix.org Tue Jan 25 00:13:37 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0P8Dbn3004891 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 00:13:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0P8DbA3004890 for sage-members-outgoing; Tue, 25 Jan 2005 00:13:37 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0P8DYn3004885 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 00:13:35 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0P8D7iR014284; Tue, 25 Jan 2005 03:13:20 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <41F5D168.8040806@gmail.com> References: <41F5D168.8040806@gmail.com> Date: Tue, 25 Jan 2005 09:09:47 +0100 To: Mike Noble From: Brad Knowles Subject: Re: [SAGE] Redundant Email server Cc: Sage Members Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 8:56 PM -0800 2005-01-24, Mike Noble wrote: > I am working at a company who is wanting redundant email serves where if > one fails the other one will take over. I am looking for ideas that > others have used and what you did. It's not exactly clear to me what you want, but I would recommend you look at the slides from the invited talk I gave at LISA 2000 entitled "Design and Implementation of Highly Scalable E-Mail Systems". You can see them at . So far as I know, this is still pretty much the state-of-the-art for building highly scalable IMAP-based e-mail systems. If you want to stick with POP3, the Nick Christensen's paper "A Highly Scalable Electronic Mail Service Using Open Systems" (see ) is sufficient, and is proven to scale to at least ten million users. Of course, it can also be used on much smaller scales, too. Now, you can make this as cheap or as expensive as you want. You can have multiple front-end MXes which route mail internally to multiple back-end servers which share redundant reliable storage, and you can use exclusively stock off-the-shelf open-source software, or you can go with a complete everything-in-a-box commercial solution. I've submitted a proposal to update this material for the NLUUG "E-mail and Beyond" conference in May (see ). If you can't attend that conference, you should at least be able to pick up the slides online after I'm done. If I end up not making the cut, I'll probably do up at least some of that work and put it online anyway. I'm also considering a proposal to do a column for _;login:_, and this might make good fodder for an issue or two. > It would be nice to keep this as > cheep as possible but that is not the highest priority. I have been > thinking about having a raid5 storage on a separate system which feeds > /var/spool/mail to two different mail clients. A flat storage model is preferred, yes. > The problem that I can > see here is what is to keep someone from possibly connecting to both > machines at the same time or having some connected to one and others > connected to the other. In my design, you take care of that problem by using a proxy solution like Perdition. Everyone connects to the front-end proxy server, which directs the incoming connection to the appropriate back-end mailbox server (usually via routing information stored in something like OpenLDAP). You usually want to configure all the back-end mailbox servers to be physically capable of serving any given mailbox, but you select a preferred server for each mailbox so as to avoid busting system caches, causing excessive thrashing over the storage network, etc.... -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Jan 25 10:17:50 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PIHon3020721 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 10:17:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PIHoCT020720 for sage-members-outgoing; Tue, 25 Jan 2005 10:17:50 -0800 (PST) Received: from etsuex1.etsu.edu (etsuex1.etsu.edu [151.141.8.103]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PIHln2020714 for ; Tue, 25 Jan 2005 10:17:48 -0800 (PST) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [SAGE] Redundant Email server Date: Tue, 25 Jan 2005 13:17:26 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] Redundant Email server Thread-Index: AcUCt0MDymgOGH1nSfCurRO4dyEOdwAUnVVg From: "Jenkins, Steven" To: "Brad Knowles" Cc: "Sage Members" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id j0PIHmn2020716 Sender: owner-sage-members@usenix.org Precedence: bulk This is a really interesting presentation you gave, and I especially appreciate 'Review' material in such detail in the presentation itself. One question, though: you don't discuss anything relevant to the two most widely used commercial mail servers: Lotus Notes and Microsoft Exchange. Do you have any numbers (or know of any) on how people have really used Notes and Exchange? There are also various webmail products out there (e.g., iMail) that could be included in such a discussion. Thanks, Steven From sage-members-owner@usenix.org Tue Jan 25 11:17:47 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PJHln3022293 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 11:17:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PJHkos022292 for sage-members-outgoing; Tue, 25 Jan 2005 11:17:46 -0800 (PST) Received: from smtp814.mail.sc5.yahoo.com (smtp814.mail.sc5.yahoo.com [66.163.170.84]) by usenix.org (8.12.10/8.12.10) with SMTP id j0PJHin2022287 for ; Tue, 25 Jan 2005 11:17:45 -0800 (PST) Received: from unknown (HELO ?128.114.22.150?) (jmallory@pacbell.net@128.114.22.150 with login) by smtp814.mail.sc5.yahoo.com with SMTP; 25 Jan 2005 19:16:22 -0000 Received: from 127.0.0.1 (AVG SMTP 7.0.302 [265.7.4]); Tue, 25 Jan 2005 11:16:22 -0800 Message-Id: <6.2.0.14.2.20050125110931.02a40e90@pop.pacbell.yahoo.com> X-Mailer: QUALCOMM Windows Eudora Version 6.2.0.14 Date: Tue, 25 Jan 2005 11:16:22 -0800 To: Brad Knowles , Mike Noble From: Jeff Mallory Subject: Re: [SAGE] Redundant Email server Cc: Sage Members In-Reply-To: References: <41F5D168.8040806@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed; x-avg-checked=avg-ok-3A302B9E Sender: owner-sage-members@usenix.org Precedence: bulk Brad, We are also in the process of building a new mail server and optimizing virus (Sophos) and spam (spamassassin) filtering in the process. Both papers you cite provide a great background on mail server design issues. We are going to try out postfix instead of sendmail and probably move to a maildirs structure from mbox and found the following study on maildir/mbox performance differences to be helpful, too: http://www.courier-mta.org/mbox-vs-maildir/ The filtering design (and nfs param tuning) is still in progress. Thanks for your posts! Very timely thread for us. JJM From sage-members-owner@usenix.org Tue Jan 25 11:28:06 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PJS6n3023013 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 11:28:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PJS5qn023012 for sage-members-outgoing; Tue, 25 Jan 2005 11:28:06 -0800 (PST) Received: from mail.ituitive.com (mail.ituitive.com [216.234.52.66]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PJS3n3022993 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 11:28:04 -0800 (PST) Received: (qmail 70139 invoked by uid 1011); 25 Jan 2005 19:28:47 -0000 Received: from 216.234.51.37 by random.ituitive.com (envelope-from , uid 1011) with qmail-scanner-1.24 (clamdscan: 0.80/545. spamassassin: 2.63. Clear:RC:1(216.234.51.37):. Processed in 0.064832 secs); 25 Jan 2005 19:28:47 -0000 X-Qmail-Scanner-Mail-From: sfulton@esoteric.ca via random.ituitive.com X-Qmail-Scanner: 1.24 (Clear:RC:1(216.234.51.37):. Processed in 0.064832 secs) Received: from youare.connection.ca (HELO ?216.234.51.37?) (sfulton@esoteric.ca@216.234.51.37) by mail.ituitive.com with SMTP; 25 Jan 2005 19:28:46 -0000 Message-ID: <41F69DB1.3060507@esoteric.ca> Date: Tue, 25 Jan 2005 14:27:45 -0500 From: Stephen Fulton User-Agent: Mozilla Thunderbird 0.9 (Windows/20041103) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Sage Members Subject: Re: [SAGE] Redundant Email server References: <41F5D168.8040806@gmail.com> In-Reply-To: <41F5D168.8040806@gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Mike, In my experience, the best system is one that has shared storage with multiple nodes connecting. Typically I recommend 4 servers connecting to a central storage app (preferably RAID 10, because RAID 5 has a write penalty that can slow a busy system to a crawl). 2 servers are interactive (that is, customer accessible POP3/SMTP) and 2 are inbound MX only. Keep them seperate, and you're life will be a lot easier, particularly when it comes to applying anti-spam rules. As for MTA's, I've used Sendmail, Qmail, Exim and Postfix regularly over the past number of years. If I were going to recommend one, it would be either Exim or Postfix. Postfix is faster, at least in the experiments I've done, particularly with regards to queue processing. Exim OTOH, has an ACL language which has proven a godsend in situations other MTA's can't handle. Most companies will balk at the expense, but for performance and availability, this kind of set up is perfect. Good luck, -- Stephen. Mike Noble wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I am working at a company who is wanting redundant email serves where if > one fails the other one will take over. I am looking for ideas that > others have used and what you did. It would be nice to keep this as > cheep as possible but that is not the highest priority. I have been > thinking about having a raid5 storage on a separate system which feeds > /var/spool/mail to two different mail clients. The problem that I can > see here is what is to keep someone from possibly connecting to both > machines at the same time or having some connected to one and others > connected to the other. > > All recommendations are welcome. > > Thanks, > Mike > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.6 (GNU/Linux) > > iD8DBQFB9dFolJFYJP/fwTsRAqGUAJ40NqPsLTY7k17mC2prjccNA+PuygCbB0Mq > PW1Y+jkHS4x+WEDUPpd1Mpk= > =pDXS > -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Tue Jan 25 11:42:58 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PJgvn3023777 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 11:42:58 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PJgvXD023776 for sage-members-outgoing; Tue, 25 Jan 2005 11:42:57 -0800 (PST) Received: from f1n1.spenet.wfu.edu (f1n1.sp2net.wfu.edu [152.17.48.111]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PJgtn2023759 for ; Tue, 25 Jan 2005 11:42:56 -0800 (PST) Received: from f1n11.sp2net.wfu.edu (f1n11.sp2net.wfu.edu [10.1.16.121]) by f1n1.spenet.wfu.edu (8.11.6p2/8.11.6) with SMTP id j0PJgY741384 for ; Tue, 25 Jan 2005 14:42:34 -0500 X-Authentication-Warning: f1n1.spenet.wfu.edu: f1n11.sp2net.wfu.edu [10.1.16.121] didn't use HELO protocol Message-ID: <41F6A129.8010108@wfu.edu> Date: Tue, 25 Jan 2005 14:42:33 -0500 From: John Borwick Organization: Wake Forest University User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.3) Gecko/20041110 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Sage Members Subject: Re: [SAGE] Redundant Email server References: In-Reply-To: X-Enigmail-Version: 0.89.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jenkins, Steven wrote: | | This is a really interesting presentation you gave, and I especially | appreciate 'Review' material in such detail in the presentation itself. | | One question, though: you don't discuss anything relevant to the two | most widely used commercial mail servers: Lotus Notes and Microsoft | Exchange. | | Do you have any numbers (or know of any) on how people have really used | Notes and Exchange? There are also various webmail products out there | (e.g., iMail) that could be included in such a discussion. I would just like to echo this request. If anyone can point me to information about Exchange vs. sendmail, that would be FABULOUS. We have been considering implementing Cisco's Unified Messaging product, which refuses to integrate with anything but Exchange or Lotus Notes. Yours, John - -- ~ John Borwick ~ System Administrator ~ Wake Forest University | web http://www.wfu.edu/~borwicjh ~ Winston-Salem, NC, USA | GPG key ID 0x797326D5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFB9qEp/81sF3lzJtURAu/ZAJ9R3uS7k7DhRCct3RMZfGhetXOXuQCfe2cq eeVVzigxEOSseWH4Q0P3/ZQ= =DECV -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Tue Jan 25 12:15:41 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PKFen3024986 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 12:15:41 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PKFe4n024985 for sage-members-outgoing; Tue, 25 Jan 2005 12:15:40 -0800 (PST) Received: from rbwtech.com (www.rbwtech.com [69.90.129.139]) by usenix.org (8.12.10/8.12.10) with SMTP id j0PKFdn2024977 for ; Tue, 25 Jan 2005 12:15:39 -0800 (PST) Received: FROM [69.90.43.86] BY rbwtech.com with hMailServer ; Tue, 25 Jan 2005 12:13:23 -0800 Received: from neamh.sial.org (localhost [127.0.0.1]) by neamh.sial.org (8.12.11/8.12.11) with ESMTP id j0PKFLxk006044 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Tue, 25 Jan 2005 20:15:21 GMT Received: (from jmates@localhost) by neamh.sial.org (8.12.11/8.12.11/Submit) id j0PKFLm3012347 for sage-members@usenix.org; Tue, 25 Jan 2005 20:15:21 GMT Date: Tue, 25 Jan 2005 12:15:21 -0800 From: Jeremy Mates To: Sage Members Subject: Re: [SAGE] Redundant Email Message-ID: <20050125201521.GA1065@neamh.sial.org> Mail-Followup-To: Sage Members References: <41F5D168.8040806@gmail.com> <6.2.0.14.2.20050125110931.02a40e90@pop.pacbell.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <6.2.0.14.2.20050125110931.02a40e90@pop.pacbell.yahoo.com> User-Agent: Mutt/1.4.2i Sender: owner-sage-members@usenix.org Precedence: bulk * Jeff Mallory > We are going to try out postfix instead of sendmail and probably move to a > maildirs structure from mbox and found the following study on maildir/mbox > performance differences to be helpful, too: > http://www.courier-mta.org/mbox-vs-maildir/ Both mbox and maildir duplicate e-mail to multiple recipients on the same system. This might be a problem where large attatchments are allowed. I believe Cyrus-IMAPD and others provide single message store to avoid this problem. From sage-members-owner@usenix.org Tue Jan 25 12:55:06 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PKt6n3025869 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 12:55:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PKt6gI025867 for sage-members-outgoing; Tue, 25 Jan 2005 12:55:06 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PKt3n3025856 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 12:55:04 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0PKsdKX055456; Tue, 25 Jan 2005 15:54:40 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Tue, 25 Jan 2005 21:32:31 +0100 To: "Jenkins, Steven" From: Brad Knowles Subject: RE: [SAGE] Redundant Email server Cc: "Brad Knowles" , "Sage Members" Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 1:17 PM -0500 2005-01-25, Jenkins, Steven wrote: > This is a really interesting presentation you gave, and I especially > appreciate 'Review' material in such detail in the presentation itself. Thanks! > One question, though: you don't discuss anything relevant to the two > most widely used commercial mail servers: Lotus Notes and Microsoft > Exchange. Because they are inherently non-scalable. A standard cost metric given by Microsoft is that Exchange costs $25/user/month. If you're going to serve 3000 Enterprise LAN customers and 7000 total Enterprise WAN customers (including the 3000 LAN customers), that works out to something like $2 million/year. In the talk I'm preparing for the NLUUG "E-Mail and Beyond" conference in May, I'm going to show how you can serve the same number of customers with open-source software, and do so much, much cheaper. For the particular customer where I was doing this work, we did this for zero additional cost -- the NFS server had already been bought and provisioned, and the server hardware was found sitting unused in a closet that no one had known about for years -- ten low-spec Sun Ultra 10s (were turned into five higher-spec U10s with five spare chassis left over. Besides, I'm talking about software on *nix, not Windows. However, the architecture Nick and I developed is not dependant on the OS. If you wanted to do it using Windows applications, that should be possible. > Do you have any numbers (or know of any) on how people have really used > Notes and Exchange? There are also various webmail products out there > (e.g., iMail) that could be included in such a discussion. Webmail didn't really figure into the picture very much, except as an add-on to the existing IMAP architecture that we were developing. We chose TWIG because it was less dependant on Javascript, and worked well with the various clients we tested. But just about any webmail system should have worked. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Jan 25 12:55:07 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PKt6n3025870 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 12:55:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PKt6QJ025868 for sage-members-outgoing; Tue, 25 Jan 2005 12:55:06 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PKt3n3025858 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 12:55:04 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0PKsdKZ055456; Tue, 25 Jan 2005 15:54:42 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <6.2.0.14.2.20050125110931.02a40e90@pop.pacbell.yahoo.com> References: <41F5D168.8040806@gmail.com> <6.2.0.14.2.20050125110931.02a40e90@pop.pacbell.yahoo.com> Date: Tue, 25 Jan 2005 21:43:33 +0100 To: Jeff Mallory From: Brad Knowles Subject: Re: [SAGE] Redundant Email server Cc: Brad Knowles , Mike Noble , Sage Members Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 11:16 AM -0800 2005-01-25, Jeff Mallory wrote: > We are going to try out postfix instead of sendmail and probably move to > a maildirs structure from mbox and found the following study on > maildir/mbox performance differences to be helpful, too: > http://www.courier-mta.org/mbox-vs-maildir/ If you're going to do mail filtering, then sendmail with milter will scale much better than postfix. The more filtering you do, the more sendmail will scale better than postfix. In addition, unless you're forced into using NFS as your storage medium, Maildir has some serious performance issues. Mark Crispin outlines some of them in the documentation at , and I'm going to outline more of them in the talk I'm working on for the NLUUG "E-Mail and Beyond" conference coming up in May. If you want scalable, Cyrus is much better than Maildir. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Jan 25 12:55:15 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PKtFn3025924 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 12:55:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PKtF35025921 for sage-members-outgoing; Tue, 25 Jan 2005 12:55:15 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PKt8n3025890 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 12:55:10 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0PKsdKd055456; Tue, 25 Jan 2005 15:54:54 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <41F6A129.8010108@wfu.edu> References: <41F6A129.8010108@wfu.edu> Date: Tue, 25 Jan 2005 21:49:34 +0100 To: John Borwick From: Brad Knowles Subject: Re: [SAGE] Redundant Email server Cc: Sage Members Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 2:42 PM -0500 2005-01-25, John Borwick wrote: > I would just like to echo this request. If anyone can point me to > information about Exchange vs. sendmail, that would be FABULOUS. Sorry, you may have to wait for my talk at the NLUUG "E-Mail and Beyond" conference in May. > We have been considering implementing Cisco's Unified Messaging product, > which refuses to integrate with anything but Exchange or Lotus Notes. Sigh.... Why doesn't that surprise me? -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Jan 25 12:56:29 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PKuSn3026348 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 12:56:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PKuSNt026347 for sage-members-outgoing; Tue, 25 Jan 2005 12:56:28 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PKuPn3026326 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 12:56:26 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0PKsdKb055456; Tue, 25 Jan 2005 15:54:46 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <41F69DB1.3060507@esoteric.ca> References: <41F5D168.8040806@gmail.com> <41F69DB1.3060507@esoteric.ca> Date: Tue, 25 Jan 2005 21:48:47 +0100 To: Stephen Fulton From: Brad Knowles Subject: Re: [SAGE] Redundant Email server Cc: Sage Members Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 2:27 PM -0500 2005-01-25, Stephen Fulton wrote: > In my experience, the best system is one that has shared storage with > multiple nodes connecting. Typically I recommend 4 servers connecting > to a central storage app (preferably RAID 10, because RAID 5 has a write > penalty that can slow a busy system to a crawl). 2 servers are > interactive (that is, customer accessible POP3/SMTP) and 2 are inbound > MX only. Keep them seperate, and you're life will be a lot easier, > particularly when it comes to applying anti-spam rules. In my experience, a front-end proxy/relay solution with multiple back-end mailbox servers is more scalable, and hides more of the system architecture from the customers. You can add new back-end mail servers and make them completely transparent, just by changing the mail routing database as stored in OpenLDAP. Or you can take them offline for maintenance the same way. If you need to bring on more front-end proxy/relay servers, just change the configuration of the L4 load-balancing switches that sit in front of them, and the new servers should start immediately taking on load. > As for MTA's, I've used Sendmail, Qmail, Exim and Postfix regularly over > the past number of years. If I were going to recommend one, it would be > either Exim or Postfix. Postfix is faster, at least in the experiments > I've done, particularly with regards to queue processing. Exim OTOH, > has an ACL language which has proven a godsend in situations other MTA's > can't handle. Sendmail, postfix, and Exim are the three main MTAs that I feel comfortable recommending to others. I have less experience with Exim, but I have yet to see anyone do anything with it that I couldn't do with roughly the same complexity and performance (or better) with postfix or sendmail. That said, it's not a bad solution. But when you start talking about doing lots of mail filtering (e.g., anti-virus, anti-spam, etc...), then sendmail starts outrunning the others by miles. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Jan 25 13:39:38 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PLdbn3028331 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 13:39:38 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PLdb2T028329 for sage-members-outgoing; Tue, 25 Jan 2005 13:39:37 -0800 (PST) Received: from etsuex1.etsu.edu (etsuex1.etsu.edu [151.141.8.103]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PLdZn2028318 for ; Tue, 25 Jan 2005 13:39:36 -0800 (PST) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [SAGE] Redundant Email server Date: Tue, 25 Jan 2005 16:39:17 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] Redundant Email server Thread-Index: AcUDIBjFrep4ooQ9TsSlv7R7lk6eQgABbajw From: "Jenkins, Steven" To: "Brad Knowles" Cc: "Sage Members" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id j0PLdan2028325 Sender: owner-sage-members@usenix.org Precedence: bulk Let me make sure I'm understanding you: you're saying that Exchange is inherently non-scalable because the vendor says a standard cost per seat is $25/user/month? The analysis you had given on the others was technical, not financial -- do you know of a similarly technical coverage of Exchange (or Notes?). In my experience dealing with enterprise agreements, any publicly available dollar figure on a vendor's website is simply an opening number in a negotiation, it's not what ends up as the final cost. Thanks, Steven -----Original Message----- From: Brad Knowles [mailto:brad@stop.mail-abuse.org] ... > One question, though: you don't discuss anything relevant to the two > most widely used commercial mail servers: Lotus Notes and Microsoft > Exchange. Because they are inherently non-scalable. A standard cost metric given by Microsoft is that Exchange costs $25/user/month. ... -- From sage-members-owner@usenix.org Tue Jan 25 13:59:43 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PLxgn3029360 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 13:59:42 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PLxgfa029359 for sage-members-outgoing; Tue, 25 Jan 2005 13:59:42 -0800 (PST) Received: from igtc.com (igtc.igtc.com [66.166.73.180]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PLxen2029343 for ; Tue, 25 Jan 2005 13:59:41 -0800 (PST) Received: from igtc.com (igtc [127.0.0.1]) by igtc.com (8.13.3/8.13.3) with ESMTP id j0PLxMoU001398 for ; Tue, 25 Jan 2005 13:59:22 -0800 Received: (from pmm@localhost) by igtc.com (8.13.3/8.13.3/Submit) id j0PLxM3p001397 for sage-members@usenix.org; Tue, 25 Jan 2005 13:59:22 -0800 Date: Tue, 25 Jan 2005 13:59:22 -0800 From: "Paul M. Moriarty" To: sage-members@usenix.org Subject: Re: [SAGE] Redundant Email server Message-ID: <20050125215922.GB31890@igtc.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i X-SMTP-Vilter-Version: 1.1.8 X-SMTP-Vilter-Spam-Backend: spamd X-Spam-Score: 0.0 Sender: owner-sage-members@usenix.org Precedence: bulk Jenkins, Steven writes: > > Let me make sure I'm understanding you: you're saying that Exchange is > inherently non-scalable because the vendor says a standard cost per seat > is $25/user/month? > > The analysis you had given on the others was technical, not financial -- > do you know of a similarly technical coverage of Exchange (or Notes?). > > In my experience dealing with enterprise agreements, any publicly > available dollar figure on a vendor's website is simply an opening > number in a negotiation, it's not what ends up as the final cost. > The $25 number is, I believe, the cost of maintaining said system, not implementing it. You will find that MS is not a company open to negotiation. It's more like, "Oh, you spend X. You're discount is Y. Here's our licensing agreements. Unless you are a Global 500 company, we won't entertain changing so much as one comma. Take it or leave it." - Paul - From sage-members-owner@usenix.org Tue Jan 25 14:06:53 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PM6qn3029947 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 14:06:52 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PM6qur029945 for sage-members-outgoing; Tue, 25 Jan 2005 14:06:52 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PM6nn3029939 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 14:06:51 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0PM6UXI059294; Tue, 25 Jan 2005 17:06:31 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Tue, 25 Jan 2005 23:06:18 +0100 To: "Jenkins, Steven" From: Brad Knowles Subject: RE: [SAGE] Redundant Email server Cc: "Brad Knowles" , "Sage Members" Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 4:39 PM -0500 2005-01-25, Jenkins, Steven wrote: > Let me make sure I'm understanding you: you're saying that Exchange is > inherently non-scalable because the vendor says a standard cost per seat > is $25/user/month? No, they're inherently non-scalable because of their architecture, and I can beat that cost, by a mile. > The analysis you had given on the others was technical, not financial -- > do you know of a similarly technical coverage of Exchange (or Notes?). No, because no one tries to scale those products to those levels. Or, if they try, they usually fail. Or, if they do finally manage do it, they don't tell anyone because they don't want their stockholders to know how much money they blew trying to make a pig fly. Like, how much money has Microsoft blown trying to force all Hotmail operations to move from Unix to Microsoft-based OSes, how many times have they tried and failed to force that switch, and how many orders of magnitude more machines are they using afterwards? > In my experience dealing with enterprise agreements, any publicly > available dollar figure on a vendor's website is simply an opening > number in a negotiation, it's not what ends up as the final cost. In this case, the value quoted was from the Microsoft sales person, and used as part of a cost justification spreadsheet. I took some real-world numbers based on the actual mail load that we were seeing at the time, and plugged them into the same formulas, and came up with a much higher cost for Exchange than they had projected -- because they had based their numbers on a whole host of invalid assumptions and they hadn't bothered to get some real data. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Jan 25 14:14:54 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PMErn3000425 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 14:14:54 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PMErUL000424 for sage-members-outgoing; Tue, 25 Jan 2005 14:14:53 -0800 (PST) Received: from smtp1.utdallas.edu (smtp1.utdallas.edu [129.110.10.12]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PMEpn2000399 for ; Tue, 25 Jan 2005 14:14:52 -0800 (PST) Received: from spartacus.utdallas.edu (spartacus.utdallas.edu [129.110.3.11]) by smtp1.utdallas.edu (Postfix) with ESMTP id 520E3389277 for ; Tue, 25 Jan 2005 16:13:17 -0600 (CST) Date: Tue, 25 Jan 2005 16:13:17 -0600 (CST) From: amos+lists.sage@utdallas.edu X-X-Sender: amos@spartacus.utdallas.edu To: sage-members@usenix.org Subject: Re: [SAGE] Redundant Email server In-Reply-To: <20050125215922.GB31890@igtc.com> Message-ID: References: <20050125215922.GB31890@igtc.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, 25 Jan 2005, Paul M. Moriarty wrote: > You will find that MS is not a company open to negotiation. It's more > like, "Oh, you spend X. You're discount is Y. Here's our licensing > agreements. Unless you are a Global 500 company, we won't entertain > changing so much as one comma. Take it or leave it." Well, we're in the situation that MS did do an extensive contract with UT-System, and so one argument that I've heard before is that Exchange is virtually "free". (I don't think the tax payers would say that, but then again students get a good break too.) Amos From sage-members-owner@usenix.org Tue Jan 25 14:37:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PMbjn3001361 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 14:37:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PMbjWO001359 for sage-members-outgoing; Tue, 25 Jan 2005 14:37:45 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PMbgn3001354 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 14:37:43 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0PMbS7O061144; Tue, 25 Jan 2005 17:37:29 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <20050125215922.GB31890@igtc.com> Date: Tue, 25 Jan 2005 23:37:21 +0100 To: amos+lists.sage@utdallas.edu From: Brad Knowles Subject: Re: [SAGE] Redundant Email server Cc: sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 4:13 PM -0600 2005-01-25, amos+lists.sage@utdallas.edu wrote: > Well, we're in the situation that MS did do an extensive contract > with UT-System, and so one argument that I've heard before is that > Exchange is virtually "free". (I don't think the tax payers would > say that, but then again students get a good break too.) Perhaps it doesn't cost any extra, but then neither does open source software. The question is what happens to your TCO when you consider the greatly increased number of admins, servers, and other infrastructural costs? Sometimes, something that is "free" is actually the worst choice you could make, because it ends up costing you so much more money in the long run. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Jan 25 14:47:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PMl1n3002036 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 14:47:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PMl1RO002035 for sage-members-outgoing; Tue, 25 Jan 2005 14:47:01 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PMkxn2002030 for ; Tue, 25 Jan 2005 14:46:59 -0800 (PST) Received: (qmail 6424 invoked by uid 18647); 25 Jan 2005 22:46:48 -0000 Date: Tue, 25 Jan 2005 14:46:47 -0800 From: Philip Brown To: Sage Members Subject: Re: [SAGE] Redundant Email server Message-ID: <20050125144647.A49741@bolthole.com> Mail-Followup-To: Sage Members References: <41F5D168.8040806@gmail.com> <20050125053414.F348@nirmala.opentrend.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20050125053414.F348@nirmala.opentrend.net>; from rbrockway@opentrend.net on Tue, Jan 25, 2005 at 05:50:26AM +0000 Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, Jan 25, 2005 at 05:50:26AM +0000, Robert Brockway wrote: > > It sounds like the intention is for users to make imap or pop connections. > If so you may wish to consider a cluster. Linux clustering has gone > ahead in leaps and bounds in recent years and may provide an inexpensive > solution. "Linux clustering"? Is that (tm), or (R)? :-) If you think "clustering" is generally a good idea, then just say so. Please dont muddy the waters by somehow implying that "Linux clustering" is somehow better than clustering on *BSD, or ....., unless you want to provide concrete examples of why it is so. [and besides which, "Linux clustering" isnt even specific. There are multiple (free!) clustering software products that can run on linux, and lots of other OSes too. "Linux" is not the full and complete set of "Free software".] Personally, I think that yes, clustering sounds appropriate for the type of scenario the original person emailed about. But I leave the choice of clustering software and OS platform, up to the deployer. They're all pretty much identical for this particular "application", so long as whatever-it-is can easily and simply switch a "shared" external disk between the previously active node, to the now-needs-to-be-active node. From sage-members-owner@usenix.org Tue Jan 25 14:58:26 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PMwQn3002642 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 14:58:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PMwPTp002641 for sage-members-outgoing; Tue, 25 Jan 2005 14:58:25 -0800 (PST) Received: from smtpvip3.bnl.gov (smtp@smtpgateway.BNL.GOV [130.199.3.132]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PMwOn2002636 for ; Tue, 25 Jan 2005 14:58:24 -0800 (PST) Received: from dh09.s130.bnl.gov ([130.199.131.249] helo=[127.0.0.1]) by smtpvip3.bnl.gov with esmtp (bnl.gov SMTP) id 1CtZ2Z-0002Ad-00 for ; Tue, 25 Jan 2005 17:20:03 -0500 Message-ID: <41F6CEFA.2020907@amber.org> Date: Tue, 25 Jan 2005 17:58:02 -0500 From: John Reddy User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE-Members Subject: [SAGE] Becoming a Certificate Authority References: <20040603170953.GA20728@greymouser.com> In-Reply-To: <20040603170953.GA20728@greymouser.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BNL-MailScanner-Information: Please contact the ITD Service Desk for more information X-BNL-MailScanner: Found to be clean X-BNL-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (score=0.203, required 5, autolearn=disabled, AWL -0.20, SPF_HELO_FAIL 0.41) X-MailScanner-From: jreddy@amber.org Sender: owner-sage-members@usenix.org Precedence: bulk I've been asked by some co-workers to investigate what's involved in becoming a Certificate Authority. I'd like to rtfm, if I could find tfm... so any direction would be appreciated. The idea is that we've got a largish (30 +) number of internal hosts running SSL that are constantly changing (new names, decommissions, recommissions), which we want to present internally and to the outside world without users needing to accept a self-signed CA / cert. Wildcard certs (ie. *.yadda.com) don't work: We have to support IE, and at least on Windows XP sp2, it throws an error about the cert not matching the hostname. So, the idea is to become a chained CA, I believe. Anyone care to throw me a sanity check? Are we barking up the wrong tree with becoming a CA? Or do we just bite the bullet and go with one of the commercial CAs out there? There is a certain allure to having control over such things internally. -John Reddy -- "To do, one must first imagine." From sage-members-owner@usenix.org Tue Jan 25 14:59:18 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PMxHn3002789 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 14:59:17 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PMxHnc002786 for sage-members-outgoing; Tue, 25 Jan 2005 14:59:17 -0800 (PST) Received: from smtp1.utdallas.edu (smtp1.utdallas.edu [129.110.10.12]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PMxFn2002760 for ; Tue, 25 Jan 2005 14:59:15 -0800 (PST) Received: from spartacus.utdallas.edu (spartacus.utdallas.edu [129.110.3.11]) by smtp1.utdallas.edu (Postfix) with ESMTP id 8C7DE388F9D for ; Tue, 25 Jan 2005 16:58:58 -0600 (CST) Date: Tue, 25 Jan 2005 16:58:58 -0600 (CST) From: amos+lists.sage@utdallas.edu X-X-Sender: amos@spartacus.utdallas.edu To: sage-members@usenix.org Subject: Re: [SAGE] Redundant Email server In-Reply-To: Message-ID: References: <20050125215922.GB31890@igtc.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, 25 Jan 2005, Brad Knowles wrote: > Perhaps it doesn't cost any extra, but then neither does open source > software. The question is what happens to your TCO when you consider the > greatly increased number of admins, servers, and other infrastructural costs? > > Sometimes, something that is "free" is actually the worst choice you > could make, because it ends up costing you so much more money in the long > run. Oh, I agree. Our Cyrus server has been running on hardware purchased back in 2000, and only this year did we get some new hardware for it and home dirs (our priorities, not imposed ones.) It seems like the Exchange systems have gone through several updates since going on-line a couple of years ago. The killer app has been and remains: tight integration with email and calendaring. I'm loosely following the developments of Open Xchange, but it seems like this and other possibilities are playing serious catch-up. Amos From sage-members-owner@usenix.org Tue Jan 25 15:01:52 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PN1qn3003469 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 15:01:52 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PN1qsq003468 for sage-members-outgoing; Tue, 25 Jan 2005 15:01:52 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PN1on3003463 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 15:01:50 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0PN1Z7N062253; Tue, 25 Jan 2005 18:01:36 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050125144647.A49741@bolthole.com> References: <41F5D168.8040806@gmail.com> <20050125053414.F348@nirmala.opentrend.net> <20050125144647.A49741@bolthole.com> Date: Wed, 26 Jan 2005 00:01:30 +0100 To: Philip Brown From: Brad Knowles Subject: Re: [SAGE] Redundant Email server Cc: Sage Members Content-Type: text/plain; charset="iso-8859-1" ; format="flowed" Content-Transfer-Encoding: 8bit Sender: owner-sage-members@usenix.org Precedence: bulk At 2:46 PM -0800 2005-01-25, Philip Brown wrote: > [and besides which, "Linux clustering" isnt even specific. There are > multiple (free!) clustering software products that can run on linux, > and lots of other OSes too. "Linux" is not the full and complete > set of "Free software".] You would also need to identify the type of cluster. Is this a tightly-coupled MPI or PVM cluster? Is this a loosely coupled shared storage cluster? Perhaps some other type of cluster? Depending on how you define it, the solution I've proposed could be defined as a cluster. > Personally, I think that yes, clustering sounds appropriate for the type of > scenario the original person emailed about. But I leave the choice of > clustering software and OS platform, up to the deployer. They're all pretty > much identical for this particular "application", so long as whatever-it-is > can easily and simply switch a "shared" external disk between the > previously active node, to the now-needs-to-be-active node. I'm not convinced that a naïeve cluster approach would work particularly well. I think that the architecture that Nick and I developed is a more intelligent solution. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Jan 25 15:11:16 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNBGn3004178 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 15:11:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PNBG2P004177 for sage-members-outgoing; Tue, 25 Jan 2005 15:11:16 -0800 (PST) Received: from nirmala.opentrend.net (nirmala.opentrend.net [65.39.131.100]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNBEn2004171 for ; Tue, 25 Jan 2005 15:11:14 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by nirmala.opentrend.net (Postfix) with ESMTP id E84B7FDBE for ; Tue, 25 Jan 2005 18:08:18 -0500 (EST) Received: from nirmala.opentrend.net ([127.0.0.1]) by localhost (nirmala.opentrend.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 09759-01-7 for ; Tue, 25 Jan 2005 18:08:15 -0500 (EST) Received: by nirmala.opentrend.net (Postfix, from userid 1003) id D9849FDBB; Tue, 25 Jan 2005 18:08:15 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by nirmala.opentrend.net (Postfix) with ESMTP id D7974FDB9 for ; Tue, 25 Jan 2005 23:08:15 +0000 (GMT) Date: Tue, 25 Jan 2005 23:08:15 +0000 (GMT) From: Robert Brockway To: Sage Members Subject: Re: [SAGE] Redundant Email server In-Reply-To: <20050125144647.A49741@bolthole.com> Message-ID: <20050125230507.G6519@nirmala.opentrend.net> References: <41F5D168.8040806@gmail.com> <20050125053414.F348@nirmala.opentrend.net> <20050125144647.A49741@bolthole.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: amavisd-new at opentrend.net Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, 25 Jan 2005, Philip Brown wrote: > If you think "clustering" is generally a good idea, then just say so. > Please dont muddy the waters by somehow implying that "Linux clustering" > is somehow better than clustering on *BSD, or ....., unless you want to > provide concrete examples of why it is so. I was mentioning it because Linux Clustering has not had good airtime IMHO despite going ahead in leaps and bounds (you may disagree but that is my observation). > [and besides which, "Linux clustering" isnt even specific. There are > multiple (free!) clustering software products that can run on linux, > and lots of other OSes too. "Linux" is not the full and complete > set of "Free software".] Preaching to the converted :) Go to the web site and see how often BSD is mentioned :) Seriously, just because I mention Linux in passing (and it really was in passing) doesn't mean I don't think other solutions aren't valid too. > Personally, I think that yes, clustering sounds appropriate for the type of > scenario the original person emailed about. But I leave the choice of > clustering software and OS platform, up to the deployer. They're all pretty I see nothing wrong with making suggestions. It's apparently been ok to mention Sendmail, Postfix and Exim as MTAs in this thread. Cheers, Rob -- Robert Brockway B.Sc. Senior Technical Consultant, OpenTrend Solutions Ltd. Phone: 416-669-3073 Email: rbrockway@opentrend.net http://www.opentrend.net OpenTrend Solutions: Reliable, secure solutions to real world problems. Contributing Member of Software in the Public Interest (www.spi-inc.org) From sage-members-owner@usenix.org Tue Jan 25 15:13:41 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNDfn3004580 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 15:13:41 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PNDfPw004579 for sage-members-outgoing; Tue, 25 Jan 2005 15:13:41 -0800 (PST) Received: from igtc.com (igtc.igtc.com [66.166.73.180]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNDdn2004570 for ; Tue, 25 Jan 2005 15:13:39 -0800 (PST) Received: from igtc.com (igtc [127.0.0.1]) by igtc.com (8.13.3/8.13.3) with ESMTP id j0PNDKr1002366; Tue, 25 Jan 2005 15:13:22 -0800 Received: (from pmm@localhost) by igtc.com (8.13.3/8.13.3/Submit) id j0PNDJ9p002365; Tue, 25 Jan 2005 15:13:19 -0800 Date: Tue, 25 Jan 2005 15:13:19 -0800 From: "Paul M. Moriarty" To: amos+lists.sage@utdallas.edu Cc: sage-members@usenix.org Subject: Re: [SAGE] Redundant Email server Message-ID: <20050125231319.GD1478@igtc.com> References: <20050125215922.GB31890@igtc.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i X-SMTP-Vilter-Version: 1.1.8 X-SMTP-Vilter-Spam-Backend: spamd X-Spam-Score: 0.0 Sender: owner-sage-members@usenix.org Precedence: bulk amos+lists.sage@utdallas.edu writes: > On Tue, 25 Jan 2005, Paul M. Moriarty wrote: > > >You will find that MS is not a company open to negotiation. It's more > >like, "Oh, you spend X. You're discount is Y. Here's our licensing > >agreements. Unless you are a Global 500 company, we won't entertain > >changing so much as one comma. Take it or leave it." > > Well, we're in the situation that MS did do an extensive contract > with UT-System, and so one argument that I've heard before is that > Exchange is virtually "free". (I don't think the tax payers would say > that, but then again students get a good break too.) > Assuming you have Enterprise Desktops for everybody, then the client access license for Exchange is included in that. You still need to pay for the server, OS & Exchange itself. I believe that 2003 requires AD (or so I've been told). Now you need admins to handle the server load. Add up the TCO and it's far from free. From sage-members-owner@usenix.org Tue Jan 25 15:25:39 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNPcn3005303 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 15:25:39 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PNPbkL005302 for sage-members-outgoing; Tue, 25 Jan 2005 15:25:38 -0800 (PST) Received: from numenor.qualcomm.com (numenor.qualcomm.com [129.46.51.58]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNPan3005296 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Tue, 25 Jan 2005 15:25:36 -0800 (PST) Received: from crowley.qualcomm.com (crowley.qualcomm.com [129.46.61.151]) by numenor.qualcomm.com (8.12.10/8.12.5/1.0) with ESMTP id j0PNPEhP020027 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 25 Jan 2005 15:25:14 -0800 (PST) Received: from grose1.qualcomm.com (vpn-10-50-16-84.qualcomm.com [10.50.16.84]) by crowley.qualcomm.com (8.12.10/8.12.5/1.0) with ESMTP id j0PNPABg018390 (version=TLSv1/SSLv3 cipher=DES-CBC3-SHA bits=168 verify=NOT); Tue, 25 Jan 2005 15:25:11 -0800 (PST) Message-Id: <6.1.2.0.2.20050125152444.046e1f78@203.30.171.17> X-Sender: ggr2@203.30.171.17 X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Tue, 25 Jan 2005 15:25:13 -0800 To: John Reddy From: Greg Rose Subject: Re: [SAGE] Becoming a Certificate Authority Cc: SAGE-Members In-Reply-To: <41F6CEFA.2020907@amber.org> References: <20040603170953.GA20728@greymouser.com> <41F6CEFA.2020907@amber.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-PMX-Version: 4.7.0.111621 Sender: owner-sage-members@usenix.org Precedence: bulk You might have a look at CAcert . Greg. At 17:58 2005-01-25 -0500, John Reddy wrote: >I've been asked by some co-workers to investigate what's involved in >becoming a Certificate Authority. I'd like to rtfm, if I could find >tfm... so any direction would be appreciated. > >The idea is that we've got a largish (30 +) number of internal hosts >running SSL that are constantly changing (new names, decommissions, >recommissions), which we want to present internally and to the outside >world without users needing to accept a self-signed CA / cert. Wildcard >certs (ie. *.yadda.com) don't work: We have to support IE, and at least >on Windows XP sp2, it throws an error about the cert not matching the >hostname. So, the idea is to become a chained CA, I believe. > >Anyone care to throw me a sanity check? Are we barking up the wrong tree >with becoming a CA? Or do we just bite the bullet and go with one of the >commercial CAs out there? There is a certain allure to having control >over such things internally. > >-John Reddy > >-- > "To do, one must first imagine." > Greg Rose INTERNET: ggr@qualcomm.com Qualcomm Incorporated VOICE: +1-858-651-5733 FAX: +1-858-651-5766 5775 Morehouse Drive http://people.qualcomm.com/ggr/ San Diego, CA 92121 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C From sage-members-owner@usenix.org Tue Jan 25 15:42:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNg1n3006023 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 15:42:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PNg1Qh006022 for sage-members-outgoing; Tue, 25 Jan 2005 15:42:01 -0800 (PST) Received: from hexogen.explosive.net (hexogen.explosive.net [216.27.184.5]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNfwn3006016 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Tue, 25 Jan 2005 15:41:59 -0800 (PST) Received: from localhost (localhost.localdomain [127.0.0.1]) by hexogen-lo0.explosive.net (Postfix) with ESMTP id 4EAADEBF9C; Tue, 25 Jan 2005 15:41:41 -0800 (PST) Date: Tue, 25 Jan 2005 15:41:41 -0800 (PST) From: Eric Sorenson To: John Reddy Cc: SAGE-Members Subject: Re: [SAGE] Becoming a Certificate Authority In-Reply-To: <41F6CEFA.2020907@amber.org> Message-ID: References: <20040603170953.GA20728@greymouser.com> <41F6CEFA.2020907@amber.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, 25 Jan 2005, John Reddy wrote: > The idea is that we've got a largish (30 +) number of internal hosts running > SSL that are constantly changing (new names, decommissions, recommissions), > which we want to present internally and to the outside world without users > needing to accept a self-signed CA / cert. Wildcard certs (ie. *.yadda.com) > don't work: We have to support IE, and at least on Windows XP sp2, it throws > an error about the cert not matching the hostname. So, the idea is to become > a chained CA, I believe. > > Anyone care to throw me a sanity check? Are we barking up the wrong tree with > becoming a CA? Or do we just bite the bullet and go with one of the > commercial CAs out there? There is a certain allure to having control over > such things internally. I looked into the Verisign / Thawte products that involved getting a chained-to-root CA (at the time it was Verisign OnSite, don't know if that's still the name) and it was in the $10000-20000 range. Flipping through their website, I don't see that service anymore but their pricing has, if anything, gotten more insane : http://www.verisign.com/products-services/security-services/ssl/ssl-certificates/page_001524.html GeoTrust is probably more reasonably priced (and still chains up to trusted roots), but they want you to call 'em for >100 certs per year : http://www.geotrust.com/enterprise_security/enterprisessl.htm We ended up going with the free homebrew CA. I tried the www.openca.org project and it was nightmarish to get running, though to be fair that was in the early days of RedHat 9 and I was trying to roll my own RPMs, which doubtless contributed to my pain. Currently we use CSP ( http://devel.it.su.se/projects/CSP/ ) to manage certificates. We publish our internal CA cert pretty widely with highly-visible FAQs about "what does this browser error mean", and haven't really had any issues -- certainly none that made us wish we'd spent the 20 large... -- - Eric Sorenson - Explosive Networking - http://eric.explosive.net - From sage-members-owner@usenix.org Tue Jan 25 15:47:35 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNlZn3006462 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 15:47:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PNlZdX006460 for sage-members-outgoing; Tue, 25 Jan 2005 15:47:35 -0800 (PST) Received: from etsuex1.etsu.edu (etsuex1.etsu.edu [151.141.8.103]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNlXn2006453 for ; Tue, 25 Jan 2005 15:47:33 -0800 (PST) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [SAGE] Redundant Email server Date: Tue, 25 Jan 2005 18:47:15 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] Redundant Email server Thread-Index: AcUDKiMgZXMuzBb3QJWOSp4DPa5xwwADdDbA From: "Jenkins, Steven" To: "Brad Knowles" Cc: "Sage Members" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id j0PNlYn2006456 Sender: owner-sage-members@usenix.org Precedence: bulk Could you elaborate on the architectures? Thanks, Steven N.B. I have experience with most of the platforms and products mentioned, but I've never seen a good, _technical_ side-by-side analysis. Most of what I've seen very quickly changes into either political discussions or financial arguments. I'd _really_ like to see a purely technical analysis. -----Original Message----- From: Brad Knowles [mailto:brad@stop.mail-abuse.org] Sent: Tuesday, January 25, 2005 5:06 PM To: Jenkins, Steven Cc: Brad Knowles; Sage Members Subject: RE: [SAGE] Redundant Email server At 4:39 PM -0500 2005-01-25, Jenkins, Steven wrote: > Let me make sure I'm understanding you: you're saying that Exchange > is inherently non-scalable because the vendor says a standard cost > per seat is $25/user/month? No, they're inherently non-scalable because of their architecture... From sage-members-owner@usenix.org Tue Jan 25 15:48:16 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNmGn3006557 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 15:48:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0PNmFlK006556 for sage-members-outgoing; Tue, 25 Jan 2005 15:48:15 -0800 (PST) Received: from bb0eb005.cdc.schwab.com (bb0eb005.schwab.com [162.93.195.149]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0PNmDn3006547 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Tue, 25 Jan 2005 15:48:14 -0800 (PST) Received: from s0743cdc.schwab.com (s0743cdc.schwab.com [162.93.239.70]) by bb0eb005.cdc.schwab.com (Switch-3.1.2/Switch-3.1.0) with ESMTP id j0PNlu9R012026 for ; Tue, 25 Jan 2005 18:47:56 -0500 Received: (from root@localhost) by sendmail.cf s0743cdc id j0PNluQq026901 for SAGE-Members@usenix.org; Tue, 25 Jan 2005 18:47:56 -0500 Received: ( Schwab Email ) by copymail.cf s0743cdc with SMTP id j0PNlttQ026880; for ; Tue, 25 Jan 2005 18:47:56 -0500 Received: From n1121smx.nt.schwab.com ([10.0.50.65]) by n1110smx.nt.schwab.com (WebShield SMTP v4.5 MR1a P0803.345); id 1106696874783; Tue, 25 Jan 2005 15:47:54 -0800 Received: by n1121smx.nt.schwab.com with Internet Mail Service (5.5.2657.72) id <467R9LV2>; Tue, 25 Jan 2005 15:47:53 -0800 Message-ID: From: "Carlson, Scott" To: John Reddy , SAGE-Members Subject: RE: [SAGE] Becoming a Certificate Authority Date: Tue, 25 Jan 2005 15:47:48 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain Sender: owner-sage-members@usenix.org Precedence: bulk John, We have actually decided to become our own CA for internally facing development systems since I manage a repository of 500 SSL certificates over 500 hosts that we pay a commercial signer to sign right now. We have done the following at a very very high level A) with Global Policy (XP Desktops only, IE) have deployed our company as a trusted CA. B) Created a Server environment using Microsoft PKI product and had Microsoft certify us as a "Root" C) set up some web pages to manage CSR's/Approvals We will be able to save some money in our dev environment by not purchasing commercial certs from a company. One thing you might want to look into is CACert (http://www.cacert.org). They have FREE SSL Certificates and you can download a root certificate from their site, so there actually is a really good argument for not rolling your own. The "outside world" part of the thing is your hardest. I am sure there must be articles out there on how people like Thawte became hooked into IE/Netscape. There's probably some stuff on the Mozilla/Firefox repository for CA's. The people at CACert might be able to shed some light on how hard it is to be included in mainstream browsers. Also, at ~$150.00 per servers, 30 servers aren't that expensive to get an SSL cert for. I would suspect that the time and money needed to become a CA included in mainstream browsers is much harder then just paying a few thousand dollars for some certificates. Scott Carlson -----Original Message----- From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of John Reddy Sent: Tuesday, January 25, 2005 3:58 PM To: SAGE-Members Subject: [SAGE] Becoming a Certificate Authority I've been asked by some co-workers to investigate what's involved in becoming a Certificate Authority. I'd like to rtfm, if I could find tfm... so any direction would be appreciated. The idea is that we've got a largish (30 +) number of internal hosts running SSL that are constantly changing (new names, decommissions, recommissions), which we want to present internally and to the outside world without users needing to accept a self-signed CA / cert. Wildcard certs (ie. *.yadda.com) don't work: We have to support IE, and at least on Windows XP sp2, it throws an error about the cert not matching the hostname. So, the idea is to become a chained CA, I believe. Anyone care to throw me a sanity check? Are we barking up the wrong tree with becoming a CA? Or do we just bite the bullet and go with one of the commercial CAs out there? There is a certain allure to having control over such things internally. -John Reddy -- "To do, one must first imagine." From sage-members-owner@usenix.org Tue Jan 25 17:00:20 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0Q10Kn3008488 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 17:00:20 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0Q10KlL008487 for sage-members-outgoing; Tue, 25 Jan 2005 17:00:20 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0Q10Hn3008482 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 17:00:17 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0Q0xwCk067957; Tue, 25 Jan 2005 20:00:00 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Wed, 26 Jan 2005 01:53:24 +0100 To: "Jenkins, Steven" From: Brad Knowles Subject: RE: [SAGE] Redundant Email server Cc: "Brad Knowles" , "Sage Members" Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 6:47 PM -0500 2005-01-25, Jenkins, Steven wrote: > Could you elaborate on the architectures? The architectures of ... what? Exchange versus Notes versus ??? I can't really help you on the Exchange or Notes questions -- they're basically glorified LAN e-mail packages, outgrowths from MS Mail or cc:Mail. Historically, they haven't been able to handle much more than about 100 users per server, and as servers have gotten larger so have the loads, and these numbers have remained remarkably stable. On the Unix side, I should be able to do about a million users per back-end server, with the right hardware and software. I don't think you'll ever see Exchange or Notes scale to a million users, no matter how much money you throw at them. > N.B. I have experience with most of the platforms and products > mentioned, but I've never seen a good, _technical_ side-by-side > analysis. Most of what I've seen very quickly changes into either > political discussions or financial arguments. I'd _really_ like to see > a purely technical analysis. Sorry, I don't think I can help you there. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Jan 25 17:53:42 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0Q1rfn3009651 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 Jan 2005 17:53:42 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0Q1rfRJ009650 for sage-members-outgoing; Tue, 25 Jan 2005 17:53:41 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0Q1rcn2009645 for ; Tue, 25 Jan 2005 17:53:40 -0800 (PST) Received: (qmail 19533 invoked by uid 18647); 26 Jan 2005 01:53:26 -0000 Date: Tue, 25 Jan 2005 17:53:26 -0800 From: Philip Brown To: Sage Members Subject: Re: [SAGE] Redundant Email server Message-ID: <20050125175326.A13114@bolthole.com> Mail-Followup-To: Sage Members References: <41F5D168.8040806@gmail.com> <20050125053414.F348@nirmala.opentrend.net> <20050125144647.A49741@bolthole.com> <20050125230507.G6519@nirmala.opentrend.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20050125230507.G6519@nirmala.opentrend.net>; from rbrockway@opentrend.net on Tue, Jan 25, 2005 at 11:08:15PM +0000 Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, Jan 25, 2005 at 11:08:15PM +0000, Robert Brockway wrote: > On Tue, 25 Jan 2005, Philip Brown wrote: > > Personally, I think that yes, clustering sounds appropriate for the type of > > scenario the original person emailed about. But I leave the choice of > > clustering software and OS platform, up to the deployer. They're all pretty > > [equal ...] > > I see nothing wrong with making suggestions. It's apparently been ok to > mention Sendmail, Postfix and Exim as MTAs in this thread. Making suggestions is great, as long as you also give reasons behind the suggestions. By and large, I think people have stated, "well, you should consider [sendmail/postfix/exim] BECAUSE ..." This is informative. Saying "I think you should consider linux clustering", without giving any specific reasons why "linux clustering" over any other type, is not informative :( [and apart from the fact that "linux clustering" is mostly a misnomer anyway, as I previously pointed out!] From sage-members-owner@usenix.org Wed Jan 26 09:30:14 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0QHUDn3016628 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 26 Jan 2005 09:30:14 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0QHUCrW016626 for sage-members-outgoing; Wed, 26 Jan 2005 09:30:13 -0800 (PST) Received: from mail.pgdc.com ([208.138.186.25]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0QHUBn2016621 for ; Wed, 26 Jan 2005 09:30:11 -0800 (PST) Received: by mail.pgdc.com (Postfix, from userid 2002) id 51889C7F22; Wed, 26 Jan 2005 12:29:57 -0500 (EST) Received: from [208.138.186.40] (wkst1.admin.pgdc.com [208.138.186.40]) by mail.pgdc.com (Postfix) with ESMTP id 0E255C7F1F for ; Wed, 26 Jan 2005 12:29:57 -0500 (EST) Message-ID: <41F7D394.3080705@pgdc.com> Date: Wed, 26 Jan 2005 12:29:56 -0500 From: Andy Ciordia Organization: Planned Giving Design Center User-Agent: Mozilla Thunderbird 0.9 (X11/20041103) X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@sage.org Subject: [SAGE] Eliminating my position Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk I'm not sure how many of you build yourself out of a job but I am working towards that end. The company I am with needs to get into a 100% Over-IP Solution. The office place has been very decentralized for years and a turn in the companies competencies (or lack there of) is going to put what few employees we have left working from home. I have been charged with delivering this new officeless enviornment. I'm stepping off this ship in 8 mos anyhow so as a nine year departing gift, this should be a nice farewell present to my employer. Where I am looking for advice: VOIP Business Solution, hosted, easy, and ideally is near transparent to a normal offices telephone automated system. Hosted Document Repository Hosted Exchange/Comparable solution (shared cal/notes/email) All our development is being pushed offsite to join our production gear at Savvis. All sales and marketing continues through Salesforce. Any other ancillery services need to be hosted so that there are just contact people and no local admin. If anyone has come in contact with hosting solutions that can provide a quality level of service for a small business/small amount of seats, commentary/pointers is appreciated. As well as any other services I might be forgetting at the moment or caveats of stepping in to this arena that might be in my blindspots atm. -a -- Andy Ciordia, MIS/Network Engineer Planned Giving Design Center (www.pgdc.com) 10800-D Independence Pointe Pkwy, Matthews, NC 28105 Ph: (704)849-0731 x106 | Fax: (770)456-5239 -- From sage-members-owner@usenix.org Wed Jan 26 10:24:25 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0QIOPn3018301 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 26 Jan 2005 10:24:25 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0QIOPeA018300 for sage-members-outgoing; Wed, 26 Jan 2005 10:24:25 -0800 (PST) Received: from wingfoot.org (caduceus.wingfoot.org [64.32.179.50]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0QIOJn2018290 for ; Wed, 26 Jan 2005 10:24:23 -0800 (PST) Received: from localhost (localhost.wingfoot.org [127.0.0.1]) by wingfoot.org (Postfix) with ESMTP id EB6E11F44D0 for ; Wed, 26 Jan 2005 13:24:05 -0500 (EST) Received: from wingfoot.org ([127.0.0.1]) by localhost (wingfoot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 01655-01 for ; Wed, 26 Jan 2005 13:24:04 -0500 (EST) Received: from [127.0.0.1] (unknown [64.32.179.50]) by wingfoot.org (Postfix) with ESMTP id BBE651F44CD for ; Wed, 26 Jan 2005 13:24:04 -0500 (EST) Message-ID: <41F7E04B.2050100@wingfoot.org> Date: Wed, 26 Jan 2005 13:24:11 -0500 From: "Glenn E. Sieb" User-Agent: Mozilla Thunderbird 1.0 (Macintosh/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@sage.org Subject: [SAGE] Has anyone checked this out? Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at wingfoot.org Sender: owner-sage-members@usenix.org Precedence: bulk http://oreilly.useractive.com/courses/sysadmin.php3 I was up on the BSD OnLamp site today and happened to see this... was wondering what people's take on it was.. Best, --G. From sage-members-owner@usenix.org Wed Jan 26 11:33:02 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0QJX1n3020560 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 26 Jan 2005 11:33:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0QJX14V020559 for sage-members-outgoing; Wed, 26 Jan 2005 11:33:01 -0800 (PST) Received: from ace.DELOS.COM (ace.DELOS.COM [192.65.171.163]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0QJWxn3020552 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 26 Jan 2005 11:33:00 -0800 (PST) Received: from ace.DELOS.COM (localhost [127.0.0.1]) by ace.DELOS.COM (8.12.9/8.12.9) with ESMTP id j0QJWkJI040189; Wed, 26 Jan 2005 12:32:46 -0700 (MST) (envelope-from kolstad@ace.DELOS.COM) Received: (from kolstad@localhost) by ace.DELOS.COM (8.12.9/8.12.9/Submit) id j0QJWkHV040188; Wed, 26 Jan 2005 12:32:46 -0700 (MST) Date: Wed, 26 Jan 2005 12:32:46 -0700 (MST) From: Rob Kolstad Message-Id: <200501261932.j0QJWkHV040188@ace.DELOS.COM> To: ges@wingfoot.org, sage-members@sage.org Subject: Re: [SAGE] Has anyone checked this out? In-Reply-To: <41F7E04B.2050100@wingfoot.org> Sender: owner-sage-members@usenix.org Precedence: bulk SAGE offers a 50% discount to that U.Illinois program: http://www.sage.org/members-only/discounts.mm [bottom of page] RK ====================================================================== * /\ Rob Kolstad Executive Director, SAGE * /\ / \ kolstad@sage.org FAX: +1 719-481-6551 /\/ \/ \ +1 719-481-6542 15235 Roller Coaster Road / \ / \ http://www.sage.org Colorado Springs, CO 80921 ====================================================================== From sage-members-owner@usenix.org Wed Jan 26 11:29:49 2005 Date: Wed, 26 Jan 2005 13:24:11 -0500 From: "Glenn E. Sieb" User-Agent: Mozilla Thunderbird 1.0 (Macintosh/20041206) X-Accept-Language: en-us, en To: sage-members@sage.org Subject: [SAGE] Has anyone checked this out? X-Virus-Scanned: by amavisd-new at wingfoot.org Sender: owner-sage-members@usenix.org Precedence: bulk http://oreilly.useractive.com/courses/sysadmin.php3 I was up on the BSD OnLamp site today and happened to see this... was wondering what people's take on it was.. Best, --G. From sage-members-owner@usenix.org Wed Jan 26 11:42:25 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0QJgPn3021126 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 26 Jan 2005 11:42:25 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0QJgPqH021125 for sage-members-outgoing; Wed, 26 Jan 2005 11:42:25 -0800 (PST) Received: from smtpvip2.bnl.gov (smtp@[130.199.3.132]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0QJgHn2021088 for ; Wed, 26 Jan 2005 11:42:23 -0800 (PST) Received: from dh09.s130.bnl.gov ([130.199.131.249] helo=[127.0.0.1]) by smtpvip2.bnl.gov with esmtp (bnl.gov SMTP) id 1Ctt1v-0005mo-00 for ; Wed, 26 Jan 2005 14:40:43 -0500 Message-ID: <41F7F235.1050607@amber.org> Date: Wed, 26 Jan 2005 14:40:37 -0500 From: John Reddy User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE-Members Subject: Re: [SAGE] Becoming a Certificate Authority References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BNL-MailScanner-Information: Please contact the ITD Service Desk for more information X-BNL-MailScanner: Found to be clean X-BNL-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (score=0.405, required 5, autolearn=disabled, SPF_HELO_FAIL 0.41) X-MailScanner-From: jreddy@amber.org Sender: owner-sage-members@usenix.org Precedence: bulk All, Thanks for the feedback. CAcert.org doesn't really fit the bill for what we're looking for, which is being chained to a CA which is already in end-user browsers. We don't want our users to have to add another certificate to their browsers. The solution needs to be transparent to the end users Several CA's - Verisign, Thawte, Geotrust (among others) have managed certificate programs with web-based interfaces for fast turn-around of certificates for new hosts under the same domain. However, Verisign's seems to be . . . well, arbitrarily expensive for comparable services. Finally, looking into becoming a chained CA - not trying to get ourselves in the browsers, but having another CA sign our server-signing key, is overly expensive for the task. Though to become a chained CA isn't as hard as I thought. There's legal hoops to jump through, but just contact any of the friendlier CAs already out there, and they can help out. It looks like no less than $50,000 per year to be a chained CA. So unless there are very generous discounts, that's looking like 500+ SSL certs before break even . . . not counting one's administrative overhead. Thanks again for the help. -John Reddy -- "To do, one must first imagine." From sage-members-owner@usenix.org Wed Jan 26 11:55:51 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0QJtpn3022067 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 26 Jan 2005 11:55:51 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0QJtpfi022066 for sage-members-outgoing; Wed, 26 Jan 2005 11:55:51 -0800 (PST) Received: from numenor.qualcomm.com (numenor.qualcomm.com [129.46.51.58]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0QJtnn3022049 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Wed, 26 Jan 2005 11:55:50 -0800 (PST) Received: from crowley.qualcomm.com (crowley.qualcomm.com [129.46.61.151]) by numenor.qualcomm.com (8.12.10/8.12.5/1.0) with ESMTP id j0QJtShP007518 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Wed, 26 Jan 2005 11:55:29 -0800 (PST) Received: from grose1.qualcomm.com (dhcp112.qualcomm.com [129.46.76.238]) by crowley.qualcomm.com (8.12.10/8.12.5/1.0) with ESMTP id j0QJtPBg002238 (version=TLSv1/SSLv3 cipher=DES-CBC3-SHA bits=168 verify=NOT); Wed, 26 Jan 2005 11:55:26 -0800 (PST) Message-Id: <6.1.2.0.2.20050126115140.0488be88@203.30.171.17> X-Sender: ggr2@203.30.171.17 X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Wed, 26 Jan 2005 11:55:18 -0800 To: John Reddy From: Greg Rose Subject: Re: [SAGE] Becoming a Certificate Authority Cc: SAGE-Members In-Reply-To: <41F7F235.1050607@amber.org> References: <41F7F235.1050607@amber.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-PMX-Version: 4.7.0.111621 Sender: owner-sage-members@usenix.org Precedence: bulk At 14:40 2005-01-26 -0500, John Reddy wrote: >CAcert.org doesn't really fit the bill for what we're looking for, which >is being chained to a CA which is already in end-user browsers. We don't >want our users to have to add another certificate to their browsers. The >solution needs to be transparent to the end users So, put pressure on the browser suppliers to put CAcert's root in their browsers... This is already being done, to some extent, but more pressure couldn't hurt. I'm not sure of the actual figures (Duane there has done the work to find out) but I think for $50,000 you could get the auditing process done to include CAcert into IE. Greg. Greg Rose INTERNET: ggr@qualcomm.com Qualcomm Incorporated VOICE: +1-858-651-5733 FAX: +1-858-651-5766 5775 Morehouse Drive http://people.qualcomm.com/ggr/ San Diego, CA 92121 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C From sage-members-owner@usenix.org Wed Jan 26 22:39:45 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0R6djn3004957 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 26 Jan 2005 22:39:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0R6diCr004956 for sage-members-outgoing; Wed, 26 Jan 2005 22:39:44 -0800 (PST) Received: from skipper.frogspace.net (skipper.frogspace.net [216.222.192.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0R6dgn3004951 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Wed, 26 Jan 2005 22:39:43 -0800 (PST) Received: from [203.101.49.144] (helo=[203.101.49.144]) by skipper.frogspace.net with esmtp (Exim 4.32) id 1Cu3JR-0005kI-Dd; Wed, 26 Jan 2005 22:39:30 -0800 Received: from 127.0.0.1 (AVG SMTP 7.0.300 [265.7.3]); Thu, 27 Jan 2005 12:16:30 -0800 Message-ID: <41F94C1D.4060209@sisiro.com> Date: Thu, 27 Jan 2005 12:16:29 -0800 From: Sisir K Reply-To: sisiro@sisiro.com User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Glenn E. Sieb" , sage-members@sage.org Subject: Re: [SAGE] Has anyone checked this out? References: <41F7E04B.2050100@wingfoot.org> In-Reply-To: <41F7E04B.2050100@wingfoot.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-SA-Exim-Connect-IP: 203.101.49.144 X-SA-Exim-Mail-From: sisiro@sisiro.com Sender: owner-sage-members@usenix.org Precedence: bulk Glenn E. Sieb wrote: > http://oreilly.useractive.com/courses/sysadmin.php3 > > I was up on the BSD OnLamp site today and happened to see this... was > wondering what people's take on it was.. > > Best, > --G. Course contents are not impressive enough. Looks like it matters more to someone who want a univsersity certification on unix admin and don't mind shelling out that much money at the comfort of learning online. -S From sage-members-owner@usenix.org Thu Jan 27 07:08:56 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0RF8un3002979 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 07:08:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0RF8usw002978 for sage-members-outgoing; Thu, 27 Jan 2005 07:08:56 -0800 (PST) Received: from bzz.taranis.org (bzz.taranis.org [207.251.100.17]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0RF8sn2002971 for ; Thu, 27 Jan 2005 07:08:54 -0800 (PST) Received: by bzz.taranis.org (Postfix, from userid 100) id 759C1C185; Thu, 27 Jan 2005 10:08:34 -0500 (EST) Date: Thu, 27 Jan 2005 10:08:34 -0500 From: Christophe Kalt To: sage-members@sage.org Subject: Re: [SAGE] cabinet vendor recommendations Message-ID: <20050127150834.GB87845@bzz.taranis.org> Mail-Followup-To: sage-members@sage.org References: <20050121215541.GY18856@darkuncle.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050121215541.GY18856@darkuncle.net> User-Agent: Mutt/1.4.2.1i X-Spring: flower X-Message-Flag: Outlook is a highly efficient virus delivery agent. Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 21, Scott Francis wrote: | which vendors are any of you using for cabinets/rackmount enclosures, and | which are you happy with? I'm looking for something full-sized that locks, | with good airflow and (optionally) fans installed to help keep things | flowing. I have a number of friends who swear by APW, so much so, that i'm about to buy these for our new datacenter. They're fairly new in the US. http://www.apw.com/media/pdfs/productsServices/productShowcase/imservUS.pdf One really cool thing (again, i hear) are their whizz tight screws which are apparently great if you have to screw them in at some angle. From sage-members-owner@usenix.org Thu Jan 27 07:45:35 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0RFjZn3003926 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 07:45:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0RFjZJ2003925 for sage-members-outgoing; Thu, 27 Jan 2005 07:45:35 -0800 (PST) Received: from bzz.taranis.org (bzz.taranis.org [207.251.100.17]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0RFjXn2003920 for ; Thu, 27 Jan 2005 07:45:34 -0800 (PST) Received: by bzz.taranis.org (Postfix, from userid 100) id F1F51C185; Thu, 27 Jan 2005 10:45:14 -0500 (EST) Date: Thu, 27 Jan 2005 10:45:14 -0500 From: Christophe Kalt To: SAGE-Members Subject: [SAGE] Metered PDUs Message-ID: <20050127154514.GC87845@bzz.taranis.org> Mail-Followup-To: SAGE-Members Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-Spring: flower X-Message-Flag: Outlook is a highly efficient virus delivery agent. Sender: owner-sage-members@usenix.org Precedence: bulk Being in the process of designing a new datacenter, i'm interested to hear from people who have experience with metered PDUs (for cabinets), preferrably networked ones. i don't really care for the ability to turn on/off individual outlets (my servers have good enough LOM capabilities for this), only to measure/monitor power consumption. While a number of companies are now offering such products (Liebert, APC, HP, ..), i haven't yet had a chance to use them, but surely, some of you have :-) From sage-members-owner@usenix.org Thu Jan 27 07:58:59 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0RFwxn3004544 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 07:58:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0RFww8q004543 for sage-members-outgoing; Thu, 27 Jan 2005 07:58:58 -0800 (PST) Received: from mail3.bitpusher.com (support.bitpusher.com [64.127.99.30]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0RFwvn2004537 for ; Thu, 27 Jan 2005 07:58:57 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail3.bitpusher.com (Postfix) with ESMTP id 6578D3AF9; Thu, 27 Jan 2005 07:58:38 -0800 (PST) Received: from mail3.bitpusher.com ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 12572-02; Thu, 27 Jan 2005 07:58:37 -0800 (PST) Message-ID: <41F90FAC.9000703@halligan.org> Date: Thu, 27 Jan 2005 07:58:36 -0800 From: "Michael T. Halligan" User-Agent: Mozilla Thunderbird 1.0 (Macintosh/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Christophe Kalt Cc: SAGE-Members Subject: Re: [SAGE] Metered PDUs References: <20050127154514.GC87845@bzz.taranis.org> In-Reply-To: <20050127154514.GC87845@bzz.taranis.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at bitpusher.com Sender: owner-sage-members@usenix.org Precedence: bulk Christophe Kalt wrote: >Being in the process of designing a new datacenter, i'm >interested to hear from people who have experience with >metered PDUs (for cabinets), preferrably networked ones. > >i don't really care for the ability to turn on/off individual >outlets (my servers have good enough LOM capabilities for >this), only to measure/monitor power consumption. > >While a number of companies are now offering such products >(Liebert, APC, HP, ..), i haven't yet had a chance to use >them, but surely, some of you have :-) > > For a datacenter buildout I did @ 365main last year, we bought metered PDU's from Baytech (http://www.baytechdcd.com) and have been very happy with them. They were about $950 a piece for 48 port zero-U, dual-circuit 30 amp pdus. We put two per rack in a 6 rack cage. They do throw out a bit of heat when you're running 20+ amps per circuit, though. Having them in such a high density made wiring really nice, using 1' power cables to every serverr. -- ------------------- BitPusher, LLC http://www.bitpusher.com/ 1.888.9PUSHER (415) 724.7998 - Mobile From sage-members-owner@usenix.org Thu Jan 27 08:13:12 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0RGDCn3005173 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 08:13:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0RGDCrf005167 for sage-members-outgoing; Thu, 27 Jan 2005 08:13:12 -0800 (PST) Received: from bzz.taranis.org (bzz.taranis.org [207.251.100.17]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0RGDAn2005148 for ; Thu, 27 Jan 2005 08:13:10 -0800 (PST) Received: by bzz.taranis.org (Postfix, from userid 100) id 3FA56C185; Thu, 27 Jan 2005 11:12:56 -0500 (EST) Date: Thu, 27 Jan 2005 11:12:56 -0500 From: Christophe Kalt To: SAGE-Members Subject: Re: [SAGE] Metered PDUs Message-ID: <20050127161256.GD87845@bzz.taranis.org> Mail-Followup-To: SAGE-Members References: <20050127154514.GC87845@bzz.taranis.org> <41F90FAC.9000703@halligan.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41F90FAC.9000703@halligan.org> User-Agent: Mutt/1.4.2.1i X-Spring: flower X-Message-Flag: Outlook is a highly efficient virus delivery agent. Sender: owner-sage-members@usenix.org Precedence: bulk On Jan 27, Michael T. Halligan wrote: | For a datacenter buildout I did @ 365main last year, we bought metered | PDU's from Baytech (http://www.baytechdcd.com) and have been very happy | with them. They were about $950 a piece for 48 port zero-U, dual-circuit | 30 amp pdus. We put two per rack in a 6 rack cage. They do throw out a bit | of heat when you're running 20+ amps per circuit, though. These are interesting, thanks. They also offer various options for 120V vs 208V output which is cool as i'm thinking of predominently using 208V. | Having them in such a high density made wiring really nice, using 1' | power cables to every server. I'm with you there, these rule. From sage-members-owner@usenix.org Thu Jan 27 15:54:56 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0RNstn3000763 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 15:54:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0RNstYV000762 for sage-members-outgoing; Thu, 27 Jan 2005 15:54:55 -0800 (PST) Received: from cc0eb005.schwab.com (cc0eb005.schwab.com [162.93.253.117]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0RNsqn3000756 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Thu, 27 Jan 2005 15:54:54 -0800 (PST) Received: from s0743cdc.schwab.com (s0743cdc.schwab.com [162.93.239.70]) by cc0eb005.schwab.com (Switch-3.1.2/Switch-3.1.0) with ESMTP id j0RNsWS3012674 for ; Thu, 27 Jan 2005 18:54:32 -0500 Received: (from root@localhost) by sendmail.cf s0743cdc id j0RNsVXT015634 for SAGE-Members@usenix.org; Thu, 27 Jan 2005 18:54:31 -0500 Received: ( Schwab Email ) by copymail.cf s0743cdc with SMTP id j0RNsTtQ015612; for ; Thu, 27 Jan 2005 18:54:30 -0500 Received: From n1121smx.nt.schwab.com ([10.0.50.65]) by n2110pmx.nt.schwab.com (WebShield SMTP v4.5 MR1a P0803.345); id 1106870060811; Thu, 27 Jan 2005 16:54:20 -0700 Received: by n1121smx.nt.schwab.com with Internet Mail Service (5.5.2657.72) id <467R0QKH>; Thu, 27 Jan 2005 15:54:27 -0800 Message-ID: From: "Carlson, Scott" To: SAGE-Members Subject: [SAGE] Looking for Open Source DFS Client for Unices Date: Thu, 27 Jan 2005 15:54:22 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain Sender: owner-sage-members@usenix.org Precedence: bulk We'd like to explore the possibility of using a "microsoft dfs aware" DFS client on our unix platforms in order to do the following A) Create a "unixhome" subdirectory within our windows home directories (currently CIFS -> NetAPP, DFS enabled) /us/home/user.name/unixhome B) Install "OpenDFS" on all our unix boxen C) Create automount configs so that every user, when they log into unix, mounts /home/user.name /us/home/user.name/unixhome Does anyone out there know if there's an Open source DFS client that works on solaris, AIX, Linux (RHAS) ? I was trying to find various things through google, but some of the sites are down, and most of the information I found was from years ago... Basically, the goal is to have a single home directory solution for windows and Unix. Our backend is many NetApp's, so I can't hardcode things (or it would be a pain for 20,000 users) and would like to rely on my MS Win2003 DFS forest. Any thoughts or direction from anyone out there? Thanks Scott Carlson Scott.carlson@schwab.com From sage-members-owner@usenix.org Thu Jan 27 16:43:44 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S0hhn3001886 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 16:43:43 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S0hhtN001885 for sage-members-outgoing; Thu, 27 Jan 2005 16:43:43 -0800 (PST) Received: from smtp1.utdallas.edu (smtp1.utdallas.edu [129.110.10.12]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S0hfn2001880 for ; Thu, 27 Jan 2005 16:43:42 -0800 (PST) Received: from [192.168.0.101] (utdvpn084054.utdallas.edu [129.110.84.54]) by smtp1.utdallas.edu (Postfix) with ESMTP id 794A2388DC1 for ; Thu, 27 Jan 2005 18:43:22 -0600 (CST) Message-ID: <41F98B30.3070309@utdallas.edu> Date: Thu, 27 Jan 2005 18:45:36 -0600 From: Amos User-Agent: Mozilla Thunderbird 1.0 (Macintosh/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE-Members@usenix.org Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Carlson, Scott wrote: > We'd like to explore the possibility of using a "microsoft dfs aware" DFS > client on our unix platforms in order to do the following Isn't DFS a part of DCE? It's been too long ago for me to remember. Anyway, DCE now offered as open source.... http://www.opengroup.org/dce/ Amos From sage-members-owner@usenix.org Thu Jan 27 17:01:52 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S11qn3002583 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 17:01:52 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S11qvt002582 for sage-members-outgoing; Thu, 27 Jan 2005 17:01:52 -0800 (PST) Received: from bache.ece.cmu.edu (BACHE.ECE.CMU.EDU [128.2.129.23]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S11on2002577 for ; Thu, 27 Jan 2005 17:01:50 -0800 (PST) Received: from [10.9.204.1] (dsl093-061-215.pit1.dsl.speakeasy.net [66.93.61.215]) by bache.ece.cmu.edu (Postfix) with ESMTP id 854C886; Thu, 27 Jan 2005 20:01:34 -0500 (EST) Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices From: "Brandon S. Allbery KF8NH" To: Amos Cc: SAGE-Members@usenix.org In-Reply-To: <41F98B30.3070309@utdallas.edu> References: <41F98B30.3070309@utdallas.edu> Content-Type: text/plain Message-Id: <1106874092.2569.1.camel@rushlight.kf8nh.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 Date: Thu, 27 Jan 2005 20:01:33 -0500 Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, 2005-01-27 at 19:45, Amos wrote: > Carlson, Scott wrote: > > We'd like to explore the possibility of using a "microsoft dfs aware" DFS > > client on our unix platforms in order to do the following > > Isn't DFS a part of DCE? It's been too long ago for me to remember. > Anyway, DCE now offered as open source.... There's DCE DFS, and then there's MSDFS which is a completely separate entity built on top of SMB / CIFS. Samba can be an MSDFS server, but not a client that I've seen. -- brandon s. allbery [linux,solaris,freebsd,perl] allbery@kf8nh.com system administrator [WAY too many hats] allbery@ece.cmu.edu electrical and computer engineering, carnegie mellon univ. KF8NH From sage-members-owner@usenix.org Thu Jan 27 17:23:12 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S1NCn3003387 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 17:23:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S1NBAk003386 for sage-members-outgoing; Thu, 27 Jan 2005 17:23:12 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S1N9n3003375 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 17:23:10 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0S1Mow8052484; Thu, 27 Jan 2005 20:22:52 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Fri, 28 Jan 2005 02:04:27 +0100 To: "Carlson, Scott" From: Brad Knowles Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices Cc: SAGE-Members Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 3:54 PM -0800 2005-01-27, Carlson, Scott wrote: > Basically, the goal is to have a single home directory solution for windows > and Unix. Our backend is many NetApp's, so I can't hardcode things (or it > would be a pain for 20,000 users) and would like to rely on my MS Win2003 > DFS forest. I'm confused. Do you mean DFS (which I've never heard of), or do you mean DAFS (which I have)? If the latter, note that this is only a file-level access mechanism as opposed to block-level, and while this may work for normal files, there may well be a lot of unusual file types and operations that will not work on DAFS, or will not work the way you want. DAFS may or may not be better for your application as compared to NFS, but it would be interesting to find out. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Thu Jan 27 17:23:12 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S1NCn3003389 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 17:23:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S1NCbv003388 for sage-members-outgoing; Thu, 27 Jan 2005 17:23:12 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S1NAn3003376 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 17:23:10 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0S1MowA052484 for ; Thu, 27 Jan 2005 20:22:54 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: Date: Fri, 28 Jan 2005 02:22:43 +0100 To: SAGE Members Mailing List From: Brad Knowles Subject: [SAGE] Open source distributed cluster filesystem? Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk Folks, While we're on the topic of open source filesystems, I've been thinking about a particular way I'd like to use some machines, and I've been wondering if there is a suitable filesystem out there to match what I'm looking for. For example, take a small loosely-coupled cluster of four servers. Each would have some local-only storage for the OS, etc..., but there would also be shared storage which is made available to the other three members of the cluster, as well as to cache locally copies of data from other members of the cluster. Hopefully, if one member of the cluster were to go down, the data it had stored would still be available through a RAID-like mechanism. Something like OpenAFS doesn't fit this model, because it still assumes a central storage facility, of which clients may have local caches. It doesn't assume a P2P server storage model. I guess I'm thinking something akin to freenet, or one of the other distributed, replicated, P2P storage methods, but adapted to function as a reasonably normal filesystem. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Thu Jan 27 17:32:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S1WWn3004421 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 17:32:33 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S1WWxh004420 for sage-members-outgoing; Thu, 27 Jan 2005 17:32:32 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S1WVn2004413 for ; Thu, 27 Jan 2005 17:32:31 -0800 (PST) Received: (qmail 45033 invoked by uid 18647); 28 Jan 2005 01:31:59 -0000 Date: Thu, 27 Jan 2005 17:31:58 -0800 From: Philip Brown To: SAGE-Members Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices Message-ID: <20050127173158.A39922@bolthole.com> Mail-Followup-To: SAGE-Members References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from Scott.Carlson@schwab.com on Thu, Jan 27, 2005 at 03:54:22PM -0800 Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, Jan 27, 2005 at 03:54:22PM -0800, Carlson, Scott wrote: > We'd like to explore the possibility of using a "microsoft dfs aware" DFS > client on our unix platforms in order to do the following > > A) Create a "unixhome" subdirectory within our windows home directories > (currently CIFS -> NetAPP, DFS enabled) > /us/home/user.name/unixhome > B) Install "OpenDFS" on all our unix boxen > C) Create automount configs so that every user, when they log into unix, > mounts > /home/user.name /us/home/user.name/unixhome Why does it have to be the same mechanism? Why cant you have [a file server] that serves a home filesystem to windows boxes via samba/SMB/whatever, but via NFS to unix hosts? > Basically, the goal is to have a single home directory solution for windows > and Unix. Our backend is many NetApp's, so I can't hardcode things (or it > would be a pain for 20,000 users) and would like to rely on my MS Win2003 > DFS forest. > > Any thoughts or direction from anyone out there? I thought netapp makes sharing one filesystem through multiple protocols like this easy? The only issue would be in making sure that your UNIX automount/whatever maps for a user, point to the same filesystem+directory that the ms-windows maps do for that user. Not as nice as having some 100% unified solution, I'm sure... but it still should be very doable, and maintainable. From sage-members-owner@usenix.org Thu Jan 27 17:41:36 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S1fZn3004910 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 17:41:36 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S1fZ91004908 for sage-members-outgoing; Thu, 27 Jan 2005 17:41:35 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S1fXn2004903 for ; Thu, 27 Jan 2005 17:41:34 -0800 (PST) Received: (qmail 48650 invoked by uid 18647); 28 Jan 2005 01:34:37 -0000 Date: Thu, 27 Jan 2005 17:34:37 -0800 From: Philip Brown To: SAGE Members Mailing List Subject: Re: [SAGE] Open source distributed cluster filesystem? Message-ID: <20050127173437.B39922@bolthole.com> Mail-Followup-To: SAGE Members Mailing List References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from brad@stop.mail-abuse.org on Fri, Jan 28, 2005 at 02:22:43AM +0100 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 28, 2005 at 02:22:43AM +0100, Brad Knowles wrote: > Folks, > > While we're on the topic of open source filesystems, I've been > thinking about a particular way I'd like to use some machines, and > I've been wondering if there is a suitable filesystem out there to > match what I'm looking for. > [...] I think this sort of thing tends to be very OS-specific, so you'd better specify which OSs you'll need this thing to run on? btw: what did you mean by the 'loosely' in your "loosely clustered" description? From sage-members-owner@usenix.org Thu Jan 27 17:47:02 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S1l1n3005448 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 17:47:02 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S1l1wd005445 for sage-members-outgoing; Thu, 27 Jan 2005 17:47:01 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S1kxn3005439 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 17:47:00 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0S1kgj5053485; Thu, 27 Jan 2005 20:46:43 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050127173158.A39922@bolthole.com> References: <20050127173158.A39922@bolthole.com> Date: Fri, 28 Jan 2005 02:40:55 +0100 To: Philip Brown From: Brad Knowles Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices Cc: SAGE-Members Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 5:31 PM -0800 2005-01-27, Philip Brown wrote: > Why cant you have [a file server] that serves a home filesystem to > windows boxes via samba/SMB/whatever, but via NFS to unix hosts? In my experience, NetApp does this as well or better than anyone else in the business, and they don't do it well. > I thought netapp makes sharing one filesystem through multiple protocols > like this easy? In theory, yes. In practice, I have been told that there are some incompatibilities that effectively make this sort of thing much more difficult, if not practically impossible. At least, with NetApp. I think it has to do with incompatibilities between NTFS ACLs and Unix-style ownership/permissions, but I may be mis-remembering. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Thu Jan 27 18:07:12 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S27Bn3006133 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 18:07:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S27BsY006132 for sage-members-outgoing; Thu, 27 Jan 2005 18:07:11 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S278n3006127 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 18:07:10 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0S26oHK054277; Thu, 27 Jan 2005 21:06:51 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050127173437.B39922@bolthole.com> References: <20050127173437.B39922@bolthole.com> Date: Fri, 28 Jan 2005 02:50:54 +0100 To: Philip Brown From: Brad Knowles Subject: Re: [SAGE] Open source distributed cluster filesystem? Cc: SAGE Members Mailing List Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 5:34 PM -0800 2005-01-27, Philip Brown wrote: > I think this sort of thing tends to be very OS-specific, so you'd better > specify which OSs you'll need this thing to run on? /me wonders how far he can make Phil snort coffee out of his nose.... Would you roll over and die laughing if I said "FreeBSD on UltraSPARC"? Seriously, I was hoping to find something cross-platform, at least roughly comparable to the level of interoperability you can get with NFS. Otherwise, I might as well just build an NFS server and mount that across all the machines in the cluster. > btw: what did you mean by the 'loosely' in your "loosely clustered" > description? No MPI or PVM. Sharing disk storage and having a mechanism for starting jobs across other machines in the "cluster", but no need for tools to migrate processes from one system to another. You don't get much looser than that. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Thu Jan 27 18:07:29 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S27Sn3006170 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 18:07:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S27RTI006169 for sage-members-outgoing; Thu, 27 Jan 2005 18:07:27 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S27Qn2006164 for ; Thu, 27 Jan 2005 18:07:26 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j0S279ow013720; Thu, 27 Jan 2005 20:07:09 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id UAA05223; Thu, 27 Jan 2005 20:07:07 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Thu, 27 Jan 2005 20:07:06 -0600 (CST) From: Doug Hughes To: Brad Knowles cc: SAGE Members Mailing List Subject: Re: [SAGE] Open source distributed cluster filesystem? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, 28 Jan 2005, Brad Knowles wrote: > Folks, > > While we're on the topic of open source filesystems, I've been > thinking about a particular way I'd like to use some machines, and > I've been wondering if there is a suitable filesystem out there to > match what I'm looking for. > > For example, take a small loosely-coupled cluster of four > servers. Each would have some local-only storage for the OS, etc..., > but there would also be shared storage which is made available to the > other three members of the cluster, as well as to cache locally > copies of data from other members of the cluster. Hopefully, if one > member of the cluster were to go down, the data it had stored would > still be available through a RAID-like mechanism. > > Something like OpenAFS doesn't fit this model, because it still > assumes a central storage facility, of which clients may have local > caches. It doesn't assume a P2P server storage model. > > > I guess I'm thinking something akin to freenet, or one of the > other distributed, replicated, P2P storage methods, but adapted to > function as a reasonably normal filesystem. > PVFS is almost like that except for one important part, the redundancy. PVFS just stripes across all the nodes in the cluster giving you a massive I/O parallel access filesystem. http://www.parl.clemson.edu/pvfs/ (used to be distributed along with Sun parallel clustering stuff, which was a free download about 6 years ago. I haven't been following that since. Had MPI, PVM, PVFS, typical Beowulf stuff) There are games you can do with this to make it redundant, such as using host mirroring of 2 drives and building PVFS on top of that (disksuite, MD, network block device, etc) to get a sort of 1+0 network distributed filesystem: http://www.beowulf.org/archive/2001-January/001797.html there's a big of IEEE/ACM research paper material: http://portal.acm.org/citation.cfm?id=506159 I've not seen any yet that are practical that do a RAID-5 type setup. Amoebaish stuff might come close (well, again, not very practical) Doug From sage-members-owner@usenix.org Thu Jan 27 18:17:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S2H1n3007127 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 18:17:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S2H1Qj007126 for sage-members-outgoing; Thu, 27 Jan 2005 18:17:01 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S2Gxn3007119 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 18:16:59 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0S2Ge9x054792; Thu, 27 Jan 2005 21:16:41 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Fri, 28 Jan 2005 03:16:29 +0100 To: Doug Hughes From: Brad Knowles Subject: Re: [SAGE] Open source distributed cluster filesystem? Cc: Brad Knowles , SAGE Members Mailing List Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 8:07 PM -0600 2005-01-27, Doug Hughes wrote: > PVFS is almost like that except for one important part, the redundancy. > PVFS just stripes across all the nodes in the cluster giving you a > massive I/O parallel access filesystem. > > http://www.parl.clemson.edu/pvfs/ I got a private response that recommended I check out the page at , specifically the cluster filesystems. PVFS immediately struck me as the sort of thing I was looking for, but unfortunately it is implemented as a Linux kernel module, and I'm looking for something that will work on FreeBSD on UltraSPARC, preferably also cross-platform to multiple other OSes/platforms. > There are games you can do with this to make it redundant, such > as using host mirroring of 2 drives and building PVFS on top of > that (disksuite, MD, network block device, etc) to get a sort of > 1+0 network distributed filesystem: > http://www.beowulf.org/archive/2001-January/001797.html > > there's a big of IEEE/ACM research paper material: > http://portal.acm.org/citation.cfm?id=506159 Cool! Thanks! > I've not seen any yet that are practical that do a RAID-5 type setup. > Amoebaish stuff might come close (well, again, not very practical) Hmm. Another one to check out. Thanks again! -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Thu Jan 27 18:32:12 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S2WBn3007706 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 18:32:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S2WBgv007705 for sage-members-outgoing; Thu, 27 Jan 2005 18:32:11 -0800 (PST) Received: from klutz.cs.utk.edu (klutz.cs.utk.edu [160.36.56.50]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S2W9n3007700 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 18:32:10 -0800 (PST) Received: from localhost (klutz [127.0.0.1]) by klutz.cs.utk.edu (Postfix) with ESMTP id 4143A40224 for ; Thu, 27 Jan 2005 21:31:55 -0500 (EST) Received: from klutz.cs.utk.edu ([127.0.0.1]) by localhost (klutz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 03825-11; Thu, 27 Jan 2005 21:31:53 -0500 (EST) Received: from woodchuck.cs.utk.edu (woodchuck.cs.utk.edu [160.36.58.170]) by klutz.cs.utk.edu (Postfix) with ESMTP id EE0A240128; Thu, 27 Jan 2005 21:31:53 -0500 (EST) Received: by woodchuck.cs.utk.edu (Postfix, from userid 2861) id A05DB134CA; Thu, 27 Jan 2005 21:31:51 -0500 (EST) Date: Thu, 27 Jan 2005 21:31:51 -0500 From: Josh Lothian To: SAGE Members Mailing List Subject: Re: [SAGE] Open source distributed cluster filesystem? Message-ID: <20050128023151.GA1028@woodchuck.cs.utk.edu> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i X-Virus-Scanned: by amavisd-new at cs.utk.edu by ClamAV and McAfee Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 28, 2005 at 02:22:43AM +0100, Brad Knowles wrote: > Folks, > > While we're on the topic of open source filesystems, I've been > thinking about a particular way I'd like to use some machines, and > I've been wondering if there is a suitable filesystem out there to > match what I'm looking for. > > For example, take a small loosely-coupled cluster of four > servers. Each would have some local-only storage for the OS, etc..., > but there would also be shared storage which is made available to the > other three members of the cluster, as well as to cache locally > copies of data from other members of the cluster. Hopefully, if one > member of the cluster were to go down, the data it had stored would > still be available through a RAID-like mechanism. > > Something like OpenAFS doesn't fit this model, because it still > assumes a central storage facility, of which clients may have local > caches. It doesn't assume a P2P server storage model. > > > I guess I'm thinking something akin to freenet, or one of the > other distributed, replicated, P2P storage methods, but adapted to > function as a reasonably normal filesystem. Lustre looks very interesting and similar to what you want. It even features MacOSX support, and a userspace library that they claim will allow an Operating System without a native port to access a Lustre fs. Of course none of that in the free version. -jkl From sage-members-owner@usenix.org Thu Jan 27 18:45:15 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S2jFn3008252 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 18:45:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S2jEjp008251 for sage-members-outgoing; Thu, 27 Jan 2005 18:45:15 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S2jCn2008246 for ; Thu, 27 Jan 2005 18:45:13 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j0S2ivow016742; Thu, 27 Jan 2005 20:44:57 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id UAA05244; Thu, 27 Jan 2005 20:44:54 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Thu, 27 Jan 2005 20:44:54 -0600 (CST) From: Doug Hughes To: Brad Knowles cc: SAGE Members Mailing List Subject: Re: [SAGE] Open source distributed cluster filesystem? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, 28 Jan 2005, Brad Knowles wrote: > At 8:07 PM -0600 2005-01-27, Doug Hughes wrote: > > > PVFS is almost like that except for one important part, the redundancy. > > PVFS just stripes across all the nodes in the cluster giving you a > > massive I/O parallel access filesystem. > > > > http://www.parl.clemson.edu/pvfs/ > > I got a private response that recommended I check out the page at > , > specifically the cluster filesystems. > > PVFS immediately struck me as the sort of thing I was looking > for, but unfortunately it is implemented as a Linux kernel module, > and I'm looking for something that will work on FreeBSD on > UltraSPARC, preferably also cross-platform to multiple other > OSes/platforms. > I know it was available on Solaris 6+ years ago, so it must be more cross platform than just linux kernel. (looks like it's still available at sun.com HPC sun community source-code license, but it doesn't explicitly say whether PVFS comes with it anymore). Check into pvfs a bit more. I think the linux kernel module is a bit of optional hackery (like the SMB kernel module). -- excerpt -- [ see sentence 3 in particular. that's a positive indication ] The Parallel Virtual File System (PVFS) Project is an effort to provide a high-performance and scalable parallel file system for PC clusters. PVFS is open source and released under the GNU General Public License. It requires no special hardware or modifications to the kernel. PVFS provides four important capabilities in one package: * a consistent file name space across the machine * transparent access for existing utilities * physical distribution of data across multiple disks in multiple cluster nodes * high-performance user space access for applications --- > > There are games you can do with this to make it redundant, such > > as using host mirroring of 2 drives and building PVFS on top of > > that (disksuite, MD, network block device, etc) to get a sort of > > 1+0 network distributed filesystem: > > http://www.beowulf.org/archive/2001-January/001797.html > > > > there's a big of IEEE/ACM research paper material: > > http://portal.acm.org/citation.cfm?id=506159 > > Cool! Thanks! > > > I've not seen any yet that are practical that do a RAID-5 type setup. > > Amoebaish stuff might come close (well, again, not very practical) > > Hmm. Another one to check out. Thanks again! > amoeba is (was?) cool research stuff. Basically it's an entire parallel operating system with chunks of redundancy thrown in, migratory processes, global process space, etc. Not very many apps though. From sage-members-owner@usenix.org Thu Jan 27 19:28:09 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S3S8n3009150 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 19:28:08 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S3S8qF009149 for sage-members-outgoing; Thu, 27 Jan 2005 19:28:08 -0800 (PST) Received: from mail.seekingfire.com (caliban.rospa.ca [24.72.10.209]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S3S6n2009144 for ; Thu, 27 Jan 2005 19:28:06 -0800 (PST) Received: by mail.seekingfire.com (Postfix, from userid 500) id 5992F459; Thu, 27 Jan 2005 21:27:51 -0600 (CST) Date: Thu, 27 Jan 2005 21:27:51 -0600 From: Tillman Hodgson To: SAGE Members Mailing List Subject: Re: [SAGE] Open source distributed cluster filesystem? Message-ID: <20050128032751.GQ46047@seekingfire.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Habeas-SWE-1: winter into spring X-Habeas-SWE-2: brightly anticipated X-Habeas-SWE-3: like Habeas SWE (tm) X-Habeas-SWE-4: Copyright 2002 Habeas (tm) X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this X-Habeas-SWE-6: email in exchange for a license for this Habeas X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this X-Habeas-SWE-9: mark in spam to . X-GPG-Key-ID: 828AFC7B X-GPG-Fingerprint: 5584 14BA C9EB 1524 0E68 F543 0F0A 7FBC 828A FC7B X-GPG-Key: http://www.seekingfire.com/personal/gpg_key.asc X-Urban-Legend: There is lots of hidden information in headers X-Tillman-rules: yes he does User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 28, 2005 at 03:16:29AM +0100, Brad Knowles wrote: > PVFS immediately struck me as the sort of thing I was looking > for, but unfortunately it is implemented as a Linux kernel module, > and I'm looking for something that will work on FreeBSD on > UltraSPARC, preferably also cross-platform to multiple other > OSes/platforms. Howdy Brad, I've seen your posts on the FreeBSD sparc64 list. I'm very interested in getting the server portion of OpenAFS running, coincidentally enough, on FreeBSD -current on sparc64 (with an old DEC storageworks tower stuffed full of 18G drives). If you /do/ have to play with it and get it serving files somewhat reliably, I'd love to read an email/blog entry/technical paper/whatever is "hip" with the kids these days about it. The usual difficulty people have with AFS seems to be the Kerberos portion. I know Kerberos, integrating AFS into my realm won't be a problem. Getting it to the point of actually serving a volume is the problem :-) -T -- "/dev/null is your friend. It cares. It will listen to everything you say and will never interrupt you, no matter how stupid or ill-informed it may be. It will never talk back. It will never ignore you. Use it." -- Nick on the OpenBSD Misc@ mailing list From sage-members-owner@usenix.org Thu Jan 27 21:11:07 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S5B7n3011036 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 21:11:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S5B7W0011035 for sage-members-outgoing; Thu, 27 Jan 2005 21:11:07 -0800 (PST) Received: from mailhub-5.iastate.edu (mailhub-5.iastate.edu [129.186.140.15]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S5B5n2011029 for ; Thu, 27 Jan 2005 21:11:05 -0800 (PST) Received: from mailout-1.iastate.edu (mailout-1.iastate.edu [129.186.140.1]) by mailhub-5.iastate.edu (8.12.10/8.12.10) with SMTP id j0S5AYDP002813; Thu, 27 Jan 2005 23:10:34 -0600 Received: from new-entilzha.ait.iastate.edu(129.186.145.186) by mailout-1.iastate.edu via csmap id bb482ba4_70ea_11d9_995d_00304811d932_20777; Thu, 27 Jan 2005 23:09:05 -0600 (CST) Received: from localhost (gendalia@localhost) by entilzha.ait.iastate.edu (8.8.8/8.8.5) with SMTP id XAA18220; Thu, 27 Jan 2005 23:08:37 -0600 (CST) To: Tillman Hodgson cc: SAGE Members Mailing List Subject: Re: [SAGE] Open source distributed cluster filesystem? In-reply-to: Your message of Thu, 27 Jan 2005 21:27:51 -0600. <20050128032751.GQ46047@seekingfire.com> Date: Thu, 27 Jan 2005 23:08:21 CST Message-ID: <18221.1106888901@entilzha.ait.iastate.edu> From: "Tracy J. Di Marco White" Sender: owner-sage-members@usenix.org Precedence: bulk In message <20050128032751.GQ46047@seekingfire.com>, Tillman Hodgson writes: }I've seen your posts on the FreeBSD sparc64 list. I'm very interested in }getting the server portion of OpenAFS running, coincidentally enough, on }FreeBSD -current on sparc64 (with an old DEC storageworks tower stuffed }full of 18G drives). If you /do/ have to play with it and get it serving }files somewhat reliably, I'd love to read an email/blog entry/technical }paper/whatever is "hip" with the kids these days about it. } }The usual difficulty people have with AFS seems to be the Kerberos }portion. I know Kerberos, integrating AFS into my realm won't be a }problem. Getting it to the point of actually serving a volume is the }problem :-) A co-worker and I each set up AFS cells at home. We're both using NetBSD, but the information for AFS setup shouldn't be too different. http://www.madscientistresearch.net/ProjectList/ProjectNorton/AfsOnNetBSD Tracy J. Di Marco White Academic Information Technologies Iowa State University From sage-members-owner@usenix.org Thu Jan 27 21:42:11 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S5gBn3011759 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 27 Jan 2005 21:42:11 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0S5gBFr011758 for sage-members-outgoing; Thu, 27 Jan 2005 21:42:11 -0800 (PST) Received: from pd3mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0S5g9n2011753 for ; Thu, 27 Jan 2005 21:42:09 -0800 (PST) Received: from pd3mr3so.prod.shaw.ca (pd3mr3so-qfe3.prod.shaw.ca [10.0.141.179]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IB000FR5IH8YX20@l-daemon> for SAGE-Members@usenix.org; Thu, 27 Jan 2005 22:41:32 -0700 (MST) Received: from pn2ml10so.prod.shaw.ca ([10.0.121.80]) by pd3mr3so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IB000H02IGR4A70@pd3mr3so.prod.shaw.ca> for SAGE-Members@usenix.org; Thu, 27 Jan 2005 22:41:15 -0700 (MST) Received: from mail.zioup.com (S010600105acb8880.cg.shawcable.net [68.147.47.70]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0IB0000EGIGRXT@l-daemon> for SAGE-Members@usenix.org; Thu, 27 Jan 2005 22:41:15 -0700 (MST) Received: by mail.zioup.com (Postfix, from userid 1001) id EAF1125802F; Thu, 27 Jan 2005 22:41:14 -0700 (MST) Received: from localhost (localhost [127.0.0.1]) by mail.zioup.com (Postfix) with ESMTP id DD2862100F3 for ; Thu, 27 Jan 2005 22:41:14 -0700 (MST) Date: Thu, 27 Jan 2005 22:41:14 -0700 (MST) From: Yves Dorfsman Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices In-reply-to: <20050127173158.A39922@bolthole.com> To: SAGE-Members Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; format=flowed; charset=US-ASCII References: <20050127173158.A39922@bolthole.com> Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, 27 Jan 2005, Philip Brown wrote: > I thought netapp makes sharing one filesystem through multiple protocols > like this easy? In my experience netapp is really good at serving either UNIX orNT filesystem (even from the same box), but if you try to share to both world at the same time, you get into permission nightmare. Yves. ---- Yves Dorfsman yves@zioup.com http://www.cuug.ab.ca/dorfsmay http://www.SollerS.ca From sage-members-owner@usenix.org Fri Jan 28 02:03:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SA3kn3005767 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 02:03:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SA3j4h005765 for sage-members-outgoing; Fri, 28 Jan 2005 02:03:45 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SA3hn3005760 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 02:03:44 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0SA3P0w084816; Fri, 28 Jan 2005 05:03:26 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050128023151.GA1028@woodchuck.cs.utk.edu> References: <20050128023151.GA1028@woodchuck.cs.utk.edu> Date: Fri, 28 Jan 2005 10:27:47 +0100 To: Josh Lothian From: Brad Knowles Subject: Re: [SAGE] Open source distributed cluster filesystem? Cc: SAGE Members Mailing List Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 9:31 PM -0500 2005-01-27, Josh Lothian wrote: > Lustre looks very interesting and similar to > what you want. It even features MacOSX support, and a userspace library > that they claim will allow an Operating System without a native port to > access a Lustre fs. It does look kind of interesting. Unfortunately, it only supports Linux and MacOS X as server platforms, and there's not much information there about how much it costs. If I could get a decent cluster filesystem that ran on FreeBSD/UltraSPARC, I'd seriously consider buying it or paying for support, even if a no-cost open source version were also available. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Fri Jan 28 02:03:56 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SA3un3005787 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 02:03:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SA3tpE005786 for sage-members-outgoing; Fri, 28 Jan 2005 02:03:55 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SA3nn3005780 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 02:03:50 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0SA3P10084816; Fri, 28 Jan 2005 05:03:29 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050128032751.GQ46047@seekingfire.com> References: <20050128032751.GQ46047@seekingfire.com> Date: Fri, 28 Jan 2005 10:32:14 +0100 To: Tillman Hodgson From: Brad Knowles Subject: Re: [SAGE] Open source distributed cluster filesystem? Cc: SAGE Members Mailing List Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 9:27 PM -0600 2005-01-27, Tillman Hodgson wrote: > I'm very interested in > getting the server portion of OpenAFS running, coincidentally enough, on > FreeBSD -current on sparc64 (with an old DEC storageworks tower stuffed > full of 18G drives). If you /do/ have to play with it and get it serving > files somewhat reliably, I'd love to read an email/blog entry/technical > paper/whatever is "hip" with the kids these days about it. I've heard about OpenAFS, but it doesn't really solve the problem I will have. Basically, I've got four Ultra 10 clones that I want to try to use in a loosely-coupled cluster with shared storage, but none of them have a great deal of local disk space. Each machine does have enough that, if they were able to pool all that storage together, the sum total should be sufficient to do what I want. The problem is figuring out how they could effectively pool that storage. Short of a suitable cluster filesystem somewhat akin to PVFS, I figure I'll probably go with NFS. > The usual difficulty people have with AFS seems to be the Kerberos > portion. I know Kerberos, integrating AFS into my realm won't be a > problem. Getting it to the point of actually serving a volume is the > problem :-) Well, I don't plan on doing anything with Kerberos here, so if that's a requirement for OpenAFS, then either I will have a stub no-op Kerberos environment just for OpenAFS, or I will be a lot less likely to try to play around with it. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Fri Jan 28 06:06:37 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SE6bn3016757 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 06:06:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SE6b3k016756 for sage-members-outgoing; Fri, 28 Jan 2005 06:06:37 -0800 (PST) Received: from hexogen.explosive.net (hexogen.explosive.net [216.27.184.5]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SE6Zn3016751 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 28 Jan 2005 06:06:36 -0800 (PST) Received: by hexogen.explosive.net (Postfix, from userid 518) id A7DE9EBFA0; Fri, 28 Jan 2005 06:05:35 -0800 (PST) Subject: Re: [SAGE] Open source distributed cluster filesystem? To: sage-members@usenix.org (SAGE Members) Date: Fri, 28 Jan 2005 09:05:35 -0500 (EST) In-Reply-To: from "Brad Knowles" at Jan 28, 2005 02:22:43 AM From: "Adam S. Moskowitz" Reply-To: adamm@menlo.com X-Mailer: ELM [version 2.5 PL6] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20050128140535.A7DE9EBFA0@hexogen.explosive.net> Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, 28 Jan 2005 02:22:43 +0100 Brad Knowles wrote: > For example, take a small loosely-coupled cluster of four > servers. Each would have some local-only storage for the OS, etc..., > but there would also be shared storage which is made available to the > other three members of the cluster, as well as to cache locally > copies of data from other members of the cluster. Hopefully, if one > member of the cluster were to go down, the data it had stored would > still be available through a RAID-like mechanism. "Ningaui: A Linux Cluster for Business" (see URL below) describes a system that does some of what you want, although maybe not the way you want it. Our "filesystem" is distributed/replicated asynchronously, and then only of the files you indicate should be replicated. You can also control how many and/or which nodes get copies of your data. The system doesn't handle "fast fail-over," but that wasn't what it was designed for. We haven't made the software available yet, but we intend to -- I just don't know when. Sorry. And yes, this is more than just "rsync" -- but I'm not really the right person to explain how it differs. The paper (URL below) may talk about it, or you may have to wait 'til we publish a paper with more details about our "replication manager" (the software that handles the distribution of files). No, I don't know where or when we intend to try to publish that paper. AdamM http://www.usenix.org/publications/library/proceedings/usenix02/tech/freenix/hume.html From sage-members-owner@usenix.org Fri Jan 28 06:24:09 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SEO9n3017317 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 06:24:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SEO9tY017316 for sage-members-outgoing; Fri, 28 Jan 2005 06:24:09 -0800 (PST) Received: from mail.seekingfire.com (caliban.rospa.ca [24.72.10.209]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SEO7n2017311 for ; Fri, 28 Jan 2005 06:24:07 -0800 (PST) Received: by mail.seekingfire.com (Postfix, from userid 500) id 2025A4F7; Fri, 28 Jan 2005 08:23:53 -0600 (CST) Date: Fri, 28 Jan 2005 08:23:53 -0600 From: Tillman Hodgson To: SAGE Members Mailing List Subject: Re: [SAGE] Open source distributed cluster filesystem? Message-ID: <20050128142353.GV46047@seekingfire.com> References: <20050128032751.GQ46047@seekingfire.com> <18221.1106888901@entilzha.ait.iastate.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <18221.1106888901@entilzha.ait.iastate.edu> X-Habeas-SWE-1: winter into spring X-Habeas-SWE-2: brightly anticipated X-Habeas-SWE-3: like Habeas SWE (tm) X-Habeas-SWE-4: Copyright 2002 Habeas (tm) X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this X-Habeas-SWE-6: email in exchange for a license for this Habeas X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this X-Habeas-SWE-9: mark in spam to . X-GPG-Key-ID: 828AFC7B X-GPG-Fingerprint: 5584 14BA C9EB 1524 0E68 F543 0F0A 7FBC 828A FC7B X-GPG-Key: http://www.seekingfire.com/personal/gpg_key.asc X-Urban-Legend: There is lots of hidden information in headers X-Tillman-rules: yes he does User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, Jan 27, 2005 at 11:08:21PM -0600, Tracy J. Di Marco White wrote: > > In message <20050128032751.GQ46047@seekingfire.com>, Tillman Hodgson writes: > }I've seen your posts on the FreeBSD sparc64 list. I'm very interested in > }getting the server portion of OpenAFS running, coincidentally enough, on > }FreeBSD -current on sparc64 (with an old DEC storageworks tower stuffed > }full of 18G drives). If you /do/ have to play with it and get it serving > }files somewhat reliably, I'd love to read an email/blog entry/technical > }paper/whatever is "hip" with the kids these days about it. > } > }The usual difficulty people have with AFS seems to be the Kerberos > }portion. I know Kerberos, integrating AFS into my realm won't be a > }problem. Getting it to the point of actually serving a volume is the > }problem :-) > > A co-worker and I each set up AFS cells at home. We're both using > NetBSD, but the information for AFS setup shouldn't be too different. > http://www.madscientistresearch.net/ProjectList/ProjectNorton/AfsOnNetBSD Howdy Tracy, I ran across your wiki a few days ago. Public resources like that are great :-) I attempted to replicate it on FreeBSD/i386 (thinking that would be easier than sparc64 in this case) without success (starting the volserver, fileserver and salvager results in core files being written to the log directory). I'd like to follow-up with you a bit more ... I'll email you off-list to avoid hijacking the thread and post a summary to list if I do get it working ;-) -T -- "Belief gets in the way of learning." -- Robert Heinlein From sage-members-owner@usenix.org Fri Jan 28 06:32:50 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SEWkn3017845 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 06:32:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SEWkrT017844 for sage-members-outgoing; Fri, 28 Jan 2005 06:32:46 -0800 (PST) Received: from cv3.cv.nrao.edu (nrao.edu [192.33.115.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SEWhn3017839 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 06:32:44 -0800 (PST) Received: from polaris.cv.nrao.edu (polaris.cv.nrao.edu [192.33.115.101]) by cv3.cv.nrao.edu (8.12.8/8.12.8/cv-ws-8.12) with ESMTP id j0SEWJwR010024; Fri, 28 Jan 2005 09:32:19 -0500 Received: (from pmurphy@localhost) by polaris.cv.nrao.edu (8.12.8/8.12.8/Polaris Submit) id j0SEWJkk001584; Fri, 28 Jan 2005 09:32:19 -0500 Message-ID: <16890.19699.135847.938641@polaris.cv.nrao.edu> Date: Fri, 28 Jan 2005 09:32:19 -0500 From: Pat Murphy To: SAGE-Members Cc: Philip Brown , Brad Knowles Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices References: <20050127173158.A39922@bolthole.com> X-Mailer: VM 7.18 under Emacs 21.2.1 Reply-To: Pat Murphy X-MailScanner-Information: Please contact postmaster@cv.nrao.edu for more information X-MailScanner: Found to be clean X-MailScanner-SpamCheck: not spam, SpamAssassin (score=-4.9, required 7, autolearn=not spam, BAYES_00 -4.90) X-MailScanner-From: pmurphy@nrao.edu Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, 28 Jan 2005 02:40:55 +0100, Brad Knowles said: > At 5:31 PM -0800 2005-01-27, Philip Brown wrote: >> Why cant you have [a file server] that serves a home filesystem to >> windows boxes via samba/SMB/whatever, but via NFS to unix hosts? > In my experience, NetApp does this as well or better than anyone > else in the business, and they don't do it well. >> I thought netapp makes sharing one filesystem through multiple protocols >> like this easy? > In theory, yes. In practice, I have been told that there are > some incompatibilities that effectively make this sort of thing much > more difficult, if not practically impossible. At least, with NetApp. I'll confirm this. Like others here, I tried to set up a "common home area" scheme on a NetApp with the relevant partition in mixed mode, feeding about 140 windows systems and 100 Linux clients and servers. > I think it has to do with incompatibilities between NTFS ACLs and > Unix-style ownership/permissions, but I may be mis-remembering. This is basically correct, though it's the overall permission mess, not just ACLs. Newly created files on NTFS inherit their permissions from the directory, whereas it's the umask (mostly) on Unix/Linux that's involved. My possibly incorrect or over-simplified view on the situation is that there are at least three issues: * ACL loss: If there's an Access Control List (ACL) on a windows file, and that file is then edited with, say, emacs on Linux, the net effect is for the ACL to be lost. That's because most Unix editors actually make a new version of the file, and as the systems that support ACLS on Unix/Linux are (AFAIK) inconsistent with Windows ACLs, the ACL cannot be copied from the Linux side. * Unix Permissions looking weird: If a Windows file has an access list, the permissions on the Unix side may look totally permissive (rwxrwxrwx), but that is deceptive. If the ACL says you have no write permission on the file from the windows side, you won't be able to write to the file from Unix/Linux either. * Permission Liberalization: This is the thing I'm being beaten over the head with, so to speak. If you edit a windows-ACL-protected file on Unix on the mixed mode filesystem, and your editor creates a new version of the file, the liberal but fake (rwxrwxrwx) permissions may be copied to the new instance of the file and have now become real; not only is the ACL lost, but the file is now wide open for anyone to read/write. Ouch. Yes, there are ways around this such as ( setq make-backup-files t ) in emacs, but an application-by-application based solution clearly isn't what I'm looking for here! Disclaimer: while I get frustrated by these issues, I believe NetApp does just about the best job they can given the conflicts between the two permission paradigms. At least the best I've seen in a shared CIFS/NFS serving environment so far. - Pat -- Patrick P. Murphy, Ph.D. Division Head, CV Computing, NRAO NRAO Computer Security Manager Head, NRAO Webadmin Working Group Home: http://goof.com/~pmurphy/ Work: http://www.nrao.edu/~pmurphy/ "Linux is Inevitable." "Why?" "Because it's alive!" - John MadDog Hall From sage-members-owner@usenix.org Fri Jan 28 06:37:32 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SEbWn3018250 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 06:37:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SEbVdI018249 for sage-members-outgoing; Fri, 28 Jan 2005 06:37:31 -0800 (PST) Received: from eldwist.darkuncle.net (root@eldwist.darkuncle.net [66.33.218.20]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SEbQn3018243 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 06:37:30 -0800 (PST) Received: from eldwist.darkuncle.net (sfrancis@localhost.darkuncle.net [127.0.0.1]) by eldwist.darkuncle.net (8.12.11/8.12.9) with ESMTP id j0SEbXbp019899 for ; Fri, 28 Jan 2005 06:37:33 -0800 (PST) Received: (from sfrancis@localhost) by eldwist.darkuncle.net (8.12.11/8.12.11/Submit) id j0SEbXaZ028983 for sage-members@sage.org; Fri, 28 Jan 2005 06:37:33 -0800 (PST) Date: Fri, 28 Jan 2005 06:37:32 -0800 From: Scott Francis To: sage-members@sage.org Subject: [SAGE] term servers Message-ID: <20050128143732.GQ18856@darkuncle.net> Mail-Followup-To: sage-members@sage.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Operating-System: OpenBSD X-PGP-Fingerprint: 7429 F75D D3F5 FA45 C6D7 D25B 59A0 7B8C 5537 F527 X-PGP-Key: http://darkuncle.net/pubkey.asc X-PGP-Notice: encryption subkey 2048g/0CEFEA3C has been revoked - please use 2048R/18A88182 instead (available at above URL) X-What-Happen: Somebody set up us the bomb. Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Responses on the cabinet thread were very helpful; the only vendors mentioned I'd had prior experience with were Chatsworth and Dell. Summarizing recommendations received on- and off-list, in no particular order: Chatsworth Dell SharkRacks Martin Manufacturing - reseller APC Rittal WrightLine (several folks remarked on exceptionally good service from this vendor) APW GeneralDevices Next infrastructure poll: term server recommendations? I've had quite a bit of prior experience with Cyclades, and have been very happy with their gear for the most part. I'm interested in hearing of any other vendors that are selling comparably-priced gear that's also based on Linux/BSD, and of course that support SSH2 access. 16-port density is probably sufficient (although 24-port would be nice). Off-list responses can be summarized back to the list. thanks all, - -- Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 Less and less is done until non-action is achieved when nothing is done, nothing is left undone. -- the Tao of Sysadmin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (OpenBSD) iD8DBQFB+k4qWaB7jFU39ScRArobAKCqzMtEK0+v6xWrk0p6u5j9LNsmGACgyrzj 2tmmuZBF9f3u3VMCMElCI8c= =pQVK -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Fri Jan 28 07:13:05 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SFD5n3019206 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 07:13:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SFD5Zh019205 for sage-members-outgoing; Fri, 28 Jan 2005 07:13:05 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SFD1n3019200 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 07:13:02 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0SFCfaa005755; Fri, 28 Jan 2005 10:12:42 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050128143732.GQ18856@darkuncle.net> References: <20050128143732.GQ18856@darkuncle.net> Date: Fri, 28 Jan 2005 16:12:32 +0100 To: Scott Francis From: Brad Knowles Subject: Re: [SAGE] term servers Cc: sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 6:37 AM -0800 2005-01-28, Scott Francis wrote: > Next infrastructure poll: term server recommendations? I've had quite a bit > of prior experience with Cyclades, and have been very happy with their gear > for the most part. With regards to the technical side of the Cyclades hardware, I've only heard good things and had good experiences. I've had some really bad problems trying to get them to actually sell me anything, however. They only sell through VARs (at least, over here in Europe), and the exclusive VAR that covers France and Belgium (among other countries) has no interest/ability to sell equipment to anyone who does not have their own business and VAT #. What really got me ticked off at them was the fact that they came to LISA 2002 with hardware in hand, and claimed that you could buy the stuff on the spot. Unfortunately, they lied. I tried to buy a 4-port unit right there, and was happy to give them a check, cash, or credit card. They said that they couldn't actually sell me anything there on the floor (they had only brought one unit of each type as a demo), so they'd ship a unit to me at the hotel the next day (Friday, the last day of the conference). Unfortunately, they discovered that there was some information missing when the sales guy took my credit card details, or a stock problem, or something and couldn't ship that day. After that, they passed me off to their exclusive VAR for Belgium, and I was even more screwed. So, I'd rate their hardware very highly, but their customer and pre-sales service is pretty damn p!$$-poor. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Fri Jan 28 08:07:12 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SG7Bn3020302 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 08:07:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SG7BlL020301 for sage-members-outgoing; Fri, 28 Jan 2005 08:07:11 -0800 (PST) Received: from cc0eb005.schwab.com (cc0eb005.schwab.com [162.93.253.117]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SG79n3020287 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Fri, 28 Jan 2005 08:07:10 -0800 (PST) Received: from s0743cdc.schwab.com (s0743cdc.schwab.com [162.93.239.70]) by cc0eb005.schwab.com (Switch-3.1.2/Switch-3.1.0) with ESMTP id j0SG62S3014825 for ; Fri, 28 Jan 2005 11:06:02 -0500 Received: (from root@localhost) by sendmail.cf s0743cdc id j0SG62SJ001328 for SAGE-Members@usenix.org; Fri, 28 Jan 2005 11:06:02 -0500 Received: ( Schwab Email ) by copymail.cf s0743cdc with SMTP id j0SG62tQ001322; for ; Fri, 28 Jan 2005 11:06:02 -0500 Received: From n1121smx.nt.schwab.com ([10.0.50.65]) by n2110pmx.nt.schwab.com (WebShield SMTP v4.5 MR1a P0803.345); id 110692835126; Fri, 28 Jan 2005 09:05:51 -0700 Received: by n1121smx.nt.schwab.com with Internet Mail Service (5.5.2657.72) id <467R0V65>; Fri, 28 Jan 2005 08:06:00 -0800 Message-ID: From: "Carlson, Scott" To: Philip Brown , SAGE-Members Subject: RE: [SAGE] Looking for Open Source DFS Client for Unices Date: Fri, 28 Jan 2005 08:05:56 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain Sender: owner-sage-members@usenix.org Precedence: bulk Well, it doesn't *have* to be the same mechanism, it would just be easier for us to *be* the same mechanism. I thinking that we can actually avoid the ACL problems that are described in other posts because we're hopefully not going to be sharing files between the os's, just sharing the directory structure. From the windows side if /us/home/my.dir/unixhome is wide open, but /us/home/my.dir is owned and only allows me, then for the most part, no one is going to know that they can get to unixhome (if they even can) The important thing for us, considering the size of my user community, who's windows home directories are currently spread over ~10 NetApp filers is that I don't want to hardcode the location of the home directory in an auto.home/auto.master file on all 2000 of my unix servers. I forsee, even with a CGI based distribution mechanism, that this would be a nightmare to keep current everywhere. What I really need is this. 1. Create a subdirectory /us/home/scott.carlson/unixhome 2. Modify Active Directory so that the ldap attribute "homedir" = /us/home/scott.carlson/unixhome 3. Install some sort of home directory client on my unix machine.. Let's call it "OpenMSDFS" 4. Install Active Directory PAM authentication module on my unix machine (currently Vintela VAS) 5. user logs into machine with active directory credentials 6. OpenMSDFS notices that I'm logging in with my AD credentials (not local unix creds) and does a) query LDAP for my home directory b) executes mount /home/scott.carlson -> /us/home/scott.carlson/unixhome c) puts me in /home/scott.carlson Now that I look for a CIFS aware client for unices, I stumble across these. Sharity - http://www.obdev.at/products/sharity/ - $10,000 IBM Presentation - http://www-124.ibm.com/linux/presentations/samba/cifs2003/Frenchfinal.pdf Samba CIFS/Linux VFS - https://lists.samba.org/mailman//listinfo/linux-cifs-client http://us1.samba.org/samba/Linux_CIFS_client.html It looks like I might need to contact the CIFS VFS mailing list to see what they think. It look as though the CIFS specification shows that DFS is supported, so I might actually be able to solve my problem fairly easily on my linux platforms. Scott -----Original Message----- From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of Philip Brown Sent: Thursday, January 27, 2005 6:32 PM To: SAGE-Members Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices On Thu, Jan 27, 2005 at 03:54:22PM -0800, Carlson, Scott wrote: > We'd like to explore the possibility of using a "microsoft dfs aware" DFS > client on our unix platforms in order to do the following > > A) Create a "unixhome" subdirectory within our windows home directories > (currently CIFS -> NetAPP, DFS enabled) > /us/home/user.name/unixhome > B) Install "OpenDFS" on all our unix boxen > C) Create automount configs so that every user, when they log into unix, > mounts > /home/user.name /us/home/user.name/unixhome Why does it have to be the same mechanism? Why cant you have [a file server] that serves a home filesystem to windows boxes via samba/SMB/whatever, but via NFS to unix hosts? > Basically, the goal is to have a single home directory solution for windows > and Unix. Our backend is many NetApp's, so I can't hardcode things (or it > would be a pain for 20,000 users) and would like to rely on my MS Win2003 > DFS forest. > > Any thoughts or direction from anyone out there? I thought netapp makes sharing one filesystem through multiple protocols like this easy? The only issue would be in making sure that your UNIX automount/whatever maps for a user, point to the same filesystem+directory that the ms-windows maps do for that user. Not as nice as having some 100% unified solution, I'm sure... but it still should be very doable, and maintainable. From sage-members-owner@usenix.org Fri Jan 28 08:44:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SGiXn3021575 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 08:44:34 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SGiXoA021574 for sage-members-outgoing; Fri, 28 Jan 2005 08:44:33 -0800 (PST) Received: from mail807.megamailservers.com (mail807.carrierinternetsolutions.com [69.49.106.17]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SGiVn3021568 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 08:44:32 -0800 (PST) X-Authenticated-User: leonvs.covad.net Received: from [192.168.1.4] (h-67-101-0-63.sttnwaho.dynamic.covad.net [67.101.0.63]) (authenticated bits=0) by mail807.megamailservers.com (8.13.1/8.13.1) with ESMTP id j0SGi10c031547; Fri, 28 Jan 2005 11:44:08 -0500 In-Reply-To: <16890.19699.135847.938641@polaris.cv.nrao.edu> References: <20050127173158.A39922@bolthole.com> <16890.19699.135847.938641@polaris.cv.nrao.edu> Mime-Version: 1.0 (Apple Message framework v619) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit Cc: Philip Brown , SAGE-Members From: Leon Towns-von Stauber Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices Date: Fri, 28 Jan 2005 08:43:56 -0800 To: Pat Murphy X-Mailer: Apple Mail (2.619) Sender: owner-sage-members@usenix.org Precedence: bulk >>> I thought netapp makes sharing one filesystem through multiple >>> protocols >>> like this easy? > >> In theory, yes. In practice, I have been told that there are >> some incompatibilities that effectively make this sort of thing much >> more difficult, if not practically impossible. At least, with NetApp. > > I'll confirm this. Like others here, I tried to set up a "common home > area" scheme on a NetApp with the relevant partition in mixed mode, > feeding about 140 windows systems and 100 Linux clients and servers. Yeah, mixed mode is hardly ever worth it, IME. It's easier to live with the known behavioral limitations of NTFS or UNIX mode (usually in favor of the more capable NTFS) on the opposite platform than it is to deal with the confusion that mixed mode generates. You might consider it if you know that certain files and directories will only be accessed by one or the other type of client, but then you can usually separate those into qtrees with different modes. > Disclaimer: while I get frustrated by these issues, I believe NetApp > does just about the best job they can given the conflicts between the > two permission paradigms. At least the best I've seen in a shared > CIFS/NFS serving environment so far. Yup. BTW, if you haven't already checked them out, the white papers on NetApp's Web site can be helpful for questions like this. _____________________________________________________________ Leon Towns-von Stauber http://www.occam.com/leonvs/ "We have not come to save you, but you will not die in vain!" From sage-members-owner@usenix.org Fri Jan 28 08:59:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SGxXn3022329 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 08:59:33 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SGxX6p022328 for sage-members-outgoing; Fri, 28 Jan 2005 08:59:33 -0800 (PST) Received: from mail3.bitpusher.com (support.bitpusher.com [64.127.99.30]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SGxVn2022322 for ; Fri, 28 Jan 2005 08:59:31 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail3.bitpusher.com (Postfix) with ESMTP id 2E9AC3B8C; Fri, 28 Jan 2005 08:59:12 -0800 (PST) Received: from mail3.bitpusher.com ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 00527-01; Fri, 28 Jan 2005 08:59:09 -0800 (PST) Message-ID: <41FA6F5C.6010508@halligan.org> Date: Fri, 28 Jan 2005 08:59:08 -0800 From: "Michael T. Halligan" User-Agent: Mozilla Thunderbird 1.0 (Macintosh/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Scott Francis Cc: sage-members@sage.org Subject: Re: [SAGE] term servers References: <20050128143732.GQ18856@darkuncle.net> In-Reply-To: <20050128143732.GQ18856@darkuncle.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at bitpusher.com Sender: owner-sage-members@usenix.org Precedence: bulk Scott, From my very recent experience I have two things to say, avoid the Perle CS9000's, and consider the Lantronix SCS terminal servers. They're very nice. Scott Francis wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Responses on the cabinet thread were very helpful; the only vendors mentioned >I'd had prior experience with were Chatsworth and Dell. > >Summarizing recommendations received on- and off-list, in no particular order: > >Chatsworth >Dell >SharkRacks >Martin Manufacturing - reseller >APC >Rittal >WrightLine (several folks remarked on > exceptionally good service from this vendor) >APW >GeneralDevices > >Next infrastructure poll: term server recommendations? I've had quite a bit >of prior experience with Cyclades, and have been very happy with their gear >for the most part. I'm interested in hearing of any other vendors that are >selling comparably-priced gear that's also based on Linux/BSD, and of course >that support SSH2 access. 16-port density is probably sufficient (although >24-port would be nice). > >Off-list responses can be summarized back to the list. > >thanks all, >- -- > Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 > Less and less is done > until non-action is achieved > when nothing is done, nothing is left undone. > -- the Tao of Sysadmin >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.2.2 (OpenBSD) > >iD8DBQFB+k4qWaB7jFU39ScRArobAKCqzMtEK0+v6xWrk0p6u5j9LNsmGACgyrzj >2tmmuZBF9f3u3VMCMElCI8c= >=pQVK >-----END PGP SIGNATURE----- > > -- ------------------- BitPusher, LLC http://www.bitpusher.com/ 1.888.9PUSHER (415) 724.7998 - Mobile From sage-members-owner@usenix.org Fri Jan 28 09:09:48 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SH9ln3022858 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 09:09:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SH9lF4022857 for sage-members-outgoing; Fri, 28 Jan 2005 09:09:47 -0800 (PST) Received: from eldwist.darkuncle.net (root@eldwist.darkuncle.net [66.33.218.20]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SH9jn3022852 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 09:09:46 -0800 (PST) Received: from eldwist.darkuncle.net (sfrancis@localhost.darkuncle.net [127.0.0.1]) by eldwist.darkuncle.net (8.12.11/8.12.9) with ESMTP id j0SH9qdN031840 for ; Fri, 28 Jan 2005 09:09:52 -0800 (PST) Received: (from sfrancis@localhost) by eldwist.darkuncle.net (8.12.11/8.12.11/Submit) id j0SH9qcb008932 for sage-members@sage.org; Fri, 28 Jan 2005 09:09:52 -0800 (PST) Date: Fri, 28 Jan 2005 09:09:52 -0800 From: Scott Francis To: sage-members@sage.org Subject: Re: [SAGE] Eliminating my position Message-ID: <20050128170952.GR18856@darkuncle.net> Mail-Followup-To: sage-members@sage.org References: <41F7D394.3080705@pgdc.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41F7D394.3080705@pgdc.com> User-Agent: Mutt/1.4.1i X-Operating-System: OpenBSD X-PGP-Fingerprint: 7429 F75D D3F5 FA45 C6D7 D25B 59A0 7B8C 5537 F527 X-PGP-Key: http://darkuncle.net/pubkey.asc X-PGP-Notice: encryption subkey 2048g/0CEFEA3C has been revoked - please use 2048R/18A88182 instead (available at above URL) X-What-Happen: Somebody set up us the bomb. Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Jan 26, 2005 at 12:29:56PM -0500, andy.ciordia@pgdc.com said: [snip] > Where I am looking for advice: > > VOIP Business Solution, hosted, easy, and ideally is near transparent to > a normal offices telephone automated system. We've been in the process of implementing one of these for the past couple of months from Inflexion , although ours is not a hosted solution. I also have personal experience with all the folks working at Fonality - they've got some really talented people on staff, and would undoubtedly welcome a chance to compete for your business. > Hosted Document Repository a la NFS/CIFS fileshares? Or some other animal? > Hosted Exchange/Comparable solution (shared cal/notes/email) We've been using CriticalPath for the past couple of months during a transition period (long story), and they offer most of these items. My opinion of their interface is somewhat less than complementary, but their price point is nearly unbeatable. A Google search on "hosted groupware" pulls up a sizeable number of hits; I saw one site that looked pretty interesting recently, but I seem to have lost the URL. They offered free hosted groupware based on FLOSS. - -- Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 Less and less is done until non-action is achieved when nothing is done, nothing is left undone. -- the Tao of Sysadmin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (OpenBSD) iD8DBQFB+nHEWaB7jFU39ScRAtu9AJ9kblNC/sfnQhZag4yoc+1cYAvK5ACfRKQC GV6vnVloVE/HW/yt2o6N/RI= =/gDH -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Fri Jan 28 09:13:06 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SHD6n3023211 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 09:13:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SHD5GL023210 for sage-members-outgoing; Fri, 28 Jan 2005 09:13:05 -0800 (PST) Received: from smtp.fulcrummicro.com (smtp.fulcrummicro.com [65.119.15.67]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SHD4n2023204 for ; Fri, 28 Jan 2005 09:13:04 -0800 (PST) Received: from [10.0.0.45] (saladin.internal.avlsi.com [10.0.0.45]) by smtp.fulcrummicro.com (Postfix) with ESMTP id DF2222A2B28; Fri, 28 Jan 2005 09:12:44 -0800 (PST) Message-ID: <41FA7288.4010503@fulcrummicro.com> Date: Fri, 28 Jan 2005 09:12:40 -0800 From: "Bevan C. Bennett" User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20041020 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Brad Knowles Cc: Philip Brown , SAGE-Members Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices References: <20050127173158.A39922@bolthole.com> In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Brad Knowles wrote: > At 5:31 PM -0800 2005-01-27, Philip Brown wrote: > >> Why cant you have [a file server] that serves a home filesystem to >> windows boxes via samba/SMB/whatever, but via NFS to unix hosts? > > > In my experience, NetApp does this as well or better than anyone > else in the business, and they don't do it well. To be honest, a few of the recent OnTAP updates have made this a lot better. We're using openLDAP to hold our password info, a samba PDC, and a NetAPP serving both NFS and CIFS. One trick seems to be to never use the 'mixed' security mode... Another trick was automatically generating a local groups file on the NetApp. What I'm really hoping for is that NFSv4 support will finally bring working, somewhat CIFS-compatible ACLs to the UNIX world of shared filesystems. We can justifiably beat on CIFS for a number of things, but they -have- had a more flexible and useful permissions model for quite some time. From sage-members-owner@usenix.org Fri Jan 28 09:25:19 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SHPIn3024128 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 09:25:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SHPIMa024127 for sage-members-outgoing; Fri, 28 Jan 2005 09:25:18 -0800 (PST) Received: from smtp.fulcrummicro.com (smtp.fulcrummicro.com [65.119.15.67]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SHPGn2024111 for ; Fri, 28 Jan 2005 09:25:16 -0800 (PST) Received: from [10.0.0.45] (saladin.internal.avlsi.com [10.0.0.45]) by smtp.fulcrummicro.com (Postfix) with ESMTP id 7F1A12A2B28; Fri, 28 Jan 2005 09:24:57 -0800 (PST) Message-ID: <41FA7569.6030903@fulcrummicro.com> Date: Fri, 28 Jan 2005 09:24:57 -0800 From: "Bevan C. Bennett" User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20041020 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Pat Murphy Cc: SAGE-Members Subject: Re: [SAGE] NetApp Permissions (was DFS) References: <20050127173158.A39922@bolthole.com> <16890.19699.135847.938641@polaris.cv.nrao.edu> In-Reply-To: <16890.19699.135847.938641@polaris.cv.nrao.edu> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk > This is basically correct, though it's the overall permission mess, not > just ACLs. Newly created files on NTFS inherit their permissions from > the directory, whereas it's the umask (mostly) on Unix/Linux that's > involved. > > My possibly incorrect or over-simplified view on the situation is that > there are at least three issues: > > * ACL loss: If there's an Access Control List (ACL) on a windows > file, and that file is then edited with, say, emacs on Linux, the > net effect is for the ACL to be lost. That's because most Unix > editors actually make a new version of the file, and as the > systems that support ACLS on Unix/Linux are (AFAIK) inconsistent > with Windows ACLs, the ACL cannot be copied from the Linux side. > > * Unix Permissions looking weird: If a Windows file has an access > list, the permissions on the Unix side may look totally permissive > (rwxrwxrwx), but that is deceptive. If the ACL says you have no > write permission on the file from the windows side, you won't be > able to write to the file from Unix/Linux either. > > * Permission Liberalization: This is the thing I'm being beaten over > the head with, so to speak. If you edit a windows-ACL-protected > file on Unix on the mixed mode filesystem, and your editor creates > a new version of the file, the liberal but fake (rwxrwxrwx) > permissions may be copied to the new instance of the file and have > now become real; not only is the ACL lost, but the file is now > wide open for anyone to read/write. Ouch. > > Yes, there are ways around this such as ( setq make-backup-files t ) in > emacs, but an application-by-application based solution clearly isn't > what I'm looking for here! > > Disclaimer: while I get frustrated by these issues, I believe NetApp > does just about the best job they can given the conflicts between the > two permission paradigms. At least the best I've seen in a shared > CIFS/NFS serving environment so far. Most of this nightmare can be avoided by -not- running with 'mixed mode' permissions. I'd go so far as to say that there are almost no real circumstances where mixed mode will bring you more benefits than woes. I run in 'UNIX permission' mode exclusively right now and, aside from the occassional moment of confusion from a Windows user, everything works fine. Where I'd like to go is to get an ACL-capable protocol running on the *NIX side (I'm hoping that NFSv4 will work for this one day) and switch to 'CIFS permissions' globally. The NetApp will allegedly use the same ACLs for CIFS and NFSv4, so things from there out would be perfect. Has anyone gotten to this point yet? Is anyone actually running v4 yet? Is it everything we've hoped for? From sage-members-owner@usenix.org Fri Jan 28 09:59:07 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SHx7n3025201 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 09:59:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SHx7WE025200 for sage-members-outgoing; Fri, 28 Jan 2005 09:59:07 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SHx5n3025194 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 09:59:06 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0SHwl2A016093; Fri, 28 Jan 2005 12:58:48 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050128170952.GR18856@darkuncle.net> References: <41F7D394.3080705@pgdc.com> <20050128170952.GR18856@darkuncle.net> Date: Fri, 28 Jan 2005 18:56:54 +0100 To: Scott Francis From: Brad Knowles Subject: Re: [SAGE] Eliminating my position Cc: sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 9:09 AM -0800 2005-01-28, Scott Francis wrote: >> Hosted Exchange/Comparable solution (shared cal/notes/email) > > We've been using CriticalPath for the past couple of months during a > transition period (long story), and they offer most of these items. My > opinion of their interface is somewhat less than complementary, but their > price point is nearly unbeatable. Unfortunately, CriticalPath has been known for doing some seriously bogus crap with some of their customers. For example, Apple used to host mac.com through them, although I'm not sure if they still do. CP had done some really weird stuff with their MTA that caused quite a few problems, and so far as I know, I don't think they ever really fixed any of them. I ragged on Apple pretty hard about this, then discovered that the postmaster for apple.com is a USENIX/SAGE member, and the problems were really the fault of CriticalPath and not Apple. So far as I know, CP has never really fixed any of these issues. Doing a bit of Googling around regarding CriticalPath, I stumbled across an old message that might be interesting: . Assuming that CriticalPath is still responsible for mac.com, note that they've had more than a few problems lately, which does not bode well for CP. At this stage, I have talked to Nick Christensen about the proposed talk I hope to be giving at the NLUUG "E-Mail and Beyond" conference in May, and my opinion of Stalker Communigate Pro has increased significantly. My opinion of CriticalPath, OpenWave, and iPlanet has not changed. Now that I know even more about it, Mirapoint is also in that same gutter. If you want to look for a decent mail services firm, I don't know if IOmart is still in business (I ended up not taking the job), but they should be seriously considered if they are. You should also talk to the folks at MAPS -- I know they do outsourced anti-spam/anti-virus scanning, and I understand they have more business than better known firms like Brightmail and Postini put together, but I don't know if they have a full-service outsourcing solution. If not, they might know of some decent companies to talk to. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Fri Jan 28 10:46:14 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SIkDn3026615 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 10:46:14 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0SIkDjK026614 for sage-members-outgoing; Fri, 28 Jan 2005 10:46:13 -0800 (PST) Received: from yorktown.nielsenmedia.com (yorktown.nielsenmedia.com [206.113.192.17]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0SIk9n2026609 for ; Fri, 28 Jan 2005 10:46:09 -0800 (PST) Received: from NMRUSDUNSXG10.nmrlan.net (nmrusdunsxg10.nmrlan.net [10.38.67.44]) by yorktown.nielsenmedia.com (8.12.10/8.12.8) with ESMTP id j0SIfN3x026149 for ; Fri, 28 Jan 2005 13:41:23 -0500 (EST) Received: from nmr001oldOWA01.enterprisenet.org (unverified) by NMRUSDUNSXG10.nmrlan.net (Content Technologies SMTPRS 4.3.14) with ESMTP id for ; Fri, 28 Jan 2005 13:45:49 -0500 Received: from NMR001OLDMSX02.enterprisenet.org ([10.38.67.59]) by nmr001oldOWA01.enterprisenet.org with Microsoft SMTPSVC(6.0.3790.211); Fri, 28 Jan 2005 13:45:50 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: [SAGE] Date: Fri, 28 Jan 2005 13:44:22 -0500 Message-ID: <6DE7EF7CCA44104F9A605106252E974103242A75@NMR001OLDMSX02.enterprisenet.org> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Index: AcUFaWHGhibhlT/ZSMKKPsQJPfDkEQ== From: "Epps, Alan" To: X-OriginalArrivalTime: 28 Jan 2005 18:45:50.0717 (UTC) FILETIME=[96A72AD0:01C50569] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id j0SIkAn2026610 Sender: owner-sage-members@usenix.org Precedence: bulk Good day, all. I was wondering if anyone out there is using Lucent's MAX TNT dial solutions and, if so, what tools they are using to monitor the systems, both from an up/down situation as well as calls/PRIs/etc. We currently have deployed the NavisAccess dial software and are contemplating rolling our own solution using the abundant MIB structure for these systems, but before I reinvent this particular wheel I though I would ask the brain-trust-at-large that is SAGE. Any and all guidance will be greatly appreciated. Alan -------------------------------------------------------------------- All opinions expressed are my own, not my employer's. Alan S. Epps alan.epps@nielsenmedia.com From sage-members-owner@usenix.org Fri Jan 28 20:34:51 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0T4Yon3021320 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 28 Jan 2005 20:34:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0T4YoV9021319 for sage-members-outgoing; Fri, 28 Jan 2005 20:34:50 -0800 (PST) Received: from beavis.puklich.com (beavis.puklich.com [209.46.80.55]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0T4Yjn3021311 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=FAIL) for ; Fri, 28 Jan 2005 20:34:47 -0800 (PST) Received: from [172.16.0.110] (daffy-fxp0.puklich.com [209.46.80.56]) (authenticated bits=0) by beavis.puklich.com (8.12.7/8.12.7/Unsolicited or bulk email is NOT accepted) with ESMTP id j0T4Y7Ia015701 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Fri, 28 Jan 2005 22:34:12 -0600 (CST) Date: Fri, 28 Jan 2005 22:34:16 -0600 From: Blayne Puklich Reply-To: Blayne Puklich To: Scott Francis cc: sage-members@sage.org Subject: Re: [SAGE] term servers Message-ID: <31EBD2A8489106FA6A81A846@[172.16.0.110]> In-Reply-To: <20050128143732.GQ18856@darkuncle.net> References: <20050128143732.GQ18856@darkuncle.net> X-Mailer: Mulberry/3.1.6 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-sage-members@usenix.org Precedence: bulk You might want to consider the Logical Solutions console servers (http://www.thinklogical.com). They're not all that bad, and reasonably priced too. From what I understand the company was founded by folks from the old Lightwave company. I've done the Cyclades as well, but these have about the same capabilities and cost me a little bit less. --On Friday, January 28, 2005 6:37 AM -0800 Scott Francis wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Responses on the cabinet thread were very helpful; the only vendors > mentioned I'd had prior experience with were Chatsworth and Dell. > > Summarizing recommendations received on- and off-list, in no particular > order: > > Chatsworth > Dell > SharkRacks > Martin Manufacturing - reseller > APC > Rittal > WrightLine (several folks remarked on > exceptionally good service from this vendor) > APW > GeneralDevices > > Next infrastructure poll: term server recommendations? I've had quite a > bit of prior experience with Cyclades, and have been very happy with > their gear for the most part. I'm interested in hearing of any other > vendors that are selling comparably-priced gear that's also based on > Linux/BSD, and of course that support SSH2 access. 16-port density is > probably sufficient (although 24-port would be nice). > > Off-list responses can be summarized back to the list. > > thanks all, > - -- > Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 > Less and less is done > until non-action is achieved > when nothing is done, nothing is left undone. > -- the Tao of Sysadmin > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.2 (OpenBSD) > > iD8DBQFB+k4qWaB7jFU39ScRArobAKCqzMtEK0+v6xWrk0p6u5j9LNsmGACgyrzj > 2tmmuZBF9f3u3VMCMElCI8c= > =pQVK > -----END PGP SIGNATURE----- --- Blayne Puklich Minneapolis, MN PGP Key ID: 0xC52CA6C1 * mailto:blayne at puklich.com I'd explain it to you, but your brain would explode. From sage-members-owner@usenix.org Sun Jan 30 16:59:35 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0V0xYn3029611 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 30 Jan 2005 16:59:34 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0V0xYAT029610 for sage-members-outgoing; Sun, 30 Jan 2005 16:59:34 -0800 (PST) Received: from watcher.puryear-it.com (ip-66-186-248-99.static.eatel.net [66.186.248.99]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0V0xVn2029603 for ; Sun, 30 Jan 2005 16:59:32 -0800 (PST) Received: from dpboxen (localhost.puryear-it.local [127.0.0.1]) by watcher.puryear-it.com (Postfix) with SMTP id A07D684459 for ; Sun, 30 Jan 2005 18:56:31 -0600 (CST) Message-ID: <00ae01c50730$080ad740$9db30b44@dpboxen> From: "Dustin Puryear" To: Subject: [SAGE] NAS reviews - 30GB to 45GB Date: Sun, 30 Jan 2005 18:58:10 -0600 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Sender: owner-sage-members@usenix.org Precedence: bulk Is anyone aware of current reviews for NAS devices that offer 30GB to 45GB of initial capacity? I'm working at a site with a very tight budget that I want to see move to a NAS that provides for some kind of failover. My initial reqs are: * Provides for replication/failover to a second NAS even if it's just an add-on that we purchase later. * Offers at least 30GB to 45GB of disk space from the start. This is a wee bit small, so I'm more concerned about not finding any reliable NAS devices that go this low. If we can get a good value for more capacity that's fine of course. We should be able to expand the system to 200 GB or more later on. * Can at least do RAID-0, RAID-1, and RAID-5. * Supports at least two RAID sets. * Has *excellent* NFS support. * Has good problem detection code -- I want a warning before there is a problem. * No problems with FreeBSD 4.10 NFS clients Snapshots would be nice, but are not required. As far as backups, we can back this NAS up via rsync or over an NFS mount to our existing network backup system, so custom backup software and new tape drives aren't needed/wanted. The budget here is pretty tight so I'd like to see something under several thousand if possible. I don't have much experience with this budget level so I'm hoping to get an earful of what works and what doesn't that services this market. Currently, the site is using a FreeBSD 4.10 server for NFS, but I am concerned about the lack of failover support. FreeBSD has proven to be a reliable NFS server, but I really, really don't like see an important service running that doesn't provide for some kind of automatic failover. --- Puryear Information Technology, LLC Baton Rouge, LA * 225-706-8414 http://www.puryear-it.com Author of "Best Practices for Managing Linux and UNIX Servers" Download your free copy: http://www.puryear-it.com/bestpractices_ebook.htm From sage-members-owner@usenix.org Sun Jan 30 17:56:05 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0V1u5n3000540 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 30 Jan 2005 17:56:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0V1u4TS000539 for sage-members-outgoing; Sun, 30 Jan 2005 17:56:04 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0V1u1n3000531 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 30 Jan 2005 17:56:02 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0V1tgP2005659; Sun, 30 Jan 2005 20:55:43 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <00ae01c50730$080ad740$9db30b44@dpboxen> References: <00ae01c50730$080ad740$9db30b44@dpboxen> Date: Mon, 31 Jan 2005 02:55:35 +0100 To: "Dustin Puryear" From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 6:58 PM -0600 2005-01-30, Dustin Puryear wrote: > Is anyone aware of current reviews for NAS devices that offer 30GB to 45GB > of initial capacity? I'm working at a site with a very tight budget that I > want to see move to a NAS that provides for some kind of failover. My > initial reqs are: 30-45GB? I recently saw an Iomega 160GB Network hard drive on sale for a little over 200 Euro (see for more info), and that was the smallest one of these things that they had. The only other one available was 250GB. I'm seriously considering buying one of these things just so that I can have some network disk storage capacity to tide me (and my wife) over, until I have such time as to get the real dishwasher-size monster fileserver up and running. It'd also be nice to be able to offload my entire MP3 collection to the fileserver, and still be able to sync that to my iPod when necessary (thanks to symlinks in the right places). > * Provides for replication/failover to a second NAS even if it's just an > add-on that we purchase later. Looking at the official NAS line from Iomega (see ), I don't see anything smaller than 160GB. If you want load-balancing and fail-over, it looks like Iomega doesn't provide those options until you get up into the 400m series, according to the "Family Overview" PDF (link from ), and the 400m starts at $2749 for 320GB. > * Offers at least 30GB to 45GB of disk space from the start. This is a wee > bit small, so I'm more concerned about not finding any reliable NAS devices > that go this low. If we can get a good value for more capacity that's fine > of course. We should be able to expand the system to 200 GB or more later > on. Speaking only for myself, I think this is very small. IMO, this seems like asking for a tank that is equipped to fire at least 5.56N and maybe 7.62N rounds to start, with possible upgrades to actual cannon rounds at a later stage -- and then expecting a serious price break due to the reduced initially offensive capability. The real expense in NAS servers is not the hardware, or the drives. The real expense is developing the software to control the whole thing, and to do so reliably. The vendors can't really make money selling just the software, so they instead create artificial ways to "sell" the hardware (and support contracts) to pay the costs of developing the software. > * Can at least do RAID-0, RAID-1, and RAID-5. > > * Supports at least two RAID sets. > > * Has *excellent* NFS support. > > * Has good problem detection code -- I want a warning before there is a > problem. I think at least two or three of these are going to be expensive options, taken individually. Taken together, I think they're going to be very expensive. > * No problems with FreeBSD 4.10 NFS clients Don't get me wrong, I love FreeBSD. But I like to consider myself a realist, and I must confess that while it is great and wonderful OS overall, NFS has been a particular problem area for both the 4.x and 5.x trees -- in various different ways. I'm not sure which versions of FreeBSD has had what problems, but before making this a hard requirement I would first confirm that FreeBSD 4.10 doesn't have any inherent NFS client problems that could sink the whole ship. I would then confirm that FreeBSD 4.10 doesn't have any client issues that could only be solved by running FreeBSD 4.10 as the server. Historically, going cross-platform with NFS has been one of the biggest problems to overcome, as each vendor works primarily with their own OS on both sides of each problem and does relatively little interoperability testing. > Currently, the site is using a FreeBSD 4.10 server for NFS, but I am > concerned about the lack of failover support. FreeBSD has proven to be a > reliable NFS server, but I really, really don't like see an important > service running that doesn't provide for some kind of automatic failover. I'll be very interested to see if you can turn up anything. I suspect that your best shot may be a used NAS server from someone that is upgrading, but I don't know what kind of server that might be. The big problem with any real serious vendor is going to be that the support contract will cost you more than the hardware, and you won't be able to get any replacement parts or any kind of service without a support contract. Given what you've said above, I don't think you'd be interested in hardware that can do all this magic, and yet not be able to fix the thing if it broke. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Sun Jan 30 19:09:33 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0V39Tn3001550 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 30 Jan 2005 19:09:33 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0V39TiH001549 for sage-members-outgoing; Sun, 30 Jan 2005 19:09:29 -0800 (PST) Received: from watcher.puryear-it.com (ip-66-186-248-99.static.eatel.net [66.186.248.99]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0V39Pn2001544 for ; Sun, 30 Jan 2005 19:09:27 -0800 (PST) Received: from dpboxen (localhost.puryear-it.local [127.0.0.1]) by watcher.puryear-it.com (Postfix) with SMTP id AB5058445C for ; Sun, 30 Jan 2005 21:06:30 -0600 (CST) Message-ID: <019901c50742$2c024770$9db30b44@dpboxen> From: "Dustin Puryear" To: References: <00ae01c50730$080ad740$9db30b44@dpboxen> Subject: Re: [SAGE] NAS reviews - 100GB or larger, but not by much Date: Sun, 30 Jan 2005 21:08:26 -0600 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Sender: owner-sage-members@usenix.org Precedence: bulk Problem: I was writing off of some notes I had written down that were half of what is needed. I knew this but forgot to include the right numbers in the email. I really need 60GB to 90GB right now and 200GB for two year growth. That's what I get for shooting off an email without looking a bit harder at what I am writing. :) Thanks. ----- Original Message ----- From: "Dustin Puryear" To: Sent: Sunday, January 30, 2005 6:58 PM Subject: [SAGE] NAS reviews - 30GB to 45GB > Is anyone aware of current reviews for NAS devices that offer 30GB to 45GB > of initial capacity? I'm working at a site with a very tight budget that I > want to see move to a NAS that provides for some kind of failover. My > initial reqs are: > > * Provides for replication/failover to a second NAS even if it's just an > add-on that we purchase later. > > * Offers at least 30GB to 45GB of disk space from the start. This is a wee > bit small, so I'm more concerned about not finding any reliable NAS > devices > that go this low. If we can get a good value for more capacity that's fine > of course. We should be able to expand the system to 200 GB or more later > on. > > * Can at least do RAID-0, RAID-1, and RAID-5. > > * Supports at least two RAID sets. > > * Has *excellent* NFS support. > > * Has good problem detection code -- I want a warning before there is a > problem. > > * No problems with FreeBSD 4.10 NFS clients > > Snapshots would be nice, but are not required. As far as backups, we can > back this NAS up via rsync or over an NFS mount to our existing network > backup system, so custom backup software and new tape drives aren't > needed/wanted. > > The budget here is pretty tight so I'd like to see something under several > thousand if possible. I don't have much experience with this budget level > so > I'm hoping to get an earful of what works and what doesn't that services > this market. > > Currently, the site is using a FreeBSD 4.10 server for NFS, but I am > concerned about the lack of failover support. FreeBSD has proven to be a > reliable NFS server, but I really, really don't like see an important > service running that doesn't provide for some kind of automatic failover. > > --- > Puryear Information Technology, LLC > Baton Rouge, LA * 225-706-8414 > http://www.puryear-it.com > > Author of "Best Practices for Managing Linux and UNIX Servers" > Download your free copy: > http://www.puryear-it.com/bestpractices_ebook.htm > > > From sage-members-owner@usenix.org Sun Jan 30 19:53:50 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0V3ron3002375 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 30 Jan 2005 19:53:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0V3ronN002374 for sage-members-outgoing; Sun, 30 Jan 2005 19:53:50 -0800 (PST) Received: from watcher.puryear-it.com (ip-66-186-248-99.static.eatel.net [66.186.248.99]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0V3rfn2002369 for ; Sun, 30 Jan 2005 19:53:47 -0800 (PST) Received: from dpboxen (localhost.puryear-it.local [127.0.0.1]) by watcher.puryear-it.com (Postfix) with SMTP id 1E22C84464 for ; Sun, 30 Jan 2005 21:50:47 -0600 (CST) Message-ID: <01ad01c50748$581973f0$9db30b44@dpboxen> From: "Dustin Puryear" To: References: <00ae01c50730$080ad740$9db30b44@dpboxen> Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Date: Sun, 30 Jan 2005 21:52:18 -0600 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=response Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Sender: owner-sage-members@usenix.org Precedence: bulk Yeah, I know this is going to be tough. I was asked so I'm asking here. Can't hurt to try. Chances are pretty high that the client either will have to increase the budget or I will have to drop reqs. ----- Original Message ----- From: "Brad Knowles" To: "Dustin Puryear" Cc: Sent: Sunday, January 30, 2005 7:55 PM Subject: Re: [SAGE] NAS reviews - 30GB to 45GB > At 6:58 PM -0600 2005-01-30, Dustin Puryear wrote: > >> Is anyone aware of current reviews for NAS devices that offer 30GB to >> 45GB >> of initial capacity? I'm working at a site with a very tight budget that >> I >> want to see move to a NAS that provides for some kind of failover. My >> initial reqs are: > > 30-45GB? I recently saw an Iomega 160GB Network hard drive on sale for a > little over 200 Euro (see for more info), and > that was the smallest one of these things that they had. The only other > one available was 250GB. > > I'm seriously considering buying one of these things just so that I can > have some network disk storage capacity to tide me (and my wife) over, > until I have such time as to get the real dishwasher-size monster > fileserver up and running. It'd also be nice to be able to offload my > entire MP3 collection to the fileserver, and still be able to sync that to > my iPod when necessary (thanks to symlinks in the right places). > >> * Provides for replication/failover to a second NAS even if it's just an >> add-on that we purchase later. > > Looking at the official NAS line from Iomega (see > ), I don't see anything smaller than 160GB. If > you want load-balancing and fail-over, it looks like Iomega doesn't > provide those options until you get up into the 400m series, according to > the "Family Overview" PDF (link from ), and the > 400m starts at $2749 for 320GB. > >> * Offers at least 30GB to 45GB of disk space from the start. This is a >> wee >> bit small, so I'm more concerned about not finding any reliable NAS >> devices >> that go this low. If we can get a good value for more capacity that's >> fine >> of course. We should be able to expand the system to 200 GB or more >> later >> on. > > Speaking only for myself, I think this is very small. IMO, this seems > like asking for a tank that is equipped to fire at least 5.56N and maybe > 7.62N rounds to start, with possible upgrades to actual cannon rounds at a > later stage -- and then expecting a serious price break due to the reduced > initially offensive capability. > > The real expense in NAS servers is not the hardware, or the drives. The > real expense is developing the software to control the whole thing, and to > do so reliably. The vendors can't really make money selling just the > software, so they instead create artificial ways to "sell" the hardware > (and support contracts) to pay the costs of developing the software. > >> * Can at least do RAID-0, RAID-1, and RAID-5. >> >> * Supports at least two RAID sets. >> >> * Has *excellent* NFS support. >> >> * Has good problem detection code -- I want a warning before there is a >> problem. > > I think at least two or three of these are going to be expensive options, > taken individually. Taken together, I think they're going to be very > expensive. > >> * No problems with FreeBSD 4.10 NFS clients > > Don't get me wrong, I love FreeBSD. But I like to consider myself a > realist, and I must confess that while it is great and wonderful OS > overall, NFS has been a particular problem area for both the 4.x and 5.x > trees -- in various different ways. I'm not sure which versions of > FreeBSD has had what problems, but before making this a hard requirement I > would first confirm that FreeBSD 4.10 doesn't have any inherent NFS client > problems that could sink the whole ship. > > I would then confirm that FreeBSD 4.10 doesn't have any client issues that > could only be solved by running FreeBSD 4.10 as the server. Historically, > going cross-platform with NFS has been one of the biggest problems to > overcome, as each vendor works primarily with their own OS on both sides > of each problem and does relatively little interoperability testing. > >> Currently, the site is using a FreeBSD 4.10 server for NFS, but I am >> concerned about the lack of failover support. FreeBSD has proven to be a >> reliable NFS server, but I really, really don't like see an important >> service running that doesn't provide for some kind of automatic >> failover. > > I'll be very interested to see if you can turn up anything. I suspect > that your best shot may be a used NAS server from someone that is > upgrading, but I don't know what kind of server that might be. > > The big problem with any real serious vendor is going to be that the > support contract will cost you more than the hardware, and you won't be > able to get any replacement parts or any kind of service without a support > contract. Given what you've said above, I don't think you'd be interested > in hardware that can do all this magic, and yet not be able to fix the > thing if it broke. > > -- > Brad Knowles, > > "Those who would give up essential Liberty, to purchase a little > temporary Safety, deserve neither Liberty nor Safety." > > -- Benjamin Franklin (1706-1790), reply of the Pennsylvania > Assembly to the Governor, November 11, 1755 > > SAGE member since 1995. See for more info. > > From sage-members-owner@usenix.org Mon Jan 31 03:17:57 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VBHvn3027428 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 03:17:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VBHuNW027427 for sage-members-outgoing; Mon, 31 Jan 2005 03:17:56 -0800 (PST) Received: from ulysses.noc.ntua.gr (ulysses.noc.ntua.gr [147.102.222.230]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VBHrn2027422 for ; Mon, 31 Jan 2005 03:17:55 -0800 (PST) Received: from theseas.softlab.ece.ntua.gr (theseas.softlab.ece.ntua.gr [147.102.1.1]) by ulysses.noc.ntua.gr (8.13.1/8.13.1) with ESMTP id j0VBHMRc092065; Mon, 31 Jan 2005 13:17:22 +0200 (EET) (envelope-from zvr@softlab.ece.ntua.gr) Received: from theseas.softlab.ece.ntua.gr (zvr@localhost [127.0.0.1]) by theseas.softlab.ece.ntua.gr (8.12.3/8.12.3/Debian-7.1) with ESMTP id j0VBHMiR010707 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Mon, 31 Jan 2005 13:17:22 +0200 Received: (from zvr@localhost) by theseas.softlab.ece.ntua.gr (8.12.3/8.12.3/Debian-7.1) id j0VBHKHs010704; Mon, 31 Jan 2005 13:17:20 +0200 Date: Mon, 31 Jan 2005 13:17:20 +0200 From: Alexios Zavras To: Brad Knowles Cc: sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Message-ID: <20050131111720.GA8578@softlab.ece.ntua.gr> References: <00ae01c50730$080ad740$9db30b44@dpboxen> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.28i X-Mail-Address: P.O. Box 24071, GR-111 10 Athens, GREECE X-Home-Address: 13, Lykoudi St., GR-111 41 Athens, GREECE X-Work-Phone: +30-2108203900 X-Work-Fax: +30-2108203909 X-Home-Phone: +30-2102010669 X-Home-Fax: +30-2102010669 Sender: owner-sage-members@usenix.org Precedence: bulk Brad Knowles wrote [edited]: > I recently saw an Iomega 160GB Network hard drive [...] > I'm seriously considering buying one of these things just so that > I can have some network disk storage capacity to tide me (and my > wife) over, until I have such time as to get the real dishwasher-size > monster fileserver up and running. It'd also be nice to be able to > offload my entire MP3 collection to the fileserver, and still be able > to sync that to my iPod when necessary (thanks to symlinks in the > right places). Hi, Brad! I am curious why you consider net-attached external drives instead of host-attache ones (i.e. Ethernet vs. Firewire/USB/...). It could be the case that you just "leave it on" and you don't have an "always-on" server to attach them to -- but don't you have to have a server running for DHCP, anyway ? -- -- zvr -- -- +---------------------------+ Alexios Zavras (-zvr-) | H eytyxia den exei enoxes | zvr@pobox.com +-----------------------zvr-+ From sage-members-owner@usenix.org Mon Jan 31 07:07:35 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VF7Yn3000363 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 07:07:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VF7Ywo000362 for sage-members-outgoing; Mon, 31 Jan 2005 07:07:34 -0800 (PST) Received: from eldwist.darkuncle.net (root@eldwist.darkuncle.net [66.33.218.20]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VF7Vn3000356 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 07:07:32 -0800 (PST) Received: from eldwist.darkuncle.net (sfrancis@localhost.darkuncle.net [127.0.0.1]) by eldwist.darkuncle.net (8.12.11/8.12.9) with ESMTP id j0VF7cYq028144 for ; Mon, 31 Jan 2005 07:07:38 -0800 (PST) Received: (from sfrancis@localhost) by eldwist.darkuncle.net (8.12.11/8.12.11/Submit) id j0VF7c3b019617 for sage-members@sage.org; Mon, 31 Jan 2005 07:07:38 -0800 (PST) Date: Mon, 31 Jan 2005 07:07:38 -0800 From: Scott Francis To: sage-members@sage.org Subject: Re: [SAGE] Eliminating my position Message-ID: <20050131150738.GU18856@darkuncle.net> Mail-Followup-To: sage-members@sage.org References: <41F7D394.3080705@pgdc.com> <20050128170952.GR18856@darkuncle.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i X-Operating-System: OpenBSD X-PGP-Fingerprint: 7429 F75D D3F5 FA45 C6D7 D25B 59A0 7B8C 5537 F527 X-PGP-Key: http://darkuncle.net/pubkey.asc X-PGP-Notice: encryption subkey 2048g/0CEFEA3C has been revoked - please use 2048R/18A88182 instead (available at above URL) X-What-Happen: Somebody set up us the bomb. Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Jan 28, 2005 at 06:56:54PM +0100, brad@stop.mail-abuse.org said: > At 9:09 AM -0800 2005-01-28, Scott Francis wrote: > > >> Hosted Exchange/Comparable solution (shared cal/notes/email) > > > > We've been using CriticalPath for the past couple of months during a > > transition period (long story), and they offer most of these items. My > > opinion of their interface is somewhat less than complementary, but their > > price point is nearly unbeatable. > > Unfortunately, CriticalPath has been known for doing some > seriously bogus crap with some of their customers. [snip] I know we're migrating away from them just as soon as I can get the new infrastructure in place - the first thing going online on the new network is a pair of mailservers (spamassassin scanner and an internal delivery machine) - partially because I don't like outsourcing critical business functions, and partially becuase I haven't been too happy with their reliability, security or turnaround times on service requests (and the web interface is clunky, inefficient and your only option). > You should also talk to the folks at MAPS -- I know they do > outsourced anti-spam/anti-virus scanning, and I understand they have > more business than better known firms like Brightmail and Postini put > together, but I don't know if they have a full-service outsourcing > solution. If not, they might know of some decent companies to talk > to. the clever monkeys up at Cloudmark have some very interesting tools in the mix (Cloudmark was where Vipul Ved Prakash went to take Vipul's Razor commercial, and there are some really smart engineers up there). - -- Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 Less and less is done until non-action is achieved when nothing is done, nothing is left undone. -- the Tao of Sysadmin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (OpenBSD) iD8DBQFB/km2WaB7jFU39ScRAnEHAJoC/k0LCoCvRoHYt+RkDjq5md5xPQCcCpGh Tt4z7TNg1vqhud/tj8kgtvE= =zLG1 -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Mon Jan 31 08:32:47 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VGWln3002121 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 08:32:47 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VGWkqC002120 for sage-members-outgoing; Mon, 31 Jan 2005 08:32:46 -0800 (PST) Received: from eldwist.darkuncle.net (root@eldwist.darkuncle.net [66.33.218.20]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VGWjn3002115 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 08:32:45 -0800 (PST) Received: from eldwist.darkuncle.net (sfrancis@localhost.darkuncle.net [127.0.0.1]) by eldwist.darkuncle.net (8.12.11/8.12.9) with ESMTP id j0VGWq4J020460 for ; Mon, 31 Jan 2005 08:32:52 -0800 (PST) Received: (from sfrancis@localhost) by eldwist.darkuncle.net (8.12.11/8.12.11/Submit) id j0VGWqfT025393 for sage-members@sage.org; Mon, 31 Jan 2005 08:32:52 -0800 (PST) Date: Mon, 31 Jan 2005 08:32:51 -0800 From: Scott Francis To: sage-members@sage.org Subject: Re: [SAGE] term servers Message-ID: <20050131163251.GY18856@darkuncle.net> Mail-Followup-To: sage-members@sage.org References: <20050128143732.GQ18856@darkuncle.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050128143732.GQ18856@darkuncle.net> User-Agent: Mutt/1.4.1i X-Operating-System: OpenBSD X-PGP-Fingerprint: 7429 F75D D3F5 FA45 C6D7 D25B 59A0 7B8C 5537 F527 X-PGP-Key: http://darkuncle.net/pubkey.asc X-PGP-Notice: encryption subkey 2048g/0CEFEA3C has been revoked - please use 2048R/18A88182 instead (available at above URL) X-What-Happen: Somebody set up us the bomb. Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Jan 28, 2005 at 06:37:32AM -0800, darkuncle@darkuncle.net said: [snip] > Next infrastructure poll: term server recommendations? I've had quite a bit > of prior experience with Cyclades, and have been very happy with their gear > for the most part. I'm interested in hearing of any other vendors that are > selling comparably-priced gear that's also based on Linux/BSD, and of course > that support SSH2 access. 16-port density is probably sufficient (although > 24-port would be nice). [snip] Thanks for all the replies on- and off-list; I ended up going with the Logical Solutions SCS 320 boxes (thanks Blayne). Similar features (with some things I actually like better) to Cyclades at a significantly better price. Other suggestions received: Cyclades Lantronix Cisco Access Server 2511-RJ (end of lifed by Cisco?) And probably my favorite suggestion, were I not under a tight deadline with no time for a roll-your-own solution, is to take a standard *nix machine and put a serial card(s) in it and run conserver . This time around, fast+good wins out over cheap+good. (Not having any old hardware lying around in $new_employer's data center also makes recycling problematic.) - -- Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 Less and less is done until non-action is achieved when nothing is done, nothing is left undone. -- the Tao of Sysadmin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (OpenBSD) iD8DBQFB/l2yWaB7jFU39ScRAoujAKDVx/TK88gsLHsz0PZugzxbcHntFwCfaVKc ZhR4BwdHqO7ud+8cSx11NNc= =mczn -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Mon Jan 31 08:36:53 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VGaqn3002562 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 08:36:53 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VGaq7Q002560 for sage-members-outgoing; Mon, 31 Jan 2005 08:36:52 -0800 (PST) Received: from sj-iport-2.cisco.com (sj-iport-2-in.cisco.com [171.71.176.71]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VGapn2002551 for ; Mon, 31 Jan 2005 08:36:51 -0800 (PST) Received: from sj-core-2.cisco.com (171.71.177.254) by sj-iport-2.cisco.com with ESMTP; 31 Jan 2005 08:43:25 -0800 Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j0VGaQl2004935; Mon, 31 Jan 2005 08:36:26 -0800 (PST) Received: from cisco.com ([10.25.20.83]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHJ97613; Mon, 31 Jan 2005 08:36:24 -0800 (PST) Message-ID: <41FE5E84.1040405@cisco.com> Date: Mon, 31 Jan 2005 08:36:20 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Alexios Zavras CC: Brad Knowles , sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB References: <00ae01c50730$080ad740$9db30b44@dpboxen> <20050131111720.GA8578@softlab.ece.ntua.gr> In-Reply-To: <20050131111720.GA8578@softlab.ece.ntua.gr> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk I'm not sure about Brad, but if you pay 33 cents or more per KWH for 'the ones at the top' (San Jose, CA, for instance), running a small, external file server and letting the broadband router supply DHCP (if you're not running static IPs internally) can pay for themselves very quickly compared to leaving a full computer running 24x7. I have a couple of machines that run 24x7 for other reasons, but I've considered eliminating one of them and installing a small, low power fileserver just for that reason. If you can reduce power consumption by 100 watts, that's more than 2 KWH/day, or about 800 KWH/year, for a savings of a couple of hundred dollars per year - enough to pay for the fileserver and hard drive in the first year! This is also a good reason for using a broadband router rather than a computer as your home gateway - if you don't need other services up (unfortunately, I do), you can make similar power savings. If you have a lot of services all using a collection of little boxes, however, you may find that the cost of running a single computer to do all of the tasks is cheaper, or not much more expensive, than all of the boxes (router, file server, print servers, etc.) together - especially if you select your server well and apply any energy reduction features that it may have. However, if you live in a place where electricity is all-you-want for under 10 cents per KWH, the cost of the fileserver may not be recovered for several years. - Richard (who pays *way* too much for electricity!) Alexios Zavras wrote: >Brad Knowles wrote [edited]: > > >>I recently saw an Iomega 160GB Network hard drive [...] >>I'm seriously considering buying one of these things just so that >>I can have some network disk storage capacity to tide me (and my >>wife) over, until I have such time as to get the real dishwasher-size >>monster fileserver up and running. It'd also be nice to be able to >>offload my entire MP3 collection to the fileserver, and still be able >>to sync that to my iPod when necessary (thanks to symlinks in the >>right places). >> >> > >Hi, Brad! >I am curious why you consider net-attached external drives >instead of host-attache ones (i.e. Ethernet vs. Firewire/USB/...). >It could be the case that you just "leave it on" and you don't have >an "always-on" server to attach them to -- but don't you >have to have a server running for DHCP, anyway ? > > > From sage-members-owner@usenix.org Mon Jan 31 08:50:10 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VGoAn3003224 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 08:50:10 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VGoAqM003223 for sage-members-outgoing; Mon, 31 Jan 2005 08:50:10 -0800 (PST) Received: from jas.peak.org (peak-colo-196-137.peak.org [69.59.196.137] (may be forged)) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VGo5n3003215 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO) for ; Mon, 31 Jan 2005 08:50:09 -0800 (PST) Received: from sechrest (helo=jas.peak.org) by jas.peak.org with local-esmtp (Exim 4.34) id 1Cvek4-0004Je-54; Mon, 31 Jan 2005 08:49:36 -0800 To: Richard Chycoski Cc: Alexios Zavras , Brad Knowles , sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB In-reply-to: Your message of Mon, 31 Jan 2005 08:36:20 PST. <41FE5E84.1040405@cisco.com> Date: Mon, 31 Jan 2005 08:49:36 -0800 From: John Sechrest Message-Id: X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: sechrest@jas.peak.org X-SA-Exim-Scanned: No (on jas.peak.org); SAEximRunCond expanded to false Sender: owner-sage-members@usenix.org Precedence: bulk Hmmm According to my power bill, I am paying $.08/kilowatt hour. Perhaps you should think about outsourcing your systems to a collocation up in oregon and cut the power costs by outsourcing... Richard Chycoski writes: % I'm not sure about Brad, but if you pay 33 cents or more per KWH for % 'the ones at the top' (San Jose, CA, for instance), running a small, % external file server and letting the broadband router supply DHCP (if % you're not running static IPs internally) can pay for themselves very % quickly compared to leaving a full computer running 24x7. I have a % couple of machines that run 24x7 for other reasons, but I've considered % eliminating one of them and installing a small, low power fileserver % just for that reason. If you can reduce power consumption by 100 watts, % that's more than 2 KWH/day, or about 800 KWH/year, for a savings of a % couple of hundred dollars per year - enough to pay for the fileserver % and hard drive in the first year! % % This is also a good reason for using a broadband router rather than a % computer as your home gateway - if you don't need other services up % (unfortunately, I do), you can make similar power savings. If you have a % lot of services all using a collection of little boxes, however, you may % find that the cost of running a single computer to do all of the tasks % is cheaper, or not much more expensive, than all of the boxes (router, % file server, print servers, etc.) together - especially if you select % your server well and apply any energy reduction features that it may have. % % However, if you live in a place where electricity is all-you-want for % under 10 cents per KWH, the cost of the fileserver may not be recovered % for several years. % % - Richard (who pays *way* too much for electricity!) % % Alexios Zavras wrote: % % >Brad Knowles wrote [edited]: % > % > % >>I recently saw an Iomega 160GB Network hard drive [...] % >>I'm seriously considering buying one of these things just so that % >>I can have some network disk storage capacity to tide me (and my % >>wife) over, until I have such time as to get the real dishwasher-size % >>monster fileserver up and running. It'd also be nice to be able to % >>offload my entire MP3 collection to the fileserver, and still be able % >>to sync that to my iPod when necessary (thanks to symlinks in the % >>right places). % >> % >> % > % >Hi, Brad! % >I am curious why you consider net-attached external drives % >instead of host-attache ones (i.e. Ethernet vs. Firewire/USB/...). % >It could be the case that you just "leave it on" and you don't have % >an "always-on" server to attach them to -- but don't you % >have to have a server running for DHCP, anyway ? % > % > % > ----- John Sechrest . Helping people use . computers and the Internet . more effectively . . Internet: sechrest@peak.org . . http://www.peak.org/~sechrest From sage-members-owner@usenix.org Mon Jan 31 09:11:29 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VHBSn3003974 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 09:11:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VHBRKq003973 for sage-members-outgoing; Mon, 31 Jan 2005 09:11:27 -0800 (PST) Received: from sj-iport-2.cisco.com (sj-iport-2-in.cisco.com [171.71.176.71]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VHBPn2003967 for ; Mon, 31 Jan 2005 09:11:26 -0800 (PST) Received: from sj-core-5.cisco.com (171.71.177.238) by sj-iport-2.cisco.com with ESMTP; 31 Jan 2005 09:18:03 -0800 Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id j0VHB3Nt007078; Mon, 31 Jan 2005 09:11:04 -0800 (PST) Received: from cisco.com ([10.25.20.83]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHJ99755; Mon, 31 Jan 2005 09:11:02 -0800 (PST) Message-ID: <41FE66A1.4080103@cisco.com> Date: Mon, 31 Jan 2005 09:10:57 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: John Sechrest CC: Alexios Zavras , Brad Knowles , sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk ...Except that I still need the functions to work at home. By the time I pay for the communications facilities necessary to make that work, the power bill becomes insignificant. (:-) Yes, power here is very expensive. It starts at about 13 cents per KWH, and works it's way up the scale. Unless you don't actually occupy your house, it's hard to stay out of the high end of the range. The up side is that installing power-saving devices chop off the most expensive KWHs, so it is easier to justify toys like routers and fileservers to the wife... - Richard John Sechrest wrote: >Hmmm According to my power bill, I am paying $.08/kilowatt hour. > >Perhaps you should think about outsourcing your systems to a >collocation up in oregon and cut the power costs by outsourcing... > > > > > >Richard Chycoski writes: > > % I'm not sure about Brad, but if you pay 33 cents or more per KWH for > % 'the ones at the top' (San Jose, CA, for instance), running a small, > % external file server and letting the broadband router supply DHCP (if > % you're not running static IPs internally) can pay for themselves very > % quickly compared to leaving a full computer running 24x7. I have a > % couple of machines that run 24x7 for other reasons, but I've considered > % eliminating one of them and installing a small, low power fileserver > % just for that reason. If you can reduce power consumption by 100 watts, > % that's more than 2 KWH/day, or about 800 KWH/year, for a savings of a > % couple of hundred dollars per year - enough to pay for the fileserver > % and hard drive in the first year! > % > % This is also a good reason for using a broadband router rather than a > % computer as your home gateway - if you don't need other services up > % (unfortunately, I do), you can make similar power savings. If you have a > % lot of services all using a collection of little boxes, however, you may > % find that the cost of running a single computer to do all of the tasks > % is cheaper, or not much more expensive, than all of the boxes (router, > % file server, print servers, etc.) together - especially if you select > % your server well and apply any energy reduction features that it may have. > % > % However, if you live in a place where electricity is all-you-want for > % under 10 cents per KWH, the cost of the fileserver may not be recovered > % for several years. > % > % - Richard (who pays *way* too much for electricity!) > % > % Alexios Zavras wrote: > % > % >Brad Knowles wrote [edited]: > % > > % > > % >>I recently saw an Iomega 160GB Network hard drive [...] > % >>I'm seriously considering buying one of these things just so that > % >>I can have some network disk storage capacity to tide me (and my > % >>wife) over, until I have such time as to get the real dishwasher-size > % >>monster fileserver up and running. It'd also be nice to be able to > % >>offload my entire MP3 collection to the fileserver, and still be able > % >>to sync that to my iPod when necessary (thanks to symlinks in the > % >>right places). > % >> > % >> > % > > % >Hi, Brad! > % >I am curious why you consider net-attached external drives > % >instead of host-attache ones (i.e. Ethernet vs. Firewire/USB/...). > % >It could be the case that you just "leave it on" and you don't have > % >an "always-on" server to attach them to -- but don't you > % >have to have a server running for DHCP, anyway ? > % > > % > > % > > >----- >John Sechrest . Helping people use > . computers and the Internet > . more effectively > . > . Internet: sechrest@peak.org > . > . http://www.peak.org/~sechrest > > From sage-members-owner@usenix.org Mon Jan 31 09:13:42 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VHDfn3004323 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 09:13:41 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VHDfNs004320 for sage-members-outgoing; Mon, 31 Jan 2005 09:13:41 -0800 (PST) Received: from eldwist.darkuncle.net (root@eldwist.darkuncle.net [66.33.218.20]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VHDcn3004315 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 09:13:40 -0800 (PST) Received: from eldwist.darkuncle.net (sfrancis@localhost.darkuncle.net [127.0.0.1]) by eldwist.darkuncle.net (8.12.11/8.12.9) with ESMTP id j0VHDj0A021795 for ; Mon, 31 Jan 2005 09:13:45 -0800 (PST) Received: (from sfrancis@localhost) by eldwist.darkuncle.net (8.12.11/8.12.11/Submit) id j0VHDiUG031666 for sage-members@sage.org; Mon, 31 Jan 2005 09:13:45 -0800 (PST) Date: Mon, 31 Jan 2005 09:13:44 -0800 From: Scott Francis To: sage-members@sage.org Subject: Re: [SAGE] term servers Message-ID: <20050131171344.GC18856@darkuncle.net> Mail-Followup-To: sage-members@sage.org References: <20050128143732.GQ18856@darkuncle.net> <20050131163251.GY18856@darkuncle.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050131163251.GY18856@darkuncle.net> User-Agent: Mutt/1.4.1i X-Operating-System: OpenBSD X-PGP-Fingerprint: 7429 F75D D3F5 FA45 C6D7 D25B 59A0 7B8C 5537 F527 X-PGP-Key: http://darkuncle.net/pubkey.asc X-PGP-Notice: encryption subkey 2048g/0CEFEA3C has been revoked - please use 2048R/18A88182 instead (available at above URL) X-What-Happen: Somebody set up us the bomb. Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Jan 31, 2005 at 08:32:51AM -0800, darkuncle@darkuncle.net said: [snip] > Other suggestions received: > Cyclades > Lantronix > Cisco Access Server 2511-RJ (end of lifed by Cisco?) and of course Digi , from several folks. - -- Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 Less and less is done until non-action is achieved when nothing is done, nothing is left undone. -- the Tao of Sysadmin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (OpenBSD) iD8DBQFB/mdHWaB7jFU39ScRAusXAJ9HIvWxd3lCXOVXTk8/SaprgqkueQCgnCoN jC2pl1gaZf+P3fCtkjUrwoA= =i6bU -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Mon Jan 31 09:52:03 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VHq2n3005288 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 09:52:02 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VHq2Ve005287 for sage-members-outgoing; Mon, 31 Jan 2005 09:52:02 -0800 (PST) Received: from g2.mental.com (root@entrance.mental.com [192.31.14.10]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VHpwn3005282 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Mon, 31 Jan 2005 09:52:00 -0800 (PST) Received: from mental.com (root@twen.mi [172.16.0.5]) by g2.mental.com (8.13.0/8.13.0/Lobo-041220) with ESMTP id j0VHpgfC014699 for ; Mon, 31 Jan 2005 18:51:42 +0100 (CET) Received: from mental.com (lobo@localhost [127.0.0.1]) by mental.com (8.13.0/8.13.0/Lobo-040825) with ESMTP id j0VHpgUp029567 for ; Mon, 31 Jan 2005 18:51:42 +0100 (MET) X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: sage-members@sage.org Subject: Re: [SAGE] term servers In-reply-to: Scott Francis's message of Mon, 31 Jan 2005 08:32:51 PST <20050131163251.GY18856@darkuncle.net> Organization: mental images GmbH, Berlin, Germany Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 31 Jan 2005 18:51:42 +0100 Message-ID: <29566.1107193902@mental.com> From: Alexander Lobodzinski Sender: owner-sage-members@usenix.org Precedence: bulk () no time for a roll-your-own solution, is to take a standard *nix machine and () put a serial card(s) in it and run conserver . Having an external terminal server is no reason at all not to run conserver! We run conserver to a Cyclades; then you add screen and things start getting really nice - being able to scroll back (or search) to yesterday's stuff, easy switching between consoles, cut-and-paste from one console to another, and sharing all that between several users if you want. It's so nifty that I still have *one* VT220 on my desk and use it every day for the consoles of *all* security-relevant stuff that are separated from the networks themselves. Ciao, Lobo From sage-members-owner@usenix.org Mon Jan 31 10:53:32 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VIrWn3007170 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 10:53:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VIrVK3007169 for sage-members-outgoing; Mon, 31 Jan 2005 10:53:31 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VIrQn3007162 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 10:53:30 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0VIqj78062986; Mon, 31 Jan 2005 13:53:04 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050131111720.GA8578@softlab.ece.ntua.gr> References: <00ae01c50730$080ad740$9db30b44@dpboxen> <20050131111720.GA8578@softlab.ece.ntua.gr> Date: Mon, 31 Jan 2005 19:30:41 +0100 To: Alexios Zavras From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: Brad Knowles , sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 1:17 PM +0200 2005-01-31, Alexios Zavras wrote: > I am curious why you consider net-attached external drives > instead of host-attache ones (i.e. Ethernet vs. Firewire/USB/...). > It could be the case that you just "leave it on" and you don't have > an "always-on" server to attach them to -- but don't you > have to have a server running for DHCP, anyway ? In this case, it would be a short-term thing. I plan on having a full-blown fileserver up and running, but I haven't done it yet, and the machine has sat idle for quite some time. I'd like to have some sort of network-accessible storage, and until I can get my fileserver up and running, this sort of thing seems to be the best short-term solution I can find. Not ideal for my application, no. But perhaps acceptable as a stepping stone. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Mon Jan 31 11:58:32 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VJwVn3008660 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 11:58:31 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VJwVup008659 for sage-members-outgoing; Mon, 31 Jan 2005 11:58:31 -0800 (PST) Received: from ms-smtp-03-eri0.texas.rr.com (ms-smtp-03.texas.rr.com [24.93.47.42]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VJwTn2008654 for ; Mon, 31 Jan 2005 11:58:30 -0800 (PST) Received: from [192.168.2.2] (cs6669134-9.houston.rr.com [66.69.134.9]) by ms-smtp-03-eri0.texas.rr.com (8.12.10/8.12.7) with ESMTP id j0VJvo2b019587; Mon, 31 Jan 2005 13:57:50 -0600 (CST) Received: from 127.0.0.1 (AVG SMTP 7.0.300 [265.8.3]); Mon, 31 Jan 2005 13:57:54 -0600 From: "Jack Coats" To: "'Brad Knowles'" , "'Alexios Zavras'" Cc: Subject: RE: [SAGE] NAS reviews - 30GB to 45GB Date: Mon, 31 Jan 2005 13:57:53 -0600 Organization: Coats Closet Message-ID: <000001c507cf$26c9c7f0$0202a8c0@faith> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.6626 In-Reply-To: X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 Importance: Normal X-Virus-Scanned: Symantec AntiVirus Scan Engine Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id j0VJwUn2008655 Sender: owner-sage-members@usenix.org Precedence: bulk I have done e-bay to get one of the little Linksys NAS heads that should arrive shortly. Also got a couple of USB for 3.5" IDE drive boxes to hook to it. In total, lets see, $78 for the Linksys delivered, $54 for the two USB/IDE drive boxes, and a couple of IDE drives I have laying around the house (for 320G, whatever that cost). Not bad for a little DIY NAS head for small home use. Now I wouldn't try to run a real company on it, but to cover a short term need, it would probably work (oh yea, USA$) Keep your critical files backed up and secure - - > Dr.Backup Remote Online Backup Service < - - > > > 30 day free trial period--Free help with setup < < < http://www.drbackup.net?pid=Coats (Extra FREE storage when you sign up using the full link above) This service is for Windows users only. -----Original Message----- From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of Brad Knowles Sent: Monday, January 31, 2005 12:31 PM To: Alexios Zavras Cc: Brad Knowles; sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB At 1:17 PM +0200 2005-01-31, Alexios Zavras wrote: > I am curious why you consider net-attached external drives instead > of host-attache ones (i.e. Ethernet vs. Firewire/USB/...). It could > be the case that you just "leave it on" and you don't have an > "always-on" server to attach them to -- but don't you have to have a > server running for DHCP, anyway ? In this case, it would be a short-term thing. I plan on having a full-blown fileserver up and running, but I haven't done it yet, and the machine has sat idle for quite some time. I'd like to have some sort of network-accessible storage, and until I can get my fileserver up and running, this sort of thing seems to be the best short-term solution I can find. Not ideal for my application, no. But perhaps acceptable as a stepping stone. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Mon Jan 31 12:07:32 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VK7Wn3009262 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 12:07:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VK7VBg009261 for sage-members-outgoing; Mon, 31 Jan 2005 12:07:31 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VK7Tn3009254 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 12:07:30 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j0VK783q067086; Mon, 31 Jan 2005 15:07:09 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <000001c507cf$26c9c7f0$0202a8c0@faith> References: <000001c507cf$26c9c7f0$0202a8c0@faith> Date: Mon, 31 Jan 2005 21:06:48 +0100 To: "Jack Coats" From: Brad Knowles Subject: RE: [SAGE] NAS reviews - 30GB to 45GB Cc: "'Brad Knowles'" , "'Alexios Zavras'" , Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 1:57 PM -0600 2005-01-31, Jack Coats wrote: > I have done e-bay to get one of the little Linksys NAS heads that should > arrive shortly. Speaking of which, does anyone know which boxes run which OSes? I've gotten conflicting reports on the Iomega devices, so I'm not inclined to get one of those unless I can be sure. What about Linksys? -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Mon Jan 31 12:15:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VKF1n3009768 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 12:15:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VKF1xX009767 for sage-members-outgoing; Mon, 31 Jan 2005 12:15:01 -0800 (PST) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.199]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VKEwn2009760 for ; Mon, 31 Jan 2005 12:14:59 -0800 (PST) Received: by wproxy.gmail.com with SMTP id 36so962976wra for ; Mon, 31 Jan 2005 12:14:39 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=ardt7omUpPY4dZGvunJSpwOXSNIddOkrg0JbJnSOoCV5NTV7Zn/Tse0v3vdgFn6j2ze+U0IZthZQuvQYj/NxPmOJXe5LP4nF6wq2E/hzSQl2A07gCUka1nJF1XQLkYT3V9ld5o2y1WbGrodqOx73jyFNUjRUpkC9UrzXaTozI0U= Received: by 10.54.25.18 with SMTP id 18mr266889wry; Mon, 31 Jan 2005 12:14:39 -0800 (PST) Received: by 10.54.28.13 with HTTP; Mon, 31 Jan 2005 12:14:39 -0800 (PST) Message-ID: Date: Mon, 31 Jan 2005 14:14:39 -0600 From: Jesse Trucks Reply-To: Jesse Trucks To: sage-members@usenix.org Subject: [SAGE] NEXTSTEP for NeXT slab Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Does anyone know where I could find a copy of the newest NEXTSTEP for the NeXT hardware? I think it is NS4.x, but I may be mistaken. I have a NeXT Workstation that I would like to update and get online. Thanks! -- Jesse Trucks jesse.trucks@gmail.com jesse@cyberius.net From sage-members-owner@usenix.org Mon Jan 31 12:15:24 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VKFNn3009858 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 12:15:24 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VKFNAK009856 for sage-members-outgoing; Mon, 31 Jan 2005 12:15:23 -0800 (PST) Received: from ms-smtp-01-eri0.texas.rr.com (ms-smtp-01.texas.rr.com [24.93.47.40]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VKFLn2009842 for ; Mon, 31 Jan 2005 12:15:22 -0800 (PST) Received: from [192.168.2.2] (cs6669134-9.houston.rr.com [66.69.134.9]) by ms-smtp-01-eri0.texas.rr.com (8.12.10/8.12.7) with ESMTP id j0VKF1Ym006097; Mon, 31 Jan 2005 14:15:01 -0600 (CST) Received: from 127.0.0.1 (AVG SMTP 7.0.300 [265.8.3]); Mon, 31 Jan 2005 14:15:04 -0600 From: "Jack Coats" To: "'Brad Knowles'" Cc: "'Alexios Zavras'" , Subject: RE: [SAGE] NAS reviews - 30GB to 45GB Date: Mon, 31 Jan 2005 14:15:04 -0600 Organization: Coats Closet Message-ID: <000001c507d1$8d3cd2a0$0202a8c0@faith> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.6626 Importance: Normal In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 X-Virus-Scanned: Symantec AntiVirus Scan Engine Sender: owner-sage-members@usenix.org Precedence: bulk I saw an article about the Linkssys indicating it run Linux on an ARM processor base. Keep your critical files backed up and secure - - > Dr.Backup Remote Online Backup Service < - - > > > 30 day free trial period--Free help with setup < < < http://www.drbackup.net?pid=Coats (Extra FREE storage when you sign up using the full link above) This service is for Windows users only. -----Original Message----- From: Brad Knowles [mailto:brad@stop.mail-abuse.org] Sent: Monday, January 31, 2005 2:07 PM To: Jack Coats Cc: 'Brad Knowles'; 'Alexios Zavras'; sage-members@usenix.org Subject: RE: [SAGE] NAS reviews - 30GB to 45GB At 1:57 PM -0600 2005-01-31, Jack Coats wrote: > I have done e-bay to get one of the little Linksys NAS heads that > should arrive shortly. Speaking of which, does anyone know which boxes run which OSes? I've gotten conflicting reports on the Iomega devices, so I'm not inclined to get one of those unless I can be sure. What about Linksys? -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Mon Jan 31 12:37:36 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VKbZn3011005 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 12:37:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VKbZmj011004 for sage-members-outgoing; Mon, 31 Jan 2005 12:37:35 -0800 (PST) Received: from chopin.co-prosperity.org (chopin.co-prosperity.org [24.196.66.98]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VKbWn3010997 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Mon, 31 Jan 2005 12:37:33 -0800 (PST) Received: from chopin.co-prosperity.org (chopin [127.0.0.1]) by chopin.co-prosperity.org (8.12.5/8.12.5) with ESMTP id j0VKjlAw029821; Mon, 31 Jan 2005 14:45:47 -0600 Received: from localhost (nmedbery@localhost) by chopin.co-prosperity.org (8.12.5/8.12.5/Submit) with ESMTP id j0VKjlD8029818; Mon, 31 Jan 2005 14:45:47 -0600 X-Authentication-Warning: localhost.localdomain: nmedbery owned process doing -bs Date: Mon, 31 Jan 2005 14:45:47 -0600 (CST) From: nmedbery@museverte.net X-X-Sender: nmedbery@localhost.localdomain To: Jack Coats cc: sage-members@usenix.org Subject: RE: [SAGE] NAS reviews - 30GB to 45GB In-Reply-To: <000001c507d1$8d3cd2a0$0202a8c0@faith> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-sage-members@usenix.org Precedence: bulk Are you talking about the NSLU2? Tom's Networking has a great series on hacking that thing. Yes, it's linux. http://www.tomsnetworking.com/Sections-article85.php -Nate On Mon, 31 Jan 2005, Jack Coats wrote: > I saw an article about the Linkssys indicating it run Linux on an ARM > processor base. > > Keep your critical files backed up and secure > - - > Dr.Backup Remote Online Backup Service < - - > > > > 30 day free trial period--Free help with setup < < < > http://www.drbackup.net?pid=Coats > (Extra FREE storage when you sign up using the full link above) > This service is for Windows users only. > > > -----Original Message----- > From: Brad Knowles [mailto:brad@stop.mail-abuse.org] > Sent: Monday, January 31, 2005 2:07 PM > To: Jack Coats > Cc: 'Brad Knowles'; 'Alexios Zavras'; sage-members@usenix.org > Subject: RE: [SAGE] NAS reviews - 30GB to 45GB > > > At 1:57 PM -0600 2005-01-31, Jack Coats wrote: > > > I have done e-bay to get one of the little Linksys NAS heads that > > should arrive shortly. > > Speaking of which, does anyone know which boxes run which OSes? > I've gotten conflicting reports on the Iomega devices, so I'm not > inclined to get one of those unless I can be sure. What about > Linksys? > > From sage-members-owner@usenix.org Mon Jan 31 12:46:25 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VKkPn3011563 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 31 Jan 2005 12:46:25 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j0VKkPx6011562 for sage-members-outgoing; Mon, 31 Jan 2005 12:46:25 -0800 (PST) Received: from ms-smtp-04.texas.rr.com (ms-smtp-04.texas.rr.com [24.93.47.43]) by usenix.org (8.12.10/8.12.10) with ESMTP id j0VKkMn2011556 for ; Mon, 31 Jan 2005 12:46:23 -0800 (PST) Received: from [192.168.2.2] (cs6669134-9.houston.rr.com [66.69.134.9]) by ms-smtp-04.texas.rr.com (8.12.10/8.12.7) with ESMTP id j0VKk2J5013257; Mon, 31 Jan 2005 14:46:05 -0600 (CST) Received: from 127.0.0.1 (AVG SMTP 7.0.300 [265.8.3]); Mon, 31 Jan 2005 14:46:06 -0600 From: "Jack Coats" To: Cc: Subject: RE: [SAGE] NAS reviews - 30GB to 45GB Date: Mon, 31 Jan 2005 14:46:06 -0600 Organization: Coats Closet Message-ID: <000b01c507d5$e2cbe950$0202a8c0@faith> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.6626 Importance: Normal In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 X-Virus-Scanned: Symantec AntiVirus Scan Engine Sender: owner-sage-members@usenix.org Precedence: bulk Yes ... That is the one. -----Original Message----- From: nmedbery@museverte.net [mailto:nmedbery@museverte.net] Sent: Monday, January 31, 2005 2:46 PM To: Jack Coats Cc: sage-members@usenix.org Subject: RE: [SAGE] NAS reviews - 30GB to 45GB Are you talking about the NSLU2? Tom's Networking has a great series on hacking that thing. Yes, it's linux. http://www.tomsnetworking.com/Sections-article85.php -Nate From sage-members-owner@usenix.org Tue Feb 1 02:56:24 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11AuOn3014320 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 02:56:24 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11AuOEN014319 for sage-members-outgoing; Tue, 1 Feb 2005 02:56:24 -0800 (PST) Received: from s-utl01-dcpop.stsn.com (s-utl01-dcpop.stsn.com [63.240.218.73]) by usenix.org (8.12.10/8.12.10) with SMTP id j11AuLn3014314 for ; Tue, 1 Feb 2005 02:56:21 -0800 (PST) Received: from dcpop.smtp.stsn.com ([127.0.0.1]) by s-utl01-dcpop.stsn.com (SAVSMTP 3.1.0.29) with SMTP id M2005020105555530964 for ; Tue, 01 Feb 2005 05:55:55 -0500 Received: from shamet.verizon.net ([10.24.97.55]) by dcpop.smtp.stsn.com with Microsoft SMTPSVC(5.0.2195.6713); Tue, 1 Feb 2005 05:55:54 -0500 Received: from shamet.verizon.net (localhost [127.0.0.1]) by shamet.verizon.net (Postfix) with ESMTP id 8935A9B282; Tue, 1 Feb 2005 05:58:41 -0500 (EST) X-Mailer: exmh version VERSION 01/15/2001 with nmh-1.1-RC1 To: Richard Chycoski Cc: maddog@li.org, sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB In-reply-to: Your message of "Mon, 31 Jan 2005 08:36:20 PST." <41FE5E84.1040405@cisco.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 01 Feb 2005 05:58:41 -0500 From: Jon maddog Hall Message-Id: <20050201105841.8935A9B282@shamet.verizon.net> X-OriginalArrivalTime: 01 Feb 2005 10:55:55.0041 (UTC) FILETIME=[9A5F7110:01C5084C] Sender: owner-sage-members@usenix.org Precedence: bulk rac@cisco.com said: > running a small, external file server and letting the broadband router > supply DHCP (if you're not running static IPs internally) can pay for > themselves very quickly compared to leaving a full computer running 24x7 ~~~~~~~~~~~~~ I use an old notebook with a SCSI and an ETHERNET PCMCIA card in it (it also has one ETHERNET controller built into the notebook) and the LCD turned off for a "server" for such things. Total power consumption is negligible, it has its own "power conditioning" and "UPS" built in, and it does not take up much space either. These days you could substitute USB external drives for the SCSI ones. md -- Jon "maddog" Hall Executive Director Linux International(R) email: maddog@li.org 80 Amherst St. Voice: +1.603.672.4557 Amherst, N.H. 03031-3032 U.S.A. WWW: http://www.li.org Board Member: Uniforum Association, USENIX Association (R)Linux is a registered trademark of Linus Torvalds in several countries. (R)Linux International is a registered trademark in the USA used pursuant to a license from Linux Mark Institute, authorized licensor of Linus Torvalds, owner of the Linux trademark on a worldwide basis (R)UNIX is a registered trademark of The Open Group in the USA and other countries. From sage-members-owner@usenix.org Tue Feb 1 05:56:26 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11DuPn3016955 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 05:56:25 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11DuPx7016954 for sage-members-outgoing; Tue, 1 Feb 2005 05:56:25 -0800 (PST) Received: from eldwist.darkuncle.net (root@eldwist.darkuncle.net [66.33.218.20]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11DuKn3016949 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 05:56:24 -0800 (PST) Received: from eldwist.darkuncle.net (sfrancis@localhost.darkuncle.net [127.0.0.1]) by eldwist.darkuncle.net (8.12.11/8.12.9) with ESMTP id j11DuPEc015788 for ; Tue, 1 Feb 2005 05:56:25 -0800 (PST) Received: (from sfrancis@localhost) by eldwist.darkuncle.net (8.12.11/8.12.11/Submit) id j11DuOFo022145 for sage-members@sage.org; Tue, 1 Feb 2005 05:56:24 -0800 (PST) Date: Tue, 1 Feb 2005 05:56:24 -0800 From: Scott Francis To: sage-members@sage.org Subject: [SAGE] (mildly OT) wireless SMS interconnects Message-ID: <20050201135624.GE18856@darkuncle.net> Mail-Followup-To: sage-members@sage.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Operating-System: OpenBSD X-PGP-Fingerprint: 7429 F75D D3F5 FA45 C6D7 D25B 59A0 7B8C 5537 F527 X-PGP-Key: http://darkuncle.net/pubkey.asc X-PGP-Notice: encryption subkey 2048g/0CEFEA3C has been revoked - please use 2048R/18A88182 instead (available at above URL) X-What-Happen: Somebody set up us the bomb. Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ mildly off-topic telco-related ] Friend of mine is working on a project to offer a unified interface to the various carrier-specific SMS networks (as well as some other wireless networks, like Mobil's Speedpass, wireless toll highway services like PikePass, etc.), and I told him I'd ask around here and see what kind of resources folks were aware of on this topic. I'm sure the available documentation is limited, at best; I'm hoping for better results from the wealth of personal experience on this list. Anybody worked with SMS interconnects between carriers before? The only part of that network I've touched has been when I've been doing SMTP -> SMS stuff. - -- Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 Less and less is done until non-action is achieved when nothing is done, nothing is left undone. -- the Tao of Sysadmin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (OpenBSD) iD8DBQFB/4qDWaB7jFU39ScRAgdJAJ46jmOeTABaHXuBu9hXUTEx1kBnvQCg2B+u Era1mSvassy1YtzmdEM3B6M= =CiJN -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Tue Feb 1 09:33:29 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11HXSn3020882 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 09:33:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11HXSd0020881 for sage-members-outgoing; Tue, 1 Feb 2005 09:33:28 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11HXQn3020876 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 09:33:26 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j11HVm54047602; Tue, 1 Feb 2005 12:31:52 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050201105841.8935A9B282@shamet.verizon.net> References: <20050201105841.8935A9B282@shamet.verizon.net> Date: Tue, 1 Feb 2005 18:20:48 +0100 To: Jon maddog Hall From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: Richard Chycoski , maddog@li.org, sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 5:58 AM -0500 2005-02-01, Jon maddog Hall wrote: > I use an old notebook with a SCSI and an ETHERNET PCMCIA card in it (it also > has one ETHERNET controller built into the notebook) and the LCD turned off > for a "server" for such things. Total power consumption is negligible, it > has its own "power conditioning" and "UPS" built in, and it does not take > up much space either. I've used an old laptop as a server, myself. My problem was that I could never figure out how to turn off the screen (trying to save the backlight for when I needed it, not concerned so much about power usage), plus the fact that laptops were never designed for 24x7 usage, either as a server or a client. Indeed, my laptop server died a while back with some sort of hardware problem, and I have not yet been able to figure out what went wrong. So, I've got to build a new server. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Feb 1 10:21:35 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11ILZn3022235 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 10:21:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11ILZme022234 for sage-members-outgoing; Tue, 1 Feb 2005 10:21:35 -0800 (PST) Received: from sj-iport-3.cisco.com (sj-iport-3-in.cisco.com [171.71.176.72]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11ILWn2022219 for ; Tue, 1 Feb 2005 10:21:33 -0800 (PST) Received: from sj-core-2.cisco.com (171.71.177.254) by sj-iport-3.cisco.com with ESMTP; 01 Feb 2005 11:31:23 +0000 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j11IL5l2014025; Tue, 1 Feb 2005 10:21:05 -0800 (PST) Received: from cisco.com (rtp-vpn1-79.cisco.com [10.82.224.79]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHK84590; Tue, 1 Feb 2005 10:21:03 -0800 (PST) Message-ID: <41FFC88B.1090706@cisco.com> Date: Tue, 01 Feb 2005 10:20:59 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Brad Knowles CC: Jon maddog Hall , sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB References: <20050201105841.8935A9B282@shamet.verizon.net> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Yeah, laptops aren't designed for 24x7. Most laptops shut off their backlight if you close them - you just have to convince them not to go into 'standby' (or shutdown) when closed. This may controlled by the BIOS or the OS that you're running. I did a check on my current laptop - it draws a little less than .3A when the screen is off, or about 1 KWH per day. Some laptop supplies are more power hungry than this, others may be somewhat or considerably better. (What does yours draw, maddog?) I haven't bought one of the little fileservers yet to find out what their power drain is - but the Linksys NSLU2 (a fine example :-) has a power input of 5V @ 2A max. Since the box should not be running at full rated current continuously, it's got to be drawing less than 10W from the wall (I'd be happy to stand corrected if someone would measure one :-), so the power savings over the period of a year (compared to my laptop) is about 200 KWH, or $70 at SJ-highway-robbery-power-rates. It won't *quite* pay for a fileserver in one year, but will in less than two years. And fewer parts to wear out. Doesn't include UPS or power conditioning, but I've seen little ones sufficient for the fileserver plus a couple of more boxes for $40. If the laptop is doing a lot more than fileserving, it may still be justified - this is why I haven't replaced my own server yet. And if you get to buy your power in Oregon (or British Columbia, where I'm originally from), power savings will not justify the gear within the lifetime of the product. (:-) - Richard Brad Knowles wrote: > At 5:58 AM -0500 2005-02-01, Jon maddog Hall wrote: > >> I use an old notebook with a SCSI and an ETHERNET PCMCIA card in it >> (it also >> has one ETHERNET controller built into the notebook) and the LCD >> turned off >> for a "server" for such things. Total power consumption is >> negligible, it >> has its own "power conditioning" and "UPS" built in, and it does not >> take >> up much space either. > > > I've used an old laptop as a server, myself. My problem was that > I could never figure out how to turn off the screen (trying to save > the backlight for when I needed it, not concerned so much about power > usage), plus the fact that laptops were never designed for 24x7 usage, > either as a server or a client. Indeed, my laptop server died a while > back with some sort of hardware problem, and I have not yet been able > to figure out what went wrong. > > So, I've got to build a new server. > From sage-members-owner@usenix.org Tue Feb 1 14:51:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11Mpjn3027263 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 14:51:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11MpjjB027262 for sage-members-outgoing; Tue, 1 Feb 2005 14:51:45 -0800 (PST) Received: from whatexit.org (whatexit.org [64.32.179.55]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11Mphn2027255 for ; Tue, 1 Feb 2005 14:51:44 -0800 (PST) Received: from localhost (unknown [127.0.0.1]) by whatexit.org (Postfix) with ESMTP id 6748E65DB; Tue, 1 Feb 2005 22:51:28 +0000 (US/Eastern) Received: from whatexit.org ([127.0.0.1]) by localhost (joisey [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 25695-02; Tue, 1 Feb 2005 17:51:23 -0500 (EST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by whatexit.org (Postfix) with ESMTP id D5D2365ED; Tue, 1 Feb 2005 17:51:22 -0500 (EST) Message-ID: <420007EB.2080101@whatexit.org> Date: Tue, 01 Feb 2005 17:51:23 -0500 From: Tom Reingold User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> In-Reply-To: <41FFC88B.1090706@cisco.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at whatexit.org Sender: owner-sage-members@usenix.org Precedence: bulk Richard Chycoski wrote: > Yeah, laptops aren't designed for 24x7. > > Most laptops shut off their backlight if you close them - you just have > to convince them not to go into 'standby' (or shutdown) when closed. > This may controlled by the BIOS or the OS that you're running. > > I did a check on my current laptop - it draws a little less than .3A > when the screen is off, or about 1 KWH per day. Some laptop supplies are > more power hungry than this, others may be somewhat or considerably > better. (What does yours draw, maddog?) > > I haven't bought one of the little fileservers yet to find out what > their power drain is - but the Linksys NSLU2 (a fine example :-) has a > power input of 5V @ 2A max. Since the box should not be running at full > rated current continuously, it's got to be drawing less than 10W from > the wall (I'd be happy to stand corrected if someone would measure one > :-), so the power savings over the period of a year (compared to my > laptop) is about 200 KWH, or $70 at SJ-highway-robbery-power-rates. It > won't *quite* pay for a fileserver in one year, but will in less than > two years. And fewer parts to wear out. Doesn't include UPS or power > conditioning, but I've seen little ones sufficient for the fileserver > plus a couple of more boxes for $40. > > If the laptop is doing a lot more than fileserving, it may still be > justified - this is why I haven't replaced my own server yet. And if you > get to buy your power in Oregon (or British Columbia, where I'm > originally from), power savings will not justify the gear within the > lifetime of the product. (:-) > > - Richard There are also some makers of very small computers, perhaps about the size of the new Mac Mini. They're not the fastest, but that's OK. Tom From sage-members-owner@usenix.org Tue Feb 1 15:15:41 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11NFfn3028160 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 15:15:41 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11NFfbT028159 for sage-members-outgoing; Tue, 1 Feb 2005 15:15:41 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11NFdn3028153 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 15:15:40 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j11NFJH5066704; Tue, 1 Feb 2005 18:15:23 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <420007EB.2080101@whatexit.org> References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> Date: Wed, 2 Feb 2005 00:15:14 +0100 To: Tom Reingold From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 5:51 PM -0500 2005-02-01, Tom Reingold wrote: > There are also some makers of very small computers, perhaps about the > size of the new Mac Mini. They're not the fastest, but that's OK. Those weren't designed for 24x7 operation, either. IMO, nothing that uses a single IDE/EIDE/ATAPI hard drive can properly handle 24x7 operations. Moreover, these are all weaker and more expensive than the Mac Mini, so if you're bound and determined to go that route, there's not really any sense in using anything other than a Mac Mini. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Feb 1 15:28:22 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11NSLn3028840 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 15:28:22 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11NSLJd028839 for sage-members-outgoing; Tue, 1 Feb 2005 15:28:21 -0800 (PST) Received: from sj-iport-2.cisco.com (sj-iport-2-in.cisco.com [171.71.176.71]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11NSKn2028832 for ; Tue, 1 Feb 2005 15:28:20 -0800 (PST) Received: from sj-core-1.cisco.com (171.71.177.237) by sj-iport-2.cisco.com with ESMTP; 01 Feb 2005 15:35:13 -0800 Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id j11NRsM8014029; Tue, 1 Feb 2005 15:27:54 -0800 (PST) Received: from cisco.com (dhcp-171-71-41-223.cisco.com [171.71.41.223]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHL19332; Tue, 1 Feb 2005 15:27:57 -0800 (PST) Message-ID: <4200107D.5010605@cisco.com> Date: Tue, 01 Feb 2005 15:27:57 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Tom Reingold CC: sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> In-Reply-To: <420007EB.2080101@whatexit.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Yes, but the little computers tend to cost more than a fileserver appliance, and usually draw more power (although some may have power-saving measures that make that moot). If the application requires more than fileserving, they can be useful. Another approach is to look for alternative OS loads that work in the various appliances - you get an extendable OS in a cheap, low power box. The boxes that are based on Linux tend to be the most 'adjustable' in this area... - Richard Tom Reingold wrote: > Richard Chycoski wrote: > >> Yeah, laptops aren't designed for 24x7. >> >> Most laptops shut off their backlight if you close them - you just >> have to convince them not to go into 'standby' (or shutdown) when >> closed. This may controlled by the BIOS or the OS that you're running. >> >> I did a check on my current laptop - it draws a little less than .3A >> when the screen is off, or about 1 KWH per day. Some laptop supplies >> are more power hungry than this, others may be somewhat or >> considerably better. (What does yours draw, maddog?) >> >> I haven't bought one of the little fileservers yet to find out what >> their power drain is - but the Linksys NSLU2 (a fine example :-) has >> a power input of 5V @ 2A max. Since the box should not be running at >> full rated current continuously, it's got to be drawing less than 10W >> from the wall (I'd be happy to stand corrected if someone would >> measure one :-), so the power savings over the period of a year >> (compared to my laptop) is about 200 KWH, or $70 at >> SJ-highway-robbery-power-rates. It won't *quite* pay for a fileserver >> in one year, but will in less than two years. And fewer parts to wear >> out. Doesn't include UPS or power conditioning, but I've seen little >> ones sufficient for the fileserver plus a couple of more boxes for $40. >> >> If the laptop is doing a lot more than fileserving, it may still be >> justified - this is why I haven't replaced my own server yet. And if >> you get to buy your power in Oregon (or British Columbia, where I'm >> originally from), power savings will not justify the gear within the >> lifetime of the product. (:-) >> >> - Richard > > > > There are also some makers of very small computers, perhaps about the > size of the new Mac Mini. They're not the fastest, but that's OK. > > Tom > > > From sage-members-owner@usenix.org Tue Feb 1 15:35:55 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11NZtn3029460 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 15:35:55 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11NZtnI029459 for sage-members-outgoing; Tue, 1 Feb 2005 15:35:55 -0800 (PST) Received: from hamhock.hoovers.com (hamhock-outbound.hoovers.com [66.179.38.26]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11NZrn2029446 for ; Tue, 1 Feb 2005 15:35:53 -0800 (PST) Received: from exchange.hoovers.com (gamma.hoovers.com [66.179.38.8]) by hamhock.hoovers.com (HamHock-OUTBOUND) with ESMTP id 7CA10199C99; Tue, 1 Feb 2005 17:35:29 -0600 (CST) Received: from hoovers-59.hoovers.com ([66.179.38.59]) by exchange.hoovers.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2658.27) id C7GXYV4P; Tue, 1 Feb 2005 17:35:28 -0600 Date: Tue, 01 Feb 2005 17:35:29 -0600 From: Frank Smith To: Brad Knowles Cc: sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Message-ID: In-Reply-To: References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> X-Mailer: Mulberry/3.1.6 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-sage-members@usenix.org Precedence: bulk --On Wednesday, February 02, 2005 00:15:14 +0100 Brad Knowles wrote: > At 5:51 PM -0500 2005-02-01, Tom Reingold wrote: > >> There are also some makers of very small computers, perhaps about the >> size of the new Mac Mini. They're not the fastest, but that's OK. > > Those weren't designed for 24x7 operation, either. IMO, nothing that uses a single IDE/EIDE/ATAPI hard drive can properly handle 24x7 operations. IMO, it depends on what you're using it for, but I have a lot of single IDE drive servers that have been running for years without problems. I wouldn't recommend one for a production database, but I don't see what the issues are for a home fileserver. Frank > > Moreover, these are all weaker and more expensive than the Mac Mini, so if you're bound and determined to go that route, there's not really any sense in using anything other than a Mac Mini. > > -- > Brad Knowles, > -- Frank Smith fsmith@hoovers.com Sr. Systems Administrator Voice: 512-374-4673 Hoover's Online Fax: 512-374-4501 From sage-members-owner@usenix.org Tue Feb 1 15:48:44 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11Nmhn3001316 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 15:48:44 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11Nmh7K001315 for sage-members-outgoing; Tue, 1 Feb 2005 15:48:43 -0800 (PST) Received: from igtc.com (igtc.igtc.com [66.166.73.180]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11Nmbn2001300 for ; Tue, 1 Feb 2005 15:48:41 -0800 (PST) Received: from igtc.com (igtc [127.0.0.1]) by igtc.com (8.13.3/8.13.3) with ESMTP id j11NmFLX004917; Tue, 1 Feb 2005 15:48:17 -0800 Received: (from pmm@localhost) by igtc.com (8.13.3/8.13.3/Submit) id j11NmFsJ004916; Tue, 1 Feb 2005 15:48:15 -0800 Date: Tue, 1 Feb 2005 15:48:15 -0800 From: "Paul M. Moriarty" To: Brad Knowles Cc: Tom Reingold , sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Message-ID: <20050201234815.GC2871@igtc.com> References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i X-SMTP-Vilter-Version: 1.1.8 X-SMTP-Vilter-Spam-Backend: spamd X-Spam-Score: 0.0 X-Spam-Threshold: 8.0 X-Spam-Probability: 0.0 Sender: owner-sage-members@usenix.org Precedence: bulk Brad Knowles writes: > At 5:51 PM -0500 2005-02-01, Tom Reingold wrote: > > > There are also some makers of very small computers, perhaps about the > > size of the new Mac Mini. They're not the fastest, but that's OK. > > Those weren't designed for 24x7 operation, either. IMO, nothing > that uses a single IDE/EIDE/ATAPI hard drive can properly handle 24x7 > operations. > The MTBF on brand-name IDE drives is about 800k hours and 1000k hours for scsi. While scsi is more reliable, operations". It depends on how much downtime one can tolerate. While I wouldn't recommend it for an ICU, life-support system, an inexpensive, single-drive system can be perfectly fine in many workgroup/department file server environments. - Paul - From sage-members-owner@usenix.org Tue Feb 1 15:52:06 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11Nq6n3001739 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 15:52:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11Nq6nN001737 for sage-members-outgoing; Tue, 1 Feb 2005 15:52:06 -0800 (PST) Received: from sj-iport-1.cisco.com (sj-iport-1-in.cisco.com [171.71.176.70]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11Nq4n2001723 for ; Tue, 1 Feb 2005 15:52:04 -0800 (PST) Received: from sj-core-2.cisco.com (171.71.177.254) by sj-iport-1.cisco.com with ESMTP; 01 Feb 2005 16:00:50 -0800 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j11Npel2029441; Tue, 1 Feb 2005 15:51:40 -0800 (PST) Received: from cisco.com (dhcp-171-71-41-223.cisco.com [171.71.41.223]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHL21138; Tue, 1 Feb 2005 15:51:41 -0800 (PST) Message-ID: <4200160D.4030700@cisco.com> Date: Tue, 01 Feb 2005 15:51:41 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Brad Knowles CC: Tom Reingold , sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk You can buy some of the small computers for about half the price of the Mac Mini. Although they may not be built for five-nines of reliability, the ones that I've seen *are* built to run continuously and are at least as sturdy (if not as powerful) as a Mac Mini. Most laptops aren't. I wouldn't let that stop you from buying a Mac Mini though - the convenience and other features make it quite attractive - maybe a little *too* attractive. No one else in the house (especially my wife or five year old) is going to co-opt a small, Linux-capable box. A Mac Mini, however, would become "fair game", and I might have to go and buy another server. (:-) - Richard Brad Knowles wrote: > At 5:51 PM -0500 2005-02-01, Tom Reingold wrote: > >> There are also some makers of very small computers, perhaps about the >> size of the new Mac Mini. They're not the fastest, but that's OK. > > > Those weren't designed for 24x7 operation, either. IMO, nothing > that uses a single IDE/EIDE/ATAPI hard drive can properly handle 24x7 > operations. > > Moreover, these are all weaker and more expensive than the Mac > Mini, so if you're bound and determined to go that route, there's not > really any sense in using anything other than a Mac Mini. > From sage-members-owner@usenix.org Tue Feb 1 15:58:00 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11Nw0n3002366 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 15:58:00 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j11Nw08F002364 for sage-members-outgoing; Tue, 1 Feb 2005 15:58:00 -0800 (PST) Received: from azazel.infersys.com (infersys.com [66.159.248.216]) by usenix.org (8.12.10/8.12.10) with ESMTP id j11Nvwn2002359 for ; Tue, 1 Feb 2005 15:57:58 -0800 (PST) Received: by azazel.infersys.com (Postfix, from userid 10001) id 82CD71C05F; Tue, 1 Feb 2005 15:58:08 -0800 (PST) Message-ID: <16896.6031.869138.860492@azazel.infersys.com> Date: Tue, 1 Feb 2005 15:58:07 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: Brad Knowles Cc: Tom Reingold , sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB In-Reply-To: References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> X-Mailer: VM 7.17 under 21.4 (patch 15) "Security Through Obscurity" XEmacs Lucid From: Josh Smith X-Attribution: JBS Organization: Evil Geniuses For A Better Tomorrow Sender: owner-sage-members@usenix.org Precedence: bulk BK == Brad Knowles BK> if you're bound and determined to go that route, there's not really BK> any sense in using anything other than a Mac Mini. Did "that route" mean "small" in this context, or "low-power"? I haven't checked my electric rates yet, but I run a couple of computers to host my mail and web pages, and they're probably sucking a fair amount of power (at least as a percentage of my total usage). When the time comes to replace them, I wouldn't mind trading a performance hit for a drop in power consumption; if this is a wheel that someone's already invented (aside from using old spare laptops that are just lying around, since I don't have any of those), I'd be happy not to have to reinvent it. TSOR doesn't turn up much in the way of retail boxes... -Josh (irilyth@infersys.com) From sage-members-owner@usenix.org Tue Feb 1 16:05:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12051n3003053 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 16:05:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12051Ev003049 for sage-members-outgoing; Tue, 1 Feb 2005 16:05:01 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j1204wn2003044 for ; Tue, 1 Feb 2005 16:04:59 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j1204PAH029234; Tue, 1 Feb 2005 18:04:26 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id SAA08823; Tue, 1 Feb 2005 18:04:23 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Tue, 1 Feb 2005 18:04:23 -0600 (CST) From: Doug Hughes To: Josh Smith cc: Brad Knowles , Tom Reingold , Subject: Re: [SAGE] NAS reviews - 30GB to 45GB In-Reply-To: <16896.6031.869138.860492@azazel.infersys.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, 1 Feb 2005, Josh Smith wrote: > BK == Brad Knowles > > BK> if you're bound and determined to go that route, there's not really > BK> any sense in using anything other than a Mac Mini. > > Did "that route" mean "small" in this context, or "low-power"? > > I haven't checked my electric rates yet, but I run a couple of computers > to host my mail and web pages, and they're probably sucking a fair amount > of power (at least as a percentage of my total usage). When the time comes > to replace them, I wouldn't mind trading a performance hit for a drop in > power consumption; if this is a wheel that someone's already invented > (aside from using old spare laptops that are just lying around, since I > don't have any of those), I'd be happy not to have to reinvent it. TSOR > doesn't turn up much in the way of retail boxes... > via c3 processor consumes 10watts. no fan required. add a low power 40 or 80G ide drive (e.g. maxtor) and a small PS case and micro-atx motherboard (e.g. bookpc - 200W), and you've got a very low power computer. they have 1Ghz at least, perhaps 1.2? (haven't checked in a month or so) From sage-members-owner@usenix.org Tue Feb 1 16:39:52 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j120dpn3009287 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 16:39:52 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j120dpau009286 for sage-members-outgoing; Tue, 1 Feb 2005 16:39:51 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j120dmn3009278 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 16:39:49 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j120dUR1071004; Tue, 1 Feb 2005 19:39:31 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> Date: Wed, 2 Feb 2005 01:39:23 +0100 To: Frank Smith From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: Brad Knowles , sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 5:35 PM -0600 2005-02-01, Frank Smith wrote: > IMO, it depends on what you're using it for, but I have a lot > of single IDE drive servers that have been running for years > without problems. I wouldn't recommend one for a production > database, but I don't see what the issues are for a home > fileserver. IDE drives just weren't designed for that kind of use/abuse. Desktop drives are more able to withstand that sort of thing. In the past, in the case of many types of desktop drives, the only difference between SCSI and IDE was the interface to the host, as the physical HDA is the same. However, on modern drives, the manufacturers frequently cut a lot of corners with IDE drives, and if you want to buy a server-grade model, you have to spend extra -- and you do get a different HDA. Laptop drives are a completely different matter. None of them are server-grade. And these compact SFF machines tend to use the same type of drives that laptops do. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Feb 1 17:12:41 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j121Cfn3010063 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 17:12:41 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j121CfnQ010062 for sage-members-outgoing; Tue, 1 Feb 2005 17:12:41 -0800 (PST) Received: from surfer.rtfs.de (213-239-205-143.clients.your-server.de [213.239.205.143]) by usenix.org (8.12.10/8.12.10) with ESMTP id j121Can3010029 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 17:12:38 -0800 (PST) Received: from surfer.rtfs.de (localhost [127.0.0.1]) by surfer.rtfs.de (8.13.3/8.13.3/Debian-3) with ESMTP id j120X1cr001715 for ; Wed, 2 Feb 2005 01:33:01 +0100 Received: (from bb@localhost) by surfer.rtfs.de (8.13.3/8.13.3/Submit) id j120Wvkv001713 for sage-members@sage.org; Wed, 2 Feb 2005 01:32:57 +0100 Date: Wed, 2 Feb 2005 01:32:57 +0100 From: Gabriel Krabbe To: sage-members@sage.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Message-ID: <20050202003257.GB30986@surfer.rtfs.de> References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> <16896.6031.869138.860492@azazel.infersys.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <16896.6031.869138.860492@azazel.infersys.com> X-Spam-Status: No, score=-2.8 required=3.5 tests=ALL_TRUSTED autolearn=failed version=3.0.2 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on surfer.rtfs.de Sender: owner-sage-members@usenix.org Precedence: bulk On Tue, Feb 01, 2005 at 03:58:07PM -0800, Josh Smith wrote: > [...] > When the time comes to replace them, [...] > TSOR doesn't turn up much in the way of retail boxes... As it happens, gmail ads beside this thread point me to www.logicsupply.com, which might be of interest. Gabe From sage-members-owner@usenix.org Tue Feb 1 17:12:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j121Ckn3010090 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 17:12:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j121CkmL010088 for sage-members-outgoing; Tue, 1 Feb 2005 17:12:46 -0800 (PST) Received: from util302.his.com (util302.his.com [216.194.210.39]) by usenix.org (8.12.10/8.12.10) with ESMTP id j121Cgn3010013 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 17:12:43 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by util302.his.com (8.12.11/8.12.9) with ESMTP id j1219uVg049691 for ; Tue, 1 Feb 2005 20:09:57 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j1217Bqv072084; Tue, 1 Feb 2005 20:07:15 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050201234815.GC2871@igtc.com> References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> <20050201234815.GC2871@igtc.com> Date: Wed, 2 Feb 2005 01:54:11 +0100 To: "Paul M. Moriarty" From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: Brad Knowles , Tom Reingold , sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 3:48 PM -0800 2005-02-01, Paul M. Moriarty wrote: > The MTBF on brand-name IDE drives is about 800k hours and 1000k hours > for scsi. While scsi is more reliable, operations". That may be true for desktop drives. That is not true for laptop drives. And SFF type machines tend to use laptop-type drives. There are no server-grade laptop-type drives. > It depends on how much > downtime one can tolerate. IDE brings its own problems to the table, even when using the exact same sort of HDA as a SCSI drive. Due to the low-level communications protocols involved, IDE is much less effective at server-type of loads, and I believe will result in significantly reduced MTBF, even with the exact same underlying drive hardware. Put IDE together with cheaper drive hardware where they cut every possible corner in order to shave off the last atto-cent, and I think the numbers would go down considerably further. I worked at Imprimis/Seagate for three months as an intern, doing Statistical Quality Control programming. With the kind of testing they do, they could make their statistics claim anything they want. > While I wouldn't recommend it for an ICU, > life-support system, an inexpensive, single-drive system can be perfectly > fine in many workgroup/department file server environments. That might be a suitable approach for machines with desktop-type drives. Certainly, I've used UltraSPARC 5 as production mail servers, but always in a RAIS (Redundant Array of Inexpensive Servers) type of situation. But we're not talking about situations with Desktop-type drives. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Feb 1 17:12:50 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j121Cmn3010102 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 17:12:49 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j121ClNb010099 for sage-members-outgoing; Tue, 1 Feb 2005 17:12:47 -0800 (PST) Received: from util304.his.com (util304.his.com [216.194.210.41]) by usenix.org (8.12.10/8.12.10) with ESMTP id j121Chn3010015 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 17:12:45 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by util304.his.com (8.12.11/8.12.8) with ESMTP id j1219xZi087368 for ; Tue, 1 Feb 2005 20:09:59 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j1217Bqx072084; Tue, 1 Feb 2005 20:07:19 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <4200160D.4030700@cisco.com> References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> <4200160D.4030700@cisco.com> Date: Wed, 2 Feb 2005 02:06:11 +0100 To: Richard Chycoski From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: Brad Knowles , Tom Reingold , sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 3:51 PM -0800 2005-02-01, Richard Chycoski wrote: > You can buy some of the small computers for about half the price of the > Mac Mini. Right, but how do they compare CPU-wise? Disk-wise? Do they include a DVD-ROM or CD-R/RW drive? What are their dimensions? I've been trying to find comparable SFF PCs to take a closer look at, and I haven't found anything. If you know of any that can compare on each of these criteria, or even just most of them, I'd love to hear about them. > Although they may not be built for five-nines of reliability, > the ones that I've seen *are* built to run continuously and are at least > as sturdy (if not as powerful) as a Mac Mini. Most laptops aren't. In my experience, one of the most critical components is the hard drive, and all of these devices tend to use the same sort of 2.5" drives. And there are no server-grade 2.5" drives. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Feb 1 17:31:05 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j121V5n3011621 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 17:31:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j121V5Y5011620 for sage-members-outgoing; Tue, 1 Feb 2005 17:31:05 -0800 (PST) Received: from azazel.infersys.com (infersys.com [66.159.248.216]) by usenix.org (8.12.10/8.12.10) with ESMTP id j121V3n2011615 for ; Tue, 1 Feb 2005 17:31:04 -0800 (PST) Received: by azazel.infersys.com (Postfix, from userid 10001) id 9D1591C05F; Tue, 1 Feb 2005 17:31:14 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <16896.11618.146594.184616@azazel.infersys.com> Date: Tue, 1 Feb 2005 17:31:14 -0800 To: Ok Pa - We Like To Whomp Ether Subject: Re: [SAGE] NAS reviews - 30GB to 45GB In-Reply-To: <20050202003257.GB30986@surfer.rtfs.de> References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> <4200160D.4030700@cisco.com> <16896.6031.869138.860492@azazel.infersys.com> <20050202003257.GB30986@surfer.rtfs.de> X-Mailer: VM 7.17 under 21.4 (patch 15) "Security Through Obscurity" XEmacs Lucid From: Josh Smith X-Attribution: JBS Organization: Evil Geniuses For A Better Tomorrow Sender: owner-sage-members@usenix.org Precedence: bulk GK == Gabriel Krabbe BK == Brad Knowles GK> As it happens, gmail ads beside this thread point me to GK> www.logicsupply.com, which might be of interest. Mm, looks potentially interesting; some systems there with 60W and 80W power supplies anyway. BK> I've been trying to find comparable SFF PCs to take a closer look at, BK> and I haven't found anything. I'm not sure if these are SFF or just low-power or what, but at that site, http://www.logicsupply.com/product_info.php/cPath/29/products_id/112 for example is an 11.5x2.5x10.75 box that says it uses 3.5" hard drives. That's bigger than a miniMac (6.5x2x6.5), but I doubt the miniMac runs in 60W. -Josh (irilyth@infersys.com) From sage-members-owner@usenix.org Tue Feb 1 17:54:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j121s1n3012361 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 17:54:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j121s1Z9012360 for sage-members-outgoing; Tue, 1 Feb 2005 17:54:01 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j121rvn3012355 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 17:53:58 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j121rb7C073899; Tue, 1 Feb 2005 20:53:38 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050202003257.GB30986@surfer.rtfs.de> References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> <16896.6031.869138.860492@azazel.infersys.com> <20050202003257.GB30986@surfer.rtfs.de> Date: Wed, 2 Feb 2005 02:53:27 +0100 To: Gabriel Krabbe From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: sage-members@sage.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 1:32 AM +0100 2005-02-02, Gabriel Krabbe wrote: > As it happens, gmail ads beside this thread point me to www.logicsupply.com, > which might be of interest. Checking them out, and comparing against the Mac Mini (specs at ), I found the 3677 mini-ITX at , which starts at a base price of $359. But to try to bring this up to spec, you have to use the EPIA MII 1.2GHz motherboard (add $69), the 40GB hard drive (add $22), and the Panasonic CW-8123-B Slotloading CD-RW/DVD-R (add $99), and that brings the price up to $549. Even that isn't fully comparable, because the Mac Mini is 6.5" wide by 6.5" deep and 2" high (84.5 total cubic inches), whereas the 3677 is 8.25" by 10.25" by 2.5" (211.405 cubic inches), which makes it more than 2.5 times as large as the Mac Mini. And I'm pretty sure that the CPU on the 3677 in this configuration will be much less powerful than the 1.25GHz Mac Mini, not to mention the Mac Mini includes a much better video card in the ATI Radeon 9200 (with 32MB of DDR SRAM). The 3677 has only the "Integrated VIA Unichrome 2D/3D graphics with MPEG-2 Accelerator". The MPEG-2 accelerator helps here, but the integrated graphics really, really hurt. Checking the other models on this site, I'm not seeing anything else that looks much better than the 3677. Now, if you want to compare name-brand to name-brand, you have to look at something closer to the Hush mini-ITX Fanless PC, which starts at $975 (see ). There are no Mini-ITX systems that can possibly be as small as the Mac Mini, due to the inherent size of the motherboard. The mini-ITX form factor is 17cm by 17cm, which works out to 6.69"x6.69", just for the motherboard alone. And unless you go with no-name brand components, I don't think you're going to find any mini-ITX systems that are anywhere close to the price of the Mac Mini, with anywhere close to the same level of specification. The more I look at this, the more impressed I am by Apple's work in putting together such a machine. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Feb 1 18:01:25 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j1221On3012879 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 18:01:24 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j1221OYO012877 for sage-members-outgoing; Tue, 1 Feb 2005 18:01:24 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j1221Mn3012872 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 18:01:23 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j12213US074157; Tue, 1 Feb 2005 21:01:04 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <16896.11618.146594.184616@azazel.infersys.com> References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> <4200160D.4030700@cisco.com> <16896.6031.869138.860492@azazel.infersys.com> <20050202003257.GB30986@surfer.rtfs.de> <16896.11618.146594.184616@azazel.infersys.com> Date: Wed, 2 Feb 2005 03:00:50 +0100 To: Josh Smith From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: Ok Pa - We Like To Whomp Ether Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 5:31 PM -0800 2005-02-01, Josh Smith wrote: > I'm not sure if these are SFF or just low-power or what, but at that site, > http://www.logicsupply.com/product_info.php/cPath/29/products_id/112 for > example is an 11.5x2.5x10.75 box that says it uses 3.5" hard drives. > That's bigger than a miniMac (6.5x2x6.5), but I doubt the miniMac >runs in 60W. We can do the same comparison here that we did with the 3677. You still need to boost the CPU to the 1.2GHz model (adding $69), and the Panasonic CD-RW/DVD-R drive (adding $99). Add that to $339, and you still come out more expensive than the Mac Mini, with $507. Granted, this system does use 3.5" drives which can be bought in server-grade models, and the 60W power supply does draw slightly less power (the Mac Mini draws a maximum of 85W), but given the much larger size and the higher price for something that comes as close to the same level of specification as the hardware is capable of, I still don't consider this to be comparable. That said, it may very well suit your needs just fine. Just because I don't consider it to be comparable doesn't mean that there aren't jobs that it should be able to do. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Tue Feb 1 18:05:14 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j1225Dn3013146 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 18:05:13 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j1225CfI013140 for sage-members-outgoing; Tue, 1 Feb 2005 18:05:12 -0800 (PST) Received: from azazel.infersys.com (infersys.com [66.159.248.216]) by usenix.org (8.12.10/8.12.10) with ESMTP id j1225Bn2013132 for ; Tue, 1 Feb 2005 18:05:11 -0800 (PST) Received: by azazel.infersys.com (Postfix, from userid 10001) id D3C381C05F; Tue, 1 Feb 2005 18:05:20 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <16896.13662.32171.904065@azazel.infersys.com> Date: Tue, 1 Feb 2005 18:05:18 -0800 To: Ok Pa - We Like To Whomp Ether Subject: Re: [SAGE] NAS reviews - 30GB to 45GB In-Reply-To: References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> <4200160D.4030700@cisco.com> <16896.6031.869138.860492@azazel.infersys.com> <20050202003257.GB30986@surfer.rtfs.de> <16896.11618.146594.184616@azazel.infersys.com> X-Mailer: VM 7.17 under 21.4 (patch 15) "Security Through Obscurity" XEmacs Lucid From: Josh Smith X-Attribution: JBS Organization: Evil Geniuses For A Better Tomorrow Sender: owner-sage-members@usenix.org Precedence: bulk BK == Brad Knowles BK> Granted, this system does use 3.5" drives which can be bought in BK> server-grade models, and the 60W power supply does draw slightly less BK> power (the Mac Mini draws a maximum of 85W), but given the much larger BK> size and the higher price for something that comes as close to the BK> same level of specification as the hardware is capable of, I still BK> don't consider this to be comparable. Ah, I hadn't realized that the Mac only drew 85W. (I looked on their tech specs page, but couldn't find it; it's obvious when I look now though.) I'm not sure how much the 350W power supplies on my current boxes are actually drawing, but I bet either of these options would be lower. I'll check my electric bill and see how much lower. :^) -Josh (irilyth@infersys.com) From sage-members-owner@usenix.org Tue Feb 1 18:46:54 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j122krn3014354 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 18:46:53 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j122kr10014352 for sage-members-outgoing; Tue, 1 Feb 2005 18:46:53 -0800 (PST) Received: from sj-iport-2.cisco.com (sj-iport-2-in.cisco.com [171.71.176.71]) by usenix.org (8.12.10/8.12.10) with ESMTP id j122kpn2014347 for ; Tue, 1 Feb 2005 18:46:52 -0800 (PST) Received: from sj-core-5.cisco.com (171.71.177.238) by sj-iport-2.cisco.com with ESMTP; 01 Feb 2005 18:53:44 -0800 Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id j122kRF1021346; Tue, 1 Feb 2005 18:46:28 -0800 (PST) Received: from cisco.com (sjc-vpn2-489.cisco.com [10.21.113.233]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHL33274; Tue, 1 Feb 2005 18:46:20 -0800 (PST) Message-ID: <42003EF8.4040805@cisco.com> Date: Tue, 01 Feb 2005 18:46:16 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Brad Knowles CC: Gabriel Krabbe , sage-members@sage.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> <16896.6031.869138.860492@azazel.infersys.com> <20050202003257.GB30986@surfer.rtfs.de> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Yes, it really does depend on the job that you want it to do. My current Linux server is a 333 MHz K6, and it serves DNS, Web, and SMB files, and is my controlled gateway. It's actually plenty powerful enough for the task, but it is more power hungry than some of the simple boxes that I might replace it with. I don't need fancy video or lots of CPU - I put that in my workstations, not in my server. I have been considering adding other functions that might start chewing up CPU, so may move over to a 1.8GHz Celeron machine that I've been experimenting with - the Celeron isn't particularly power hungry, but I haven't measured it yet to determine how un-hungry it is. If I add IP telephony and MythTV into the equation, I may have to pay the price of higher power bills - but I'll do it with my eyes open. My main purpose in this discussion is to make sure that people become aware of the tradeoffs that they're making - don't buy more machine unless you want to, be aware of what you're paying for utilities and how much your machines actually draw from the outlet, and figure out how to justify the costs with your spouse/parents/parole officer. All of this work will pay off when you receive the power and credit card bills without an accomanying occurrence of myocardial infarction. I believe that people should be allowed to spend their own money as they see fit. Some people prefer form over function - to the detriment of their bank accounts, but that's their choice! I'm a function-before-form person, but I do appreciate the needs and benefits of including form as a design goal for a computing environment, as long as it's not at the top of the list. Your spouse (and mine :-) may disagree... I think by now you can probably guess that I have a *slightly* analytical nature. But that's a common thing for people on this list. (:-) - Richard Brad Knowles wrote: > At 1:32 AM +0100 2005-02-02, Gabriel Krabbe wrote: > >> As it happens, gmail ads beside this thread point me to >> www.logicsupply.com, >> which might be of interest. > > > Checking them out, and comparing against the Mac Mini (specs at > ), I found the 3677 mini-ITX > at > , > which starts at a base price of $359. But to try to bring this up to > spec, you have to use the EPIA MII 1.2GHz motherboard (add $69), the > 40GB hard drive (add $22), and the Panasonic CW-8123-B Slotloading > CD-RW/DVD-R (add $99), and that brings the price up to $549. > > Even that isn't fully comparable, because the Mac Mini is 6.5" > wide by 6.5" deep and 2" high (84.5 total cubic inches), whereas the > 3677 is 8.25" by 10.25" by 2.5" (211.405 cubic inches), which makes it > more than 2.5 times as large as the Mac Mini. > > And I'm pretty sure that the CPU on the 3677 in this configuration > will be much less powerful than the 1.25GHz Mac Mini, not to mention > the Mac Mini includes a much better video card in the ATI Radeon 9200 > (with 32MB of DDR SRAM). The 3677 has only the "Integrated VIA > Unichrome 2D/3D graphics with MPEG-2 Accelerator". The MPEG-2 > accelerator helps here, but the integrated graphics really, really hurt. > > Checking the other models on this site, I'm not seeing anything > else that looks much better than the 3677. > > > Now, if you want to compare name-brand to name-brand, you have to > look at something closer to the Hush mini-ITX Fanless PC, which starts > at $975 (see > ). > > > There are no Mini-ITX systems that can possibly be as small as the > Mac Mini, due to the inherent size of the motherboard. The mini-ITX > form factor is 17cm by 17cm, which works out to 6.69"x6.69", just for > the motherboard alone. > > And unless you go with no-name brand components, I don't think > you're going to find any mini-ITX systems that are anywhere close to > the price of the Mac Mini, with anywhere close to the same level of > specification. > > > The more I look at this, the more impressed I am by Apple's work > in putting together such a machine. > From sage-members-owner@usenix.org Tue Feb 1 19:00:33 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j1230Wn3014931 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 19:00:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j1230WXH014930 for sage-members-outgoing; Tue, 1 Feb 2005 19:00:32 -0800 (PST) Received: from bolthole.com (bolthole.com [192.220.72.215]) by usenix.org (8.12.10/8.12.10) with ESMTP id j1230Vn2014925 for ; Tue, 1 Feb 2005 19:00:31 -0800 (PST) Received: (qmail 74379 invoked by uid 18647); 2 Feb 2005 03:00:12 -0000 Date: Tue, 1 Feb 2005 19:00:11 -0800 From: Philip Brown To: SAGE-Members Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices Message-ID: <20050201190011.A67754@bolthole.com> Mail-Followup-To: SAGE-Members References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from Scott.Carlson@schwab.com on Fri, Jan 28, 2005 at 08:05:56AM -0800 Sender: owner-sage-members@usenix.org Precedence: bulk On Fri, Jan 28, 2005 at 08:05:56AM -0800, Carlson, Scott wrote: > 1. Create a subdirectory /us/home/scott.carlson/unixhome > 2. Modify Active Directory so that the ldap attribute "homedir" = > /us/home/scott.carlson/unixhome >[...PAM...] > > a) query LDAP for my home directory > b) executes mount /home/scott.carlson -> > /us/home/scott.carlson/unixhome > c) puts me in /home/scott.carlson since you mention a pam module... first of all, I thought there were existing PAM modules that simplify unix/windows login integration. Free ones, not the apparently commercial ones you mentioned, btw. Secondly... you should be able to tweak an open source PAM module to query the AD ldap for the users home dir, without all the other stuff you had there, that I snipped... OR... you could just LDAPify your automount maps like you should have done already :-) That is to say: you mentioned "keeping 200 automount maps updated" or something like that. Sounds like you're rdisting /etc/auto.home or equivalent. Quit doing that! :-) use LDAP in nsswitch.conf for automount information. Then update the central LDAP info at the same time you update the AD home directory info. From sage-members-owner@usenix.org Tue Feb 1 19:25:12 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j123PCn3015735 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 19:25:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j123PCqS015734 for sage-members-outgoing; Tue, 1 Feb 2005 19:25:12 -0800 (PST) Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by usenix.org (8.12.10/8.12.10) with ESMTP id j123PAn2015729 for ; Tue, 1 Feb 2005 19:25:10 -0800 (PST) Received: from sj-core-3.cisco.com (171.68.223.137) by sj-iport-4.cisco.com with ESMTP; 01 Feb 2005 19:25:09 -0800 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-3.cisco.com (8.12.10/8.12.6) with ESMTP id j123OkPA027399; Tue, 1 Feb 2005 19:24:46 -0800 (PST) Received: from cisco.com (sjc-vpn2-489.cisco.com [10.21.113.233]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHL35482; Tue, 1 Feb 2005 19:24:42 -0800 (PST) Message-ID: <420047F0.5060404@cisco.com> Date: Tue, 01 Feb 2005 19:24:32 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Philip Brown CC: SAGE-Members Subject: Re: [SAGE] Looking for Open Source DFS Client for Unices References: <20050201190011.A67754@bolthole.com> In-Reply-To: <20050201190011.A67754@bolthole.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk It depends on how much Active Directory integration that you want. Take a look at www.openldap.com. It's not too difficult if you just want LDAP authentication - much more work if you want full AD (Kerberised LDAP) - but mostly doable. Beware automounter - it doesn't actually *use* the Name Service Switch. It does look at the /etc/nsswitch.conf file, but not all of the options available in NSS are valid for automount. - Richard Philip Brown wrote: >On Fri, Jan 28, 2005 at 08:05:56AM -0800, Carlson, Scott wrote: > > >>1. Create a subdirectory /us/home/scott.carlson/unixhome >>2. Modify Active Directory so that the ldap attribute "homedir" = >>/us/home/scott.carlson/unixhome >>[...PAM...] >> >> a) query LDAP for my home directory >> b) executes mount /home/scott.carlson -> >>/us/home/scott.carlson/unixhome >> c) puts me in /home/scott.carlson >> >> > >since you mention a pam module... first of all, I thought there were >existing PAM modules that simplify unix/windows login integration. >Free ones, not the apparently commercial ones you mentioned, btw. > >Secondly... you should be able to tweak an open source PAM module >to query the AD ldap for the users home dir, without all the other stuff >you had there, that I snipped... > >OR... you could just LDAPify your automount maps like you should have done >already :-) > >That is to say: you mentioned "keeping 200 automount maps updated" > or something like that. >Sounds like you're rdisting /etc/auto.home or equivalent. >Quit doing that! :-) use LDAP in nsswitch.conf for automount information. >Then update the central LDAP info at the same time you update the >AD home directory info. > > > From sage-members-owner@usenix.org Tue Feb 1 19:28:17 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j123SHn3015972 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 19:28:17 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j123SHYf015971 for sage-members-outgoing; Tue, 1 Feb 2005 19:28:17 -0800 (PST) Received: from kira.monsoonwind.com ([198.144.196.116]) by usenix.org (8.12.10/8.12.10) with ESMTP id j123SFn2015962 for ; Tue, 1 Feb 2005 19:28:15 -0800 (PST) Received: from hamner.monsoonwind.com (hamner.monsoonwind.com [192.168.128.2]) by kira.monsoonwind.com (8.12.10/8.12.9) with ESMTP id j123XoB9001134 for ; Wed, 2 Feb 2005 03:33:50 GMT Received: from ssl.monsoonwind.com (localhost [127.0.0.1]) by hamner.monsoonwind.com (8.12.9/8.12.9) with ESMTP id j123RsnE030677 for ; Wed, 2 Feb 2005 03:27:54 GMT Received: from 192.55.4.36 (SquirrelMail authenticated user lanning); by ssl.monsoonwind.com with HTTP; Tue, 1 Feb 2005 19:27:54 -0800 (PST) Message-ID: <55994.192.55.4.36.1107314874.squirrel@192.55.4.36> Date: Tue, 1 Feb 2005 19:27:54 -0800 (PST) Subject: Re: [SAGE] (mildly OT) wireless SMS interconnects From: "Robert Hajime Lanning" To: sage-members@sage.org User-Agent: SquirrelMail/1.5.1 [CVS] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Spam-Score: 0.704 () PRIORITY_NO_NAME X-Scanned-By: MIMEDefang 2.39 Sender: owner-sage-members@usenix.org Precedence: bulk > Friend of mine is working on a project to offer a unified > interface to the various carrier-specific SMS networks > (as well as some other wireless networks, like Mobil's > Speedpass, wireless toll highway services like PikePass, etc.), > and I told him I'd ask around here and see what kind of > resources folks were aware of on this topic. I'm sure the > available documentation is limited, at best; I'm hoping for > better results from the wealth of personal experience on this > list. > > Anybody worked with SMS interconnects between carriers before? > The only part of that network I've touched has been when I've > been doing SMTP -> SMS stuff. Take a look at http://www.mblox.com/ (Used to be MobileSys.) They give you an application and an API, that ties into their network. Their network has all the dedicated connections to all the SMS networks that they can negotiate a contract with. I was looking at their service back when they were MobileSys. I know Cisco was (maybe still is) using them. A vendor signs in at the lobby and an SMS is sent to the party they are meeting with. -- END OF LINE -MCP From sage-members-owner@usenix.org Tue Feb 1 21:43:35 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j125hZn3018485 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 1 Feb 2005 21:43:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j125hYoZ018484 for sage-members-outgoing; Tue, 1 Feb 2005 21:43:34 -0800 (PST) Received: from smtp1.utdallas.edu (smtp1.utdallas.edu [129.110.10.12]) by usenix.org (8.12.10/8.12.10) with ESMTP id j125hSn2018479 for ; Tue, 1 Feb 2005 21:43:33 -0800 (PST) Received: from [192.168.0.101] (utdvpn084066.utdallas.edu [129.110.84.66]) by smtp1.utdallas.edu (Postfix) with ESMTP id F1BF0388E45 for ; Tue, 1 Feb 2005 23:43:06 -0600 (CST) Message-ID: <420068F3.7000901@utdallas.edu> Date: Tue, 01 Feb 2005 23:45:23 -0600 From: Amos User-Agent: Mozilla Thunderbird 1.0 (Macintosh/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@sage.org Subject: [SAGE] Meridius Security Gateway by Bluecat Networks? Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Anybody here ever play with the Meridius Security Gateway by Bluecat Networks? Amos From sage-members-owner@usenix.org Wed Feb 2 03:31:11 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12BVAn3021378 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 03:31:11 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12BVASG021376 for sage-members-outgoing; Wed, 2 Feb 2005 03:31:10 -0800 (PST) Received: from g2.mental.com (root@entrance.mental.com [192.31.14.10]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12BV7n3021366 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Wed, 2 Feb 2005 03:31:09 -0800 (PST) Received: from mental.com (root@twen.mi [172.16.0.5]) by g2.mental.com (8.13.0/8.13.0/Lobo-041220) with ESMTP id j12BUjlJ015355 for ; Wed, 2 Feb 2005 12:30:45 +0100 (CET) Received: from mental.com (lobo@localhost [127.0.0.1]) by mental.com (8.13.0/8.13.0/Lobo-040825) with ESMTP id j12BUj0h012457 for ; Wed, 2 Feb 2005 12:30:45 +0100 (MET) X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB In-reply-to: Brad Knowles's message of Wed, 02 Feb 2005 01:39:23 +0100 Organization: mental images GmbH, Berlin, Germany Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 02 Feb 2005 12:30:45 +0100 Message-ID: <12456.1107343845@mental.com> From: Alexander Lobodzinski Sender: owner-sage-members@usenix.org Precedence: bulk () However, on modern drives, the manufacturers frequently cut a lot () of corners with IDE drives, and if you want to buy a server-grade () model, you have to spend extra -- and you do get a different HDA. Right, server-grade disks are designed that they last longest if run 24x7 while desktop-grade disks are designed not to run all the time (some even have parking tracks that clean the head). So what ought to be done with laptop drives in any case and most if not all IDE drives is powering them down when not in use. E.g. OpenBSD's atactl standby 60 will make the spindle stop when not used for a minute (adjust to your needs). The few seconds to spin up should be tolerable on the home servers we are talking about. Ciao, Lobo From sage-members-owner@usenix.org Wed Feb 2 05:30:00 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12DU0n3023037 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 05:30:00 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12DU0Wt023036 for sage-members-outgoing; Wed, 2 Feb 2005 05:30:00 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12DTvn3023031 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 05:29:58 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j12DTLHm018979; Wed, 2 Feb 2005 08:29:38 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <16896.13662.32171.904065@azazel.infersys.com> References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> <4200160D.4030700@cisco.com> <16896.6031.869138.860492@azazel.infersys.com> <20050202003257.GB30986@surfer.rtfs.de> <16896.11618.146594.184616@azazel.infersys.com> <16896.13662.32171.904065@azazel.infersys.com> Date: Wed, 2 Feb 2005 14:27:57 +0100 To: Josh Smith From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: Ok Pa - We Like To Whomp Ether Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 6:05 PM -0800 2005-02-01, Josh Smith wrote: > Ah, I hadn't realized that the Mac only drew 85W. (I looked on their tech > specs page, but couldn't find it; it's obvious when I look now though.) I imagine that a lot of the draw comes from the video card and the CD-RW/DVD-R combo drive, especially when used in CD-R/RW mode. The actual draw will probably be a lot less for applications that do not make much use of these devices. > I'm not sure how much the 350W power supplies on my current boxes are > actually drawing, but I bet either of these options would be lower. I'll > check my electric bill and see how much lower. :^) It would be interesting to measure your actual current draw, and then compare that to what you might get with other systems, and see how fast they might pay for themselves. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Wed Feb 2 05:30:31 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12DUUn3023098 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 05:30:31 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12DUUQk023097 for sage-members-outgoing; Wed, 2 Feb 2005 05:30:30 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12DURn3023088 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 05:30:27 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j12DTLHk018979; Wed, 2 Feb 2005 08:29:36 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <12456.1107343845@mental.com> References: <12456.1107343845@mental.com> Date: Wed, 2 Feb 2005 14:25:24 +0100 To: Alexander Lobodzinski From: Brad Knowles Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Cc: sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 12:30 PM +0100 2005-02-02, Alexander Lobodzinski wrote: > E.g. OpenBSD's atactl standby 60 will make the spindle > stop when not used for a minute (adjust to your needs). The few > seconds to spin up should be tolerable on the home servers we are > talking about. I'm not convinced that this would help most home servers. With an MTA, syslog, web server, DNS, DHCP server, and everything else running on there, I doubt that the drive will ever be idle long enough to be spun down. If you were a dataless client, where the disk was only used to store the OS on boot, and after boot all I/O was done across the network, that kind of solution might be useful. But I don't think it would help most home servers. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Wed Feb 2 08:58:07 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Gw6n3026720 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 08:58:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12Gw6IV026719 for sage-members-outgoing; Wed, 2 Feb 2005 08:58:06 -0800 (PST) Received: from mail814.megamailservers.com (mail814.carrierinternetsolutions.com [69.49.106.24]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Gw4n3026713 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 08:58:05 -0800 (PST) X-Authenticated-User: leonvs.covad.net Received: from [192.168.1.4] (h-67-101-0-63.sttnwaho.dynamic.covad.net [67.101.0.63]) (authenticated bits=0) by mail814.megamailservers.com (8.13.1/8.13.1) with ESMTP id j12GvfGc021243; Wed, 2 Feb 2005 11:57:42 -0500 In-Reply-To: References: Mime-Version: 1.0 (Apple Message framework v619.2) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit Cc: SAGE-Members Members From: Leon Towns-von Stauber Subject: Re: [SAGE] NEXTSTEP for NeXT slab Date: Wed, 2 Feb 2005 08:57:30 -0800 To: Jesse Trucks X-Mailer: Apple Mail (2.619.2) Sender: owner-sage-members@usenix.org Precedence: bulk > Does anyone know where I could find a copy of the newest NEXTSTEP for > the NeXT hardware? I think it is NS4.x, but I may be mistaken. I have > a NeXT Workstation that I would like to update and get online. eBay? There are a couple of copies of 3.3 out there right now, but no 4.2 that I could see. Tip: Search for both "nextstep" and "openstep", as the name changed when going to 4.x. _____________________________________________________________ Leon Towns-von Stauber http://www.occam.com/leonvs/ "We have not come to save you, but you will not die in vain!" From sage-members-owner@usenix.org Wed Feb 2 10:28:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12ISjn3028745 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 10:28:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12ISjSN028744 for sage-members-outgoing; Wed, 2 Feb 2005 10:28:45 -0800 (PST) Received: from e-c-group.com (mail.e-c-group.com [216.128.192.246]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12ISZn2028739 for ; Wed, 2 Feb 2005 10:28:40 -0800 (PST) Received: from [216.128.150.156] (account lindsey [216.128.150.156] verified) by e-c-group.com (CommuniGate Pro SMTP 4.2.6) with ESMTP id 24545476; Wed, 02 Feb 2005 13:28:15 -0500 Received-SPF: none receiver=e-c-group.com; client-ip=216.128.150.156; envelope-from=lindsey@acm.org In-Reply-To: References: <20050201105841.8935A9B282@shamet.verizon.net> <41FFC88B.1090706@cisco.com> <420007EB.2080101@whatexit.org> Mime-Version: 1.0 (Apple Message framework v619) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <35C9B314-7548-11D9-AD94-0003937621C6@acm.org> Content-Transfer-Encoding: 7bit Cc: Frank Smith , sage-members@usenix.org From: "Mark R. Lindsey" Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Date: Wed, 2 Feb 2005 13:28:18 -0500 To: Brad Knowles X-Mailer: Apple Mail (2.619) Sender: owner-sage-members@usenix.org Precedence: bulk On Feb 1, 2005, at 7:39 PM, Brad Knowles wrote: > > IDE drives just weren't designed for that kind of use/abuse. > ... > IDE brings its own problems to the table, even when using the exact > same sort of HDA as a SCSI drive. Due to the low-level communications > protocols involved, IDE is much less effective at server-type of > loads, and I believe will result in significantly reduced MTBF, even > with the exact same underlying drive hardware. I've heard this about IDE drives a long time. Anecdotes bear it out. Are there any published studies that confirm this? From sage-members-owner@usenix.org Wed Feb 2 10:37:09 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Ib8n3029327 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 10:37:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12Ib89p029326 for sage-members-outgoing; Wed, 2 Feb 2005 10:37:08 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Ib7n2029317 for ; Wed, 2 Feb 2005 10:37:07 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j12Iansb022310 for ; Wed, 2 Feb 2005 13:36:49 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j12IamTo022304 for ; Wed, 2 Feb 2005 13:36:48 -0500 (EST) Date: Wed, 2 Feb 2005 13:36:48 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: [SAGE] Oracle over NAS Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk Ok, it's that time again. This subject has gone around and around, at least in our office. We're looking at upgrading our Oracle hardware, and since we've got a NetApp, we have the option of switching from SAN architecture to NAS. The Oracle machine is the only thing on SAN -- everything else is NAS. Does anyone have any horror stories or accolades for Oracle over NAS? A few more details: In our shop, Solaris version is 8, Oracle will be upgraded to 9i RAC (currently just 9i). Hardware will be SunFire V490 servers (probably three 2-cpu machines). The NAS is a NetApp FAS960c. Everything will run over gigabit through a Cisco switch. While I expect that NAS will not be as fast as SAN, I still think we can get trunking to increase reliability and speed, and the overhead and complexity will be greatly reduced (we don't use Veritas file systems right now, and would really have to if we wanted clustered, dynamic multipathing SAN connections). Thoughts? Thanks much, -Adam From sage-members-owner@usenix.org Wed Feb 2 10:48:25 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12ImPn3000005 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 10:48:25 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12ImPtd029999 for sage-members-outgoing; Wed, 2 Feb 2005 10:48:25 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12ImMn2029994 for ; Wed, 2 Feb 2005 10:48:22 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j12Im1AH029207; Wed, 2 Feb 2005 12:48:01 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id MAA09437; Wed, 2 Feb 2005 12:47:58 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Wed, 2 Feb 2005 12:47:58 -0600 (CST) From: Doug Hughes To: "Mark R. Lindsey" cc: Brad Knowles , Frank Smith , Subject: Re: [SAGE] NAS reviews - 30GB to 45GB In-Reply-To: <35C9B314-7548-11D9-AD94-0003937621C6@acm.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, Mark R. Lindsey wrote: > > On Feb 1, 2005, at 7:39 PM, Brad Knowles wrote: > > > > > IDE drives just weren't designed for that kind of use/abuse. > > > ... > > IDE brings its own problems to the table, even when using the exact > > same sort of HDA as a SCSI drive. Due to the low-level communications > > protocols involved, IDE is much less effective at server-type of > > loads, and I believe will result in significantly reduced MTBF, even > > with the exact same underlying drive hardware. > > I've heard this about IDE drives a long time. Anecdotes bear it out. > Are there any published studies that confirm this? > also bear in mind that any modern IDE nas/raid type box is going to have one ide channel per device, removing most of the bus negotiation overhead (not true for standalone devices with 2 disks per bus). On the other hand mosts SCSI raids have 3-4 devices per bus because of the additional expense of adding the additional smart bus controllers. So, it's not so straight forward to compare communications overhead in that context. The IDE single device, single controller communications overhead is pretty low (and will even beat SCSI in many situations - you get in trouble when you need to do multiple disks. SCSI scales better) From sage-members-owner@usenix.org Wed Feb 2 11:04:51 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12J4on3000806 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:04:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12J4ofX000805 for sage-members-outgoing; Wed, 2 Feb 2005 11:04:50 -0800 (PST) Received: from cliff.niehs.nih.gov (cliff.niehs.nih.gov [157.98.192.45]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12J4mn2000798 for ; Wed, 2 Feb 2005 11:04:49 -0800 (PST) Received: from cliff.niehs.nih.gov (localhost.localdomain [127.0.0.1]) by cliff.niehs.nih.gov (8.12.11/8.12.11/tx-1.16) with ESMTP id j12J4Qdc023127; Wed, 2 Feb 2005 14:04:26 -0500 Received: from splat.niehs.nih.gov (ip071023.niehs.nih.gov [157.98.71.23]) by cliff.niehs.nih.gov (8.12.11/8.12.11/rx-1.12) with ESMTP id j12J4POW023122; Wed, 2 Feb 2005 14:04:26 -0500 Received: from [157.98.71.23] (ip071023.niehs.nih.gov [157.98.71.23]) (authenticated bits=0) by splat.niehs.nih.gov (8.12.11/8.12.11) with ESMTP id j12J4PR5013471 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 2 Feb 2005 14:04:25 -0500 Message-ID: <42012439.4030602@niehs.nih.gov> Date: Wed, 02 Feb 2005 14:04:25 -0500 From: "Lance A. Brown" User-Agent: Mozilla Thunderbird 1.0 (X11/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Adam Levin CC: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS References: In-Reply-To: X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Adam Levin wrote: > Does anyone have any horror stories or accolades for Oracle over NAS? I have been running Oracle 8i and Oracle 9i over Gigabit NFS to a NetApp F820 and now an FAS940 with great success. The Oracle servers are currently Dell PowerEdge 6450s running Red Hat Enterprise Linux. They were hot boxes when we bought them several years ago but are showing their age now so we are migrating to IBM pSeries systems. We are neither an OLTP or large data warehousing shop, but have a gaggle of small to medium size Oracle instances (max size aroudn 120GB). Putting the Oracle datafiles on the netapp has made our lives *much* simpler; 60 second hot backups, from start to finish, is nice. :-) --[Lance] -- Lance A. Brown Contractor, SysAdmin Task of the LMIT ITSS Contract for National Institute of Environmental Health Sciences 919.361.5444x420 From sage-members-owner@usenix.org Wed Feb 2 11:12:39 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JCcn3001092 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:12:39 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JCceC001091 for sage-members-outgoing; Wed, 2 Feb 2005 11:12:38 -0800 (PST) Received: from metro.dst.or.us (pyrite.metro-region.org [67.138.101.226]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JCan2001084 for ; Wed, 2 Feb 2005 11:12:36 -0800 (PST) Received: from [192.168.70.36] (ironside [192.168.70.36]) by metro.dst.or.us; Wed, 02 Feb 2005 11:11:58 -0800 Message-ID: <420125FE.3050306@metro.dst.or.us> Date: Wed, 02 Feb 2005 11:11:58 -0800 From: John Miller User-Agent: Mozilla Thunderbird 0.9 (X11/20041103) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Adam Levin CC: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Adam Levin wrote: > Does anyone have any horror stories or accolades for Oracle over NAS? > > A few more details: > In our shop, Solaris version is 8, Oracle will be upgraded to 9i RAC > (currently just 9i). Hardware will be SunFire V490 servers (probably > three 2-cpu machines). The NAS is a NetApp FAS960c. Everything will > run over gigabit through a Cisco switch. Here we go again.. :^) We have had various Oracles from various O/S all using NAS, currently O9i on Redhat ES and 8i on HPUX, through switches like you say. Previously we had a dedicated I/F on the filer - private network crossover to an Oracle server. We now have multiple oracle servers, so we don't do that, but we could set up a private switched network just for the Oracles & Filer. Kind of like a SAN. :^O No need to have that traffic on you core network unless it can handle it. Add some gig interfaces to your filer and Sunfires for this purpose. John Miller http://www.metro-region.org From sage-members-owner@usenix.org Wed Feb 2 11:20:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JKXn3001859 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:20:34 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JKXHI001858 for sage-members-outgoing; Wed, 2 Feb 2005 11:20:33 -0800 (PST) Received: from sls-ce5p311.hostitnow.com (ns1.hostitnow.com [209.152.181.224]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JKVn3001853 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:20:32 -0800 (PST) Received: from [168.99.2.173] (helo=[127.0.0.1]) by sls-ce5p311.hostitnow.com with esmtpa (Exim 4.44) id 1CwQ2q-0007y5-TJ for sage-members@sage.org; Wed, 02 Feb 2005 14:20:10 -0500 Message-ID: <420127DB.9060206@wa-geek.net> Date: Wed, 02 Feb 2005 11:19:55 -0800 From: Amanda Emily Reply-To: aemily@esd101.net User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE mailing list Subject: [SAGE] Looking for network management/status software Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - sls-ce5p311.hostitnow.com X-AntiAbuse: Original Domain - sage.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - wa-geek.net X-Source: X-Source-Args: X-Source-Dir: Sender: owner-sage-members@usenix.org Precedence: bulk One of the school districts in my region has asked for suggestions for network managment software that is free or reasonably priced from the stand point of a small rural school district. Basically right now, all their sysadmin wants to do is to be notifed if a service goes down, but he doesn't need something that is overkill or hard to use (i.e. OpenView and friends). I've done some research on Google for apps, but I would like to hear any suggestions as to what to try, run away from, etc? Thanks, Amanda -- Amanda L. Emily | Educational Service District 101 Information Technology Analyst | 4202 South Regal, Spokane, WA 99223 aemily@esd101.net | http://www.esd101.net From sage-members-owner@usenix.org Wed Feb 2 11:25:29 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JPTn3002373 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:25:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JPSYG002372 for sage-members-outgoing; Wed, 2 Feb 2005 11:25:28 -0800 (PST) Received: from ace.DELOS.COM (ace.DELOS.COM [192.65.171.163]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JPQn3002365 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:25:27 -0800 (PST) Received: from ace.DELOS.COM (localhost [127.0.0.1]) by ace.DELOS.COM (8.12.9/8.12.9) with ESMTP id j12JP0JI063316 for ; Wed, 2 Feb 2005 12:25:00 -0700 (MST) (envelope-from kolstad@ace.DELOS.COM) Received: (from kolstad@localhost) by ace.DELOS.COM (8.12.9/8.12.9/Submit) id j12JP0Ti063313 for sage-members@usenix.org; Wed, 2 Feb 2005 12:25:00 -0700 (MST) Received: from uscimplm003.ugs.com (uscimplm003.ugs.com [146.122.145.23]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JOYn2002307 for ; Wed, 2 Feb 2005 11:24:34 -0800 (PST) X-MimeOLE: Produced By Microsoft Exchange V6.0.6529.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [SAGE] Looking for network management/status software Date: Wed, 2 Feb 2005 14:24:06 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [SAGE] Looking for network management/status software Thread-Index: AcUJXFijWynvhk4oQUKnXZe9JUtY7AAABnyA From: "Langford, Kenneth" To: , "SAGE mailing list" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by usenix.org id j12JOYn2002312 Sender: owner-sage-members@usenix.org Precedence: bulk Amanda, The product you are looking for sounds like Big Brother. http://www.bb4.org/ Ken, -----Original Message----- From: owner-sage-members@usenix.org [mailto:owner-sage-members@usenix.org] On Behalf Of Amanda Emily Sent: Wednesday, February 02, 2005 2:20 PM To: SAGE mailing list Subject: [SAGE] Looking for network management/status software One of the school districts in my region has asked for suggestions for network managment software that is free or reasonably priced from the stand point of a small rural school district. Basically right now, all their sysadmin wants to do is to be notifed if a service goes down, but he doesn't need something that is overkill or hard to use (i.e. OpenView and friends). I've done some research on Google for apps, but I would like to hear any suggestions as to what to try, run away from, etc? Thanks, Amanda -- Amanda L. Emily | Educational Service District 101 Information Technology Analyst | 4202 South Regal, Spokane, WA 99223 aemily@esd101.net | http://www.esd101.net From sage-members-owner@usenix.org Wed Feb 2 11:29:30 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JTTn3002871 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:29:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JTTmC002867 for sage-members-outgoing; Wed, 2 Feb 2005 11:29:29 -0800 (PST) Received: from kira.monsoonwind.com ([198.144.196.116]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JTRn2002845 for ; Wed, 2 Feb 2005 11:29:27 -0800 (PST) Received: from hamner.monsoonwind.com (hamner.monsoonwind.com [192.168.128.2]) by kira.monsoonwind.com (8.12.10/8.12.9) with ESMTP id j12JZ7B9026818 for ; Wed, 2 Feb 2005 19:35:07 GMT Received: from ssl.monsoonwind.com (localhost [127.0.0.1]) by hamner.monsoonwind.com (8.12.9/8.12.9) with ESMTP id j12JT5nE011281 for ; Wed, 2 Feb 2005 19:29:05 GMT Received: from 192.55.4.36 (SquirrelMail authenticated user lanning); by ssl.monsoonwind.com with HTTP; Wed, 2 Feb 2005 11:29:05 -0800 (PST) Message-ID: <19611.192.55.4.36.1107372545.squirrel@192.55.4.36> In-Reply-To: <420127DB.9060206@wa-geek.net> References: <420127DB.9060206@wa-geek.net> Date: Wed, 2 Feb 2005 11:29:05 -0800 (PST) Subject: Re: [SAGE] Looking for network management/status software From: "Robert Hajime Lanning" To: sage-members@sage.org User-Agent: SquirrelMail/1.5.1 [CVS] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Spam-Score: 0.704 () PRIORITY_NO_NAME X-Scanned-By: MIMEDefang 2.39 Sender: owner-sage-members@usenix.org Precedence: bulk > One of the school districts in my region has asked for > suggestions for network managment software that is free > or reasonably priced from the stand point of a small > rural school district. > > Basically right now, all their sysadmin wants to do is > to be notifed if a service goes down, but he doesn't > need something that is overkill or hard to use (i.e. > OpenView and friends). > > I've done some research on Google for apps, but I would > like to hear any suggestions as to what to try, run away > from, etc? Well, these are two that I have looked into: http://www.bb4.org/ http://www.nagios.org/ Personaly I am leaning towards Nagios. -- END OF LINE -MCP From sage-members-owner@usenix.org Wed Feb 2 11:32:49 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JWnn3003244 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:32:49 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JWn3J003237 for sage-members-outgoing; Wed, 2 Feb 2005 11:32:49 -0800 (PST) Received: from tigris.renesys.com (tigris.renesys.com [69.84.130.136]) by usenix.org (8.12.10/8.12.10) with SMTP id j12JWln2003231 for ; Wed, 2 Feb 2005 11:32:47 -0800 (PST) Received: (qmail 8985 invoked from network); 2 Feb 2005 19:32:29 -0000 Received: from localhost (HELO ?10.128.0.100?) (127.0.0.1) by tigris.renesys.com with SMTP; 2 Feb 2005 19:32:29 -0000 Message-ID: <42012ACB.6000000@cnetwork.com> Date: Wed, 02 Feb 2005 14:32:27 -0500 From: Robert Haskins User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE mailing list Subject: Re: [SAGE] Looking for network management/status software References: <420127DB.9060206@wa-geek.net> In-Reply-To: <420127DB.9060206@wa-geek.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk I would suggest Nagios (http://www.nagios.org/), though there are others that may work for you too. Good luck! Amanda Emily wrote: > One of the school districts in my region has asked for suggestions for > network managment software that is free or reasonably priced from the > stand point of a small rural school district. > > Basically right now, all their sysadmin wants to do is to be notifed if > a service goes down, but he doesn't need something that is overkill or > hard to use (i.e. OpenView and friends). > > I've done some research on Google for apps, but I would like to hear any > suggestions as to what to try, run away from, etc? > > Thanks, > Amanda > From sage-members-owner@usenix.org Wed Feb 2 11:34:22 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JYMn3003475 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:34:22 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JYLW8003472 for sage-members-outgoing; Wed, 2 Feb 2005 11:34:21 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JYJn2003452 for ; Wed, 2 Feb 2005 11:34:20 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j12JY24J005853 for ; Wed, 2 Feb 2005 14:34:02 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j12JY2f1005849 for ; Wed, 2 Feb 2005 14:34:02 -0500 (EST) Date: Wed, 2 Feb 2005 14:34:02 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: <42012439.4030602@niehs.nih.gov> Message-ID: References: <42012439.4030602@niehs.nih.gov> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, Lance A. Brown wrote: > We are neither an OLTP or large data warehousing shop, but have a gaggle of > small to medium size Oracle instances (max size aroudn 120GB). Putting the > Oracle datafiles on the netapp has made our lives *much* simpler; 60 second > hot backups, from start to finish, is nice. :-) Cool. We actually are doing 60 second backups over the SAN, because the SAN is likewise on the NetApp, so we can take a snapshot of the SAN LUN and mount that on a different server. It's pretty cool. Still, it's not perfect, because we still have to apply redo logs and such, and we have to quiesce the filesystem before taking the snapshot. Using NAS would be simpler. -Adam From sage-members-owner@usenix.org Wed Feb 2 11:36:07 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Ja6n3003946 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:36:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12Ja6xj003943 for sage-members-outgoing; Wed, 2 Feb 2005 11:36:06 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Ja4n2003928 for ; Wed, 2 Feb 2005 11:36:05 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j12JZlhQ006265 for ; Wed, 2 Feb 2005 14:35:47 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j12JZlZg006261 for ; Wed, 2 Feb 2005 14:35:47 -0500 (EST) Date: Wed, 2 Feb 2005 14:35:46 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: <420125FE.3050306@metro.dst.or.us> Message-ID: References: <420125FE.3050306@metro.dst.or.us> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, John Miller wrote: > Adam Levin wrote: >> Does anyone have any horror stories or accolades for Oracle over NAS? >> > Here we go again.. :^) Yeah, I know. :/ I'm required to do my due diligence before having us switch over to NAS wholesale. > We have had various Oracles from various O/S all using NAS, currently O9i on > Redhat ES and 8i on HPUX, through switches like you say. Previously we had a > dedicated I/F on the filer - private network crossover to an Oracle server. > We now have multiple oracle servers, so we don't do that, but we could set up > a private switched network just for the Oracles & Filer. Kind of like a SAN. > :^O No need to have that traffic on you core network unless it can handle > it. > > Add some gig interfaces to your filer and Sunfires for this purpose. The Sunfires already have gigabit, though we'd probably add additional (490s have 2 interfaces each). The filer already has 8 Gb ports per head, but we'd add additional to create a trunk on a VLAN specifically for the Oracle machines. -Adam From sage-members-owner@usenix.org Wed Feb 2 11:37:17 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JbGn3004214 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:37:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JbGA6004213 for sage-members-outgoing; Wed, 2 Feb 2005 11:37:16 -0800 (PST) Received: from dusa-firewall.lan.dialupusa.net ([65.212.160.166]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JbBn2004206 for ; Wed, 2 Feb 2005 11:37:15 -0800 (PST) Received: from localhost (mutton.lan.dialupusa.net [65.212.160.143]) by dusa-firewall.lan.dialupusa.net (Postfix) with ESMTP id 62188507BA for ; Wed, 2 Feb 2005 11:36:51 -0800 (PST) Date: Wed, 2 Feb 2005 11:37:59 -0800 (Pacific Standard Time) From: Brian To: sage-members@sage.org Subject: Re: [SAGE] Looking for network management/status software In-Reply-To: <420127DB.9060206@wa-geek.net> Message-ID: References: <420127DB.9060206@wa-geek.net> X-X-Sender: brian@dialupusa.net@mail.safepages.com MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk We've been very happy with Nagios. I'm still running 1.2 here (but am right now working on updating our configuration files for 2.0b1). I gave a brief talk at Seattle SAGE on Nagios configuration: http://angeli.arborum.net/lectures/sage0411/nagios-1104.pdf Nagios is at www.nagios.org, and their documentation is at http://nagios.sourceforge.net/docs/2_0/ . -Brian +- Brian Smith | Systems Administrator, Dialup USA | 4720 200th St SW Ste 103, Lynnwood, WA 98036 +- (425) 774-8806 x214 || brian@dialupusa.net On Wed, 2 Feb 2005, Amanda Emily wrote: > One of the school districts in my region has asked for suggestions for > network managment software that is free or reasonably priced from the stand > point of a small rural school district. > > Basically right now, all their sysadmin wants to do is to be notifed if a > service goes down, but he doesn't need something that is overkill or hard to > use (i.e. OpenView and friends). > > I've done some research on Google for apps, but I would like to hear any > suggestions as to what to try, run away from, etc? > > Thanks, > Amanda > > -- > Amanda L. Emily | Educational Service District 101 > Information Technology Analyst | 4202 South Regal, Spokane, WA 99223 > aemily@esd101.net | http://www.esd101.net > > From sage-members-owner@usenix.org Wed Feb 2 11:37:19 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JbIn3004232 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:37:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JbILV004226 for sage-members-outgoing; Wed, 2 Feb 2005 11:37:18 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JbGn2004212 for ; Wed, 2 Feb 2005 11:37:16 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j12JatAH007055; Wed, 2 Feb 2005 13:36:55 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id NAA09457; Wed, 2 Feb 2005 13:36:53 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Wed, 2 Feb 2005 13:36:52 -0600 (CST) From: Doug Hughes To: aemily@esd101.net cc: SAGE mailing list Subject: Re: [SAGE] Looking for network management/status software In-Reply-To: <420127DB.9060206@wa-geek.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, Amanda Emily wrote: > One of the school districts in my region has asked for suggestions for > network managment software that is free or reasonably priced from the > stand point of a small rural school district. > > Basically right now, all their sysadmin wants to do is to be notifed if > a service goes down, but he doesn't need something that is overkill or > hard to use (i.e. OpenView and friends). > > I've done some research on Google for apps, but I would like to hear any > suggestions as to what to try, run away from, etc? > there are many many many options. nagios, spong, mon, nocol/snips, big sister, survivor, big brother (no, I'm not kidding), Angel Network Monitor, argus, networkferret and on and on. http://www.stokely.com/unix.sysadm.resources/autosysmgm.backup.html and of course from our very own John Sellens: http://www.usenix.org/publications/login/2000-6/features/monitoring.html http://www.kernel.org/software/mon/netman/ Start with John's article and see what you need and what you are comfortable with. Some are the same as others in functionality, but different in configuration (perl, python, shell, c). Some are network focussed. Some are host focussed. some are service focussed. Some have agents that query, some are remote execution based. etc. From sage-members-owner@usenix.org Wed Feb 2 11:40:21 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JeLn3005227 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:40:21 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JeK7C005222 for sage-members-outgoing; Wed, 2 Feb 2005 11:40:21 -0800 (PST) Received: from muttley.laits.utexas.edu (muttley.laits.utexas.edu [128.83.48.199]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JeIn2005206 for ; Wed, 2 Feb 2005 11:40:19 -0800 (PST) Received: from [128.83.27.124] (dhcp-128-83-27-124.laits.utexas.edu [128.83.27.124]) by muttley.laits.utexas.edu (Postfix) with ESMTP id 848DF1462F5; Wed, 2 Feb 2005 13:42:23 -0600 (CST) In-Reply-To: <420127DB.9060206@wa-geek.net> References: <420127DB.9060206@wa-geek.net> Mime-Version: 1.0 (Apple Message framework v619.2) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <2925ecf2100c9fc50ebdaa63026978fa@mail.utexas.edu> Content-Transfer-Encoding: 7bit Cc: SAGE mailing list From: Jacob Walcik Subject: Re: [SAGE] Looking for network management/status software Date: Wed, 2 Feb 2005 13:39:29 -0600 To: aemily@esd101.net X-Mailer: Apple Mail (2.619.2) Sender: owner-sage-members@usenix.org Precedence: bulk i can highly recommend nagios: http://www.nagios.org/ On Feb 2, 2005, at 13:19, Amanda Emily wrote: > One of the school districts in my region has asked for suggestions for > network managment software that is free or reasonably priced from the > stand point of a small rural school district. > > Basically right now, all their sysadmin wants to do is to be notifed > if a service goes down, but he doesn't need something that is overkill > or hard to use (i.e. OpenView and friends). > > I've done some research on Google for apps, but I would like to hear > any suggestions as to what to try, run away from, etc? > > Thanks, > Amanda > > -- > Amanda L. Emily | Educational Service District 101 > Information Technology Analyst | 4202 South Regal, Spokane, WA 99223 > aemily@esd101.net | http://www.esd101.net > > -- jacob walcik jwalcik@mail.utexas.edu From sage-members-owner@usenix.org Wed Feb 2 11:40:49 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Jemn3005400 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:40:49 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12Jems1005396 for sage-members-outgoing; Wed, 2 Feb 2005 11:40:48 -0800 (PST) Received: from atlasta.net (mail.atlasta.net [209.246.234.9]) by usenix.org (8.12.10/8.12.10) with SMTP id j12Jehn2005335 for ; Wed, 2 Feb 2005 11:40:44 -0800 (PST) Received: (qmail 30892 invoked by uid 1011); 2 Feb 2005 19:40:19 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 2 Feb 2005 19:40:19 -0000 Date: Wed, 2 Feb 2005 11:40:19 -0800 (PST) From: David Raistrick To: aemily@esd101.net cc: SAGE mailing list Subject: Re: [SAGE] Looking for network management/status software In-Reply-To: <420127DB.9060206@wa-geek.net> Message-ID: References: <420127DB.9060206@wa-geek.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, Amanda Emily wrote: > Basically right now, all their sysadmin wants to do is to be notifed if > a service goes down, but he doesn't need something that is overkill or > hard to use (i.e. OpenView and friends). As others have mentioned, nagios and bigbrother/bigsister. I've also looked at argus recently, which is /much/ easier to wrap one's brain around then the nagios configurations.. http://argus.tcp4me.com/ >From my notes, there are also: http://www.netdisco.org/ http://midas-nms.sourceforge.net/ http://www.jffnms.org/ Might also take a look at this list: http://www.itprc.com/nms.htm -- David Raistrick http://www.netmeister.org/news/learn2quote.html keen@atlasta.net http://www.expita.com/nomime.html From sage-members-owner@usenix.org Wed Feb 2 11:42:29 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JgSn3006067 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:42:29 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JgRFO006064 for sage-members-outgoing; Wed, 2 Feb 2005 11:42:27 -0800 (PST) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.196]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JgPn2006047 for ; Wed, 2 Feb 2005 11:42:25 -0800 (PST) Received: by rproxy.gmail.com with SMTP id g11so92252rne for ; Wed, 02 Feb 2005 11:42:08 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=JLKi++UXY+i47KgPOv0NVs9Mpebw1A7QUANtRN1Y1wP6ORMw5ZsF16HnUHs3FYFZ7levjW6coLjN1KfZ4UOjrpg19ppVfRH70qRyT5/bYD7djgQYQeTDOvy6folgEoZqVGIXFdFmnMfS6gMi2loqIJ/cQ9TU1RYsEwfkPdZlDbA= Received: by 10.38.6.72 with SMTP id 72mr375215rnf; Wed, 02 Feb 2005 11:42:08 -0800 (PST) Received: by 10.38.151.10 with HTTP; Wed, 2 Feb 2005 11:42:07 -0800 (PST) Message-ID: Date: Wed, 2 Feb 2005 14:42:07 -0500 From: Mark Ramm Reply-To: Mark Ramm To: aemily@esd101.net Subject: Re: [SAGE] Looking for network management/status software Cc: SAGE mailing list In-Reply-To: <420127DB.9060206@wa-geek.net> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <420127DB.9060206@wa-geek.net> Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 02 Feb 2005 11:19:55 -0800, Amanda Emily wrote: > One of the school districts in my region has asked for suggestions for > network managment software that is free or reasonably priced from the > stand point of a small rural school district. > > Basically right now, all their sysadmin wants to do is to be notifed if > a service goes down, but he doesn't need something that is overkill or > hard to use (i.e. OpenView and friends). The most widely used open source solution is Nagios, and it is a very capable product which will do everything you need. However, Nagios has a learning curve, and it can be a bit hard to configure. If you are looking for something lighter, we currently use Zabbix, which provides a simple web based front end, and easy to install multi-platform client, so even junior admins can set up monitoring on new machines. It also provides nice graphs of historical usage trends, and can monitor SNMP devices and check simple network service availability without the need to install software on the client machine. --Mark Ramm From sage-members-owner@usenix.org Wed Feb 2 11:43:59 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Jhvn3006411 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:43:58 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JhvUj006405 for sage-members-outgoing; Wed, 2 Feb 2005 11:43:57 -0800 (PST) Received: from jas.peak.org (peak-colo-196-137.peak.org [69.59.196.137] (may be forged)) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Jhqn3006394 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO) for ; Wed, 2 Feb 2005 11:43:56 -0800 (PST) Received: from sechrest (helo=jas.peak.org) by jas.peak.org with local-esmtp (Exim 4.34) id 1CwQPT-0002vp-4f; Wed, 02 Feb 2005 11:43:31 -0800 To: aemily@esd101.net Cc: SAGE mailing list Subject: Re: [SAGE] Looking for network management/status software In-reply-to: Your message of Wed, 02 Feb 2005 11:19:55 PST. <420127DB.9060206@wa-geek.net> Date: Wed, 02 Feb 2005 11:43:31 -0800 From: John Sechrest Message-Id: X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: sechrest@jas.peak.org X-SA-Exim-Scanned: No (on jas.peak.org); SAEximRunCond expanded to false Sender: owner-sage-members@usenix.org Precedence: bulk Amanda Emily writes: % One of the school districts in my region has asked for suggestions for % network managment software that is free or reasonably priced from the % stand point of a small rural school district. % Basically right now, all their sysadmin wants to do is to be notifed if % a service goes down, but he doesn't need something that is overkill or % hard to use (i.e. OpenView and friends). % I've done some research on Google for apps, but I would like to hear any % suggestions as to what to try, run away from, etc? There are a lot of choices depending on what you want to measure. On debian, there are many packages that can be used that are easy to install: (I list these as examples of packages that people cared about enough to put together) cacti - Frontend to rrdtool for monitoring systems and services cfgstoragemaker - MRTG config generator for storage monitoring via SNMP dmachinemon - Network-wide monitoring suite for monitoring machine status ganglia-monitor - A cluster system monitoring daemon iptotal - monitor for IP traffic, not requiring SNMP mon - monitor hosts/services/whatever and alert about problems mrtg - Multi Router Traffic Grapher munin - Network-wide graphing framework (grapher/gatherer) nagios-common - A host/service/network monitoring and management system rrdtool smokeping spong-client - A systems and network monitoring system -- client programs spong-common - A systems and network monitoring system -- common libraries swatch - Log file viewer with regexp matching, highlighting, & hooks tripwire - A file and directory integrity checker There are some interesting articles on the network about monitoring: Intro: http://www.usenix.org/publications/login/2000-6/features/monitoring.html Nagios: http://www.onlamp.com/pub/a/onlamp/2002/12/05/essentialsysadmin.html (used to be called netsaint) I have used BB (bigbrother) and I like the basics of it (bb4.com) But it is for small systems and can be cranking. I just installed BigSister (http://bigsister.graeff.com/) which has the same mental model as BigBrother, but is all in perl and is a bit simpler to work with. I am still evaluating if the memory leak problems are resolved. When I want to look at network traffic, some combination of RRDtool/MRTG/cricket seems like the right choice. Fortuately BigSister supports RRDtool. The more popular larger system is Nagios. I hope that gives you some useful leads. ----- John Sechrest . Helping people use . computers and the Internet . more effectively . . Internet: sechrest@peak.org . . http://www.peak.org/~sechrest From sage-members-owner@usenix.org Wed Feb 2 11:56:17 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JuHn3007915 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:56:17 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JuGWn007914 for sage-members-outgoing; Wed, 2 Feb 2005 11:56:17 -0800 (PST) Received: from cliff.niehs.nih.gov (cliff.niehs.nih.gov [157.98.192.45]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JuFn2007903 for ; Wed, 2 Feb 2005 11:56:15 -0800 (PST) Received: from cliff.niehs.nih.gov (localhost.localdomain [127.0.0.1]) by cliff.niehs.nih.gov (8.12.11/8.12.11/tx-1.16) with ESMTP id j12JtrdM005457; Wed, 2 Feb 2005 14:55:53 -0500 Received: from splat.niehs.nih.gov (ip071023.niehs.nih.gov [157.98.71.23]) by cliff.niehs.nih.gov (8.12.11/8.12.11/rx-1.12) with ESMTP id j12JtrSi005452; Wed, 2 Feb 2005 14:55:53 -0500 Received: from [157.98.71.23] (ip071023.niehs.nih.gov [157.98.71.23]) (authenticated bits=0) by splat.niehs.nih.gov (8.12.11/8.12.11) with ESMTP id j12Jtqdq014656 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 2 Feb 2005 14:55:52 -0500 Message-ID: <42013048.1020702@niehs.nih.gov> Date: Wed, 02 Feb 2005 14:55:52 -0500 From: "Lance A. Brown" User-Agent: Mozilla Thunderbird 1.0 (X11/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Adam Levin CC: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS References: <42012439.4030602@niehs.nih.gov> In-Reply-To: X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Adam Levin wrote: > Cool. We actually are doing 60 second backups over the SAN, because the > SAN is likewise on the NetApp, so we can take a snapshot of the SAN LUN > and mount that on a different server. It's pretty cool. > > Still, it's not perfect, because we still have to apply redo logs and > such, and we have to quiesce the filesystem before taking the snapshot. > Using NAS would be simpler. Beware, everything about quiescing the database before taking a snapshot still applies for a NetApp NAS. --[Lance] -- Lance A. Brown Contractor, SysAdmin Task of the LMIT ITSS Contract for National Institute of Environmental Health Sciences 919.361.5444x420 From sage-members-owner@usenix.org Wed Feb 2 11:57:31 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JvUn3008070 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 11:57:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12JvUKj008069 for sage-members-outgoing; Wed, 2 Feb 2005 11:57:30 -0800 (PST) Received: from mailhost2.metro1.com (medusa.mx.metro1.com [198.69.83.45]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12JvPn2008060 for ; Wed, 2 Feb 2005 11:57:29 -0800 (PST) Received: from mailhost2.metro1.com (localhost [127.0.0.1]) by postscan.metro1.com (Postfix) with ESMTP id B67AA1383DE for ; Wed, 2 Feb 2005 11:57:07 -0800 (PST) X-Proxy: csmtpprox 1.1.0 1.012 0.980 0.945 Received: from pluto.metro1.com (pluto.metro1.com [198.69.83.87]) by mailhost2.metro1.com (Postfix) with ESMTP id 817181383BB for ; Wed, 2 Feb 2005 11:57:07 -0800 (PST) Received: from pluto.metro1.com (pluto.metro1.com [198.69.83.87]) by pluto.metro1.com (8.11.7p1+Sun/8.11.7/MTON-1.7) with SMTP id j12Jv7l25547 for ; Wed, 2 Feb 2005 11:57:07 -0800 (PST) Message-Id: <200502021957.j12Jv7l25547@pluto.metro1.com> Date: Wed, 2 Feb 2005 11:57:07 -0800 (PST) From: Kevin Swayze - TECHOPS Reply-To: Kevin Swayze - TECHOPS Subject: [SAGE] hourly vs. salary system admins To: sage-members@sage.org MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Content-MD5: pEW+M0krQRRXtGONVGWeCA== X-Mailer: dtmail 1.3.0 @(#)CDE Version 1.4.2 SunOS 5.8 sun4u sparc Sender: owner-sage-members@usenix.org Precedence: bulk Hello, At our company we recently changed most all UNIX and Window system admins. to hourly positions from salary positions. This was done because of some federal rule changes last summer. Have companies that you work for done the same thing? Note: The salary was divided by 2080 to come up with the hourly wage. So from a pay point of view, no change until you work overtime. Thanks, Kevin From sage-members-owner@usenix.org Wed Feb 2 12:00:35 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12K0Zn3008431 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 12:00:35 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12K0Z4F008426 for sage-members-outgoing; Wed, 2 Feb 2005 12:00:35 -0800 (PST) Received: from mailer.hamilton.edu (mailer.hamilton.edu [150.209.8.97]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12K0Wn2008407 for ; Wed, 2 Feb 2005 12:00:33 -0800 (PST) Received: from pmxchannel-daemon.mail.hamilton.edu by mail.hamilton.edu (iPlanet Messaging Server 5.2 HotFix 2.01 (built Aug 26 2004)) id <0IBA00701VJ5ND@mail.hamilton.edu> for sage-members@sage.org; Wed, 02 Feb 2005 14:59:29 -0500 (EST) Received: from [150.209.72.30] (bcf-admin.hamilton.edu [150.209.72.30]) by mail.hamilton.edu (iPlanet Messaging Server 5.2 HotFix 2.01 (built Aug 26 2004)) with ESMTPA id <0IBA006QAVJ4FL@mail.hamilton.edu> for sage-members@sage.org; Wed, 02 Feb 2005 14:59:28 -0500 (EST) Date: Wed, 02 Feb 2005 15:00:10 -0500 From: Nick Brockner Subject: Re: [SAGE] Looking for network management/status software In-reply-to: <420127DB.9060206@wa-geek.net> To: SAGE mailing list Message-id: MIME-version: 1.0 X-Mailer: Apple Mail (2.619.2) Content-type: text/plain; format=flowed; charset=US-ASCII Content-transfer-encoding: 7BIT References: <420127DB.9060206@wa-geek.net> Sender: owner-sage-members@usenix.org Precedence: bulk Big Brother is a great net monitoring tool. It will page sys admins when something is not good, is VERY customizable, is free, and scales to large networks very easily. Big Brother (FREE Version): http://www.bb4.org Big Brother add-ons (Hundreds of them): http://www.deadcat.net There is also a commercial version that is not free, but I have no experience using that version. -- Nick Brockner Hamilton College On Feb 2, 2005, at 2:19 PM, Amanda Emily wrote: > One of the school districts in my region has asked for suggestions for > network managment software that is free or reasonably priced from the > stand point of a small rural school district. > > Basically right now, all their sysadmin wants to do is to be notifed > if a service goes down, but he doesn't need something that is overkill > or hard to use (i.e. OpenView and friends). > > I've done some research on Google for apps, but I would like to hear > any suggestions as to what to try, run away from, etc? > > Thanks, > Amanda > > -- > Amanda L. Emily | Educational Service District 101 > Information Technology Analyst | 4202 South Regal, Spokane, WA 99223 > aemily@esd101.net | http://www.esd101.net > > From sage-members-owner@usenix.org Wed Feb 2 12:03:19 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12K3In3008998 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 12:03:18 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12K3Hwh008996 for sage-members-outgoing; Wed, 2 Feb 2005 12:03:17 -0800 (PST) Received: from parhelion.firedrake.org (mail@parhelion.firedrake.org [193.201.200.77]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12K3Fn2008990 for ; Wed, 2 Feb 2005 12:03:16 -0800 (PST) Received: from phil by parhelion.firedrake.org with local (Exim 3.35 #1 (Debian)) id 1CwQiI-00023G-00 for ; Wed, 02 Feb 2005 20:02:58 +0000 Date: Wed, 2 Feb 2005 21:02:58 +0100 From: Phil Pennock To: sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Message-ID: <20050202200258.GA7282@parhelion.globnix.org> Mail-Followup-To: sage-members@usenix.org References: <35C9B314-7548-11D9-AD94-0003937621C6@acm.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: owner-sage-members@usenix.org Precedence: bulk On 2005-02-02 at 12:47 -0600, Doug Hughes wrote: > So, it's not so straight forward to compare communications overhead > in that context. The IDE single device, single controller communications > overhead is pretty low (and will even beat SCSI in many situations - you > get in trouble when you need to do multiple disks. SCSI scales better) Can someone tell me if I've missed something in my background reading on S-ATA, or am being unbelievably stupid, or something else, please? A while back I looked for some info about S-ATA, since it's claimed to perform "as well as SCSI" and "makes SCSI irrelevant", according to some people I've talked to. I don't particularly rate those people on their knowledge of robust storage, so went looking. S-ATA uses Native Command Queuing, NCQ, as a simplification of SCSI's Tagged Command Queuing, TCQ. This is supposed to make things faster, by letting the drive re-order operations. But where SCSI's TCQ provides for operations which can't be re-ordered, with NCQ enabled _all_ operations can be re-ordered by the drive at will. Uhm, hello, meta-data? Journalling file-systems which guarantee "always consistent"? It seems, to my ill-educated (on storage topics) reading about this that if the NCQ stuff is supported and enabled, to get the touted speed benefits, you lose a stable storage system and had better be very confident in your power systems feeding the disk enclosures; otherwise, come the next power outage affecting the host, you're in an interesting situation. What have I missed? Is anyone using S-ATA with NCQ? Is it in a storage array with redundant batteries, etc, or a RAID box or the computer? Any experiences with post-power-incident recovery? Thanks, -Phil From sage-members-owner@usenix.org Wed Feb 2 12:08:51 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12K8on3009780 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 12:08:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12K8oT3009779 for sage-members-outgoing; Wed, 2 Feb 2005 12:08:50 -0800 (PST) Received: from mxsf16.cluster1.charter.net (mxsf16.cluster1.charter.net [209.225.28.216]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12K8mn2009773 for ; Wed, 2 Feb 2005 12:08:49 -0800 (PST) Received: from mxip11.cluster1.charter.net (mxip11a.cluster1.charter.net [209.225.28.141]) by mxsf16.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id j12K8IIL030362 for ; Wed, 2 Feb 2005 15:08:20 -0500 Received: from 24.247.214.232.bay.mi.chartermi.net (HELO lokkur.dexter.mi.us) (24.247.214.232) by mxip11.cluster1.charter.net with ESMTP; 02 Feb 2005 15:08:18 -0500 X-Ironport-AV: i="3.88,173,1102309200"; d="scan'208"; a="762387040:sNHT64184756" Received: by lokkur.dexter.mi.us (Postfix, from userid 1000) id 7831916CEE6; Wed, 2 Feb 2005 14:52:55 -0500 (EST) Date: Wed, 2 Feb 2005 14:52:55 -0500 From: Steve Simmons To: Kevin Swayze - TECHOPS Cc: sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins Message-ID: <20050202195255.GC16301@lokkur.dexter.mi.us> References: <200502021957.j12Jv7l25547@pluto.metro1.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200502021957.j12Jv7l25547@pluto.metro1.com> User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Feb 02, 2005 at 11:57:07AM -0800, Kevin Swayze - TECHOPS wrote: > Have companies that you work for done the same thing? It's apparently going to happen to some sysadmins where I work. -- "In my darker moments I consider creating the eeyore fan club with a theme song by Leonard Cohen, logo by Edvard Munch and costumes by Tim Burton." -- anonymous, forwarded by Ellen. From sage-members-owner@usenix.org Wed Feb 2 12:16:27 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KGRn3010350 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 12:16:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12KGQLl010349 for sage-members-outgoing; Wed, 2 Feb 2005 12:16:26 -0800 (PST) Received: from clas.ufl.edu (minotaur.clas.ufl.edu [128.227.148.248]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KGOn2010343 for ; Wed, 2 Feb 2005 12:16:25 -0800 (PST) X-Envelope-From: allan@cookie.org Received: from [128.227.148.121] (allan-g4.clas.ufl.edu [128.227.148.121]) by clas.ufl.edu (8.11.7p1+Sun/8.11.7/clas1.22) with ESMTP id j12KFrd15724; Wed, 2 Feb 2005 15:15:53 -0500 (EST) Message-ID: <420134F9.2070204@cookie.org> Date: Wed, 02 Feb 2005 15:15:53 -0500 From: Allan West User-Agent: Mozilla Thunderbird 1.0 (Macintosh/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Steve Simmons CC: Kevin Swayze - TECHOPS , sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins References: <200502021957.j12Jv7l25547@pluto.metro1.com> <20050202195255.GC16301@lokkur.dexter.mi.us> In-Reply-To: <20050202195255.GC16301@lokkur.dexter.mi.us> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Steve Simmons wrote: > On Wed, Feb 02, 2005 at 11:57:07AM -0800, Kevin Swayze - TECHOPS wrote: > > >>Have companies that you work for done the same thing? > > > It's apparently going to happen to some sysadmins where I work. I'm terribly curious, what makes a company move from salary to hourly? My institution of higher learning would adore making all the geeks salaried in order to avoid overtime and on-call fees. From sage-members-owner@usenix.org Wed Feb 2 12:23:52 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KNpn3011009 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 12:23:51 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12KNpDw011008 for sage-members-outgoing; Wed, 2 Feb 2005 12:23:51 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KNnn2011003 for ; Wed, 2 Feb 2005 12:23:50 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j12KNSAH014307; Wed, 2 Feb 2005 14:23:28 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id OAA09522; Wed, 2 Feb 2005 14:23:26 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Wed, 2 Feb 2005 14:23:25 -0600 (CST) From: Doug Hughes To: Phil Pennock cc: sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB In-Reply-To: <20050202200258.GA7282@parhelion.globnix.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, Phil Pennock wrote: > On 2005-02-02 at 12:47 -0600, Doug Hughes wrote: > > So, it's not so straight forward to compare communications overhead > > in that context. The IDE single device, single controller communications > > overhead is pretty low (and will even beat SCSI in many situations - you > > get in trouble when you need to do multiple disks. SCSI scales better) > > Can someone tell me if I've missed something in my background reading on > S-ATA, or am being unbelievably stupid, or something else, please? > > A while back I looked for some info about S-ATA, since it's claimed to > perform "as well as SCSI" and "makes SCSI irrelevant", according to some > people I've talked to. I don't particularly rate those people on their > knowledge of robust storage, so went looking. > > S-ATA uses Native Command Queuing, NCQ, as a simplification of SCSI's > Tagged Command Queuing, TCQ. This is supposed to make things faster, by > letting the drive re-order operations. > > But where SCSI's TCQ provides for operations which can't be re-ordered, > with NCQ enabled _all_ operations can be re-ordered by the drive at will. > > Uhm, hello, meta-data? Journalling file-systems which guarantee "always > consistent"? > > It seems, to my ill-educated (on storage topics) reading about this that > if the NCQ stuff is supported and enabled, to get the touted speed > benefits, you lose a stable storage system and had better be very > confident in your power systems feeding the disk enclosures; otherwise, > come the next power outage affecting the host, you're in an interesting > situation. > > What have I missed? > > Is anyone using S-ATA with NCQ? Is it in a storage array with redundant > batteries, etc, or a RAID box or the computer? Any experiences with > post-power-incident recovery? > say your disk gets a batch of 20 updates at a time scattered around. (let's assume they are independent). now, if it does them in order received, it could seek all over the place. But, if it orders them to take advantage of smooth linear head movement, you get much better drive performance. Can you still tell the drive "flush this block and send me an acknowledgement that it is written", yes. The OS can still enforce ordering when it needs to with respect to the command set. And, it knows the difference between reads and writes. If you have reads, in particular, you get a big win and ordering is unimportant. It's only when you start throwing writes into the mix that ordering becomes important. There is a difference between a synchronous (flush this right away) and an asynchronous operation, and TCQ and NCQ have smarts that greatly enhance the latter. It's a very important concern and engineers have already thought of it. SCSI has been doing this for years. It's only recently starting to appear in SATA drives and many still don't support it yet (well, it's mostly because of the controllers, really. Smart controllers are needed as well. It takes two to tango.) Doug http://www.auditmypc.com/acronym/TCQ.asp http://www.wdc.com/en/library/sata/2579-001076.pdf From sage-members-owner@usenix.org Wed Feb 2 12:26:48 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KQln3011318 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 12:26:48 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12KQlAb011317 for sage-members-outgoing; Wed, 2 Feb 2005 12:26:47 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KQjn2011312 for ; Wed, 2 Feb 2005 12:26:46 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j12KQS6L017694 for ; Wed, 2 Feb 2005 15:26:28 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j12KQRXW017689 for ; Wed, 2 Feb 2005 15:26:27 -0500 (EST) Date: Wed, 2 Feb 2005 15:26:27 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: <42013048.1020702@niehs.nih.gov> Message-ID: References: <42012439.4030602@niehs.nih.gov> <42013048.1020702@niehs.nih.gov> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, Lance A. Brown wrote: > Adam Levin wrote: >> Still, it's not perfect, because we still have to apply redo logs and such, >> and we have to quiesce the filesystem before taking the snapshot. Using NAS >> would be simpler. > > Beware, everything about quiescing the database before taking a snapshot > still applies for a NetApp NAS. Curious. Currently, we have to quiesce because the NetApp has no way of knowing what's writing to a LUN. On the Sun side, we have to issue a lockfs command to lock the filesystem. That's what I was referring to. It's my understanding that on the NetApp side, the NetApp knows to do this when a snapshot is taken, so it's one less step. Yes, we will still have to put the tablespaces into hot backup mode. -Adam From sage-members-owner@usenix.org Wed Feb 2 12:29:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KTXn3011746 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 12:29:34 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12KTWsJ011742 for sage-members-outgoing; Wed, 2 Feb 2005 12:29:32 -0800 (PST) Received: from whatexit.org (whatexit.org [64.32.179.55]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KTVn2011736 for ; Wed, 2 Feb 2005 12:29:31 -0800 (PST) Received: from localhost (unknown [127.0.0.1]) by whatexit.org (Postfix) with ESMTP id 740C865EE; Wed, 2 Feb 2005 15:29:14 -0500 (EST) Received: from whatexit.org ([127.0.0.1]) by localhost (joisey [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 23068-01-8; Wed, 2 Feb 2005 15:29:09 -0500 (EST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by whatexit.org (Postfix) with ESMTP id AC4DF65ED; Wed, 2 Feb 2005 15:29:09 -0500 (EST) Message-ID: <42013817.3050700@whatexit.org> Date: Wed, 02 Feb 2005 15:29:11 -0500 From: Tom Reingold User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins References: <200502021957.j12Jv7l25547@pluto.metro1.com> In-Reply-To: <200502021957.j12Jv7l25547@pluto.metro1.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at whatexit.org Sender: owner-sage-members@usenix.org Precedence: bulk Kevin Swayze - TECHOPS wrote: > Hello, > At our company we recently changed most all UNIX and Window system admins. to > hourly positions from salary positions. This was done because of some federal > rule changes last summer. Have companies that you work for done the same thing? > > Note: The salary was divided by 2080 to come up with the hourly wage. So from a > pay point of view, no change until you work overtime. > > Thanks, > Kevin > So you break even if you work 40 hours a week, 52 weeks a year? Sounds like a raw deal to me, because I work fewer than 2080 hours a year. What is this federal rule? I'm working hourly now and wish I were salaried. I am not allowed to work more than 40 hours a week, and if I were allowed, I wouldn't be able to do it much anyway. So when I have a doctor's appointment or have to go into my kids' schools, it's quite costly. Tom From sage-members-owner@usenix.org Wed Feb 2 12:40:20 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KeKn3012661 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 12:40:20 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12KeKvi012660 for sage-members-outgoing; Wed, 2 Feb 2005 12:40:20 -0800 (PST) Received: from mxsf23.cluster1.charter.net (mxsf23.cluster1.charter.net [209.225.28.223]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KeIn2012653 for ; Wed, 2 Feb 2005 12:40:19 -0800 (PST) Received: from mxip05.cluster1.charter.net (mxip05a.cluster1.charter.net [209.225.28.135]) by mxsf23.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id j12KduqP002394 for ; Wed, 2 Feb 2005 15:39:56 -0500 Received: from 24.247.214.232.bay.mi.chartermi.net (HELO lokkur.dexter.mi.us) (24.247.214.232) by mxip05.cluster1.charter.net with ESMTP; 02 Feb 2005 15:39:56 -0500 X-Ironport-AV: i="3.88,173,1102309200"; d="scan'208"; a="581686978:sNHT13745270" Received: by lokkur.dexter.mi.us (Postfix, from userid 1000) id 7361416CEE5; Wed, 2 Feb 2005 15:24:45 -0500 (EST) Date: Wed, 2 Feb 2005 15:24:45 -0500 From: Steve Simmons To: Allan West Cc: Steve Simmons , Kevin Swayze - TECHOPS , sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins Message-ID: <20050202202445.GB16628@lokkur.dexter.mi.us> References: <200502021957.j12Jv7l25547@pluto.metro1.com> <20050202195255.GC16301@lokkur.dexter.mi.us> <420134F9.2070204@cookie.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <420134F9.2070204@cookie.org> User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Feb 02, 2005 at 03:15:53PM -0500, Allan West wrote: > I'm terribly curious, what makes a company move from salary to hourly? > My institution of higher learning would adore making all the geeks > salaried in order to avoid overtime and on-call fees. It's apparently a reflection of changes in federal labor regulations. -- "In my darker moments I consider creating the eeyore fan club with a theme song by Leonard Cohen, logo by Edvard Munch and costumes by Tim Burton." -- anonymous, forwarded by Ellen. From sage-members-owner@usenix.org Wed Feb 2 12:49:36 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KnZn3013311 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 12:49:36 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12KnZZU013309 for sage-members-outgoing; Wed, 2 Feb 2005 12:49:35 -0800 (PST) Received: from sunfire02.eecs.tufts.edu (nat-02.EECS.Tufts.EDU [130.64.23.202]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12KnXn2013293 for ; Wed, 2 Feb 2005 12:49:34 -0800 (PST) Received: from [130.64.23.43] (arwen.eecs.tufts.edu [130.64.23.43]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by sunfire02.eecs.tufts.edu (Postfix) with ESMTP id 0F8C81C585; Wed, 2 Feb 2005 15:49:13 -0500 (EST) Message-ID: <42013CC8.2030304@eecs.tufts.edu> Date: Wed, 02 Feb 2005 15:49:12 -0500 From: John Orthoefer User-Agent: Mozilla Thunderbird 1.0 (X11/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Kevin Swayze - TECHOPS Cc: sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins References: <200502021957.j12Jv7l25547@pluto.metro1.com> In-Reply-To: <200502021957.j12Jv7l25547@pluto.metro1.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk 2080 is 52 weeks * 40 hours. Typicaly, you would want them to divide by (at most) 2000, 50 weeks * 40 hours, that way you get 2 weeks paid vacation. Plus I would guess you don't get paid holidays now either. Here at Tufts that would mean I was losing 20 vacation days, plus 12 holidays, plus 2 personal days (34 total days of pay.) or to put it another way, a 13% pay cut ineffect (1808/2080 ~ 87%). johno Kevin Swayze - TECHOPS wrote: >Hello, >At our company we recently changed most all UNIX and Window system admins. to >hourly positions from salary positions. This was done because of some federal >rule changes last summer. Have companies that you work for done the same thing? > >Note: The salary was divided by 2080 to come up with the hourly wage. So from a >pay point of view, no change until you work overtime. > >Thanks, >Kevin > > From sage-members-owner@usenix.org Wed Feb 2 12:55:57 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Ktvn3013756 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 12:55:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12Ktv37013754 for sage-members-outgoing; Wed, 2 Feb 2005 12:55:57 -0800 (PST) Received: from cliff.niehs.nih.gov (cliff.niehs.nih.gov [157.98.192.45]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Kttn2013748 for ; Wed, 2 Feb 2005 12:55:55 -0800 (PST) Received: from cliff.niehs.nih.gov (localhost.localdomain [127.0.0.1]) by cliff.niehs.nih.gov (8.12.11/8.12.11/tx-1.16) with ESMTP id j12KtXdd031343; Wed, 2 Feb 2005 15:55:33 -0500 Received: from splat.niehs.nih.gov (ip071023.niehs.nih.gov [157.98.71.23]) by cliff.niehs.nih.gov (8.12.11/8.12.11/rx-1.12) with ESMTP id j12KtXCd031336; Wed, 2 Feb 2005 15:55:33 -0500 Received: from [157.98.71.23] (ip071023.niehs.nih.gov [157.98.71.23]) (authenticated bits=0) by splat.niehs.nih.gov (8.12.11/8.12.11) with ESMTP id j12KtWa1015843 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 2 Feb 2005 15:55:32 -0500 Message-ID: <42013E44.1000300@niehs.nih.gov> Date: Wed, 02 Feb 2005 15:55:32 -0500 From: "Lance A. Brown" User-Agent: Mozilla Thunderbird 1.0 (X11/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Adam Levin CC: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS References: <42012439.4030602@niehs.nih.gov> <42013048.1020702@niehs.nih.gov> In-Reply-To: X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Adam Levin wrote: >> Beware, everything about quiescing the database before taking a >> snapshot still applies for a NetApp NAS. > > Curious. Currently, we have to quiesce because the NetApp has no way of > knowing what's writing to a LUN. On the Sun side, we have to issue a > lockfs command to lock the filesystem. That's what I was referring to. > It's my understanding that on the NetApp side, the NetApp knows to do > this when a snapshot is taken, so it's one less step. > > Yes, we will still have to put the tablespaces into hot backup mode. Urk. Ack. Right. That's what I meant. Got the terminology messed up. --[Lance] -- Lance A. Brown Contractor, SysAdmin Task of the LMIT ITSS Contract for National Institute of Environmental Health Sciences 919.361.5444x420 From sage-members-owner@usenix.org Wed Feb 2 13:11:02 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LB1n3014594 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:11:02 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LB14s014593 for sage-members-outgoing; Wed, 2 Feb 2005 13:11:01 -0800 (PST) Received: from tigris.renesys.com (tigris.renesys.com [69.84.130.136]) by usenix.org (8.12.10/8.12.10) with SMTP id j12LAxn2014587 for ; Wed, 2 Feb 2005 13:11:00 -0800 (PST) Received: (qmail 5795 invoked from network); 2 Feb 2005 21:10:42 -0000 Received: from localhost (HELO ?10.128.0.100?) (127.0.0.1) by tigris.renesys.com with SMTP; 2 Feb 2005 21:10:42 -0000 Message-ID: <420141D0.3080706@cnetwork.com> Date: Wed, 02 Feb 2005 16:10:40 -0500 From: Robert Haskins User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Carlson, Scott" CC: sage-members@sage.org Subject: Re: [SAGE] Looking for reuse: Script to change users UID, change group GID & re-permission files on large scale References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk I just stumbled upon this: http://www.stearns.org/moveuser/ (The site is down at the moment.) Bear in mind it does say "use with caution" so I don't know how well it works. Carlson, Scott wrote: > Hey all, I'm looking for some script reuse assistance from the group. > > We've created an opportunity (!!) within my company here that I need to > renumber (read UID and GID's) approximately 3000 UNIX accounts across 2000 > aix/solaris/redhat machines. > > Rather then spend time writing sets of scripts to do this, or worry if I got > my find parameters right, I'm hoping that someone out there will have this > exact thing sitting in their script repository. Anyone care to share > anything that has worked miracles for them when they've renumbered accounts > in this manner? > > I'll be either running this script from a central management node or on each > server individually and I can provide > > > > with this info, /etc/passwd, /etc/group and all associated file permissions > would need to be changed for a user, and then likewise for GID changes. > > Any takers/sharers ? > > Thanks everyone, > > Scott Carlson > "You might not get what you want, but if you look, you may get what you > need." > > Technical Director - Technology Infrastructure Services, Availability > (v) 602-977-4456 (p) 888-603-5865 > Warning: All email sent to this address will be received by the Charles > Schwab email system and is subject to Archival and review by someone other > than the recipient > > From sage-members-owner@usenix.org Wed Feb 2 13:17:50 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LHon3015186 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:17:50 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LHoM6015185 for sage-members-outgoing; Wed, 2 Feb 2005 13:17:50 -0800 (PST) Received: from smtp.fulcrummicro.com (smtp.fulcrummicro.com [65.119.15.67]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LHln2015179 for ; Wed, 2 Feb 2005 13:17:48 -0800 (PST) Received: from [10.0.0.45] (saladin.internal.avlsi.com [10.0.0.45]) by smtp.fulcrummicro.com (Postfix) with ESMTP id 774332A2B27; Wed, 2 Feb 2005 13:17:25 -0800 (PST) Message-ID: <42014365.6080806@fulcrummicro.com> Date: Wed, 02 Feb 2005 13:17:25 -0800 From: "Bevan C. Bennett" User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20041020 X-Accept-Language: en-us, en MIME-Version: 1.0 To: John Orthoefer Cc: Kevin Swayze - TECHOPS , sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins References: <200502021957.j12Jv7l25547@pluto.metro1.com> <42013CC8.2030304@eecs.tufts.edu> In-Reply-To: <42013CC8.2030304@eecs.tufts.edu> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk John Orthoefer wrote: > 2080 is 52 weeks * 40 hours. > Typicaly, you would want them to divide by (at most) 2000, 50 weeks * 40 > hours, that way you get 2 weeks paid vacation. > Plus I would guess you don't get paid holidays now either. This is just incorrect. The whole point to paid holidays and paid vacation (or PTO) days is that you get paid for them -as if you'd worked a full day- (typically 8 hours). If you divided by 2000, you'd make a full year's wages in only 50 weeks (and could then take two weeks of -unpaid- leave). Dividing by 2080 is correct, as it results in the equivalent hourly rate assuming you get paid (but do not neccessarily work) for 52 weeks, 40 hours a week. From sage-members-owner@usenix.org Wed Feb 2 13:21:17 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LLGn3015563 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:21:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LLG6O015561 for sage-members-outgoing; Wed, 2 Feb 2005 13:21:16 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LLDn3015540 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:21:15 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j12LKkvc044410; Wed, 2 Feb 2005 16:20:54 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Wed, 2 Feb 2005 22:20:00 +0100 To: Adam Levin From: Brad Knowles Subject: Re: [SAGE] Oracle over NAS Cc: SAGE mailing list Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 1:36 PM -0500 2005-02-02, Adam Levin wrote: > Does anyone have any horror stories or accolades for Oracle over NAS? NetApp is one of the very few Oracle certified NAS providers. However, I've spoken to some systems admins working with high-end Oracle DBAs, and using NAS can be very problematic. It can also very seriously slow down your database. If you've got a NetApp that can do SAN as well as NAS, I would strongly recommend sticking with SAN. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Wed Feb 2 13:23:41 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LNfn3015990 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:23:41 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LNfTs015989 for sage-members-outgoing; Wed, 2 Feb 2005 13:23:41 -0800 (PST) Received: from mail.menolly.net ([216.250.182.89]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LNXn2015975 for ; Wed, 2 Feb 2005 13:23:39 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.menolly.net (Postfix) with ESMTP id 0F841280BC for ; Wed, 2 Feb 2005 15:23:11 -0600 (CST) Received: from mail.menolly.net ([127.0.0.1]) by localhost (mail.menolly.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 30443-10 for ; Wed, 2 Feb 2005 15:23:09 -0600 (CST) Received: by mail.menolly.net (Postfix, from userid 48) id DF95D280CF; Wed, 2 Feb 2005 15:23:09 -0600 (CST) Received: from 162.136.193.1 (SquirrelMail authenticated user btpier); by www.menolly.net with HTTP; Wed, 2 Feb 2005 15:23:09 -0600 (CST) Message-ID: <22346.162.136.193.1.1107379389.squirrel@www.menolly.net> In-Reply-To: <42013817.3050700@whatexit.org> References: <200502021957.j12Jv7l25547@pluto.metro1.com> <42013817.3050700@whatexit.org> Date: Wed, 2 Feb 2005 15:23:09 -0600 (CST) Subject: Re: [SAGE] hourly vs. salary system admins From: "Bryce Pier" To: sage-members@sage.org User-Agent: SquirrelMail/1.4.3a-6.FC2 X-Mailer: SquirrelMail/1.4.3a-6.FC2 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: amavisd-new at menolly.net Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, February 2, 2005 2:29 pm, Tom Reingold said: > Kevin Swayze - TECHOPS wrote: >> Hello, >> At our company we recently changed most all UNIX and Window system >> admins. to >> hourly positions from salary positions. This was done because of some >> federal >> rule changes last summer. Have companies that you work for done the same >> thing? >> >> Note: The salary was divided by 2080 to come up with the hourly wage. So >> from a >> pay point of view, no change until you work overtime. >> >> Thanks, >> Kevin >> > > > > So you break even if you work 40 hours a week, 52 weeks a year? Sounds > like a raw deal to me, because I work fewer than 2080 hours a year. > > What is this federal rule? > > I'm working hourly now and wish I were salaried. I am not allowed to > work more than 40 hours a week, and if I were allowed, I wouldn't be > able to do it much anyway. So when I have a doctor's appointment or have > to go into my kids' schools, it's quite costly. The federal rule being referred to is the change in what constitutes a non-exempt employee in terms of overtime. Move info can be found here: http://www.bls.gov/opub/cwc/cm20041216yb01p1.htm If it's determined that your job is a non-exempt job, your employer cannot not pay you overtime if you work more than 40 hours per week so they're likely to make you hourly. My understanding is that there are likely to be more jobs made exempt than made non-exempt as most of the press this change is getting speaks of workers earning less under the new rule. -- Bryce T. Pier btpier@menolly.net From sage-members-owner@usenix.org Wed Feb 2 13:26:06 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LQ6n3016419 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:26:06 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LQ6ZZ016417 for sage-members-outgoing; Wed, 2 Feb 2005 13:26:06 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LQ4n2016406 for ; Wed, 2 Feb 2005 13:26:04 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j12LPkYk001251 for ; Wed, 2 Feb 2005 16:25:46 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j12LPkSn001247 for ; Wed, 2 Feb 2005 16:25:46 -0500 (EST) Date: Wed, 2 Feb 2005 16:25:46 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: Message-ID: References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, Brad Knowles wrote: > At 1:36 PM -0500 2005-02-02, Adam Levin wrote: >> Does anyone have any horror stories or accolades for Oracle over NAS? > > NetApp is one of the very few Oracle certified NAS providers. > However, I've spoken to some systems admins working with high-end Oracle > DBAs, and using NAS can be very problematic. It can also very seriously slow > down your database. > > If you've got a NetApp that can do SAN as well as NAS, I would > strongly recommend sticking with SAN. I always enjoy reading your very informative posts -- thanks. Any specific examples of "problematic"? Besides the obvious TCP/IP overhead (and the 1Gb NIC vs. 2Gb HBA), why would it seriously slow down the DB? Thanks, -Adam From sage-members-owner@usenix.org Wed Feb 2 13:30:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LUjn3017130 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:30:45 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LUjbg017124 for sage-members-outgoing; Wed, 2 Feb 2005 13:30:45 -0800 (PST) Received: from whatexit.org (whatexit.org [64.32.179.55]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LUgn2017116 for ; Wed, 2 Feb 2005 13:30:43 -0800 (PST) Received: from localhost (unknown [127.0.0.1]) by whatexit.org (Postfix) with ESMTP id C604265EE; Wed, 2 Feb 2005 16:30:21 -0500 (EST) Received: from whatexit.org ([127.0.0.1]) by localhost (joisey [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 24521-02-9; Wed, 2 Feb 2005 16:30:18 -0500 (EST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by whatexit.org (Postfix) with ESMTP id D469565ED; Wed, 2 Feb 2005 16:30:17 -0500 (EST) Message-ID: <4201466B.6050000@whatexit.org> Date: Wed, 02 Feb 2005 16:30:19 -0500 From: Tom Reingold User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins References: <200502021957.j12Jv7l25547@pluto.metro1.com> <42013CC8.2030304@eecs.tufts.edu> <42014365.6080806@fulcrummicro.com> In-Reply-To: <42014365.6080806@fulcrummicro.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at whatexit.org Sender: owner-sage-members@usenix.org Precedence: bulk Bevan C. Bennett wrote: > John Orthoefer wrote: > >> 2080 is 52 weeks * 40 hours. >> Typicaly, you would want them to divide by (at most) 2000, 50 weeks * >> 40 hours, that way you get 2 weeks paid vacation. Plus I would guess >> you don't get paid holidays now either. > > > This is just incorrect. > > The whole point to paid holidays and paid vacation (or PTO) days is that > you get paid for them -as if you'd worked a full day- (typically 8 hours). > If you divided by 2000, you'd make a full year's wages in only 50 weeks > (and could then take two weeks of -unpaid- leave). > > Dividing by 2080 is correct, as it results in the equivalent hourly rate > assuming you get paid (but do not neccessarily work) for 52 weeks, 40 > hours a week. Right, but let's say I make $104,000 a year, and I get paid holidays and vacation. They divide that by 2080 and get $50 per hour. They convert me from salary ($104,000 per year) to hourly ($50 per hour). Then I work the same number of hours, about 1920 (48 weeks). I then make 1920*$50 which is $96,000 a year. Bad deal for me. Or did I misunderstand you? Tom From sage-members-owner@usenix.org Wed Feb 2 13:37:27 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LbQn3017754 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:37:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LbQ2q017753 for sage-members-outgoing; Wed, 2 Feb 2005 13:37:26 -0800 (PST) Received: from sunfire02.eecs.tufts.edu (nat-03.EECS.Tufts.EDU [130.64.23.203]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LbPn2017747 for ; Wed, 2 Feb 2005 13:37:25 -0800 (PST) Received: from [130.64.23.43] (arwen.eecs.tufts.edu [130.64.23.43]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by sunfire02.eecs.tufts.edu (Postfix) with ESMTP id 1A8F81C678; Wed, 2 Feb 2005 16:37:08 -0500 (EST) Message-ID: <42014803.5060100@eecs.tufts.edu> Date: Wed, 02 Feb 2005 16:37:07 -0500 From: John Orthoefer User-Agent: Mozilla Thunderbird 1.0 (X11/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Bevan C. Bennett" Cc: Kevin Swayze - TECHOPS , sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins References: <200502021957.j12Jv7l25547@pluto.metro1.com> <42013CC8.2030304@eecs.tufts.edu> <42014365.6080806@fulcrummicro.com> In-Reply-To: <42014365.6080806@fulcrummicro.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk If they are still getting PTO then you are correct. If they aren't then it's a salary cut. I've had a few friends, not in the tech field, get changed over from salary to Hourly. And they didn't get PTO, so they got a pay cut. johno Bevan C. Bennett wrote: > John Orthoefer wrote: > >> 2080 is 52 weeks * 40 hours. >> Typicaly, you would want them to divide by (at most) 2000, 50 weeks * >> 40 hours, that way you get 2 weeks paid vacation. Plus I would guess >> you don't get paid holidays now either. > > > This is just incorrect. > > The whole point to paid holidays and paid vacation (or PTO) days is > that you get paid for them -as if you'd worked a full day- (typically > 8 hours). > If you divided by 2000, you'd make a full year's wages in only 50 > weeks (and could then take two weeks of -unpaid- leave). > > Dividing by 2080 is correct, as it results in the equivalent hourly > rate assuming you get paid (but do not neccessarily work) for 52 > weeks, 40 hours a week. From sage-members-owner@usenix.org Wed Feb 2 13:38:14 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LcDn3017930 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:38:14 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LcDi8017928 for sage-members-outgoing; Wed, 2 Feb 2005 13:38:13 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LcBn3017923 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:38:11 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j12LbqH1045165; Wed, 2 Feb 2005 16:37:53 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Wed, 2 Feb 2005 22:37:44 +0100 To: Adam Levin From: Brad Knowles Subject: Re: [SAGE] Oracle over NAS Cc: SAGE mailing list Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 4:25 PM -0500 2005-02-02, Adam Levin wrote: > Any specific examples of "problematic"? Besides the obvious TCP/IP > overhead (and the 1Gb NIC vs. 2Gb HBA), why would it seriously slow > down the DB? I'll have to go back and ask. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Wed Feb 2 13:44:30 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LiUn3018729 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:44:30 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LiUtp018728 for sage-members-outgoing; Wed, 2 Feb 2005 13:44:30 -0800 (PST) Received: from surfer.rtfs.de (213-239-205-143.clients.your-server.de [213.239.205.143]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LiPn3018721 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:44:27 -0800 (PST) Received: from surfer.rtfs.de (localhost [127.0.0.1]) by surfer.rtfs.de (8.13.3/8.13.3/Debian-3) with ESMTP id j12Lhv0j004791 for ; Wed, 2 Feb 2005 22:43:57 +0100 Received: (from bb@localhost) by surfer.rtfs.de (8.13.3/8.13.3/Submit) id j12LhvxK004789 for sage-members@sage.org; Wed, 2 Feb 2005 22:43:57 +0100 Date: Wed, 2 Feb 2005 22:43:57 +0100 From: Gabriel Krabbe To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS Message-ID: <20050202214357.GD30986@surfer.rtfs.de> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.8 required=3.5 tests=ALL_TRUSTED autolearn=failed version=3.0.2 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on surfer.rtfs.de Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Feb 02, 2005 at 10:20:00PM +0100, Brad Knowles wrote: > At 1:36 PM -0500 2005-02-02, Adam Levin wrote: > >> Does anyone have any horror stories or accolades for Oracle over NAS? > > NetApp is one of the very few Oracle certified NAS providers. > However, I've spoken to some systems admins working with high-end > Oracle DBAs, and using NAS can be very problematic. It can also very > seriously slow down your database. > > If you've got a NetApp that can do SAN as well as NAS, I would > strongly recommend sticking with SAN. I agree. It depends, of course, on the kind of load you're going to put onto the DB and the precise details of the infrastructure you plan to supply. NFS has the intrinsic potential to be shared among multiple hosts. This is, of course, what it's there for, but it does mean that the client has to constantly beware that things might change under it - a large part of the traffic between kernel and storage system will turn to GETATTR communication. Of course, if your network load will be light, that will be negligible, but it can become a pain on a larger scale. By contrast, there's only one single kernel involved with direct-attached storage, so it can (and will) cache metadata with impunity. Theoretically, the same applies for the data itself, but Oracle prefers doing its own caching anyway. The second problem is network congestion. Unless you have a dedicated storage network, your data will fight for resources with all sorts of other traffic (potential bottlenecks or irritants are switch buffers, mac tables, ARP traffic (any broadcasts, really; if you share your network with windows machines, you'll be amazed), uplink congestion, to name just a few). Feeping creaturism doing what it usually does means that your NAS-dedicated fully-switched gigE will turn out to also host the departmental windows home shares etc. etc... Planning dedication for the future is easy, but it turns political real quick. A SAN is not that easy to overload with other functionality. At my last employer, we'd run the big transactional systems off a SAN (HDS 9970 with shadowimage (Hitachi's snapshot equivalent for raw LUNs), and have a couple of test databases where throughput and latency were allowed to be utterly unpredictable on the netapps. It all depends. Just don't expect it to be an easy case to make when you have to seriously beef up your ethernet infrastructure to cope with the grown DB demands, never mind actually disentangling it if it's been co-opted. Gabe From sage-members-owner@usenix.org Wed Feb 2 13:46:19 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LkJn3018989 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:46:19 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LkJL5018988 for sage-members-outgoing; Wed, 2 Feb 2005 13:46:19 -0800 (PST) Received: from mail.menolly.net ([216.250.182.89]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LkHn2018976 for ; Wed, 2 Feb 2005 13:46:17 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.menolly.net (Postfix) with ESMTP id 5FE1D280BC for ; Wed, 2 Feb 2005 15:45:55 -0600 (CST) Received: from mail.menolly.net ([127.0.0.1]) by localhost (mail.menolly.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 30881-05 for ; Wed, 2 Feb 2005 15:45:54 -0600 (CST) Received: by mail.menolly.net (Postfix, from userid 48) id 9D8D5280CF; Wed, 2 Feb 2005 15:45:54 -0600 (CST) Received: from 162.136.193.1 (SquirrelMail authenticated user btpier); by www.menolly.net with HTTP; Wed, 2 Feb 2005 15:45:54 -0600 (CST) Message-ID: <58354.162.136.193.1.1107380754.squirrel@www.menolly.net> In-Reply-To: <4201466B.6050000@whatexit.org> References: <200502021957.j12Jv7l25547@pluto.metro1.com> <42013CC8.2030304@eecs.tufts.edu> <42014365.6080806@fulcrummicro.com> <4201466B.6050000@whatexit.org> Date: Wed, 2 Feb 2005 15:45:54 -0600 (CST) Subject: Re: [SAGE] hourly vs. salary system admins From: "Bryce Pier" To: sage-members@sage.org User-Agent: SquirrelMail/1.4.3a-6.FC2 X-Mailer: SquirrelMail/1.4.3a-6.FC2 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: amavisd-new at menolly.net Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, February 2, 2005 3:30 pm, Tom Reingold said: > Bevan C. Bennett wrote: >> John Orthoefer wrote: >> >>> 2080 is 52 weeks * 40 hours. >>> Typicaly, you would want them to divide by (at most) 2000, 50 weeks * >>> 40 hours, that way you get 2 weeks paid vacation. Plus I would guess >>> you don't get paid holidays now either. >> >> >> This is just incorrect. >> >> The whole point to paid holidays and paid vacation (or PTO) days is that >> you get paid for them -as if you'd worked a full day- (typically 8 >> hours). >> If you divided by 2000, you'd make a full year's wages in only 50 weeks >> (and could then take two weeks of -unpaid- leave). >> >> Dividing by 2080 is correct, as it results in the equivalent hourly rate >> assuming you get paid (but do not neccessarily work) for 52 weeks, 40 >> hours a week. > > > Right, but let's say I make $104,000 a year, and I get paid holidays and > vacation. They divide that by 2080 and get $50 per hour. They convert me > from salary ($104,000 per year) to hourly ($50 per hour). Then I work > the same number of hours, about 1920 (48 weeks). I then make 1920*$50 > which is $96,000 a year. Bad deal for me. In this situation, most employers pay hourly employees for their normal number of work hours for holidays. Since your employer is closed for the holiday and you can't work those hours (if you wanted to) they pay you as if you did work. They also give you x hours of vacation time that they draw from when you take vacation so you're still paid. In most cases, the rule won't change how much money you make unless you previously were allowed to work overtime and paid for it or forced to work overtime and not paid for it. My experience has always been that sysadmins were exempt due to the important and necessary nature of our jobs but apparently some companies are determining that junior admins are now non-exempt and must be paid for their overtime. -- Bryce T. Pier btpier@menolly.net From sage-members-owner@usenix.org Wed Feb 2 13:50:36 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LoZn3019672 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:50:36 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LoZU5019670 for sage-members-outgoing; Wed, 2 Feb 2005 13:50:35 -0800 (PST) Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LoXn2019662 for ; Wed, 2 Feb 2005 13:50:34 -0800 (PST) Received: from sj-core-1.cisco.com (171.71.177.237) by sj-iport-4.cisco.com with ESMTP; 02 Feb 2005 13:50:11 -0800 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id j12Lo2oQ011233; Wed, 2 Feb 2005 13:50:03 -0800 (PST) Received: from cisco.com (dhcp-171-71-41-223.cisco.com [171.71.41.223]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHL94058; Wed, 2 Feb 2005 13:50:01 -0800 (PST) Message-ID: <42014B08.7050507@cisco.com> Date: Wed, 02 Feb 2005 13:50:00 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Doug Hughes CC: "Mark R. Lindsey" , Brad Knowles , Frank Smith , sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Auspex discovered this (about SCSI) years ago. That's why they put only two disks per SCSI controller (albeit we're talking about older SCSI technology). One of the Auspex engineers was also one of the authors of the SCSI standard, and had extensive research - two disks on one SCSI channel (at that time) gave about 1.9 or 1.95 times the performance of using two controllers. The numbers dropped considerably for three or more disks. Current SCSI performance depends on the rates of the individual drives and the real throughput of the controller - I'd like to see some real benchmarks for how SCSI with 1,2,3... drives works vs. IDE in its various incarnations. - Richard Doug Hughes wrote: >On Wed, 2 Feb 2005, Mark R. Lindsey wrote: > > > >>On Feb 1, 2005, at 7:39 PM, Brad Knowles wrote: >> >> >> >>> IDE drives just weren't designed for that kind of use/abuse. >>> >>> >>> >>... >> >> >>> IDE brings its own problems to the table, even when using the exact >>>same sort of HDA as a SCSI drive. Due to the low-level communications >>>protocols involved, IDE is much less effective at server-type of >>>loads, and I believe will result in significantly reduced MTBF, even >>>with the exact same underlying drive hardware. >>> >>> >>I've heard this about IDE drives a long time. Anecdotes bear it out. >>Are there any published studies that confirm this? >> >> >> > >also bear in mind that any modern IDE nas/raid type box is going to >have one ide channel per device, removing most of the bus negotiation >overhead (not true for standalone devices with 2 disks per bus). On >the other hand mosts SCSI raids have 3-4 devices per bus because of >the additional expense of adding the additional smart bus controllers. >So, it's not so straight forward to compare communications overhead >in that context. The IDE single device, single controller communications >overhead is pretty low (and will even beat SCSI in many situations - you >get in trouble when you need to do multiple disks. SCSI scales better) > > > > > From sage-members-owner@usenix.org Wed Feb 2 13:51:26 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LpQn3019792 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:51:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12LpQUW019791 for sage-members-outgoing; Wed, 2 Feb 2005 13:51:26 -0800 (PST) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.203]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LpNn2019786 for ; Wed, 2 Feb 2005 13:51:24 -0800 (PST) Received: by rproxy.gmail.com with SMTP id y7so141134rne for ; Wed, 02 Feb 2005 13:51:04 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=dqplv+WQ8F03GB5fzG8KUUq4m9TPJW9X8/GV4HWHYCxxZzYmj7eqhdaVrtyaradcMYipFruFF/SX4biEN7sF7xwFQQpo4nrfcBHqDzI2jsivbAUiAsUI2d+IJhO33tJMlk+Q6h6Fzz4MCLMZkfuuJ79SJostpWfqWJQbtMFaxSI= Received: by 10.38.11.60 with SMTP id 60mr481470rnk; Wed, 02 Feb 2005 13:51:04 -0800 (PST) Received: by 10.38.104.38 with HTTP; Wed, 2 Feb 2005 13:51:04 -0800 (PST) Message-ID: <2d7eccf505020213515ec3676d@mail.gmail.com> Date: Wed, 2 Feb 2005 13:51:04 -0800 From: Thornton Prime Reply-To: thornton@yoyoweb.com To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS Cc: Adam Levin In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005 22:20:00 +0100, Brad Knowles wrote: > NetApp is one of the very few Oracle certified NAS providers. > However, I've spoken to some systems admins working with high-end > Oracle DBAs, and using NAS can be very problematic. It can also very > seriously slow down your database. > > If you've got a NetApp that can do SAN as well as NAS, I would > strongly recommend sticking with SAN. We've had a number of discussions with NetApp and Oracle on this issue. Oracle runs most of their systems internally on NetApp filers over NFS, and NetApp recommended for us to use NAS wherever possible. NAS is not as fast as SAN, but very few of our applications were actually pushing bits fast enough for the NFS to be the bottleneck. NFS also can suffer from higher CPU utilization overhead, but we've found effective strategies for dealing with that -- faster, cheaper processors and jumbo frames seem a good strategy for us. Using LUNs on a NetApp filer typically consumes more disk space than NFS. Additionally, the overhead of managing a SAN can be quite burdensome and is filled with new risk. As one of my managers likes to put it, "Having a total meltdown on your SAN is not an if but a when." These are all things that competent system administrators should be able to deal with, but the question fundamentally is, is it worth it? I don't think there is any good answer on SAN vs. NAS for Oracle databases. I think everyone can agree that local storage is not a scalable option, so it comes down to weighing the value and costs of those two. (I don't mention iSCSI because, in my opinion, it is the complexity of SAN with the performance of NFS -- not very attractive for database servers.) Still, my personal bias is the exact opposite of yours ... If you've got a NetApp that can do SAN as well as NAS, I would strongly recommend sticking with NFS. thornton From sage-members-owner@usenix.org Wed Feb 2 13:55:37 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Ltan3020544 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 13:55:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12Lta8F020543 for sage-members-outgoing; Wed, 2 Feb 2005 13:55:36 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12LtYn2020527 for ; Wed, 2 Feb 2005 13:55:34 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j12LtGSj008285 for ; Wed, 2 Feb 2005 16:55:16 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j12LtFMr008277 for ; Wed, 2 Feb 2005 16:55:16 -0500 (EST) Date: Wed, 2 Feb 2005 16:55:15 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: <20050202214357.GD30986@surfer.rtfs.de> Message-ID: References: <20050202214357.GD30986@surfer.rtfs.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, Gabriel Krabbe wrote: > On Wed, Feb 02, 2005 at 10:20:00PM +0100, Brad Knowles wrote: >> At 1:36 PM -0500 2005-02-02, Adam Levin wrote: >>> Does anyone have any horror stories or accolades for Oracle over NAS? > > It all depends. Just don't expect it to be an easy case to make when you > have to seriously beef up your ethernet infrastructure to cope with the > grown DB demands, never mind actually disentangling it if it's been > co-opted. I'm not concerned about the network. Our Oracle machine is in the colo, isolated completely from our Windows notwork. The Gb infrastructure up there is solid, and won't be co-opted by other functions. The Oracle cluster will have its own VLAN on the Cisco core switch. I am concerned about potential performance issues with NAS vs. the SAN, but I'm also concerned about the complexity of managing the SAN, along with Veritas to manage the filesystems (which is something we haven't yet used in our shop). -Adam From sage-members-owner@usenix.org Wed Feb 2 14:01:24 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12M1Nn3021201 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 14:01:23 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12M1Mdx021200 for sage-members-outgoing; Wed, 2 Feb 2005 14:01:22 -0800 (PST) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.203]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12M1Kn2021194 for ; Wed, 2 Feb 2005 14:01:21 -0800 (PST) Received: by rproxy.gmail.com with SMTP id y7so142460rne for ; Wed, 02 Feb 2005 14:00:59 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=bzBTrnODWQDgwd7FhFPMoPXETSxa7jvSUYCJxrgIWRmMVLzai/EhwkHA8jWfHmMf/DiuGgzLWIRR+Zu1/DcxWjPbPTDH9oADUCYHu9z2yRHAls9G9x+HT+UV7cH20VlLEiziTA2ZVH3aTH5TwTRlFO60kCm3+Vm+3d8AhA4mM0k= Received: by 10.38.11.30 with SMTP id 30mr209321rnk; Wed, 02 Feb 2005 14:00:59 -0800 (PST) Received: by 10.38.104.38 with HTTP; Wed, 2 Feb 2005 14:00:59 -0800 (PST) Message-ID: <2d7eccf505020214006f2d1bd5@mail.gmail.com> Date: Wed, 2 Feb 2005 14:00:59 -0800 From: Thornton Prime Reply-To: thornton@yoyoweb.com To: Adam Levin Subject: Re: [SAGE] Oracle over NAS Cc: SAGE mailing list In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005 16:25:46 -0500 (EST), Adam Levin wrote: > Any specific examples of "problematic"? Besides the obvious TCP/IP > overhead (and the 1Gb NIC vs. 2Gb HBA), why would it seriously slow down > the DB? Some operating systems consume large amounts of CPU handling a lot of NFS operations. If you choose NFS, you should carefully manage your NFS, including tuning your TCP/IP options and your NFS parameters. UDP is a little faster than TCP, but TCP is recommended by NetApp and does prove more consistent. Jumbo frames are a good way of keeping your CPU usage down some. You should check if your OS supports direct i/o. In all, NFS will consume more OS resources than FC, though you may consider it worth it. To be honest the most problematic thing I've had with running a Oracle DB on a NAS has been DBAs who "don't get it." They insist on doing old RMAN backups when snapshots are better and they blame database performance issues on the NAS instead of on bad database design. Fortunately, the place I'm at has enlightened DBAs. We have tens of TB in Oracle on NAS and love it. thornton From sage-members-owner@usenix.org Wed Feb 2 14:06:42 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12M6gn3021748 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 14:06:42 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12M6g3S021743 for sage-members-outgoing; Wed, 2 Feb 2005 14:06:42 -0800 (PST) Received: from g2.mental.com (root@entrance.mental.com [192.31.14.10]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12M6cn3021733 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Wed, 2 Feb 2005 14:06:40 -0800 (PST) Received: from mental.com (root@twen.mi [172.16.0.5]) by g2.mental.com (8.13.0/8.13.0/Lobo-041220) with ESMTP id j12M6LJi000691 for ; Wed, 2 Feb 2005 23:06:21 +0100 (CET) Received: from mental.com (lobo@localhost [127.0.0.1]) by mental.com (8.13.0/8.13.0/Lobo-040825) with ESMTP id j12M6K6i003694 for ; Wed, 2 Feb 2005 23:06:20 +0100 (MET) X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB In-reply-to: Richard Chycoski's message of Wed, 02 Feb 2005 13:50:00 PST <42014B08.7050507@cisco.com> Organization: mental images GmbH, Berlin, Germany Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 02 Feb 2005 23:06:20 +0100 Message-ID: <3693.1107381980@mental.com> From: Alexander Lobodzinski Sender: owner-sage-members@usenix.org Precedence: bulk () One of the Auspex engineers was also one of the authors of the SCSI () standard, and had extensive research - two disks on one SCSI channel (at () that time) gave about 1.9 or 1.95 times the performance of using two () controllers. The numbers dropped considerably for three or more disks. The SCSI speed refers to the data phase only - even 160 MByte/s SCSI transports the commands with 5 MByte/s across the bus. One of the reasons storage oftenly uses FC/AL. Ciao, Lobo From sage-members-owner@usenix.org Wed Feb 2 14:16:49 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12MGln3022353 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 14:16:48 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12MGlHC022352 for sage-members-outgoing; Wed, 2 Feb 2005 14:16:47 -0800 (PST) Received: from thumper.siliconbunny.com (thumper.siliconbunny.com [194.193.44.105]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12MGin3022343 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Wed, 2 Feb 2005 14:16:46 -0800 (PST) Received: from host-84-9-64-75.bulldogdsl.com ([84.9.64.75] helo=[192.168.13.216]) by thumper.siliconbunny.com with esmtp (TLSv1:RC4-SHA:128) (Exim 3.22 #9) id 1CwSnN-0004qf-00; Wed, 02 Feb 2005 22:16:21 +0000 In-Reply-To: References: <20050202214357.GD30986@surfer.rtfs.de> Mime-Version: 1.0 (Apple Message framework v619) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <10ABD718-7568-11D9-99A3-000A95C4F2C6@siliconbunny.com> Content-Transfer-Encoding: 7bit Cc: SAGE mailing list From: Tom Kranz Subject: Re: [SAGE] Oracle over NAS Date: Wed, 2 Feb 2005 22:16:20 +0000 To: Adam Levin X-Mailer: Apple Mail (2.619) Sender: owner-sage-members@usenix.org Precedence: bulk On 2 Feb 2005, at 21:55, Adam Levin wrote: On Wed, 2 Feb 2005, Gabriel Krabbe wrote: >>> At 1:36 PM -0500 2005-02-02, Adam Levin wrote: >>>> Does anyone have any horror stories or accolades for Oracle over >>>> NAS? >> >> It all depends. Just don't expect it to be an easy case to make when >> you >> have to seriously beef up your ethernet infrastructure to cope with >> the >> grown DB demands, never mind actually disentangling it if it's been >> co-opted. > > I am concerned about potential performance issues with NAS vs. the > SAN, but I'm also concerned about the complexity of managing the SAN, > along with Veritas to manage the filesystems (which is something we > haven't yet used in our shop). VxVM is easy. Trust me - it is :-) And it works well with a SAN, and it's very nice with RAC. The thing that concerns me is that you mentioned RAC. I can't see how that will work with NAS (maybe I'm missing something). RAC will do some serious I/O, even on a lightly loaded database. Fundamentally, if you're looking at RAC, you want it for scalability and redundancy - I can't see how relying on NFS fits into that. A SAN is no more or less complicated that NAS - get right down to it, and it's a network - just a network with less overhead, more bandwidth, and less latency. SAN failover is easy to do - I've not seen many good solutions for seamless NFS failover for a database. As others have said, at the end of the day, what your database is doing will dictate NAS or SAN. But for RAC, I'd say it's got to be a SAN. The other thing to bear in mind with Sun kit is that GigE network cards place more of a CPU overhead on a box than fibre HBAs. (This is measured results on 6800s and F15ks as part of a biggy project.) RAC will amplify this due to the large amount of cluster communication going on. If you go down the NAS route you may find yourself having to spec more CPUs than you like if it's a busy chatty database - this may rule out V490s in favour of something a bit bigger. Again, as always, workload will pretty much dictate what you do. Cheers, TOM -- "Tell them we are not Gods, but Sysadmins, which is the next best thing." From sage-members-owner@usenix.org Wed Feb 2 14:17:18 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12MHHn3022452 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 14:17:18 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12MHH8L022451 for sage-members-outgoing; Wed, 2 Feb 2005 14:17:17 -0800 (PST) Received: from parhelion.firedrake.org (mail@parhelion.firedrake.org [193.201.200.77]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12MHEn2022437 for ; Wed, 2 Feb 2005 14:17:15 -0800 (PST) Received: from phil by parhelion.firedrake.org with local (Exim 3.35 #1 (Debian)) id 1CwSnx-0003ju-00 for ; Wed, 02 Feb 2005 22:16:57 +0000 Date: Wed, 2 Feb 2005 23:16:57 +0100 From: Phil Pennock To: sage-members@usenix.org Subject: Re: [SAGE] NAS reviews - 30GB to 45GB Message-ID: <20050202221657.GB7282@parhelion.globnix.org> Mail-Followup-To: sage-members@usenix.org References: <20050202200258.GA7282@parhelion.globnix.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: owner-sage-members@usenix.org Precedence: bulk On 2005-02-02 at 14:23 -0600, Doug Hughes wrote: > On Wed, 2 Feb 2005, Phil Pennock wrote: > > But where SCSI's TCQ provides for operations which can't be re-ordered, > > with NCQ enabled _all_ operations can be re-ordered by the drive at will. > Can you still tell the drive "flush this block and > send me an acknowledgement that it is written", yes. The OS can > still enforce ordering when it needs to with respect to the command > set. Are there any open specs for this, explaining it with relation to NCQ? The closest I've seen is on a consumer site, which describes the basic features of the queueing command sets, not how they fit into the rest of the protocols: Is this an orthogonal capability of the bus protocol? Flushing as distinct from command queueing? Because from what I've read, the ability to do what you say is a feature of SCSI which was dropped from S-ATA, with the move from TCQ to NCQ. > It's a very important concern and engineers have already thought of it. > SCSI has been doing this for years. It's only recently starting to appear > in SATA drives and many still don't support it yet (well, it's mostly > because of the controllers, really. Smart controllers are needed > as well. It takes two to tango.) SCSI I don't have any worries about. It's the limited version, NCQ, in S-ATA which worries me. > http://www.auditmypc.com/acronym/TCQ.asp TCQ, no problem. > http://www.wdc.com/en/library/sata/2579-001076.pdf That's TCQ on S-ATA -- great! If this becomes the norm, I'll be very happy and can tell the boss that any issues for storage come down to build quality, not fundamental tech limitations of the interface. But the S-ATA stuff normally is using NCQ, not TCQ. That was my point. -Phil From sage-members-owner@usenix.org Wed Feb 2 14:19:59 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12MJwn3022925 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 14:19:59 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12MJw7V022923 for sage-members-outgoing; Wed, 2 Feb 2005 14:19:58 -0800 (PST) Received: from surfer.rtfs.de (213-239-205-143.clients.your-server.de [213.239.205.143]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12MJrn3022914 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 14:19:56 -0800 (PST) Received: from surfer.rtfs.de (localhost [127.0.0.1]) by surfer.rtfs.de (8.13.3/8.13.3/Debian-3) with ESMTP id j12MJRvZ004893 for ; Wed, 2 Feb 2005 23:19:27 +0100 Received: (from bb@localhost) by surfer.rtfs.de (8.13.3/8.13.3/Submit) id j12MJR7p004891 for sage-members@sage.org; Wed, 2 Feb 2005 23:19:27 +0100 Date: Wed, 2 Feb 2005 23:19:27 +0100 From: Gabriel Krabbe To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS Message-ID: <20050202221927.GE30986@surfer.rtfs.de> References: <2d7eccf505020213515ec3676d@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2d7eccf505020213515ec3676d@mail.gmail.com> X-Spam-Status: No, score=-2.8 required=3.5 tests=ALL_TRUSTED autolearn=failed version=3.0.2 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on surfer.rtfs.de Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Feb 02, 2005 at 01:51:04PM -0800, Thornton Prime wrote: > [...] > Using LUNs on a NetApp filer typically consumes more disk space than > NFS. Additionally, the overhead of managing a SAN can be quite > burdensome and is filled with new risk. As one of my managers likes to > put it, "Having a total meltdown on your SAN is not an if but a when." Oh my. "Having a fire in your machine room is not an if but a when." "Having a major system issue when all of your sysadmins are simultaneously on vacation or in hospital is not an if but a when." Useless FUD phrases, all of them. A SAN switch is no more or less complex than an ethernet switch, and no more or less reliable. You'll get different vendors having different problems, interoperability of in-band management being the major one, and I'm speaking of both FC and ethernet here. > These are all things that competent system administrators should be > able to deal with, but the question fundamentally is, is it worth it? Isn't it always? What are your must-haves, your nice-to-haves, your rather-do-withouts? Sysadmin competence and density (workload/admin, not admins/TB or similar theoretical and ultimately useless benchmark) is a factor, application profile is another, price is a third, interoperability and scalability of existing infrastructure is another. They'll be weighed differently by different shops and by a single shop in different circumstances. > I don't think there is any good answer on SAN vs. NAS for Oracle > databases. I think everyone can agree that local storage is not a > scalable option, so it comes down to weighing the value and costs of > those two. (I don't mention iSCSI because, in my opinion, it is the > complexity of SAN with the performance of NFS -- not very attractive > for database servers.) Actually, local storage can be an option (it suddenly was one at my last employer when we dropped an app that had used a Sun 880 for the 8 CPUs and moved from A5200 to the 9970 - suddenly we had an 880 which could (and did) take lots of the existing FC-AL disks from the photons.) Yeah, it's limited in maximum growth, and it's painful to replace, rather than add, disks, but again, depending on what you're looking for, it can be the very best value for your money. Gabe From sage-members-owner@usenix.org Wed Feb 2 14:31:55 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12MVtn3024007 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 14:31:55 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12MVtWP024006 for sage-members-outgoing; Wed, 2 Feb 2005 14:31:55 -0800 (PST) Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12MVrn2024000 for ; Wed, 2 Feb 2005 14:31:53 -0800 (PST) Received: from sj-core-3.cisco.com (171.68.223.137) by sj-iport-4.cisco.com with ESMTP; 02 Feb 2005 14:31:38 -0800 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== Received: from mira-sjc5-d.cisco.com (IDENT:mirapoint@mira-sjc5-d.cisco.com [171.71.163.28]) by sj-core-3.cisco.com (8.12.10/8.12.6) with ESMTP id j12MVTPA021244; Wed, 2 Feb 2005 14:31:29 -0800 (PST) Received: from cisco.com (dhcp-171-71-41-223.cisco.com [171.71.41.223]) by mira-sjc5-d.cisco.com (MOS 3.4.6-GR) with ESMTP id AHL98002; Wed, 2 Feb 2005 14:31:28 -0800 (PST) Message-ID: <420154BF.3090503@cisco.com> Date: Wed, 02 Feb 2005 14:31:27 -0800 From: Richard Chycoski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: thornton@yoyoweb.com CC: Adam Levin , SAGE mailing list Subject: Re: [SAGE] Oracle over NAS References: <2d7eccf505020214006f2d1bd5@mail.gmail.com> In-Reply-To: <2d7eccf505020214006f2d1bd5@mail.gmail.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Thornton Prime wrote: >On Wed, 2 Feb 2005 16:25:46 -0500 (EST), Adam Levin wrote: > > >>Any specific examples of "problematic"? Besides the obvious TCP/IP >>overhead (and the 1Gb NIC vs. 2Gb HBA), why would it seriously slow down >>the DB? >> >> > >Some operating systems consume large amounts of CPU handling a lot of >NFS operations. If you choose NFS, you should carefully manage your >NFS, including tuning your TCP/IP options and your NFS parameters. UDP >is a little faster than TCP, but TCP is recommended by NetApp and does >prove more consistent. Jumbo frames are a good way of keeping your CPU >usage down some. You should check if your OS supports direct i/o. > I'd like to see some real numbers on this. Depending on what you are doing, NFS can have *less* overhead than local filesystems since much of the work is off loaded to the remote filer. UDP vs. TCP - UDP has less overhead and works well when the filer and server are in the same room (or on low-loss networks). TCP has slightly higher overhead, but degrades much more gracefully in the presence of packet loss (as you will see across WAN links). Block size is an important consideration as well, smaller block sizes (8K) work better when more loss is involved, large block sizes (32K) tend to work better on local LANs. Watch your network gear as well, since some switches choke when they have to transport lots of 32K blocks. > >In all, NFS will consume more OS resources than FC, though you may >consider it worth it. > Again - check your numbers, this isn't always true, although it may be more true for Oracle DBs with few, large, files than for other apps that have numerous, smaller, files. - Richard > >To be honest the most problematic thing I've had with running a Oracle >DB on a NAS has been DBAs who "don't get it." They insist on doing old >RMAN backups when snapshots are better and they blame database >performance issues on the NAS instead of on bad database design. >Fortunately, the place I'm at has enlightened DBAs. We have tens of TB >in Oracle on NAS and love it. > >thornton > > From sage-members-owner@usenix.org Wed Feb 2 14:46:02 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Mk2n3024681 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 14:46:02 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12Mk2Dv024680 for sage-members-outgoing; Wed, 2 Feb 2005 14:46:02 -0800 (PST) Received: from surfer.rtfs.de (213-239-205-143.clients.your-server.de [213.239.205.143]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Mjwn3024671 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 14:46:00 -0800 (PST) Received: from surfer.rtfs.de (localhost [127.0.0.1]) by surfer.rtfs.de (8.13.3/8.13.3/Debian-3) with ESMTP id j12MjXfZ004962 for ; Wed, 2 Feb 2005 23:45:33 +0100 Received: (from bb@localhost) by surfer.rtfs.de (8.13.3/8.13.3/Submit) id j12MjXjZ004960 for sage-members@sage.org; Wed, 2 Feb 2005 23:45:33 +0100 Date: Wed, 2 Feb 2005 23:45:33 +0100 From: Gabriel Krabbe To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS Message-ID: <20050202224533.GF30986@surfer.rtfs.de> References: <2d7eccf505020214006f2d1bd5@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2d7eccf505020214006f2d1bd5@mail.gmail.com> X-Spam-Status: No, score=-2.8 required=3.5 tests=ALL_TRUSTED autolearn=failed version=3.0.2 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on surfer.rtfs.de Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Feb 02, 2005 at 02:00:59PM -0800, Thornton Prime wrote: > > In all, NFS will consume more OS resources than FC, though you may > consider it worth it. Agreed. > To be honest the most problematic thing I've had with running a Oracle > DB on a NAS has been DBAs who "don't get it." They insist on doing old > RMAN backups when snapshots are better and they blame database > performance issues on the NAS instead of on bad database design. > Fortunately, the place I'm at has enlightened DBAs. We have tens of TB > in Oracle on NAS and love it. To be honest, RMAN has great uses (sure, implementing a standby DB by having it sit at a "recover until cancel", feeding it copies of all archived redos and making sure to archive really often might be enough, but really...) - for full recovery purposes, a snapshot is what you want, but having a completely adjunct standby that just needs to be opened to seamlessly take over is better. To protect against human error, only RMAN gives you a useful and usable way to recover a dropped table while preserving changes to other tables that occurred after the drop (recovering a whole database from a full backup to a point-in-time just because somebody committed a stupid DELETE is about the only thing where RMAN's overhead is counter-productive). Again, what is your company's assessment of the risks you're trying to protect yourselves against vs. the cost and value of various strartegies to do that. "Snapshots are better" *can* be true. Sometimes it's true only because, say, a NetBackup RMAN server license is too expensive, and sometimes it's actually wrong. And sometimes using snapshots has nothing to do with the NSA vs SAN discussion, as Solaris 9 has very usable UFS snapshot capabilities that I've successfully used to minimize the time the DBs spent in backup mode. SAN != raw devices. Especially Oracle can and should have its storage strategy designed to account for the underlying device and device configuration. Tablespace layout is as much an art as it is a science, and depends on all sorts of factors, not least being able to flexibly adjust how your actual disk space is shared between various clients (SAN or NAS, same story) - many smaller volumes/LUNs give you finer granularity for higher administrative overhead; too small and it becomes a problem, too big and suddenly you'll find that you should be able to move a couple of TB from one to another, because actual growth patterns were different from the projected ones. If you can afford to simply buy more, and have the (management) infrastructure to easily integrate it, your design will be different. Scalability is also interesting: As long as you can add shelves to the netapp or disks to the HDS box, it's pretty much a no-brainer. But adding another head (for whatever reasons, maybe you ran out of network ports, maybe it's internal bandwidth, maybe the box is just maxed out) poses different problems: As a rule, NAS will mean adding a new mountpoint, which is less than elegant, SAN will mean just add LUNs with different WWNs and telling your volume manager about them (and issuing a growfs, if you're using filesystems). What I'm trying to say is that there is no "right" answer. NAS vs SAN, raw devices vs. filesystems, Oracle vs Sybase, Unix vs Windows, online backup vs RMAN - they all have their place, and holy wars don't help. What we can do is tell Adam about the criteria we've examined and the ones we've been surprised by and the lessons we've learned from both. Gabe From sage-members-owner@usenix.org Wed Feb 2 14:59:15 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12MxFn3025416 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 14:59:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12MxFCq025415 for sage-members-outgoing; Wed, 2 Feb 2005 14:59:15 -0800 (PST) Received: from mailhost2.metro1.com (medusa.mx.metro1.com [198.69.83.45]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12MxDn2025410 for ; Wed, 2 Feb 2005 14:59:14 -0800 (PST) Received: from mailhost2.metro1.com (localhost [127.0.0.1]) by postscan.metro1.com (Postfix) with ESMTP id 6DBCD1383DE for ; Wed, 2 Feb 2005 14:58:56 -0800 (PST) X-Proxy: csmtpprox 1.1.0 0.312 0.254 0.367 Received: from pluto.metro1.com (pluto.metro1.com [198.69.83.87]) by mailhost2.metro1.com (Postfix) with ESMTP id 4359B1383BB for ; Wed, 2 Feb 2005 14:58:56 -0800 (PST) Received: from pluto.metro1.com (pluto.metro1.com [198.69.83.87]) by pluto.metro1.com (8.11.7p1+Sun/8.11.7/MTON-1.7) with SMTP id j12Mwtl26047 for ; Wed, 2 Feb 2005 14:58:56 -0800 (PST) Message-Id: <200502022258.j12Mwtl26047@pluto.metro1.com> Date: Wed, 2 Feb 2005 14:58:55 -0800 (PST) From: Kevin Swayze - TECHOPS Reply-To: Kevin Swayze - TECHOPS Subject: Re: [SAGE] hourly vs. salary system admins To: sage-members@sage.org MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Content-MD5: 9V4k4nzHrWybil72hUTjUQ== X-Mailer: dtmail 1.3.0 @(#)CDE Version 1.4.2 SunOS 5.8 sun4u sparc Sender: owner-sage-members@usenix.org Precedence: bulk Hello, I wanted to add more information as this seems to be an interesting topic. For our affected employees (which are all second level people)besides being made hourly. They still get vacation, personal time holidays etc. paid The only difference that the employees have is if they work overtime which includes a phone call from the first level support team the second level people now get paid for the time. So far it sounds like not very many companies have changed to hourly. Thanks, Kevin > Hello, > At our company we recently changed most all UNIX and Window system admins. to > hourly positions from salary positions. This was done because of some federal > rule changes last summer. Have companies that you work for done the same thing? > > Note: The salary was divided by 2080 to come up with the hourly wage. So from a > pay point of view, no change until you work overtime. > > Thanks, > Kevin > From sage-members-owner@usenix.org Wed Feb 2 15:00:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12N0Xn3025553 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:00:34 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12N0X0G025552 for sage-members-outgoing; Wed, 2 Feb 2005 15:00:33 -0800 (PST) Received: from surfer.rtfs.de (213-239-205-143.clients.your-server.de [213.239.205.143]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12N0Un3025547 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:00:31 -0800 (PST) Received: from surfer.rtfs.de (localhost [127.0.0.1]) by surfer.rtfs.de (8.13.3/8.13.3/Debian-3) with ESMTP id j12N051X005007 for ; Thu, 3 Feb 2005 00:00:05 +0100 Received: (from bb@localhost) by surfer.rtfs.de (8.13.3/8.13.3/Submit) id j12N05tp005005 for sage-members@sage.org; Thu, 3 Feb 2005 00:00:05 +0100 Date: Thu, 3 Feb 2005 00:00:05 +0100 From: Gabriel Krabbe To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS Message-ID: <20050202230005.GG30986@surfer.rtfs.de> References: <20050202214357.GD30986@surfer.rtfs.de> <10ABD718-7568-11D9-99A3-000A95C4F2C6@siliconbunny.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <10ABD718-7568-11D9-99A3-000A95C4F2C6@siliconbunny.com> X-Spam-Status: No, score=-2.8 required=3.5 tests=ALL_TRUSTED autolearn=failed version=3.0.2 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on surfer.rtfs.de Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Feb 02, 2005 at 10:16:20PM +0000, Tom Kranz wrote: > > On 2 Feb 2005, at 21:55, Adam Levin wrote: > >> I am concerned about potential performance issues with NAS vs. the >> SAN, but I'm also concerned about the complexity of managing the SAN, >> along with Veritas to manage the filesystems (which is something we >> haven't yet used in our shop). > > VxVM is easy. Trust me - it is :-) And it works well with a SAN, and > it's very nice with RAC. > The thing that concerns me is that you mentioned RAC. I can't see how > that will work with NAS (maybe I'm missing something). It won't. See http://docs.sun.com/app/docs/doc/817-6570/6mlutb8l6?a=view#ch8_ops-124 for supported shared storage management. Gabe From sage-members-owner@usenix.org Wed Feb 2 15:02:12 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12N2Bn3025894 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:02:12 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12N2B6i025890 for sage-members-outgoing; Wed, 2 Feb 2005 15:02:11 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12N24n3025881 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:02:09 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j12N1jlL049663; Wed, 2 Feb 2005 18:01:46 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Wed, 2 Feb 2005 22:54:14 +0100 To: Adam Levin From: Brad Knowles Subject: Re: [SAGE] Oracle over NAS Cc: SAGE mailing list Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 1:36 PM -0500 2005-02-02, Adam Levin wrote: > A few more details: > In our shop, Solaris version is 8, Oracle will be upgraded to 9i RAC > (currently just 9i). Hardware will be SunFire V490 servers (probably > three 2-cpu machines). The NAS is a NetApp FAS960c. Everything will > run over gigabit through a Cisco switch. Looking through my archives of e-mail from Oracle/NFS experts, if you're going to do Oracle on the Suns over NAS, make sure you upgrade to Solaris 9, which introduces a "forcedirectio" option to mount. Solaris 8 apparently has this string in their mount binary, but it's a stub implementation and doesn't actually do anything. > While I expect that NAS will not be as fast as SAN, I still think we > can get trunking to increase reliability and speed, and the overhead > and complexity will be greatly reduced (we don't use Veritas file > systems right now, and would really have to if we wanted clustered, > dynamic multipathing SAN connections). I'm still looking up more information on the subject, but based on my research so far, I would still be inclined to go with Veritas and SAN as opposed to NFS, even for Oracle on Solaris 9 with "forcedirectio". -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Wed Feb 2 15:20:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12NK0n3027215 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:20:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12NK0Om027213 for sage-members-outgoing; Wed, 2 Feb 2005 15:20:00 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12NJwn3027208 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:19:59 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j12NJbRr050512; Wed, 2 Feb 2005 18:19:39 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <2d7eccf505020214006f2d1bd5@mail.gmail.com> References: <2d7eccf505020214006f2d1bd5@mail.gmail.com> Date: Thu, 3 Feb 2005 00:08:09 +0100 To: thornton@yoyoweb.com From: Brad Knowles Subject: Re: [SAGE] Oracle over NAS Cc: Adam Levin , SAGE mailing list , Thornton Prime Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 2:00 PM -0800 2005-02-02, Thornton Prime wrote: > Some operating systems consume large amounts of CPU handling a lot of > NFS operations. If you choose NFS, you should carefully manage your > NFS, including tuning your TCP/IP options and your NFS parameters. UDP > is a little faster than TCP, but TCP is recommended by NetApp and does > prove more consistent. Jumbo frames are a good way of keeping your CPU > usage down some. You should check if your OS supports direct i/o. Be careful when choosing your NICs. Some include "TCP Offload Engines" (or TOEs), and some TOEs work well, while others don't. Using a good NIC with a good TOE can offload a great deal of work from the CPU and make up for a lot of the overhead incurred with NFS, but while this can increase performance, this is also a brittle solution, and may not work at all, or cause worse performance, depending on the NFS server configuration, etc.... -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Wed Feb 2 15:20:06 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12NK5n3027248 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:20:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12NK5Ij027245 for sage-members-outgoing; Wed, 2 Feb 2005 15:20:05 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12NK2n3027226 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:20:03 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j12NJbRt050512; Wed, 2 Feb 2005 18:19:42 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <20050202230005.GG30986@surfer.rtfs.de> References: <20050202214357.GD30986@surfer.rtfs.de> <10ABD718-7568-11D9-99A3-000A95C4F2C6@siliconbunny.com> <20050202230005.GG30986@surfer.rtfs.de> Date: Thu, 3 Feb 2005 00:12:51 +0100 To: Gabriel Krabbe From: Brad Knowles Subject: Re: [SAGE] Oracle over NAS Cc: SAGE mailing list Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 12:00 AM +0100 2005-02-03, Gabriel Krabbe wrote: > It won't. See > http://docs.sun.com/app/docs/doc/817-6570/6mlutb8l6?a=view#ch8_ops-124 > for supported shared storage management. Of course, Veritas will point you at for their entire series of products designed to work with Oracle using SAN on a cluster. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Wed Feb 2 15:39:09 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Nd8n3028422 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:39:09 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12Nd8IU028421 for sage-members-outgoing; Wed, 2 Feb 2005 15:39:08 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Nd5n3028415 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:39:06 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j12NckAk051298; Wed, 2 Feb 2005 18:38:48 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Thu, 3 Feb 2005 00:38:40 +0100 To: Adam Levin From: Brad Knowles Subject: Re: [SAGE] Oracle over NAS Cc: SAGE mailing list Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 10:54 PM +0100 2005-02-02, Brad Knowles wrote: > I'm still looking up more information on the subject, but based on > my research so far, I would still be inclined to go with Veritas and > SAN as opposed to NFS, even for Oracle on Solaris 9 with "forcedirectio". Of course, you'll also want to make sure that you turn off all client-side caching. Oracle will not use normal file operations on the storage allocated to it, so you don't have to worry so much about attribute caching, but you will want to make sure you avoid all other possible forms of caching. Anything that is cached on the client side could lead to cache-coherency problems with other members of the cluster. Nick Christenson wrote a good white paper during his time at Sistina regarding the relative benefits and disadvantages of NFS and cluster-aware filesystems (e.g., GFS). Unfortunately, this paper doesn't seem to be available on the Redhat web site (Redhat bought Sistina a while back), and I can't seem to find a PDF copy of it anywhere. But there is still a copy in the Google cache at . Of course, this paper is oriented towards IMAP mail servers, and some of these issues will not be a problem with database servers on NFS. Some of the cluster filesystem discussion may be specific to GFS and not relate well to other cluster filesystems (such as available from Veritas). But other issues are inherent to NFS or common to almost all cluster filesystems, and you should be aware of the potential weaknesses before you decide to go this route. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Wed Feb 2 15:47:51 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Nlon3029000 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 15:47:51 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j12Nloev028998 for sage-members-outgoing; Wed, 2 Feb 2005 15:47:50 -0800 (PST) Received: from klingon.cs.iupui.edu (klingon.cs.iupui.edu [134.68.140.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j12Nlnn2028993 for ; Wed, 2 Feb 2005 15:47:49 -0800 (PST) Received: from [134.68.140.31] (nautilus.cs.iupui.edu [134.68.140.31]) by klingon.cs.iupui.edu (8.12.10/8.12.9) with ESMTP id j12NlT6L026720 for ; Wed, 2 Feb 2005 18:47:29 -0500 (EST) Message-ID: <42016693.9080700@cs.iupui.edu> Date: Wed, 02 Feb 2005 18:47:31 -0500 From: Scott Orr User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922 X-Accept-Language: en-us, en MIME-Version: 1.0 CC: sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins References: <200502021957.j12Jv7l25547@pluto.metro1.com> In-Reply-To: <200502021957.j12Jv7l25547@pluto.metro1.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk >At our company we recently changed most all UNIX and Window system admins. to >hourly positions from salary positions. This was done because of some federal >rule changes last summer. Have companies that you work for done the same thing? > > Indiana University (to include all the regional campuses) did this too. Just about everyone below a certain classification were converted to hourly. When HR discussed the criteria used to re-evaluate IT, it sounded like they pulled the material directly from an ancient mainframe operator's manual. Scott -- Scott Orr Lead Network Engineer, Dept of Comp & Info Science, IUPUI Associate Director, IU Center for Applied Cybersecurity Research ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ When you have eliminated the impossible, whatever remains, however improbable, must be the truth. -Sherlock Holmes From sage-members-owner@usenix.org Wed Feb 2 16:17:26 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j130HQn3000004 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 16:17:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j130HQIo029999 for sage-members-outgoing; Wed, 2 Feb 2005 16:17:26 -0800 (PST) Received: from quark.cs.earlham.edu (cs.earlham.edu [159.28.230.3]) by usenix.org (8.12.10/8.12.10) with ESMTP id j130HNn3029994 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 16:17:24 -0800 (PST) Received: from quark.cs.earlham.edu (localhost.cs.earlham.edu [127.0.0.1]) by quark.cs.earlham.edu (8.13.1/8.12.9) with ESMTP id j130H6CF005664 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 19:17:06 -0500 (EST) (envelope-from skylar@cs.earlham.edu) Received: (from skylar@localhost) by quark.cs.earlham.edu (8.13.1/8.12.9/Submit) id j130H6gT005663 for sage-members@sage.org; Wed, 2 Feb 2005 19:17:06 -0500 (EST) (envelope-from skylar@cs.earlham.edu) X-Authentication-Warning: quark.cs.earlham.edu: skylar set sender to skylar@quark.cs.earlham.edu using -f Date: Wed, 2 Feb 2005 19:17:06 -0500 From: Skylar Thompson To: SAGE mailing list Subject: Re: [SAGE] Looking for network management/status software Message-ID: <20050203001706.GA3888@quark.cs.earlham.edu> Reply-To: Skylar Thompson Mail-Followup-To: SAGE mailing list References: <420127DB.9060206@wa-geek.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <420127DB.9060206@wa-geek.net> User-Agent: Mutt/1.4.2.1i X-Sender: "Skylar Thompson" X-Accept-Primary-Language: en X-Accept-Secondary-Language: es SMTP-Mailing-Host: quark.cs.earlham.edu X-Operating-System: FreeBSD 4.11-STABLE X-Uptime: 6:58PM up 3 days, 1:24, 12 users, load averages: 0.13, 0.14, 0.14 X-Editor: VIM - Vi IMproved 6.3 (2004 June 7, compiled Aug 26 2004 10:37:04) Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Feb 02, 2005 at 11:19:55AM -0800, Amanda Emily wrote: > One of the school districts in my region has asked for suggestions for > network managment software that is free or reasonably priced from the > stand point of a small rural school district. > > Basically right now, all their sysadmin wants to do is to be notifed if > a service goes down, but he doesn't need something that is overkill or > hard to use (i.e. OpenView and friends). > > I've done some research on Google for apps, but I would like to hear any > suggestions as to what to try, run away from, etc? Nagios (http://www.nagios.org). We'ved used it for a couple years now, and it's been god send. It's fairly easy to configure, and trivial to add/change/remove services and hosts. -- -- Skylar Thompson (skylar@cs.earlham.edu) -- http://www.cs.earlham.edu/~skylar/ From sage-members-owner@usenix.org Wed Feb 2 16:28:27 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j130SRn3000553 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 16:28:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j130SRf3000552 for sage-members-outgoing; Wed, 2 Feb 2005 16:28:27 -0800 (PST) Received: from eeviac.cynistar.net (eeviac.cynistar.net [66.143.181.10]) by usenix.org (8.12.10/8.12.10) with ESMTP id j130SOn3000547 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 16:28:25 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by eeviac.cynistar.net (Postfix) with ESMTP id 8DF918C233 for ; Wed, 2 Feb 2005 18:28:07 -0600 (CST) Received: from unknown by localhost (amavisd-new, unix socket) id client-XXlqMkfk for ; Wed, 2 Feb 2005 18:28:00 -0600 (CST) Received: from [10.1.1.239] (comp.stedwards.edu [209.99.108.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by eeviac.cynistar.net (Postfix) with ESMTP id 60BA78C228 for ; Wed, 2 Feb 2005 18:28:00 -0600 (CST) Message-ID: <42017009.9030903@cynistar.net> Date: Wed, 02 Feb 2005 18:27:53 -0600 From: Bob Apthorpe User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE mailing list Subject: Re: [SAGE] Looking for network management/status software References: In-Reply-To: X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at people.austinimprov.com Sender: owner-sage-members@usenix.org Precedence: bulk Hi, Doug Hughes wrote: > On Wed, 2 Feb 2005, Amanda Emily wrote: > >> One of the school districts in my region has asked for suggestions for >> network managment software that is free or reasonably priced from the >> stand point of a small rural school district. >> >> Basically right now, all their sysadmin wants to do is to be notifed if >> a service goes down, but he doesn't need something that is overkill or >> hard to use (i.e. OpenView and friends). >> >> I've done some research on Google for apps, but I would like to hear any >> suggestions as to what to try, run away from, etc? >> > > there are many many many options. > > nagios, spong, mon, nocol/snips, big sister, survivor, big brother (no, > I'm not kidding), Angel Network Monitor, argus, networkferret and on and > on. Of those that I've worked with, I felt most comfortable with Nagios in terms of clear documentation, clear licensing and active development. There's a learning curve but it's not insurmountable. I looked into mon a few times but I never got very far; I don't recall why that was. Big Brother's licensing confused me and the design decision to focus on C and shell rather than perl left me cold because we ended up writing all our custom monitoring scripts in perl anyway, wiping out whatever efficiency the developers thought they could get by using only C and shell. Plus, the architecture struck my as sort of byzantine at the time, especially when trying to integrate RRDtool graphs via larrd. I used Big Sister for a while since it was perl-based, GPLd, and was protocol-compatible with Big Brother. Unfortunately, development stalled, the documentation and architecture left a lot to be desired, and there were some pretty serious issues with Win32 support. MRTG is fine for small-scale monitoring but I've run into some (well-known) reliability and scalability issues. I've installed Cacti and have looked into Cricket as possible replacements but I haven't made much headway with either. One tool that doesn't get a lot of press is Servers Alive (http://www.woodstone.nu/salive/) It's commercial and Win32, but it's frighteningly easy to configure, fairly reliable and extensible, and very affordable at $140 for the basic edition, and $240 for the enterprise edition which gives you RRD graphs, on-call and alert schedules, and ODBC logging (logging to syslog is free.) The free download differs from the standard version only in the number of server checks it can perform (10 vs 1000) and despite my bias against most commercial and/or Win32 code, I've been very happy with it. If I had a client that wanted an affordable intermediate-scale monitoring and alerting system and didn't cringe at the thought of using Win32 for something mission-critical, I wouldn't hesitate to recommend Servers Alive. Yes, it was installed here before I took this job and no, I don't get a commission on referrals. ;) hth, -- Bob From sage-members-owner@usenix.org Wed Feb 2 18:16:16 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j132GGn3002387 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 18:16:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j132GG9I002386 for sage-members-outgoing; Wed, 2 Feb 2005 18:16:16 -0800 (PST) Received: from hermes.ekholm.org (hermes.ekholm.org [208.42.64.21]) by usenix.org (8.12.10/8.12.10) with ESMTP id j132GEn2002380 for ; Wed, 2 Feb 2005 18:16:14 -0800 (PST) Received: from hermes-eli0.ekholm.org (localhost [127.0.0.1]) by hermes.ekholm.org (8.12.10/8.12.10) with ESMTP id j132Fqnj027639 for ; Wed, 2 Feb 2005 20:15:52 -0600 (CST) Received: (from ekholm@localhost) by hermes-eli0.ekholm.org (8.12.10/8.12.9/Submit) id j132FpZg027638 for sage-members@sage.org; Wed, 2 Feb 2005 20:15:51 -0600 (CST) Date: Wed, 2 Feb 2005 20:15:51 -0600 From: Mike Ekholm To: sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins Message-ID: <20050203021551.GA27368@ekholm.org> References: <200502021957.j12Jv7l25547@pluto.metro1.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200502021957.j12Jv7l25547@pluto.metro1.com> User-Agent: Mutt/1.5.3i Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Feb 02, 2005 at 11:57:07AM -0800, Kevin Swayze - TECHOPS wrote: > Hello, > At our company we recently changed most all UNIX and Window system admins. to > hourly positions from salary positions. This was done because of some federal > rule changes last summer. Have companies that you work for done the same thing? What I do not understand is this: http://www.dol.gov/esa/regs/compliance/whd/fairpay/fs17e_computer.htm I think that this clearly states that a sys admins job is exempt. -Mike Ekholm -- Mike Ekholm, UNIX System Admin - ekholm@ekholm.org web: http://www.ekholm.org blog: http://blog.ekholm.org AIM: Nalez31337 ham: KC0MPU irc: Nalez ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ UNIX - The Swiss army knife of software. From sage-members-owner@usenix.org Wed Feb 2 18:32:37 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j132Wbn3003072 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 18:32:37 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j132Wat2003071 for sage-members-outgoing; Wed, 2 Feb 2005 18:32:36 -0800 (PST) Received: from belial.infersys.com (infersys.com [66.159.248.216]) by usenix.org (8.12.10/8.12.10) with ESMTP id j132WZn2003066 for ; Wed, 2 Feb 2005 18:32:35 -0800 (PST) Received: from azazel.infersys.com (azazel.infersys.com [172.16.1.42]) by belial.infersys.com (Postfix) with ESMTP id E945C1001E3; Wed, 2 Feb 2005 18:32:18 -0800 (PST) Received: by azazel.infersys.com (Postfix, from userid 10001) id 0124E1C05F; Wed, 2 Feb 2005 18:32:18 -0800 (PST) Message-ID: <16897.36146.203804.347541@azazel.infersys.com> Date: Wed, 2 Feb 2005 18:32:18 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: Ok Pa - We Like To Whomp Ether Subject: Re: [SAGE] hourly vs. salary system admins In-Reply-To: <20050203021551.GA27368@ekholm.org> References: <200502021957.j12Jv7l25547@pluto.metro1.com> <20050203021551.GA27368@ekholm.org> X-Mailer: VM 7.17 under 21.4 (patch 15) "Security Through Obscurity" XEmacs Lucid From: Josh Smith X-Attribution: JBS Organization: Evil Geniuses For A Better Tomorrow Sender: owner-sage-members@usenix.org Precedence: bulk ME == Mike Ekholm ME> What I do not understand is this: ME> http://www.dol.gov/esa/regs/compliance/whd/fairpay/fs17e_computer.htm ME> ME> I think that this clearly states that a sys admins job is exempt. The first test under "Computer Employee Exemption" is The employee must be compensated either on a salary or fee basis at a rate not less than $455 per week or, if compensated on an hourly basis, at a rate not less than $27.63 an hour; One strange thing is that those numbers don't match up: $455/week * 52 weeks/year = $23,660, whereas $27.63/hour * (40*52 hours/year) = $57,470.40. There probably aren't many sysadmins making less than $24K a year, but there are plenty making less than $58K (as of the 2003 SAGE Salary Survey, anyway), so depending on which number is correct, there are lots of people who might not be exempt by this first test. -Josh (irilyth@infersys.com) From sage-members-owner@usenix.org Wed Feb 2 21:11:04 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j135B3n3005332 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 21:11:04 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j135B3IW005331 for sage-members-outgoing; Wed, 2 Feb 2005 21:11:03 -0800 (PST) Received: from ylpvm29.prodigy.net (ylpvm29-ext.prodigy.net [207.115.57.60]) by usenix.org (8.12.10/8.12.10) with ESMTP id j135B1n2005326 for ; Wed, 2 Feb 2005 21:11:02 -0800 (PST) Received: from linuxbox.neilwaybright.us (adsl-69-231-201-95.dsl.irvnca.pacbell.net [69.231.201.95]) by ylpvm29.prodigy.net (8.12.10 outbound/8.12.10) with ESMTP id j135AWh2020198 for ; Thu, 3 Feb 2005 00:10:32 -0500 Subject: [Fwd: Re: [SAGE] NAS reviews - 30GB to 45GB] From: "Robert N. Waybright" To: sage-members@usenix.org Content-Type: text/plain Date: Wed, 02 Feb 2005 21:10:42 -0800 Message-Id: <1107407442.6016.13.camel@linuxbox.neilwaybright.us> Mime-Version: 1.0 X-Mailer: Evolution 2.0.2 (2.0.2-3) Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk forgot to copy the list... -------- Forwarded Message -------- On Wed, 2005-02-02 at 13:28 -0500, Mark R. Lindsey wrote: > On Feb 1, 2005, at 7:39 PM, Brad Knowles wrote: > > IDE drives just weren't designed for that kind of use/abuse. > > IDE brings its own problems to the table, even when using the exact > > same sort of HDA as a SCSI drive. Due to the low-level communications > > protocols involved, IDE is much less effective at server-type of > > loads, and I believe will result in significantly reduced MTBF, even > > with the exact same underlying drive hardware. > > I've heard this about IDE drives a long time. Anecdotes bear it out. > Are there any published studies that confirm this? The underlying hardware is never the same any more, and may not have been (I don't have any authoritative information back in the mid- nineties). Here is a discussion about the differences between modern enterprise and consumer grade disks: http://www.usenix.org/publications/library/proceedings/fast03/tech/anderson.html You may find it interesting. I'd like to see where SATA drives fit in the continuum. Neil --- "I expect to pass through this world but once. Any good therefore that I can do, or any kindness or abilities that I can show to any fellow creature, let me do it now. Let me not defer it or neglect it, for I shall not pass this way again." - William Penn From sage-members-owner@usenix.org Wed Feb 2 22:36:36 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j136aZn3006475 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 Feb 2005 22:36:36 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j136aZuS006474 for sage-members-outgoing; Wed, 2 Feb 2005 22:36:35 -0800 (PST) Received: from ylpvm43.prodigy.net (ylpvm43-ext.prodigy.net [207.115.57.74]) by usenix.org (8.12.10/8.12.10) with ESMTP id j136aYn2006468 for ; Wed, 2 Feb 2005 22:36:34 -0800 (PST) Received: from linuxbox.neilwaybright.us (adsl-69-231-201-95.dsl.irvnca.pacbell.net [69.231.201.95]) by ylpvm43.prodigy.net (8.12.10 outbound/8.12.10) with ESMTP id j136aR2Y021067 for ; Thu, 3 Feb 2005 01:36:30 -0500 Subject: Re: [SAGE] hourly vs. salary system admins From: "Robert N. Waybright" To: sage-members@sage.org In-Reply-To: <16897.36146.203804.347541@azazel.infersys.com> References: <200502021957.j12Jv7l25547@pluto.metro1.com> <20050203021551.GA27368@ekholm.org> <16897.36146.203804.347541@azazel.infersys.com> Content-Type: text/plain Date: Wed, 02 Feb 2005 22:36:12 -0800 Message-Id: <1107412573.6016.26.camel@linuxbox.neilwaybright.us> Mime-Version: 1.0 X-Mailer: Evolution 2.0.2 (2.0.2-3) Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2005-02-02 at 18:32 -0800, Josh Smith wrote: > There probably aren't many sysadmins making less than $24K a year, but > there are plenty making less than $58K (as of the 2003 SAGE Salary Survey, > anyway), so depending on which number is correct, there are lots of people > who might not be exempt by this first test. IANAL, but... As the DOL link pointed out at the bottom, you have to comply with the more protective (for employees) of the DOL rules, or state labor laws. For those of us in sunny southern California, The California code is conveniently on line at where you can search for section 515 in the labor code and find the CA rules. Though there are many exceptions, section 515.5.b.3 seems to clearly bring sysadmin work in scope, and the wage numbers to make you non- exempt in CA are a lot higher. The related 2005 wage order referred to in the text of the code is: Neil ---- Before Xerox, five carbons were the maximum extension of anybody's ego. From sage-members-owner@usenix.org Thu Feb 3 00:49:01 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j138n1n3011247 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 00:49:01 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j138n1ZU011246 for sage-members-outgoing; Thu, 3 Feb 2005 00:49:01 -0800 (PST) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by usenix.org (8.12.10/8.12.10) with ESMTP id j138mwn3011240 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 00:48:59 -0800 (PST) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.11/8.12.3) with ESMTP id j138mbBv082647; Thu, 3 Feb 2005 03:48:39 -0500 (EST) (envelope-from brad@stop.mail-abuse.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <1107407442.6016.13.camel@linuxbox.neilwaybright.us> References: <1107407442.6016.13.camel@linuxbox.neilwaybright.us> Date: Thu, 3 Feb 2005 09:26:53 +0100 To: "Robert N. Waybright" From: Brad Knowles Subject: Re: [Fwd: Re: [SAGE] NAS reviews - 30GB to 45GB] Cc: sage-members@usenix.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-sage-members@usenix.org Precedence: bulk At 9:10 PM -0800 2005-02-02, Robert N. Waybright wrote: > The underlying hardware is never the same any more, and may not have > been (I don't have any authoritative information back in the mid- > nineties). Here is a discussion about the differences between modern > enterprise and consumer grade disks: That's quite an interesting paper. However, they're talking about differences between major product lines. When I was an intern at Imprimis/Seagate, we had multiple different interface types within the same product line -- you could buy a Wren IV drive with a SCSI interface, IDE, or IPI. The underlying drive was theoretically the same, what differed was the electronics that were connected to it. Now, they may have had other product lines with comparable capacities that were aimed towards different markets, but they weren't Wren IV drives. In practice, each drive was unique. They went through a testing procedure similar to that done for CPUs -- make them according to the formula, then test them and see how fast they perform, how reliable they are, etc.... Then they get graded, and the price attached to them is based on their grade. Companies like Apple or Sun would demand drives that are in the top 10%, while other companies would accept top 50%, and any drives that filtered down to the end consumer to be bought at a local computer store or through a reseller like dirtcheapdrives.com would be the bottom-of-the-barrel units. They were all Wren IV drives, and theoretically had the same MTBF ratings, etc..., but in practice they were totally different drives, regardless of the interface that was connected. In many cases, the lower grade HDAs were attached to consumer-grade interfaces (like IDE) instead of SCSI, but that's a result of people trying to optimize for price and cutting corners in multiple ways. -- Brad Knowles, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See for more info. From sage-members-owner@usenix.org Thu Feb 3 05:37:24 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13DbMn3024715 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 05:37:22 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13DbMbP024713 for sage-members-outgoing; Thu, 3 Feb 2005 05:37:22 -0800 (PST) Received: from mxsf21.cluster1.charter.net (mxsf21.cluster1.charter.net [209.225.28.221]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13DbKn2024708 for ; Thu, 3 Feb 2005 05:37:21 -0800 (PST) Received: from mxip07.cluster1.charter.net (mxip07a.cluster1.charter.net [209.225.28.137]) by mxsf21.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id j13Davo1021931 for ; Thu, 3 Feb 2005 08:36:57 -0500 Received: from 24.247.214.232.bay.mi.chartermi.net (HELO lokkur.dexter.mi.us) (24.247.214.232) by mxip07.cluster1.charter.net with ESMTP; 03 Feb 2005 08:36:58 -0500 X-Ironport-AV: i="3.88,175,1102309200"; d="scan'208"; a="584212257:sNHT13091476" Received: by lokkur.dexter.mi.us (Postfix, from userid 1000) id D8C8F16CEE5; Thu, 3 Feb 2005 08:21:48 -0500 (EST) Date: Thu, 3 Feb 2005 08:21:48 -0500 From: Steve Simmons To: Scott Orr Cc: sage-members@sage.org Subject: Re: [SAGE] hourly vs. salary system admins Message-ID: <20050203132148.GD18866@lokkur.dexter.mi.us> References: <200502021957.j12Jv7l25547@pluto.metro1.com> <42016693.9080700@cs.iupui.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <42016693.9080700@cs.iupui.edu> User-Agent: Mutt/1.5.6i Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, Feb 02, 2005 at 06:47:31PM -0500, Scott Orr wrote: > ... When HR discussed the criteria used to re-evaluate IT, it > sounded like they pulled the material directly from an ancient mainframe > operator's manual. Which is pretty much how the University of Michigan personnel department describes the new regulations. -- "In my darker moments I consider creating the eeyore fan club with a theme song by Leonard Cohen, logo by Edvard Munch and costumes by Tim Burton." -- anonymous, forwarded by Ellen. From sage-members-owner@usenix.org Thu Feb 3 07:45:32 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13FjVn3026717 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 07:45:32 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13FjV13026716 for sage-members-outgoing; Thu, 3 Feb 2005 07:45:31 -0800 (PST) Received: from conn.mc.mpls.visi.com (conn.mc.mpls.visi.com [208.42.156.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13FjUn2026710 for ; Thu, 3 Feb 2005 07:45:30 -0800 (PST) Received: from [172.24.66.68] (nat01.medtronic.com [144.15.255.227]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by conn.mc.mpls.visi.com (Postfix) with ESMTP id 0CC218896; Thu, 3 Feb 2005 09:45:06 -0600 (CST) Message-ID: <420246FC.5040205@camberwind.com> Date: Thu, 03 Feb 2005 09:45:00 -0600 From: Scott Burch User-Agent: Mozilla Thunderbird 0.7.3 (Windows/20040803) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Adam Levin Cc: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Adam, I have read through all the threads relating to this topic and have a few suggestions. I recommend the following: 1) Get yourself a metalink account from Oracle if you do not already have one. You need to carefully read through the support matrices for Oracle/RAC. As someone else stated you cannot do RAC on NAS, NFS is not supported as a shared fielsystem type. Oracle has very specific guidelines regarding cluster/volume management solutions that are certified for RAC. Where I work I am currently implementing Oracle 9i RAC on Solaris 9 (SPARC) using Veritas Storage Foundation 4.x for Oracle RAC (I have personally installed the cluster/volume management components. We will also most likely implement the same solution on Power5 with AIX 5.3. I can tell you based on our months of research what combinations of OS/Oracle/Cluster Management/Filesystems, etc. will work for RAC (for UNIX platforms such as Solaris, AIX, Linux, and OSX). The options very between platforms. Our current RAC setup is like so: 1) We are installing 2 2 node RAC clusters on some Sun V440s for testing. 2) As I stated before we are using Veritas Storage Foundation for Oracle RAC 4.x. This provides the Veritas Cluster Filesystem...and also allows the Oracle Cache Fusion Traffic to use LLT/GAB rather than TCP/IP. Foundation RAC does a very good job of handling I/O Fencing between the cluster nodes to prevent split/brain issues. 3) There are two independent gigabit Cisco switches that are used for the heartbeat/cache fusion traffic..each node in the cluster has two gigabit links for this traffic..spread across the two switches for redundancy. We use the internal gigabit interface as well as Quad Gigaswift adapters. 4) The backend storage is on an EMC DMX 2000 and we utilize 2 Emulex 90002LE 2GB/s Fibre Channel HBAs and Veritas DMP to do multipathing. We utilize many Veritas products where I work, and this particular product has not dissapointed me. I actually did the installation myself based on the documentation and pretty much everything works as advertised so far...We brought a consultant in to help/check what we are doing, but I did everything he would normally do a customer site, so I haven't really needed him. My general advice to anyone implementing RAC is to spend a serious amount of time doing your upfront research, there are many things you need to carefully consider both in software and hardware. RAC may be great for redundancy depending on how your applications actually talk to the Database..to fully utilize TAF (True Application Failover) today you really need some intelligence in the remote client...most of TAF is actually implemented in the FAT Oracle Client it doesn't completely apply to JDBC type connections, etc. Also if you think you are going to throw together a bunch of nodes and get great performance think again. A RAC instances share information about their SGAs across nodes via the network. If your databases are not designed properly (partitioned appropriately) and you have many nodes trying to access the same blocks on disk at the same time then there will be tons of cache fusion traffic (which is where information about who has write access to which disk blocks, etc.). If you talk to Sun or IBM they will tell you they wouldn't recommend RAC clusters larger than 4 nodes. Lots of stuff to chew on...do some serious research...don't jump right in....We spend months evaluating our options based on our environment. -Scottt Adam Levin wrote: > > Ok, it's that time again. This subject has gone around and around, at > least in our office. > > We're looking at upgrading our Oracle hardware, and since we've got a > NetApp, we have the option of switching from SAN architecture to NAS. > The Oracle machine is the only thing on SAN -- everything else is NAS. > > Does anyone have any horror stories or accolades for Oracle over NAS? > > A few more details: > In our shop, Solaris version is 8, Oracle will be upgraded to 9i RAC > (currently just 9i). Hardware will be SunFire V490 servers (probably > three 2-cpu machines). The NAS is a NetApp FAS960c. Everything will > run over gigabit through a Cisco switch. > > While I expect that NAS will not be as fast as SAN, I still think we > can get trunking to increase reliability and speed, and the overhead > and complexity will be greatly reduced (we don't use Veritas file > systems right now, and would really have to if we wanted clustered, > dynamic multipathing SAN connections). > > Thoughts? > > Thanks much, > -Adam > From sage-members-owner@usenix.org Thu Feb 3 07:52:57 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13Fqvn3027170 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 07:52:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13FqvYx027168 for sage-members-outgoing; Thu, 3 Feb 2005 07:52:57 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13Fqtn2027163 for ; Thu, 3 Feb 2005 07:52:56 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j13FqbKi015677 for ; Thu, 3 Feb 2005 10:52:37 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j13FqbTA015669 for ; Thu, 3 Feb 2005 10:52:37 -0500 (EST) Date: Thu, 3 Feb 2005 10:52:36 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: <2d7eccf505020214006f2d1bd5@mail.gmail.com> Message-ID: References: <2d7eccf505020214006f2d1bd5@mail.gmail.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, Thornton Prime wrote: > Some operating systems consume large amounts of CPU handling a lot of > NFS operations. If you choose NFS, you should carefully manage your > NFS, including tuning your TCP/IP options and your NFS parameters. UDP > is a little faster than TCP, but TCP is recommended by NetApp and does > prove more consistent. Jumbo frames are a good way of keeping your CPU > usage down some. You should check if your OS supports direct i/o. We'll be using SunFire V490s with Solaris 8. I don't believe Sun's gigaswift interfaces support jumbo frames, but we've had rocky experiences with jumbo frames over gigabit fibre with an older Auspex NFS server, so i'm not inclined to switch away from small frames. > To be honest the most problematic thing I've had with running a Oracle > DB on a NAS has been DBAs who "don't get it." They insist on doing old > RMAN backups when snapshots are better and they blame database > performance issues on the NAS instead of on bad database design. > Fortunately, the place I'm at has enlightened DBAs. We have tens of TB > in Oracle on NAS and love it. Thankfully, our Oracle DBA is enlightened, and behind this 100%, if it turns out to be the right way to go. -Adam From sage-members-owner@usenix.org Thu Feb 3 07:59:05 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13Fx4n3027700 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 07:59:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13Fx4UP027699 for sage-members-outgoing; Thu, 3 Feb 2005 07:59:04 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13Fx2n2027694 for ; Thu, 3 Feb 2005 07:59:03 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j13FwisF017169 for ; Thu, 3 Feb 2005 10:58:44 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j13FwiFk017164 for ; Thu, 3 Feb 2005 10:58:44 -0500 (EST) Date: Thu, 3 Feb 2005 10:58:44 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: <10ABD718-7568-11D9-99A3-000A95C4F2C6@siliconbunny.com> Message-ID: References: <20050202214357.GD30986@surfer.rtfs.de> <10ABD718-7568-11D9-99A3-000A95C4F2C6@siliconbunny.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Wed, 2 Feb 2005, Tom Kranz wrote: > On 2 Feb 2005, at 21:55, Adam Levin wrote: >> I am concerned about potential performance issues with NAS vs. the SAN, but >> I'm also concerned about the complexity of managing the SAN, along with >> Veritas to manage the filesystems (which is something we haven't yet used >> in our shop). > > VxVM is easy. Trust me - it is :-) And it works well with a SAN, and it's > very nice with RAC. > > The thing that concerns me is that you mentioned RAC. I can't see how that > will work with NAS (maybe I'm missing something). I don't know that it will -- we need to discuss this with Oracle. > RAC will do some serious I/O, even on a lightly loaded database. > Fundamentally, if you're looking at RAC, you want it for scalability and > redundancy - I can't see how relying on NFS fits into that. Why wouldn't NFS be scalable and redundant? It has proved to be both so far with the other NAS applications we're running on the NetApp. > A SAN is no more or less complicated that NAS - get right down to it, and > it's a network - just a network with less overhead, more bandwidth, and less > latency. Everything's relative. If you've already got a large-scale NAS installation for other projects, adding Oracle to it is easy. The infrastructure is already there, the monitoring is already there, etc. Expanding the SAN to support RAC (our current SAN is only for one Oracle machine, and is too small; we'd need to add switches etc. to the fabric). Additionally, moving to Veritas adds complexity since we don't use it anywhere else right now. It's another product to manage, and it's more than just VxVM. We'd need the clustering product as well. > SAN failover is easy to do - I've not seen many good solutions for seamless > NFS failover for a database. Again, it depends on the design. If using trunking software with properly configured redundant switches, a bad network port, cable, or NIC will not cause failure -- just degradation. Besides, in an Oracle RAC, one machine can be disabled as long as the others are still running. On the NFS server side, the NetApp cluster takes care of its own redundancy, and since NFS naturally retries when packets are lost, the downtime is minimal and data loss isn't. We've tested this already. > The other thing to bear in mind with Sun kit is that GigE network cards place > more of a CPU overhead on a box than fibre HBAs. (This is measured results on > 6800s and F15ks as part of a biggy project.) RAC will amplify this due to the > large amount of cluster communication going on. If you go down the NAS route > you may find yourself having to spec more CPUs than you like if it's a busy > chatty database - this may rule out V490s in favour of something a bit > bigger. I agree that the NICs place a heavier burden on the CPUs. That's something that we'll have to keep in mind. Thanks very much, -Adam From sage-members-owner@usenix.org Thu Feb 3 08:31:09 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13GV8n3028620 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 08:31:08 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13GV8E6028619 for sage-members-outgoing; Thu, 3 Feb 2005 08:31:08 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13GV6n2028613 for ; Thu, 3 Feb 2005 08:31:07 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j13GUmUf025147 for ; Thu, 3 Feb 2005 11:30:48 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j13GUmlk025142 for ; Thu, 3 Feb 2005 11:30:48 -0500 (EST) Date: Thu, 3 Feb 2005 11:30:48 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: <20050202230005.GG30986@surfer.rtfs.de> Message-ID: References: <20050202214357.GD30986@surfer.rtfs.de> <10ABD718-7568-11D9-99A3-000A95C4F2C6@siliconbunny.com> <20050202230005.GG30986@surfer.rtfs.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, 3 Feb 2005, Gabriel Krabbe wrote: > On Wed, Feb 02, 2005 at 10:16:20PM +0000, Tom Kranz wrote: >> The thing that concerns me is that you mentioned RAC. I can't see how >> that will work with NAS (maybe I'm missing something). > > It won't. See > http://docs.sun.com/app/docs/doc/817-6570/6mlutb8l6?a=view#ch8_ops-124 > for supported shared storage management. We're checking with Oracle's support to confirm whether RAC can run over NFS. If not, then we've got our answer, even if I don't like it. :) -Adam From sage-members-owner@usenix.org Thu Feb 3 08:33:57 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13GXvn3028899 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 08:33:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13GXuOV028898 for sage-members-outgoing; Thu, 3 Feb 2005 08:33:56 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13GXtn2028891 for ; Thu, 3 Feb 2005 08:33:55 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j13GXbMv025940 for ; Thu, 3 Feb 2005 11:33:37 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j13GXaA8025935 for ; Thu, 3 Feb 2005 11:33:36 -0500 (EST) Date: Thu, 3 Feb 2005 11:33:36 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: Message-ID: References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, 3 Feb 2005, Brad Knowles wrote: > Of course, this paper is oriented towards IMAP mail servers, and some > of these issues will not be a problem with database servers on NFS. Some of > the cluster filesystem discussion may be specific to GFS and not relate well > to other cluster filesystems (such as available from Veritas). But other > issues are inherent to NFS or common to almost all cluster filesystems, and > you should be aware of the potential weaknesses before you decide to go this > route. Definitely, thanks. Ultimately, we will be working with Oracle and Sun to configure the systems in a recommended way. Oracle seems to have done quite a bit of work with NAS, and we want to be "supported" in case of failures, anyway (that's one of the problems we've run into with our SAN implementation, because we didn't want to spend the money on Veritas at the time). -Adam From sage-members-owner@usenix.org Thu Feb 3 08:57:25 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13GvPn3029946 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 08:57:25 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13GvPRj029945 for sage-members-outgoing; Thu, 3 Feb 2005 08:57:25 -0800 (PST) Received: from thumper.siliconbunny.com (thumper.siliconbunny.com [194.193.44.105]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13GvIn3029937 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Thu, 3 Feb 2005 08:57:24 -0800 (PST) Received: from frith.siliconbunny.com ([194.193.44.47] helo=localhost) by thumper.siliconbunny.com with esmtp (Exim 3.22 #9) id 1CwkHk-0006Tu-00; Thu, 03 Feb 2005 16:56:52 +0000 Received: from 192.11.224.102 ([192.11.224.102]) by www.siliconbunny.com (IMP) with HTTP for ; Thu, 3 Feb 2005 17:22:59 +0000 Message-ID: <1107451379.42025df37a6fb@www.siliconbunny.com> Date: Thu, 3 Feb 2005 17:22:59 +0000 From: Tom Kranz To: Adam Levin Cc: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS References: <20050202214357.GD30986@surfer.rtfs.de> <10ABD718-7568-11D9-99A3-000A95C4F2C6@siliconbunny.com> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.2.1 X-Originating-IP: 192.11.224.102 Sender: owner-sage-members@usenix.org Precedence: bulk Quoting Adam Levin : > On Wed, 2 Feb 2005, Tom Kranz wrote: > > RAC will do some serious I/O, even on a lightly loaded database. > > Fundamentally, if you're looking at RAC, you want it for scalability and > > redundancy - I can't see how relying on NFS fits into that. > > Why wouldn't NFS be scalable and redundant? It has proved to be both so > far with the other NAS applications we're running on the NetApp. I should have been more specific - I meant I can't see how NFS will fit into a RAC install, because of the nature of RAC and how it works. Whether Oracle support it or not, I can't see how NFS would cope with the constant and heavy IO even a lightly loaded 2 node RAC cluster would put across. Maybe massive network segmentation would help, but I think you'd have to split out to seperate switches and a dedicated network just to alleviate the switch load. Given Oracle won't support it it's a redundant question and just idle speculation. Would be interesting to test though :-) > > A SAN is no more or less complicated that NAS - get right down to it, and > > it's a network - just a network with less overhead, more bandwidth, and > > less latency. > > Everything's relative. If you've already got a large-scale NAS > installation for other projects, adding Oracle to it is easy. The > infrastructure is already there, the monitoring is already there, etc. The initial comment that was made was along the lines of "SANs are more complicated and will end up failing", which is patently untrue. In terms of complexity and understanding, if you're doing NAS, you can understand a SAN. And if you've got a big NAS, keep it. Always reuse what you've got, and only buy new stuff if it has to be done :-) > Expanding the SAN to support RAC (our current SAN is only for one Oracle > machine, and is too small; we'd need to add switches etc. to the fabric). > Additionally, moving to Veritas adds complexity since we don't use it > anywhere else right now. It's another product to manage, and it's more > than just VxVM. We'd need the clustering product as well. I know - but it really is very very easy to use. VCS DBeAC or whatever it's called today is, I must admit, a very slick product. It's easy to get to grips with and works very well. You'll find you'll have more hassle with database performance as the DBAs get to grips with what RAC actually means for them in terms of database design. > > SAN failover is easy to do - I've not seen many good solutions for seamless > > NFS failover for a database. > > Again, it depends on the design. If using trunking software with properly > configured redundant switches, a bad network port, cable, or NIC will not > cause failure -- just degradation. But network degradation in a RAC environment can be just as harmful in terms of service delivery as an outage. I've seen a well designed network brought to it's knees by a poorly designed application on RAC - TAF and cache fusion traffic overloaded the switches. A busy RAC install will very quickly flush out any sub-optimal areas of your network. > Besides, in an Oracle RAC, one machine can be disabled as long as the > others are still running. I'd be very careful with statements like that. Yes, it's factually correct, however, when you offline that node, and when you online it later on, there's all sorts of locking, instance recovery, and lots of cache fusion traffic going on on the other nodes. There's a performance hit, and it can be a big one. > On the NFS server side, the NetApp cluster takes care of its own > redundancy, and since NFS naturally retries when packets are lost, the > downtime is minimal and data loss isn't. We've tested this already. Interesting stuff - that's useful to know. > I agree that the NICs place a heavier burden on the CPUs. That's > something that we'll have to keep in mind. Check the Oracle RAC sizing requirements - if using GigE interconnects, both Oracle and Sun recommend at least 1GHhz CPU per 1GB/s interconnect. From practice, I'd say that's about right - but, as with all things, you can probably get away with less if you have a small database. On the plus side, I've had good results from dropping in UltraSPARC IV CPUs, so you may want to factor that in. Cheers, TOM -- "Tell them we are not Gods, but SysAdmins, which is the next best thing." From sage-members-owner@usenix.org Thu Feb 3 09:21:41 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13HLen3000900 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 09:21:40 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13HLeTV000899 for sage-members-outgoing; Thu, 3 Feb 2005 09:21:40 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13HLcn2000891 for ; Thu, 3 Feb 2005 09:21:39 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j13HLK5X007940 for ; Thu, 3 Feb 2005 12:21:20 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j13HLKiG007935 for ; Thu, 3 Feb 2005 12:21:20 -0500 (EST) Date: Thu, 3 Feb 2005 12:21:20 -0500 (EST) From: Adam Levin To: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: <420246FC.5040205@camberwind.com> Message-ID: References: <420246FC.5040205@camberwind.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, 3 Feb 2005, Scott Burch wrote: > 1) Get yourself a metalink account from Oracle if you do not already have > one. You need to carefully read through the support matrices for Oracle/RAC. > As someone else stated you cannot do RAC on NAS, NFS is not supported as a > shared fielsystem type. Our DBA has a metalink account. We found information, including this link: http://www.netapp.com/partners/oracle/tech.html 9i RAC running on Solaris 8 and Solaris 9 on SunFire servers using Sun Cluster supports NAS. Here's the trick: NAS is supported, but NFS is not. In other words, a Sun server running the Unix NFS service is not supported, but a NetApp is a special case and is certified to run 9iRAC. Oracle agrees, according to the metalink file I just read. Special mount options are required, including noac and forcedirectio, as previously mentioned (this is specific to Solaris 8, in fact, so even though forcedirectio is not fully implemented in 8, it's a required and certified mount option in that environment according to Oracle and NetApp). > Oracle has very specific guidelines regarding cluster/volume management > solutions that are certified for RAC. Where I work I am currently Agreed, which is why we're working with Sun, NetApp and Oracle to make sure we get a supported configuration. My primary question to this list, as Gabe put it, was to get feedback on experiences with this stuff. The rest of your post is very helpful. > 4) The backend storage is on an EMC DMX 2000 and we utilize 2 Emulex 90002LE > 2GB/s Fibre Channel HBAs and Veritas DMP to do multipathing. Oh, the luxury! :) > My general advice to anyone implementing RAC is to spend a serious amount of > time doing your upfront research, there are many things you need to carefully > consider both in software and hardware. RAC may be great for redundancy > depending on how your applications actually talk to the Database..to fully > utilize TAF (True Application Failover) today you really need some > intelligence in the remote client...most of TAF is actually implemented in > the FAT Oracle Client it doesn't completely apply to JDBC type connections, Great advice -- that's exactly what we're trying to do. We want to do it right this time. > etc. Also if you think you are going to throw together a bunch of nodes and > get great performance think again. A RAC instances share information about > their SGAs across nodes via the network. If your databases are not designed > properly (partitioned appropriately) and you have many nodes trying to access > the same blocks on disk at the same time then there will be tons of cache > fusion traffic (which is where information about who has write access to > which disk blocks, etc.). If you talk to Sun or IBM they will tell you they > wouldn't recommend RAC clusters larger than 4 nodes. We've heard that already, and we're planning a three node cluster, so I think we're good there. We're looking primarily for redundancy, but better performance is also an issue, of course. In our case, though, we're running on an E4500, so moving to the newer, better, faster hardware will help (in our case, we're seeing pure CPU bottlenecks -- the system just can't respond to queries fast enough, so upgrading our 400MHz UltraSPARC II's to 1GHz UltraSPARC IV's should alleviate some of that). Thanks very much, Scott. -Adam From sage-members-owner@usenix.org Thu Feb 3 09:34:05 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13HY4n3001524 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 09:34:05 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13HY4bJ001523 for sage-members-outgoing; Thu, 3 Feb 2005 09:34:04 -0800 (PST) Received: from westnet.com (root@westnet.com [206.24.6.2]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13HY1n2001518 for ; Thu, 3 Feb 2005 09:34:02 -0800 (PST) Received: from westnet.com (localhost [127.0.0.1]) by westnet.com (8.13.2/8.13.2) with ESMTP id j13HXhGB010939; Thu, 3 Feb 2005 12:33:43 -0500 (EST) Received: from localhost (levins@localhost) by westnet.com (8.13.2/8.13.2/Submit) with ESMTP id j13HXh4B010936; Thu, 3 Feb 2005 12:33:43 -0500 (EST) Date: Thu, 3 Feb 2005 12:33:43 -0500 (EST) From: Adam Levin To: Tom Kranz cc: SAGE mailing list Subject: Re: [SAGE] Oracle over NAS In-Reply-To: <1107451379.42025df37a6fb@www.siliconbunny.com> Message-ID: References: <20050202214357.GD30986@surfer.rtfs.de> <10ABD718-7568-11D9-99A3-000A95C4F2C6@siliconbunny.com> <1107451379.42025df37a6fb@www.siliconbunny.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, 3 Feb 2005, Tom Kranz wrote: > The initial comment that was made was along the lines of "SANs are more > complicated and will end up failing", which is patently untrue. In terms of > complexity and understanding, if you're doing NAS, you can understand a SAN. > > And if you've got a big NAS, keep it. Always reuse what you've got, and only > buy new stuff if it has to be done :-) Agreed. Just be clear, I'm not the one who said a SAN would end up failing, but I do believe it's more complicated than NAS, if only because a given company most likely already *has* a TCP network. :) *Anything* will end up failing, given enough time, abuse and neglect. > I know - but it really is very very easy to use. VCS DBeAC or whatever it's > called today is, I must admit, a very slick product. It's easy to get to grips > with and works very well. You'll find you'll have more hassle with database > performance as the DBAs get to grips with what RAC actually means for them in > terms of database design. That's good to know. The next step is getting past the expense. Ugh. > But network degradation in a RAC environment can be just as harmful in terms of > service delivery as an outage. I've seen a well designed network brought to > it's knees by a poorly designed application on RAC - TAF and cache fusion > traffic overloaded the switches. > > A busy RAC install will very quickly flush out any sub-optimal areas of your > network. Interesting. That's definitely something we're going to have to analyze. > I'd be very careful with statements like that. Yes, it's factually correct, > however, when you offline that node, and when you online it later on, there's > all sorts of locking, instance recovery, and lots of cache fusion traffic going > on on the other nodes. There's a performance hit, and it can be a big one. Good to know, too. >> On the NFS server side, the NetApp cluster takes care of its own >> redundancy, and since NFS naturally retries when packets are lost, the >> downtime is minimal and data loss isn't. We've tested this already. > > Interesting stuff - that's useful to know. The NetApp failover is slick. One node takes over for another in a couple of seconds. It takes on the identity of the first node, and starts serving traffic. On the NFS client side, it looks like a simple network hiccup. The node heads take about 60 seconds to reboot, and then you can fail back manually or automatically at your pleasure. We've been very happy with the NetApp as a NAS product so far. The SAN implementation is good, too, and having combined NAS and SAN has been great. Unfortunately, because of budget cuts, we couldn't really implement it correctly, and had to cut corners, so we're using unsupported HBAs and Sun's MPXIO, also unsupported, which causes problems when a path fails. -Adam From sage-members-owner@usenix.org Thu Feb 3 10:31:29 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13IVSn3002998 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 10:31:28 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13IVSQj002997 for sage-members-outgoing; Thu, 3 Feb 2005 10:31:28 -0800 (PST) Received: from mxsf21.cluster1.charter.net (mxsf21.cluster1.charter.net [209.225.28.221]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13IVQn2002989 for ; Thu, 3 Feb 2005 10:31:27 -0800 (PST) Received: from mxip04.cluster1.charter.net (mxip04a.cluster1.charter.net [209.225.28.134]) by mxsf21.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id j13IV3tk027178 for ; Thu, 3 Feb 2005 13:31:03 -0500 Received: from cpe-24-107-225-41.ma.charter.com (HELO smtp.charter.net) (24.107.225.41) by mxip04.cluster1.charter.net with SMTP; 03 Feb 2005 13:31:04 -0500 X-Ironport-AV: i="3.88,176,1102309200"; d="scan'208"; a="616281857:sNHT12468308" Received: (nullmailer pid 13376 invoked by uid 1000); Thu, 03 Feb 2005 18:30:59 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <16898.28131.513152.724394@smtp.charter.net> Date: Thu, 3 Feb 2005 13:30:59 -0500 From: John Stoffel To: sage-members@sage.org Cc: john@stoffel.org Subject: [SAGE] Acopia - anyone using these devices? X-Mailer: VM 7.19 under Emacs 21.3.1 Sender: owner-sage-members@usenix.org Precedence: bulk Hi, At my current job we're starting to evaluate getting some Acopia (http://www.acopia.com) "Adaptive Resource Switches" to help us consolidate and manage data across multiple NetApps. Basically, these are NFS devices which can aggregate backend NFS storage into a unified namespace as shown to the client systems. Sorta like the Rainfinity (http://www.rainfinity.com) stuff, except that we could never get it to work properly without data loss. I'd love to talk with anyone who has some real world experience with these devices and what gotchas they ran into. Specifically when they were used with NetApp Appliance servers to help migrate/merge/manage volumes exported to Linux/Solaris clients. Thanks, John john@stoffel.org From sage-members-owner@usenix.org Thu Feb 3 12:34:57 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13KYvn3005978 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 12:34:57 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13KYv5P005977 for sage-members-outgoing; Thu, 3 Feb 2005 12:34:57 -0800 (PST) Received: from mail-white.research.att.com (mail-red.research.att.com [192.20.225.110]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13KYtn2005971 for ; Thu, 3 Feb 2005 12:34:55 -0800 (PST) Received: from [135.207.39.163] (castle7163.research.att.com [135.207.39.163]) by bigmail.research.att.com (8.11.6+Sun/8.11.6) with ESMTP id j13KYWW23472 for ; Thu, 3 Feb 2005 15:34:32 -0500 (EST) Mime-Version: 1.0 (Apple Message framework v619.2) Content-Transfer-Encoding: 7bit Message-Id: <470178d28bf351ec11c4777da6f5f6d4@research.att.com> Content-Type: text/plain; charset=US-ASCII; format=flowed To: sage-members@usenix.org From: Andrew Hume Subject: [SAGE] domain name retailers Date: Thu, 3 Feb 2005 12:18:36 -0500 X-Mailer: Apple Mail (2.619.2) Sender: owner-sage-members@usenix.org Precedence: bulk i'm considering buying a domain name with a modest web site. any recommendations on who i should, or should not, use? thanks ---- Andrew Hume (best -> Telework) +1 732-886-1886 andrew@research.att.com (Work) +1 973-360-8651 AT&T Labs - Research; member of USENIX and SAGE From sage-members-owner@usenix.org Thu Feb 3 12:44:16 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13KiGn3006541 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 12:44:16 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13KiFxX006540 for sage-members-outgoing; Thu, 3 Feb 2005 12:44:15 -0800 (PST) Received: from Eng.Auburn.EDU (dns.eng.auburn.edu [131.204.10.13]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13KiDn2006535 for ; Thu, 3 Feb 2005 12:44:14 -0800 (PST) Received: from goodall.eng.auburn.edu (goodall.eng.auburn.edu [131.204.12.5]) by Eng.Auburn.EDU (8.12.10/8.12.10) with ESMTP id j13KhsAH025105; Thu, 3 Feb 2005 14:43:54 -0600 (CST) Received: from localhost (doug@localhost) by goodall.eng.auburn.edu (8.9.3+Sun/8.6.4) with ESMTP id OAA10379; Thu, 3 Feb 2005 14:43:51 -0600 (CST) X-Authentication-Warning: goodall.eng.auburn.edu: doug owned process doing -bs Date: Thu, 3 Feb 2005 14:43:51 -0600 (CST) From: Doug Hughes To: Andrew Hume cc: sage-members@usenix.org Subject: Re: [SAGE] domain name retailers In-Reply-To: <470178d28bf351ec11c4777da6f5f6d4@research.att.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on dns X-Spam-Level: X-Spam-Status: No, hits=-104.9 required=5.3 tests=BAYES_00, USER_IN_WHITELIST autolearn=no version=2.63 Sender: owner-sage-members@usenix.org Precedence: bulk On Thu, 3 Feb 2005, Andrew Hume wrote: > i'm considering buying a domain name with a modest web site. > any recommendations on who i should, or should not, use? > godaddy.com cheap ($5-$9, lots of frilly options that you don't have to buy), and easy to use. they sell a lot of gimmicks like web accelerator, etc. The only optional thing you might want is the private listing option so that your address/email info isn't in whois. But, like me, you might not care either. Doug From sage-members-owner@usenix.org Thu Feb 3 12:45:15 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13KjFn3006736 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 12:45:15 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13KjFmI006734 for sage-members-outgoing; Thu, 3 Feb 2005 12:45:15 -0800 (PST) Received: from davinci.hmdnsgroup.com (davinci.hmdnsgroup.com [63.247.143.6]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13KjCn3006724 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 12:45:13 -0800 (PST) Received: from adsl-214-22-135.asm.bellsouth.net ([68.214.22.135] helo=[192.168.190.36]) by davinci.hmdnsgroup.com with esmtpsa (TLSv1:RC4-SHA:128) (Exim 4.44) id 1CwnqO-0007EB-Rn; Thu, 03 Feb 2005 15:44:53 -0500 In-Reply-To: <470178d28bf351ec11c4777da6f5f6d4@research.att.com> References: <470178d28bf351ec11c4777da6f5f6d4@research.att.com> Mime-Version: 1.0 (Apple Message framework v619.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <1f6ca3304b8f392f53d87945d5dc9974@treyka.net> Content-Transfer-Encoding: 7bit Cc: sage-members@usenix.org From: Trey Darley Subject: Re: [SAGE] domain name retailers Date: Thu, 3 Feb 2005 15:44:44 -0500 To: Andrew Hume X-Mailer: Apple Mail (2.619.2) X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - davinci.hmdnsgroup.com X-AntiAbuse: Original Domain - usenix.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - treyka.net X-Source: X-Source-Args: X-Source-Dir: Sender: owner-sage-members@usenix.org Precedence: bulk I've been pretty happy with http://www.domain-maniac.com/ although a number of friends swear by http://www.godaddy.com/gdshop/default.asp Go Daddy is a little cheaper, incidentally. --Trey On 03 Feb 2005, at 12.18, Andrew Hume wrote: > i'm considering buying a domain name with a modest web site. > any recommendations on who i should, or should not, use? > > thanks > > ---- > Andrew Hume (best -> Telework) +1 732-886-1886 > andrew@research.att.com (Work) +1 973-360-8651 > AT&T Labs - Research; member of USENIX and SAGE > > ++---------------------------------------------------------------------- ---++ Trey Darley - Atlanta email: trey@treyka.net mobile: +001 / 404.455.1516 aim: bolshoiUzhas web: http://www.treyka.net ++---------------------------------------------------------------------- ---++ "Svensson," I say, "kindly remember this most banal of truisms: the most incredible comedies are written by life." "My life is more like a railway timetable." "Just wait till time intervenes. The alchemy of time transforms everything into comedy. Everything..." [J. Skvorecky, The Engineer of Human Souls] From sage-members-owner@usenix.org Thu Feb 3 12:54:34 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13KsXn3007634 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 12:54:34 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13KsWBW007633 for sage-members-outgoing; Thu, 3 Feb 2005 12:54:32 -0800 (PST) Received: from left.wing.org (left.wing.org [216.103.94.42]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13KsVn2007624 for ; Thu, 3 Feb 2005 12:54:31 -0800 (PST) Received: from left.wing.org (localhost [127.0.0.1]) by left.wing.org (8.11.3nb1/emg20040504) with ESMTP id j13KsCb15930; Thu, 3 Feb 2005 12:54:12 -0800 (PST) Message-Id: <200502032054.j13KsCb15930@left.wing.org> X-Mailer: exmh version 2.6.3 04/04/2003 with nmh-1.0.4 To: Andrew Hume cc: sage-members@usenix.org Subject: Re: [SAGE] domain name retailers In-reply-to: Your message of "Thu, 03 Feb 2005 12:18:36 EST." <470178d28bf351ec11c4777da6f5f6d4@research.att.com> X-Organization: Left Wing Computing X-Face: "LX60V1[A=EN[jjZKY=&,"HB8ahM8?VoL; =Y8oj4%JV\F"4sfgV*; 8GgAk!3]}5OmF$/Njv jvRHqNwtZa7yO^g]9+<)e)'EL0?oPqczWF/"+d:XldxB"aLI.D_\|^e4F Sender: owner-sage-members@usenix.org Precedence: bulk > i'm considering buying a domain name with a modest web site. > any recommendations on who i should, or should not, use? I use joker.com, and have been very happy with them. $12/year for .com and .org, less for some other TLDs. --Ed From sage-members-owner@usenix.org Thu Feb 3 13:18:26 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13LIPn3008444 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 13:18:26 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13LIPOv008443 for sage-members-outgoing; Thu, 3 Feb 2005 13:18:25 -0800 (PST) Received: from mail3.bitpusher.com (support.bitpusher.com [64.127.99.30]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13LINn2008437 for ; Thu, 3 Feb 2005 13:18:24 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail3.bitpusher.com (Postfix) with ESMTP id 7F9803E1B; Thu, 3 Feb 2005 13:17:53 -0800 (PST) Received: from mail3.bitpusher.com ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 13698-05; Thu, 3 Feb 2005 13:17:50 -0800 (PST) Received: from mail3.bitpusher.com (localhost [127.0.0.1]) by mail3.bitpusher.com (Postfix) with ESMTP id D1EC952F; Thu, 3 Feb 2005 13:17:50 -0800 (PST) Received: from 66.150.251.142 (SquirrelMail authenticated user michael@halligan.org); by mail3.bitpusher.com with HTTP; Thu, 3 Feb 2005 13:17:50 -0800 (PST) Message-ID: <56699.66.150.251.142.1107465470.squirrel@mail3.bitpusher.com> In-Reply-To: References: <470178d28bf351ec11c4777da6f5f6d4@research.att.com> Date: Thu, 3 Feb 2005 13:17:50 -0800 (PST) Subject: Re: [SAGE] domain name retailers From: "Michael T. Halligan" To: "Doug Hughes" Cc: "Andrew Hume" , sage-members@usenix.org User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at bitpusher.com Sender: owner-sage-members@usenix.org Precedence: bulk >From a price point of view, yahoo seems to be the best option right now.. $5 per domain. > On Thu, 3 Feb 2005, Andrew Hume wrote: > >> i'm considering buying a domain name with a modest web site. >> any recommendations on who i should, or should not, use? >> > godaddy.com > > cheap ($5-$9, lots of frilly options that you don't have to buy), and > easy to use. they sell a lot of gimmicks like web accelerator, etc. > The only optional thing you might want is the private listing option > so that your address/email info isn't in whois. But, like me, you > might not care either. > Doug > > > ------------------- BitPusher, LLC http://www.bitpusher.com/ 1.888.9PUSHER (415) 724.7998 - Mobile From sage-members-owner@usenix.org Thu Feb 3 13:22:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13LMkn3008851 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 13:22:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13LMksq008850 for sage-members-outgoing; Thu, 3 Feb 2005 13:22:46 -0800 (PST) Received: from f1n1.spenet.wfu.edu (f1n1.sp2net.wfu.edu [152.17.48.111]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13LMhn2008827 for ; Thu, 3 Feb 2005 13:22:44 -0800 (PST) Received: from f1n11.sp2net.wfu.edu (f1n11.sp2net.wfu.edu [10.1.16.121]) by f1n1.spenet.wfu.edu (8.11.6p2/8.11.6) with SMTP id j13LMH749236 for ; Thu, 3 Feb 2005 16:22:17 -0500 X-Authentication-Warning: f1n1.spenet.wfu.edu: f1n11.sp2net.wfu.edu [10.1.16.121] didn't use HELO protocol Message-ID: <42029608.6000202@wfu.edu> Date: Thu, 03 Feb 2005 16:22:16 -0500 From: John Borwick Organization: Wake Forest University User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.3) Gecko/20041110 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Sage Members Subject: [SAGE] Institutional memberships X-Enigmail-Version: 0.89.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey! Can someone let me know if SAGE has institutional memberships, like USENIX does? We have several administrators and it would be nice to get a "blanket membership" for all of us. Thanks! Yours, John - -- ~ John Borwick ~ System Administrator ~ Wake Forest University | web http://www.wfu.edu/~borwicjh ~ Winston-Salem, NC, USA | GPG key ID 0x797326D5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFCApYI/81sF3lzJtURArSqAJ0XDthrrAhODg4MTnMzKNUM2f0m5ACeOgpe xUqaXyMzFN/NI34MT60REBM= =RQ7I -----END PGP SIGNATURE----- From sage-members-owner@usenix.org Thu Feb 3 13:34:07 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13LY6n3009596 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 13:34:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13LY6vr009595 for sage-members-outgoing; Thu, 3 Feb 2005 13:34:06 -0800 (PST) Received: from tigris.renesys.com (tigris.renesys.com [69.84.130.136]) by usenix.org (8.12.10/8.12.10) with SMTP id j13LY4n2009589 for ; Thu, 3 Feb 2005 13:34:04 -0800 (PST) Received: (qmail 7215 invoked from network); 3 Feb 2005 21:33:42 -0000 Received: from localhost (HELO ?10.128.0.100?) (127.0.0.1) by tigris.renesys.com with SMTP; 3 Feb 2005 21:33:42 -0000 Message-ID: <420298B2.9080709@cnetwork.com> Date: Thu, 03 Feb 2005 16:33:38 -0500 From: Robert Haskins User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: sage-members@usenix.org Subject: Re: [SAGE] domain name retailers References: <470178d28bf351ec11c4777da6f5f6d4@research.att.com> <56699.66.150.251.142.1107465470.squirrel@mail3.bitpusher.com> In-Reply-To: <56699.66.150.251.142.1107465470.squirrel@mail3.bitpusher.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk The problem I have seen from *some* (and I emphasize some) low cost domain retailers is that you have to accept advertising on your site (or host your site using their exorbitantly priced hosting package, etc.) in exchange for the low cost domain registration fee. And/Or, the cost goes up significantly in subsequent years. And they might or might not tell you about these requirements up front. Not sure if Yahoo falls into this category, though. Personally, when I was looking for a replacement for DomainDirect I chose godaddy.com. godaddy.com is by far the easiest registrar I have dealt with. (DomainDirect is/was fine except that they are high priced and their user interface is a little clunky.) Michael T. Halligan wrote: >From a price point of view, yahoo seems to be the best option right now.. > $5 per domain. From sage-members-owner@usenix.org Thu Feb 3 13:41:56 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13Lfun3010161 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 13:41:56 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13LftRc010160 for sage-members-outgoing; Thu, 3 Feb 2005 13:41:55 -0800 (PST) Received: from pine.he.net (pine.he.net [216.218.254.226]) by usenix.org (8.12.10/8.12.10) with SMTP id j13Lfsn2010155 for ; Thu, 3 Feb 2005 13:41:54 -0800 (PST) Received: from IPv6:::1 ([66.148.172.114]) by pine.he.net for ; Thu, 3 Feb 2005 13:48:43 -0800 Mime-Version: 1.0 (Apple Message framework v619.2) In-Reply-To: <420127DB.9060206@wa-geek.net> References: <420127DB.9060206@wa-geek.net> Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <09cf329f6b8609787242c4c00ed64f23@gregor.com> Content-Transfer-Encoding: 7bit From: DJ Gregor Subject: Re: [SAGE] Looking for network management/status software Date: Thu, 3 Feb 2005 16:41:31 -0500 To: SAGE mailing list X-Mailer: Apple Mail (2.619.2) Sender: owner-sage-members@usenix.org Precedence: bulk There's OpenNMS (which is a project I work on). If you are looking to do basic service monitoring for a few hosts, I probably wouldn't suggest it, but if you need to monitor a larger network, I would suggest looking into it. http://www.opennms.org/ - djg On Feb 2, 2005, at 2:19 PM, Amanda Emily wrote: > One of the school districts in my region has asked for suggestions for > network managment software that is free or reasonably priced from the > stand point of a small rural school district. > > Basically right now, all their sysadmin wants to do is to be notifed > if a service goes down, but he doesn't need something that is overkill > or hard to use (i.e. OpenView and friends). > > I've done some research on Google for apps, but I would like to hear > any suggestions as to what to try, run away from, etc? > > Thanks, > Amanda > > -- > Amanda L. Emily | Educational Service District 101 > Information Technology Analyst | 4202 South Regal, Spokane, WA 99223 > aemily@esd101.net | http://www.esd101.net > > From sage-members-owner@usenix.org Thu Feb 3 13:55:46 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13Ltkn3010866 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 13:55:46 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13Ltksn010865 for sage-members-outgoing; Thu, 3 Feb 2005 13:55:46 -0800 (PST) Received: from coat.coat.com (coat.coat.com [164.153.10.15]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13Ltin2010858 for ; Thu, 3 Feb 2005 13:55:44 -0800 (PST) Received: from pasteur.coat.com (pasteur.coat.com [172.16.141.105]) by coat.coat.com (8.12.9+Sun/8.12.10/bcf03) with SMTP id j13LtKRT003712 for ; Thu, 3 Feb 2005 16:55:20 -0500 (EST) Received: from dhcp32-wrls1.coat.com(172.16.150.83) by pasteur.coat.com via csmap id 3be3e492_7631_11d9_948e_00304829719d_32127; Thu, 03 Feb 2005 17:16:21 -0500 (EST) Subject: Re: [SAGE] domain name retailers From: Mike Hoskins Reply-To: mike.hoskins@coat.com To: Sage List In-Reply-To: <470178d28bf351ec11c4777da6f5f6d4@research.att.com> References: <470178d28bf351ec11c4777da6f5f6d4@research.att.com> Content-Type: text/plain Organization: Burlington Coat Factory Message-Id: <1107467719.2371.14.camel@dhcp32-wrls1.coat.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Thu, 03 Feb 2005 16:55:20 -0500 Content-Transfer-Encoding: 7bit Sender: owner-sage-members@usenix.org Precedence: bulk Jamida.com - most TLDs under $9. On Thu, 2005-02-03 at 12:18, Andrew Hume wrote: > i'm considering buying a domain name with a modest web site. > any recommendations on who i should, or should not, use? > > thanks > > ---- > Andrew Hume (best -> Telework) +1 732-886-1886 > andrew@research.att.com (Work) +1 973-360-8651 > AT&T Labs - Research; member of USENIX and SAGE -- Mike Hoskins/Sys Mgmt Supv < Burlington Coat Factory voice 609/387-7800 x2554 Systems Management fax 609/387-2764 1830 North Rt #130 mike.hoskins@coat.com Burlington, NJ 08016 From sage-members-owner@usenix.org Thu Feb 3 14:16:07 2005 Received: from voyager.usenix.org (localhost [127.0.0.1]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13MG6n3011655 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 Feb 2005 14:16:07 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13MG6Nw011654 for sage-members-outgoing; Thu, 3 Feb 2005 14:16:06 -0800 (PST) Received: from peter.smxy.org (smxy.org [64.32.179.41]) by usenix.org (8.12.10/8.12.10) with ESMTP id j13MG3n3011649 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Thu, 3 Feb 2005 14:16:05 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by peter.smxy.org (Postfix) with ESMTP id E691B213D for ; Thu, 3 Feb 2005 17:15:46 -0500 (EST) Received: from smxy.org ([127.0.0.1]) by localhost (peter.smxy.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id 69975-07 for ; Thu, 3 Feb 2005 17:15:46 -0500 (EST) Received: from [192.168.32.111] (watchdog.blackdogsoft.net [65.206.7.158]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by peter.smxy.org (Postfix) with ESMTP for ; Thu, 3 Feb 2005 17:15:46 -0500 (EST) Message-ID: <4202A28B.3020206@smxy.org> Date: Thu, 03 Feb 2005 17:15:39 -0500 From: "Shaun T. Erickson" Reply-To: ste@smxy.org User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: SAGE mailing list Subject: Re: [SAGE] Looking for network management/status software References: <420127DB.9060206@wa-geek.net> <09cf329f6b8609787242c4c00ed64f23@gregor.com> In-Reply-To: <09cf329f6b8609787242c4c00ed64f23@gregor.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new-20030616-p9 at smxy.org Sender: owner-sage-members@usenix.org Precedence: bulk I've seen a lot of products mentioned in the course of this discussion, but not ipmonitor (http://www.ipmonitor.com). It's a commercial Windows based product, and I'm told "it does everything Nagios can do". I'm also being pressured into using it, because we will shortly (; Thu, 3 Feb 2005 14:35:27 -0800 (PST) Received: (from majordomo@localhost) by voyager.usenix.org (8.12.10/8.12.10/Submit) id j13MZRMR012378 for sage-members-outgoing; Thu, 3 Feb 2005 14:35:27 -0800 (PST) Received: from web13821.mail.yahoo.com (web13821.mail.yahoo.com [66.163.176.53]) by usenix.org (8.12.10/8.12.10) with SMTP id j13MZPn2012373 for ; Thu, 3 Feb 2005 14:35:25 -0800 (PST) Received: (qmail 59970 invoked by uid 60001); 3 Feb 2005 22:35:09 -0000 Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; b=KPdtPE/JOo7/4j5xqARnDeHAZZIsiEOxowQQ2HeJ1Nd+U3kB2ywXOp1/FT0bziT5Hj1AvEb9WnBSbsUIUWqmdqj2c/vumaWxsyWW0qqvC1+xKJraWhYH4jCt8iyERrhm0A8fIuM5Dz2TDjID7w86D1/dMWb3gHx7QWSBf98/660= ; Message-ID: <20050203223509.59968.qmail@web13821.mail.yahoo.com> Received: from [192.88.165.35] by web13821.mail.yahoo.com via HTTP; Thu, 03 Feb 2005 14:35:08 PST Date: Thu, 3 Feb 2005 14:35:08 -0800 (PST) From: Matthias Birkner Subject: Re: [SAGE] domain name retailers To: Andrew Hume , sage-members@usenix.org In-Reply-To: <470178d28bf351ec11c4777da6f5f6d4@research.att.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-sage-members@usenix.org Precedence: bulk I am currently using gandi.net (www.gandi.net) and have been happy with them so far. Not that I've done much more with them than transfer away from $BIGNAMEREGISTRAR :) Matt --- Andrew Hume wrote: > i'm considering buying a domain name with a modest web site. > any recommendations on who i should, or should not, use? > >