In an interest of redunancy, I like setting up 2 network cables and than using bonding to bond them together.

I add something like this to /etc/network/interfaces

auto bond0
iface bond0 inet static
        address 10.1.1.2
        netmask 255.255.255.0
        network 10.1.1.0
        gateway 10.1.1.1
        up /sbin/ifenslave bond0 eth0
        up /sbin/ifenslave bond0 eth1
        pre-up modprobe -v bonding -o bond0 mode=4 miimon=50
        post-down rmmod bond0

After creating the first DomU, I could not get it to use my bond0. It wanted to use eth0. I tried adding

('network-bridge netdev=bond0')

to /etc/xen/xend-config.sxp but it would not work.

After doing some research I found this article: http://www.performancemagic.com/Dell1950_MD3000i_Xen_Debian_iSCSI_RDAC/Networking.html which proved to be very helpful.

I added the network-bond to the scripts in /etc/xen/scripts, set it to executable with chmod. I commented out the network-bridge and used this instead.

 (network-script network-bond) 

After a reboot it quit working. After reviewing the above link again, I saw I was missing the netboot in /etc/modules. Adding this and another reboot makes it all work great.

I sent an email with this info to the debian xen package team, but did not hear back from them.

It would be nice to have this script included and a comment added to /etc/xen/xend-config.sxp.

Perhaps this is all fixed in Lenny.
Or maybe there is a better way to do this.

Hopefully this can save someone else similar problems.

With a new install of Xen and Etch, than using the xen tools to install a new copy of Etch, the time seems to stay off.

The system has minimal config changes and creating the xen client looks like this:

xen-create-image --hostname Xrrr.my.flat --ip 10.1.1.1 --dist etch

Installing ntpdate and running ntpdate -b myntpserver does not seem to fix it.
Tzconfig changes the timezone but does not fix it.
It still seems to be about 5 hours off.

Why is a xen client different than regular Etch?

Icewm is a great desktop when you want speed, performance and stability.

Although I like icewm I still use konsole and other kde applications.

With kde4 apps showing up, it is fun to try them out as well.

I notice that although they work fine, icewm shows a black spot where the application icon should be.

Are there any tips for fixing this?

Recently I was inspired by looking at some of Steve's repository files and seeing aliases, and other configs that he wanted available on all boxes.

Since I use svn, I added a hidden folder with some standard aliases, customized vimrc, muttrc and etc to it.

Than I setup svn to store and make it all accessable from other servers.

Some of the issues that I am not sure about:

o I don't like svn user/pass stored on all boxes I access.
  This can be fixed with the --no-auth-cache but than I need to login to it every time I update.

o I still need to remember to manually call my svn update to get the updates in.

o Some boxes don't have all the same access to the svn services.

o And some boxes it would be nice to have the some of the etc stuff sync'd as well.

It would be interesting to hear what you do with your home folder on servers, and how you keep it consistent between a variety of servers/workstations/laptops or whatever.

Sometimes it would be handy to have a place to put personal notes, have access to personal email, and store files for later usage.

And at the same time have some simple content available to the public.

What do folks find as an easy way to accomplish a setup like this or does everyone do everything the manual way?

IE: Install apache, configure it, and then code the html stuff, add a protected personal page, add a public side, add photos tips, ideas and so...
Doing the following:

apt-cache search web tools personal

This does not seem to yield anything real useful.

For years I have used iptables on Debian as a firewalling/network protecting tool.

However, recently I am needing to have better redundancy, ie multiple hardware boxes.

But have the perhaps common problem of how do we handle redundancy.
Ideally of course, there is only one gateway ip on each vlan/realm etc.
When asking my peers what is the best solution, the only solution seems to be to use a bsd* variant with carp tools.

This is likely a very good idea, however, I don't know the bsd lingos.

So, do we need to learn openbsd commands to get real network/firewall redundancy or are there stable working solutions that you find with Debian/linux?

What solutions or routes do you take or suggest for redundant firewalling and ease of use without a complicated mess of addresses and routes?

Doing a new review of all the different road warrior vpn solutions.

And looking for a solution that works well with Windows, and Linux as clients, what solutions work best for you?

Some of the ones I have considered are:

Openvpn
Pptp
Ipsec

One of the things I need is better control of the client from the server configuration like blocking local network access, radius support to control the ip pool or the ip address as well as auditing of logins.

Ideally the server software runs on Debian and access is controlled via iptables.

I am leaning toward trying to learn Openvpn. It seems to have a good variety of clients, a better encrypted stack than pptp etc.

What works best for and why have you chosen it?

I am interested in knowing how you like Sun servers:

o running Debian 32/64 (or Ubuntu), 
o which servers are the easiest to install,
o and perhaps what gets you the most server for the dollar. 

I am especially interested in long uptimes, and storage solutions.

They seem to get good reviews on performance even on older hardware.

I have used a few boxes with Sparc but it seems like the Sparc support in Debian is not long term, especially as the new Sun servers are using AMD processors.
Also, the Sparc seemed rather tricky to get working.

I noticed the v40z and v20z and found a few references to them working on Debian.

Anyone with experience care to share?

We have been having problems with Thunderbird on Etch crashing when printing.

Here seems to be a link to the problem:

http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg239921.html

By upgrading thunderbird to Sid/Unstable the problem was fixed.

Assuming that you have sid in your sources and that your preferences allow you to override the prefered release, you can upgrade like this:

apt-get install -t sid thunderbird

My preferences did not permit me to upgrade, like that so I just moved them out, did the upgrade and put them back.

mv /etc/apt/preferences /tmp
apt-get install -t sid thunderbird
mv /tmp/preferences /etc/apt/

As a user of etch, it always intersts me, in learning what I can do to improve video quality. And knowing I had an ATI card that did not perform as it should I did some research on direct rendering. I am sure that many of you will know much more about direct rendering, but here are some tips I learned:

To check to see if you have direct rendering, run glxinfo.
Make sure you have glxinfo utility by doing:

apt-get install mesa-utils

At a command prompt do:

glxinfo

The 3rd line down should say: direct rending: Yes
If it says no, than you may be able to improve your openGL options provided you have a video card that supports it.

To get it working on my etch box I used the following command:

apt-get install libgl1-mesa-dri libgl1-mesa-glx

After installing those debs, I did not need to restart to get it working.
There may be other issues like not having drm loaded or perhaps using a binary driver.
I am using the radeon module that comes with etch and the 2.6.17- kernel.
Getting this fixed greatly improved the google-earth performance.
I don't know if this improves performance in applications like mplayer or not, but it possibly could.

Perhaps you have some additional video tips that you could share.