systems_glitch

Moderating Team
  • Content count

    2,020
  • Joined

  • Last visited

  • Days Won

    97

Everything posted by systems_glitch

  1. I don't think there's anything wrong with it, I think I just had too high of expectations for it. It's a machine from 2011 that's known for having lousy single-core performance. It does compile C/C++ code *really* fast, with `-j18` in the MAKEOPTS. I may end up selling it to a friend -- paid a visit a few weekends ago, and apparently his VM server died, and he's been running his production VMs for his small business off a laptop! I was simultaneously surprised and not surprised that Gentoo was actually slower. I've maintained for years that there's no real speed advantage from Gentoo for most hardware situations, but I didn't think it would be that much slower!
  2. So I added the Samsung SSD and got to pretty much equal run times with my AMD APU box. Obviously multitasking is still way more usable on the Opteron box, with all of those cores! As an experiment, I installed Gentoo and took care to optimize USE and CPU flags for the architecture. After a day of compiling and working around bugs/oddities, I finally got around to running the test suite I've been using as a benchmark -- it's 5 or 6 minutes *slower* with Gentoo I'm sure Gentoo experts will tell me I'm doing it wrong...
  3. I'm pretty sure you're spot-on with the "expected to be using a GUI" remark. I think that's also why the firewalld syntax is as obtuse as it is. Not meant for anyone to hack at anymore. I guess it also doesn't matter if you're using some devops solution like Chef, Puppet, Ansible, Salt, or whatever. I definitely still prefer `ethX` naming, even the BSDs' convention of using $driver_nameX (e.g. em0 for Intel gigabit, vr0 for VIA Rhine), which I at first liked less than `ethX`, is better than the random string of garbage you get nowadays. At least the BSD approach provides additional useful info!
  4. Pretty sure the interface renaming has more to do with systemd migration than anything else. It's supposed to be a unique identifier for the interface for...reasons? Also `ifconfig` is deprecated basically everywhere...I guess the distinction between a system that acknowledges legacy support and one that doesn't is whether the `ifconfig` compat shim is installed in the base system, or if the answer is basically, "fuck you, learn `ip` syntax." And then of course there's the transition to firewalld, which almost but not completely is capable of doing the same things as iptables, and apparently still uses iptables under the hood.
  5. I picked up a 128 GB Samsung SM951 PCIe attached SSD, going to grab a PCIe x4 adapter for full bandwidth. That ought to rule out a disk bottleneck
  6. So I'm against some sort of bottleneck which I haven't had time to identify yet. The full test suite of one of the day-job applications I work on runs significantly slower, but won't even utilize a full core. On my APU box, I was running a load average of 2.5 - 3 with all fans spun up. This sits around 0.75 load average. I'm wondering if it's a disk bandwidth issue, I currently have the 1 TB Hitachi/HGST SATA drive in that shipped with the machine. Thinking I'm going to order a Samsung M.2 SSD and PCIe adapter bracket, I wanted to upgrade to SSD anyway. Direct PCIe attachment will rule out any disk/controller issues. I knew getting into this, from our server deploys, that single-core performance wasn't awesome with these CPUs, but not even being able to load down a single core seems like something else is my bottleneck.
  7. I moved away from it for a while due to everything being locked to "stable" versions, which back then meant old. It seems like Slackware is really keeping up nowadays though, certainly ahead of what RHEL/CentOS ships with most of the time, and IIRC ahead of stock Debian too. That's tracking release branches, not -current.
  8. Slackware64 14.2 installed, running a lot of compiles and building up part of my dev stack. Currently compiling node.js -- `make -j16` is nice Got some correctable ECC errors while building Ruby, so it looks like there might be a RAM upgrade sooner than later...
  9. 6200 series is still Bulldozer microarchitecture, Interlagos is a subfamily Piledriver is 6300 series IIRC. But yeah, part of the reason I went with a dual-socket motherboard is the enormous quantity of RAM slots. I can buy cheaper, lower-density RAM which seems to be widely available as cast-offs from other people's upgrades, and still get to a reasonable quantity for this system. Well, the machine arrived today, and it looks like something is wrong with the graphics card Super clean inside though, it smells like a brand-new computer. I kind of wonder if these were used for a trade show or something, and just surplussed as soon as the show was over. The other thing is, no onboard SAS controller -- it wasn't clear from the motherboard documentation that you could have IPMI (which this one does) and no SAS. It did ship with a 1 TB Hitachi/HGST SATA 3gb/s drive installed. There's a small dent on the top corner of the plastic bezel of the case, but that hardly matters. It came with 5x total drive caddies, so it's 3 short of being completely full.
  10. https://backchannel.com/forget-comcast-heres-the-diy-approach-to-internet-access-ef1e37bc09e1#.2bdfq5vu8 Interesting read, basically one guy decided to build out his own infrastructure and now it's a huge cooperative.
  11. ...because that title couldn't be more spammy, right? So I'm looking at getting an older Cisco switch with 10gb capability, I figure it just needs to be two to four uplink ports since I'll only have two 10gb Ethernet cards to start with. Plus I need a larger access switch, my little 8-port 2960G won't cut it much longer. One thing I always do before buying a used Cisco switch is, ahem, find the most recent IOS image and verify its MD5 against the Cisco site. I couldn't find a copy of the most recent IOS for a 3500 series switch, so I was goofing around with Cisco's JS, trying to see if they (like 99% of web devs apparently) were doing their validations all clientside. Then I thought, "wait, can I actually register for this?" Apparently the answer is yes, you just tell them you're a client, and agree to ITAR encryption export limitations, and you're good to go for LAN base and IP base on a lot of stuff. BTW, with the legit login I traced my way through the JS responsible for processing the download, and no, they're not validating clientside. It appears they go the extra step of validating *again* server-side, even after the login comes back successful -- you can snarf the download URL from one of the JS objects, and it's apparently a one-time-use deal. I couldn't wget it after I'd started the download normally.
  12. On the train, headed across north/central VA. Anyone else going?
  13. gist: https://gist.github.com/chapmajs/44d1d064d70b34432ccdc006f80f55c1 I wanted a quick command to rename `st` (Suckless Terminal) windows in i3wm since sometimes I have a lot of them open at once, tiled all over the screen. Here's what I came up with: # I added this snippet to my .bashrc to give me a `rename-window` command when # using a terminal (`st`, in my case). Invoke as: # # `rename-window "the name you desire"` # # If you don't have `xdotool` then we alias an echo so we'll know it's not there. which xdotool >/dev/null 2>&1 if [ "$?" = "0" ] then alias rename-window='xdotool selectwindow set_window --name' else alias rename-window='echo "xdotool not found"' fi
  14. Finished putting my LED nametag together: Hooked it up to a 2000 mAh LiPo cell and an Adafruit charger/boost converter, seeing how long it runs on a charge.
  15. Heh, thanks guys. Mostly from years of having to get by on scavenged hardware Turns out if it's a good solution on a junky 486, it's even better when you've got a real router to run on!
  16. Certainly better than Netgear if you need any advanced features (VLANs, LACP, PoE, et c.). If you just need a dumb switch to connect everything together, I'd imagine just about anything that doesn't crash regularly will do the job. +1 on always needing more ports. I've got a little 8-port Cisco 2960G in the apartment (didn't want the loud 24-port 1U switch going in the living room...moving soon tho!). Always feels like I'm hooking another switch to it if I'm hacking on much of anything. OTOH, the last place I worked, the boss wouldn't "invest" in having us run cable during slow days to the new workstations, so everything stumbled along on wireless for most of the workstations. I guess if the boss isn't going to let you build out the wiring ever, there's no point in buying extra ports, unless you just get a good deal on it.
  17. I recently purchased a used Foundry/Brocade FastIron 24-port gigabit switch to try out. 24 gigabit ports, 4 of which are SFP (can be various kinds of fiber), an expansion bay that supports 10 gig modules, and switchable 802.3af PoE on all ports. Very nice hardware! The OS is very similar to Cisco IOS, and their documentation/command reference is excellent. I bought it used, I think I paid under $50 shipped -- there may be a thread on it elsewhere on the forums. Overall I'm super happy with it, would recommend Brocade for business/commercial hardware. I've also had very good experiences with Allied Telesis (used to be Allied Telesyn) products. They make a solid line of managed and unmanaged switches. They aren't as feature rich as HP, Brocade, or Cisco, but the price reflects that. Most of the admin is better done through the web interface, I didn't like working with the CLI, whereas I prefer the CLI on my Cisco and Foundy/Brocade hardware. I really like Allied Telesis' smaller workgroup switches (4-8 port units) as you can get them with a built-in power supply -- no wall wart or line lump.
  18. I'd still recommend pfSense for Firewall/Router/VPN. You can purchase preconfigured hardware with warranty and corporate support. I've got a number of pfSense boxes deployed with former and current clients, except for hardware failure due to power problems (surges or lightning, we're not sure which) we've had near zero problems. Updates used to be a bit shaky with older releases of pfSense, but newer (last year or two) releases are much better. There's also OPNsense now, which is a pfSense derivative. I haven't personally tried it out, but supposedly they were going to nail down some of the interface issues/hacks present in older versions of pfSense. IIRC they also strive to provide a more open build environment (pfSense has premium level stuff you can buy, and supposedly their build process is poorly documented). Are you looking for switches too?
  19. Booked hotel and train. Stank, you decide if you're going or not?
  20. Welcome! Forums aren't as active as they once were, but there's still a number of regulars.
  21. Is that buzz an old mechanically generated European ring?
  22. Eh, I think HOPE Is more than just a scene still. I ended up hanging out a lot in the lockpicking village last time, trying to get that stupid blue ABUS lock that was hanging off of the ceiling! Got pretty good at picking every other lock they had laying out though! The talks I actually made it to (was helping with the vintage computer guys) were solid. Most of Albany 2600 made it down so that was cool too. Somehow the vintage computer table became the free booze spawn point. The NOC guys said that this year there will be at least a 1 gbps Internet connection again (courtesy Hurricane Electric, apparently they lit fiber to the building for free after the usual WiMax host flaked), and maybe 10 gbps. Last time the whole IPv4 address space was scanned multiple times. There was of course native IPv6, being Hurricane Electric, but I don't think sufficient resources exist for scanning all of IPv6 space in a long weekend!
  23. Just preordered my ticket! Probably ride the Amtrak up as I don't think anyone around me is driving in.
  24. I'm guessing it's just people upgrading and getting rid of functional but "outdated" sets. Anything with a CRT is curb fodder nowadays, and even some of the older LCD and plasma TVs are showing up in working condition. We found a 32" LCD TV with the remote taped to the top on the curb before we left NY. Cleaned it up and used it until we moved, gave it away on moving though.
  25. Yeah, http://www.securiteam.com/tools/5RQ0B000CU.html It's a wardialer that runs on old Palm Pilot PDAs with a modem pack (or external modem, I guess, would also work). Basically the older Palm Pilots (all of them?) are super cheap in used/working condition, and the modems are cheap too, and will run off of a set of batteries for a good while. It's so cheap it's disposable, you could just leave it in a telco closet or a can outside and if someone steals it, who cares. It's also a pretty unassuming bit of hardware, not some piece of clearly homebrew perfboard with wires going everywhere. As mentioned, I loaned mine to a friend doing a physical security audit for a company. No one noticed it, and he was able to scan all of their PBX extensions, including finding, IIRC, their security system's remote control modem on an extension, completely unprotected.