I have seen some service providers that use certificates for client authentication, so that any browser without the certificate will be rejected. However, the browsers with trusted certificates could access their portals without login. How exactly can I do similar setup on the server side?
Server Setup: Microsoft DNS + Microsoft DHCP server
Client Setup: Linux live CD as DHCP client
Question: dhclient could get the IP assignment from Microsoft DHCP server, I could see the entry on the sever side, but somehow I can't get the DDNS update / add on Microsoft DNS server, what exactly goes wrong?
OS: Ubuntu 18.04.4 LTS Kernel version: 4.15.0-76-generic Storage type: RAID10 (4 x SSD)
Question: is it a bug for this version of kernel? EXT4 run a lot slower when we perform same SQL insert test; XFS respond a lot healthier at 2K INSERT + 2K UPDATE while EXT4 only have 59 for both.
IOSTAT also showing EXT4 was at 98.4% utilization.
Another test: everything is the same, upgraded kernel to 5.6.0-050600-generic
EXT4:
XFS:
As title, it seems not safe to run everything on root, especially when playbook server get hacked and it could ssh into any machines on the Ansible host list, what's the solution for this security problem?
Here is the setting on server A:
iface serverA_gre0 inet tunnel
address 172.24.0.85
mode gre
endpoint x.x.x.x
dstaddr 172.24.0.86
netmask 255.255.255.252
ttl 255
Setting on server B:
iface serverB_gre0 inet tunnel
address 172.24.0.86
mode gre
endpoint x.x.x.x
dstaddr 172.24.0.85
netmask 255.255.255.252
ttl 255
Without "ttl 255":
traceroute to 172.24.0.86 (172.24.0.86), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 172.24.0.86 54.507 ms 62.888 ms 51.369 ms
With "ttl 255":
traceroute to 172.24.0.86 (172.24.0.86), 30 hops max, 60 byte packets
1 172.24.0.86 51.123 ms 51.733 ms 51.943 ms
What exactly cause those "*" issue when TTL 255 isn't exists?
I have a RAID1 setup with two 3TB disk, is it possible for me to buy two 4TB disk and expand my DiskGroup?