Re: [AFMUG] DNS server for guys who dont want to be gurus
Im commited now to webmin, I just RTFM the bind module component, no turning back after that kind of investment. Turns out DNS really not a complicated thing at this level of demand On Fri, Oct 3, 2014 at 12:47 AM, George Skorup (Cyber Broadcasting) via Af af@afmug.com wrote: cPanel is a single machine/VM web hosting platform. About the only thing that can be clusterized currently with cPanel is DNS, and I don't use it. Actually, their DNS-ONLY product is free. We bought our one-time license in 2002, I want to say it was like $2500. Then they got rid of the one-time licensing, but ours is grandfathered and updates cost $180 or $200 a year. Not a bad investment. Anyway, I've hand-edited zone files and named.conf using vi since, like.. forever. It's really not that hard. I wrote some very simple (i.e. crude) bash scripts that let me easily insert new zones and then restart named. On 10/2/2014 10:38 PM, That One Guy via Af wrote: is cpane priced per server or does one instance manage multiple servers? Im not understnading their structure, if we have our two authoritative DNS servers and add 2 caching servers will that require 4 licenses? at 425 bucks a year that can add up, or am i misunderstanding their pricing structure? On Thu, Oct 2, 2014 at 10:04 PM, George Skorup (Cyber Broadcasting) via Af af@afmug.com wrote: We've ran cPanel/WHM for almost 12 years now. The customer can do just about anything imaginable with it, yet they still call and ask you to do even the most simple things for them, like add an email account. ^%$#! On 10/2/2014 9:37 PM, Ken Hohhof via Af wrote: If you don’t need paid support from RedHat, CentOS is the way to go, it’s the same thing minus the support and branding. Want a chuckle? Take a look at the Solarwinds management product advertised on the ISC website. Probably nothing wrong with the product, Solarwinds is a good company. But the price is just ridiculous. It will make you happy to use webmin. Honestly I just vi the files manually. But you’re not going to get a customer to do that. Steve, didn’t you say you had cPanel? Doesn’t that include a DNS server and management tool, at least for authoritative DNS? *From:* Josh Baird via Af af@afmug.com *Sent:* Thursday, October 02, 2014 9:19 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus There probably isn't. Use CentOS. Josh On Thu, Oct 2, 2014 at 9:34 PM, That One Guy via Af af@afmug.com wrote: I dont want bleeding edge, I like stable, and as long as its secure I dont like to change. I never had really thought about purchased Linux before, looking at RHEL I have no clue and I dont know that there is much benefit to it with a handful of small single purpose virtual servers On Thu, Oct 2, 2014 at 8:23 PM, Josh Baird via Af af@afmug.com wrote: I don't use webmin, so I can't specifically answer your questions.. but, yes, Webmin is simply a front-end for various services that you have running on your server. Out of the box, your server is configured to use specific yum (software) repositories that are specific to CentOS 5/6/7. Unless you manually update one of these repository definitions or are using your own local RPM packages, you will be pointing at these native repositories. CentOS/RHEL repositories maintain the same major version of package (9.8.2 in EL6, 9.9.4 in EL7) throughout a major version's lifecycle (ie 6.x, 7.x). RHEL/CentOS backports security patches into older (stable) versions; so even if you are running RHEL6 with BIND 9.8.2, you are not vulnerable to security flaws or exploits (as long as you keep your server's packages up to date). CentOS/RHEL is not bleeding edge. They offer stable versions of software and keep them up to date and safe by backporting security patches. If you want bleeding edge packages you have a few options - find third party yum repositories with newer packages, compile your own BIND or use non-enterprise Linux distributions such as Fedora. Josh On Thu, Oct 2, 2014 at 9:09 PM, That One Guy via Af af@afmug.com wrote: so, webmin, it is just in its most basic form a gui and package management system for linux and linux server components?? Is this correct? When I go to the package manager through webmin is if only looking in repositories for packages compiled to run in webmin, or is it looking for packages compiled for the underlying linux distibution?? So if I want to update to the newest fanciest BIND version, how would I go about it, yum update bind and the like dont take it any further? If I did this outside of webmin, will I lose the webmin functionality or cause it not to function? Virtualmin as best i can tell is a module for webmin, will this give me better access to newer versions of BIND? I like windows because stuff either doesnt work or its got bugs, we get two choices. It looks like 9.8.8 is EOL last month, so i see what you
Re: [AFMUG] DNS server for guys who dont want to be gurus
The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Ken Hohhof via Af af@afmug.com To: af@afmug.com Sent: Thursday, October 2, 2014 5:30:01 PM Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. From: That One Guy via Af Sent: Thursday, October 02, 2014 4:36 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. From: Af [mailto: af-boun...@afmug.com ] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 2:24 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.com wrote: blockquote CentOS+BIND+Webmin J I can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. From: Af [mailto: af-boun...@afmug.com ] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 1:21 PM To: af@afmug.com Subject: [AFMUG] DNS server for guys who dont want to be gurus Is there a good, simple package for locally hosted DNS Servers for people like me who dont want to get too far into managing the linux at a granular level? we are used to the webmin interface. It would be nice if it had the option to set up client accounts for some clients to manage their own DNS but not view others, but thats in no way a deal breaker -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 /blockquote -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] DNS server for guys who dont want to be gurus
I would not use 5 no way no how. It's just about EOL. 5.11 was just released and it's probably the last update 5 will get. it's like saying you want to roll out a new server running Server 2003. Nope. Just don't do it. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Timothy D. McNabb via Af af@afmug.com To: af@afmug.com Sent: Thursday, October 2, 2014 6:26:19 PM Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus I’ve never had a problem using yum and CentOS, you are right that the packages don’t tend to be latest and greatest. You can added repos that support CentOS 5/6 with the packages you are looking for, simplifying the process. My preference is still to use CentOS 5, the GNOME and KDE interfaces are both laughable on 6 (sad that the interface + packages have moved so closely to a desktop computer anymore). I’m not one to use the minimal install, but then again I selectively select the packages I desire to get the machine going and then add/remove software once it’s configured with an internet connection. That One Guy, the honest and absolutely EASIEST way to setup BIND is grab CentOS 5, then install the Server package BIND. Additionally adding to the super-easiness, install a package called “system-config-bind”. You can use the search function to find it easy enough. Once everything is installed, go to terminal through the GUI and run “system-config-bind” by just typing and hit enter. It will bring up a pretty nifty and easy interface to allow you to customize a lot of your DNS server. Anything super-granular and you will need to run through manually editing config files, but this is enough to get brand new machines up and running. We don’t run a slave-master setup so I can’t help you there. Both of ours are listed as authorative caching open recursion servers (ie they are both Masters) with an ACL that allows only our 3 /22’s to talk to them via udp. AFAIK the package for system-config-bind is still non-existent as of this writing for CentOS 6. -Tim From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 4:10 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus I already have installed bind through webmin, it is a newer version, just by a couple revisions but the ubuntu one wont update any more its BIND version 9.8.2 I can manually add the slave zone and test the transfer it updates from the master, I just assumed I should be able to add it as another slave and have it populate all the way On Thu, Oct 2, 2014 at 5:30 PM, Ken Hohhof via Af af@afmug.com wrote: You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. From: That One Guy via Af Sent: Thursday, October 02, 2014 4:36 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. From: Af [mailto: af-boun...@afmug.com ] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 2:24 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.com wrote: CentOS+BIND+Webmin J I can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. From: Af [mailto: af-boun...@afmug.com ] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 1:21 PM To: af@afmug.com
Re: [AFMUG] PMP450 in 5.1 - 5.3 ???
We are actively working on new hardware for the PMP 450 platform that will support this band. We expect it to become available in Q2, 2015. Matt -Original Message- From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mathew Howard via Af Sent: Thursday, October 02, 2014 2:02 PM To: af@afmug.com Subject: Re: [AFMUG] PMP450 in 5.1 - 5.3 ??? I don't believe that's the case anymore... with firmware 2.2, ePMP is letting me set it up to 30dBm EIRP, which is the max that anything is allowed in the DFS bands. From: Af [af-boun...@afmug.com] on behalf of Kurt Fankhauser via Af [af@afmug.com] Sent: Thursday, October 02, 2014 11:43 AM To: af@afmug.com Subject: Re: [AFMUG] PMP450 in 5.1 - 5.3 ??? epmp has alot lower powet in dfs than 450 Sent from my iPhone Kurt Fankhauser Wavelinc Communications P.O. Box 126 Bucyrus, OH 44820 http://www.wavelinc.com tel. 419-562-6405 fax. 419-617-0110 On Oct 2, 2014, at 11:46 AM, Gino Villarini via Af af@afmug.com wrote: How they managed to do it in the Epmp and PTP650 while not in the PMP450 baffles meŠ. Gino A. Villarini President Aeronet Wireless Broadband Corp. www.aeronetpr.com @aeronetpr On 10/2/14, 11:25 AM, Matt via Af af@afmug.com wrote: I believe a second HW model is planned for 4.9 5.3, different filtering. Just what we needed, another part number to find room for in the service vehicles. Too bad they could not have done this on same hardware. From: Gino Villarini via Af Sent: Thursday, October 02, 2014 4:23 AM To: af@afmug.com Subject: [AFMUG] PMP450 in 5.1 - 5.3 ??? Are there any plans for this? Is the HW capable? Gino A. Villarini President Aeronet Wireless Broadband Corp. www.aeronetpr.com @aeronetpr
Re: [AFMUG] PMP450 in 5.1 - 5.3 ???
Can you make the SMs wideband? Gino A. Villarini President Aeronet Wireless Broadband Corp. www.aeronetpr.com @aeronetpr On 10/3/14, 8:08 AM, Matt Mangriotis via Af af@afmug.com wrote: We are actively working on new hardware for the PMP 450 platform that will support this band. We expect it to become available in Q2, 2015. Matt -Original Message- From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mathew Howard via Af Sent: Thursday, October 02, 2014 2:02 PM To: af@afmug.com Subject: Re: [AFMUG] PMP450 in 5.1 - 5.3 ??? I don't believe that's the case anymore... with firmware 2.2, ePMP is letting me set it up to 30dBm EIRP, which is the max that anything is allowed in the DFS bands. From: Af [af-boun...@afmug.com] on behalf of Kurt Fankhauser via Af [af@afmug.com] Sent: Thursday, October 02, 2014 11:43 AM To: af@afmug.com Subject: Re: [AFMUG] PMP450 in 5.1 - 5.3 ??? epmp has alot lower powet in dfs than 450 Sent from my iPhone Kurt Fankhauser Wavelinc Communications P.O. Box 126 Bucyrus, OH 44820 http://www.wavelinc.com tel. 419-562-6405 fax. 419-617-0110 On Oct 2, 2014, at 11:46 AM, Gino Villarini via Af af@afmug.com wrote: How they managed to do it in the Epmp and PTP650 while not in the PMP450 baffles meŠ. Gino A. Villarini President Aeronet Wireless Broadband Corp. www.aeronetpr.com @aeronetpr On 10/2/14, 11:25 AM, Matt via Af af@afmug.com wrote: I believe a second HW model is planned for 4.9 5.3, different filtering. Just what we needed, another part number to find room for in the service vehicles. Too bad they could not have done this on same hardware. From: Gino Villarini via Af Sent: Thursday, October 02, 2014 4:23 AM To: af@afmug.com Subject: [AFMUG] PMP450 in 5.1 - 5.3 ??? Are there any plans for this? Is the HW capable? Gino A. Villarini President Aeronet Wireless Broadband Corp. www.aeronetpr.com @aeronetpr
Re: [AFMUG] DNS server for guys who dont want to be gurus
I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. From: Mike Hammett via Af Sent: Friday, October 03, 2014 6:10 AM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com From: Ken Hohhof via Af af@afmug.com To: af@afmug.com Sent: Thursday, October 2, 2014 5:30:01 PM Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. From: That One Guy via Af Sent: Thursday, October 02, 2014 4:36 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 2:24 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.com wrote: CentOS+BIND+Webmin J I can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 1:21 PM To: af@afmug.com Subject: [AFMUG] DNS server for guys who dont want to be gurus Is there a good, simple package for locally hosted DNS Servers for people like me who dont want to get too far into managing the linux at a granular level? we are used to the webmin interface. It would be nice if it had the option to set up client accounts for some clients to manage their own DNS but not view others, but thats in no way a deal breaker -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] DNS server for guys who dont want to be gurus
It may be 9.8.2 with security fixes backported from later versions. I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. *From:* Mike Hammett via Af mailto:af@afmug.com *Sent:* Friday, October 03, 2014 6:10 AM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com *From: *Ken Hohhof via Af af@afmug.com *To: *af@afmug.com *Sent: *Thursday, October 2, 2014 5:30:01 PM *Subject: *Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. *From:* That One Guy via Af mailto:af@afmug.com *Sent:* Thursday, October 02, 2014 4:36 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com mailto:af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. *From:*Af [mailto:af-boun...@afmug.com mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via Af *Sent:* Thursday, October 02, 2014 2:24 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.com mailto:af@afmug.com wrote: CentOS+BIND+Webmin JI can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. *From:*Af [mailto:af-boun...@afmug.com mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via Af *Sent:* Thursday, October 02, 2014 1:21 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* [AFMUG] DNS server for guys who dont want to be gurus Is there a good, simple package for locally hosted DNS Servers for people like me who dont want to get too far into managing the linux at a granular level? we are used to the webmin interface. It would be nice if it had the option to set up client accounts for some clients to manage their own DNS but not view others, but thats in no way a deal breaker -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore,
Re: [AFMUG] Find licensed links in progress?
You have to file an application on the link before you can start-up under conditional authorization, if conditional authorization is even allowed in your area of Minnesota. That application, if it exists, should be searchable within days of submittal. Have you tried searching using the coordinates of the site rather than the licensee's name? Some licensees hold licenses under several different FRNs. Or, while not recommended, perhaps they have built the system and are waiting on the coordination process to finish before submitting the application and powering-up the links? Mike Black Black Associates 727-773-9016 www.bamicrowave.com From: Af [mailto:af-boun...@afmug.com] On Behalf Of Daniel White via Af Sent: Friday, October 03, 2014 1:12 AM To: af@afmug.com Subject: Re: [AFMUG] Find licensed links in progress? Remember – conditional authorization happens in 2 to 4 weeks… but the license isn’t usually granted for at least another 30 days. I have no idea how long it takes to show up on the website. They always could be 24GHz radios – we sell lots of those too in most of our product models (Lumina for instance is available in 24GHz). Gino might have something to report re: Integra in a few days. cid:image001.jpg@01CE2975.BD4B6370 Daniel White | Managing Director SAF North America LLC Cell: (303) 746-3590 Skype: danieldwhite E-mail: mailto:daniel.wh...@saftehnika.com daniel.wh...@saftehnika.com From: Af [mailto:af-boun...@afmug.com] On Behalf Of Darin Steffl via Af Sent: Thursday, October 2, 2014 10:54 PM To: af@afmug.com Subject: [AFMUG] Find licensed links in progress? Hey guys, There's a tower we want to colocate on that has 2 licensed SAF links and we know who is up there as the tower own has told us who is there. When I search the FCC License database though, I see their other licensed locations and paths for other towers they're on but not for the new tower they've been on for at least 2-3 months now. Is there that long of a lag from the license being granted to showing up on the FCC site? The more unlikely thing is they ordered links and put them up without being granted a license. I doubt that is the case because they have all their other links licensed and and they show up fine. Any ideas or feedback on this? -- Darin Steffl Minnesota WiFi www.mnwifi.com http://www.mnwifi.com/ 507-634-WiFi http://www.facebook.com/minnesotawifi Like us on Facebook http://www.facebook.com/minnesotawifi
Re: [AFMUG] DNS server for guys who dont want to be gurus
I think a couple of us has mentioned SimpleDNS – 2 minute install – just works ☺ From: Af [mailto:af-boun...@afmug.com] On Behalf Of Josh Baird via Af Sent: Friday, October 03, 2014 9:47 AM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus Yeah. RHEL/CentOS backport security patches. To quote myself from a previous email in this thread: CentOS doesn't have the latest and greatest packages because it's upstream is RHEL. This is the nature of enterprise linux. They don't have major package revisions during the entire lifecycle of any given major version (ie, RHEL5/6/7) and they backport security fixes and patches. On Fri, Oct 3, 2014 at 9:30 AM, Ken Hohhof via Af af@afmug.commailto:af@afmug.com wrote: I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. From: Mike Hammett via Afmailto:af@afmug.com Sent: Friday, October 03, 2014 6:10 AM To: af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com From: Ken Hohhof via Af af@afmug.commailto:af@afmug.com To: af@afmug.commailto:af@afmug.com Sent: Thursday, October 2, 2014 5:30:01 PM Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. From: That One Guy via Afmailto:af@afmug.com Sent: Thursday, October 02, 2014 4:36 PM To: af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.commailto:af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. From: Af [mailto:af-boun...@afmug.commailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 2:24 PM To: af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.commailto:af@afmug.com wrote: CentOS+BIND+Webmin ☺ I can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. From: Af [mailto:af-boun...@afmug.commailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 1:21 PM To: af@afmug.commailto:af@afmug.com Subject: [AFMUG] DNS server for guys who dont want to be gurus Is there a good, simple package for locally hosted DNS Servers for people like me who dont want to get too far into managing the linux at a granular level? we are used to the webmin interface. It would be nice if it had the option to set up client accounts for some clients to manage their own DNS but not view others, but thats in no way a deal breaker -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go
Re: [AFMUG] DNS server for guys who dont want to be gurus
I don’t think so. From: Adam Moffett via Af Sent: Friday, October 03, 2014 8:34 AM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus It may be 9.8.2 with security fixes backported from later versions. I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. From: Mike Hammett via Af Sent: Friday, October 03, 2014 6:10 AM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- From: Ken Hohhof via Af mailto:af@afmug.com To: af@afmug.com Sent: Thursday, October 2, 2014 5:30:01 PM Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. From: That One Guy via Af Sent: Thursday, October 02, 2014 4:36 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 2:24 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.com wrote: CentOS+BIND+Webmin J I can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 1:21 PM To: af@afmug.com Subject: [AFMUG] DNS server for guys who dont want to be gurus Is there a good, simple package for locally hosted DNS Servers for people like me who dont want to get too far into managing the linux at a granular level? we are used to the webmin interface. It would be nice if it had the option to set up client accounts for some clients to manage their own DNS but not view others, but thats in no way a deal breaker -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance
Re: [AFMUG] DNS server for guys who dont want to be gurus
We are running Centos6 with bind9.9 currently. On 10/03/2014 08:46 AM, Josh Baird via Af wrote: Yeah. RHEL/CentOS backport security patches. To quote myself from a previous email in this thread: CentOS doesn't have the latest and greatest packages because it's upstream is RHEL. This is the nature of enterprise linux. They don't have major package revisions during the entire lifecycle of any given major version (ie, RHEL5/6/7) and they backport security fixes and patches. On Fri, Oct 3, 2014 at 9:30 AM, Ken Hohhof via Af af@afmug.com mailto:af@afmug.com wrote: I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. *From:* Mike Hammett via Af mailto:af@afmug.com *Sent:* Friday, October 03, 2014 6:10 AM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com *From: *Ken Hohhof via Af af@afmug.com mailto:af@afmug.com *To: *af@afmug.com mailto:af@afmug.com *Sent: *Thursday, October 2, 2014 5:30:01 PM *Subject: *Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. *From:* That One Guy via Af mailto:af@afmug.com *Sent:* Thursday, October 02, 2014 4:36 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com mailto:af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. *From:*Af [mailto:af-boun...@afmug.com mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via Af *Sent:* Thursday, October 02, 2014 2:24 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.com mailto:af@afmug.com wrote: CentOS+BIND+Webmin JI can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. *From:*Af [mailto:af-boun...@afmug.com mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via Af *Sent:* Thursday, October 02, 2014 1:21 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* [AFMUG] DNS server for guys who dont want to be gurus Is there a good, simple package for locally hosted DNS Servers for people like me who dont want to get too far into managing the linux at a granular level? we are used to the webmin interface. It would be nice if it had the option to set up client
Re: [AFMUG] DNS server for guys who dont want to be gurus
If it's BIND 9.8.2 from the CentOS updates repositories, it's patched. It won't contain non-security related features of later versions, but it has been patched for any security related stuff. The internal patch/version level of the package is denoted in the RPM's filename for EL. On Fri, Oct 3, 2014 at 9:57 AM, Ken Hohhof via Af af@afmug.com wrote: I don’t think so. *From:* Adam Moffett via Af af@afmug.com *Sent:* Friday, October 03, 2014 8:34 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus It may be 9.8.2 with security fixes backported from later versions. I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. *From:* Mike Hammett via Af af@afmug.com *Sent:* Friday, October 03, 2014 6:10 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- *From: *Ken Hohhof via Af mailto:af@afmug.com af@afmug.com *To: *af@afmug.com *Sent: *Thursday, October 2, 2014 5:30:01 PM *Subject: *Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. *From:* That One Guy via Af af@afmug.com *Sent:* Thursday, October 02, 2014 4:36 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via Af *Sent:* Thursday, October 02, 2014 2:24 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.com wrote: CentOS+BIND+Webmin J I can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via Af *Sent:* Thursday, October 02, 2014 1:21 PM *To:* af@afmug.com *Subject:* [AFMUG] DNS server for guys who dont want to be gurus Is there a good, simple package for locally hosted DNS Servers for people like me who dont want to get too far into managing the linux at a granular level? we are used to the webmin interface. It would be nice if it had the option to set up client accounts for some clients to manage their own DNS but not view others, but thats in no way a deal breaker -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a
Re: [AFMUG] valuing a pay increase
I think you've mentioned in the past that other employees are relatives of the boss. Do you have any idea whether those employees are also paid less than other nearby companies are paying for similar positions? From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 11:29 PM To: af@afmug.com Subject: Re: [AFMUG] valuing a pay increase thats exactly what the guy i interviewed with said when i asked him about insurance and why he offered what he did, a business expense/investment On Thu, Oct 2, 2014 at 11:23 PM, Jaime Solorza via Af af@afmug.commailto:af@afmug.com wrote: I went to pain doc for sciatic nerve. 50 copay. 25 for injection. 192.00 for meds but he gave me a discount card. 52.00 bucks. AETNA is my provider. Yep insurance is expensive but necessary. Especially as my body keeps telling I not 20 years old. Best to keep employees healthy and happy. More productivity 99% of time Jaime Solorza On Oct 2, 2014 10:15 PM, Chuck Hogg via Af af@afmug.commailto:af@afmug.com wrote: Providing Health Insurance is a nice bonus though...especially if he is covering your whole family. My family insurance is friggin' expensive for a family of 4! Regards, Chuck On Thu, Oct 2, 2014 at 11:57 PM, That One Guy via Af af@afmug.commailto:af@afmug.com wrote: lol, hes not a dick, hes actually a pretty decent conservative capitalist christian. I started that conversation 4 months ago right after I turned down a much better paying job because of the commute. I got that job offer because I went to meet with a tech from another contract service provider who was taking over our contract, it turned out he wasnt a tech he was the owner of the company, apparently I clean up nice, when I went for the final closeout meeting it turned out to be an hour and a half interview. But afterward i started the whats the future direction of the company, what can I do in the company to give myself a financial and personal growth future in the company, conversation. I screwed up by divulging about half of my business plan if I was going to step out on my own, probably a bad idea. but I keep getting the well theres this and theres that and the i need to meet with x to discuss y and ill get back to you, the most I get out of him is we havent sold to Jab (which I dont want because theres no role for me if it happenned) and we arent closing the doors, and we might look at giving you a dollar and maybe some scheduled raises. I have two kids, a house, this broad that lives with me after making my babies a buck every 2.5 years isnt a great future. he had gotten insurance, which we did not have before, and initially I wrote that off as the equivalent as a raise, but the more I think about it, it was company wide, that isnt a retention thing, thats a business expense like the electric bill and bandwidth cost, and next year the contract expires and our coverage goes down, we get the option to buy back the difference.. no dental, I gave the tooth butcher 500 bucks yesterday that i had to borrow, cutting health isnt going to be made up for with 8 cents On Thu, Oct 2, 2014 at 10:44 PM, Ken Hohhof via Af af@afmug.commailto:af@afmug.com wrote: Unless your boss is a dick (apparently a real possibility), a good approach is to ask when your next review will be and what achievements or metrics would qualify you for a bigger raise or a promotion. You are setting him up. He says do X and you get a promotion and a raise, and you do X. Makes it hard to deny you the reward, since he set the rules for the game. He even gets the enjoyment of telling himself he motivated you to achieve the goals he set, like getting a rat to run a maze in order to get the cheese, when in fact you motivated him to give you a raise. From: That One Guy via Afmailto:af@afmug.com Sent: Thursday, October 02, 2014 10:30 PM To: af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] valuing a pay increase Yeah, Jab starts their phone techs at more than I make, but Im one of those people that wont quit. Im pretty critical, but my employer is one that will just let things fail and deal with the aftermath. Ive worked for the organization for 10 years and this company for 5. Ive missed one deadline, the first in my life, and that was when my dads family shop burned down and I had to take some time off to dig through the rubble. They wouldnt find a person to replace me directly, the routing/transit management would go to a 3rd party consultant/contractor, they would rely on Powercode directly to manage that and the associated hardware, They would contract our partner company to manage the infrastructure builds, he would move from the inexpensive UBNT type hardware on the backhaul network to licensed set and forget links, specced out by vendors installed by contractors. The backend systems like our DNS, internal messaging sytems, backup/archiving, etc would either fail or be
Re: [AFMUG] DNS server for guys who dont want to be gurus
PDNS or power dns works really well also very lightweight. On 10/03/2014 09:05 AM, Ty Featherling via Af wrote: My predecessor had our DNS setup on SimpleDNS. I have never changed it because it really just always works. I have not had a SINGLE issue with it. Easy GUI. Simple. I will be moving to linux when I get a good VM server going but I am very impressed with SimpleDNS. -Ty On Fri, Oct 3, 2014 at 8:56 AM, Paul McCall via Af af@afmug.com mailto:af@afmug.com wrote: I think a couple of us has mentioned SimpleDNS – 2 minute install – just works J *From:*Af [mailto:af-boun...@afmug.com mailto:af-boun...@afmug.com] *On Behalf Of *Josh Baird via Af *Sent:* Friday, October 03, 2014 9:47 AM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus Yeah. RHEL/CentOS backport security patches. To quote myself from a previous email in this thread: CentOS doesn't have the latest and greatest packages because it's upstream is RHEL. This is the nature of enterprise linux. They don't have major package revisions during the entire lifecycle of any given major version (ie, RHEL5/6/7) and they backport security fixes and patches. On Fri, Oct 3, 2014 at 9:30 AM, Ken Hohhof via Af af@afmug.com mailto:af@afmug.com wrote: I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. *From:*Mike Hammett via Af mailto:af@afmug.com *Sent:*Friday, October 03, 2014 6:10 AM *To:*af@afmug.com mailto:af@afmug.com *Subject:*Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com *From: *Ken Hohhof via Af af@afmug.com mailto:af@afmug.com *To: *af@afmug.com mailto:af@afmug.com *Sent: *Thursday, October 2, 2014 5:30:01 PM *Subject: *Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. *From:*That One Guy via Af mailto:af@afmug.com *Sent:*Thursday, October 02, 2014 4:36 PM *To:*af@afmug.com mailto:af@afmug.com *Subject:*Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com mailto:af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. *From:*Af [mailto:af-boun...@afmug.com mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via Af *Sent:* Thursday, October 02, 2014 2:24 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.com mailto:af@afmug.com wrote: CentOS+BIND+Webmin JI can’t remember but Usermin might be the part you’re looking for specific to
Re: [AFMUG] DNS server for guys who dont want to be gurus
One time cost From: Af [mailto:af-boun...@afmug.com] On Behalf Of Adam Moffett via Af Sent: Friday, October 03, 2014 11:13 AM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus simpleDNS looks cheap. Is that a one time cost or do they do something recurring like annual renewals? My predecessor had our DNS setup on SimpleDNS. I have never changed it because it really just always works. I have not had a SINGLE issue with it. Easy GUI. Simple. I will be moving to linux when I get a good VM server going but I am very impressed with SimpleDNS. -Ty On Fri, Oct 3, 2014 at 8:56 AM, Paul McCall via Af af@afmug.commailto:af@afmug.com wrote: I think a couple of us has mentioned SimpleDNS – 2 minute install – just works ☺ From: Af [mailto:af-boun...@afmug.commailto:af-boun...@afmug.com] On Behalf Of Josh Baird via Af Sent: Friday, October 03, 2014 9:47 AM To: af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus Yeah. RHEL/CentOS backport security patches. To quote myself from a previous email in this thread: CentOS doesn't have the latest and greatest packages because it's upstream is RHEL. This is the nature of enterprise linux. They don't have major package revisions during the entire lifecycle of any given major version (ie, RHEL5/6/7) and they backport security fixes and patches. On Fri, Oct 3, 2014 at 9:30 AM, Ken Hohhof via Af af@afmug.commailto:af@afmug.com wrote: I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. From: Mike Hammett via Afmailto:af@afmug.com Sent: Friday, October 03, 2014 6:10 AM To: af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com From: Ken Hohhof via Af af@afmug.commailto:af@afmug.com To: af@afmug.commailto:af@afmug.com Sent: Thursday, October 2, 2014 5:30:01 PM Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. From: That One Guy via Afmailto:af@afmug.com Sent: Thursday, October 02, 2014 4:36 PM To: af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.commailto:af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. From: Af [mailto:af-boun...@afmug.commailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 2:24 PM To: af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.commailto:af@afmug.com wrote: CentOS+BIND+Webmin ☺ I can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. From: Af [mailto:af-boun...@afmug.commailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 1:21 PM To:
Re: [AFMUG] Huawei still at it
Please add the NSA to the list of your banned organizations on westerns states Gino A. Villarini President Aeronet Wireless Broadband Corp. www.aeronetpr.com @aeronetpr From: af@afmug.commailto:af@afmug.com af@afmug.commailto:af@afmug.com Reply-To: af@afmug.commailto:af@afmug.com af@afmug.commailto:af@afmug.com Date: Friday, October 3, 2014 at 11:10 AM To: af@afmug.commailto:af@afmug.com af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] Huawei still at it Cisco, Motorola, Nortel, Seimens, and many others. They should be completed banned from all western nations for patent infringements. Since they are now working with Vivint, there are other people that should now be worried. Rory From: af@afmug.commailto:af@afmug.com [mailto:af@afmug.com] On Behalf Of Mike Hammett Sent: Monday, September 08, 2014 8:02 AM To: af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] Huawei still at it Who'd they steal it from? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com [http://www.ics-il.com/images/fbicon.png]https://www.facebook.com/ICSIL[http://www.ics-il.com/images/googleicon.png]https://plus.google.com/+IntelligentComputingSolutionsDeKalb[http://www.ics-il.com/images/linkedinicon.png]https://www.linkedin.com/company/intelligent-computing-solutions[http://www.ics-il.com/images/twittericon.png]https://twitter.com/ICSIL From: Lewis Bergman lberg...@texascom.commailto:lberg...@texascom.com To: af@afmug.commailto:af@afmug.com Sent: Monday, September 8, 2014 9:11:12 AM Subject: Re: [AFMUG] Huawei still at it In addition to going to their headquarters for the regional WISPA meeting I spent Friday there in their RD department. We are considering moving to their hardened routers from MT. Their price point is good but they have the same broken Cisco looking IOS as everyone except juniper. We are also looking at their fiber line which is why we really started to investigate them. They have a fully hardened router in a metal outdoor case with fiber, copper, and POE coming soon that I am very interested in. I doubt I have anything they want to steal. A corporate culture is a difficult thing to change. Not saying they need to or if thye do need to they want to or will. I like the fact they have SNMP management platform that will mange all their products. The down side is they seem to be unsure if it can even report failures of third party gear which would be a really great thing. I understand if it can't manage it as that requires all kinds of knowledge about the device and UI interface adjustments. I can't see where asking them to throw up a red flag if a trap or out of range is seen is a big deal. It is called the U2000 and is a bit clumsy and ugly on the UI side but it did appear to do the job. We have not made the decision to buy yet but they are in the running. On 9/8/2014 8:09 AM, Ken Hohhof wrote: I talked to the guy at their WISPAmerica booth, he was from Texas. I seem to remember their message was they were one of the few companies that could outfit an entire project from their own portfolio of products. I don’t remember them having actual hardware on exhibit at the show. Recently I got a brochure in the mail from WAV and there was a pretty impressive looking Huawei Ethernet switch on the front. From:Patrick Wheelandmailto:p...@csinet.com Sent: Monday, September 08, 2014 7:27 AM To:af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] Huawei still at it I was surprised to see this in my inbox at the beginning of the year. I will withhold my opinion. [WISPA Announcements] Huawei Joins WISPA as a Vendor Member and is Exhibiting in Booth 505 at WISPAmerica On Sun, Sep 7, 2014 at 8:43 PM, Jason McKemie j.mcke...@veloxinetbroadband.commailto:j.mcke...@veloxinetbroadband.com wrote: Not terribly surprising, I can't believe anyone still does business with this company: http://seattletimes.com/html/businesstechnology/2024470044_tmobilehuaweibuzzxml.html -- Lewis Bergman 4309 Maple ST. Abilene, TX 79602-8099 325-480-2590 Office 325-439-0533 Cell
Re: [AFMUG] DNS server for guys who dont want to be gurus
I know it's been said a few times already, but... The enterprise versions usually backport security fixes. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Ken Hohhof via Af af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 8:30:01 AM Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. From: Mike Hammett via Af Sent: Friday, October 03, 2014 6:10 AM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Ken Hohhof via Af af@afmug.com To: af@afmug.com Sent: Thursday, October 2, 2014 5:30:01 PM Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. From: That One Guy via Af Sent: Thursday, October 02, 2014 4:36 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. From: Af [mailto: af-boun...@afmug.com ] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 2:24 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.com wrote: blockquote CentOS+BIND+Webmin J I can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. From: Af [mailto: af-boun...@afmug.com ] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 1:21 PM To: af@afmug.com Subject: [AFMUG] DNS server for guys who dont want to be gurus Is there a good, simple package for locally hosted DNS Servers for people like me who dont want to get too far into managing the linux at a granular level? we are used to the webmin interface. It would be nice if it had the option to set up client accounts for some clients to manage their own DNS but not view others, but thats in no way a deal breaker -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 /blockquote -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM
Re: [AFMUG] DNS server for guys who dont want to be gurus
To throw my 2 cents in, +1 for Ajenti for managing servers, I've used webmin and ajenti both and like the performance/stripped down approach of Ajenti better. Also +1 for cPanel once you get into allowing customers to manage/update DNS on their own. We host our own DNS server that is locked for our use, and sell hosting packages on another with cPanel, we've moved several customers over, and besides the occasional enterprise with a random computer trying to force a DNS update, it works well. Nicholas Eastman Royell Communications, Inc. (217) 965-3699 1-877-400-9319 nic.east...@royell.org On Fri, Oct 3, 2014 at 9:10 AM, Josh Baird via Af af@afmug.com wrote: If it's BIND 9.8.2 from the CentOS updates repositories, it's patched. It won't contain non-security related features of later versions, but it has been patched for any security related stuff. The internal patch/version level of the package is denoted in the RPM's filename for EL. On Fri, Oct 3, 2014 at 9:57 AM, Ken Hohhof via Af af@afmug.com wrote: I don’t think so. *From:* Adam Moffett via Af af@afmug.com *Sent:* Friday, October 03, 2014 8:34 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus It may be 9.8.2 with security fixes backported from later versions. I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. *From:* Mike Hammett via Af af@afmug.com *Sent:* Friday, October 03, 2014 6:10 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- *From: *Ken Hohhof via Af mailto:af@afmug.com af@afmug.com *To: *af@afmug.com *Sent: *Thursday, October 2, 2014 5:30:01 PM *Subject: *Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. *From:* That One Guy via Af af@afmug.com *Sent:* Thursday, October 02, 2014 4:36 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com wrote: I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via Af *Sent:* Thursday, October 02, 2014 2:24 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in this 1. when running through the current centos installation, what do i select for the server type, for powercode it says select basic server 2. is there a guide for building dedicated centos servers based on server purpose? I assume there are packages I dont need to install if its only got this purpose On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af af@afmug.com wrote: CentOS+BIND+Webmin J I can’t remember but Usermin might be the part you’re looking for specific to users updating their own DNS….. *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via Af *Sent:* Thursday, October 02, 2014 1:21 PM *To:* af@afmug.com *Subject:* [AFMUG] DNS server for guys who dont want to be gurus Is there a good, simple package for locally hosted DNS Servers for people like me who dont want to get too far into managing the linux at a granular level? we are used to the webmin interface. It
Re: [AFMUG] Huawei still at it
I know of the Cisco stuff. The whole world does. I was jokingly assuming that whatever new gadget Lewis was talking about was just ripped off from somebody else. That said... I heard of them running some new 802.11 protocol in the lab and they're the first to do it. Maybe now everything is their own, but it's built on a foundation of theft. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Rory Conaway via Af af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 10:10:16 AM Subject: Re: [AFMUG] Huawei still at it Cisco, Motorola, Nortel, Seimens, and many others. They should be completed banned from all western nations for patent infringements. Since they are now working with Vivint, there are other people that should now be worried. Rory From: af@afmug.com [mailto:af@afmug.com] On Behalf Of Mike Hammett Sent: Monday, September 08, 2014 8:02 AM To: af@afmug.com Subject: Re: [AFMUG] Huawei still at it Who'd they steal it from? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Lewis Bergman lberg...@texascom.com To: af@afmug.com Sent: Monday, September 8, 2014 9:11:12 AM Subject: Re: [AFMUG] Huawei still at it In addition to going to their headquarters for the regional WISPA meeting I spent Friday there in their RD department. We are considering moving to their hardened routers from MT. Their price point is good but they have the same broken Cisco looking IOS as everyone except juniper. We are also looking at their fiber line which is why we really started to investigate them. They have a fully hardened router in a metal outdoor case with fiber, copper, and POE coming soon that I am very interested in. I doubt I have anything they want to steal. A corporate culture is a difficult thing to change. Not saying they need to or if thye do need to they want to or will. I like the fact they have SNMP management platform that will mange all their products. The down side is they seem to be unsure if it can even report failures of third party gear which would be a really great thing. I understand if it can't manage it as that requires all kinds of knowledge about the device and UI interface adjustments. I can't see where asking them to throw up a red flag if a trap or out of range is seen is a big deal. It is called the U2000 and is a bit clumsy and ugly on the UI side but it did appear to do the job. We have not made the decision to buy yet but they are in the running. On 9/8/2014 8:09 AM, Ken Hohhof wrote: I talked to the guy at their WISPAmerica booth, he was from Texas. I seem to remember their message was they were one of the few companies that could outfit an entire project from their own portfolio of products. I don’t remember them having actual hardware on exhibit at the show. Recently I got a brochure in the mail from WAV and there was a pretty impressive looking Huawei Ethernet switch on the front. From: Patrick Wheeland Sent: Monday, September 08, 2014 7:27 AM To: af@afmug.com Subject: Re: [AFMUG] Huawei still at it I was surprised to see this in my inbox at the beginning of the year. I will withhold my opinion. [WISPA Announcements] Huawei Joins WISPA as a Vendor Member and is Exhibiting in Booth 505 at WISPAmerica On Sun, Sep 7, 2014 at 8:43 PM, Jason McKemie j.mcke...@veloxinetbroadband.com wrote: Not terribly surprising, I can't believe anyone still does business with this company: http://seattletimes.com/html/businesstechnology/2024470044_tmobilehuaweibuzzxml.html -- Lewis Bergman 4309 Maple ST. Abilene, TX 79602-8099 325-480-2590 Office 325-439-0533 Cell
Re: [AFMUG] valuing a pay increase
While I don't have any employees, I'd assume what's fair is (assuming the cash flow to allow it) annual raises held to CPI, then add or subtract based on merit. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: That One Guy via Af af@afmug.com To: af@afmug.com Sent: Thursday, October 2, 2014 9:49:20 PM Subject: [AFMUG] valuing a pay increase im curious from the small business owner, which I assume most of you owners on the list consider yourselves, how do you value a pay increase? (assume its an employee that is worth their salt) Do you try to just keep it where the employee has the same spending power, ie just cost of living to match inflation, percentage based, profit based, set value? In discussions with the boss about future he mentioned a number, for shits and giggles I compared what my last raise is worth today. I havent had a raise in 2.5 years, and based on the government calculators what I make now was worth 80 cents more 2.5 years ago than it is now. The number he said was a dollar, which under normal curcumstances to po folk like me isnt a small raise. but when I looked at the numbers, that dollar only puts me 20 cents up on where I was 2.5 years ago, that 8 cents a year in increased purchasing power. That kind of boils down to an insult. Or is that the wrong way to look at the value of the potential pay increase? I have never believed in asking an employer for a raise, my thoughts have always been that an employer thats a good employer will pay you what they think your worth to them, apparently im worth 8 cents -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
[AFMUG] I heard a rumor
Installing an Exalt 11Ghz system next week for a county gov project and I am told the Exalt radios are labeled Cisco. WTF? I will wear surgical gloves at all times Jaime Solorza
Re: [AFMUG] I heard a rumor
If there's any relationship, I'd imagine it'd be Cisco rebadging Exalt. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Jaime Solorza via Af af@afmug.com To: Animal Farm af@afmug.com Sent: Friday, October 3, 2014 11:14:57 AM Subject: [AFMUG] I heard a rumor Installing an Exalt 11Ghz system next week for a county gov project and I am told the Exalt radios are labeled Cisco. WTF? I will wear surgical gloves at all times Jaime Solorza
Re: [AFMUG] I heard a rumor
google cisco microwave radio and you'll find European websites/sales PDFs, with Cisco in western Europe re-selling SIAE 1024QAM PTP licensed band radios. Not too surprising. On Fri, Oct 3, 2014 at 9:17 AM, Mike Hammett via Af af@afmug.com wrote: If there's any relationship, I'd imagine it'd be Cisco rebadging Exalt. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- *From: *Jaime Solorza via Af af@afmug.com *To: *Animal Farm af@afmug.com *Sent: *Friday, October 3, 2014 11:14:57 AM *Subject: *[AFMUG] I heard a rumor Installing an Exalt 11Ghz system next week for a county gov project and I am told the Exalt radios are labeled Cisco. WTF? I will wear surgical gloves at all times Jaime Solorza
Re: [AFMUG] Find licensed links in progress?
Darin, what's the state and county? I have a full copy of the FCC ULS database on a SQL server (in RAM! yay for systems with 72GB memory) and can query it pretty easily. WA state example: select * from fccdata where loc_county_name=SKAGIT and lic_status_code=A and rollup_category_code=Fixed Wireless order by grant_date; On Thu, Oct 2, 2014 at 9:54 PM, Darin Steffl via Af af@afmug.com wrote: Hey guys, There's a tower we want to colocate on that has 2 licensed SAF links and we know who is up there as the tower own has told us who is there. When I search the FCC License database though, I see their other licensed locations and paths for other towers they're on but not for the new tower they've been on for at least 2-3 months now. Is there that long of a lag from the license being granted to showing up on the FCC site? The more unlikely thing is they ordered links and put them up without being granted a license. I doubt that is the case because they have all their other links licensed and and they show up fine. Any ideas or feedback on this? -- Darin Steffl Minnesota WiFi www.mnwifi.com 507-634-WiFi http://www.facebook.com/minnesotawifi Like us on Facebook http://www.facebook.com/minnesotawifi
Re: [AFMUG] I heard a rumor
I think they make a 5 GHz system for Cisco, hadn’t heard about licensed. From: Jaime Solorza via Af Sent: Friday, October 03, 2014 11:14 AM To: Animal Farm Subject: [AFMUG] I heard a rumor Installing an Exalt 11Ghz system next week for a county gov project and I am told the Exalt radios are labeled Cisco. WTF? I will wear surgical gloves at all times Jaime Solorza
Re: [AFMUG] I heard a rumor
http://www.hardware.com/us/products/cisco/AIR-XLTC50DA31AK9 http://www.networkcomputing.com/wireless-infrastructure/ciscos-curious-choice-for-new-high-speed-wireless-bridges/a/d-id/1232084 ? The AIR-xxx part number is Cisco Seems like a lot of money for a not particularly capable 64QAM 5 GHz bridge, it's from early 2010... On Fri, Oct 3, 2014 at 9:42 AM, Ken Hohhof via Af af@afmug.com wrote: I think they make a 5 GHz system for Cisco, hadn’t heard about licensed. *From:* Jaime Solorza via Af af@afmug.com *Sent:* Friday, October 03, 2014 11:14 AM *To:* Animal Farm af@afmug.com *Subject:* [AFMUG] I heard a rumor Installing an Exalt 11Ghz system next week for a county gov project and I am told the Exalt radios are labeled Cisco. WTF? I will wear surgical gloves at all times Jaime Solorza
Re: [AFMUG] Power up the tower?
That's where having sync built-in is nice. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Josh Baird via Af af@afmug.com To: af@afmug.com Sent: Sunday, September 28, 2014 9:27:11 AM Subject: Re: [AFMUG] Power up the tower? If the radios did have SFPs, wouldn't you still need to provide sync (which would mean additional cables)? On Sun, Sep 28, 2014 at 10:12 AM, Mark Radabaugh via Af af@afmug.com wrote: http://www.google.com/url?sa=trct=jq=esrc=ssource=webcd=1cad=rjauact=8ved=0CC0QFjAAurl=http%3A%2F%2Fwww.commscope.com%2FDocs%2FHELIAX_FFDirect_Brochure_BR-107083.pdfei=uhQoVLffMIWayQSu5YCoBAusg=AFQjCNFvqSzEDLibQ4WCTebhIbt3KgEQYQsig2=gR3vElbGdefgDpcYEtvB2Qbvm=bv.76247554,d.aWw I'm getting pricing on this - if it's anything remotely reasonable I'm really thinking about using this for tower sites. With 3 fiber feeds and 3 power feeds I can use one power/fiber pair to each of the SAF Integra's, and use the other one to go to a enclosure with power and a switch to connect to the APs'. I'm trying to find out if I can get a small switch and a PacketFlux Syncinjector stuffed into a 3M Tower Dome Closure: http://multimedia.3m.com/mws/mediawebserver?mwsId=6UgxGCuNyXTtoxMVlxMVEVtQEcuZgVs6EVs6E66--fn=Tower_Dome_Terminal_TDT_T_25_6RS The combination seems like it would solve a lot of problems. It gives us one cable up the tower and the cable fits properly into standard tower hangers. The dome closure can be built on the ground with appropriate length cables to each AP so that the whole thing can be assembled on the ground and then hoisted into place so that the tower monkeys only have to plug things in. The other nice part is if you are using contract tower crews the whole thing looks just like installing a standard Remote Radio Unit (RRU) radio head, so they should both not need a lot of retraining. If we could get our radio manufacturers to start making equipment with SFP's this would be even easier. That's a hint there Cambium. Mark On 9/28/14, 9:50 AM, Chuck Hogg via Af wrote: blockquote We do power and fiber up the tower as our standard...ever since that standard has been used, I don't think we've lost a site yet. Regards, Chuck On Sat, Sep 27, 2014 at 4:32 PM, Matt via Af af@afmug.com wrote: blockquote This is what we have used for all our CMM units for years. http://www.outdoorspeakerdepot.com/14ga2inspca5.html Outdoor, UV resistant, etc. On Sat, Sep 27, 2014 at 1:16 PM, Gino Villarini via Af af@afmug.com wrote: Planning on hanging a DC box on the tower 30-40w total power Cat5 using multiple pairs or 2 conductor cable? We are inclined on cat 5 for standardization purposes... Sent from Marconi's and Graham Bell's fused thoughts!!! /blockquote -- Mark Radabaugh Amplex m...@amplex.net 419.837.5015 x 1021 /blockquote
[AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
Marriott are dicks, but here's an interesting question... broad spectrum 2.4 or 5 GHz jammers are illegal, yeah. But is an 802.11-compliant device issuing deauth requests illegal, if part-15 devices are supposed to accept any unwanted interference and there's no recourse? Provided that the device issuing deauth requests is operating within spec for EIRP, channel plan, etc. On Fri, Oct 3, 2014 at 10:27 AM, Hardy, Tim via Af af@afmug.com wrote: https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
Interesting...so the Cisco wifi controller feature that can DOS rogue AP's with de-auth packets might actually be a crime to use? On 10/3/2014 1:27 PM, Hardy, Tim via Af wrote: https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
being a hotel might be the thing that made it a problem. If an enterprise or hospital does it as a security measure, I have trouble believing that's illegal. Marriott are dicks, but here's an interesting question... broad spectrum 2.4 or 5 GHz jammers are illegal, yeah. But is an 802.11-compliant device issuing deauth requests illegal, if part-15 devices are supposed to accept any unwanted interference and there's no recourse? Provided that the device issuing deauth requests is operating within spec for EIRP, channel plan, etc. On Fri, Oct 3, 2014 at 10:27 AM, Hardy, Tim via Af af@afmug.com mailto:af@afmug.com wrote: https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
Why cisco wasn’t fined? Or part of the investigation? Gino A. Villarini President Aeronet Wireless Broadband Corp. www.aeronetpr.com @aeronetpr From: af@afmug.commailto:af@afmug.com af@afmug.commailto:af@afmug.com Reply-To: af@afmug.commailto:af@afmug.com af@afmug.commailto:af@afmug.com Date: Friday, October 3, 2014 at 1:39 PM To: af@afmug.commailto:af@afmug.com af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION Interesting...so the Cisco wifi controller feature that can DOS rogue AP's with de-auth packets might actually be a crime to use? On 10/3/2014 1:27 PM, Hardy, Tim via Af wrote: https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
I've dealt with this before as a consultant for companies setting up systems at trade shows... Places where the convention center has one ISP they demand you use. Get around any possible deauth requests by using a wired router with LTE-Advanced WAN interface and 100/1000 Mbps wired LAN interfaces. For example: http://www.cisco.com/c/en/us/products/collateral/routers/819-integrated-services-router-isr/data_sheet_c78-678459.html If a convention center or hotel fucks with licensed band LTE frequencies, they're really in trouble. On Fri, Oct 3, 2014 at 10:40 AM, Chuck McCown via Af af@afmug.com wrote: Interference as in RF interference from others on the same or nearby channel is one thing. Actively disrupting a legal communication is another thing. That is never legal. And since it is internet, and since internet is defined by the FCC as interstate in nature, actively disrupting interstate commerce can be considered an act of terrorism. They should consider themselves lucky. *From:* Eric Kuhnke via Af af@afmug.com *Sent:* Friday, October 03, 2014 11:35 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION Marriott are dicks, but here's an interesting question... broad spectrum 2.4 or 5 GHz jammers are illegal, yeah. But is an 802.11-compliant device issuing deauth requests illegal, if part-15 devices are supposed to accept any unwanted interference and there's no recourse? Provided that the device issuing deauth requests is operating within spec for EIRP, channel plan, etc. On Fri, Oct 3, 2014 at 10:27 AM, Hardy, Tim via Af af@afmug.com wrote: https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
More information about impermissible Wi-Fi blocking or jamming practices is available at www.fcc.gov/jammers. If you would like additional information about Wi-Fi blocking, you may email us at jammeri...@fcc.gov. From: Af [mailto:af-boun...@afmug.com] On Behalf Of Adam Moffett via Af Sent: Friday, October 03, 2014 1:42 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION being a hotel might be the thing that made it a problem. If an enterprise or hospital does it as a security measure, I have trouble believing that's illegal. Marriott are dicks, but here's an interesting question... broad spectrum 2.4 or 5 GHz jammers are illegal, yeah. But is an 802.11-compliant device issuing deauth requests illegal, if part-15 devices are supposed to accept any unwanted interference and there's no recourse? Provided that the device issuing deauth requests is operating within spec for EIRP, channel plan, etc. On Fri, Oct 3, 2014 at 10:27 AM, Hardy, Tim via Af af@afmug.commailto:af@afmug.com wrote: https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
And the actual order has more detail http://transition.fcc.gov/Daily_Releases/Daily_Business/2014/db1003/DA-14-1444A1.pdf From: Af [mailto:af-boun...@afmug.com] On Behalf Of Hardy, Tim via Af Sent: Friday, October 03, 2014 1:46 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION More information about impermissible Wi-Fi blocking or jamming practices is available at www.fcc.gov/jammershttp://www.fcc.gov/jammers. If you would like additional information about Wi-Fi blocking, you may email us at jammeri...@fcc.govmailto:jammeri...@fcc.gov. From: Af [mailto:af-boun...@afmug.com] On Behalf Of Adam Moffett via Af Sent: Friday, October 03, 2014 1:42 PM To: af@afmug.commailto:af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION being a hotel might be the thing that made it a problem. If an enterprise or hospital does it as a security measure, I have trouble believing that's illegal. Marriott are dicks, but here's an interesting question... broad spectrum 2.4 or 5 GHz jammers are illegal, yeah. But is an 802.11-compliant device issuing deauth requests illegal, if part-15 devices are supposed to accept any unwanted interference and there's no recourse? Provided that the device issuing deauth requests is operating within spec for EIRP, channel plan, etc. On Fri, Oct 3, 2014 at 10:27 AM, Hardy, Tim via Af af@afmug.commailto:af@afmug.com wrote: https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx
Re: [AFMUG] valuing a pay increase
That’s like what happens when someone wants to sell their WISP, they say here is what I want to get out of it, because of what I put into it or what I need to pay off creditors or to retire. But the seller doesn’t care about any of that, they care about revenue and EBITDA. Some employers will factor in what an employee needs, but that’s what led to paying men more than women because of the assumption men need more because they have a family to support. That’s an outdated concept. Pay is based on contribution to profits and market value of similar labor. In other words, if you bring in lots of dollars, but somebody in India will do it for 1/10 of your salary, you’re still screwed. Note that some certifications don’t cost a lot, self-study and pay a nominal amount to take a computerized test. I got my Cisco certs that way, and I made sure I studied so I would pass the first time because every test came out of my pocket. Also some community colleges have cert programs that don’t cost a lot. From: That One Guy via Af Sent: Friday, October 03, 2014 12:45 PM To: af@afmug.com Subject: Re: [AFMUG] valuing a pay increase Certifications situation sucks, the boss wont pay and I dont have the dough, I make just enough to be ineligible for the free government dough, but thats kind of the american way Thats what im still trying to grasp, is the point of the employee pay to keep up the same purchasing power through minimal cost of living or to progressively increase it. I know it varies by economy and industry and area, but just curious in general from the employer perspective, I know from my employee perspective I want to be able to jack my house up and dig a new 10 foot basement. On Fri, Oct 3, 2014 at 10:53 AM, Mike Hammett via Af af@afmug.com wrote: While I don't have any employees, I'd assume what's fair is (assuming the cash flow to allow it) annual raises held to CPI, then add or subtract based on merit. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- From: That One Guy via Af af@afmug.com To: af@afmug.com Sent: Thursday, October 2, 2014 9:49:20 PM Subject: [AFMUG] valuing a pay increase im curious from the small business owner, which I assume most of you owners on the list consider yourselves, how do you value a pay increase? (assume its an employee that is worth their salt) Do you try to just keep it where the employee has the same spending power, ie just cost of living to match inflation, percentage based, profit based, set value? In discussions with the boss about future he mentioned a number, for shits and giggles I compared what my last raise is worth today. I havent had a raise in 2.5 years, and based on the government calculators what I make now was worth 80 cents more 2.5 years ago than it is now. The number he said was a dollar, which under normal curcumstances to po folk like me isnt a small raise. but when I looked at the numbers, that dollar only puts me 20 cents up on where I was 2.5 years ago, that 8 cents a year in increased purchasing power. That kind of boils down to an insult. Or is that the wrong way to look at the value of the potential pay increase? I have never believed in asking an employer for a raise, my thoughts have always been that an employer thats a good employer will pay you what they think your worth to them, apparently im worth 8 cents -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
Sounds like they're setting a precedent that a landlord can't operate rogue AP detection/automatic deauth against tenants or customers. Should still be fine in an enterprise environment. Where it gets possibly weird is, let's say you're a major law firm that is a tenant in a large office building. You occupy half a floor. You operate your own enterprise wifi system and use cisco's rogue AP deauth feature. The tenants in the other suite (a totally separate business) on the other half of the same floor notice that wifi tethering doesn't work on any of their phones, and their pocket wifi hotspots don't work. On Fri, Oct 3, 2014 at 10:52 AM, Hardy, Tim via Af af@afmug.com wrote: And the actual order has more detail http://transition.fcc.gov/Daily_Releases/Daily_Business/2014/db1003/DA-14-1444A1.pdf *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *Hardy, Tim via Af *Sent:* Friday, October 03, 2014 1:46 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION More information about impermissible Wi-Fi blocking or jamming practices is available at www.fcc.gov/jammers. If you would like additional information about Wi-Fi blocking, you may email us at jammeri...@fcc.gov. *From:* Af [mailto:af-boun...@afmug.com af-boun...@afmug.com] *On Behalf Of *Adam Moffett via Af *Sent:* Friday, October 03, 2014 1:42 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION being a hotel might be the thing that made it a problem. If an enterprise or hospital does it as a security measure, I have trouble believing that's illegal. Marriott are dicks, but here's an interesting question... broad spectrum 2.4 or 5 GHz jammers are illegal, yeah. But is an 802.11-compliant device issuing deauth requests illegal, if part-15 devices are supposed to accept any unwanted interference and there's no recourse? Provided that the device issuing deauth requests is operating within spec for EIRP, channel plan, etc. On Fri, Oct 3, 2014 at 10:27 AM, Hardy, Tim via Af af@afmug.com wrote: https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
“No person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this Act or operated by the United States Government” Wifi is authorized. You don’t have the legal right to deauth any AP sessions but your own. I would think the manufacturer of equipment that makes this possible would be just as liable as manufacturers of RF jammers. From: Eric Kuhnke via Af Sent: Friday, October 03, 2014 12:03 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION Sounds like they're setting a precedent that a landlord can't operate rogue AP detection/automatic deauth against tenants or customers. Should still be fine in an enterprise environment. Where it gets possibly weird is, let's say you're a major law firm that is a tenant in a large office building. You occupy half a floor. You operate your own enterprise wifi system and use cisco's rogue AP deauth feature. The tenants in the other suite (a totally separate business) on the other half of the same floor notice that wifi tethering doesn't work on any of their phones, and their pocket wifi hotspots don't work. On Fri, Oct 3, 2014 at 10:52 AM, Hardy, Tim via Af af@afmug.com wrote: And the actual order has more detail http://transition.fcc.gov/Daily_Releases/Daily_Business/2014/db1003/DA-14-1444A1.pdf From: Af [mailto:af-boun...@afmug.com] On Behalf Of Hardy, Tim via Af Sent: Friday, October 03, 2014 1:46 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION More information about impermissible Wi-Fi blocking or jamming practices is available at www.fcc.gov/jammers. If you would like additional information about Wi-Fi blocking, you may email us at jammeri...@fcc.gov. From: Af [mailto:af-boun...@afmug.com] On Behalf Of Adam Moffett via Af Sent: Friday, October 03, 2014 1:42 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION being a hotel might be the thing that made it a problem. If an enterprise or hospital does it as a security measure, I have trouble believing that's illegal. Marriott are dicks, but here's an interesting question... broad spectrum 2.4 or 5 GHz jammers are illegal, yeah. But is an 802.11-compliant device issuing deauth requests illegal, if part-15 devices are supposed to accept any unwanted interference and there's no recourse? Provided that the device issuing deauth requests is operating within spec for EIRP, channel plan, etc. On Fri, Oct 3, 2014 at 10:27 AM, Hardy, Tim via Af af@afmug.com wrote: https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx
Re: [AFMUG] I heard a rumor
Oh well..the money is good. Glad I am not paying for rooms at holiday inn. 300 a night due to oil boom in area...I am also working on a referral from distributor to install a Cambium PTP 800 series 23Ghz cross border shot next weekend.Replacing old Motorola gear from what I am told. Jaime Solorza On Oct 3, 2014 10:18 AM, Mike Hammett via Af af@afmug.com wrote: If there's any relationship, I'd imagine it'd be Cisco rebadging Exalt. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- *From: *Jaime Solorza via Af af@afmug.com *To: *Animal Farm af@afmug.com *Sent: *Friday, October 3, 2014 11:14:57 AM *Subject: *[AFMUG] I heard a rumor Installing an Exalt 11Ghz system next week for a county gov project and I am told the Exalt radios are labeled Cisco. WTF? I will wear surgical gloves at all times Jaime Solorza
Re: [AFMUG] DNS server for guys who dont want to be gurus
Running on Windows can be fine if you know what you're doing. Just can't be any random Windows user, though... - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Eric Kuhnke via Af af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 1:28:21 PM Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus If you're an ISP and you run back-end infrastructure on Windows, I feel sorry for you On Fri, Oct 3, 2014 at 11:23 AM, That One Guy via Af af@afmug.com wrote: simpledns is windows based though, even though microsoft is pretty much giving away virtual server licenses these days, theres still that cost, and I just dont like exposing windows to the world, which is odd because Im a windows guy. Another reason is if there is a windows server, somebody will install software to it. On Fri, Oct 3, 2014 at 10:40 AM, Nicholas Eastman via Af af@afmug.com wrote: blockquote To throw my 2 cents in, +1 for Ajenti for managing servers, I've used webmin and ajenti both and like the performance/stripped down approach of Ajenti better. Also +1 for cPanel once you get into allowing customers to manage/update DNS on their own. We host our own DNS server that is locked for our use, and sell hosting packages on another with cPanel, we've moved several customers over, and besides the occasional enterprise with a random computer trying to force a DNS update, it works well. Nicholas Eastman Royell Communications, Inc. (217) 965-3699 1-877-400-9319 nic.east...@royell.org On Fri, Oct 3, 2014 at 9:10 AM, Josh Baird via Af af@afmug.com wrote: blockquote If it's BIND 9.8.2 from the CentOS updates repositories, it's patched. It won't contain non-security related features of later versions, but it has been patched for any security related stuff. The internal patch/version level of the package is denoted in the RPM's filename for EL. On Fri, Oct 3, 2014 at 9:57 AM, Ken Hohhof via Af af@afmug.com wrote: blockquote I don’t think so. From: Adam Moffett via Af Sent: Friday, October 03, 2014 8:34 AM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus It may be 9.8.2 with security fixes backported from later versions. blockquote I would disagree, didn’t Steve say the latest he updated to was 9.8.2? https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions old. With all the DNS amplification attacks and these zero day exploits coming out all the time, I’d want to be pretty current, plus I believe 9.10 gives you RRL in your toolbox to deal with attacks although I’ll admit I haven’t had time to experiment with it. From: Mike Hammett via Af Sent: Friday, October 03, 2014 6:10 AM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus The server based distributions like CentOS\RHEL and Debian generally are close to current regarding security updates even if they don't have the latest version. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com From: Ken Hohhof via Af mailto:af@afmug.com To: af@afmug.com Sent: Thursday, October 2, 2014 5:30:01 PM Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus You need a named.conf that defines the slave zones and the IP address of the master. But first step is to download/compile/install the latest version of BIND, it’s actually quite easy. I doubt you can get the version you want via yum update because CentOS is based on RHEL which is always a few steps behind. Given the DNS attacks, you want the latest BIND. You might then want to lock out the package from being updated by yum. From: That One Guy via Af Sent: Thursday, October 02, 2014 4:36 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus So Im at a new Centos with webmin fresh bind install. We have one master, one slave server I have never set up bind, this was done before me. If I were to take down the old slave server and bring this one up on its IP will the master update this one, or is there a config I need to move over. Im more comfotable doing the slave first. These are all webmin, but the original is ubuntu and the new is centos On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af af@afmug.com wrote: blockquote I always install CentOS bare bones …. “minimal server” is what the installation will call it. This way you can install whatever you like after installation and not worry about removing many dozen packages you don’t need… Just my preference anyways…. From: Af [mailto: af-boun...@afmug.com ] On Behalf Of That One Guy via Af Sent: Thursday, October 02, 2014 2:24 PM To: af@afmug.com Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus 2 questions in
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
So then those Enterprise security types are going to have to stick to disabling Ethernet ports, I guess. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Chuck McCown via Af af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 1:13:45 PM Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION “No person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this Act or operated by the United States Government” Wifi is authorized. You don’t have the legal right to deauth any AP sessions but your own. I would think the manufacturer of equipment that makes this possible would be just as liable as manufacturers of RF jammers. From: Eric Kuhnke via Af Sent: Friday, October 03, 2014 12:03 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION Sounds like they're setting a precedent that a landlord can't operate rogue AP detection/automatic deauth against tenants or customers. Should still be fine in an enterprise environment. Where it gets possibly weird is, let's say you're a major law firm that is a tenant in a large office building. You occupy half a floor. You operate your own enterprise wifi system and use cisco's rogue AP deauth feature. The tenants in the other suite (a totally separate business) on the other half of the same floor notice that wifi tethering doesn't work on any of their phones, and their pocket wifi hotspots don't work. On Fri, Oct 3, 2014 at 10:52 AM, Hardy, Tim via Af af@afmug.com wrote: And the actual order has more detail http://transition.fcc.gov/Daily_Releases/Daily_Business/2014/db1003/DA-14-1444A1.pdf From: Af [mailto: af-boun...@afmug.com ] On Behalf Of Hardy, Tim via Af Sent: Friday, October 03, 2014 1:46 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION More information about impermissible Wi-Fi blocking or jamming practices is available at www.fcc.gov/jammers . If you would like additional information about Wi-Fi blocking, you may email us at jammeri...@fcc.gov . From: Af [ mailto:af-boun...@afmug.com ] On Behalf Of Adam Moffett via Af Sent: Friday, October 03, 2014 1:42 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION being a hotel might be the thing that made it a problem. If an enterprise or hospital does it as a security measure, I have trouble believing that's illegal. blockquote Marriott are dicks, but here's an interesting question... broad spectrum 2.4 or 5 GHz jammers are illegal, yeah. But is an 802.11-compliant device issuing deauth requests illegal, if part-15 devices are supposed to accept any unwanted interference and there's no recourse? Provided that the device issuing deauth requests is operating within spec for EIRP, channel plan, etc. On Fri, Oct 3, 2014 at 10:27 AM, Hardy, Tim via Af af@afmug.com wrote: https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx /blockquote
Re: [AFMUG] Huawei still at it
Fruit from the poison tree. They basically laundered the technology long enough that they claim it’s now there. They are working on the firmware for Vivint at this point creating a proprietary protocol for their system. So, given their history, their relationship and foundation in the Chinese military, their resources for reverse engineering, and their pension to steal patents, and the fact that the United States won’t let them become a cell operator in the country, I’d like to see them rejected from WISPA. We have a lot of manufactures as members that will now become targets. If I’m them, I’d be screaming to the rooftops to get rid of them. Personally, I’m very unhappy they were ever accepted. Once a thief, always a thief, regardless of how expensive your suit is. Rory From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mike Hammett via Af Sent: Friday, October 03, 2014 8:52 AM To: af@afmug.com Subject: Re: [AFMUG] Huawei still at it I know of the Cisco stuff. The whole world does. I was jokingly assuming that whatever new gadget Lewis was talking about was just ripped off from somebody else. That said... I heard of them running some new 802.11 protocol in the lab and they're the first to do it. Maybe now everything is their own, but it's built on a foundation of theft. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com From: Rory Conaway via Af af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 10:10:16 AM Subject: Re: [AFMUG] Huawei still at it Cisco, Motorola, Nortel, Seimens, and many others. They should be completed banned from all western nations for patent infringements. Since they are now working with Vivint, there are other people that should now be worried. Rory From: af@afmug.com [mailto:af@afmug.com] On Behalf Of Mike Hammett Sent: Monday, September 08, 2014 8:02 AM To: af@afmug.com Subject: Re: [AFMUG] Huawei still at it Who'd they steal it from? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com https://www.facebook.com/ICSIL https://plus.google.com/+IntelligentComputingSolutionsDeKalb https://www.linkedin.com/company/intelligent-computing-solutions https://twitter.com/ICSIL From: Lewis Bergman lberg...@texascom.com To: af@afmug.com Sent: Monday, September 8, 2014 9:11:12 AM Subject: Re: [AFMUG] Huawei still at it In addition to going to their headquarters for the regional WISPA meeting I spent Friday there in their RD department. We are considering moving to their hardened routers from MT. Their price point is good but they have the same broken Cisco looking IOS as everyone except juniper. We are also looking at their fiber line which is why we really started to investigate them. They have a fully hardened router in a metal outdoor case with fiber, copper, and POE coming soon that I am very interested in. I doubt I have anything they want to steal. A corporate culture is a difficult thing to change. Not saying they need to or if thye do need to they want to or will. I like the fact they have SNMP management platform that will mange all their products. The down side is they seem to be unsure if it can even report failures of third party gear which would be a really great thing. I understand if it can't manage it as that requires all kinds of knowledge about the device and UI interface adjustments. I can't see where asking them to throw up a red flag if a trap or out of range is seen is a big deal. It is called the U2000 and is a bit clumsy and ugly on the UI side but it did appear to do the job. We have not made the decision to buy yet but they are in the running. On 9/8/2014 8:09 AM, Ken Hohhof wrote: I talked to the guy at their WISPAmerica booth, he was from Texas. I seem to remember their message was they were one of the few companies that could outfit an entire project from their own portfolio of products. I don’t remember them having actual hardware on exhibit at the show. Recently I got a brochure in the mail from WAV and there was a pretty impressive looking Huawei Ethernet switch on the front. From: Patrick Wheeland mailto:p...@csinet.com Sent: Monday, September 08, 2014 7:27 AM To: af@afmug.com Subject: Re: [AFMUG] Huawei still at it I was surprised to see this in my inbox at the beginning of the year. I will withhold my opinion. [WISPA Announcements] Huawei Joins WISPA as a Vendor Member and is Exhibiting in Booth 505 at WISPAmerica On Sun, Sep 7, 2014 at 8:43 PM, Jason McKemie j.mcke...@veloxinetbroadband.com wrote: Not terribly surprising, I can't believe anyone still does business with this company:
Re: [AFMUG] Huawei still at it
On that note, we shouldn't allow companies like Microsoft, Apple,and Samsung to attend WISPA either, since they have stolen things in the past. Isn't that pretty much how world-wide corporations work these days? I'm not support Huawei here, I think they are as bad as you say... just trying to prove a point. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 10/03/2014 10:37 AM, Rory Conaway via Af wrote: Fruit from the poison tree. They basically laundered the technology long enough that they claim it’s now there. They are working on the firmware for Vivint at this point creating a proprietary protocol for their system. So, given their history, their relationship and foundation in the Chinese military, their resources for reverse engineering, and their pension to steal patents, and the fact that the United States won’t let them become a cell operator in the country, I’d like to see them rejected from WISPA. We have a lot of manufactures as members that will now become targets. If I’m them, I’d be screaming to the rooftops to get rid of them. Personally, I’m very unhappy they were ever accepted. Once a thief, always a thief, regardless of how expensive your suit is. Rory *From:*Af [mailto:af-boun...@afmug.com] *On Behalf Of *Mike Hammett via Af *Sent:* Friday, October 03, 2014 8:52 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] Huawei still at it I know of the Cisco stuff. The whole world does. I was jokingly assuming that whatever new gadget Lewis was talking about was just ripped off from somebody else. That said... I heard of them running some new 802.11 protocol in the lab and they're the first to do it. Maybe now everything is their own, but it's built on a foundation of theft. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com *From: *Rory Conaway via Af af@afmug.com mailto:af@afmug.com *To: *af@afmug.com mailto:af@afmug.com *Sent: *Friday, October 3, 2014 10:10:16 AM *Subject: *Re: [AFMUG] Huawei still at it Cisco, Motorola, Nortel, Seimens, and many others. They should be completed banned from all western nations for patent infringements. Since they are now working with Vivint, there are other people that should now be worried. Rory *From:*af@afmug.com mailto:af@afmug.com [mailto:af@afmug.com] *On Behalf Of *Mike Hammett *Sent:* Monday, September 08, 2014 8:02 AM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] Huawei still at it Who'd they steal it from? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com https://www.facebook.com/ICSILhttps://plus.google.com/+IntelligentComputingSolutionsDeKalbhttps://www.linkedin.com/company/intelligent-computing-solutionshttps://twitter.com/ICSIL *From: *Lewis Bergman lberg...@texascom.com mailto:lberg...@texascom.com *To: *af@afmug.com mailto:af@afmug.com *Sent: *Monday, September 8, 2014 9:11:12 AM *Subject: *Re: [AFMUG] Huawei still at it In addition to going to their headquarters for the regional WISPA meeting I spent Friday there in their RD department. We are considering moving to their hardened routers from MT. Their price point is good but they have the same broken Cisco looking IOS as everyone except juniper. We are also looking at their fiber line which is why we really started to investigate them. They have a fully hardened router in a metal outdoor case with fiber, copper, and POE coming soon that I am very interested in. I doubt I have anything they want to steal. A corporate culture is a difficult thing to change. Not saying they need to or if thye do need to they want to or will. I like the fact they have SNMP management platform that will mange all their products. The down side is they seem to be unsure if it can even report failures of third party gear which would be a really great thing. I understand if it can't manage it as that requires all kinds of knowledge about the device and UI interface adjustments. I can't see where asking them to throw up a red flag if a trap or out of range is seen is a big deal. It is called the U2000 and is a bit clumsy and ugly on the UI side but it did appear to do the job. We have not made the decision to buy yet but they are in the running. On 9/8/2014 8:09 AM, Ken Hohhof wrote: I talked to the guy at their WISPAmerica booth, he was from Texas. I seem to remember their message was they were one of the few companies that could outfit an entire project from their own portfolio of products. I don’t remember them having actual hardware on exhibit at the show. Recently I got a brochure in the mail from WAV and there was a pretty impressive looking Huawei Ethernet switch on the front. *From:*Patrick Wheeland mailto:p...@csinet.com
Re: [AFMUG] Source for 6 gauge grounding wire and ends
I believe my Menards stocks all the way up to 4 gauge and accessories. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Josh Luthman via Af af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 2:12:27 PM Subject: [AFMUG] Source for 6 gauge grounding wire and ends Does anyone know where I can find this? The hardware store doesn't have anything even close (10 gauge was their largest). I also need the fork or round ends to clamp onto the wire. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373
Re: [AFMUG] Source for 6 gauge grounding wire and ends
Menard's like the guy that broke from Lowe's??? With all the groceries and such? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Oct 3, 2014 at 3:14 PM, Mike Hammett via Af af@afmug.com wrote: I believe my Menards stocks all the way up to 4 gauge and accessories. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- *From: *Josh Luthman via Af af@afmug.com *To: *af@afmug.com *Sent: *Friday, October 3, 2014 2:12:27 PM *Subject: *[AFMUG] Source for 6 gauge grounding wire and ends Does anyone know where I can find this? The hardware store doesn't have anything even close (10 gauge was their largest). I also need the fork or round ends to clamp onto the wire. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373
Re: [AFMUG] Source for 6 gauge grounding wire and ends
Like the one in Tipp City. ;-) - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Josh Luthman via Af af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 2:19:37 PM Subject: Re: [AFMUG] Source for 6 gauge grounding wire and ends Menard's like the guy that broke from Lowe's??? With all the groceries and such? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Oct 3, 2014 at 3:14 PM, Mike Hammett via Af af@afmug.com wrote: I believe my Menards stocks all the way up to 4 gauge and accessories. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com From: Josh Luthman via Af af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 2:12:27 PM Subject: [AFMUG] Source for 6 gauge grounding wire and ends Does anyone know where I can find this? The hardware store doesn't have anything even close (10 gauge was their largest). I also need the fork or round ends to clamp onto the wire. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373
Re: [AFMUG] Source for 6 gauge grounding wire and ends
We've gotten 6 AWG and larger at Home Depot. bp On 10/3/2014 12:12 PM, Josh Luthman via Af wrote: Does anyone know where I can find this? The hardware store doesn't have anything even close (10 gauge was their largest). I also need the fork or round ends to clamp onto the wire. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
even further, in the example of the defence contractor's facility... plans for the JSF. at minimum: a) you would never have the plans outside of a SCIF b) no outside equipment or wireless equipment would be allowed inside the SCIF c) the SCIF would be TEMPEST rated and certified d) people who had not gone through a full security clearance process would not be permitted inside the SCIF On Fri, Oct 3, 2014 at 12:33 PM, Chuck McCown via Af af@afmug.com wrote: I am guessing that if someone was going to steal secrets from a defense contractor, they would be more sneaky than that. I have been in some DOD contractors’ plants where you checked your cell phone at the front door and you did not take even a jump drive to or from home. Each workstation was connected via fiber. None of them had USB or ethernet ports. Keyboard and mouse were hard wired to the box. And they all had to be turned off before guys like me got to enter the room. In one plant, I needed to find a software bug that was preventing my airborne PBX from connecting to their satellite transceiver. I had to send my computer to them a week in advance for them to examine before I arrived. Then I could work on my own computer and compiler while in the lab. But I didn’t get to take anything home with me. The examined my computer a second time and then sent my my computer with my altered source code. (Actually, the fix was to their system. I was quite gleeful and smug about that. But I did make some comments to my code. I could have carried on without the latest version of my code). *From:* Adam Moffett via Af af@afmug.com *Sent:* Friday, October 03, 2014 1:08 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION I dunno. If Marriott was using it to force people to buy access to their own wifi, then that's a bit shifty. If Lockheed Martin wants to deauth rogue AP's so nobody plugs in a wifi AP in the engineering department and the file server containing plans for the Joint Strike Fighter is suddenly exposed via wifi to somebody sitting in the parking lot, then I think they're justified. I would say the same about any company trying to protect trade secrets or other IP. In the law firm example where they are hurting other tenants in the building, that's probably not ok. The hypothetical law firm should have to take steps to ensure that their wifi can't leave their own area, or move their practice to a fenced in compound like Lockheed. This is not me telling you what's legaljust me saying what I think is fair and reasonable. On the other hand, I guess if I was Lockhead Martin, I'd probably just write the FCC the $600,000 check and then send a bill for it to the DOD. So then those Enterprise security types are going to have to stick to disabling Ethernet ports, I guess. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- *From: *Chuck McCown via Af mailto:af@afmug.com af@afmug.com *To: *af@afmug.com *Sent: *Friday, October 3, 2014 1:13:45 PM *Subject: *Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION “No person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this Act or operated by the United States Government” Wifi is authorized. You don’t have the legal right to deauth any AP sessions but your own. I would think the manufacturer of equipment that makes this possible would be just as liable as manufacturers of RF jammers. *From:* Eric Kuhnke via Af af@afmug.com *Sent:* Friday, October 03, 2014 12:03 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION Sounds like they're setting a precedent that a landlord can't operate rogue AP detection/automatic deauth against tenants or customers. Should still be fine in an enterprise environment. Where it gets possibly weird is, let's say you're a major law firm that is a tenant in a large office building. You occupy half a floor. You operate your own enterprise wifi system and use cisco's rogue AP deauth feature. The tenants in the other suite (a totally separate business) on the other half of the same floor notice that wifi tethering doesn't work on any of their phones, and their pocket wifi hotspots don't work. On Fri, Oct 3, 2014 at 10:52 AM, Hardy, Tim via Af af@afmug.com wrote: And the actual order has more detail http://transition.fcc.gov/Daily_Releases/Daily_Business/2014/db1003/DA-14-1444A1.pdf *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *Hardy, Tim via Af *Sent:* Friday, October 03, 2014 1:46 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION More information about impermissible Wi-Fi blocking or
Re: [AFMUG] Power up the tower?
Kade, I can't speak on the fiber, because we have used a few different kinds over the builds we have done. My favorite has been bend insensitive fiber. It is small and can make the same turns the Ethernet and power can without risking a break. It is also really thin and makes for easier movement when securing the cable. In terms of the PacketFlux gear in the air, if the site is done properly and grounded, there shouldn't be any problems. I have only had to replace two of them since we started building our larger sites out like this. The list Gerard gave is missing two items I believe: breakers and fuses. More often than not, the fuses on the ground are the ones that go. We have one site where our box is 360ft on the tower. This site almost always suffers some kind of issue in major lightning storms. It trips a breaker at the base. The drive out is 20 minutes and worth while compared to having to climb the tower when the storm is over. We do not use UPSs anymore on the large deployments. The DC box stays on the ground because the power line going up the tower is either fused or has it's own DC breaker. We also have a site monitor at the base to monitor voltage levels on the batteries and we can graph the stats to troubleshoot in the future. Because we use a breaker or fuse in our DC system going from the top to the bottom, it would be a pain to still have to climb to replace a fuse if necessary. Vince West Tower Hand Technical Support Shelby Broadband 148 Citizens Blvd Simpsonville, KY 40067 Phone: 1-888-364-4232 On Thu, Oct 2, 2014 at 3:22 PM, Kade Sullivan via Af af@afmug.com wrote: Do you guys find that the packetflux gear has a high survival rate up there? We have a site that needs converted to DC and recabled, and are considering this route. Our thinking is, why put the dc box at the bottom when we can just put the thing up at the top and run nothing down to the bottom except power. All our backhauls are half way up the tower, no reason to even have anything at the bottom except the UPS. What type of fiber are you guys using for attaching to the tower? We will need to run a fiber from 1 level to another on the tower to feed the backhauls to the APs, and are unsure which type fiber cable to look at. Should we use armored fiber and just ground the jacket to the tower on each end, or do we want fiber with no metal jacket so that it's not conductive? On Mon, Sep 29, 2014 at 3:27 PM, Gerard Dupont III via Af af@afmug.com wrote: Our Top boxes usually contain the following. 1x Sitemonitor 2x GigabitSyncInjectors 1x Citel DS210-48DC 2x Traco TCL 060-124 DC Down Convertors - http://www.tracopower.com/products/tcl-dc.pdf 1x RB2011 2x APC PRM4 Surge Chasis 8x GigEAPC-HV Gerard On Sun, Sep 28, 2014 at 10:57 AM, Chuck Hogg via Af af@afmug.com wrote: We use this, and solder two legs together. We send 48v DC up to the top and downconvert. I think we've gone about 450' with this configuration (including up the tower and along the cable raceway to the inside of a building) However, that's primarily why we send 48v up and downconvert, because of the voltage loss. Gives very clean 24v power to the equipment. http://www.amazon.com/Cable-Portable-Power-Gauge-Conductor/dp/B0076ZT4C2 It would probably be better for me to take a picture of one of our boxes. We are continually building them as we continue our wireless upgrades. I don't remember if Gerard resub'd to this list after it moved, but he's the engineer behind the box. He can give you parts. Regards, Chuck On Sun, Sep 28, 2014 at 10:07 AM, Tyson Burris @ Internet Comm. Inc via Af af@afmug.com wrote: Chuck, Are you doing any 8-10 gauge runs exceeding 500' ? I can't seem to find what I need Sent from my iPhone On Sep 28, 2014, at 9:50 AM, Chuck Hogg via Af af@afmug.com wrote: We do power and fiber up the tower as our standard...ever since that standard has been used, I don't think we've lost a site yet. Regards, Chuck On Sat, Sep 27, 2014 at 4:32 PM, Matt via Af af@afmug.com wrote: This is what we have used for all our CMM units for years. http://www.outdoorspeakerdepot.com/14ga2inspca5.html Outdoor, UV resistant, etc. On Sat, Sep 27, 2014 at 1:16 PM, Gino Villarini via Af af@afmug.com wrote: Planning on hanging a DC box on the tower 30-40w total power Cat5 using multiple pairs or 2 conductor cable? We are inclined on cat 5 for standardization purposes... Sent from Marconi's and Graham Bell's fused thoughts!!!
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
It's an intentionally extreme example. even further, in the example of the defence contractor's facility... plans for the JSF. at minimum: a) you would never have the plans outside of a SCIF b) no outside equipment or wireless equipment would be allowed inside the SCIF c) the SCIF would be TEMPEST rated and certified d) people who had not gone through a full security clearance process would not be permitted inside the SCIF On Fri, Oct 3, 2014 at 12:33 PM, Chuck McCown via Af af@afmug.com mailto:af@afmug.com wrote: I am guessing that if someone was going to steal secrets from a defense contractor, they would be more sneaky than that. I have been in some DOD contractors’ plants where you checked your cell phone at the front door and you did not take even a jump drive to or from home. Each workstation was connected via fiber. None of them had USB or ethernet ports. Keyboard and mouse were hard wired to the box. And they all had to be turned off before guys like me got to enter the room. In one plant, I needed to find a software bug that was preventing my airborne PBX from connecting to their satellite transceiver. I had to send my computer to them a week in advance for them to examine before I arrived. Then I could work on my own computer and compiler while in the lab. But I didn’t get to take anything home with me. The examined my computer a second time and then sent my my computer with my altered source code. (Actually, the fix was to their system. I was quite gleeful and smug about that. But I did make some comments to my code. I could have carried on without the latest version of my code). *From:* Adam Moffett via Af mailto:af@afmug.com *Sent:* Friday, October 03, 2014 1:08 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION I dunno. If Marriott was using it to force people to buy access to their own wifi, then that's a bit shifty. If Lockheed Martin wants to deauth rogue AP's so nobody plugs in a wifi AP in the engineering department and the file server containing plans for the Joint Strike Fighter is suddenly exposed via wifi to somebody sitting in the parking lot, then I think they're justified. I would say the same about any company trying to protect trade secrets or other IP. In the law firm example where they are hurting other tenants in the building, that's probably not ok. The hypothetical law firm should have to take steps to ensure that their wifi can't leave their own area, or move their practice to a fenced in compound like Lockheed. This is not me telling you what's legaljust me saying what I think is fair and reasonable. On the other hand, I guess if I was Lockhead Martin, I'd probably just write the FCC the $600,000 check and then send a bill for it to the DOD. So then those Enterprise security types are going to have to stick to disabling Ethernet ports, I guess. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com *From: *Chuck McCown via Af mailto:af@afmug.com *To: *af@afmug.com mailto:af@afmug.com *Sent: *Friday, October 3, 2014 1:13:45 PM *Subject: *Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION “No person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this Act or operated by the United States Government” Wifi is authorized. You don’t have the legal right to deauth any AP sessions but your own. I would think the manufacturer of equipment that makes this possible would be just as liable as manufacturers of RF jammers. *From:* Eric Kuhnke via Af mailto:af@afmug.com *Sent:* Friday, October 03, 2014 12:03 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION Sounds like they're setting a precedent that a landlord can't operate rogue AP detection/automatic deauth against tenants or customers. Should still be fine in an enterprise environment. Where it gets possibly weird is, let's say you're a major law firm that is a tenant in a large office building. You occupy half a floor. You operate your own enterprise wifi system and use cisco's rogue AP deauth feature. The tenants in the other suite (a totally separate business) on the other half of the same floor notice that wifi tethering doesn't work on any of their phones, and their pocket wifi hotspots don't work. On Fri, Oct 3, 2014 at 10:52 AM, Hardy, Tim via Af af@afmug.com mailto:af@afmug.com wrote:
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
I have a few defense contractor stories of my own. Like at Lawrence Livermore where they had to put sandwich boards with a rotating beacon in the hallway and other areas where I needed to walk through. Oh dear; I am unclean! bp On 10/3/2014 12:33 PM, Chuck McCown via Af wrote: I am guessing that if someone was going to steal secrets from a defense contractor, they would be more sneaky than that. I have been in some DOD contractors’ plants where you checked your cell phone at the front door and you did not take even a jump drive to or from home. Each workstation was connected via fiber. None of them had USB or ethernet ports. Keyboard and mouse were hard wired to the box. And they all had to be turned off before guys like me got to enter the room. In one plant, I needed to find a software bug that was preventing my airborne PBX from connecting to their satellite transceiver. I had to send my computer to them a week in advance for them to examine before I arrived. Then I could work on my own computer and compiler while in the lab. But I didn’t get to take anything home with me. The examined my computer a second time and then sent my my computer with my altered source code. (Actually, the fix was to their system. I was quite gleeful and smug about that. But I did make some comments to my code. I could have carried on without the latest version of my code). *From:* Adam Moffett via Af mailto:af@afmug.com *Sent:* Friday, October 03, 2014 1:08 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION I dunno. If Marriott was using it to force people to buy access to their own wifi, then that's a bit shifty. If Lockheed Martin wants to deauth rogue AP's so nobody plugs in a wifi AP in the engineering department and the file server containing plans for the Joint Strike Fighter is suddenly exposed via wifi to somebody sitting in the parking lot, then I think they're justified. I would say the same about any company trying to protect trade secrets or other IP. In the law firm example where they are hurting other tenants in the building, that's probably not ok. The hypothetical law firm should have to take steps to ensure that their wifi can't leave their own area, or move their practice to a fenced in compound like Lockheed. This is not me telling you what's legaljust me saying what I think is fair and reasonable. On the other hand, I guess if I was Lockhead Martin, I'd probably just write the FCC the $600,000 check and then send a bill for it to the DOD. So then those Enterprise security types are going to have to stick to disabling Ethernet ports, I guess. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com *From: *Chuck McCown via Af mailto:af@afmug.com *To: *af@afmug.com *Sent: *Friday, October 3, 2014 1:13:45 PM *Subject: *Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION “No person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this Act or operated by the United States Government” Wifi is authorized. You don’t have the legal right to deauth any AP sessions but your own. I would think the manufacturer of equipment that makes this possible would be just as liable as manufacturers of RF jammers. *From:* Eric Kuhnke via Af mailto:af@afmug.com *Sent:* Friday, October 03, 2014 12:03 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION Sounds like they're setting a precedent that a landlord can't operate rogue AP detection/automatic deauth against tenants or customers. Should still be fine in an enterprise environment. Where it gets possibly weird is, let's say you're a major law firm that is a tenant in a large office building. You occupy half a floor. You operate your own enterprise wifi system and use cisco's rogue AP deauth feature. The tenants in the other suite (a totally separate business) on the other half of the same floor notice that wifi tethering doesn't work on any of their phones, and their pocket wifi hotspots don't work. On Fri, Oct 3, 2014 at 10:52 AM, Hardy, Tim via Af af@afmug.com mailto:af@afmug.com wrote: And the actual order has more detail http://transition.fcc.gov/Daily_Releases/Daily_Business/2014/db1003/DA-14-1444A1.pdf *From:*Af [mailto:af-boun...@afmug.com mailto:af-boun...@afmug.com] *On Behalf Of *Hardy, Tim via Af *Sent:* Friday, October 03, 2014 1:46 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION More information about impermissible Wi-Fi blocking or jamming practices is available at
Re: [AFMUG] valuing a pay increase
Here is how I look at it: My value is proportional to what I generate. If I am an “employee” and my contribution is limited to doing “my job”, I am subject to whatever salary the employer deems I’m worth. However, if I operate as a partner, and I generate new business, reduces costs, etc, I have an opportunity to discuss revenue sharing, commissions, etc. i.e. make myself invaluable and a contributor. My .03 (adjusted for inflation) Jerry From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af Sent: Friday, October 03, 2014 10:46 AM To: af@afmug.com Subject: Re: [AFMUG] valuing a pay increase Certifications situation sucks, the boss wont pay and I dont have the dough, I make just enough to be ineligible for the free government dough, but thats kind of the american way Thats what im still trying to grasp, is the point of the employee pay to keep up the same purchasing power through minimal cost of living or to progressively increase it. I know it varies by economy and industry and area, but just curious in general from the employer perspective, I know from my employee perspective I want to be able to jack my house up and dig a new 10 foot basement. On Fri, Oct 3, 2014 at 10:53 AM, Mike Hammett via Af af@afmug.com mailto:af@afmug.com wrote: While I don't have any employees, I'd assume what's fair is (assuming the cash flow to allow it) annual raises held to CPI, then add or subtract based on merit. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com _ From: That One Guy via Af af@afmug.com mailto:af@afmug.com To: af@afmug.com mailto:af@afmug.com Sent: Thursday, October 2, 2014 9:49:20 PM Subject: [AFMUG] valuing a pay increase im curious from the small business owner, which I assume most of you owners on the list consider yourselves, how do you value a pay increase? (assume its an employee that is worth their salt) Do you try to just keep it where the employee has the same spending power, ie just cost of living to match inflation, percentage based, profit based, set value? In discussions with the boss about future he mentioned a number, for shits and giggles I compared what my last raise is worth today. I havent had a raise in 2.5 years, and based on the government calculators what I make now was worth 80 cents more 2.5 years ago than it is now. The number he said was a dollar, which under normal curcumstances to po folk like me isnt a small raise. but when I looked at the numbers, that dollar only puts me 20 cents up on where I was 2.5 years ago, that 8 cents a year in increased purchasing power. That kind of boils down to an insult. Or is that the wrong way to look at the value of the potential pay increase? I have never believed in asking an employer for a raise, my thoughts have always been that an employer thats a good employer will pay you what they think your worth to them, apparently im worth 8 cents -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
I read that in Rodney Ruxin (FX's The League)'s voice. FOREVER UNCLEAN! - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Bill Prince via Af af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 2:48:59 PM Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION I have a few defense contractor stories of my own. Like at Lawrence Livermore where they had to put sandwich boards with a rotating beacon in the hallway and other areas where I needed to walk through. Oh dear; I am unclean! bp On 10/3/2014 12:33 PM, Chuck McCown via Af wrote: I am guessing that if someone was going to steal secrets from a defense contractor, they would be more sneaky than that. I have been in some DOD contractors’ plants where you checked your cell phone at the front door and you did not take even a jump drive to or from home. Each workstation was connected via fiber. None of them had USB or ethernet ports. Keyboard and mouse were hard wired to the box. And they all had to be turned off before guys like me got to enter the room. In one plant, I needed to find a software bug that was preventing my airborne PBX from connecting to their satellite transceiver. I had to send my computer to them a week in advance for them to examine before I arrived. Then I could work on my own computer and compiler while in the lab. But I didn’t get to take anything home with me. The examined my computer a second time and then sent my my computer with my altered source code. (Actually, the fix was to their system. I was quite gleeful and smug about that. But I did make some comments to my code. I could have carried on without the latest version of my code). From: Adam Moffett via Af Sent: Friday, October 03, 2014 1:08 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION I dunno. If Marriott was using it to force people to buy access to their own wifi, then that's a bit shifty. If Lockheed Martin wants to deauth rogue AP's so nobody plugs in a wifi AP in the engineering department and the file server containing plans for the Joint Strike Fighter is suddenly exposed via wifi to somebody sitting in the parking lot, then I think they're justified. I would say the same about any company trying to protect trade secrets or other IP. In the law firm example where they are hurting other tenants in the building, that's probably not ok. The hypothetical law firm should have to take steps to ensure that their wifi can't leave their own area, or move their practice to a fenced in compound like Lockheed. This is not me telling you what's legaljust me saying what I think is fair and reasonable. On the other hand, I guess if I was Lockhead Martin, I'd probably just write the FCC the $600,000 check and then send a bill for it to the DOD. blockquote So then those Enterprise security types are going to have to stick to disabling Ethernet ports, I guess. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Chuck McCown via Af mailto:af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 1:13:45 PM Subject: Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION “No person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this Act or operated by the United States Government” Wifi is authorized. You don’t have the legal right to deauth any AP sessions but your own. I would think the manufacturer of equipment that makes this possible would be just as liable as manufacturers of RF jammers. From: Eric Kuhnke via Af Sent: Friday, October 03, 2014 12:03 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION Sounds like they're setting a precedent that a landlord can't operate rogue AP detection/automatic deauth against tenants or customers. Should still be fine in an enterprise environment. Where it gets possibly weird is, let's say you're a major law firm that is a tenant in a large office building. You occupy half a floor. You operate your own enterprise wifi system and use cisco's rogue AP deauth feature. The tenants in the other suite (a totally separate business) on the other half of the same floor notice that wifi tethering doesn't work on any of their phones, and their pocket wifi hotspots don't work. On Fri, Oct 3, 2014 at 10:52 AM, Hardy, Tim via Af af@afmug.com wrote: blockquote And the actual order has more detail http://transition.fcc.gov/Daily_Releases/Daily_Business/2014/db1003/DA-14-1444A1.pdf From: Af [mailto: af-boun...@afmug.com ] On Behalf Of Hardy, Tim via Af Sent: Friday, October 03, 2014 1:46 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT
Re: [AFMUG] Huawei still at it
The other corporations you name are no where near as bad. Like comparing stealing a candy bar from a thrift store vs. stealing the building and all of its contents. Yes, both situations are theft, but we can clearly see which one is worse. On Fri, Oct 3, 2014 at 1:43 PM, Josh Reynolds via Af af@afmug.com wrote: On that note, we shouldn't allow companies like Microsoft, Apple, and Samsung to attend WISPA either, since they have stolen things in the past. Isn't that pretty much how world-wide corporations work these days? I'm not support Huawei here, I think they are as bad as you say... just trying to prove a point. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com On 10/03/2014 10:37 AM, Rory Conaway via Af wrote: Fruit from the poison tree. They basically laundered the technology long enough that they claim it’s now there. They are working on the firmware for Vivint at this point creating a proprietary protocol for their system. So, given their history, their relationship and foundation in the Chinese military, their resources for reverse engineering, and their pension to steal patents, and the fact that the United States won’t let them become a cell operator in the country, I’d like to see them rejected from WISPA. We have a lot of manufactures as members that will now become targets. If I’m them, I’d be screaming to the rooftops to get rid of them. Personally, I’m very unhappy they were ever accepted. Once a thief, always a thief, regardless of how expensive your suit is. Rory *From:* Af [mailto:af-boun...@afmug.com af-boun...@afmug.com] *On Behalf Of *Mike Hammett via Af *Sent:* Friday, October 03, 2014 8:52 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] Huawei still at it I know of the Cisco stuff. The whole world does. I was jokingly assuming that whatever new gadget Lewis was talking about was just ripped off from somebody else. That said... I heard of them running some new 802.11 protocol in the lab and they're the first to do it. Maybe now everything is their own, but it's built on a foundation of theft. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- *From: *Rory Conaway via Af af@afmug.com *To: *af@afmug.com *Sent: *Friday, October 3, 2014 10:10:16 AM *Subject: *Re: [AFMUG] Huawei still at it Cisco, Motorola, Nortel, Seimens, and many others. They should be completed banned from all western nations for patent infringements. Since they are now working with Vivint, there are other people that should now be worried. Rory *From:* af@afmug.com [mailto:af@afmug.com af@afmug.com] *On Behalf Of *Mike Hammett *Sent:* Monday, September 08, 2014 8:02 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] Huawei still at it Who'd they steal it from? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com https://www.facebook.com/ICSIL https://plus.google.com/+IntelligentComputingSolutionsDeKalb https://www.linkedin.com/company/intelligent-computing-solutions https://twitter.com/ICSIL -- *From: *Lewis Bergman lberg...@texascom.com *To: *af@afmug.com *Sent: *Monday, September 8, 2014 9:11:12 AM *Subject: *Re: [AFMUG] Huawei still at it In addition to going to their headquarters for the regional WISPA meeting I spent Friday there in their RD department. We are considering moving to their hardened routers from MT. Their price point is good but they have the same broken Cisco looking IOS as everyone except juniper. We are also looking at their fiber line which is why we really started to investigate them. They have a fully hardened router in a metal outdoor case with fiber, copper, and POE coming soon that I am very interested in. I doubt I have anything they want to steal. A corporate culture is a difficult thing to change. Not saying they need to or if thye do need to they want to or will. I like the fact they have SNMP management platform that will mange all their products. The down side is they seem to be unsure if it can even report failures of third party gear which would be a really great thing. I understand if it can't manage it as that requires all kinds of knowledge about the device and UI interface adjustments. I can't see where asking them to throw up a red flag if a trap or out of range is seen is a big deal. It is called the U2000 and is a bit clumsy and ugly on the UI side but it did appear to do the job. We have not made the decision to buy yet but they are in the running. On 9/8/2014 8:09 AM, Ken Hohhof wrote: I talked to the guy at their WISPAmerica booth, he was from Texas. I seem to remember their message was they were one of the few companies that could outfit an entire project from their own portfolio of products. I don’t remember them having actual hardware on exhibit at the show. Recently I got a brochure in the mail
Re: [AFMUG] Huawei still at it
I'd have to agree with you on this, I wasn't incredibly happy about their admittance as a member either. On Fri, Oct 3, 2014 at 1:37 PM, Rory Conaway via Af af@afmug.com wrote: Fruit from the poison tree. They basically laundered the technology long enough that they claim it’s now there. They are working on the firmware for Vivint at this point creating a proprietary protocol for their system. So, given their history, their relationship and foundation in the Chinese military, their resources for reverse engineering, and their pension to steal patents, and the fact that the United States won’t let them become a cell operator in the country, I’d like to see them rejected from WISPA. We have a lot of manufactures as members that will now become targets. If I’m them, I’d be screaming to the rooftops to get rid of them. Personally, I’m very unhappy they were ever accepted. Once a thief, always a thief, regardless of how expensive your suit is. Rory *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *Mike Hammett via Af *Sent:* Friday, October 03, 2014 8:52 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] Huawei still at it I know of the Cisco stuff. The whole world does. I was jokingly assuming that whatever new gadget Lewis was talking about was just ripped off from somebody else. That said... I heard of them running some new 802.11 protocol in the lab and they're the first to do it. Maybe now everything is their own, but it's built on a foundation of theft. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- *From: *Rory Conaway via Af af@afmug.com *To: *af@afmug.com *Sent: *Friday, October 3, 2014 10:10:16 AM *Subject: *Re: [AFMUG] Huawei still at it Cisco, Motorola, Nortel, Seimens, and many others. They should be completed banned from all western nations for patent infringements. Since they are now working with Vivint, there are other people that should now be worried. Rory *From:* af@afmug.com [mailto:af@afmug.com af@afmug.com] *On Behalf Of *Mike Hammett *Sent:* Monday, September 08, 2014 8:02 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] Huawei still at it Who'd they steal it from? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com https://www.facebook.com/ICSIL https://plus.google.com/+IntelligentComputingSolutionsDeKalb https://www.linkedin.com/company/intelligent-computing-solutions https://twitter.com/ICSIL -- *From: *Lewis Bergman lberg...@texascom.com *To: *af@afmug.com *Sent: *Monday, September 8, 2014 9:11:12 AM *Subject: *Re: [AFMUG] Huawei still at it In addition to going to their headquarters for the regional WISPA meeting I spent Friday there in their RD department. We are considering moving to their hardened routers from MT. Their price point is good but they have the same broken Cisco looking IOS as everyone except juniper. We are also looking at their fiber line which is why we really started to investigate them. They have a fully hardened router in a metal outdoor case with fiber, copper, and POE coming soon that I am very interested in. I doubt I have anything they want to steal. A corporate culture is a difficult thing to change. Not saying they need to or if thye do need to they want to or will. I like the fact they have SNMP management platform that will mange all their products. The down side is they seem to be unsure if it can even report failures of third party gear which would be a really great thing. I understand if it can't manage it as that requires all kinds of knowledge about the device and UI interface adjustments. I can't see where asking them to throw up a red flag if a trap or out of range is seen is a big deal. It is called the U2000 and is a bit clumsy and ugly on the UI side but it did appear to do the job. We have not made the decision to buy yet but they are in the running. On 9/8/2014 8:09 AM, Ken Hohhof wrote: I talked to the guy at their WISPAmerica booth, he was from Texas. I seem to remember their message was they were one of the few companies that could outfit an entire project from their own portfolio of products. I don’t remember them having actual hardware on exhibit at the show. Recently I got a brochure in the mail from WAV and there was a pretty impressive looking Huawei Ethernet switch on the front. *From:* Patrick Wheeland p...@csinet.com *Sent:* Monday, September 08, 2014 7:27 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] Huawei still at it I was surprised to see this in my inbox at the beginning of the year. I will withhold my opinion. [WISPA Announcements] Huawei Joins WISPA as a Vendor Member and is Exhibiting in Booth 505 at WISPAmerica On Sun, Sep 7, 2014 at 8:43 PM, Jason McKemie j.mcke...@veloxinetbroadband.com wrote: Not terribly surprising, I can't believe anyone still
Re: [AFMUG] UBNT
Ukraine/Russian really jacked things up for investors. That said, the market is a fickle beast. It could be at $200 tomorrow for all anybody knows. Long term gains short term profits Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 10/03/2014 12:17 PM, Travis Johnson via Af wrote: Wow... looks like UBNT is struggling on the market the last two weeks. Down to $35 today. Glad I sold at $48 a few weeks ago. :) Who posted it would be at $75 by year's end? Hope they weren't really counting on that... Travis
Re: [AFMUG] UBNT
It's October... Sent from Marconi's and Graham Bell's fused thoughts!!! On Oct 3, 2014, at 4:23 PM, Travis Johnson via Af af@afmug.com wrote: Wow... looks like UBNT is struggling on the market the last two weeks. Down to $35 today. Glad I sold at $48 a few weeks ago. :) Who posted it would be at $75 by year's end? Hope they weren't really counting on that... Travis
Re: [AFMUG] MARRIOTT TO PAY $600, 000 TO RESOLVE WIFI-BLOCKING INVESTIGATION
I built some stuff for LLNL. This was prior to Y2K. The devices were telemetry that could be accessed via telephone and DTMF. They did not even have real time clocks. I still had to do a full Y2K analysis/workup on them. From: Bill Prince via Af Sent: Friday, October 3, 2014 1:49 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION I have a few defense contractor stories of my own. Like at Lawrence Livermore where they had to put sandwich boards with a rotating beacon in the hallway and other areas where I needed to walk through. Oh dear; I am unclean! bpOn 10/3/2014 12:33 PM, Chuck McCown via Af wrote: I am guessing that if someone was going to steal secrets from a defense contractor, they would be more sneaky than that. I have been in some DOD contractors’ plants where you checked your cell phone at the front door and you did not take even a jump drive to or from home. Each workstation was connected via fiber. None of them had USB or ethernet ports. Keyboard and mouse were hard wired to the box. And they all had to be turned off before guys like me got to enter the room. In one plant, I needed to find a software bug that was preventing my airborne PBX from connecting to their satellite transceiver. I had to send my computer to them a week in advance for them to examine before I arrived. Then I could work on my own computer and compiler while in the lab. But I didn’t get to take anything home with me. The examined my computer a second time and then sent my my computer with my altered source code. (Actually, the fix was to their system. I was quite gleeful and smug about that. But I did make some comments to my code. I could have carried on without the latest version of my code). From: Adam Moffett via Af Sent: Friday, October 03, 2014 1:08 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION I dunno. If Marriott was using it to force people to buy access to their own wifi, then that's a bit shifty. If Lockheed Martin wants to deauth rogue AP's so nobody plugs in a wifi AP in the engineering department and the file server containing plans for the Joint Strike Fighter is suddenly exposed via wifi to somebody sitting in the parking lot, then I think they're justified. I would say the same about any company trying to protect trade secrets or other IP. In the law firm example where they are hurting other tenants in the building, that's probably not ok. The hypothetical law firm should have to take steps to ensure that their wifi can't leave their own area, or move their practice to a fenced in compound like Lockheed. This is not me telling you what's legaljust me saying what I think is fair and reasonable. On the other hand, I guess if I was Lockhead Martin, I'd probably just write the FCC the $600,000 check and then send a bill for it to the DOD. So then those Enterprise security types are going to have to stick to disabling Ethernet ports, I guess. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com From: Chuck McCown via Af mailto:af@afmug.com To: af@afmug.com Sent: Friday, October 3, 2014 1:13:45 PM Subject: Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION “No person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this Act or operated by the United States Government” Wifi is authorized. You don’t have the legal right to deauth any AP sessions but your own. I would think the manufacturer of equipment that makes this possible would be just as liable as manufacturers of RF jammers. From: Eric Kuhnke via Af Sent: Friday, October 03, 2014 12:03 PM To: af@afmug.com Subject: Re: [AFMUG] MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION Sounds like they're setting a precedent that a landlord can't operate rogue AP detection/automatic deauth against tenants or customers. Should still be fine in an enterprise environment. Where it gets possibly weird is, let's say you're a major law firm that is a tenant in a large office building. You occupy half a floor. You operate your own enterprise wifi system and use cisco's rogue AP deauth feature. The tenants in the other suite (a totally separate business) on the other half of the same floor notice that wifi tethering doesn't work on any of their phones, and their pocket wifi hotspots don't work. On Fri, Oct 3, 2014 at 10:52 AM, Hardy, Tim via Af af@afmug.com wrote: And the actual order has more detail http://transition.fcc.gov/Daily_Releases/Daily_Business/2014/db1003/DA-14-1444A1.pdf
[AFMUG] 450 sector
We're actually really liking the 450 sector with the third 10dbi connector. We first used it to put connectorized FSK radios on the tower without adding another antenna. Since then we've discussed using it with ePMP or other products just to have the third connector for other uses. We like the idea that we can sneak another single polarity 5.4 or 5.7 radio up without much fuss. I was wondering if they're going to keep making that antenna even though the FSK compatibility never worked out. Has the rumor mill heard anything about it going away or not? Any official word from Cambium?
Re: [AFMUG] 450 sector
Alpha antennas makes a quad pol sectorŠ hmm 450 + epmp? Gino A. Villarini President Aeronet Wireless Broadband Corp. www.aeronetpr.com @aeronetpr On 10/3/14, 5:18 PM, Adam Moffett via Af af@afmug.com wrote: We're actually really liking the 450 sector with the third 10dbi connector. We first used it to put connectorized FSK radios on the tower without adding another antenna. Since then we've discussed using it with ePMP or other products just to have the third connector for other uses. We like the idea that we can sneak another single polarity 5.4 or 5.7 radio up without much fuss. I was wondering if they're going to keep making that antenna even though the FSK compatibility never worked out. Has the rumor mill heard anything about it going away or not? Any official word from Cambium?
Re: [AFMUG] UBNT
Ukraine/Russia has nothing to do with UBNT being down 27% in the last two weeks. Lots of other tech stocks are up over that same time period. Travis On 10/3/2014 2:21 PM, Josh Reynolds via Af wrote: Ukraine/Russian really jacked things up for investors. That said, the market is a fickle beast. It could be at $200 tomorrow for all anybody knows. Long term gains short term profits Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 10/03/2014 12:17 PM, Travis Johnson via Af wrote: Wow... looks like UBNT is struggling on the market the last two weeks. Down to $35 today.� Glad I sold at $48 a few weeks ago. :) Who posted it would be at $75 by year's end? Hope they weren't really counting on that... Travis
Re: [AFMUG] UBNT
True. I bought TSLA at 225 and intend to hold it until at least 2020. That said, I was still pretty sad when it got all the way up to 290 then plummeted. Long term... long term Just keep reminding myself... Chris Wright Velociter Wirelesshttp://www.velociter.net/ From: Af [mailto:af-boun...@afmug.com] On Behalf Of CBB - Jay Fuller via Af Sent: Friday, October 03, 2014 2:50 PM To: af@afmug.com Subject: Re: [AFMUG] UBNT oh, it's been quite a rough ride in the market lately. one can get whiplash - Original Message - From: Travis Johnson via Afmailto:af@afmug.com To: af@afmug.commailto:af@afmug.com Sent: Friday, October 03, 2014 3:17 PM Subject: [AFMUG] UBNT Wow... looks like UBNT is struggling on the market the last two weeks. Down to $35 today. Glad I sold at $48 a few weeks ago. :) Who posted it would be at $75 by year's end? Hope they weren't really counting on that... Travis
Re: [AFMUG] 450 sector
These will be available for quite some time... we have no plans to change them. Matt -Original Message- From: Af [mailto:af-boun...@afmug.com] On Behalf Of Adam Moffett via Af Sent: Friday, October 03, 2014 4:19 PM To: Animal Farm Subject: [AFMUG] 450 sector We're actually really liking the 450 sector with the third 10dbi connector. We first used it to put connectorized FSK radios on the tower without adding another antenna. Since then we've discussed using it with ePMP or other products just to have the third connector for other uses. We like the idea that we can sneak another single polarity 5.4 or 5.7 radio up without much fuss. I was wondering if they're going to keep making that antenna even though the FSK compatibility never worked out. Has the rumor mill heard anything about it going away or not? Any official word from Cambium?
Re: [AFMUG] SiteMonitor: Loss of sync
There are several rules in the current GPS chipset about whether or not it can produce sync. If you have 4 they can definitely produce sync. Less than 4 is somewhat hit or miss depending on the exact orientation of the satellites, and often more miss than hit. I don't really have control over this algorithm so I can't be more specific. If you can move that one slightly so it's getting on average 1-2 more sats tracked, then your problem should go away. -forrest On Fri, Oct 3, 2014 at 2:38 PM, Bill Prince via Af af@afmug.com wrote: Monitoring Sync Events works. Had to wait 5 days for it to happen, but the counter increment corresponds to a loss of sync we had yesterday. I found this in the AP event log (event of interest in blue): 09/27/2014 : 07:24:19 PDT : : Bridge Core : Loss of sync pulse from Power Port! No other sync source available. 09/27/2014 : 07:24:23 PDT : : Bridge Core : Acquired sync pulse from Power Port. 10/02/2014 : 12:21:45 PDT : : Bridge Core : Loss of sync pulse from Power Port! No other sync source available. 10/02/2014 : 12:21:51 PDT : : Bridge Core : Acquired sync pulse from Power Port. We also monitor visible/tracked satellites on that SiteMonitor. Interestingly, the satellites tracked at about that time was 4 (see marked up graph below). I suppose it's possible that the tracked satellites went to zero one minute (or less) after the SNMP poll, but it seems rather weird. Correct me if I'm wrong, but I thought the SiteMonitor only needed one satellite to maintain timing after it acquired a 3D fix? bp On 9/29/2014 10:12 PM, Forrest Christian (List Account) via Af wrote: Yes that value will increment when the injector detects a loss of sync and also when it's restored. These are definitely good values to monitor, and I know at least one customer which does as you suggest and monitors for a non zero value and resets the value to zero to clear the error. On Sep 29, 2014 7:23 PM, Bill Prince via Af af@afmug.com wrote: Yeah. Not sure why I thought the index name was where I would get the value. The OID that shows in the UI for the Satellites Visible is: .1.3.6.1.4.1.32050.2.1.28.2.1 The OID for the actual value is .1.3.6.1.4.1.32050.2.1.28.5.1 So I was able to fix that part. What I'm wondering is how to know that We've had a loss in sync. There is something under Binary I/O called 1PPS Active. Seeing as we only poll once every 5 minutes, catching that going to zero seems slim to none. However, I am intrigued by the Events value. Does that increment every time the Syncpipe loses sync? In which case, I can zero it out, and set a threshold for whenever it is non-zero (see below). I may try that. bp On 9/29/2014 1:28 PM, Forrest Christian (List Account) via Af wrote: A little out of order: On the OID's .. you may have the wrong OID. There is an oid for the title strings, and an oid for the value. You may want to check the oid you are using. In addition, on the strings tab, there *are* strings which list the specific statellite and signal strength of all of the sats it is receiving a signal from. One more troubleshooting item is the 'pulse received' counter on the analog tab. It should increment once and exactly once per second. I've had good luck comparing this value over a specific time. I.E. at exactly 10 minutes, there should be exactly 600 more pulses. As far as fixing it: I'd move the syncpipe, then try a different one. If a second does the same thing, then we need to look at what else might be causing it. If you want to send in screenshots to cust...@packetflux.com of the boolean/analog/string tabs from the sitemonitor, I might be able to see something. -forrest On Sep 29, 2014 1:40 PM, Bill Prince via Af af@afmug.com wrote: One of our many locations where we're using a Packetflux sync pipe/injector seems to be losing satellite lock once every few days. Typically it loses it for 2 to 4 seconds, but I've seen at least once where it went 13 seconds. I've not been able to get useful information from the SiteMonitor because the satellites tracked/Visible OIDs are returning a string with Sats in View and Num Sats Used instead of the actual values. (is that a bug or what? This is on F/W Jul 29 2012). However, I'm getting messages like this in the AP logs: 09/21/2014 : 07:49:00 PDT : : Bridge Core : Loss of sync pulse from Power Port! No other sync source available. 09/21/2014 : 07:49:04 PDT : : Bridge Core : Acquired sync pulse from Power Port. 09/23/2014 : 18:49:37 PDT : : Bridge Core : Loss of sync pulse from Power Port! No other sync source available. 09/23/2014 : 18:49:41 PDT : : Bridge Core : Acquired sync pulse from Power Port. 09/23/2014 : 18:49:55 PDT : : Bridge Core : Loss of sync pulse from Power Port! No other sync source available. 09/23/2014 : 18:49:59 PDT : : Bridge Core : Acquired sync pulse from Power Port. 09/24/2014 : 18:47:15
Re: [AFMUG] SiteMonitor: Loss of sync
So you think moving it a foot or so out from the wall might help? bp On 10/3/2014 3:33 PM, Forrest Christian (List Account) via Af wrote: There are several rules in the current GPS chipset about whether or not it can produce sync. If you have 4 they can definitely produce sync. Less than 4 is somewhat hit or miss depending on the exact orientation of the satellites, and often more miss than hit. I don't really have control over this algorithm so I can't be more specific. If you can move that one slightly so it's getting on average 1-2 more sats tracked, then your problem should go away. -forrest On Fri, Oct 3, 2014 at 2:38 PM, Bill Prince via Af af@afmug.com mailto:af@afmug.com wrote: Monitoring Sync Events works. Had to wait 5 days for it to happen, but the counter increment corresponds to a loss of sync we had yesterday. I found this in the AP event log (event of interest in blue): 09/27/2014 : 07:24:19 PDT : : Bridge Core : Loss of sync pulse from Power Port! No other sync source available. 09/27/2014 : 07:24:23 PDT : : Bridge Core : Acquired sync pulse from Power Port. 10/02/2014 : 12:21:45 PDT : : Bridge Core : Loss of sync pulse from Power Port! No other sync source available. 10/02/2014 : 12:21:51 PDT : : Bridge Core : Acquired sync pulse from Power Port. We also monitor visible/tracked satellites on that SiteMonitor. Interestingly, the satellites tracked at about that time was 4 (see marked up graph below). I suppose it's possible that the tracked satellites went to zero one minute (or less) after the SNMP poll, but it seems rather weird. Correct me if I'm wrong, but I thought the SiteMonitor only needed one satellite to maintain timing after it acquired a 3D fix? bp On 9/29/2014 10:12 PM, Forrest Christian (List Account) via Af wrote: Yes that value will increment when the injector detects a loss of sync and also when it's restored. These are definitely good values to monitor, and I know at least one customer which does as you suggest and monitors for a non zero value and resets the value to zero to clear the error. On Sep 29, 2014 7:23 PM, Bill Prince via Af af@afmug.com mailto:af@afmug.com wrote: Yeah. Not sure why I thought the index name was where I would get the value. The OID that shows in the UI for the Satellites Visible is: .1.3.6.1.4.1.32050.2.1.28.2.1 The OID for the actual value is .1.3.6.1.4.1.32050.2.1.28.5.1 So I was able to fix that part. What I'm wondering is how to know that We've had a loss in sync. There is something under Binary I/O called 1PPS Active. Seeing as we only poll once every 5 minutes, catching that going to zero seems slim to none. However, I am intrigued by the Events value. Does that increment every time the Syncpipe loses sync? In which case, I can zero it out, and set a threshold for whenever it is non-zero (see below). I may try that. bp On 9/29/2014 1:28 PM, Forrest Christian (List Account) via Af wrote: A little out of order: On the OID's .. you may have the wrong OID. There is an oid for the title strings, and an oid for the value. You may want to check the oid you are using. In addition, on the strings tab, there *are* strings which list the specific statellite and signal strength of all of the sats it is receiving a signal from. One more troubleshooting item is the 'pulse received' counter on the analog tab. It should increment once and exactly once per second. I've had good luck comparing this value over a specific time. I.E. at exactly 10 minutes, there should be exactly 600 more pulses. As far as fixing it: I'd move the syncpipe, then try a different one. If a second does the same thing, then we need to look at what else might be causing it. If you want to send in screenshots to cust...@packetflux.com mailto:cust...@packetflux.com of the boolean/analog/string tabs from the sitemonitor, I might be able to see something. -forrest On Sep 29, 2014 1:40 PM, Bill Prince via Af af@afmug.com mailto:af@afmug.com wrote: One of our many locations where we're using a Packetflux sync pipe/injector seems to be losing satellite lock once every few days. Typically it loses it for 2 to 4 seconds, but I've seen at least once where it went 13 seconds. I've not been able to get useful information from the SiteMonitor because the satellites tracked/Visible OIDs are returning a string with Sats in View and Num Sats Used instead of the
Re: [AFMUG] SiteMonitor: Loss of sync
It's hard to guess definitively, but I'd start there. Ideally, sticking it above the roofline would be even better. -forrest On Fri, Oct 3, 2014 at 4:56 PM, Bill Prince via Af af@afmug.com wrote: So you think moving it a foot or so out from the wall might help? bp On 10/3/2014 3:33 PM, Forrest Christian (List Account) via Af wrote: There are several rules in the current GPS chipset about whether or not it can produce sync. If you have 4 they can definitely produce sync. Less than 4 is somewhat hit or miss depending on the exact orientation of the satellites, and often more miss than hit. I don't really have control over this algorithm so I can't be more specific. If you can move that one slightly so it's getting on average 1-2 more sats tracked, then your problem should go away. -forrest On Fri, Oct 3, 2014 at 2:38 PM, Bill Prince via Af af@afmug.com wrote: Monitoring Sync Events works. Had to wait 5 days for it to happen, but the counter increment corresponds to a loss of sync we had yesterday. I found this in the AP event log (event of interest in blue): 09/27/2014 : 07:24:19 PDT : : Bridge Core : Loss of sync pulse from Power Port! No other sync source available. 09/27/2014 : 07:24:23 PDT : : Bridge Core : Acquired sync pulse from Power Port. 10/02/2014 : 12:21:45 PDT : : Bridge Core : Loss of sync pulse from Power Port! No other sync source available. 10/02/2014 : 12:21:51 PDT : : Bridge Core : Acquired sync pulse from Power Port. We also monitor visible/tracked satellites on that SiteMonitor. Interestingly, the satellites tracked at about that time was 4 (see marked up graph below). I suppose it's possible that the tracked satellites went to zero one minute (or less) after the SNMP poll, but it seems rather weird. Correct me if I'm wrong, but I thought the SiteMonitor only needed one satellite to maintain timing after it acquired a 3D fix? bp On 9/29/2014 10:12 PM, Forrest Christian (List Account) via Af wrote: Yes that value will increment when the injector detects a loss of sync and also when it's restored. These are definitely good values to monitor, and I know at least one customer which does as you suggest and monitors for a non zero value and resets the value to zero to clear the error. On Sep 29, 2014 7:23 PM, Bill Prince via Af af@afmug.com wrote: Yeah. Not sure why I thought the index name was where I would get the value. The OID that shows in the UI for the Satellites Visible is: .1.3.6.1.4.1.32050.2.1.28.2.1 The OID for the actual value is .1.3.6.1.4.1.32050.2.1.28.5.1 So I was able to fix that part. What I'm wondering is how to know that We've had a loss in sync. There is something under Binary I/O called 1PPS Active. Seeing as we only poll once every 5 minutes, catching that going to zero seems slim to none. However, I am intrigued by the Events value. Does that increment every time the Syncpipe loses sync? In which case, I can zero it out, and set a threshold for whenever it is non-zero (see below). I may try that. bp On 9/29/2014 1:28 PM, Forrest Christian (List Account) via Af wrote: A little out of order: On the OID's .. you may have the wrong OID. There is an oid for the title strings, and an oid for the value. You may want to check the oid you are using. In addition, on the strings tab, there *are* strings which list the specific statellite and signal strength of all of the sats it is receiving a signal from. One more troubleshooting item is the 'pulse received' counter on the analog tab. It should increment once and exactly once per second. I've had good luck comparing this value over a specific time. I.E. at exactly 10 minutes, there should be exactly 600 more pulses. As far as fixing it: I'd move the syncpipe, then try a different one. If a second does the same thing, then we need to look at what else might be causing it. If you want to send in screenshots to cust...@packetflux.com of the boolean/analog/string tabs from the sitemonitor, I might be able to see something. -forrest On Sep 29, 2014 1:40 PM, Bill Prince via Af af@afmug.com wrote: One of our many locations where we're using a Packetflux sync pipe/injector seems to be losing satellite lock once every few days. Typically it loses it for 2 to 4 seconds, but I've seen at least once where it went 13 seconds. I've not been able to get useful information from the SiteMonitor because the satellites tracked/Visible OIDs are returning a string with Sats in View and Num Sats Used instead of the actual values. (is that a bug or what? This is on F/W Jul 29 2012). However, I'm getting messages like this in the AP logs: 09/21/2014 : 07:49:00 PDT : : Bridge Core : Loss of sync pulse from Power Port! No other sync source available. 09/21/2014 : 07:49:04 PDT : : Bridge Core : Acquired sync pulse from Power Port. 09/23/2014 : 18:49:37 PDT : : Bridge Core : Loss of sync
[AFMUG] 13.2 (Build32) Beta Software is Now Available!
Folks, Software version 13.2(Build32) has been added to the Cambium Open Beta program for PMP450, PMP430, and PTP230. Please go here: https://support.cambiumnetworks.com/beta if you would like to test the new load and offer feedback on the Beta Forum. Fixes in this release include: • Fix for Motorola Binary GPS based devices (CMM2, SyncPipe, etc) • Fix for PTP450 link test with small packets causing session drop and/or invalid readings This version also adds OID support for IPv6 packet filtering. As always, we look forward to your feedback. Thank you! -John John Mehling Senior Engineer - Support Cambium Networks 3800 Golf Rd., Suite 360 Rolling Meadows, IL 60008 www.cambiumnetworks.com [v_large_blue_noBG.png]
Re: [AFMUG] UBNT
He sold in May and went away? -Original Message- From: chuck--- via Af Sent: Friday, October 03, 2014 4:04 PM To: af@afmug.com Subject: Re: [AFMUG] UBNT Where is Doug Clark when you need him? -Original Message- From: Travis Johnson via Af Sent: Friday, October 3, 2014 2:17 PM To: af@afmug.com Subject: [AFMUG] UBNT Wow... looks like UBNT is struggling on the market the last two weeks. Down to $35 today. Glad I sold at $48 a few weeks ago. :) Who posted it would be at $75 by year's end? Hope they weren't really counting on that... Travis
Re: [AFMUG] Power up the tower?
Cisco IE-3000 4TC sounds like exactly what you are looking for. It runs on 18-60VDC and can operate up to 167 degrees Fahrenheit. On Sun, Sep 28, 2014 at 9:28 AM, Mark Radabaugh via Af af@afmug.com wrote: At $4.10 it's not great, but I would probably go for it. Biggest driver for me would be the single cable up the tower and the ease of securing that cable. I used to do 'box at the top' and moved to individual runs to the base. The cabling is a nuisance with everything at the bottom which is why I am looking at going back to the 'box at the top' method. I have not found a great deal of difference in equipment survival either way. As for switches I'm considering doing 2 of these to serve 4 AP's - http://www.garrettcom.com/csg14.htm Using simplex SFP's I can use one fiber for each convertor. So far I have not found a 4 port GigE + 1 SFP extended temperature DIN rail mount switch. Still looking. Mark On 9/28/14, 11:00 AM, Chuck Hogg via Af wrote: I have requested pricing on this as well. I think that in the end, it was overly expensive (something like 4x the cost of doing 2 split runs, $4.10/ft or something like that). If we could get that even within 15% of what I'm paying now, I'd be happy. Regards, Chuck -- Mark Radabaugh Amplex m...@amplex.net 419.837.5015 x 1021
Re: [AFMUG] update an old ubuntu server
I just went through this on 12.10 and ended up having to do a full fresh install. I think that's going to be your best bet. On Thu, Oct 2, 2014 at 11:06 AM, That One Guy via Af af@afmug.com wrote: 8.04.3 is the version I just need to patch it, its actually a turnkey linux server so it checks tunkeys repositories, i might have to change those files that tell it where to look Most of the commands it doesnt recognize This is an old DNS server managed through webmin, its a backup so its not a big deal if it gets messed up pushing it through an update i know its better to just build a new server and all that, I dont care right now, we are replacing these soon anyway Any body know what I need to do to upgrade it? -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] Source for 6 gauge grounding wire and ends
The best lugs for heavy gauge wire (other than cadweld) are the ones made by TB, Burndy, Panduit, etc. that you need a crimper for with the hexagonal dies. Are you looking for bare or insulated ground wire? I dislike the THHN wire which sheds the nylon skin like a snake after a few months in the weather. For short runs (grounding radios, etc.) I like 8 AWG automotive primary wire type GPT, Tessco has some nice stuff from Consolidated, but too expensive for long runs. FYI, I was surprised to see our Menards now carries welding cable. From: Sean Heskett via Af Sent: Friday, October 03, 2014 7:47 PM To: af@afmug.com Subject: Re: [AFMUG] Source for 6 gauge grounding wire and ends Check with your local electrical supply store that electricians use. Ours is called CES. I think rexel is another one. On Friday, October 3, 2014, Josh Luthman via Af af@afmug.com wrote: Does anyone know where I can find this? The hardware store doesn't have anything even close (10 gauge was their largest). I also need the fork or round ends to clamp onto the wire. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373
Re: [AFMUG] Power up the tower?
I've tried a few of these and seem to like them: http://www.planet.com.tw/en/product/product.php?id=48479 -40 to 70C 8x1G copper and 2xSFP No routing, but for the need, it'd work and is DIN rail mounted. -c -- Cassidy B. Larson CTO - InfoWest, Inc. Voice: 435-773-6073 c...@infowest.com On Oct 3, 2014, at 5:58 PM, Jeremy via Af af@afmug.com wrote: Cisco IE-3000 4TC sounds like exactly what you are looking for. It runs on 18-60VDC and can operate up to 167 degrees Fahrenheit. On Sun, Sep 28, 2014 at 9:28 AM, Mark Radabaugh via Af af@afmug.com wrote: At $4.10 it's not great, but I would probably go for it. Biggest driver for me would be the single cable up the tower and the ease of securing that cable. I used to do 'box at the top' and moved to individual runs to the base. The cabling is a nuisance with everything at the bottom which is why I am looking at going back to the 'box at the top' method. I have not found a great deal of difference in equipment survival either way. As for switches I'm considering doing 2 of these to serve 4 AP's - http://www.garrettcom.com/csg14.htm Using simplex SFP's I can use one fiber for each convertor. So far I have not found a 4 port GigE + 1 SFP extended temperature DIN rail mount switch. Still looking. Mark On 9/28/14, 11:00 AM, Chuck Hogg via Af wrote: I have requested pricing on this as well. I think that in the end, it was overly expensive (something like 4x the cost of doing 2 split runs, $4.10/ft or something like that). If we could get that even within 15% of what I'm paying now, I'd be happy. Regards, Chuck -- Mark Radabaugh Amplex m...@amplex.net 419.837.5015 x 1021
Re: [AFMUG] Source for 6 gauge grounding wire and ends
It'll be indoors, but I think we want to go with the green insulation to identify it as ground to make the tower owner happy. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Oct 3, 2014 at 9:06 PM, Ken Hohhof via Af af@afmug.com wrote: The best lugs for heavy gauge wire (other than cadweld) are the ones made by TB, Burndy, Panduit, etc. that you need a crimper for with the hexagonal dies. Are you looking for bare or insulated ground wire? I dislike the THHN wire which sheds the nylon skin like a snake after a few months in the weather. For short runs (grounding radios, etc.) I like 8 AWG automotive primary wire type GPT, Tessco has some nice stuff from Consolidated, but too expensive for long runs. FYI, I was surprised to see our Menards now carries welding cable. *From:* Sean Heskett via Af af@afmug.com *Sent:* Friday, October 03, 2014 7:47 PM *To:* af@afmug.com *Subject:* Re: [AFMUG] Source for 6 gauge grounding wire and ends Check with your local electrical supply store that electricians use. Ours is called CES. I think rexel is another one. On Friday, October 3, 2014, Josh Luthman via Af af@afmug.com wrote: Does anyone know where I can find this? The hardware store doesn't have anything even close (10 gauge was their largest). I also need the fork or round ends to clamp onto the wire. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373
[AFMUG] odd issue fqdn slower than IP access?
so for some reason out billing server is slow as molasses when we access it via the fqdn, yet when we access it via IP its peppy I had just assumed it was our firewall, but im sitting here at work after having changed said firewall to a newer better faster one and its still the same thing. Im testing from multiple locations both on and off network, same thing. We quite often see waiting for socket, what does this actually mean quick browsing led me to believe it was related to the web server component but with it being peppy by ip I dont know -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] update an old ubuntu server
I would do a debian 6 bare metal install no extras just os minimal install. If its older Hardware less than 2g processor then back it down to debian 4 or use crunchbang, Knopix or something lite weight to make the Hardware sing and not try to keep up with bloated code. Then load power dns to get your dns up and running quick. On 10/2/2014 12:06 PM, That One Guy via Af wrote: 8.04.3 is the version I just need to patch it, its actually a turnkey linux server so it checks tunkeys repositories, i might have to change those files that tell it where to look Most of the commands it doesnt recognize This is an old DNS server managed through webmin, its a backup so its not a big deal if it gets messed up pushing it through an update i know its better to just build a new server and all that, I dont care right now, we are replacing these soon anyway Any body know what I need to do to upgrade it? -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 --
Re: [AFMUG] odd issue fqdn slower than IP access?
How are you accessing it? http? Maybe when you're accessing it via fqdn it's doing a reverse lookup for something. Waiting for socket just means trying to connect. On Fri, Oct 3, 2014 at 8:51 PM, That One Guy via Af af@afmug.com wrote: so for some reason out billing server is slow as molasses when we access it via the fqdn, yet when we access it via IP its peppy I had just assumed it was our firewall, but im sitting here at work after having changed said firewall to a newer better faster one and its still the same thing. Im testing from multiple locations both on and off network, same thing. We quite often see waiting for socket, what does this actually mean quick browsing led me to believe it was related to the web server component but with it being peppy by ip I dont know -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] odd issue fqdn slower than IP access?
https port 444 On Fri, Oct 3, 2014 at 9:03 PM, Colin Stanners via Af af@afmug.com wrote: How are you accessing it? http? Maybe when you're accessing it via fqdn it's doing a reverse lookup for something. Waiting for socket just means trying to connect. On Fri, Oct 3, 2014 at 8:51 PM, That One Guy via Af af@afmug.com wrote: so for some reason out billing server is slow as molasses when we access it via the fqdn, yet when we access it via IP its peppy I had just assumed it was our firewall, but im sitting here at work after having changed said firewall to a newer better faster one and its still the same thing. Im testing from multiple locations both on and off network, same thing. We quite often see waiting for socket, what does this actually mean quick browsing led me to believe it was related to the web server component but with it being peppy by ip I dont know -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] Source for 6 gauge grounding wire and ends
If you need a cheap functional crimper harbor freight has a nice hydraulic crimper set perfect for these type of ends. On Fri, Oct 3, 2014 at 9:40 PM, David Milholen via Af af@afmug.com wrote: Any electrical warehouse should have it. Greybar,Irby, wholesale elec On 10/3/2014 2:22 PM, Josh Luthman via Af wrote: Wow. I would have never thought to look there. I'll check that out later today! Thanks!!! Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Oct 3, 2014 at 3:21 PM, Mike Hammett via Af af@afmug.com wrote: Like the one in Tipp City. ;-) - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- *From: *Josh Luthman via Af af@afmug.com *To: *af@afmug.com *Sent: *Friday, October 3, 2014 2:19:37 PM *Subject: *Re: [AFMUG] Source for 6 gauge grounding wire and ends Menard's like the guy that broke from Lowe's??? With all the groceries and such? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Oct 3, 2014 at 3:14 PM, Mike Hammett via Af af@afmug.com wrote: I believe my Menards stocks all the way up to 4 gauge and accessories. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com -- *From: *Josh Luthman via Af af@afmug.com *To: *af@afmug.com *Sent: *Friday, October 3, 2014 2:12:27 PM *Subject: *[AFMUG] Source for 6 gauge grounding wire and ends Does anyone know where I can find this? The hardware store doesn't have anything even close (10 gauge was their largest). I also need the fork or round ends to clamp onto the wire. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 --
Re: [AFMUG] 13.2 (Build32) Beta Software is Now Available!
On 13.2 already George? I am happy to let you others get the bleeding done before I step over the edge. I think I will wait about a week before I give it a rip; and then only only low-population APs. bp On 10/3/2014 6:28 PM, George Skorup (Cyber Broadcasting) via Af wrote: I was just discussing with Aaron offlist about build 32 AutoSync selecting the on-board GPS instead of timing port at boot. The deployed AP I have been testing on has a Parasitic SyncPipe, no power port sync and the iGPS on this AP usually always has a good lock. Prior to build 32, it would always boot up and use the timing port. Now build 32 wants the on-board at boot, at least every time I've had a chance to reboot the AP, which has only been the update from build 30 to 32 and one reboot afterwards so far. I would like to know if anyone else sees the same thing happening with build 32. Maybe it's just me, but I would prefer it to come up on the timing port before the on-board GPS for tracking GPS status of the attached SyncPipe. BTW, I've seen a very nice improvement in 13.2 beta for both throughput and session issues during multipath events. I think 13.2 is going to be a major leap forward for the 450. On 10/3/2014 6:19 PM, Aaron Schneider via Af wrote: Since the last Open Beta load (Build 30), this also contains: ן¿½ * Fix for negative VC count on home page * New OID to see NAT table size in use * Fix for Active FTP with NAT * PPPoE Control Message High Priority with VLAN Enabled ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Added missing OIDs for IPv6 packet filtering configuration ן¿½ We are very close to release, so please give this load a try! ן¿½ Regards, ן¿½ -Aaron ן¿½ *From:*Af [mailto:af-boun...@afmug.com] *On Behalf Of *John Mehling via Af *Sent:* Friday, October 03, 2014 6:10 PM *To:* af@afmug.com *Subject:* [AFMUG] 13.2 (Build32) Beta Software is Now Available!ן¿½ן¿½ ן¿½ Folks, Software version 13.2(Build32) has been added to the Cambium Open Beta program for PMP450, PMP430, and PTP230. Please go here:ן¿½https://support.cambiumnetworks.com/betaן¿½if you would like to test the new load and offer feedback on the Beta Forum. ן¿½Fixes in this release include: ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Fix for Motorola Binary GPS based devices (CMM2, SyncPipe, etc) ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Fix for PTP450 link test with small packets causing session drop and/or invalid readings ן¿½ This version also adds OID support for IPv6 packet filtering. As always, we look forward to your feedback.ן¿½ Thank you! -John ן¿½ ן¿½ *John Mehling* Senior Engineer - Support *Cambium Networks* 3800 Golf Rd.,ן¿½ Suite 360 Rolling Meadows, IL 60008 www.cambiumnetworks.com v_large_blue_noBG.png ן¿½
Re: [AFMUG] 13.2 (Build32) Beta Software is Now Available!
Yes, I have a sector loaded that needed MIMO-A. And I found some minor GUI issues and the Moto binary data GPS bug that has now been fixed in build 32. But obviously I don't have things configured like others, such as PPPoE, NAT, VLANs, etc. I just do bridge, no auth/RADIUS, very few APs doing VLAN. So I would encourage more folks to test it out and give feedback to Cambium so they can get any remaining issues ironed out and get 13.2 official out. From the improvements I've seen so far, I want it on every 450 AP and SM, right meow! On 10/3/2014 9:55 PM, Bill Prince via Af wrote: On 13.2 already George?ן¿½ I am happy to let you others get the bleeding done before I step over the edge. I think I will wait about a week before I give it a rip; and then only only low-population APs. bp On 10/3/2014 6:28 PM, George Skorup (Cyber Broadcasting) via Af wrote: I was just discussing with Aaron offlist about build 32 AutoSync selecting the on-board GPS instead of timing port at boot. The deployed AP I have been testing on has a Parasitic SyncPipe, no power port sync and the iGPS on this AP usually always has a good lock. Prior to build 32, it would always boot up and use the timing port. Now build 32 wants the on-board at boot, at least every time I've had a chance to reboot the AP, which has only been the update from build 30 to 32 and one reboot afterwards so far. I would like to know if anyone else sees the same thing happening with build 32. Maybe it's just me, but I would prefer it to come up on the timing port before the on-board GPS for tracking GPS status of the attached SyncPipe. BTW, I've seen a very nice improvement in 13.2 beta for both throughput and session issues during multipath events. I think 13.2 is going to be a major leap forward for the 450. On 10/3/2014 6:19 PM, Aaron Schneider via Af wrote: Since the last Open Beta load (Build 30), this also contains: ן¿½ * Fix for negative VC count on home page * New OID to see NAT table size in use * Fix for Active FTP with NAT * PPPoE Control Message High Priority with VLAN Enabled ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Added missing OIDs for IPv6 packet filtering configuration ן¿½ We are very close to release, so please give this load a try! ן¿½ Regards, ן¿½ -Aaron ן¿½ *From:*Af [mailto:af-boun...@afmug.com] *On Behalf Of *John Mehling via Af *Sent:* Friday, October 03, 2014 6:10 PM *To:* af@afmug.com *Subject:* [AFMUG] 13.2 (Build32) Beta Software is Now Available!ן¿½ן¿½ ן¿½ Folks, Software version 13.2(Build32) has been added to the Cambium Open Beta program for PMP450, PMP430, and PTP230. Please go here:ן¿½https://support.cambiumnetworks.com/betaן¿½if you would like to test the new load and offer feedback on the Beta Forum. ן¿½Fixes in this release include: ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Fix for Motorola Binary GPS based devices (CMM2, SyncPipe, etc) ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Fix for PTP450 link test with small packets causing session drop and/or invalid readings ן¿½ This version also adds OID support for IPv6 packet filtering. As always, we look forward to your feedback.ן¿½ Thank you! -John ן¿½ ן¿½ *John Mehling* Senior Engineer - Support *Cambium Networks* 3800 Golf Rd.,ן¿½ Suite 360 Rolling Meadows, IL 60008 www.cambiumnetworks.com v_large_blue_noBG.png ן¿½
Re: [AFMUG] 13.2 (Build32) Beta Software is Now Available!
In theory, if an SM has to do MIMO-A, the total throughput would be half of what you could do in dual payload mode. It should not cause another SM to modulate down at all. bp On 10/3/2014 9:41 PM, That One Guy via Af wrote: how bad is the overall throughput hit in MIMO-A, did you notice if it cause the other SMs to modulate down? On Fri, Oct 3, 2014 at 11:34 PM, George Skorup (Cyber Broadcasting) via Af af@afmug.com mailto:af@afmug.com wrote: Yes, I have a sector loaded that needed MIMO-A. And I found some minor GUI issues and the Moto binary data GPS bug that has now been fixed in build 32. But obviously I don't have things configured like others, such as PPPoE, NAT, VLANs, etc. I just do bridge, no auth/RADIUS, very few APs doing VLAN. So I would encourage more folks to test it out and give feedback to Cambium so they can get any remaining issues ironed out and get 13.2 official out. From the improvements I've seen so far, I want it on every 450 AP and SM, right meow! On 10/3/2014 9:55 PM, Bill Prince via Af wrote: On 13.2 already George?ן¿½ I am happy to let you others get the bleeding done before I step over the edge. I think I will wait about a week before I give it a rip; and then only only low-population APs. bp On 10/3/2014 6:28 PM, George Skorup (Cyber Broadcasting) via Af wrote: I was just discussing with Aaron offlist about build 32 AutoSync selecting the on-board GPS instead of timing port at boot. The deployed AP I have been testing on has a Parasitic SyncPipe, no power port sync and the iGPS on this AP usually always has a good lock. Prior to build 32, it would always boot up and use the timing port. Now build 32 wants the on-board at boot, at least every time I've had a chance to reboot the AP, which has only been the update from build 30 to 32 and one reboot afterwards so far. I would like to know if anyone else sees the same thing happening with build 32. Maybe it's just me, but I would prefer it to come up on the timing port before the on-board GPS for tracking GPS status of the attached SyncPipe. BTW, I've seen a very nice improvement in 13.2 beta for both throughput and session issues during multipath events. I think 13.2 is going to be a major leap forward for the 450. On 10/3/2014 6:19 PM, Aaron Schneider via Af wrote: Since the last Open Beta load (Build 30), this also contains: ן¿½ * Fix for negative VC count on home page * New OID to see NAT table size in use * Fix for Active FTP with NAT * PPPoE Control Message High Priority with VLAN Enabled ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Added missing OIDs for IPv6 packet filtering configuration ן¿½ We are very close to release, so please give this load a try! ן¿½ Regards, ן¿½ -Aaron ן¿½ *From:*Af [mailto:af-boun...@afmug.com] *On Behalf Of *John Mehling via Af *Sent:* Friday, October 03, 2014 6:10 PM *To:* af@afmug.com mailto:af@afmug.com *Subject:* [AFMUG] 13.2 (Build32) Beta Software is Now Available!ן¿½ן¿½ ן¿½ Folks, Software version 13.2(Build32) has been added to the Cambium Open Beta program for PMP450, PMP430, and PTP230. Please go here:ן¿½https://support.cambiumnetworks.com/betaן¿½if you would like to test the new load and offer feedback on the Beta Forum. ן¿½Fixes in this release include: ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Fix for Motorola Binary GPS based devices (CMM2, SyncPipe, etc) ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Fix for PTP450 link test with small packets causing session drop and/or invalid readings ן¿½ This version also adds OID support for IPv6 packet filtering. As always, we look forward to your feedback.ן¿½ Thank you! -John ן¿½ ן¿½ *John Mehling* Senior Engineer - Support *Cambium Networks* 3800 Golf Rd.,ן¿½ Suite 360 Rolling Meadows, IL 60008 www.cambiumnetworks.com http://www.cambiumnetworks.com v_large_blue_noBG.png ן¿½ -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] 13.2 (Build32) Beta Software is Now Available!
if you have a 10mb unit running in mimo a is it going to pull 10 mb or whatever mimo a correlates to on that unit? if it has less throughput is it still consuming 10mb of ap capacity? If it still pulls 10mb, how much of the ap aggregate capacity is consumed? On Fri, Oct 3, 2014 at 11:46 PM, Bill Prince via Af af@afmug.com wrote: In theory, if an SM has to do MIMO-A, the total throughput would be half of what you could do in dual payload mode. It should not cause another SM to modulate down at all. bp On 10/3/2014 9:41 PM, That One Guy via Af wrote: how bad is the overall throughput hit in MIMO-A, did you notice if it cause the other SMs to modulate down? On Fri, Oct 3, 2014 at 11:34 PM, George Skorup (Cyber Broadcasting) via Af af@afmug.com wrote: Yes, I have a sector loaded that needed MIMO-A. And I found some minor GUI issues and the Moto binary data GPS bug that has now been fixed in build 32. But obviously I don't have things configured like others, such as PPPoE, NAT, VLANs, etc. I just do bridge, no auth/RADIUS, very few APs doing VLAN. So I would encourage more folks to test it out and give feedback to Cambium so they can get any remaining issues ironed out and get 13.2 official out. From the improvements I've seen so far, I want it on every 450 AP and SM, right meow! On 10/3/2014 9:55 PM, Bill Prince via Af wrote: On 13.2 already George?ן¿½ I am happy to let you others get the bleeding done before I step over the edge. I think I will wait about a week before I give it a rip; and then only only low-population APs. bp On 10/3/2014 6:28 PM, George Skorup (Cyber Broadcasting) via Af wrote: I was just discussing with Aaron offlist about build 32 AutoSync selecting the on-board GPS instead of timing port at boot. The deployed AP I have been testing on has a Parasitic SyncPipe, no power port sync and the iGPS on this AP usually always has a good lock. Prior to build 32, it would always boot up and use the timing port. Now build 32 wants the on-board at boot, at least every time I've had a chance to reboot the AP, which has only been the update from build 30 to 32 and one reboot afterwards so far. I would like to know if anyone else sees the same thing happening with build 32. Maybe it's just me, but I would prefer it to come up on the timing port before the on-board GPS for tracking GPS status of the attached SyncPipe. BTW, I've seen a very nice improvement in 13.2 beta for both throughput and session issues during multipath events. I think 13.2 is going to be a major leap forward for the 450. On 10/3/2014 6:19 PM, Aaron Schneider via Af wrote: Since the last Open Beta load (Build 30), this also contains: ן¿½ - Fix for negative VC count on home page - New OID to see NAT table size in use - Fix for Active FTP with NAT - PPPoE Control Message High Priority with VLAN Enabled ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Added missing OIDs for IPv6 packet filtering configuration ן¿½ We are very close to release, so please give this load a try! ן¿½ Regards, ן¿½ -Aaron ן¿½ *From:* Af [mailto:af-boun...@afmug.com af-boun...@afmug.com] *On Behalf Of *John Mehling via Af *Sent:* Friday, October 03, 2014 6:10 PM *To:* af@afmug.com *Subject:* [AFMUG] 13.2 (Build32) Beta Software is Now Available!ן¿½ן¿½ ן¿½ Folks, Software version 13.2(Build32) has been added to the Cambium Open Beta program for PMP450, PMP430, and PTP230. Please go here:ן¿½https://support.cambiumnetworks.com/betaן¿½if you would like to test the new load and offer feedback on the Beta Forum. ן¿½Fixes in this release include: ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Fix for Motorola Binary GPS based devices (CMM2, SyncPipe, etc) ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ן¿½ Fix for PTP450 link test with small packets causing session drop and/or invalid readings ן¿½ This version also adds OID support for IPv6 packet filtering. As always, we look forward to your feedback.ן¿½ Thank you! -John ן¿½ ן¿½ *John Mehling* Senior Engineer - Support *Cambium Networks* 3800 Golf Rd.,ן¿½ Suite 360 Rolling Meadows, IL 60008 www.cambiumnetworks.com [image: v_large_blue_noBG.png] ן¿½ -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925