[OSOT] Distinction between Network Admin and System Admin

Discussion in 'Linux Networking' started by jab3, Sep 13, 2004.

  1. jab3

    jab3 Guest

    [OSOT] = Only Slightly Off Topic :)

    Hello everyone -

    I have a question about how you all would distinguish Network Administrators
    from System Administrators and the separate duties for each function.

    A quick background - I recently applied for a job to a company that is a
    serious networking company and they are looking for another Linux System
    Administrator. I applied, got a call-back, filled out a self-analysis form
    and then a questionnaire about my experience with Linux and administration.
    I had told them this would be my first job like this - I am mostly
    self-taught and professionally inexperienced (which may show soon ;)).
    Well, I talked to the IT Human Resources person and she told me that they
    had two Network Administrators and one System Administrator, and they were
    looking for someone to lessen the burden of the SysAdmin. Later I received
    another call-back, this time with the IT HR person, the Director of Human
    Resources, and the SysAdmin himself. This was supposed to be a 'more
    technical' interview. Well, he then proceeded to question me about my
    experience with what, to my mind, are networking admin functions. He asked
    if I had ever set up a box as a router and firewall/masquerading machine,
    if I had ever set up a DNS server, if I had ever used any MTAs for mail
    servers, if I had used Samba/NFS, etc. About the only thing he asked that,
    to me, was about System Administrating was how I kept up with security
    issues and whether I knew Bash and/or Perl scripting.

    It seems _to me_ that most of his questions were geared more toward Network
    Administration functions, which I would think - having 2 Network Admins -
    they had covered. To me, if you are going to split the jobs (2 Net, 2
    Sys), a Network Admin would deal with the DNS, MTA, Firewalling, NFS,
    Samba, etc; and the SysAdmin would deal with the updates, patches,
    tweaking, maintaining, configuring, installing, monitoring, etc. Am I way
    off in my callowness and ignorance on this? Or was he interviewing me for
    a Network Admin job instead of a SysAdmin job?

    I am indeed asking with full knowledge that I have no first-hand knowledge
    of this :). I'm just trying to explain how I see it, based on my reading
    and personal experience - and am asking for correction and elucidation from
    the experts. :) Is networking so prevalent these days that the line
    between the two jobs has been blurred into an indistinguishable haze?

    Thanks for any comments/help -
    jab3
     
    jab3, Sep 13, 2004
    #1
    1. Advertisements

  2. | [OSOT] = Only Slightly Off Topic :)
    |
    | Hello everyone -
    |
    | I have a question about how you all would distinguish Network Administrators
    | from System Administrators and the separate duties for each function.
    |
    | A quick background - I recently applied for a job to a company that is a
    | serious networking company and they are looking for another Linux System
    | Administrator. I applied, got a call-back, filled out a self-analysis form
    | and then a questionnaire about my experience with Linux and administration.
    | I had told them this would be my first job like this - I am mostly
    | self-taught and professionally inexperienced (which may show soon ;)).
    | Well, I talked to the IT Human Resources person and she told me that they
    | had two Network Administrators and one System Administrator, and they were
    | looking for someone to lessen the burden of the SysAdmin. Later I received
    | another call-back, this time with the IT HR person, the Director of Human
    | Resources, and the SysAdmin himself. This was supposed to be a 'more
    | technical' interview. Well, he then proceeded to question me about my
    | experience with what, to my mind, are networking admin functions. He asked
    | if I had ever set up a box as a router and firewall/masquerading machine,
    | if I had ever set up a DNS server, if I had ever used any MTAs for mail
    | servers, if I had used Samba/NFS, etc. About the only thing he asked that,
    | to me, was about System Administrating was how I kept up with security
    | issues and whether I knew Bash and/or Perl scripting.
    |
    | It seems _to me_ that most of his questions were geared more toward Network
    | Administration functions, which I would think - having 2 Network Admins -
    | they had covered. To me, if you are going to split the jobs (2 Net, 2
    | Sys), a Network Admin would deal with the DNS, MTA, Firewalling, NFS,
    | Samba, etc; and the SysAdmin would deal with the updates, patches,
    | tweaking, maintaining, configuring, installing, monitoring, etc. Am I way
    | off in my callowness and ignorance on this? Or was he interviewing me for
    | a Network Admin job instead of a SysAdmin job?
    |
    | I am indeed asking with full knowledge that I have no first-hand knowledge
    | of this :). I'm just trying to explain how I see it, based on my reading
    | and personal experience - and am asking for correction and elucidation from
    | the experts. :) Is networking so prevalent these days that the line
    | between the two jobs has been blurred into an indistinguishable haze?
    |
    | Thanks for any comments/help -
    | jab3


    In my experience, if it runs on a computer, it's a Sysadmin's responsibilty.

    Network admin guys run the dedicated hardware stuff, routers, switches,
    (some) load balancers, dedicated firewalls, etc. They run a lot of cableing
    as well.

    These aren't hard & fast distinctions, there is a lot of overlap, and both
    sides need to talk a lot, so network changes don't stuff up the servers,
    and vice versa.

    There is also the big overlap that you mentioned, turning a general
    purpose computer into a router or a firewall.
     
    Paul Colquhoun, Sep 13, 2004
    #2
    1. Advertisements

  3. jab3

    James Knott Guest

    Much of what you consider netowork admin are server related. For example,
    why would a network guy be worried about Samba or MTA? And anyone setting
    up a server, had better know about firewalls etc. It looks like you're
    going to have to learn a bit more about what the position entails.
     
    James Knott, Sep 13, 2004
    #3
  4. As a sysadmin I have done all of those things.

    Apart from the router/firewall, I consider them all to be firmly in the
    sysadmin's field not the network admin's. Nameservers, MTAs and
    fileservers are all things which normally run on "general purpose" servers
    (there are exceptions).

    Network admins look after routers, switches, cables etc. In my book their
    responsibility stops where the cable plugs into the NIC in my server. The
    NIC is mine. The cable is theirs.

    The demarcation isn't all that clear and different shops will draw
    the line in different places, often with some overlap. Routers and
    especially firewalls are a bit of a grey area in particular as they are
    often dedicated devices but also quite frequently run on standard
    hardware under general purpose OSs e.g. Linux.

    In our shop the routers and firewalls are normally dedicated (Cisco and
    Nokia) devices and are looked after by the network admins. But
    occasionally we need a temporary one at very short notice and in these
    cases we in sysadmin have set them up using Linux on old PCs.

    And IMO even if a sysadmin does not look after any network component
    directly, he or she still needs a thorough knowledge of networking, in
    order to diagnose problems which affect his or her servers. IME the
    network admins can try to push their problems onto us if we cannot prove
    where the fault is. It probably works the other way too:)

    And finally sysadmins and network admins have to work very closely
    together. It helps a lot to have an understanding of each others' fields.

    So I think the interviewer was rather lenient on you:) He apparantly
    didn't ask any detailed questions about network protocols etc. How are you
    at interpreting tcpdumps?

    Regards, Ian
     
    Ian Northeast, Sep 13, 2004
    #4
  5. jab3

    Moe Trin Guest

    By their job titles in the org chart, and who has 'root' on the routers.
    In the Linux world, those often are computers, rather than real routers
    from Cisco, et.al.
    All of which are run/setup on computers
    EVERYONE should be reading Bugtraq, but not many Ciscos run a bash shell
    or perl. ;-)
    A lot of this depends on the individual company. Network admins tend not
    to "fix" computers, while sys-admins tend not to be intimate with the real
    network hardware like (real) routers, switches, and the like. But the line
    isn't that fine or definitive. If the router is a clapped out 386 with
    four network cards, either or both may have responsibilities. The mail,
    DNS, NIS, NFS and print servers are often standard workstations that may
    have additional RAM or disks. so who do you think would "own" them? Network
    cabling from the wall plug to the computer can be handled by just about
    anyone with a few minutes training - but the wiring cabinets and wiring in
    the wall/ceiling/floor is another matter entirely. If you are using fiber,
    that's also specialized. But (for example), the DNS server? It's
    probably running the same OS as the rest of the servers and maybe the
    workstations - so that's a sys-admin, right? But it's running bind or
    some other DNS application - that's often a network-admin's turf. See
    the big gray area? Some places I've worked split the responsibility
    by function - so maybe the DNS server, routers and firewall belong to
    the network administrator (it's your box - you fix it) while the file
    servers and printer may be the sys-admin's cross.

    I can assure you that both Network and System administrators do share
    a lot of skill sets - and may actually use them ;-)

    Old guy
     
    Moe Trin, Sep 13, 2004
    #5
  6. jab3

    James Knott Guest

    You might also want to run firewalls on all computers, including servers.
     
    James Knott, Sep 14, 2004
    #6
  7. jab3

    jab3 Guest

    Thanks to everyone who responded. It's funny, after reading the replies and
    explanations (basically the, if it's software running on a computer -
    that's SysAdmin; if it's hardware that's not running on a basic computer,
    that's NetAdmin - granted, that's an oversimplified summation of the
    responses, but you get it :)) - I had one of those 'Ahh, now that makes
    sense' experiences. I think I was confused because I'm reading through
    Craig Hunt's TCP/IP Networking Administration, and he keeps referring to
    DNS configuration and Sendmail configuration and router configuration as
    Network Administration, which I suppose in a sense it is. But now I see
    how it makes more sense to try and divide the line between software (or at
    least computer[server|client]) and hardware[wiring|switches|routers|etc]).
    I guess I had it in my mind that if it operated over a network (even
    something like Samba) or served a network function, it was a NetAdmin
    domain. I suppose it makes more sense the way everyone has described it
    based on actual experience :).

    Anyway, thanks for everyone's clarification and guidance.

    -jab3


    P.S. (Ian) - I'm learning, but I'm certainly no Shimomura at reading
    tcpdumps. :)
     
    jab3, Sep 14, 2004
    #7
  8. When you have to, you will find ethereal very useful. It can either take
    the trace itself or use the output of tcpdump -w; either way, it will
    interpret the packets for you.

    Regards, Ian
     
    Ian Northeast, Sep 14, 2004
    #8
  9. jab3

    jab3 Guest

    Ian Northeast finally wrote on Tue September 14 2004 04:54 pm:
    You know, I actually have used Ethereal a couple of times. Felt like I was
    taking the easy way out (which is why I didn't mention it in earshot of the
    experts ;)) - so I'm glad to see that you at least condone such tools for
    learning. (and then perhaps for ease of use once familiar with the packet
    headers, etc, through tcpdump) Of course, if you can read tcpdumps, I
    imagine you can use it on virtually any *nix system, which is a good thing.


    Cheers -
    jab3
     
    jab3, Sep 15, 2004
    #9
  10. Quick answer:

    - System administrators know "Unix" and its services

    - Network administrators need expertise with routers, switches, and
    other such appliances that are quite likely to involve additional
    non-Unix user interfaces.
    --
    let name="cbbrowne" and tld="acm.org" in name ^ "@" ^ tld;;
    http://www.ntlug.org/~cbbrowne/lsf.html
    Rules of the Evil Overlord #123. "If I decide to hold a contest of
    skill open to the general public, contestants will be required to
    remove their hooded cloaks and shave their beards before entering."
    <http://www.eviloverlord.com/>
     
    Christopher Browne, Sep 15, 2004
    #10
  11. I always use ethereal if I need to examine the packets in detail, as
    opposed to just checking source and destination IPs and ports etc. It's
    much easier. There's nothing "correct" IMO about using old fashioned
    cruder tools, you use the most effective tool for the job in hand. E.g. if
    you just want to see how much traffic is being exchanged with something
    tcpdump is often simplest, if you want to dissect packets bit by bit or
    get an easy to understand picture of whole conversations ethereal is the
    business. I don't know the detailed structure of an IP or TCP header. I
    don't need to, ethereal does. Of course, I do know where to look it up:)
    ("UNIX Network Programming" by the late W.R.Stevens).

    You can use ethereal on virtually any *nix system too. Even if it's not
    included in the base OS, it's often available on a "bonus" or some such
    CD, and can be compiled if it's not. The only exception I have found is on
    IBM's AIX, where, while ethereal is provided on one of their additional
    CDs, using it in packet capture mode can crash the server. So it's safest
    not to have it installed. On AIX I tcpdump to a file, ship the file to a
    Linux machine and load it into ethereal. You could do the same on any
    system (if any such exists) which has tcpdump but cannot for some reason
    run ethereal. An IP packet is an IP packet, it makes no difference what
    system it was captured on.

    Regards, Ian
     
    Ian Northeast, Sep 15, 2004
    #11
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.