As promised... I still think it's corny, but oh well, I had fun, ha ha!

'twas the night before Christmas and all through the house
the AC was running 'cause we live in the South.

The stockings were hung by the windows with care.
Hope Santa don't find them, they need some fresh air.

The children were plastered with sweat to their beds
While visions of cold lakes danced in their heads.

And Mama in her bikini and I in my speedo
We settled out brains while watching Jay Leno.

When out in the kitchen there arose such a clatter.
I sprang from the bed to see what was the matter.

Away to the fridge I flew like a flash.
Tore open the freezer and saw more ice crash.

The moon on the deck all covered with straw.
I saw three deer and heard a crow's caw.

When what to my wondering eyes should appear
A gigantic sleigh pulled by 4 John Deere.

With a heavy old driver a thunder and crack.
I smacked my forehead, I knew it was Jack.

Louder and Louder his tractors they came
He cursed and he shouted and hollered the same.

"Aww come on you pieces of trash. Go! I'm fixen
to tear you a new one and take you to Dixon!"

To the top of the dell to the top of the hill!
Roll away, roll away, watch out for Jill!"

As dry clay before the wind blows,
I saw them take flight, to where God only knows.

So past the tree tops and hillside they flew,
There went the sleigh and even Jack too.

And then in a moment I heard a loud jingle.
On top of my house stood old Kris Kringle.

Down the chimney he flew with a crash,
He covered the room and kitchen with ash.

A bundle of what-nots and things on his back.
He opened his sack, even that was black.

His bald head did shine and sparkle by light.
His face was all red from the suntan he had.
He laughed and laughed, I thought he was mad.

His mouth drew up to curl with a smile.
I wondered if he might stop and stay for a while

I offered him a smoke from grampa's old pipe.
The tobacco, it burned, but boy was it ripe.

He had a broad face and a fat big ol' belly.
It jiggled and wiggled like marmalade jelly.

I laughed when I saw him in spite of myself.

A shake of his nose and a jerk of his thumb
Told me I could go back to bed and play dumb.

He went straight to work with a clothes pin attached.
He filled the old stockings with all kinds of snacks.

He bowed ever so slightly and gave up a nod.
In a poof he vanished leaving only fresh sod.

I heard him shout out, "My God it is hot!"
Then he bellowed and cried:
"Merry Christmas All Y'all and to all a Good night!"

ZeroTier Site-To-Site Setup

ASSUMPTIONS:

• Site A is on 192.168.10.0/24
• Site B is on 192.168.122.0/24
• Site A's VM is 192.168.10.2 for the Local Network
• Site A's VM is 10.0.0.107 on the ZT Network
• Site B is 192.168.122.1 on the Local Network
• Site B is 10.0.0.129 on the ZT Network.

Step 1: Build a Private Network on https://my.zerotier.com

Step 2: Spin up a Linux VM at each site. Connect and authorize them to the ZT Network and note their IP address. For instance:

Some folks have reported SIGNIFICANT performance improvement when using 2 cores / 2 vcpus for the Linux VMs.

Step 2B. Enable IP_Forward:

Follow your distribution's instructions to enable ip_forward and make it a permanent change... On most distros, this should work:

sudo echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf

You can then sysctl -p /etc/sysctl.conf to reload the configuration or reboot.

sysctl net.ipv4.ip_forward should return

net.ipv4.ip_forward = 1

if everything is going to work correctly.

Step 3: From either of the Linux VMs, ensure that they can ping one another on the ZT Subnet.

Step 4: Set up the Routes inside on https://my.zerotier.com

*Once you set up the routes in ZeroTier Central, you do not have to manually add them to your Linux VMs.

Step 5: Set up the Site Routes at the Routers for Site A and Site B

SITE A Main Router:

You'll notice for the router at Site A that I am using the INTERNAL network address of my Linux VM.

SITE A Linux Router VM:

[email protected] /root # ip route
default via 192.168.10.1 dev eth0 onlink
10.0.0.0/24 dev zt1  proto kernel  scope link  src 10.0.0.107
192.168.10.0/24 dev eth0 proto kernel  scope link  src 192.168.10.2
192.168.20.0/24 via 10.0.0.116 dev zt1
192.168.122.0/24 via 10.0.0.129 dev zt1

SITE B, KVM Server, no need for separate VM:

[email protected]:/root# ip route
default via <my public ip> dev eth0 onlink
10.0.0.0/24 dev zt1 scope link  #ZT Subnet
192.168.10.0/24 via 10.0.0.107 dev zt1 #SiteA, 10.0.0.107 is the ZT IP for the Linux VM at Site A
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1  #This server is Site B

**This was done on systems that do not have UFW or firewall-cmd enabled. You may have to set them up to allow traffic between your sites.

Okay... I think that's it. Mine is working.

If you have any questions or comments, ask away!

https://media.giphy.com/media/3o6Ztb7XLKUxB7b2SI/giphy.gif

Samsung phones on their way back to the factory.

I was actually paying a little attention. I got the Dev 3 plan that's listed as $140 on the Web Site. I paid through Paypal and was only charged $70.

So it's all good. 8-)

Somewhere in another thread, somebody asked for a song about Mangolassi... So here it is. To the Tune of Beverly Hillbillies...

Now this is the story about N-T-G.
They made a forum; called it Mangolassi.
Then one day @scottalanmiller was looking for some food
@Minion-Queen showed up with a bubbling crude.
Mangos, that is.  Fruit drink, with alcohol.

Then @art_of_shred took a drink and said "Wheeeeeeee"
then they found him in the neighbor's tree.
Pecans or cherry?  I really can't see.
Then @scottalanmiller  said save some for me.

@bnrstnr said in What Are You Doing Right Now:

The VP of our company had his email hacked over the weekend. 4000+ spam emails sent from his account and a return email for each one stating that Microsoft couldn't deliver because it was flagged as spam.

I don't even know where to start with this because I know he kept plain text passwords in emails to himself. It's looking like they just hacked it to spam people, but who really knows? It appears that they had access for about a week and launched the spamming Saturday morning.

He had over 13,000 things in his deleted folder, too... I'm thinking he was using that as an archive.

He needs to wear this shirt for two weeks:

@Minion-Queen said in MangoCon 2017:

@Tracy_Burton said in MangoCon 2017:

@Minion-Queen
Sorry...When I see something posted, I assume its not still in progress.

As you should @scottalanmiller is the issue here

Pro Tip: If you want to keep a secret, don't tell @scottalanmiller .

@wirestyle22 said in Handling Downvotes:

@scottalanmiller said in Handling Downvotes:

@dbeato said in Handling Downvotes:

Imaging this on SW lol

I'm imagining a big ball of flames crashing from the sky in NJ.

Take the wheel jesus

I recently discovered a VPN-like service called ZeroTier (http://www.zerotier.com) that works similar to Hamachi or maybe Pertino (never used Pertino though!). Basically, it builds out a network within the internet... Each client would get an IP address in the IP space you specify (Private IPs, a la 192.168 or 172.16, et al). And each device in that network will be able to communicate with other devices that are connected and authorized.

The Technical FAQ on their site (https://www.zerotier.com/tech_faq.shtml) does a better job of explaining the way the nodes communicate than I can off the top of my head. The way the connection setups and everything works kinda reminds me of a P2P type application.

If you create an account on their web site and use their Controllers, the setup is quick and easy; their system provides networks that are free for up to 10 devices. You can also pay them a monthly fee of $4 per month per Network of more than 10 devices. There are currently clients for Windows (7 and up, including Server Editions), Mac, and Linux. It should also work on BSD based OSes as well, but you will have to compile it yourself. An Android version is in the works, but I am not sure about iDevices.

The software itself is open source, and you can build your own controller and create networks as large or small as you want. However, they do not offer a GUI by which to do this yet for self-hosted controllers, so you are left using the REST API for configuring the networks.

As an example, my current network runs on a hosted Linux VM as the controller, and it has my laptop, my office machine, and two other VMs connected to it. Each machine has an IP address of 192.168.y.z/24 The underlying OS sees those as actual network interfaces... IE: on my linux controller, it is listed as ztX, and in Windows, it shows up as another ethernet devie in Network & Sharing Center; I don't have a Mac to test on at the moment. You can also specify which subnet you want to use for your ZT Network, as long as it is not a publicly routable network, you should be fine.

They do have a gateway capability built in, but I have not tested it yet. It appears that you can have one of your client VMs provide access to the subnet behind it (equivalent of site to site VPN).

You can configure a network to be public or private. With the public, as the name suggests, no authorization is required and anybody that joins up will be granted an IP address. In a private network, each device that joins has to be manually authorized before it is issued an IP address on the network.

Using my own controller at the moment, things seem rather snappy. I get an average 45 - 50 ms ping time between one node and another. (I get a similar ping time using the public IP addresses between the two networks). I Copied a 2 megabyte file from SystemA to SystemB in ~3 seconds (would have been faster...but Windows...).

I did have to write my own PHP scripts for creating networks, deleting neteworks and authorizing devices (Not sure how to handle JSON in BASH / Shell scripting).

So far, it looks to be a secure VPN package with some nice level of controls. They are laying the groundwork for allowing rules (ACLs, if you will) so you can specify which devices can communicate to where, and in a true security first setup, unless you have a specific accept (allow) rule, the traffic is dropped.

The following screenshot is the admin dashboard on their site. Everything should be self explantory, but if you don't know what a setting is for ,the help menu along the right hand side provides a good enough bit of information to help.

Edit: Posted the dashboard screenshot, and fixed a few typos.

Update 8/31/2015 I got the Bridging feature that will let a ZeroTier Client become a bridge for the network that it sits in front of working. This effectively provides site-to-site or client-to-site VPN funcitonality. This feature has to be enabled for the devices using the server-side CLI if you are using your own controller.

IE: My home Network has a ZeroTier IP of 192.168.251.250, and my internal IP addresses are 192.168.10.1-254... So on my client, I add a route to 192.168.10.0/24 via my client's ZeroTier IP address... On my Linksys at home, I add a route for 192.168.251.0 via 192.168.10.10 (the LAN IP address of the ZeroTier client inside of my home network).

Hi all! I'm Brant Wells from Georgia way down south. I am currently working as an IT Minion for a college.

@scottalanmiller
Analogy: I crash car into a tree, blame mechanic.

Yay, Tuesday. That is all.

Things have been crazy around here with Vendors being stupid, and higher ups knee-jerking about "major security vulnerabilities" in apps that we don't have available off-site.

Finally got all the fires of the last week and a Monday put out.

@gjacobse said in What Are You Doing Right Now:

Unintentional post storm walk,… office I was at for training has no power, generator won’t start either… build been down since mid afternoon Friday now.

Walking the warehouse may have found previously unknown roof damage. That’ll add to the Monday stress…

That's always fun.

If you're already using NextCloud anywhere...

@notverypunny said in What Are You Doing Right Now:

ReadOnlyFriday before March Break with the SO and kiddos

We do the ROF and ROM (Read only Friday / Read only Monday) here most of the time. Occasionally we'll have to do something on a Monday. But maybe 2x a year do we make any major changes on a Friday.

@DustinB3403 said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

Morning all. Having the coffee!

Ditto

Yay, coffee! I'm trying to get out of my second of 4 meetings before noon. /cry

@EddieJennings said in What Are You Doing Right Now:

@RojoLoco said in What Are You Doing Right Now:

@EddieJennings said in What Are You Doing Right Now:

Experimenting with mdadm while recovering from Covid.

OH.... At a glance, I thought you had misspelled MDMA...

Ha!

The last couple of days have seen me sitting in my chair resting and being useless. I'm returning to work tomorrow and thankfully have no commute :).

We like no commute. My last few weeks have been just bouncing from one project to the next.

@RojoLoco said in What Are You Doing Right Now:

At the data center getting the final stuff set up for our disaster recovery system / 3rd backup.

Sweet! I wish you luck and good testing! ... You are going to test it, right?

@Obsolesce said in What Are You Doing Right Now:

@siringo said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

Just got home from the Anza-Borrego Desert State Park. Definitely recommend!

got any photos? I'd love to see it. What state is in ??

Got a lot of 'em, but it's late and time to get to bed. Here's one awhile of the nice desert scenery and mountains in the background we found on the way home:

Am I the only one that suddenly turns into a 5 year old when I see this picture?

@pmoncho Does SHIFT+ENTER work?