* Posts by Nate Amsden

1768 posts • joined 19 Jun 2007

Equifax backtracks arbitrate-don't-litigate plan for punters

Nate Amsden
Silver badge

let users choose own pin?

How hard can that be? I froze my credit for the first time the day after the announcement. At least one of them let me use my own pin. Though I think it was limited to 4 digits.

This is the only data compromise that I'm aware of that impacts me that I am concerned about. Compromising credit cards etc doesn't matter to me. I reported a credit card breach to a hotel chain earlier in the year. A virtual credit card I gave to them and only them was compromised (in part because they never charged it so it remained open). They never replied. About a month ago got notifications from the propery management service that hotel uses(among hundreds of other properties) to a mass compromise.

One of them transunion I think I had to call them the website was giving server errors.

Wonder if credit card companies will start including credit monitoring as a more common feature. Certainly seems more beneficial than a lot of the other things offered.

2
0

Container adoption still low, barks Cloud Foundation

Nate Amsden
Silver badge

Difficulty is relative of course. One issue that blocks further adoption of some docker containers stuff apparently nfs doesn't work well (or at all?).

I deployed LXC containers 2 and a half years ago in production and they work great. The deployment model isn't remotely what these folks would consider containers though.

0
0

Confirmed: Oracle laid off 964 people from former Sun building

Nate Amsden
Silver badge

Re: I need new glasses..

Solaris and other unix have been niche for a long time maybe a decade or more? A high value niche. Doesn't mean there is no money to be made still though. I'd say the same applies/applied for very high end storage arrays as well.

Last place I was at that ran unix was 2006(HPUX on itanium and PA RISC before that). Though I work for smaller companies generally.

In the linux space there are quite a lot of options depending on your business model. Ubuntu and CentOS remain very popular, and obviously lots of folks out there running other things that may have less formal support available. I haven't worked for a company that has been willing to pay for Linux support since that company in 2006 either.

1
1

Everybody without Android Oreo vulnerable to overlay attack

Nate Amsden
Silver badge

couldn't google block it

If it comes from the store I'd expect them to be able to have a check for malicious things like this. Won't be fool proof but it should catch a bunch of things.

Funny the researchers say most users will want to update. Obviously it will be years before most have the update.

ATT has stepped up their badgering of my note3 on 4.4.x to upgrade to 5.0 but i won't have it. Must've gone 3 or 4 months without a single notification to upgrade now maybe once every 2 or 3 days. Removing the mute menu option after pressing power button is a deal breaker when my phone is also a pager. I read this was fixed in a newer 5.x build but it is not available to att note 3 (have another note 3 with 5.0 and a note 4 with 5.1 i think it is). The 5.1 solution sounds worse (volume button mute thing ) than 4.x. haven't put a sim card in note 4 yet. Even with a new battery the battery life seems significantly worse than note 3 for some strange reason.

I really miss the mute switch on my webos devices as well as the ability to immediately silence the phone just by pressing the power button (no need to look at the screen).

0
0

Networking vendors are good for free lunches, hopeless for networks

Nate Amsden
Silver badge

if it works, use it

for me anyway, I have been building networks the same way for 13 years now(I'm not a dedicated networking person just a generalist(?) that does networking among other things), works great, so I use it. (and no I have never used STP, and no I don't use Cisco either). The vendor I do use doesn't even actively promote the method I use to build networks(even though it is technically proprietary to their equipment at least at the core switch level), though I find this approach to be great.

Though I'm sure the likes of EA has far more fancy requirements for their networks than I ever have had or will ever have.

I've seen what developers do with shiny things(having worked with developers for the past 17 years), often times end result is not stable. Most developers don't even understand basic networking concepts, so wouldn't let them near networking equipment.

18
2

Google Cloud rolls back changes after 18-hour load balancer brownout

Nate Amsden
Silver badge

Re: But, but... it's the cloud

One of my biggest issues was/is cloud players are always screwing with their stuff. Very little means for customers to opt out or postpone changes, probably 95%+ of the changes are not even communicated in the IaaS space(except when there are brownouts etc after the fact). More often they are communicated in the SaaS space at least for the application side of things, though even then it seems to be really rare in SaaS for a customer to have any feedback into accepting such changes.

vs more traditional data center stuff where you basically have power+network links, both of which often times have fantastic reliability proven over a decade or more(anything higher up in the stack is managed by the organization). Add to that the complexity of network routing and providing redundant power is far less complex(and is a very mature technology vs cloud technologies) than an entire cloud application stack(on top of networking and power as well).

Data centers and network carriers (the good ones anyway) are usually very verbose about communications with any maintenance or changes on their systems. The carrier that the organization I work for even communicates things such as events that would trigger BGP route recovergence. Not that we really care about short periods of times when routing may not be optimal, it's not that critical. But the attention to detail is good.

7
0

China to get its very own cut-price cut-down cut of vSphere

Nate Amsden
Silver badge

vmotion between versions

When I upgraded 4.1 to 5.5 3 or 4 years ago I vmotioned VMs from hosts on 4.1 to hosts on 5.5. Sounds like what vmware is working on now?

Maybe it doesn't work on newer versions of vsphere, wouldn't know since I have not had a need to upgrade from 5.5 yet.

0
0

Whatchu doin' Upthere? Western Digital moves on cloud storage space

Nate Amsden
Silver badge

seems WD is going crazy with diversifying

Though I'd wager that this cloud service will be gone within 2 years?

Getting into a business that is a race to the bottom(this particular player seems to be pricing already at the bottom) isn't fun.. So many such(cloud storage) companies have already gone bust or widdled back their offerings trying to pin their hopes on business class service.

0
0

Sysadmins told to update their software or risk killing the internet

Nate Amsden
Silver badge

Re: BIND >9.7

The article isn't quite clear to me - seems as if this is specific to DNSSEC ? if I just grep for the word key in my bind 9.8 config there are 0 matches(and I have never ever worked with DNSSEC - yes have run authoritative DNS since 1996(for personal stuff, company I work for uses dynect for external DNS hosting) as well as caching DNS for internal stuff)

I read an interesting(perhaps amusing?) post by someone earlier this year that talked about how bad DNSSEC(it went into quite a bit of technical detail why DNSSEC was basically worthless) was and to just not bother with it. Can't find the link at the moment, it was good. Not that I needed convincing to (not) use DNSSEC.

edit: I think this is the link:

https://sockpuppet.org/blog/2015/01/15/against-dnssec/

1
0

Verizon kicks out hot new Unlimited* plans

Nate Amsden
Silver badge

need a new word

Unlimited just seems to get people upset. I remember back in the 90s how upset I was when I was on dialup on "unlimited" plans and ISPs would cut me off(because I was on 24/7 basically). All I was asking for is some clarification what the allowed usage was. At the time, the ISPs that I was using(all local ISPs) had no policies they were just arbitrary decisions "oops this person using too much kill that account". I was happy to pay more or get multiple ISPs if needed. Finally found an ISP at the time that actually told me what they allowed and I stuck with them until I moved out of the state.

So for me anyway I don't get upset with unlimited, as long as those terms are clearly spelled out, and Verizon seems to be doing so. I use AT&T and switched to their unlimited plan a few months ago (was on a 5GB plan before that). AT&T will throttle video as well but you can opt out (I did). I checked my mobile usage for the past 2 months under 2GB each month (I haven't turned wifi on since I got unlimited since it prevents AT&T from upgrading my Note 3 to Android 5 - last time I said that someone didn't believe me but the update screen specifically says wifi is required, and I have intercepted the update in the past by killing wifi and it stopped).

AT&T will throttle as well(like T-mo and Verizon) after some number, maybe 15GB or 20GB or something I forget.

Anyway I got unlimited mainly because I didn't want to worry about overage charges. Which as long as I stay in the U.S. (and maybe Canada but haven't been there in a long time) I'm good. Last year I went to Asia and even though I did my best to constrain usage (turned off data on my phone entirely most of the time) and had an international plan (800MB/month of data allowed phone calls were still $$), still managed to get bills in the $250-500 range for the 3 months I was away. (normal was $150/mo at the time, now is $99 with unlimited).

Seems some folks just want to have unlimited LTE speed, be able to download 10GB/day if their speeds permit it, and only pay $50/mo or something. While that would be nice, I just don't believe it's really scalable at that level of cost.

Shit 99% of the time I'd love to have a steady 5Mbps, carriers and stuff are talking about 5G and new CPUs fancy screens etc, and folks still haven't got good coverage on 4G yet, several busy places I go in a city of 200k and my data reception is basically 0(as in even DNS times out).

2
1

Official: Windows for Workstations returns in Fall Creators Update

Nate Amsden
Silver badge

Re: 4 CPU's - That's a lot!

Windows kernel can handle a lot more too. And I'm sure you realize it is 4 socket not 4 cpu.

Though hard for me to imagine if you needed ao many sockets and TBs of memory just get the server version of the OS. The cost of the software will be a rounding error on such a system anyway.

Just checked redhat workstation and it seems to top out at 2 sockets. That would be perhaps the closest comparable product in the linux world.

(Linux user on server+desktop+laptop mostly debian since 1996)

24
3

IBM Cloud turns TLS 1.0 off and then turns it on again

Nate Amsden
Silver badge

Re: TLS 1.0

Lotsa folks. Even cybersource who is a credit card processor isn't turning tls 1.0 off in production until feb 2018.(which is pretty close to the limit for pci I believe )

I just went through disabling tls 1.0 on a few production services for pci not long ago. Ran into issues immediately and had to turn it back on in a few cases, fortunately none of those cases impact pci for us.

Though i have yet to see a serious threat against 1.0. Sure it is not as strong as 1.1 and 1.2 but the press make it out to being completely cracked which last I heard was far from the case.

I really dislike how this works though. Services should be able to accept tls 1.0 in order to give a human readable error. Getting a low level ssl error is almost always a pain to diagnose(even for technical users like myself). The ciphers are even more confusing. Seems everyone has different varitions on names for the same ciphers. Had to spend a bunch of time experimenting with ssllabs testing and retesting until I found a cipher setup that was rated right.

A big chunk of the issue is it's very difficult to determine what clients are actually connecting with. For me most of my SSL is terminated on Netscalers and there is no logging of that stuff. Even with apache last I recall you had to enable debug mode to get that info. It wasn't available as a logging option for access log. And a webserver is pretty basic imagine all of the more complex apps and clients that speak different protocols.

1
0

It's official: Outages are only the second-worst thing about Comcast

Nate Amsden
Silver badge

No complaints

Back in the '00s I was in the Seattle area with AT&T Broadband, then Comcast bought that(?) and I became a Comcast customer at that point. I used 1Mbps DSL for many years(with 8 static IPs), but the ISPs kept getting bought and sold, at one point my DSL ISP said they were changing my IPs so I said screw it, I cancelled DSL and put in Comcast. I put my servers(email+web+DNS+etc) in a local colo.

Was a Comcast customer for 2-3-4 years, really had no issues. Small outage here and there, my bill was not cheap being that I had a ton of premium channels.

Anyway, in 2011 I moved to the bay area, and got a local cable company(served the city I was in only). Cost and service was comparable (for all of those folks saying cities should invest in municipal services for TV/internet) to Comcast. My only real complaint was I wanted faster upload speed(fastest was about 3Mbps, my download speeds were ~20-30Mbps though they had faster download plans).

Moved to the central valley in California a year ago, back to Comcast territory. Again costs were about the same but internet speed up by 10X (download now ~200Mbps and upload now ~20Mbps). I have had more outages out here, maybe I have noticed 3 or 4 brief outages in the past year (nothing more than a few hours tops??). Since my job is managing remote servers I need internet access, so in the event comcast goes down I use the hotspot on my phone.

Comcast really did screw up the installation of services at my current home. Took their contractors at least 3 or 4 trips. Apparently nobody in this city of 200k people uses Tivo and they lacked the hardware and kept sending people on site without cable cards. They also sold me on a triple play package(only for cost, didn't need the phone) and I told them I wanted to buy my own modem, they told me the website to find compatible modems and turns out the modem I bought wasn't compatible with any voice service. So they ended up having to re-do my order on the fly to a double play (for the same price, originally double play costed more for some reason).

Took more troubleshooting on my old Tivo Series 3 it didn't get several hundred channels, they came on site(and charged me that fee), no resolution. Eventually I learned that those channels were encoded with MPEG4 and Tivo series 3 doesn't support that so the channel remains black (even though the signal strength is very strong, and shows no errors). Annoyed that the series 3 is not as useful as it once was, but it still gets some channels. Series 4 works fine with MPEG4.

I think costs wise people blame comcast because that's who they pay. They don't see the costs of the content(Disney, and other content providers always pushing for more $$) driving the costs up. Other than the occasional big dispute between a cable/satellite and a content provider where they put banners on the channels saying the content may get cut off if they don't come to agreement by some date. I know that's not the whole picture but I bet it's a decent chunk of it. People argue for being able to subscribe to individual channels(no bundling) but many don't realize that will drive the cost even higher in many cases.

I caved in a few months ago and decided to cancel most of my premium channels, I hadn't watched much premium tv in more than a decade. Still have showtime as that is part of my "package". (and no I don't stream media either).

I have no doubt broadband etc costs are more expensive in the U.S. than in many other places (as is several other aspects of life here). And have no doubt that comcast probably does screw up regularly given the size of their customer base.

1
4

Excelero hooks up with Broadcom to tag team NVMe over fabrics

Nate Amsden
Silver badge

exceptionally low latency

Trying hard to think of what wouldn't benefit from low latency.. is there any such application that would benefit from high latency?

(leaving out any compromises that may be required to achieve such low latency that is)

Hey Lior!

0
0

It's a small VMworld after all – life in the shadow of re:Invent

Nate Amsden
Silver badge

not me

I'm not a conference person myself(or any event with lots of people). Went to a couple HP discovers a while back they were ok(went for storage/3par, those aspects were fun but the rest wasn't interesting).

Loyal vmware customer for 18 years(no signs of that ending) but never felt interest to attend vmworld.(even when it was in the bay area and I was a 30min drive away.)

0
0

Microsoft won't patch SMB flaw that only an idiot would expose

Nate Amsden
Silver badge

Re: But...

Till windows 10 ?

If you can't find it..grind it.

9
0

vSphere scales up, if you're willing to ditch a switch or server

Nate Amsden
Silver badge

Just curious where are these 'loads of security holes' ? Are you referring to undocumented security issues that any product has? Or are you referring to actual security advisories.

I have noticed I think exactly one guest escape security issue on vsphere hypervisor in as long as I can remember(going back to at least 3.5?), and that seemed to affect 6.something (i.e. no impact on my 5.5 stuff).

I have seen some other minor security things here and there, but overall it seems the security of ESXi hypervisor (and vCenter) is significantly better than the competition (that primarily being things like KVM, Xen, Hyper-V), though that is just based purely on casual observation over the years.

Can't speak to the other management stuff that vmware pitches(VSAN, NSX, and management tools), as all I need and use is Enterprise+ and Vcenter (on windows, with Oracle DB back end on Linux).

I suppose I am both the best and worst kind of vmware customer, best in that I have been a customer since 1999 running vmware on linux 0.x, later Vmware GSX, then ESX starting with 3.x. At the same time the last major release of vsphere that got me really excited was 4.0(feature wise). Moved from 4.1->5.5 after 4.1 was EOL, and likely will move to 6.x after 5.5 is EOL next year. Their products have literally been easily top 5 of the most reliable big software packages I have ever used, which is the biggest reason I have kept using them, even though I really was expecting(back in about 2009) I would want to migrate to KVM by around 2013. Obviously never happened.

Cost wise it is not cheap, but it is not expensive either, the enterprise + hypervisor is far cheaper today than it was when I started using it in about 2006(and that was standard edition back then, no vmotion etc). The way I calculate that is basically cost per core. With ever increasing core counts and CPU performance the cost per unit resource continues to decline. When I started with ESX I remember our fastest system was I believe a DL380G5 with dual proc quad core, the hypervisor license for standard edition was I believe $3500 for two sockets at the time (Vmware didn't "support" single socket configurations back then). So roughly $450/core. I don't think we even bought support back then, so that is hypervisor cost only.

Very recently I paid about $7800 for a 2 proc license for enterprise + with 3 years production support (through HP- we don't buy a lot so no fancy discounts). Our new systems(DL380Gen9) are 44 cores, so that $7800 cost comes to about $178/core, less than half of what it cost a decade ago.

That's being generous too because the cost a decade ago was very basic ESX, no vmotion, no HA. And no support if I remember right.

3
0
Nate Amsden
Silver badge

Re: tumbleweed it is, but the direction might be wrong

Linux admin since 1996(yes linux is primary OS on my laptop too). Still love my vsphere 5.5(about 1200 VMs 99% linux). No reason to upgrade yet. I run a win7 VM for vpn and xenapp to run the good ol .net vsphere client on my laptop(linux xenapp client doesn't play well with vsphere console last I tried ). I remember i hated the .net client originally but learned be careful what you wish for as the web client was obviously worse.

Tried the cloud thing twice at different companies(they had it before I got there), didn't work out. Kept people up at night wondering what the next random failure would take down.

Vsphere and vcenter are so solid that i worry about the day I upgrade. Generally 1 or 2 support requests per year on it for me going back the past 7 years or so.

It just runs and runs.

2
0

systemd'oh! DNS lib underscore bug bites everyone's favorite init tool, blanks Netflix

Nate Amsden
Silver badge

Re: underscore illegal dns character

They are not legal i checked abou6 a month ago(powerdns rejected a change I tried to put in with underscore). Many systems will allow them, but strictly speaking they are illegal. I read even in BIND there was a config option to allow underscore but I think it is not default.

But that being said I think that underscore being illegal is dumb and the systems should take it (anyone know the original reason behind that decision? Seems pretty arbitrary, maybe someone thought it would be harder to read or something )

1
0
Nate Amsden
Silver badge

Re: underscore illegal dns character

Don't want to start a flame war on top of systemd already. But I do prefer the gnu tools and apt over the bsd way of doing things. I was looking forward to debian freebsd but last i looked that project has been stalled foe years (I installed it once on a soekris box a few years ago).

Also at least with ports and stuff speaking of init, I found myself having to write custom basic init(or rc) scripts for services since so often they did not install any.

Most or all of the BSD folks i know hate linux userland but are ok towards the kernel. Find it kind of ironic i am the opposite. I shouldn't say I hate bsd userland but I prefer linux.

I haven't tried freebsd on a desktop with X11 probably in 18 years. I used to run freebsd on bridging firewalls and IDS, back in 2005 I moved to openbsd (for pf), have thought about going back since freebsd has had pf for a long time now just haven't had a real need.

Quite possible my info on init scripts and stuff is outdated for freebsd these days but as of openbsd 6 (? Last installed maybe 6 months ago), seemed to apply.

As per systemd yes I only interacted with it for a few mins so far (system is still running with systemd haven't rebooted it or anything in a few months). I think the issue was couldn't easily figure out how to get a service to start that wasn't built in. I gave up for the time being and started it manually. Not a huge deal but I can feel a sign of things to come.

And yes if debian 7 had update support for the next 5 years I would not update. I can't think of anything in debian 7 or 6 or even 5 that I felt was important to upgrade for. (Memory is hazy even going back to v5). Drivers for newer hardware is the exception. Though all of my serious systems run in vmware, where the virtual hardware has been stable for a decade

1
0
Nate Amsden
Silver badge

Re: underscore illegal dns character

Can't edit on mobile. But wanted to add a perhaps obvious tidbit. With exception of a brief time with debian 3.0 back in 2001 or 2002, where i ran "testing", every other system before and since has been "stable"

10
0
Nate Amsden
Silver badge

underscore illegal dns character

I believe anyway. I have been a debian user since 2.0 hamm back in 98 and am strongly considering moving to the deuvian. I have had about 10 minutes exposure to systemd on a recent debian release (installed maybe 4 months ago whatever the version was at the time I am not at the system ), and wasn't impressed (at the end of the day it comes down for me it wasn't broken so don't fix it).

My main "home" servers(hosted at a colo) are debian 7 still, so no systemd, my laptops are linux mint 17(MATE) which has no systemd. My work linux boxes all 1000 of em also lack systemd for the moment anyway.

I can certainly see some use cases for a systemd approach on desktops and laptops hot plugging and shit. But the negatives outweigh the positives as someone who has run linux on my desktops and laptops since 1997.

I don't mind giving people choice but it seems the choices are rapidly dwindling, which is quite sad.

some folks have fled to BSD. I like the BSD kernels but have never liked the userland stuff(openbsd is still my home firewall of choice).

I have been able to just ignore systemd for a long time but that time is running out.

Same goes for some shit about replacing ifconfig?? Been reading about that recently, again have yet to run into it, another case of it was working fine for me for the past 21 years don't see a need to change it.

Other than driver updates with newer hardware linux on my systems has been "good enough" for a decade already.

Maybe I am too old. Or perhaps a case of the hipster agile devops shit going too far.

Or maybe a bit of both.

80
2

Pathetic patching leaves over 70,000 Memcached servers still up for grabs

Nate Amsden
Silver badge

I'd wager most are on public clouds run by people who don't know what they are doing. Which i suspect makes up at least 70% of the public cloud customers out there.

At least with your own facilities even if you don't patch it's highly likely the systems are behind a firewall or at least a NAT device not being directly exposed to the interwebs.

Didn't even know memcache had authentication myself until this article. All the apps i have seen built with it over the past 10 years have not used that ability.

6
0

Gone daddy gone: GoDaddy offloads its cloud businesses

Nate Amsden
Silver badge

Yes i believe so. But that is different from the public cloud service they offered for a year or two or three.

Bring back go daddy girls

0
0

1Password won't axe private vaults. It'll choke 'em to death instead

Nate Amsden
Silver badge

Re: So, how many credit cards do I need now?

suggest having at least one credit card account where you can generate virtual credit cards. For me that is Bank of America (Shop safe is the product, I use it all the time, though it does require flash to interact with). I also have other credit cards but it seems that particular capability is far from universal.

I think my (real) credit cards have been compromised 1 time(MAYBE 2) in the past 3 years at this point. I did have one ShopSafe card compromised, which is odd because only 1 vendor ever got the number(hotel reservation system). Because the original vendor did not charge the number, it was still "open" to be used(the moment it is charged it is locked to that vendor). About 2-3 months later a strange charge showed up from another website that I had never used, it was especially weird because there was only that one charge - normally I would see multiple fraud charges in a short time period. After some investigation I tracked it to the specific virtual credit card I used to reserve the hotel room. The vendor that had charged my card with the fraudulent transaction refunded the money. I sent a message to the hotel chain with the details but never heard back. Bank of America saw no need to cancel my main card since it was only shop safe that was compromised (maybe 7-8 years ago their reps/fraud system wasn't sophisticated enough and they would insist canceling my main card when shop safe was compromised even though there was no need, now they know better).

Few years ago I had another shop safe card fraud attempt (that was blocked). I used that card to pay my cable tv subscription, I forgot how I got notified of the charge, but once again the only company in the world that number was given to was the cable company, so the breach happened with them or with their processor. They were very apologetic and offered to pay for credit protection(local cable company not a big brand name). I told them don't worry about it there is no harm done.

so in general for me at least credit card security(whether it is chip and sign or swipe) really hasn't been much of a bother for me in many many years. I would say before 2010 my card(s) would get compromised on at least an annual basis, and it was more of a bother.

1
0

Brickbat unwraps in lap of crap Snapchat yap app technocrat brats after stock splat mishap

Nate Amsden
Silver badge

I thought snapchat said

That they may not ever make money

https://www.theregister.co.uk/2017/02/03/snap_files_for_ipo/

That along with committing to spend $400M a year on google cloud (or any service for that matter) should of driven everyone scrambling to the exits.

3
0

Server vendors board the Xeon SP party bus

Nate Amsden
Silver badge

Re: Forgot a couple

Cisco and Dell are special, el reg gave them dedicated articles

http://www.theregister.co.uk/2017/07/11/ciscos_fifth_ucs_server_generation_surfaces/

http://www.theregister.co.uk/2017/07/11/dell_14g_servers/

possibly those vendors announced their gear (again) ahead(few hours early?) of the CPU announcement, not sure

1
0

Seagate SNAFU sees Cisco servers primed for data loss

Nate Amsden
Silver badge

bad controller

Seems like this is the fault of whatever disk controller cisco is using. I don't recall any real storage controller whether it is HP or Dell or even my old 3ware controllers that didn't have controller enforced drive write cache settings.

Maybe cisco ships with nothing more than bare bones controllers but that would be even more surprising to me.

10
0

Dell goes swimming in Skylake to source 14G server line

Nate Amsden
Silver badge

Re: just be prepared to wait if you want SSDs

yeah I suppose I could try to get some vendor to make me a custom build with the CPU, was quite surprised that the online store HPE(sorry) has did not have that as an option for the DL20.

0
0
Nate Amsden
Silver badge

just be prepared to wait if you want SSDs

Was going to order a single socket dell server for myself (to replace an older system I have at a colo). Tried to put a pair of 400GB SSDs in the system, and the website gave me a roughly 60 business day lead time. Without the SSDs the system could of shipped pretty quick, though I couldn't get a valid configuration the website kept complaining about the operating system, and the things it told me to do I either already did, or what it told me to do was impossible (one suggestion it had was to choose "no OS" option, and there was no such option). So I guess when I actually order it I will have to call them.

I know there is a broader SSD shortage and this problem is not specific to Dell, but was still surprised for just a pair of small SSDs the delay was so long. I had read before that it seemed like the most popular SSDs were in the 2-4TB range and I expected shortages on those, not so much 400GB.

I would of bought HP but they do not offer the CPU I need(none of their systems in their online store have it anyway), which is an Xeon E3-1240L V5 (2.1Ghz quad core 25W - I could go with the 1235L V5 as well but not even Dell has that chip).

Not sure why that CPU is so rare, seems nobody other than Dell has it (several online retailers claim to stock it but they do not actually have them in stock, I waited 6 weeks for one such retailer to ship before cancelling an order earlier in the year). Note this CPU is "L", lots of websites have the E3-1240 V5(80 watts!), but not the "L" edition(25 watts). I built another server with this CPU earlier in the year (CPU came from Dell as well). Really like the low power profile, yet still a very functional and quick processor.

I was interested in what AMD had to offer but their latest chips obviously don't come close to this power envelope. Maybe when they come out with their laptop chips next year they will release updated server chip offerings with lower wattage.

3
0

Two-factor FAIL: Chap gets pwned after 'AT&T falls for hacker tricks'

Nate Amsden
Silver badge

why would anyone link their bank accnt to paypal

Unless it is a throw away account that only has funds for a limited time.

I don't use paypal often but when I do i only use protected credit cards issued by in my case bank of america shop safe. Credit line is set for the purchase price in paypal. I make the purchase and the virtual card is useless after that.

As for sms and 2 factor. It's still better than single factor. None of my bank accounts with major banks have 2 factor as far as I know. Though each account has a unique username a unique password, and a unique email address hosted on my personal server(which does NOT correspond to any user accounts on my server, i have a general login account with access to my dozens of email inboxes and 150 or so email addresses spread over multiple domains).

4
14

'My dream job at Oracle left me homeless!' – A techie's relocation horror tale

Nate Amsden
Silver badge

my relocation bundle

When I joined the current company I was at, I guess my boss was pretty smart - instead of making it an official "relocation" thing with processes around it, he just made it a signing bonus to use however I wanted. It was $10k to move from Seattle area to the Bay area, probably used about $5-7k for the actual move (was 6 years ago don't remember exactly).

Though the company I am at is really small compared to Oracle of course.

This is the only job I have relocated for. Strangely enough recruiters in Seattle still contact me too lazy to check my linkedin profile I guess.

15
0

Multi-tier Tegile array mixes NVMe and SAS flash like a big ol' storage wedding cake

Nate Amsden
Silver badge

didn't dell have this 6 years ago?

Compellent was doing sub lun auto tiering between SLC and MLC. I have never used compellent but remember talking about it at the time.

All nvme is is just another tier of flash. (When it comes to data placement anyway)

1
0

Windows Insiders with SD cards turn into OneDrive outsiders

Nate Amsden
Silver badge

Re: This has been going on with Win10 for a couple years, Win8 too if I recall

Not that I need to sync with this but isn't the point of not using NTFS so the SD card is portable to other systems whether a camera, or something ??

27
0
Nate Amsden
Silver badge

Re: Sky blue, water wet, MS fucking over customers...

I have been linux on the desktop/laptop since about 1997 now, wow has it been that long. But I still have a windows 7 VM and my main computer is still dual boot with windows 7 (one of the last laptops that sold with windows 7).

I have used a bit of windows 2012 (always quickly installed classic shell, though have no intention of using windows 10 as long as win7 still works. Shit, even my recent windows server deployments were all 2008R2(windows makes up less than 1% of my server infrastructure).

MS just seems hell bent on screwing power users over, it is quite unfortunate. I used to be hard core anti MS back in the 90s, but was getting to like them(even bought several copies of windows 7 and Visio) up until they started the windows 10 push.

23
3
Nate Amsden
Silver badge

Re: Sky blue, water wet, MS fucking over customers...

I think they did that one already

https://www.theregister.co.uk/2016/12/09/mysterious_windows_10_networking_bug/

25
0

Not that scary or that hard: Two decades of VLANS

Nate Amsden
Silver badge

Re: 2 vlans in same subnet is a bad thing

I suppose if you run your switches only layer 2 then having overlapping IP spaces isn't an issue(since the switch isn't tracking IPs) -- I have run pretty much exclusively layer 3 for the past 13 years.

0
0
Nate Amsden
Silver badge

2 vlans in same subnet is a bad thing

Your switch has only 1 forwarding table so there will be problems if you have overlapping ip space on same physical infrastructure.

Maybe you won't notice it if it's low traffic.

My switches come with a feature called layer 3 virtual switching (I first used this feature in 2005). You can define virtual switches each of which has a dedicated layer 2 and layer 3 forwarding tables, and vlans (a vlan can belong to only one virtual switch at a time). With this you can safely have overlapping ip networks on the same physical switch. While a Vlan can only belong to one VS at a time you can have say vlan1 on VS1 and vlan2 in VS2 different names and tags but the same ip space. While usually less important you can also have overlapping MAC addresses, that say have two different devices with the same MAC, connected to two different virtual switches and not cause any issue.

The only way to get from one VS to another is a router. Either external to the switch or internal. It's also possibly the only time when it is fine to connect a cable directly between two different ports on the same physical switch (as long as they are in different virtual switches), and not have any fears of causing a loop.

My main datacenter switches use 4 virtual switches on them.

External VS for bridging firewalls with2 vlans

External VS with 4 vlans

Internal ops VS with 20 vlans

Internal corp it VS with 3 vlans

Firewalls bridge bridging VS and external VS, load balancers bridge between external VS and internal ops VS, and firewalls bridge between external VS and internal corp VS.

Also configuring thousands of vlans on a switch I can't imagine that happening on more than a tiny number of orgs out there. Most organizations are much more likely to have many layer 3 domains (each with some subset of vlans behind them), and route between the layer 3 domains. Obviously since these are layer 3 then you can have overlapping vlan tag ids etc between domains.

Oh and none of my networks have EVER used STP or any variant. I use ESRP for combined layer 2 loop protection and layer 3 fault tolerance, far simpler and better in my opinion than STP, and something like VRRP and HSRP for my networks anyway.

0
0

NetApp HCI: More converged than hyperconverged?

Nate Amsden
Silver badge

go 1 step further

Allow the customers to have whatever cpu and ram config that underlying hardware supports for compute nodes. E.g. do not limit to the 3 fixed sizes previously announced.

1
0

What is the enterprise cloud?

Nate Amsden
Silver badge

not a useful article

The article implies enterprise cloud is only needed at pretty big scale (the scale mentioned is pretty massive) - and for the most part I agree, many people who say they need cloud don't really understand the situation and are solving for issues that aren't really issues.

The people at the larger scales that need this kind of private cloud don't benefit from an article like this.

With the team I am on we are managing about 1,200 VMs and containers(about 30 hosts right now - more systems under management than all of my previous employers combined though less physical hosts), and there is some more private cloud initiatives though for the most part I think it is overkill, and people are starting to realize just how complex a problem it is to solve (just provisioning OSs and stuff is maybe 5-10% of the work). We haven't lost an VM or container since we moved out of public cloud about 5 and a half years ago.

Our biggest application servers haven't needed to be scaled for 2 and a half years now(I overbuilt it using LXC back then to save on licensing costs(systems paid for themselves almost immediately) and it has just run ever since, high loads, low loads, no problems).

The new application stack has to be scaled more they say they want to be able to scale to 10X - but still nobody has the useful information that can tell anyone how it can efficiently scale(throwing more VMs at the stack when the existing ones are running at under 20% is a bad idea to me). They are working on it though -- 2+ years after I started asking for them to. From the sounds of it, maybe many months before all of the data gathering is complete.

Oh and I'll mention none of the infrastructure is converged. Hardware standpoint pretty much everything is manually configured still (exception is vmware host profiles which address some of the config). VMware is pretty basic - just enterprise+ and vCenter (both are 5.5), nothing else(from a vmware product standpoint). Though at this scale it really hasn't been an issue. I have asked for things like blades and infrastructure automation but to-date budget hasn't been there. Automation is happening higher up in the stack though. The underlying infrastructure has been so reliable I guess that there hasn't been any push to do much more with it. Everything basically fits in 4 and a half racks.

2
2

Wanna write a Cloudflare app? No? Would $100m change your mind?

Nate Amsden
Silver badge

Re: I'm sure CloudFlare serves a purpose. Somehow.

even at it's most basic level cloudflare is a CDN. And the goal of the CDN is to cache assets close to the client for faster performance. The security add on stuff I'm sure is nice for the clients that need it, my experience says most do not, but if it's cheap and/or easy to setup then there may be little harm in just doing it.

The only attacks I have witnessed myself in the past 24 years of doing internet server stuff -- attacks where something like CloudFlare's services would of helped were attacks directed at other customers on shared services. e.g. the dyn DNS attack last year- as a customer we were not the target but were collateral damage. Also last year our primary upstream ISP came under a ~200Gbps attack for about 3 weeks(off and on as the attacker shifted attack vectors), which caused quite a bit of harm to us (the attacker was going after someone else on the provider, not us). about 18 months ago our upstream ISP got hit again with a big attack that was mitigated in a few hours(that time it was one of the game companies - EA or something that was the target - there was lots of news articles about it at the time).

Having fancy DDoS protection when you aren't the target doesn't help, when the shared pipe(s) are saturated by attacks on other customers.

I have never used Cloudflare as a customer, so have no idea how well they work -- though they are attacked a lot - I suppose the upside is they are generally better prepared (the CDN we use says the largest attack they have gotten didn't go much more than 2-3% of capacity last I talked to them), but also means they are a much bigger target -- I recall on more than one occasion pretty major cloudflare outages due to attacks(at least one article on el reg).

If you don't have the need for edge CDN caching, and you don't run a site that is likely to attract attackers then you generally don't need something like CloudFlare. I'm sure the biggest sites have a combination of edge defenses as well as core defenses. But that is overkill for 99.999% of sites out there.

1
0

Microsoft PatchGuard flaw could let hackers plant rootkits on x64 Windows 10 boxen

Nate Amsden
Silver badge

sounds like they need to patch it

if the article is right "PatchGuard [..] was developed to prevent Windows users patching the kernel, and by extension make the OS more secure by preventing hackers from running rootkits at the kernel level."

also from this blog post

https://blogs.msdn.microsoft.com/windowsvistasecurity/2006/08/12/an-introduction-to-kernel-patch-protection/

"Kernel Patch Protection does not prevent all viruses, rootkits, or other malware from attacking the operating system. It helps prevent one way to attack the system: patching kernel structures and code to manipulate kernel functionality. Protecting the integrity of the kernel is a fundamental steps in protecting the entire system from malicious attacks and from inadvertent reliability problems that result from patching."

Doesn't a system need to be owned regardless for a rootkit to install ? Seems like a cheap excuse from MS.

Not that I care either way, my history with computers says my risk factor for this kind of stuff is reaaally low (both in personal as well as business). Though linux is my primary OS, I do run and manage several windows systems as well.

3
2

Tesla's driverless car software chief steps down

Nate Amsden
Silver badge

he probably wasn't drowning in the kool aid

Elon sounds like a pretty terrible person to work for(seems possible this guy had regular interactions with musk). I'm sure he is smart and successful, but crazy from what I've read (probably not as bad as steve jobs).

1
0

Walmart tells developers to stay away from AWS

Nate Amsden
Silver badge

Re: Walmart understands the basics

Yeah. Quite shocking to me netflix is among them. Though 99% of netflix's bandwidth is served through their CDNs(many of which of course are on site at ISPs).

(Haven't been netflix customer since their first price hike, they lacked content I was interested in and I've read it's only gotten worse as they shift to in house content (from what I've seen not a single one of which is interesting to me.)) But same goes for hbo, showtime etc etc not 1 show of interest. (I did really love 'Strike back ' on cinemax but tgat series is over now.

I miss showtime's 'sci friday' from the 90s - combo stargate sg1 and the outer limits. Really miss stargate franchise too though did not enjoy the original movie.

2
7

HPE teases HPC punters with scalable gear

Nate Amsden
Silver badge

10k nodes and no extra switches

That is quite a lot of ports! Looks like the architecture is 4 blade enclosures per rack (36 blades), and they have racks for I/O too so maybe big aggregation switches in those. Maybe 300 or so racks for a maxed out system.

0
0

OnePlus accused of installing cheat codes for benchmarks with new handset

Nate Amsden
Silver badge

Re: 5%

Less than at least 25% and I can't tell a difference (I probably could in a game though I don't really play games).

On the same note I can tell zero difference between 6gbps sata and 10gbps nvme (both samsung pro) on my quad core skylake lenovo p50 laptop. (Outside of benchmarks anyway).

My last phone upgrade was galaxy note 3 (still using it), quad core 2.3ghz probably at least 350% faster than the hp pre3 it replaced (single core 1.4ghz) and 600% more ram, and 36X more storage(currently 256gb sd+32gb vs 8gb on pre3, though when I originally bought note 3 it had 96gb total).

I have looked at benchmarks for newer phones and have not noticed anywhere close to a similar leap in specs. Note 3 works fine so no interest to change it.

Maybe when quad core 5ghz comes round with 12G of ram and 1tb of storage(with comparable battery life) I'll be willing to drop android 4.4. Not holding my breath though.

10
0

Component makers have their server chums by the short and curlies

Nate Amsden
Silver badge

Re: Server prices rising

perhaps unit shipments of servers are down (I don't know off hand), but memory chips per server is up. I know all of my servers have 24x16GB memory modules a piece (including the DL380 Gen9s I just ordered yesterday).

Looking back in history, the DL380 G5 for example (about 10-11 years ago) seemed to top out at 8 memory sockets. G6/G7 increased that to 12 sockets, though AMD G7 could go to 24 sockets(I have a dozen of those left).

My G5s back in the day I think were 8 cores in two sockets with 32GB. Now 44 cores in two sockets with 384GB( 384 has been my standard since 2012).

0
0

EPYC leak! No, it's better than celeb noodz: AMD's forthcoming server CPU

Nate Amsden
Silver badge

Re: disappointed

Not sure what you mean by 1.x Ghz Xeon, in my OP both Xeons that I referenced were 2Ghz+.

If AMD could make a 32-core 2Ghz chip @ 130W, and charge 20% more than Intel's high end part(s) I would buy it without hesitation. Their wattage numbers are just crazy, even their 16 core parts are 155W (up to 170W ?? based on the article - which is higher than Intel's 22 core Xeons). This just doesn't seem like a good enough attempt to break back into the data center market.

AMD seems aiming squarely at the 1 socket market. I can certainly see some use cases for such systems, am not sure how much of the market they make up. Last time around (Opteron 6000) AMD argued you don't need 8 socket systems, when their chips can do 4 socket real cheap with lots of cores. Now they say you don't need 4 socket systems(which are a small part of the market I'm sure), but having a pair of 150-180W CPUs in a two socket system just seems crazy.

I want AMD to do well.. but they abandoned the data center market for the past 4+ years, it will take a lot to come back, and these wattage numbers make me think it is not enough.

2
0
Nate Amsden
Silver badge

disappointed

I was optimistic these chips would be good. I guess (WAY)too optimistic. My current servers run dual E5-2699v4 which is 2.2ghz 22 core and 145W TDP. Also 24x16GB sticks of ram each.

I was expecting the new AMD chips to be 32 core and at most be say 130W. Their lowest TDP of any chip is 120W. Compared to the 25W TDP of the 2.1G Xeon E3 1240L v5 quad core(8T) that I run in my personal server.

AMD's high end 2 socket comparison is a single 32 core chip being faster than dual 10 core chips.

I was hoping for something better to replace my aging DL385G7s with opteron 6176 and 6276. But after seeing this likely will stick to intel. Another 2 or 4k per server cost doesn't really matter when the servers plus software are over 30k each already.

Not likely AMD will win much virtualization customers with these numbers. I imagine these AMD chips run too hot for most/all blades too.

So yes, pretty disappointing.

2
9

Stop trying to make The Machine happen, HPE. It's not going to happen

Nate Amsden
Silver badge

I'm sure

The SGI tech HP acquired when they bought SGI will play a big role. Probably much bigger than the machine stuff.

1
0

Forums

Biting the hand that feeds IT © 1998–2017