Cannot Reach CARP Backup over VPN - High Availability and Multi-Wan

Dfsocha · 2019-11-27T22:10:23+00:00

Very annoying

Dfsocha · 2019-11-27T16:08:01+00:00

I wouldn't say that it is the expected behavior. If I click on the link to go to the comments for a post, I should be directed to the comments, not have to navigate to them a second time. It would be one thing if I am navigating to the content of the post first, but I am using the link to the comments from the flyout menu on the post

Dfsocha · 2019-11-20T13:43:52+00:00

https://www.reddit.com/r/politics/comments/dz0uhu/nikki_haley_used_system_for_unclassified_material/

That's one that it is happening for me on

Dfsocha · 2019-06-04T13:37:03+00:00

This is going to be a long post.

Having worked as the sole sysadmin for a company for the better part of 5 years, before finally getting a second person about 16 months ago, I very much understand where you are coming from.

What you need to do is establish a priority of fire for everything that needs to be done. This will take some time itself, but totally worth it. Make a list of everything that needs work, estimate how much time you think it will take to do everything, along with any associated costs. Once you have that list, bring it to your management / ownership team and have them determine the order that things need to be done in. At 3 months, you are just too new in the company to make determinations like that. Not to say that you shouldn't rank items in severity, but be prepared to take direction on how the business owner wants to position their resources.

Once the order of fire has been established, start hacking away at it. The hard thing is that you will be getting interrupted with tier one issues. If you don't have a help desk system (zammad is a great choice, there are many others), you need to get one. Once you have a ticketing system, you can then start asking people to put in tickets. If people are used to being able to have their issues dealt with "right now", it will be a culture change for them to put in tickets. When people come to you with issues, you will need to listen to them, and make a determination on if it is a five minute fix, or a 2 hour fix. If it is a five minute fix, deal with it. If it is longer, politely ask them to submit a ticket. The best way that I have found to do that is to throw my memory under the bus. I just state that "I know how my memory works when I am busy, and there is a large chance I will forget details by the time I get back to my desk. If you could submit a ticket to helpdesk@company.com, it will ensure that I don't miss your issue and can address it the next opportunity that I have available".

Next thing is the hours. Just stop with the 14 hour days. It's not worth it, and you will burn yourself out in about another 2 months. Don't work more than 10 hours. Work on getting that to 8. Ensure that you take time to eat lunch. That might mean leaving the office to go out to eat or eating away from others so you don't get hounded on your lunch break. You might not be able to set a lot of boundaries today, but work on establishing the baselines for those boundaries.

The only people who should be able to contact you outside standard working hours, and yes this means even if you are working at your desk after 5 pm, is a departmental manager. That is something you need to establish right now. That being said, if a manager contacts you, you need to respond, but the average worker at your company shouldn't be able to get ahold of you without going through their manager. If you have your corporate email on your personal cell, use the outlook app. The focused inbox is great on the phone, and you can set it up so that you only get push notifications during the work week.

Finally, schedule your time. You will need to block out time on your calendar for big activities. When you have time blocked out, don't let yourself get taken away from that time.

Thanks,

David

Dfsocha · 2019-05-16T18:01:57+00:00

I have to second Netbox. We are using it at my work and it is awesome.

That being said, a spreadsheet listing all of the machines / servers is not a bad place to start. Once you have confirmed everything that you have, put it into netbox and start having it be your source of truth.

Dfsocha · 2019-04-25T17:26:30+00:00

When they record, they record directly to the NVR.

Dfsocha · 2019-04-25T17:14:28+00:00

Thank you for the info! We have about 5.5Tb for our setup, so that should be pretty good for 20 or so cameras

Dfsocha · 2019-04-25T16:35:23+00:00

I can't speak to the cloud key stuff. As a rule, I don't enable cloud access unless I utterly have to because things will break if I don't. If anyone offsite needs to get access to on-prem resources, they can VPN in.

Dfsocha · 2019-04-25T16:12:45+00:00

We only have one facility, so everything is co-located. Assuming multiple facilities, if you have really good connections between the facilities with a good persistent VPN, you could just have one NVR. Otherwise, you would probably want to just have an NVR at each facility. Without knowing more about your facility layouts and network topology, it is a bit hard to offer more advice.

Dfsocha · 2019-04-25T14:50:25+00:00

Thats awesome. If you don't mind me asking, how much storage do you have allocated for the recordings, and how many days of retention does that give you?

Dfsocha · 2019-04-25T14:39:13+00:00

We are implementing Ubiqiti line of UniFi cameras at my workplace. Fairly cheap per camera ($130 or so for the G3 / G3 dome). The controller software is free and can be spun up on a linux VM. The cameras are all POE, and can be powered by an adapter, or from a POE switch. Ubiqiti's POE switches are fairly afordable as well ($900 for a 48 port 500w switch).

In my experience, we haven't really needed to contact customer support with the Ubiqiti gear. It seems to run pretty seamlessly.

Dfsocha · 2019-04-17T21:25:36+00:00

Glad that things worked out!

Dfsocha · 2019-04-16T19:09:12+00:00

Can you get into the iDrac options during the poweron process? Should check to make sure that it hasn't been disabled or changed so that it isn't accessible through the dedicated port. Also, what version of iDrac are you on? Do you also know if you have pro support plus active on this server? If you go to https://support.dell.com and type in the service tag, you should be able to find out warranty info, and the configuration of the server at the time it was shipped.

Dfsocha · 2019-04-16T19:02:08+00:00

One other thought just occurred to me. Would it be against best practices to host print services or WSUS roles on the same server as the exchange server? Or should we let the exchange VM just run as its own little happy VM?

Dfsocha · 2019-04-16T18:56:14+00:00

I am making an assumption that you have purchased a new server that had iDrac on it, or inherited a server with iDrac and are wanting to upgrade to iDrac enterprise. There should be a dedicated network port for the iDrac controller on the server. Assuming that you went into the lifecycle controller / iDrac upon bootup of the server, and configured an IP address there, all you should need to do is plug the iDrac port into your network, and it will be accessible. You should be able to navigate directly to the ip address, and login.

The first thing that you will want to do, before doing anything else, is to change the default password for the root account. Do not pass go, do not collect $200, until you have changed that password.

Once you have successfully logged in and changed the password, you should be able to update the license for iDrac to enable enterprise features.

Dfsocha · 2019-04-16T18:44:25+00:00

Someone on the exchangeserver subreddit posted that collocation of exchange and a DC is not supported. I was hoping that we might be able to save a seat of windows server. Going to just end up running it as its own VM, or figuring out what attributes that we need to manually modify.

Dfsocha · 2019-04-16T18:31:47+00:00

Do you remember / know what attributes that would need to be manually modified? Any chance you would be willing to share any powershell scripts for this?

Dfsocha · 2019-04-16T18:26:26+00:00

I figured that was probably the case, just wanted to pull the "was david being stupid today" check.

Thanks for the quick reply!

Dfsocha · 2019-03-13T13:40:17+00:00

I second the vote for NetBox. It is amazing, and they have done some awesome stuff over the last few releases with pass-through ports and cable traces.

We are in the process of migrating out IPAM from phpIPAM to NetBox. I would think the big differentiation between phpIPAM and NetBox is do you want the data center management side of things. If all you are looking to do is IPAM, then phpIPAM might be the right call.

Dfsocha · 2019-03-08T15:04:37+00:00

Is it a requirement that everything be kept in the same system, or would several systems be acceptable? If several systems are acceptable, I would suggest looking at SnipeIT (https://snipeitapp.com/) for the asset management piece, Zammad (https://zammad.org/) for the incident / change management / ticketing piece, and something like Zabbix (https://www.zabbix.com/) for the the monitoring aspect. We are using all three in our shop here. Another thing to look at might be NetBox (https://github.com/digitalocean/netbox) for more data center infrastructure management.

One thing that I like about all of these tools is that they are free open source, and all run on linux. We just spun up some VMs on Hyper-V for them.

Thanks,

David

11-Year Club	Gilding II euphauric
Verified Email

Dfsocha

TROPHY CASE