As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

[Sysadmin] Routing to null

1181921232499

Posts

  • StraygatsbyStraygatsby Registered User regular
    New job get! Ejecting from private sector back into the corporate meat grinder! It's gonna be intense, but I'll be adjacent a lot of brilliant cloud bros and brotessas as well as a healthy software engineering contingent. I plan to learn as much as humanly possible by osmosis and intention and see where it takes me.

    Weeeeee!

  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Myiagros wrote: »
    Here's a quick diagram.
    1ddkkdgbz5ki.png

    I'll have to look at the physical setup because something seems off, this is based solely off of the config right now on the firewall. On the firewall there is no grouped interfaces for X4 so that connection has to be server > firewall. There is not even any reference to the .3 public IP on the firewall anywhere. There is also no internal connection from the DMZ to the LAN subnet so I can't do a direct route. I believe the firewall is doing all the routing and the ISP switch can't route back to go from .3 to .2.

    Edit: Spoke to someone and it seems like what I want to do is not possible. On Sonicwall(maybe others) all of the public IPs can come in on the same interface and NAT takes care of the routing.

    The way I would do this is:

    1) On the Sonicwall, you will need two zones, with an IP for each zone:
    1a) DMZ zone: Interface X4, IP address 192.168.10.1, subnet 192.168.10.0/24
    1b) Internal zone: Interface X0, IP address 192.168.11.1, subnet 192.168.11.0/24

    2) On the Sonicwall, make sure you have a routing table that:
    2a) Routes all traffic for 192.168.10.0/24 to X4.
    2b) Routes all traffic for 192.168.11.0/24 to X0.
    2c) Routes 0.0.0.0/0 to the ISP fiber IP on X1.

    Note that the zone & interface setup in step 1 may automatically create that routing table. Many modern firewalls will do that. However, don't take it for granted. SSH into the Sonicwall and make sure with your own eyes that the routing table at least has those entries.

    3) On the Sonicwall, two NAT rules:
    3a) First NAT rule: translate X.X.X.3 to 192.168.10.10.
    3b) Second NAT rule: translate X.X.X.2 to 192.168.11.10

    4) On the Sonicwall, the following firewall rules:
    4a) Allow SMTP traffic (TCP port 25) from 192.168.10.10. to 192.168.11.10.
    4b) Allow all ICMP from 192.168.10.10. to 192.168.11.10.
    4c) Allow all ICMP from 192.168.11.10. to 192.168.10.10.

    At this stage, you should be able to...
    5) Ping and traceroute from the DMZ server to Exchange using their 192.168.x.x IPs.
    6) Ping and traceroute from Exchange to the DMZ server using their 192.168.x.x IPs.
    7) Point the DMZ server's SMTP setting to 192.168.11.10 and get a successful SMTP handshake.

    Now, whether relay works or not depends on your Exchange server's SMTP listener and authentication settings. But if you get successful tests for steps 5-7, you know any further problem is not firewall-related or network-related.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    edited June 2019
    @Myiagros

    BTW, you didn't mention what your DMZ server's primary role is.

    Note that if a server is generating and submitting new email messages then it is an email client. Current convention is that email clients use port 587 to submit messages to an SMTP server. Port 25 is supposed to be reserved for transport-to-transport traffic (one email server relaying messages to another email server, or a spam filter relaying to an email server).

    Lots of people ignore that convention, but I still want to make you aware of it.

    Feral on
    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • FeldornFeldorn Mediocre Registered User regular
    I haven't looked into a ton yet, and this may not be the right place to ask... but I will anyways.

    I was going to look into installing Pi-Hole in either docker or WSL2 on a Windows 10 box to act as a local DNS ad-blocker. Also to try something new...

    Do any of you know of a blog/wiki article about setting one up this way? I've read some stuff, but nothing that seemed to be totally what I was looking for.

  • LD50LD50 Registered User regular
    Entaru wrote: »

    This still isn't good. They're upping the limit on the number of domains that can be blacklisted, but are still scrapping the actual api that current adblockers use to inspect traffic to remove ads. If they are still scrapping that old api you might as well just use pihole.

  • bowenbowen How you doin'? Registered User regular
    Yeah it's too late I already migrated off and they destroyed all the good will they had with me.

    Aside from gmail I'm seeking alternatives to everything I use them for.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • wunderbarwunderbar What Have I Done? Registered User regular
    The one thing I'll say is that that API that they're trying to deprecate is the source of the majority of the browser extension malware that exists, so I understand on a high level why they're trying to get rid of it.

    The way that API works is that it actually allows live code to be pushed into an extension after a user installs it without the user's knowledge, and this code can completely change how the extension works. That, honestly, is bad.

    Now, I don't necessarily agree with the way Google has gone about this, and there most certainly should have been a way for them to redesign something to fix the security issues without taking away the effectiveness of ad blockers, but on a high level I do get what they were trying to do.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • bowenbowen How you doin'? Registered User regular
    wunderbar wrote: »
    The one thing I'll say is that that API that they're trying to deprecate is the source of the majority of the browser extension malware that exists, so I understand on a high level why they're trying to get rid of it.

    The way that API works is that it actually allows live code to be pushed into an extension after a user installs it without the user's knowledge, and this code can completely change how the extension works. That, honestly, is bad.

    Now, I don't necessarily agree with the way Google has gone about this, and there most certainly should have been a way for them to redesign something to fix the security issues without taking away the effectiveness of ad blockers, but on a high level I do get what they were trying to do.

    Perhaps they should have been more transparent about this.

    The real reason is they got caught with their pants down. The arbitrary domain limit they were putting in is proof that their primary concern was ads revenue for Alphabet proper, and the secondary reason was malware.

    Ads are still the #1 vector for malware outside of your parents clicking all the links in their email.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • bowenbowen How you doin'? Registered User regular
    Also perhaps "this addon needs permission to view xyz" should be a bit more in depth in to what exactly they're getting permission for.

    I hate android for this "x app is requesting permission to read, delete, create saved games" but what it really means is "app is requesting the ability to store data for its own use and not touch data for other programs"

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Feldorn wrote: »
    I haven't looked into a ton yet, and this may not be the right place to ask... but I will anyways.

    I was going to look into installing Pi-Hole in either docker or WSL2 on a Windows 10 box to act as a local DNS ad-blocker. Also to try something new...

    Do any of you know of a blog/wiki article about setting one up this way? I've read some stuff, but nothing that seemed to be totally what I was looking for.

    I personally use Pi-Hole on physical Pis and it's pretty easy. Never used it in Docker or WSL2.

    A quick and dirty Googling finds a lot of people have installed it in Docker though.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • FeldornFeldorn Mediocre Registered User regular
    I have a pi, just haven’t deployed it at home because I don’t want to deal with my wife complaining about it.

  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Our web host migrated our main corporate website to a new cluster this week and now some visitors are reporting SSL errors when they try to visit it.

    The web host's excuse is that they now require TLS 1.3.

    I can't even

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • EchoEcho ski-bap ba-dapModerator mod
    Feral wrote: »
    Our web host migrated our main corporate website to a new cluster this week and now some visitors are reporting SSL errors when they try to visit it.

    The web host's excuse is that they now require TLS 1.3.

    I can't even

    It's been what, six months since the spec was finalized? Surely every single website has had plenty of time to upgrade!

  • DarkewolfeDarkewolfe Registered User regular
    Feldorn wrote: »
    I have a pi, just haven’t deployed it at home because I don’t want to deal with my wife complaining about it.

    Just put yourself and your wife on different subnets and manage your own traffic.

    Added points if you covertly throttle her access to bandwidth as necessary.

    What is this I don't even.
  • wunderbarwunderbar What Have I Done? Registered User regular
    Darkewolfe wrote: »
    Feldorn wrote: »
    I have a pi, just haven’t deployed it at home because I don’t want to deal with my wife complaining about it.

    Just put yourself and your wife on different subnets and manage your own traffic.

    Added points if you covertly throttle her access to bandwidth as necessary.

    I see no way this can end badly for anyone.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    edited June 2019
    Echo wrote: »
    Feral wrote: »
    Our web host migrated our main corporate website to a new cluster this week and now some visitors are reporting SSL errors when they try to visit it.

    The web host's excuse is that they now require TLS 1.3.

    I can't even

    It's been what, six months since the spec was finalized? Surely every single website has had plenty of time to upgrade!

    I get SSL errors sometimes while loading it in a browser that supports TLS 1.3. Qualys labs tells me the site does not support TLS 1.3, but does support TLS 1.2.

    xprcbfe7nkpy.jpg

    Late edit: stupid typos. Needed more coffee.

    Feral on
    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    Mostly I'm fucking tired of vendor support that blatantly lies.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • lwt1973lwt1973 King of Thieves SyndicationRegistered User regular
    Feral wrote: »
    Mostly I'm fucking tired of vendor support that blatantly lies.

    So...you're saying you're tired all the time?

    "He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    lwt1973 wrote: »
    Feral wrote: »
    Mostly I'm fucking tired of vendor support that blatantly lies.

    So...you're saying you're tired all the time?

    Yes.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • electricitylikesmeelectricitylikesme Registered User regular
    https://access.redhat.com/security/vulnerabilities/tcpsack

    Expect the internet to get real wonky in the near future I suppose, since this is definitely a "for the lulz" exploit. On the plus side, a whole bunch of IoT devices are gonna have easy to use kill-switches.

  • bowenbowen How you doin'? Registered User regular
    Feral wrote: »
    lwt1973 wrote: »
    Feral wrote: »
    Mostly I'm fucking tired of vendor support that blatantly lies.

    So...you're saying you're tired all the time?

    Yes.

    I feel attacked

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • BSoBBSoB Registered User regular
    I think sales reps just sending me unsolicited calendar invites for a meeting in my own office after I ignore them for long enough is my least favorite tactic.

    Jesus Christ, fuck the hell off.

    I bought a small server from you 6 months ago, i'll let you know if I want anything else.

  • lwt1973lwt1973 King of Thieves SyndicationRegistered User regular
    BSoB wrote: »
    I think sales reps just sending me unsolicited calendar invites for a meeting in my own office after I ignore them for long enough is my least favorite tactic.

    Jesus Christ, fuck the hell off.

    I bought a small server from you 6 months ago, i'll let you know if I want anything else.

    Your anger has brought down Google Calendar.

    "He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
  • ThawmusThawmus +Jackface Registered User regular
    I actually feel sorry for sales folks. Quotas are terrible.

    I was talking to the head sales manager a couple weeks ago, and she was telling me that a particular branch's numbers were bad (I don't know why she always tells me this shit, but she does). I said, "Oh really, how bad?"

    Apparently so bad that they made their normal average monthly sales. But see, the month prior, they doubled their sales because one of our customers had a big project and bought a ton of shit. So they're expected to maintain that crest.

    I bit my tongue for a bit, but they kept rambling on about it, and then I got all Thawmus and said, "So, wait, don't you think that's backwards?" She didn't know what I meant. "If I know from experience in this company that this is how you look at sales numbers, the next time my client has a big project, wouldn't I rather ask them to spread out their purchases between month-end and next month, and do other shady stuff too? Like actually discourage big sales because I don't want my branch to get into trouble?"

    Well, that was apparently a mind-blowing statement, and they asked what I would do instead. "I don't have a business degree, but it seems to me like what you're really after is encouraging the staff to go after more big projects they can sell a ton of stuff on, right? Why not give them a reward (bonus) for that big month they had and tell them there's more where that came from if they have months like that again?"

    I was then told that that's just not how it works but that I brought up some interesting things to think about.

    I feel sorry for sales folks.

    Twitch: Thawmus83
  • bowenbowen How you doin'? Registered User regular
    Sales people and 'ENDLESS EXPONENTIAL GROWTH' of capitalism is everything that's wrong with modern society and our economy, change my mind

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • EchoEcho ski-bap ba-dapModerator mod
    BSoB wrote: »
    I think sales reps just sending me unsolicited calendar invites for a meeting in my own office after I ignore them for long enough is my least favorite tactic.

    Jesus Christ, fuck the hell off.

    I bought a small server from you 6 months ago, i'll let you know if I want anything else.

    We had two random dudes from some office supply company just show up and ring our doorbell. We let them in, asked who they were there to see, they named a sales guy here, he had no idea what they were talking about, we kicked them the hell out and decided to never buy anything from them.

  • LD50LD50 Registered User regular
    bowen wrote: »
    Sales people and 'ENDLESS EXPONENTIAL GROWTH' of capitalism is everything that's wrong with modern society and our economy, change my mind

    I don't think I can.

  • LD50LD50 Registered User regular
    Echo wrote: »
    BSoB wrote: »
    I think sales reps just sending me unsolicited calendar invites for a meeting in my own office after I ignore them for long enough is my least favorite tactic.

    Jesus Christ, fuck the hell off.

    I bought a small server from you 6 months ago, i'll let you know if I want anything else.

    We had two random dudes from some office supply company just show up and ring our doorbell. We let them in, asked who they were there to see, they named a sales guy here, he had no idea what they were talking about, we kicked them the hell out and decided to never buy anything from them.

    I am ever thankful that my building is locked down like fort knox.

  • ThegreatcowThegreatcow Lord of All Bacons Washington State - It's Wet up here innit? Registered User regular
    Behold the synopsis of every tech support and sysadmin everywhere...or those with a high tolerance for pain.

    unnbbqokaf92.jpg

  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    LD50 wrote: »
    Echo wrote: »
    BSoB wrote: »
    I think sales reps just sending me unsolicited calendar invites for a meeting in my own office after I ignore them for long enough is my least favorite tactic.

    Jesus Christ, fuck the hell off.

    I bought a small server from you 6 months ago, i'll let you know if I want anything else.

    We had two random dudes from some office supply company just show up and ring our doorbell. We let them in, asked who they were there to see, they named a sales guy here, he had no idea what they were talking about, we kicked them the hell out and decided to never buy anything from them.

    I am ever thankful that my building is locked down like fort knox.

    For a little while, there was a salesdude who lingered on the sidewalk outside and when somebody would ask him who he is waiting for, he'd give a name he'd found on LinkedIn. "Oh, I have an appointment with Feral Teamlead" or "I have an appointment with Feralsboss CIO." No, he didn't actually have an appointment, but whoever inquired why he was loitering didn't know that so they'd come bother me and tell me I had a vendor waiting outside.

    I gave him an earful but then he did it again to a coworker.

    We had to have him escorted off the premises and put out a bulletin to all locations that he's not allowed on company property.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • Inquisitor77Inquisitor77 2 x Penny Arcade Fight Club Champion A fixed point in space and timeRegistered User regular
    Feral wrote: »
    LD50 wrote: »
    Echo wrote: »
    BSoB wrote: »
    I think sales reps just sending me unsolicited calendar invites for a meeting in my own office after I ignore them for long enough is my least favorite tactic.

    Jesus Christ, fuck the hell off.

    I bought a small server from you 6 months ago, i'll let you know if I want anything else.

    We had two random dudes from some office supply company just show up and ring our doorbell. We let them in, asked who they were there to see, they named a sales guy here, he had no idea what they were talking about, we kicked them the hell out and decided to never buy anything from them.

    I am ever thankful that my building is locked down like fort knox.

    For a little while, there was a salesdude who lingered on the sidewalk outside and when somebody would ask him who he is waiting for, he'd give a name he'd found on LinkedIn. "Oh, I have an appointment with Feral Teamlead" or "I have an appointment with Feralsboss CIO." No, he didn't actually have an appointment, but whoever inquired why he was loitering didn't know that so they'd come bother me and tell me I had a vendor waiting outside.

    I gave him an earful but then he did it again to a coworker.

    We had to have him escorted off the premises and put out a bulletin to all locations that he's not allowed on company property.

    I would legit go out of my way to call his boss and his boss's boss and his boss's boss's boss and follow up with emails clearly stating that their entire company is now blacklisted from company sites until further notice.

  • LD50LD50 Registered User regular
    Feral wrote: »
    LD50 wrote: »
    Echo wrote: »
    BSoB wrote: »
    I think sales reps just sending me unsolicited calendar invites for a meeting in my own office after I ignore them for long enough is my least favorite tactic.

    Jesus Christ, fuck the hell off.

    I bought a small server from you 6 months ago, i'll let you know if I want anything else.

    We had two random dudes from some office supply company just show up and ring our doorbell. We let them in, asked who they were there to see, they named a sales guy here, he had no idea what they were talking about, we kicked them the hell out and decided to never buy anything from them.

    I am ever thankful that my building is locked down like fort knox.

    For a little while, there was a salesdude who lingered on the sidewalk outside and when somebody would ask him who he is waiting for, he'd give a name he'd found on LinkedIn. "Oh, I have an appointment with Feral Teamlead" or "I have an appointment with Feralsboss CIO." No, he didn't actually have an appointment, but whoever inquired why he was loitering didn't know that so they'd come bother me and tell me I had a vendor waiting outside.

    I gave him an earful but then he did it again to a coworker.

    We had to have him escorted off the premises and put out a bulletin to all locations that he's not allowed on company property.

    "You should give him a call and have him walk you in. Don't forget to sign in with security."

  • schussschuss Registered User regular
    Behold the synopsis of every tech support and sysadmin everywhere...or those with a high tolerance for pain.

    unnbbqokaf92.jpg

    I want those stickers

  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    LD50 wrote: »
    "You should give him a call and have him walk you in. Don't forget to sign in with security."

    Just as an aside, this is a corporate culture thing that drives me fucking nuts about this company.

    Let's say Alex has a problem. Charlie is the person who can fix the problem.

    Brian is work friend and he overhears that Alex is having a problem.

    Does Brian say "Hey, Alex, you should call Charlie?" No, Brian will walk over to Charlie's desk and say "Hey, Alex has a problem. Can you fix it?"

    ...

    So if there's a salesperson milling outside, do you think anybody says "you need to call Feral?" No. Somebody will wander over to my desk and say "Hey, there's a dude looking for you."

    "Who?"

    "Oh I dunno"

    "What company?"

    "I didn't ask."

    ...

    This mostly happens with IT tickets, which is something I've bitched about a lot here. But it isn't just tickets. It's a broad cultural habit and nobody except me and a couple of other people are interested in fixing it.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • Inquisitor77Inquisitor77 2 x Penny Arcade Fight Club Champion A fixed point in space and timeRegistered User regular
    Yeah people think that "culture" is just some vague thing, but stuff like that is exactly what it is supposed to address. That kind of normative behavior can quickly spiral into toxic ineffectiveness and learned helplessness.

  • bowenbowen How you doin'? Registered User regular
    Feral wrote: »
    LD50 wrote: »
    "You should give him a call and have him walk you in. Don't forget to sign in with security."

    Just as an aside, this is a corporate culture thing that drives me fucking nuts about this company.

    Let's say Alex has a problem. Charlie is the person who can fix the problem.

    Brian is work friend and he overhears that Alex is having a problem.

    Does Brian say "Hey, Alex, you should call Charlie?" No, Brian will walk over to Charlie's desk and say "Hey, Alex has a problem. Can you fix it?"

    ...

    So if there's a salesperson milling outside, do you think anybody says "you need to call Feral?" No. Somebody will wander over to my desk and say "Hey, there's a dude looking for you."

    "Who?"

    "Oh I dunno"

    "What company?"

    "I didn't ask."

    ...

    This mostly happens with IT tickets, which is something I've bitched about a lot here. But it isn't just tickets. It's a broad cultural habit and nobody except me and a couple of other people are interested in fixing it.

    Someone passed me a phone call from a billing company that had to do with my boss' dad today because I don't know?

    I'm the failover for "shit this is confusing let me hand it to someone that has a functioning brain". I'm flattered by that I guess, but still.

    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • MugsleyMugsley DelawareRegistered User regular
    Help with a debate here at the office. What's your pay structure like for people who are on-call?

    If you're on-call but at home, do you charge hours only if you have to come in? Do you charge hours if you have to pick up a phone? Do you get paid just for being on-call (i.e. the "time commitment" because you have to be in the area).



    ---
    Also I had friends in banking and that progress metrics thing was definitely a thing back in the heady days of low interest credit cards. It wasn't that you weren't getting people to sign up. It was that you weren't getting more people to sign up than you did last month, or at least at the same increasing rate than the past few months.

    And, yet, no one at any level of management apparently understood how quickly you would run out of people on the Earth.

  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    I have never in my entire life gotten paid for being on call.

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • AiouaAioua Ora Occidens Ora OptimaRegistered User regular
    One of the hospitals I worked for back when I was a contractor paid quarter-time to the FTEs for their on-call standby hours. But yeah it's pretty non standard. (Standby pay probably should be standard but well let me point you over to the Unions thread in DnD...)

    If you're hourly, you should legally be getting paid from the moment you pick up your phone/VPN in. Even if it's 10 minutes and oh look a false alarm and you never had to put pants on, you still worked.

    Salary is a bit different cause hours are lol. Every place I've worked that wasn't jerks about it would let you comp that time. Oh you were stuck on a call for two hours last night? Leave two hours early on Friday. If they expect you to just eat it they can, legally, but that gets me firing up the old LinkedIn.

    life's a game that you're bound to lose / like using a hammer to pound in screws
    fuck up once and you break your thumb / if you're happy at all then you're god damn dumb
    that's right we're on a fucked up cruise / God is dead but at least we have booze
    bad things happen, no one knows why / the sun burns out and everyone dies
  • schussschuss Registered User regular
    Mugsley wrote: »
    Help with a debate here at the office. What's your pay structure like for people who are on-call?

    If you're on-call but at home, do you charge hours only if you have to come in? Do you charge hours if you have to pick up a phone? Do you get paid just for being on-call (i.e. the "time commitment" because you have to be in the area).



    ---
    Also I had friends in banking and that progress metrics thing was definitely a thing back in the heady days of low interest credit cards. It wasn't that you weren't getting people to sign up. It was that you weren't getting more people to sign up than you did last month, or at least at the same increasing rate than the past few months.

    And, yet, no one at any level of management apparently understood how quickly you would run out of people on the Earth.

    Depends on how much you make. Below a certain threshold, people got paid.
    Generally if people got called on to do anything, we'd comp them the time during the week to take off. That said, we made a change where managers got called first if shit went down, as rarely did the employees have the decision-making power to approve fixes. That helped a ton.

This discussion has been closed.