Can't think of whether such a person could exist...even though I have to varying degrees a lot of those skills...but I'm a Unix Systems Administrator....and have been in and around Unix since 1987. Though started out as an EE (with minor in Computer -- they didn't offer a major until a few years after I graduated) working as a research engineer in the field of combustion dynamics (they company had some sophisticated simulation software that ran on a Honeywell mainframe and limited versions on DOS, when they decided they would go commercial and develop it for Unix with a X/Motif interface, etc.)
I did a lot of other things while there...like first network, getting a full-time internet connection....(ISDN)....trying to balance security and access. It had be decreed that the accounting system would be on an isolated network from the rest of the Engineers. Which also meant no Internet access. But, the Office Administrator wasn't happy with having to use a separate computer to access the Internet. So, the first thing after I got laid off...she connected the two networks together (which worked because they had been one network originally, the network got infected....which was before we got the Internet.) Then a Software Engineer for an enterprise software company. (where early on the company was acquired and one of the first people to get downsized was the Unix manager...) Here at KSU, networking group runs DHCP (its a pair of Sun V240's, sol9 and isc dhcpd 3.x....hasn't been patched or anything since they set it up in 2006) while the unix servers group runs DNS. After hearing the presentation by Shumon Huque...who identified himself as DNS Architect for PSU, my manager said I'm the DNS Architect for KSU (yeah, all the old servers have gone away since I took it on...and its quite different than it was before.... like going DNSSEC and doing views - which the previous DNS administrator said wasn't possible, when I had asked why he didn't do that.) Someday somebody is going to register the fake tld that we used and cause all kinds of problems. Did DNSSEC completely on my own, someday we should throw out the scripts I came up that keep it working and replace it with something more robust. Plus since I finally got some DNSSEC training...there's other things I could done differently, etc. We used to be very much into security, until a separate security group was formed and now we're supposed just do whatever they tell us for firewall changes (though I've pushed back a few times, and won on occasion...) or other access controls. I know some DHCP, since I run it at home...two servers doing failover/balancing.... I'm also the primary for managing our F5 (just LTM at the moment)...the only one that does the more complicated stuff, like iRules, SSL, oneconnect.... or upgrading from 9.3.1 to 10.2.3 (and later to 10.2.4). Users want us to have 11.4+, but the software only went to 11.1 for the hardware (support ends on 11.1 before the hardware support does....while support for 10.2.4 matches the end of hardware support.) We have a new pair on order...and we're looking at doing GTM and purchasing external secondary services (anybody have a list of companies that sell this service?) I hope to get access to some training on 11.4, along with GTM. (I've only had the basic and advanced LTM 9) And, I have some scripts running on our F5s calling bigpipe.... But, I'm pretty weak on Windows....and I'm moving to the point where I want to be Windows-free. Even though until a couple years ago, I used to be the odd guy in the Unix group with a Windows desktop. But then I got a new computer, was plagued by all kinds of 'hardware' problems...so boss dropped a 27" iMac on my desk, and offered to help me toss the Windows computer off the loading dock. (though its now my quite stable FreeBSD workstation now....) Though we did recently get my bind servers to be secondary for central AD (the Windows administrators weren't comfortable with turning off recursion on their servers to stop being open query resolvers....) Though I know nothing about what they did on the AD side to make it work after it was found that it didn't work at first (though I suspect they had initially selected the bind option, that makes it talk BIND4...though they also had a problem where it thought it was authoritative for subnets that didn't belong to them...but they have servers in, and one of the DNS vlans falls in that subnet.) Yea....don't know how one would identify a good candidate as you have described. Just as I've been unable to identify some good candidates that are my clones for my manager. On 01/29/14 12:27, Stefan wrote: > I know this may sound a little odd, but have been struggling with trying > to identify a good candidate for a DNS (& DHCP) migration of a large > infrastructure, from Windows based environment, to a vendor based > appliance (and keeping such as a full time employee, in the process, in > the network group, for administration and lifecycle of such). > > I would think that primordial to a level of strong engineering abilities > would be networking (TCP/[UDP]/IP on top of which DNS as protocol and > its behaviors knowledge would be a must). The OS level knowledge comes > next, as bind on *nix or on F5 (thinking GTM here), for example, needs > to be comprehensively understood, as well as the Windows implementation > and relationship between DNS and AD. Security comes as a "given", of > course, as name resolution is critical from that stand point, especially > on the public facing part. Vendor "X" appliance background is also > desirable, on top of all these, 'cause that would be the "moving to" > point, and understanding specifics will be critical. Add to this > knowledge of applications and possible name resolution specifics at > layer 7, maybe not following the "rules" of the OS stubs, and I pretty > much covered the entire computer science spectrum ;-) > > Considering all of the above - what is your experience and/or opinion in > regards to how a good DNS engineer (or a good engineer with primary > responsibility in another technology) came to become? What helped you > the most in becoming one? > > Thank you, > ***Stefan > > > _______________________________________________ > dns-operations mailing list > [email protected] > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs > -- Who: Lawrence K. Chen, P.Eng. - W0LKC - Sr. Unix Systems Administrator For: Enterprise Server Technologies (EST) -- & SafeZone Ally _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
