Time Sync for Domains, Take 2

Uncategorized
The recommendation for this has changed over the years from Microsoft. Originally the wisdom was to disable the time sync on DCs and let them figure it out, then the idea was to enable time sync partially, and finally enable time sync entirely. These changes have come with the major revision changes, and since we're now into the 2019 release cycle, it makes sense for it to change again. This time, it appears that they've gone toward the same standard that VMWare has preached, which is setting the hosts as a valid time source and to enable the time sync guest service. If you're running your domain controllers on a Hyper-V host, and those hosts are part of a domain, that is as simple as setting a group policy under…
Read More

A quick side-note about ergonomics.

Layer 8
Preface: I am not a doctor, nor am I professional ergonomist. Please talk to a professional if you think you need help. For most of the people reading this, you spend at least eight or more hours sitting at a computer. Doing this while not taking care to have good posture can lead to some serious negative effects. (more…)
Read More

Azure Networking or: How I Learned to Stop Worrying and Love Dynamic Addressing

Cloud, Networking
Very few things need statically assigned addresses anymore.  Routers, which includes load balancers and firewalls, and DHCP servers being the top of the list.  Once you move to the cloud, those two are handled for you. If you set a static IP on a device in Azure, it will actually break the networking on the device in strange and interesting ways.  You must configure the networking via the portal, PowerShell, or API.  The "static" IPs you assign from the portal are actually DHCP reservations.  This centralization of IP management makes it incredibly easy to prevent conflicts, track resource utilization, and programatically apply CRUD to the network.  On top of that, it removes the hassle of remembering where to set the IP on the host (/etc/network/interfaces vs /etc/sysconfig/network-scripts vs Set-NetIPAddress). A…
Read More

Of defaults and bad ideas

Networking
Since CloudFlare has taken over 1.1.1.1 and 1.0.0.1, they have started pulling back the curtain on some really ugly default settings.  From router configs with hardcoded ips to really bad documentation not using the RFC5737 IPs, it's apparent that companies great and small are bad users of the internet. To help fight that, please use only your allocated space (either from your RIR or ISP), and for generic documentation use the correct IP space.  1.1.1.1, 2.2.2.2, and 3.3.3.3 are all valid IPs, and it's very unlikely that you own them. For documentation, please use the following subnets (RFC5737 and RFC3849): 192.0.2.0/24 198.51.100.0/24 203.0.113.0/24 2001:DB8::/32 In the same vein, for documentation, please use the following domains (RFC2606): example.com example.net example.org For internal networks, please use the following IPs if you absolutely…
Read More

Update: Stratum 1 Pi Clock, now with RTC

Linux, Raspberry Pi
To improve my stratum 1 clock, I added something I wish the RPi had from the factory, a real time clock (RTC). I found a cheap DS3231 rtc module, which is the successor to the less accurate DS1307. The module I found just plugged into pins 1 (3v3),3 (SDA), 5(SCL), 7(GPCLK0), and 9 (GND), which meant it didn't interfere with the pins I used for the GPS module. Even better, it was only around $1 shipped. (more…)
Read More

Time Sync and Virtual Domain Controllers

Windows
UPDATE [2019/04/30]:  It appears that these recommendations have changed.  See this new post. This is a brief guide on how to set up the time services on a Windows Server running under Hyper-V, specifically Active Directory servers. (more…)
Read More