Re: [AFMUG] ESXi 5.5

[Josh Baird via Af]

You lose all of the non-free features and you cannot start or manage VM's.

The essentials kit which includes licenses for up to (3) 2-socket hosts is
~$500.  You don't get vMotion or any storage HA related features with
Essentials, but you do get vCenter Server, templates, backup API, etc.

Josh

On Tue, Sep 16, 2014 at 2:29 PM, David via Af  wrote:

> Anyone using vmware 5.5 evaluation ?
> What happens when you ur eval expires?
> how much is the essentials license?
>
>
> --
>

Re: [AFMUG] ESXi 5.5

[Josh Baird via Af]

You also don't need to buy Essentials if you don't require the features
that it provides... you can just request a free ESXI key from VMWare.

On Tue, Sep 16, 2014 at 2:35 PM, Josh Baird  wrote:

> You lose all of the non-free features and you cannot start or manage VM's.
>
> The essentials kit which includes licenses for up to (3) 2-socket hosts is
> ~$500.  You don't get vMotion or any storage HA related features with
> Essentials, but you do get vCenter Server, templates, backup API, etc.
>
> Josh
>
> On Tue, Sep 16, 2014 at 2:29 PM, David via Af  wrote:
>
>> Anyone using vmware 5.5 evaluation ?
>> What happens when you ur eval expires?
>> how much is the essentials license?
>>
>>
>> --
>>
>
>

Re: [AFMUG] Exalt?

[Josh Baird via Af]

So were they just dumping inventory with the recent G2 promotions?

Sent from my iPhone

> On Sep 18, 2014, at 7:59 PM, Jose Burgos via Af  wrote:
> 
> Yes, I heard that they closed their doors two (2) days ago. 
> 
> Sent from Jose's iPhone - Pinnacle Wireless
> 
> 
>> On Sep 18, 2014, at 8:57 PM, "Matt Jenkins via Af"  wrote:
>> 
>> I heard a rumor that Exalt went out of business. Can anyone confirm or deny?

Re: [AFMUG] Bash specially-crafted environment variables code injection attack

[Josh Baird via Af]

It can be exposed by anything that invokes bash - which is a ton of stuff
typically on Linux systems.

On Thu, Sep 25, 2014 at 2:25 PM, Peter Kranz via Af  wrote:

> PS.. This vulnerability can be exploited via HTTP/Apache attack vectors,
> so you need to patch any vulnerable system running Apache.
>
> Peter Kranz
> Founder/CEO - Unwired Ltd
> www.UnwiredLtd.com
> Desk: 510-868-1614 x100
> Mobile: 510-207-
> pkr...@unwiredltd.com
>
> -Original Message-
> From: Af [mailto:af-bounces+pkranz=unwiredltd@afmug.com] On Behalf Of
> Matt via Af
> Sent: Thursday, September 25, 2014 10:27 AM
> To: af@afmug.com
> Subject: [AFMUG] Bash specially-crafted environment variables code
> injection attack
>
> Bash specially-crafted environment variables code injection attack
>
>
> https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
>
>

Re: [AFMUG] Bash specially-crafted environment variables code injection attack

[Josh Baird via Af]

If it runs bash, it's vulnerable.  Cisco devices running IOS don't use bash
for anything that I know of.  I'm not sure about MT, but I doubt that it's
a concern there either.

On Thu, Sep 25, 2014 at 4:04 PM, Ty Featherling via Af  wrote:

> Yeah I am trying to figure out what else I may be operating that is
> vulnerable. UBNT? Mikrotik? Cisco?
>
> -Ty
>
> On Thu, Sep 25, 2014 at 3:00 PM, Josh Baird via Af  wrote:
>
>> It can be exposed by anything that invokes bash - which is a ton of stuff
>> typically on Linux systems.
>>
>> On Thu, Sep 25, 2014 at 2:25 PM, Peter Kranz via Af  wrote:
>>
>>> PS.. This vulnerability can be exploited via HTTP/Apache attack vectors,
>>> so you need to patch any vulnerable system running Apache.
>>>
>>> Peter Kranz
>>> Founder/CEO - Unwired Ltd
>>> www.UnwiredLtd.com
>>> Desk: 510-868-1614 x100
>>> Mobile: 510-207-
>>> pkr...@unwiredltd.com
>>>
>>> -Original Message-
>>> From: Af [mailto:af-bounces+pkranz=unwiredltd@afmug.com] On Behalf
>>> Of Matt via Af
>>> Sent: Thursday, September 25, 2014 10:27 AM
>>> To: af@afmug.com
>>> Subject: [AFMUG] Bash specially-crafted environment variables code
>>> injection attack
>>>
>>> Bash specially-crafted environment variables code injection attack
>>>
>>>
>>> https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
>>>
>>>
>>
>

Re: [AFMUG] Power up the tower?

[Josh Baird via Af]

If the radios did have SFPs, wouldn't you still need to provide sync (which
would mean additional cables)?

On Sun, Sep 28, 2014 at 10:12 AM, Mark Radabaugh via Af 
wrote:

>
> http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CC0QFjAA&url=http%3A%2F%2Fwww.commscope.com%2FDocs%2FHELIAX_FFDirect_Brochure_BR-107083.pdf&ei=uhQoVLffMIWayQSu5YCoBA&usg=AFQjCNFvqSzEDLibQ4WCTebhIbt3KgEQYQ&sig2=gR3vElbGdefgDpcYEtvB2Q&bvm=bv.76247554,d.aWw
>
> I'm getting pricing on this - if it's anything remotely reasonable I'm
> really thinking about using this for tower sites.   With 3 fiber feeds and
> 3 power feeds I can use one power/fiber pair to each of the SAF Integra's,
> and use the other one to go to a enclosure with power and a switch to
> connect to the APs'.
>
> I'm trying to find out if I can get a small switch and a PacketFlux
> Syncinjector stuffed into a 3M Tower Dome Closure:
>
>
> http://multimedia.3m.com/mws/mediawebserver?mwsId=6UgxGCuNyXTtoxMVlxMVEVtQEcuZgVs6EVs6E66--&fn=Tower_Dome_Terminal_TDT_T_25_6RS
>
> The combination seems like it would solve a lot of problems.   It gives us
> one cable up the tower and the cable fits properly into standard tower
> hangers.  The dome closure can be built on the ground with appropriate
> length cables to each AP so that the whole thing can be assembled on the
> ground and then hoisted into place so that the tower monkeys only have to
> plug things in.
>
> The other nice part is if you are using contract tower crews the whole
> thing looks just like installing a standard Remote Radio Unit (RRU) radio
> head, so they should both not need a lot of retraining.
>
> If we could get our radio manufacturers to start making equipment with
> SFP's this would be even easier.That's a hint there Cambium.
>
>
> Mark
>
> On 9/28/14, 9:50 AM, Chuck Hogg via Af wrote:
>
> We do power and fiber up the tower as our standard...ever since that
> standard has been used, I don't think we've lost a site yet.
>
> Regards,
> Chuck
>
> On Sat, Sep 27, 2014 at 4:32 PM, Matt via Af  wrote:
>
>> This is what we have used for all our CMM units for years.
>>
>> http://www.outdoorspeakerdepot.com/14ga2inspca5.html
>>
>> Outdoor, UV resistant, etc.
>>
>>
>>
>> On Sat, Sep 27, 2014 at 1:16 PM, Gino Villarini via Af 
>> wrote:
>> > Planning on hanging a DC box on the tower
>> >
>> > 30-40w total power
>> >
>> > Cat5 using multiple pairs or 2 conductor cable?
>> >
>> > We are inclined on cat 5 for standardization purposes...
>> >
>> > Sent from Marconi's and Graham Bell's fused thoughts!!!
>> >
>>
>
>
>
> --
> Mark Radabaugh
> Amplex
> m...@amplex.net  419.837.5015 x 1021
>
>

Re: [AFMUG] Power up the tower?

[Josh Baird via Af]

Planet makes a few models that look attractive.

http://www.advice.co.il/data/files/C-IGS-802T_s.pdf

If you need L3 or routing, a 2011 is a cheap solution.

Josh

On Sun, Sep 28, 2014 at 10:47 AM, Gino Villarini via Af 
wrote:

>  Keep us posted on pricing!
>
>  Any ideas of what sw to use on top?
>
> Sent from Marconi's and Graham Bell's fused thoughts!!!
>
>
> On Sep 28, 2014, at 10:13 AM, Mark Radabaugh via Af  wrote:
>
>
> http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CC0QFjAA&url=http%3A%2F%2Fwww.commscope.com%2FDocs%2FHELIAX_FFDirect_Brochure_BR-107083.pdf&ei=uhQoVLffMIWayQSu5YCoBA&usg=AFQjCNFvqSzEDLibQ4WCTebhIbt3KgEQYQ&sig2=gR3vElbGdefgDpcYEtvB2Q&bvm=bv.76247554,d.aWw
>
> I'm getting pricing on this - if it's anything remotely reasonable I'm
> really thinking about using this for tower sites.   With 3 fiber feeds and
> 3 power feeds I can use one power/fiber pair to each of the SAF Integra's,
> and use the other one to go to a enclosure with power and a switch to
> connect to the APs'.
>
> I'm trying to find out if I can get a small switch and a PacketFlux
> Syncinjector stuffed into a 3M Tower Dome Closure:
>
>
> http://multimedia.3m.com/mws/mediawebserver?mwsId=6UgxGCuNyXTtoxMVlxMVEVtQEcuZgVs6EVs6E66--&fn=Tower_Dome_Terminal_TDT_T_25_6RS
>
> The combination seems like it would solve a lot of problems.   It gives us
> one cable up the tower and the cable fits properly into standard tower
> hangers.  The dome closure can be built on the ground with appropriate
> length cables to each AP so that the whole thing can be assembled on the
> ground and then hoisted into place so that the tower monkeys only have to
> plug things in.
>
> The other nice part is if you are using contract tower crews the whole
> thing looks just like installing a standard Remote Radio Unit (RRU) radio
> head, so they should both not need a lot of retraining.
>
> If we could get our radio manufacturers to start making equipment with
> SFP's this would be even easier.That's a hint there Cambium.
>
>
> Mark
>
> On 9/28/14, 9:50 AM, Chuck Hogg via Af wrote:
>
> We do power and fiber up the tower as our standard...ever since that
> standard has been used, I don't think we've lost a site yet.
>
> Regards,
> Chuck
>
> On Sat, Sep 27, 2014 at 4:32 PM, Matt via Af  wrote:
>
>> This is what we have used for all our CMM units for years.
>>
>> http://www.outdoorspeakerdepot.com/14ga2inspca5.html
>>
>> Outdoor, UV resistant, etc.
>>
>>
>>
>> On Sat, Sep 27, 2014 at 1:16 PM, Gino Villarini via Af 
>> wrote:
>> > Planning on hanging a DC box on the tower
>> >
>> > 30-40w total power
>> >
>> > Cat5 using multiple pairs or 2 conductor cable?
>> >
>> > We are inclined on cat 5 for standardization purposes...
>> >
>> > Sent from Marconi's and Graham Bell's fused thoughts!!!
>> >
>>
>
>
>
> --
> Mark Radabaugh
> Amplex
> m...@amplex.net  419.837.5015 x 1021
>
>

Re: [AFMUG] Power up the tower?

[Josh Baird via Af]

The 8port GigE switch that I referenced above has both SFP and copper
interfaces, mounts on a DIN rail and is hardened.  It's also only $199.

Sure - it's twice as many ports as you need, but that may come in handy
down the road.  Anything keeping you from trying this model?

Josh

On Sun, Sep 28, 2014 at 11:28 AM, Mark Radabaugh via Af 
wrote:

> At $4.10 it's not great, but I would probably go for it.   Biggest driver
> for me would be the single cable up the tower and the ease of securing that
> cable.   I used to do 'box at the top' and moved to individual runs to the
> base. The cabling is a nuisance with everything at the bottom which is why
> I am looking at going back to the 'box at the top' method.   I have not
> found a great deal of difference in equipment survival either way.
>
> As for switches I'm considering doing 2 of these to serve 4 AP's -
> http://www.garrettcom.com/csg14.htm   Using simplex SFP's I can use one
> fiber for each convertor.   So far I have not found a 4 port GigE + 1 SFP
> extended temperature DIN rail mount switch. Still looking.
>
> Mark
>
>
>
> On 9/28/14, 11:00 AM, Chuck Hogg via Af wrote:
>
>> I have requested pricing on this as well.  I think that in the end, it
>> was overly expensive (something like 4x the cost of doing 2 split runs,
>> $4.10/ft or something like that). If we could get that even within 15% of
>> what I'm paying now, I'd be happy.
>>
>> Regards,
>> Chuck
>>
>>
> --
> Mark Radabaugh
> Amplex
>
> m...@amplex.net  419.837.5015 x 1021
>
>

Re: [AFMUG] gige apc for all

[Josh Baird via Af]

Yeah, I wish the GigeAPCs had the red/green LEDs, too.

On Mon, Sep 29, 2014 at 2:13 PM, Ken Hohhof via Af  wrote:

>   Maybe if you like the red and green LEDs?  I have to admit they’re
> useful.
>
>  *From:* That One Guy via Af 
> *Sent:* Monday, September 29, 2014 1:09 PM
> *To:* af@afmug.com
> *Subject:* [AFMUG] gige apc for all
>
>
> the application sheet shows gigeapc hv for everything now even the 320 ap,
> is there any major reason not to use these across the board son the
> numskulls dont have to look at the application chart to swap a card?
> --
> All parts should go together without forcing. You must remember that the
> parts you are reassembling were disassembled by you. Therefore, if you
> can't get them together again, there must be a reason. By all means, do not
> use a hammer. -- IBM maintenance manual, 1925
>

Re: [AFMUG] Fall colors

[Josh Baird via Af]

That is a lot of AP's.  What kind of backhaul?

On Mon, Sep 29, 2014 at 7:44 PM, Sean Heskett via Af  wrote:

> Yeah that tower is one of our busiest
>
> We have 23 APs there
> 6-450s
> 5-430s
> 12-fsk
>
> Around 700-800 clients :)
>
> Plus the views from the top are amazing!
>
>
>
> On Monday, September 29, 2014, Matt Jenkins via Af  wrote:
>
>> I am having serious tower envy right now. Your coverage potential is
>> astounding!
>>
>> Matthew Jenkins
>> SmarterBroadband
>> m...@sbbinc.net
>> 530.272.4000
>>
>> On 09/29/2014 12:20 PM, Sean Heskett via Af wrote:
>>
>>> i thought y'all might enjoy some pics from one of our towers.
>>>
>>>
>>

Re: [AFMUG] DNS server for guys who dont want to be gurus

[Josh Baird via Af]

CentOS doesn't have the latest and greatest packages because it's upstream
is RHEL.  This is the nature of "enterprise linux."  They don't have major
package revisions during the entire lifecycle of any given major version
(ie, RHEL5/6/7) and they backport security fixes and patches.  I wouldn't
really recommend EL5 at this point since it is already two generations
behind EL7 (which includes BIND 9.9.4 and it works perfectly fine).
).

Josh

On Thu, Oct 2, 2014 at 7:26 PM, Timothy D. McNabb via Af 
wrote:

> I’ve never had a problem using yum and CentOS, you are right that the
> packages don’t tend to be latest and greatest. You can added repos that
> support CentOS 5/6 with the packages you are looking for, simplifying the
> process. My preference is still to use CentOS 5, the GNOME and KDE
> interfaces are both laughable on 6 (sad that the interface + packages have
> moved so closely to a desktop computer anymore). I’m not one to use the
> minimal install, but then again I selectively select the packages I desire
> to get the machine going and then add/remove software once it’s configured
> with an internet connection.
>
>
>
> That One Guy, the honest and absolutely EASIEST way to setup BIND is grab
> CentOS 5, then install the Server package BIND. Additionally adding to the
> super-easiness, install a package called “system-config-bind”. You can use
> the search function to find it easy enough. Once everything is installed,
> go to terminal through the GUI and run “system-config-bind” by just typing
> and hit enter. It will bring up a pretty nifty and easy interface to allow
> you to customize a lot of your DNS server. Anything super-granular and you
> will need to run through manually editing config files, but this is enough
> to get brand new machines up and running.
>
>
>
> We don’t run a slave-master setup so I can’t help you there. Both of ours
> are listed as authorative caching open recursion servers (ie they are both
> Masters) with an ACL that allows only our 3 /22’s to talk to them via udp.
>
>
>
> AFAIK the package for system-config-bind is still non-existent as of this
> writing for CentOS 6.
>
>
>
> -Tim
>
>
>
>
>
> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via
> Af
> *Sent:* Thursday, October 02, 2014 4:10 PM
>
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>
>
>
> I already have installed bind through webmin, it is a newer version, just
> by a couple revisions but the ubuntu one wont update any more
>
> its BIND version 9.8.2
>
> I can manually add the slave zone and test the transfer it updates from
> the master, I just assumed I should be able to add it as another slave and
> have it populate all the way
>
>
>
> On Thu, Oct 2, 2014 at 5:30 PM, Ken Hohhof via Af  wrote:
>
> You need a named.conf that defines the slave zones and the IP address of
> the master.
>
>
>
> But first step is to download/compile/install the latest version of BIND,
> it’s actually quite easy.  I doubt you can get the version you want via yum
> update because CentOS is based on RHEL which is always a few steps behind.
> Given the DNS attacks, you want the latest BIND.  You might then want to
> lock out the package from being updated by yum.
>
>
>
>
>
> *From:* That One Guy via Af 
>
> *Sent:* Thursday, October 02, 2014 4:36 PM
>
> *To:* af@afmug.com
>
> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>
>
>
> So Im at a new Centos with webmin fresh bind install.
>
> We have one master, one slave server
>
> I have never set up bind, this was done before me.
>
> If I were to take down the old slave server and bring this one up on its
> IP will the master update this one, or is there a config I need to move
> over. Im more comfotable doing the slave first.
>
> These are all webmin, but the original is ubuntu and the new is centos
>
>
>
> On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af  wrote:
>
> I always install CentOS bare bones …. “minimal server” is what the
> installation will call it.  This way you can install whatever you like
> after installation and not worry about removing many dozen packages you
> don’t need…
>
>
>
> Just my preference anyways….
>
>
>
> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via
> Af
> *Sent:* Thursday, October 02, 2014 2:24 PM
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>
>
>
> 2 questions in this
>
> 1. when running through the current centos installation, what do i select
> for the server type, for powercode it says select basic server
>
> 2. is there a guide for building dedicated centos servers based on server
> purpose? I assume there are packages I dont need to install if its only got
> this purpose
>
>
>
> On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af  wrote:
>
> CentOS+BIND+Webmin J  I can’t remember but Usermin might be the part
> you’re looking for specific to users updating their own DNS…..
>
>
>
>
>

Re: [AFMUG] DNS server for guys who dont want to be gurus

[Josh Baird via Af]

You can if you use third party packages, but you don't need to unless you
need a specific version beyond 9.9.  If you run native CentOS bind packages
and keep them up to date you will (read: should) be safe from any security
vulnerabilities.

On Thu, Oct 2, 2014 at 8:51 PM, That One Guy via Af  wrote:

> i assume i cant update BIND beyong releases specific to CentOS?
>
> On Thu, Oct 2, 2014 at 7:28 PM, Ken Hohhof via Af  wrote:
>
>>   My BIND servers are on 9.10.0-P2.
>>
>>  *From:* That One Guy via Af 
>> *Sent:* Thursday, October 02, 2014 6:10 PM
>> *To:* af@afmug.com
>> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>>
>>  I already have installed bind through webmin, it is a newer version,
>> just by a couple revisions but the ubuntu one wont update any more
>> its BIND version 9.8.2
>> I can manually add the slave zone and test the transfer it updates from
>> the master, I just assumed I should be able to add it as another slave and
>> have it populate all the way
>>
>> On Thu, Oct 2, 2014 at 5:30 PM, Ken Hohhof via Af  wrote:
>>
>>>   You need a named.conf that defines the slave zones and the IP address
>>> of the master.
>>>
>>> But first step is to download/compile/install the latest version of
>>> BIND, it’s actually quite easy.  I doubt you can get the version you want
>>> via yum update because CentOS is based on RHEL which is always a few steps
>>> behind.  Given the DNS attacks, you want the latest BIND.  You might then
>>> want to lock out the package from being updated by yum.
>>>
>>>
>>>  *From:* That One Guy via Af 
>>> *Sent:* Thursday, October 02, 2014 4:36 PM
>>> *To:* af@afmug.com
>>> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>>>
>>>  So Im at a new Centos with webmin fresh bind install.
>>> We have one master, one slave server
>>> I have never set up bind, this was done before me.
>>> If I were to take down the old slave server and bring this one up on its
>>> IP will the master update this one, or is there a config I need to move
>>> over. Im more comfotable doing the slave first.
>>> These are all webmin, but the original is ubuntu and the new is centos
>>>
>>> On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af 
>>> wrote:
>>>
  I always install CentOS bare bones …. “minimal server” is what the
 installation will call it.  This way you can install whatever you like
 after installation and not worry about removing many dozen packages you
 don’t need…



 Just my preference anyways….



 *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy
 via Af
 *Sent:* Thursday, October 02, 2014 2:24 PM
 *To:* af@afmug.com
 *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus



 2 questions in this

 1. when running through the current centos installation, what do i
 select for the server type, for powercode it says select basic server

 2. is there a guide for building dedicated centos servers based on
 server purpose? I assume there are packages I dont need to install if its
 only got this purpose



 On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af 
 wrote:

  CentOS+BIND+Webmin J  I can’t remember but Usermin might be the part
 you’re looking for specific to users updating their own DNS…..







 *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy
 via Af
 *Sent:* Thursday, October 02, 2014 1:21 PM
 *To:* af@afmug.com
 *Subject:* [AFMUG] DNS server for guys who dont want to be gurus



 Is there a good, simple package for locally hosted DNS Servers for
 people like me who dont want to get too far into managing the linux at a
 granular level? we are used to the webmin interface. It would be nice if it
 had the option to set up client accounts for some clients to manage their
 own DNS but not view others, but thats in no way a deal breaker



 --

 All parts should go together without forcing. You must remember that
 the parts you are reassembling were disassembled by you. Therefore, if you
 can't get them together again, there must be a reason. By all means, do not
 use a hammer. -- IBM maintenance manual, 1925





 --

 All parts should go together without forcing. You must remember that
 the parts you are reassembling were disassembled by you. Therefore, if you
 can't get them together again, there must be a reason. By all means, do not
 use a hammer. -- IBM maintenance manual, 1925

>>>
>>>
>>>
>>> --
>>> All parts should go together without forcing. You must remember that the
>>> parts you are reassembling were disassembled by you. Therefore, if you
>>> can't get them together again, there must be a reason. By all means, do not
>>> use a hammer. -- IBM maintenance manual, 1925
>>>
>>
>>
>>

Re: [AFMUG] DNS server for guys who dont want to be gurus

[Josh Baird via Af]

I don't use webmin, so I can't specifically answer your questions.. but,
yes, Webmin is simply a "front-end" for various services that you have
running on your server.  Out of the box, your server is configured to use
specific yum (software) repositories that are specific to CentOS 5/6/7.
Unless you manually update one of these repository definitions or are using
your own local RPM packages, you will be pointing at these native
repositories.  CentOS/RHEL repositories maintain the same major version of
package (9.8.2 in EL6, 9.9.4 in EL7) throughout a major version's lifecycle
(ie 6.x, 7.x).  RHEL/CentOS backports security patches into older (stable)
versions; so even if you are running RHEL6 with BIND 9.8.2, you are not
vulnerable to security flaws or exploits (as long as you keep your server's
packages up to date).

CentOS/RHEL is not bleeding edge.  They offer stable versions of software
and keep them up to date and safe by backporting security patches.  If you
want bleeding edge packages you have a few options - find third party yum
repositories with newer packages, compile your own BIND or use
"non-enterprise" Linux distributions such as Fedora.

Josh

On Thu, Oct 2, 2014 at 9:09 PM, That One Guy via Af  wrote:

> so, webmin, it is just in its most basic form a gui and package management
> system for linux and linux server components?? Is this correct?
>
> When I go to the package manager through webmin is if only looking in
> repositories for packages compiled to run in webmin, or is it looking for
> packages compiled for the underlying linux distibution??
>
> So if I want to update to the newest fanciest BIND version, how would I go
> about it, yum update bind and the like dont take it any further? If I did
> this outside of webmin, will I lose the webmin functionality or cause it
> not to function? Virtualmin as best i can tell is a module for webmin, will
> this give me better access to newer versions of BIND? I like windows
> because stuff either doesnt work or its got bugs, we get two choices.
>
> It looks like 9.8.8 is EOL last month, so i see what you guys are saying
> about being behind
> 9.9.6 and 9.10.1 are both listed as current and stable, but 9.9.6 says
> Extended Support Version, what does that mean?
>
> On Thu, Oct 2, 2014 at 7:51 PM, That One Guy via Af  wrote:
>
>> i assume i cant update BIND beyong releases specific to CentOS?
>>
>> On Thu, Oct 2, 2014 at 7:28 PM, Ken Hohhof via Af  wrote:
>>
>>>   My BIND servers are on 9.10.0-P2.
>>>
>>>  *From:* That One Guy via Af 
>>> *Sent:* Thursday, October 02, 2014 6:10 PM
>>> *To:* af@afmug.com
>>> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>>>
>>>  I already have installed bind through webmin, it is a newer version,
>>> just by a couple revisions but the ubuntu one wont update any more
>>> its BIND version 9.8.2
>>> I can manually add the slave zone and test the transfer it updates from
>>> the master, I just assumed I should be able to add it as another slave and
>>> have it populate all the way
>>>
>>> On Thu, Oct 2, 2014 at 5:30 PM, Ken Hohhof via Af  wrote:
>>>
   You need a named.conf that defines the slave zones and the IP
 address of the master.

 But first step is to download/compile/install the latest version of
 BIND, it’s actually quite easy.  I doubt you can get the version you want
 via yum update because CentOS is based on RHEL which is always a few steps
 behind.  Given the DNS attacks, you want the latest BIND.  You might then
 want to lock out the package from being updated by yum.


  *From:* That One Guy via Af 
 *Sent:* Thursday, October 02, 2014 4:36 PM
 *To:* af@afmug.com
 *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus

  So Im at a new Centos with webmin fresh bind install.
 We have one master, one slave server
 I have never set up bind, this was done before me.
 If I were to take down the old slave server and bring this one up on
 its IP will the master update this one, or is there a config I need to move
 over. Im more comfotable doing the slave first.
 These are all webmin, but the original is ubuntu and the new is centos

 On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af 
 wrote:

>  I always install CentOS bare bones …. “minimal server” is what the
> installation will call it.  This way you can install whatever you like
> after installation and not worry about removing many dozen packages you
> don’t need…
>
>
>
> Just my preference anyways….
>
>
>
> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy
> via Af
> *Sent:* Thursday, October 02, 2014 2:24 PM
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>
>
>
> 2 questions in this
>
> 1. when running through the current centos installation, what do i
> select fo

Re: [AFMUG] DNS server for guys who dont want to be gurus

[Josh Baird via Af]

There probably isn't.  Use CentOS.

Josh

On Thu, Oct 2, 2014 at 9:34 PM, That One Guy via Af  wrote:

> I dont want bleeding edge, I like stable, and as long as its "secure" I
> dont like to change.
> I never had really thought about purchased Linux before, looking at RHEL I
> have no clue and I dont know that there is much benefit to it with a
> handful of small single purpose virtual servers
>
> On Thu, Oct 2, 2014 at 8:23 PM, Josh Baird via Af  wrote:
>
>> I don't use webmin, so I can't specifically answer your questions.. but,
>> yes, Webmin is simply a "front-end" for various services that you have
>> running on your server.  Out of the box, your server is configured to use
>> specific yum (software) repositories that are specific to CentOS 5/6/7.
>> Unless you manually update one of these repository definitions or are using
>> your own local RPM packages, you will be pointing at these native
>> repositories.  CentOS/RHEL repositories maintain the same major version of
>> package (9.8.2 in EL6, 9.9.4 in EL7) throughout a major version's lifecycle
>> (ie 6.x, 7.x).  RHEL/CentOS backports security patches into older (stable)
>> versions; so even if you are running RHEL6 with BIND 9.8.2, you are not
>> vulnerable to security flaws or exploits (as long as you keep your server's
>> packages up to date).
>>
>> CentOS/RHEL is not bleeding edge.  They offer stable versions of software
>> and keep them up to date and safe by backporting security patches.  If you
>> want bleeding edge packages you have a few options - find third party yum
>> repositories with newer packages, compile your own BIND or use
>> "non-enterprise" Linux distributions such as Fedora.
>>
>> Josh
>>
>> On Thu, Oct 2, 2014 at 9:09 PM, That One Guy via Af  wrote:
>>
>>> so, webmin, it is just in its most basic form a gui and package
>>> management system for linux and linux server components?? Is this correct?
>>>
>>> When I go to the package manager through webmin is if only looking in
>>> repositories for packages compiled to run in webmin, or is it looking for
>>> packages compiled for the underlying linux distibution??
>>>
>>> So if I want to update to the newest fanciest BIND version, how would I
>>> go about it, yum update bind and the like dont take it any further? If I
>>> did this outside of webmin, will I lose the webmin functionality or cause
>>> it not to function? Virtualmin as best i can tell is a module for webmin,
>>> will this give me better access to newer versions of BIND? I like windows
>>> because stuff either doesnt work or its got bugs, we get two choices.
>>>
>>> It looks like 9.8.8 is EOL last month, so i see what you guys are
>>> saying about being behind
>>> 9.9.6 and 9.10.1 are both listed as current and stable, but 9.9.6 says
>>> Extended Support Version, what does that mean?
>>>
>>> On Thu, Oct 2, 2014 at 7:51 PM, That One Guy via Af 
>>> wrote:
>>>
>>>> i assume i cant update BIND beyong releases specific to CentOS?
>>>>
>>>> On Thu, Oct 2, 2014 at 7:28 PM, Ken Hohhof via Af  wrote:
>>>>
>>>>>   My BIND servers are on 9.10.0-P2.
>>>>>
>>>>>  *From:* That One Guy via Af 
>>>>> *Sent:* Thursday, October 02, 2014 6:10 PM
>>>>> *To:* af@afmug.com
>>>>> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>>>>>
>>>>>  I already have installed bind through webmin, it is a newer version,
>>>>> just by a couple revisions but the ubuntu one wont update any more
>>>>> its BIND version 9.8.2
>>>>> I can manually add the slave zone and test the transfer it updates
>>>>> from the master, I just assumed I should be able to add it as another 
>>>>> slave
>>>>> and have it populate all the way
>>>>>
>>>>> On Thu, Oct 2, 2014 at 5:30 PM, Ken Hohhof via Af 
>>>>> wrote:
>>>>>
>>>>>>   You need a named.conf that defines the slave zones and the IP
>>>>>> address of the master.
>>>>>>
>>>>>> But first step is to download/compile/install the latest version of
>>>>>> BIND, it’s actually quite easy.  I doubt you can get the version you want
>>>>>> via yum update because CentOS is based on RHEL which is always a few 
>>>>>> steps
>>>>>> behind.  Give

Re: [AFMUG] DNS server for guys who dont want to be gurus

[Josh Baird via Af]

Yeah.  RHEL/CentOS backport security patches.  To quote myself from a
previous email in this thread:

CentOS doesn't have the latest and greatest packages because it's upstream
is RHEL.  This is the nature of "enterprise linux."  They don't have major
package revisions during the entire lifecycle of any given major version
(ie, RHEL5/6/7) and they backport security fixes and patches.

On Fri, Oct 3, 2014 at 9:30 AM, Ken Hohhof via Af  wrote:

>   I would disagree, didn’t Steve say the latest he updated to was 9.8.2?
>
> https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html
>
> ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions
> old.  With all the DNS amplification attacks and these zero day exploits
> coming out all the time, I’d want to be pretty current, plus I believe 9.10
> gives you RRL in your toolbox to deal with attacks although I’ll admit I
> haven’t had time to experiment with it.
>
>
>  *From:* Mike Hammett via Af 
> *Sent:* Friday, October 03, 2014 6:10 AM
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>
>  The server based distributions like CentOS\RHEL and Debian generally are
> close to current regarding security updates even if they don't have the
> latest version.
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> --
> *From: *"Ken Hohhof via Af" 
> *To: *af@afmug.com
> *Sent: *Thursday, October 2, 2014 5:30:01 PM
> *Subject: *Re: [AFMUG] DNS server for guys who dont want to be gurus
>
>  You need a named.conf that defines the slave zones and the IP address of
> the master.
>
> But first step is to download/compile/install the latest version of BIND,
> it’s actually quite easy.  I doubt you can get the version you want via yum
> update because CentOS is based on RHEL which is always a few steps behind.
> Given the DNS attacks, you want the latest BIND.  You might then want to
> lock out the package from being updated by yum.
>
>
>  *From:* That One Guy via Af 
> *Sent:* Thursday, October 02, 2014 4:36 PM
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>
>  So Im at a new Centos with webmin fresh bind install.
> We have one master, one slave server
> I have never set up bind, this was done before me.
> If I were to take down the old slave server and bring this one up on its
> IP will the master update this one, or is there a config I need to move
> over. Im more comfotable doing the slave first.
> These are all webmin, but the original is ubuntu and the new is centos
>
> On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af  wrote:
>
>>  I always install CentOS bare bones …. “minimal server” is what the
>> installation will call it.  This way you can install whatever you like
>> after installation and not worry about removing many dozen packages you
>> don’t need…
>>
>>
>>
>> Just my preference anyways….
>>
>>
>>
>> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via
>> Af
>> *Sent:* Thursday, October 02, 2014 2:24 PM
>> *To:* af@afmug.com
>> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>>
>>
>>
>> 2 questions in this
>>
>> 1. when running through the current centos installation, what do i select
>> for the server type, for powercode it says select basic server
>>
>> 2. is there a guide for building dedicated centos servers based on server
>> purpose? I assume there are packages I dont need to install if its only got
>> this purpose
>>
>>
>>
>> On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af  wrote:
>>
>>  CentOS+BIND+Webmin J  I can’t remember but Usermin might be the part
>> you’re looking for specific to users updating their own DNS…..
>>
>>
>>
>>
>>
>>
>>
>> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via
>> Af
>> *Sent:* Thursday, October 02, 2014 1:21 PM
>> *To:* af@afmug.com
>> *Subject:* [AFMUG] DNS server for guys who dont want to be gurus
>>
>>
>>
>> Is there a good, simple package for locally hosted DNS Servers for people
>> like me who dont want to get too far into managing the linux at a granular
>> level? we are used to the webmin interface. It would be nice if it had the
>> option to set up client accounts for some clients to manage their own DNS
>> but not view others, but thats in no way a deal breaker
>>
>>
>>
>> --
>>
>> All parts should go together without forcing. You must remember that the
>> parts you are reassembling were disassembled by you. Therefore, if you
>> can't get them together again, there must be a reason. By all means, do not
>> use a hammer. -- IBM maintenance manual, 1925
>>
>>
>>
>>
>>
>> --
>>
>> All parts should go together without forcing. You must remember that the
>> parts you are reassembling were disassembled by you. Therefore, if you
>> can't get them together again, there must be a reason. By all means, do not
>> use a hammer. -- IBM maintenance manual, 1925
>>
>
>
>
>

Re: [AFMUG] DNS server for guys who dont want to be gurus

[Josh Baird via Af]

If it's BIND 9.8.2 from the CentOS updates repositories, it's patched.  It
won't contain non-security related features of later versions, but it has
been patched for any security related stuff.  The internal patch/version
level of the package is denoted in the RPM's filename for EL.

On Fri, Oct 3, 2014 at 9:57 AM, Ken Hohhof via Af  wrote:

>   I don’t think so.
>
>  *From:* Adam Moffett via Af 
> *Sent:* Friday, October 03, 2014 8:34 AM
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>
> It may be 9.8.2 with security fixes backported from later versions.
>
>
>  I would disagree, didn’t Steve say the latest he updated to was 9.8.2?
>
> https://kb.isc.org/article/AA-00913/0/BIND-9-Security-Vulnerability-Matrix.html
>
> ISC shows 9.8.8 EOL as of September 2014, so 9.8.2 is quite a few versions
> old.  With all the DNS amplification attacks and these zero day exploits
> coming out all the time, I’d want to be pretty current, plus I believe 9.10
> gives you RRL in your toolbox to deal with attacks although I’ll admit I
> haven’t had time to experiment with it.
>
>
>  *From:* Mike Hammett via Af 
> *Sent:* Friday, October 03, 2014 6:10 AM
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>
>  The server based distributions like CentOS\RHEL and Debian generally are
> close to current regarding security updates even if they don't have the
> latest version.
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> --
> *From: *"Ken Hohhof via Af" mailto:af@afmug.com 
>
> *To: *af@afmug.com
> *Sent: *Thursday, October 2, 2014 5:30:01 PM
> *Subject: *Re: [AFMUG] DNS server for guys who dont want to be gurus
>
>  You need a named.conf that defines the slave zones and the IP address of
> the master.
>
> But first step is to download/compile/install the latest version of BIND,
> it’s actually quite easy.  I doubt you can get the version you want via yum
> update because CentOS is based on RHEL which is always a few steps behind.
> Given the DNS attacks, you want the latest BIND.  You might then want to
> lock out the package from being updated by yum.
>
>
>  *From:* That One Guy via Af 
> *Sent:* Thursday, October 02, 2014 4:36 PM
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>
>  So Im at a new Centos with webmin fresh bind install.
> We have one master, one slave server
> I have never set up bind, this was done before me.
> If I were to take down the old slave server and bring this one up on its
> IP will the master update this one, or is there a config I need to move
> over. Im more comfotable doing the slave first.
> These are all webmin, but the original is ubuntu and the new is centos
>
> On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af  wrote:
>
>>  I always install CentOS bare bones …. “minimal server” is what the
>> installation will call it.  This way you can install whatever you like
>> after installation and not worry about removing many dozen packages you
>> don’t need…
>>
>>
>>
>> Just my preference anyways….
>>
>>
>>
>> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via
>> Af
>> *Sent:* Thursday, October 02, 2014 2:24 PM
>> *To:* af@afmug.com
>> *Subject:* Re: [AFMUG] DNS server for guys who dont want to be gurus
>>
>>
>>
>> 2 questions in this
>>
>> 1. when running through the current centos installation, what do i select
>> for the server type, for powercode it says select basic server
>>
>> 2. is there a guide for building dedicated centos servers based on server
>> purpose? I assume there are packages I dont need to install if its only got
>> this purpose
>>
>>
>>
>> On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af  wrote:
>>
>>  CentOS+BIND+Webmin J  I can’t remember but Usermin might be the part
>> you’re looking for specific to users updating their own DNS…..
>>
>>
>>
>>
>>
>>
>>
>> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy via
>> Af
>> *Sent:* Thursday, October 02, 2014 1:21 PM
>> *To:* af@afmug.com
>> *Subject:* [AFMUG] DNS server for guys who dont want to be gurus
>>
>>
>>
>> Is there a good, simple package for locally hosted DNS Servers for people
>> like me who dont want to get too far into managing the linux at a granular
>> level? we are used to the webmin interface. It would be nice if it had the
>> option to set up client accounts for some clients to manage their own DNS
>> but not view others, but thats in no way a deal breaker
>>
>>
>>
>> --
>>
>> All parts should go together without forcing. You must remember that the
>> parts you are reassembling were disassembled by you. Therefore, if you
>> can't get them together again, there must be a reason. By all means, do not
>> use a hammer. -- IBM maintenance manual, 1925
>>
>>
>>
>>
>>
>> --
>>
>> All parts should go together without forcing. You must remember that the
>> parts you are reassembli

Re: [AFMUG] 450 sector

[Josh Baird via Af]

Can't you do this on the ITElite dual band sectors?

> On Oct 3, 2014, at 5:25 PM, Gino Villarini via Af  wrote:
> 
> 
> Alpha antennas makes a quad pol sectorŠ hmm 450 + epmp?
> 
> 
> Gino A. Villarini
> President
> Aeronet Wireless Broadband Corp.
> www.aeronetpr.com  
> @aeronetpr
> 
> 
> 
> 
> 
> 
>> On 10/3/14, 5:18 PM, "Adam Moffett via Af"  wrote:
>> 
>> We're actually really liking the 450 sector with the third 10dbi
>> connector.  We first used it to put connectorized FSK radios on the
>> tower without adding another antenna.  Since then we've discussed using
>> it with ePMP or other products just to have the third connector for
>> other uses.  We like the idea that we can sneak another single polarity
>> 5.4 or 5.7 radio up without much fuss.
>> 
>> I was wondering if they're going to keep making that antenna even though
>> the FSK compatibility never worked out.  Has the rumor mill heard
>> anything about it going away or not?  Any official word from Cambium?
> 

Re: [AFMUG] PacketFlux Product Ideas

[Josh Baird via Af]

I wish the CTM2 didn't carry such a hefty price tag.

On Mon, Oct 6, 2014 at 12:31 PM, Gino Villarini via Af  wrote:

> ctm2?
>
>
>
> Gino A. Villarini
> President
> Aeronet Wireless Broadband Corp.
> www.aeronetpr.com
> @aeronetpr
>
>
>
>
>
>
> On 10/6/14, 12:05 PM, "Paul McCall via Af"  wrote:
>
> >+1
> >
> >-Original Message-
> >From: Af [mailto:af-boun...@afmug.com] On Behalf Of Matt via Af
> >Sent: Monday, October 06, 2014 11:21 AM
> >To: af@afmug.com
> >Subject: Re: [AFMUG] PacketFlux Product Ideas
> >
> >Rack mount 24 port sync over power injector.  Possibly with surge
> >protection.
> >
> >
> >On Sun, Oct 5, 2014 at 3:19 PM, Forrest Christian (List Account) via Af
> > wrote:
> >> It's been (quite) a while since I sent one of these messages out to
> >> the list.
> >>
> >> With the release of all of our new gigabit injectors, it is time for
> >> me to decide which products will be next out the door at PacketFlux.
> >>
> >> We've got several products at various stages of completion, but almost
> >> all of them I expect to be very low volume projects - the type of
> >> products we complete just because they help fill out our product
> >>offering instead of
> >> expecting a lot of revenue from them.   A couple of these have appeared
> >>on
> >> the website recently - I.E. a 2 Relay, 3 Switch module, and the
> >> voltmeter/shunt input modules.
> >>
> >> So, what I'd love to hear is some suggestions for products PacketFlux
> >>could
> >> build which would help you in your WISP.   I'm particularly looking for
> >> products which if they existed would go at every one of your tower
> >> sites, or even better at every customer location.  I know these product
> >>ideas exist
> >> out there, and I'd love to hear them.   Feel free to throw ideas out
> >>which
> >> are outside of the narrow niche that you think of PacketFlux fitting
> >>into.
> >>
> >> One final note  - there is always a query for an all-in-one tower
> >> device which includes some mixture of ac power supply, dc-dc
> >> conversion, battery charging/management, Ethernet switch, router, power
> >>injection, fiber
> >> conversion, etc..   I've heard those loud and clear and am aware of that
> >> desire.   There's work being done in-house toward something like that,
> >>but
> >> there are many hurdles left to make it a reality.  If there's a
> >> simplified version of this which would fit a specific, widespread,
> >> need I'd love to hear about it, but the idea of a device you put into
> >> your rack and it handles everything needed at a tower site is still
> >>quite a ways off for us.
> >>
> >> So, throw your best ideas out there... I'd love to take a couple and
> >> run with them.
> >>
> >> -forrest
> >>
> >>
> >>
> >>
>
>

Re: [AFMUG] PacketFlux Product Ideas

[Josh Baird via Af]

+1.  I would also like to see a more "refined" and usable web interface for
the SiteMonitor line of products.

On Mon, Oct 6, 2014 at 1:10 PM, Adam Moffett via Af  wrote:

>
> Or 12 port?  Anything more than 4.
>
>  Rack mount 24 port sync over power injector.  Possibly with surge
>> protection.
>>
>>
>> On Sun, Oct 5, 2014 at 3:19 PM, Forrest Christian (List Account) via
>> Af  wrote:
>>
>>> It's been (quite) a while since I sent one of these messages out to the
>>> list.
>>>
>>> With the release of all of our new gigabit injectors, it is time for me
>>> to
>>> decide which products will be next out the door at PacketFlux.
>>>
>>> We've got several products at various stages of completion, but almost
>>> all
>>> of them I expect to be very low volume projects - the type of products we
>>> complete just because they help fill out our product offering instead of
>>> expecting a lot of revenue from them.   A couple of these have appeared
>>> on
>>> the website recently - I.E. a 2 Relay, 3 Switch module, and the
>>> voltmeter/shunt input modules.
>>>
>>> So, what I'd love to hear is some suggestions for products PacketFlux
>>> could
>>> build which would help you in your WISP.   I'm particularly looking for
>>> products which if they existed would go at every one of your tower
>>> sites, or
>>> even better at every customer location.  I know these product ideas exist
>>> out there, and I'd love to hear them.   Feel free to throw ideas out
>>> which
>>> are outside of the narrow niche that you think of PacketFlux fitting
>>> into.
>>>
>>> One final note  - there is always a query for an all-in-one tower device
>>> which includes some mixture of ac power supply, dc-dc conversion, battery
>>> charging/management, Ethernet switch, router, power injection, fiber
>>> conversion, etc..   I've heard those loud and clear and am aware of that
>>> desire.   There's work being done in-house toward something like that,
>>> but
>>> there are many hurdles left to make it a reality.  If there's a
>>> simplified
>>> version of this which would fit a specific, widespread, need I'd love to
>>> hear about it, but the idea of a device you put into your rack and it
>>> handles everything needed at a tower site is still quite a ways off for
>>> us.
>>>
>>> So, throw your best ideas out there... I'd love to take a couple and run
>>> with them.
>>>
>>> -forrest
>>>
>>>
>>>
>>>
>>>
>

Re: [AFMUG] ePMP PTP Latency

[Josh Baird via Af]

The new ePMP PTP?  Are you talking about the ePMP radios that have been
shipping for months now?  I wasn't in Vegas this week, so maybe I missed
something.

On Thu, Oct 16, 2014 at 5:19 PM, Matt via Af  wrote:

> Anyone heard what the new ePMP PTP will have for latency when using GPS
> sync?
>

Re: [AFMUG] Vivint wireless

[Josh Baird via Af]

What PtMP platform are they using for this?

On Thu, Oct 23, 2014 at 8:32 AM, Chuck McCown via Af  wrote:

>   I talked to a customer.  He is a quarter mile away from one of their
> major AP sites.  Works well.  But I guess not so well if there is anything
> less than a perfect path.
>
>  *From:* TJ Trout via Af 
> *Sent:* Wednesday, October 22, 2014 10:43 PM
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] Vivint wireless
>
>
> Where have you been? Lol search the list :]
> On Oct 22, 2014 8:39 PM, "Jaime Solorza via Af"  wrote:
>
>> Spoke to young guys from Vivint
>> Today at lunch and they are beta testing 50 x 50 mbps wireless using a
>> fiber fed hub and then cover a neighborhood.  Testing here and Utah
>> somewhere.  They work for automation branch and didnt know particulars.
>> Anyone hear about this?
>> Jaime Solorza
>>
>

Re: [AFMUG] Plat hardware? Any simple solutions?

[Josh Baird via Af]

Here is one cheap way to tackle this:

Buy 3 servers from eBay.  I recently bought several Dell PowerEdge R710's
loaded with 2 6C CPU's, 48GB of RAM, and 6 1TB disks for ~1k/each.

Buy VMWare Essentials licensing for ~500.  This does NOT give you
HA/vMotion/VSA/etc, but it does give you the ability to run a centralized
vSphere server, support, and unlocks the backup API which is required by
most backup platforms for native VM backups.  Essentials allows you to run
up to three hosts with (2) sockets each.  You can either run the vSphere
server as a VM on one of the hosts, or you can run it on a separate
physical server.

For backups, you can either purchase software (ie, Veeam) or roll your own
solution using GhettoVCB.  GhettoVCB essentially takes a live snapshot of a
VM.  I typically just use GhettoVCB in small environments.  I would install
a NAS (or more likely just a Linux server), export a filesystem via NFS,
mount that filesystem as a NFS datastore on each ESXi host, and then
schedule regular backups of all VM's to the datastore.  It's a free simple
solution if you feel comfortable enough to support it.  If you lose a host,
you can quickly restore the backups to another host.  Some people are fine
with this level of redundancy, some are not.

I wouldn't mess with shared storage or VMWare HA/vMotion for something as
small as you are describing.  Local disk is cheaper and faster than most
entry level SAN platforms in most cases.  You may also want to look into
Hyper-V 2012 as well.  I believe it may be free now, but I'm not certain.

Josh

On Wed, Oct 22, 2014 at 9:59 PM, TJ Trout via Af  wrote:

> Fail tolerance in terms or being able to recover from a disaster and not
> loose everything
>
> On Wed, Oct 22, 2014 at 7:57 PM, TJ Trout via Af  wrote:
>
>> Could this be done with reliability and fault tolerance using vsphere
>> with only 1 machine? and a NAS for backups? Worst case if a failure occurs
>> I can scrouge up some old desktop or something and install vsphere? Do i
>> really need a main and backup server, vcenter server, etc?
>>
>> On Wed, Oct 22, 2014 at 5:57 PM, George Skorup (Cyber Broadcasting) via
>> Af  wrote:
>>
>>>  I wanted VSA, which was reasonable for a small cluster. Then they
>>> replaced it with vSAN and the licensing cost went to 5x more per node.
>>> There's no way I'm giving VMware any money at all after this, I will find
>>> another way.
>>>
>>>
>>> On 10/22/2014 7:03 AM, Mike Hammett via Af wrote:
>>>
>>> Did you look at VMWare's partner program?
>>>
>>>
>>>
>>> -
>>> Mike Hammett
>>> Intelligent Computing Solutions
>>> http://www.ics-il.com
>>>
>>>  
>>> 
>>> 
>>> 
>>>
>>>  --
>>> *From: *"George Skorup (Cyber Broadcasting) via Af" 
>>> 
>>> *To: *af@afmug.com
>>> *Sent: *Wednesday, October 22, 2014 12:53:04 AM
>>> *Subject: *Re: [AFMUG] Plat hardware? Any simple solutions?
>>>
>>> I've been going down this road for months trying to convince the boss
>>> that we need to do something different. Most of the problem is, the WISP
>>> software packages don't fit our overall business. So I'm still shopping,
>>> and there's nothing that all of us in the management group agree on, but
>>> we're gonna do something.. soon.. because.
>>>
>>> On the hardware front, I was pricing out VMware licensing for the
>>> configuration I want, and there was just no way that was gonna happen.
>>> The hardware came out to only about 1/4 of the overall cost.. that tells
>>> you how much the VMware licensing would be. But there's plenty of
>>> open-source virtualization projects out there like Proxmox, *stack this,
>>> *cloud that, none of which do what I want. So I've settled on getting a
>>> demo setup of oVirt running on a couple CentOS boxes and see where it
>>> takes me.
>>>
>>> On 10/21/2014 10:02 PM, TJ Trout via Af wrote:
>>> > So I'm embarrassed to say that after over 5 years I still don't have a
>>> > automated billing system and with the recent data breaches the labor
>>> > to keep updating customers cards is finally pushing me to do
>>> > something, I've been leaning towards Plat for a long time because of
>>> > the cost and popularity and the fact that my mikrotik core router can
>>> > easily integrate The problem is I'm a server N00B and have no clue
>>> > where to start on that, I was thinking that someone might have a
>>> > simple but reliable/redundant solution. I was looking at a single
>>> > vsphere host running windows for plat and linux for radius & cpanel
>>> > for the web module but I need to hire a consultant to get that done
>>> > right, then the reliability concerns/backup etc come in and by the
>>> > time the consultant was done planning my system we went from 1 box to
>>> > 4, 1 main server with all of the above services + 1 dns, a second
>>> > "backup" b

Re: [AFMUG] Does it exist ?

[Josh Baird via Af]

We just deployed them on a site and they seem to be working fine.  We have
plans to install them on 6-8 more sites.

Josh

On Mon, Nov 3, 2014 at 3:42 PM, Paul McCall via Af  wrote:

>  I know of ITElite – do they actually work well?  Are there other options?
>
>
>
> Paul
>
>
>
> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *Paul McCall via Af
> *Sent:* Monday, November 03, 2014 3:41 PM
> *To:* af@afmug.com
> *Subject:* [AFMUG] Does it exist ?
>
>
>
> Dual Polarity, Dual Band (2.4 / 5 Ghz) sector antennas?
>
>
>
>
>
>
>
>
>
> Paul McCall, Pres.
>
> PDMNet / Florida Broadband
>
> 658 Old Dixie Highway
>
> Vero Beach, FL 32962
>
> 772-564-6800 office
>
> 772-473-0352 cell
>
> www.pdmnet.com
>
> pa...@pdmnet.net
>
>
>

Re: [AFMUG] Wifi for large houses

[Josh Baird via Af]

You can host them all on a single controller in your datacenter.

Sent from my iPhone

> On Nov 4, 2014, at 2:24 PM, TJ Trout via Af  wrote:
> 
> Can't stand unifi, have them came up with a way to do it without a 
> controller? What do you do if the customer doesn't have a windows machine? 
> Install a unifi "server" ?
> 
>> On Tue, Nov 4, 2014 at 11:20 AM, Sean Heskett via Af  wrote:
>> UBNT UniFi...one SSID
>> 
>>> On Tue, Nov 4, 2014 at 12:19 PM, TJ Trout via Af  wrote:
>>> What are you guys doing to cover large homes with good wifi coverage? Any 
>>> options besides multiple routers with multiple ssid's? Does rukus or 
>>> someone make something with true roaming?
> 

Re: [AFMUG] Source for used Smart UPS XL

[Josh Baird via Af]

We buy from excessups.com and refurbups.com.  Call them to get your
pricing, it will be better than what is shown on their websites.

Josh

On Thu, Nov 6, 2014 at 11:11 AM, Josh Luthman via Af  wrote:

> Looking for another rack mountable unit and I want to throw in some bigger
> batteries.  The old unit just doesn't have the battery capacity and I'm
> afraid of asking too much of the little charger.
>
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
>

Re: [AFMUG] procera results

[Josh Baird via Af]

I was thinking the same thing.  Especially since most larger CDN's (eg
Akamai) are killing SSLv3 at their edge already.  Even if a site accepts
SSLv3, only older browsers should actually use it (IE6).

On Wed, Nov 12, 2014 at 9:50 AM, Ken Hohhof via Af  wrote:

>   I wonder if Procera lumps TLS together with SSLv3.  The stuff you see
> about POODLE leads you to believe only a small amount of legacy sites use
> SSLv3.
>
>  *From:* Kurt Fankhauser via Af 
> *Sent:* Wednesday, November 12, 2014 9:17 AM
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] procera results
>
>  so if someone is logged into google and watched a youtube video it shows
> as SSL ?
>
> Sent from my iPhone
>
> Kurt Fankhauser
> Wavelinc Communications
> P.O. Box 126
> Bucyrus, OH 44820
> http://www.wavelinc.com
> tel. 419-562-6405
> fax. 419-617-0110
>
> On Nov 12, 2014, at 9:28 AM, Joe Falaschi via Af  wrote:
>
>  That is one of my concerns with this solution.  Google already encrypts
> a fair amount of traffic.  I think if you're logged in to your google
> account it is encrypted and you can no longer identify it.  They also block
> search terms from being reported for SEO if the end user is logged in but
> that's another issue.  In any case a good portion of that SSL could be
> google video.  At the moment it's not a big deal but in the future it could
> be if others start doing the same thing.
>
> Joe Falaschi
> e-vergent.com, LLC.
>
> On 11/12/14, 7:43 AM, Ken Hohhof via Af wrote:
>
>  That’s a lot of SSLv3 considering the POODLE bug.
>
>  *From:* Brian Meredith via Af 
> *Sent:* Wednesday, November 12, 2014 1:14 AM
> *To:* af@afmug.com
> *Subject:* Re: [AFMUG] procera results
>
>  Here's our inbound traffic for last month.
>
> On Tue, Nov 11, 2014 at 9:48 PM, Bill Prince via Af  wrote:
>
>>  That's a record in my book.  We have a new sub doing a 1/2 TB a week (2
>> TB per month), and that is a high for us.
>>
>> bp
>> 
>>
>>
>>  On 11/11/2014 8:57 PM, Ken Hohhof via Af wrote:
>>
>>  Yeah, I have a new customer like that.  He was heading toward 3 TB/mo
>> usage and was complaining because he couldn’t stream Netflix and Youtube at
>> 1080p while maxing out his connection with 10 NNTPS connections.  I think
>> I’ve convinced him he needs to shut it off when he’s streaming.  Not sure
>> why he can’t schedule on and off times or limit the bandwidth.  I think
>> these people are video horders.  When you are downloading over 100 GB per
>> day, when will you watch it all?  Unless this is 4K quality.
>>
>>
>>  *From:* Mike Hammett via Af 
>> *Sent:* Tuesday, November 11, 2014 10:41 PM
>> *To:* af@afmug.com
>> *Subject:* Re: [AFMUG] procera results
>>
>>  Quality of torrents is an issue. That's why the serious guys have gone
>> back to UseNet. Automation is great.
>>
>>
>>
>> -
>> Mike Hammett
>> Intelligent Computing Solutions
>> http://www.ics-il.com
>>
>> 
>> 
>> 
>> 
>>
>> --
>> *From: *"That One Guy via Af" mailto:af@afmug.com 
>> *To: *af@afmug.com
>> *Sent: *Tuesday, November 11, 2014 8:53:12 PM
>> *Subject: *Re: [AFMUG] procera results
>>
>> when we audit through various means, we dont see much torrenting anymore,
>> I think its gone out of style with youngsters with pandora and the like
>> with cellular audio, less care about stored mp3, every video is available
>> in real time now, so why bother torrenting a movie you cant verify the
>> quality of beforehand
>>
>> On Tue, Nov 11, 2014 at 8:05 PM, Rory Conaway via Af 
>> wrote:
>>
>>>  This is amazing.  Thanks.  What’s interesting to me is how little
>>> bandwidth torrents are using.  I can put up 10 people and 2 of them are
>>> using torrents almost immediately.
>>>
>>>
>>>
>>> Rory
>>>
>>>
>>>
>>> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *Kurt Fankhauser
>>> via Af
>>> *Sent:* Tuesday, November 11, 2014 10:10 AM
>>> *To:* af@afmug.com
>>> *Subject:* Re: [AFMUG] procera results
>>>
>>>
>>>
>>> i am not blocking/shaping anything right now, that bar graph is only
>>> showing the top 10 results right now
>>>
>>> Sent from my iPhone
>>>
>>>
>>>
>>> Kurt Fankhauser
>>>
>>> Wavelinc Communications
>>>
>>> P.O. Box 126
>>>
>>> Bucyrus, OH 44820
>>>
>>> http://www.wavelinc.com
>>>
>>> tel. 419-562-6405
>>>
>>> fax. 419-617-0110
>>>
>>>
>>> On Nov 11, 2014, at 10:34 AM, Rory Conaway via Af  wrote:
>>>
>>>  Kurt, are you blocking or shaping any torrents?  I don’t see that in
>>> your chart.
>>>
>>>
>>>
>>> Rory
>>>
>>>
>>>
>>> *From:* Af [mailto:af-boun...@afmug.com ] *On
>>> Behalf Of *Kurt Fankhauser via Af
>>> *Sent:* Tuesday, November 11, 2014 8:23 AM
>>> *To:* af@afmug.com
>>> *Subject:* [AFMUG] procera results
>>>
>>>
>>>
>>> Havn't shaped any traffic yet with this procera box. But here is a graph
>>> of what kind of traffic the clients are using as a whole in 

Re: [AFMUG] Cacti Cisco BGP Template?

[Josh Baird via Af]

On what platform?  Mikrotik doesn't support BGP4-MIB (shocker).

On Wed, Nov 19, 2014 at 2:51 PM, Matt Jenkins via Af  wrote:

> Anyone have a good BGP template? I want to monitor peers, routes, updates,
> etc.
>
> Thanks,
>
> - Matt
>

Re: [AFMUG] Packetflux Syncinjector - safe to run without SiteMonitor

[Josh Baird via Af]

How else will you monitor your DC voltages and be able to power cycle your 
radios if you don't have a Base unit?

You can also monitor temperatures in your enclosure with one.

> On Nov 21, 2014, at 4:00 PM, Josh Luthman via Af  wrote:
> 
> I have a site where I'm providing DC up the tower and want to minimize 
> products up there.  Has anyone actually needed to use the SiteMonitor 
> to...monitor...the sync status and find that information useful?  I'm 
> expecting it just simply stays synced and that's the end of it.
> 
> On a side note I ordered two of them and didn't get this supposed din rail 
> mounting kit.  Is that expected?
> 
> http://store.packetflux.com/gigabit-syncinjector-for-24-volt-cambium-radios/
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373

Re: [AFMUG] ePMP and/or Gig SyncInjector problems

[Josh Baird via Af]

I don't have any spare Gigabit SI's, but let me know if you need a normal
(eg, non-gigabit) one (which will work fine).

Josh

On Sat, Nov 29, 2014 at 4:55 PM, Josh Luthman via Af  wrote:

> So I just got back...fuse popped on that SyncInjector.  Not sure why.
> There was a Ubnt Beam on it - the cable was moved to the POE injector and
> fuse replaced.  SyncInjector is working as expected right now.
>
> Sure hoping Forrest can do next day shipping on Monday =)
>
>
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
>
> On Sat, Nov 29, 2014 at 3:39 PM, Forrest Christian (List Account) via Af <
> af@afmug.com> wrote:
>
>> See http://tickets.packetflux.com/kb/faq.php?id=2
>>
>> 6 blinks = power missing/too low.
>>
>> And yes, you need a syncpipe.
>>
>> -forrest
>>
>> On Fri, Nov 28, 2014 at 6:46 PM, Josh Luthman via Af 
>> wrote:
>>
>>> Here's a video, not sure what the blinking means?
>>>
>>> https://www.youtube.com/watch?v=dME8A-H_590
>>>
>>>
>>> Josh Luthman
>>> Office: 937-552-2340
>>> Direct: 937-552-2343
>>> 1100 Wayne St
>>> Suite 1337
>>> Troy, OH 45373
>>>
>>> On Fri, Nov 28, 2014 at 8:39 PM, Josh Luthman via Af 
>>> wrote:
>>>
 *rb2011 with ports 2/3/4/5 set to hardware switch (ether2 master, 3/4/5
 slave).  Ports 6/7/8/9 are hardware switch (ether6 master, 7/8/9 slave).
 *From the rb2011 it goes to the Ethernet half of the SyncInjector.
 *From the POE half of the SyncInjector it goes to WB gigeapc HV surge
 suppressors and then to the ePMP radios.

 Two of the ePMP radios are powered up and running gige.  Neither are
 receiving CMM sync (top of the ePMP says "Not receiving GPS sync").  The
 remaining 6 APs aren't even powering up/linking up.  Any ideas before I
 start swapping parts?  Is it OK to have the surge between SyncInjectors and
 ePMP?

 On top of all of this the SiteMonitor isn't talking to the POE injector
 or the two Gig SyncInjectors.  I have them all daisy chained and verified
 they're snapped in place.  The POE injector is powering Ubnt radios just
 fine.

 Josh Luthman
 Office: 937-552-2340
 Direct: 937-552-2343
 1100 Wayne St
 Suite 1337
 Troy, OH 45373

>>>
>>>
>>
>

Re: [AFMUG] IP Management

[Josh Baird via Af]

6Connect is good.  Men & Mice is also good (but doesn't SWIP or do ARIN).
Solarwinds also has an IPAM offering.

There really isn't a good -free- solution that I know of (especially one
that hasn't turned to vaporware).  Many people will suggest IPPlan, but I
hated it (although it can be easily customized and/or modified if you have
any PHP clue).

Josh

On Sat, Nov 29, 2014 at 7:02 PM, Mike Hammett via Af  wrote:

> http://en.wikipedia.org/wiki/IP_address_management
>
> What are you guys doing for IP management?
>
> Ideally, the system I used would be free, support ARIN's RESTful API, IPv4
> and IPv6, building of DNS zones.
>
> The only one I've seen that does the ARIN stuff doesn't meet the free
> qualification. There's no price listed anywhere, only scheduling a demo.
> (6Connect)
>
> Trying to forge ahead with IPPlan, but there's been no updates in 4.5
> years and the documentation available doesn't seem to be for the beta
> version that supports IPv6.
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>

Re: [AFMUG] IP Management

[Josh Baird via Af]

It's been a few years since I demoed it, but I believe they had a free
(probably crippled) version at one time.  Enterprise IPAM products are NOT
cheap (and probably are way more involved than what you are looking for),
which is why many smaller companies/providers typically use something like
a spreadsheet or IPPlan.

On Sat, Nov 29, 2014 at 7:21 PM, Mike Hammett via Af  wrote:

> It's a couple years old, but "ProVision Suite starts at around $60,000 per
> year for a 15,000-node network, with prices increasing for larger networks."
>
> Does the price decrease for smaller networks...  like less than 10% of
> that size?
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> --
> *From: *"Josh Baird via Af" 
> *To: *af@afmug.com
> *Sent: *Saturday, November 29, 2014 7:06:47 PM
> *Subject: *Re: [AFMUG] IP Management
>
> 6Connect is good.  Men & Mice is also good (but doesn't SWIP or do ARIN).
> Solarwinds also has an IPAM offering.
>
> There really isn't a good -free- solution that I know of (especially one
> that hasn't turned to vaporware).  Many people will suggest IPPlan, but I
> hated it (although it can be easily customized and/or modified if you have
> any PHP clue).
>
> Josh
>
> On Sat, Nov 29, 2014 at 7:02 PM, Mike Hammett via Af  wrote:
>
>> http://en.wikipedia.org/wiki/IP_address_management
>>
>> What are you guys doing for IP management?
>>
>> Ideally, the system I used would be free, support ARIN's RESTful API,
>> IPv4 and IPv6, building of DNS zones.
>>
>> The only one I've seen that does the ARIN stuff doesn't meet the free
>> qualification. There's no price listed anywhere, only scheduling a demo.
>> (6Connect)
>>
>> Trying to forge ahead with IPPlan, but there's been no updates in 4.5
>> years and the documentation available doesn't seem to be for the beta
>> version that supports IPv6.
>>
>>
>>
>> -
>> Mike Hammett
>> Intelligent Computing Solutions
>> http://www.ics-il.com
>>
>
>
>

Re: [AFMUG] ePMP working for freq reuse?

[Josh Baird via Af]

Then you must not care if they are deployed correctly.

If you really need the documents, just register!  I promise, it won't kill you.

> On Dec 5, 2014, at 5:16 PM, Josh Reynolds via Af  wrote:
> 
> I was going to do that until I saw I had to register
> 
> Now I am no longer interested.
> 
> FFS Cambium :/
>  josh reynolds :: chief information officer
> spitwspots :: www.spitwspots.com
>> On 12/05/2014 12:58 PM, Sean Heskett via Af wrote:
>> https://support.cambiumnetworks.com/files/epmp/
>> 
>> scroll down and grab these two documents..they explain everything in detail
>> ePMP ABAB frequency reuse deployment
>> ePMP Configuration in a Frequency Reuse Deployment
>> 
>> we are using 20Mhz channels.  currently have about 10 subs per AP (adding 
>> more each day)  after about 3-5 subs per AP we started to notice some 
>> problems and reconfigured the APs per these guides and now everything is 
>> working as expected.  one of the main things was changing the "Subscriber 
>> Module Target Receive Level" to -50.
>> 
>> 
>> 
>> 
>>> On Fri, Dec 5, 2014 at 2:50 PM, Josh Reynolds via Af  wrote:
>>> Can you explain what their instructions are, or point me in the right 
>>> direction?
>>> 
>>> How many subs do you have connected to this 2.4 
>>> cluster? Channel widths? Thanks.
>>>  josh reynolds :: chief information officer
>>> spitwspots :: www.spitwspots.com
 On 12/05/2014 12:41 PM, Sean Heskett via Af wrote:
 yes only 3 APs so we are doing ABA
 
 but my point with the ABAB guide is that if you follow their instructions 
 it works great, if you deviate...then you can have issues.
 
 
 
 On Fri, Dec 5, 2014 at 2:36 PM, Josh Luthman via Af  wrote:
> You mean four APs?  That would be ABAB.
> 
> Three APs would be ABA.
> 
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
>> On Fri, Dec 5, 2014 at 4:34 PM, Sean Heskett via Af  wrote:
>> i have a tower with 3 2.4Ghz APs using 2 channels.
>> 
>> works great as long as you follow the freq reuse and ABAB deployment 
>> guides on the cambium epmp website.
>> 
>> 
>> 
>> On Fri, Dec 5, 2014 at 2:06 PM, Josh Reynolds via Af  
>> wrote:
>>> Anybody have ePMP setup and working in the field for freq reuse? Can 
>>> you share some info about it? Speeds, number of subs per AP, etc.
>>> 
>>> Thanks
>>>  -- 
>>> josh reynolds :: chief information officer
>>> spitwspots :: www.spitwspots.com
> 

Re: [AFMUG] Fwd: [Observium] Wireless Support (Aruba, Ruckus, Trapeze, Cisco, etc)

[Josh Baird via Af]

Observium is nice (we use it), but like you said, it's not very flexible at
ALL in terms of device support since you can't specify custom data sources
like virtually every other monitoring system.

If you are looking for custom device support, better alerting, etc - there
are many better options.

Josh

On Mon, Dec 8, 2014 at 11:23 AM, Josh Reynolds via Af  wrote:

>  (sent to wispa/wireless)
>
> That's good news... to a certain extent.
>
> Observium is (fairly) excellent at monitoring wired infrastructure. It's
> interface also moves us out of the "Dark Ages" of Nagios and others, which
> is a plus.
>
> What Observium is not good at:
> it's not very flexible in monitoring
> it's not very flexible in alerting
> it doesn't support "broken" snmp mibs that work with cacti and a few others
> it can't control devices
> it can't upgrade devices
> it doesn't bring any new features to the table for any specific product
> line
> it is a very "talkative" and network inefficient protocol - a single
> device can easily cause 500 round-trips very 5 minutes, that doesn't scale
> well
> new device support and feature graphing has to be explicitly coded in
>
>
>  josh reynolds :: chief information officer
> spitwspots :: www.spitwspots.com
>
> On 12/08/2014 05:04 AM, Mike Hammett via Af wrote:
>
> It looks like Observium is expanding a bit. In what direction, I'm not
> certain.
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>  --
> *From: *ad...@observium.org
> *To: *"Observium Network Observation System" 
> 
> *Sent: *Monday, December 8, 2014 4:35:44 AM
> *Subject: *[Observium] Wireless Support (Aruba, Ruckus, Trapeze, Cisco,
> etc)
>
> Hi All,
>
> Could those of you who are interested in wireless support email me
> off-list?
>
> I've totally lost track of who has offered to financially sponsor
> development and/or provide access to test hardware.
>
> Please include the following information :
>
> Contact/Company/Subscriber information
> What type of support you'd be willing to provide
> What type of hardware you use
> What you use the hardware for (WISP, Enterprise, etc)
>
> Additionally if you already use some other platform with your wireless
> kit, perhaps some screenshots and description of how you use the
> platform would be useful, as would any suggestions on how a wifi
> infrastructure management interface might be structured.
>
> We're not wireless infrastructure experts, but you guys might be! :)
>
> Depending upon the level of interest when everyone is accounted for, we
> might consider building specific wireless support into Observium.
>
> Please reply to this mail but change the "to" field to
> ad...@observium.org. If you use a different subject, your mail might be
> lost forever :)
>
> Thanks,
> adam.
>
> ___
> observium mailing list
> observ...@observium.org
> http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
>
>
>

Re: [AFMUG] securing power supplies in enclosures

[Josh Baird via Af]

Try to avoid individual power supplies for radios if you can.  A DC plant
with DIN mounted PoE injectors (eg, SyncInjectors, POE8's, GigEAPC-POEs,
etc) typically clean your box up quite a bit.

On Mon, Dec 15, 2014 at 12:20 PM, That One Guy via Af  wrote:
>
> anybody have a cheap universal solution for the different size power
> supplies and poe injectors?
>
> I finally have a mix of rack and DIN in our enclosures to handle most of
> the gear keeping it pretty, but the power supplies are the problem now.
> Velcro is good, but they tend to slide out. Zip ties are perfect, except in
> a pinch nobody has them or uses them and just throws power supplies in the
> box loose.
>
> --
> All parts should go together without forcing. You must remember that the
> parts you are reassembling were disassembled by you. Therefore, if you
> can't get them together again, there must be a reason. By all means, do not
> use a hammer. -- IBM maintenance manual, 1925
>

Re: [AFMUG] DC plant DIN rail UPS

[Josh Baird via Af]

Have you looked at the Traco chargers and power supplies?

On Tue, Dec 16, 2014 at 11:22 AM, Bill Prince via Af  wrote:

>
> We just had a bad experience with a battery charger/battery backup that
> did not work as expected.
>
> We're looking at this right now:
>
> https://www.tessco.com/products/displayProductInfo.do?sku=516011
>
> What we like about this is that it has separate connections for battery &
> load, and also does automatic battery tests with an alarm output.
>
> Is anyone using something similar that they like?
>
>
> --
> --
> bp
> 
>
>
>

Re: [AFMUG] ISP Radio Wednesday -- Bridged vs Routed

[Josh Baird via Af]

I'm hoping that this show will actually discuss the advantages of a
"non-routed" L2 bridged network using MPLS, VLANs or whatever.

Josh

On Wed, Dec 17, 2014 at 10:40 AM, Mark Radabaugh via Af 
wrote:
>
> That statement is so completely wrong I'm not even sure where to start.
>
> Ah well... just keep going exactly the opposite direction of the overall
> industry.  Good luck with that.
>
> Mark
>
>
> On 12/17/14, 10:33 AM, Mike Hammett via Af wrote:
>
>> Seems like an awfully quick show. Are you bridging? *slap* Stop it.
>>
>>
>>
>> -
>> Mike Hammett
>> Intelligent Computing Solutions
>> http://www.ics-il.com
>>
>> - Original Message -
>> From: Dennis Burgess via Af 
>> To: af@afmug.com
>> Sent: Wed, 17 Dec 2014 09:25:22 -0600 (CST)
>> Subject: [AFMUG] ISP Radio Wednesday -- Bridged vs Routed
>>
>>    http://www.ispradio.com/
>> images/ispLogoWoodWhite.PNGCo-Host Dennis Burgess will be discussing
>> bridging vs routing with host Steven Grabiel. Join us live and ask
>> questions about “Bridging vs Routing”
>>
>>
>> Wednesday 11am CST
>>
>>
>> Don’t forgot you can download the previous episodes to put on your media
>> player and listen while in your car free of charge by going to <
>> http://www.ispradio.com> www.ispradio.com Remember to sign into the live
>> chat to ask questions! You can find our Podcast on I-Tunes !
>>
>>
>> n UPCOMMING SHOWS!
>>
>> n December 24th – No Show –Happy Holidays
>>
>> n January 14th – Nathan Stooke from WISPERISP will be talking about “Over
>> the Top TV”
>>
>> n January 21st – Anand Buch CEO of Netsapiens
>>
>> n January 28th – Patrick Leary with Telrad
>>
>>
>>
>>
>> Dennis Burgess, Co-Host of ISP Radio!
>>
>>    http://www.ispradio.com
>>
>>
>>
>>
>>
>>
>
> --
> Mark Radabaugh
> Amplex
>
> m...@amplex.net  419.837.5015 x 1021
>
>

Re: [AFMUG] ISP Radio Wednesday -- Bridged vs Routed

[Josh Baird via Af]

Hey now - I'm with ya!  I just need to be educated.

Josh

On Wed, Dec 17, 2014 at 10:55 AM, Mark Radabaugh via Af 
wrote:
>
>  MEF, PBB, PBB-TE, MPLS, VLAN, G.8032, ERPS, VLAN, etc. are all valid
> alternatives to a L3 routed network.   All of these are tools in the
> toolbox.
>
> If you insist that the only proper tool is a hammer that's your choice -
> but I don't think the results are going to be all that pretty.
>
> Mark
>
> On 12/17/14, 10:49 AM, Josh Baird via Af wrote:
>
> I'm hoping that this show will actually discuss the advantages of a
> "non-routed" L2 bridged network using MPLS, VLANs or whatever.
>
>  Josh
>
> On Wed, Dec 17, 2014 at 10:40 AM, Mark Radabaugh via Af 
> wrote:
>
>> That statement is so completely wrong I'm not even sure where to start.
>>
>> Ah well... just keep going exactly the opposite direction of the overall
>> industry.  Good luck with that.
>>
>> Mark
>>
>>
>> On 12/17/14, 10:33 AM, Mike Hammett via Af wrote:
>>
>>> Seems like an awfully quick show. Are you bridging? *slap* Stop it.
>>>
>>>
>>>
>>> -
>>> Mike Hammett
>>> Intelligent Computing Solutions
>>> http://www.ics-il.com
>>>
>>> - Original Message -
>>> From: Dennis Burgess via Af 
>>> To: af@afmug.com
>>> Sent: Wed, 17 Dec 2014 09:25:22 -0600 (CST)
>>> Subject: [AFMUG] ISP Radio Wednesday -- Bridged vs Routed
>>>
>>>   <http://www.ispradio.com/>
>>> http://www.ispradio.com/images/ispLogoWoodWhite.PNGCo-Host Dennis
>>> Burgess will be discussing bridging vs routing with host Steven Grabiel.
>>> Join us live and ask questions about “Bridging vs Routing”
>>>
>>>
>>> Wednesday 11am CST
>>>
>>>
>>> Don’t forgot you can download the previous episodes to put on your media
>>> player and listen while in your car free of charge by going to <
>>> http://www.ispradio.com> www.ispradio.com Remember to sign into the
>>> live chat to ask questions! You can find our Podcast on I-Tunes !
>>>
>>>
>>> n UPCOMMING SHOWS!
>>>
>>> n December 24th – No Show –Happy Holidays
>>>
>>> n January 14th – Nathan Stooke from WISPERISP will be talking about
>>> “Over the Top TV”
>>>
>>> n January 21st – Anand Buch CEO of Netsapiens
>>>
>>> n January 28th – Patrick Leary with Telrad
>>>
>>>
>>>
>>>
>>> Dennis Burgess, Co-Host of ISP Radio!
>>>
>>>   <http://www.ispradio.com> http://www.ispradio.com
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>   --
>> Mark Radabaugh
>> Amplex
>>
>> m...@amplex.net  419.837.5015 x 1021 <419.837.5015%20x%201021>
>>
>>
>
> --
> Mark Radabaugh
> Amplex
> m...@amplex.net  419.837.5015 x 1021
>
>

Re: [AFMUG] Big Boy provisioning

[Josh Baird via Af]

DOCSIS configuration files are typically generated on the fly in response
to a TFTP request from the CPE/cable modem (at least for the big guys).

On Wed, Dec 17, 2014 at 9:56 PM, Mike Hammett via Af  wrote:
>
> How do the big boys manage their gear? LTE base stations, DSLAMs, cable
> headends, etc.? Surely they don't all have web interfaces. I assume you
> plug them in, they pull some config from a central server, etc.
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
>

Re: [AFMUG] Micro cell with NAT mode FSK

[Josh Baird via Af]

They are branded as "Microcells."  I have one at my house.

On Fri, Dec 26, 2014 at 7:08 PM, Eric Kuhnke via Af  wrote:

> That's a pico cell, micro cells are what you might find carrier-operated
> in a shopping mall.
> On Dec 26, 2014 6:14 PM, "timothy steele via Af"  wrote:
>
>>  Just ran into a ATT microcell that would not work with the SM in NAT
>> mode routers WAN was on a DMZ IP anyone else run into this?
>>
>> Thanks
>>
>> —
>> Sent from Mailbox 
>>
>

Re: [AFMUG] Cambium CMM4

[Josh Baird via Af]

It sounds like you are asking for a CTM2?  :)

On Sat, Dec 27, 2014 at 6:38 PM, David Milholen via Af  wrote:

>  Dear Cambium,
>  we love the current CMM4,but we need gigE interface support and power
> monitoring via snmp.
> Also, can we get a dual input for either or DC supply 48/24v and be able
> to dial down via software
> from 48 to 29.
> We need these basics with or without a switch.
>  I know Im asking alot here but the 450's deserve better LOL
> thanks
> Dave
>
> --
>