The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,860 other subscribers

Archive for the ‘Endian’ Category

ECC vs non-ECC RAM: The Great Debate (via: Nex7’s Blog). Use the ECC dude.

Posted by jpluimers on 2014/03/30

Read this very nice post on Nex7’s Blog: ECC vs non-ECC RAM: The Great Debate.

There is no debate. Use ECC dude.

Use ECC especially for server side things (storage, virtualization, databases, etc) where you employ some kind of redundancy/correction in the storage (ZFS, RAID, etc) side of things.

And think about using ECC for the rest of your stuff, especially when things stay in memory for a longer period of time (in-memory processing of data can speed up things a lot, but also increase the risk).

Summary:

There is no debate here. None.

[…]

if you think non-ECC RAM can compete with ECC RAM, you are mistaken. If you think there’s a risk/reward analysis here, you’re correct. The risk is not gigantic, and there’s a real cost to alleviating that risk. You have to decide if that cost is worth alleviating that risk.

[…]

If you believe there’s a risk/reward plan where you can take the reward and apply to to mitigate the risk, you are back to being mistaken. The only benefit of non-ECC RAM (and thus the only reward in its choice over ECC RAM) is it will make the solution cheaper. There is not, however, any way (that I’ve heard of, yet) you can use the cost savings to mitigate the risk using non-ECC RAM will introduce.

[…]

If you choose to use non-ECC RAM, you open yourself up to a new vector for data corruption/loss/downtime/errors/etc,

one that could (rarely) even cause you to lose your entire filesystem, and one ZFS does not (cannot) resolve for you. Indeed, one it likely can’t even see at all. If you choose to employ non-ECC RAM, or are forced to do so because of circumstance or environmental constraint, that’s potentially understandable (and even acceptable) – but do not then attempt to validate or explain away that choice with pseudoscience or downplaying the risk you’ve added. You are using an inferior solution with an extra vector for data corruption/loss that ECC RAM solutions simply do not have. It is that simple.

[…]

Hint 3: There’s a reason we’re so gung-ho about using ECC RAM for ZFS, and it’s not just because we’re paranoid about data loss (which goes hand in hand with being a ZFS zealot, really). It is because you likely don’t realize how at risk you are. Due to the nature of how ZFS handles writes, your incoming (write) data is at risk of RAM-related bit errors for likely significantly longer than traditional storage solutions or alternative filesystems. 5, 10, 30, 60 or more seconds in a state where it is at risk.

Read the rest of this entry »

Posted in *nix, ECC memory, Endian, ESXi4, ESXi5, ESXi5.1, ESXi5.5, Hardware, Hyper-V, Linux, Memory, Power User, SuSE Linux, VMware, VMware ESXi, Windows, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2 | Tagged: , | Leave a Comment »

vi intro — the cheat sheet method (via: IBM developerworks)

Posted by jpluimers on 2014/03/27

IBM isn’t all about dry corporate stuff and sometimes hard to read redbook documentation (:

I love the way they lead you do build your own VI cheat sheet step by step in vi intro — the cheat sheet method.

It is basically a vi tutorial that helps you to build up your own cheat sheet.

–jeroen Read the rest of this entry »

Posted in *nix, Cygwin, Endian, ESXi4, ESXi5, ESXi5.1, ESXi5.5, Linux, Power User, SuSE Linux, vi, VMware, VMware ESXi | Leave a Comment »

Unix/Linux ln command, I always forget of the left part is the file or link (it is the file)

Posted by jpluimers on 2013/12/06

Like forgetting about the tar syntax, I usually forget which is the left parameter in an ln command (the file or link? it is the file!)

Thanks [WayBackcyberciti.biz:

There are two types of links

  • symbolic links: Refer to a symbolic path indicating the abstract location of another file
  • hard links : Refer to the specific location of physical data.

To create a symbolic link in Unix or Linux, at the shell prompt, enter the following command:

ln -s {target-filename} {symbolic-filename}

–jeroen

via: How to: Linux / UNIX create soft link with ln command.

Posted in *nix, Cygwin, Endian, Linux, Power User, SuSE Linux | 2 Comments »

Relevant files for ssh-keygen – Wikipedia, the free encyclopedia

Posted by jpluimers on 2013/05/13

Edit:

After writing this, DSA got deprecated then later removed. See [WayBack] Secure Secure Shell.

When working with SSH private/public keys (often because of ssh-keygen), and using DSA for auhtentication, these are the relevant files:

  • $HOME/.ssh/id_dsa:
    (on the local system)
    The $HOME/.ssh/id_dsa file contains the protocol version 2 DSA authentication identity of the user.
  • $HOME/.ssh/id_dsa.pub:
    (on the local system)
    The $HOME/.ssh/id_dsa.pub file contains the DSA public key for authentication when you are using the SSH protocol version 2. A user should copy its contents in the $HOME/.ssh/authorized_keys file of the remote system where a user wants to log in using DSA authentication.
  • $HOME/.ssh/authorized_keys:
    (on the remote system)
    The $HOME/.ssh/authorized_keys file contains authorized DSA public keys (each line is the contents of a $HOME/.ssh/id_dsa.pub file) of users on systems that are auhorized to login on the remote system.

Important:

Be sure to transfer the contents of the local $HOME/.ssh/id_dsa.pub file to the remote system in a secure way.

–jeroen

via ssh-keygen – Wikipedia, the free encyclopedia.

Posted in *nix, Apple, Cygwin, Endian, Linux, Mac, Mac OS X / OS X / MacOS, Mac OS X 10.4 Tiger, Mac OS X 10.5 Leopard, Mac OS X 10.6 Snow Leopard, Mac OS X 10.7 Lion, OS X 10.8 Mountain Lion, Power User | Leave a Comment »

Link update because of rot (*nix – Mastering the VI editor)

Posted by jpluimers on 2012/09/17

Link rot stroke again: New link for Mastering the VI editor.

These are useful too:

–jeroen

via *nix – Mastering the VI editor « The Wiert Corner – irregular stream of Wiert stuff.

Posted in *nix, Cygwin, Endian, Internet, link rot, Linux, Power User, vi, WWW - the World Wide Web of information | Leave a Comment »

SSH tricks

Posted by jpluimers on 2012/08/24

SSH tricks

SSH tricks

Recommended reading:  SSH tricks

Quote:

SSH is a protocol for authenticating and encrypting remote shell sessions.

But, using SSH for just remote shell sessions ignores 90% of what it can do.

$ ssh home -L 80:reddit.com:80

This article covers less common SSH use cases, such as:

  • using passwordless, key-based login;
  • setting up local per-host configurations;
  • exporting a local service through a firewall;
  • accessing a remote service through a firewall;
  • executing commands remotely from scripts;
  • transfering files to/from remote machines;
  • mounting a filesystem through SSH; and
  • triggering admin scripts from a phone.

–jeroen

via: SSH tricks.

Posted in *nix, Apple, Cygwin, Endian, Internet, Mac OS X 10.5 Leopard, Mac OS X 10.6 Snow Leopard, Mac OS X 10.7 Lion, MacBook, MacBook-Air, MacBook-Pro, Power User | Leave a Comment »

OpenVPN connect to the same LAN (bridged mode) (via: The VPN Menu — Endian UTM Appliance v2.4 documentation)

Posted by jpluimers on 2012/08/03

Another research item:

Need to provide access through OpenVPN to the same LAN as where the OpenVPN server runs on.

This is unusual, and requires a bridged OpenVPN solution.

Jürgen Schmidt wrote a nice article on this in 2008.

Endian community edition seems to support this out of the box:

Server configuration

In this panel you can enable the OpenVPN server and define in which zone it should run.

OpenVPN server enabled

Click this to make sure the OpenVPN server is started.

Bridged

If you want to run the OpenVPN server in one of the existing zones check this box. ..

note:

If the OpenVPN server is not bridged you must set the
firewall rules in the VPN firewall to make sure clients
can access any zone - unless you do not want them to.

VPN subnet

This option is only available if you disable bridged mode, which allows you to run the OpenVPN server in its own subnet that can be specified here.

Bridge to

If bridged mode has been selected here you can choose to which zone the OpenVPN server should be bridged.

Dynamic IP pool start address

The first possible IP address in the network of the selected zone that should be used for the OpenVPN clients.

Dynamic IP pool end address

The last possible IP address in the network of the selected zone that should be used for the OpenVPN clients.

–jeroen

via: The VPN Menu — Endian UTM Appliance v2.4 documentation.

Posted in *nix, Endian, Linux, OpenVPN, Power User | Leave a Comment »

Updating your Endian FireWall Community Edition appliance

Posted by jpluimers on 2010/11/08

When updating one of my Endian FireWall Community Edition VMs, I found out that one of my test VMs was still at version 2.2rc3.

Two important points: The update site (which you can use if you registered) tells you to follow 5 steps to keep your Endian Firewall Community up to date, but forgets to:

  1. point you to the Endian documentation on enabling SSH
  2. mention that one of the steps is conditional, and the condition is phrased “If your Endian Firewall Community is older than version 2.2“.
    Note that all the 2.2 rc versions are considered older than version 2.2, so in those cases, you also need to perform this:

Read the rest of this entry »

Posted in *nix, Endian, Power User | Leave a Comment »

Endian –  Register EFW Community: watch your email addresses

Posted by jpluimers on 2010/10/08

Endian is a nice *nix based open source firewall appliance which has a free Community Edition (which always is a virtual appliance) and paid (either virtual or physical) edition.

It does a lot of things, including spam filtering, http caching, proxying, VPN, DHCP, routing, et cetera.
Those things are done very well, in a reasonably small footprint:

Registering for their community edition is meant to enable the on-line update mechanism for it.
It is supposed to work like this:

  1. You enter your email address
  2. They dispatch a mail to you with a verification link
  3. Clicking the verification link confirms that email address, and flags it in their database as valid for Endian Community updates
  4. You enter the same email on your Endian appliance to get updates

But using that registration is hard: their registration mechanism has at least two flaws: Read the rest of this entry »

Posted in *nix, Endian, Power User | Leave a Comment »

Moving my VMs from ESX 3.5 to ESXi 4.1

Posted by jpluimers on 2010/09/23

After doing quite a bit of research and testing, these are the steps I used to move my VMs from an ESX 3.5 box to an ESXi 4.1 box. Read the rest of this entry »

Posted in Endian, ESXi4, Power User, Veeam | Leave a Comment »