Jump to content

ryperx

Members
  • Content Count

    42
  • Joined

  • Last visited

Community Reputation

0 Neutral

About ryperx

  • Rank
    Advanced Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Can confirm this problem. In the moment i use a network in firewall the tunnel cant be started. Do you have 2 network cards/links maybe?
  2. Thanks, you are right, i see now the changelog. When i wrote the comment the changelog was empty for me
  3. There is an Update for the Wireguard Plugin, anybody knows the Changelog? Cant find any Info.
  4. So guys, i hope someone reads this with a little network background I think i found a bug in unraid, dont know this is exactly the problem of the slow GUI with a VLAN but i think it has something in common. The specified VLAN is not correctly linked/forced to the vlan interface Test 1 (works as expected) Nic 1: Configured 10.0.1.10 Nic2: Configured no IP address Added a VLAN 2 with the ip adress 10.0.2.10 I can ping the IP address 10.0.2.10 as expected because i configured on my router the vlan 2 with this subnet. ifconfig br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.1.10 netmask 255.255.255.0 broadcast 0.0.0.0 br1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 br1.2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.2.10 netmask 255.255.255.0 broadcast 0.0.0.0 eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 eth1: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 eth1.2: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 Test 2 (bugged/broken) Nic 1: Configured 10.0.1.10 Nic2: Configured 10.0.2.10 Added a VLAN 2 with NO IPADRESS configured I can still ping the 10.0.2.10 ip adress, this shouldnt be possible because the IP address should only be available in VLAN 2! ifconfig: br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.1.10 netmask 255.255.255.0 broadcast 0.0.0.0 br1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.2.10 netmask 255.255.255.0 broadcast 0.0.0.0 br1.2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 eth1: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 eth1.2: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 Test 3 (works as expected) Nic 1: Configured 10.0.1.10 Nic2: Configured 10.0.2.10 Deleted VLAN 2 I cant ping anymore 10.0.2.10. Now it works as expected ifconfig br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.1.10 netmask 255.255.255.0 broadcast 0.0.0.0 br1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.2.10 netmask 255.255.255.0 broadcast 0.0.0.0 eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 eth1: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 eth1.2: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 Conclusion As it looks like the br1.2 is completly linked to the br1 interface so both interfaces are linked what isnt a good idea I hope this is understandable what i wrote.
  5. Hey guys, i have a problem with my unraid server. I use 2 different network cards Nic 1: Configured 10.0.1.10 Nic2: Configured different VLAN 2 with 10.0.2.10 When i try to access the WebGui on 10.0.1.10 everything performce fast and responsible. When i access the WebGui on 10.0.2.10 the first access is really slow, after the WebPage showed one time up (needs 10 seconds) it runs ok. Same problem in Docker containers or plugins, when i use the bridge network (Container IP is the same as Host) and try to access for example my whoami container i have the same problem. 10.0.1.10:8080 is fast and 10.0.2.10:8080 is really slow. When i the container has his own fixed IP Adress (example 10.0.2.55) in the VLAN 2 which runs snappy and fast. So i dont think it is a problem in general of the VLAN 2 network. Anybody has an idea whats the problem? I tried to use only one default gateway but still the same problem. I also dont think it is a layer 3 problem because a ping for example response in 1ms at the firs request.
  6. I dont think another software would help much because as it looks like your Mainboard or Ram Modules have a problem when all Slots/Moduls installed. Do you have latest BIOS Version installed?
  7. Hey guys, i want to upgrade my cache pool and i have a question. First will it be in the near future possible to create multiple cache pools? Second question is what happens when i put different SSDs with different sizes in the cache Pool. Easy example for Raid 1 calculation and 3 disks, as i know the btrfs cache works different then default Raid1 levels. Disk 1 1000GB Disk 2 500GB Disk 3 250GB Is it correct i would have a Cache pool of 750GB? (calculated https://carfax.org.uk/btrfs-usage/) Disk 1 can fail Disk 2+3 can fail at the same time Disk 1+2 fails and the cache pool is dead.
  8. Thanks for the information. I think the second cache drive that is connected with usb 3.0 isnt working fine. As it looks like for example i see in the WebGui that the drive has 56°C but the drive is in reality on an normal temp. Think the cheap USB Controller is handling something wrong. I reset the controller and will see if it helps. Another question, i unplugged the 2nd cache drive while the server was running (testing directly the Raid 1 ;)) and the server didnt regognized that the drive was completly missing. Only saw many btrfs errors in the syslog. After stopping the array it told me the drive was missing. How long it needs normally for the server that a cache drive is completly missing/broken?
  9. Hey guys, i have a question. I noticed today when i copy file on my cache drive it starts with a fine speed of 110mb/s (1gbit) but after some time it drops to about 50mb/s and i cant see the direct problem. Only that one of my cache drives getting hotter. CPU was fine. When i copied something to the array there was no problem. So i checked the forum and found something about the Balance Command in the GUI. I let it run and i think it did some work (before i startet it i saw something about GlobalReserve used=80%) This is the Information while running: Balance Status btrfs filesystem df: Data, RAID1: total=97.00GiB, used=95.98GiB System, RAID1: total=32.00MiB, used=16.00KiB Metadata, RAID1: total=1.00GiB, used=286.66MiB GlobalReserve, single: total=124.08MiB, used=14.38MiB btrfs balance status: Balance on '/mnt/cache' is running 119 out of about 139 chunks balanced (120 considered), 14% left My question now is it necessary to run a balance or scrub on a weekly basis? I found some information in the year of 2017 in the forum but is this still necessary? Command to schedule btrfs balance start -dusage=75 /mnt/cache Best regards ryperx
  10. I really like the aproach from the Dynamics Temp Plugin which also shows the CPU Temp directly in the CPU Utilisation in Dashboard
  11. I found the problem, on the opponent side was the ping on the wan port disabled, so i think wireguard needs to ping the WAN IP from the other side and the choosen udp port to work.
  12. @ljm42 I have another little problem with the server <-> server connection. When the connection is established it works fine and from every server i can ping the opponent server from both sides. The problem, after some time one server cant ping the other server and the connection is lost and cant be established from this server. I need to press the ping button on the opponent server and the tunnel works again (ping from both servers work) Anybody has an idea?
  13. Ok i will learn more about Wireguard. This is the only part what isnt correct as i understand, the server <-> server config exports the same settings as the lan <-> lan settings. So in the server <-> server configuration should be only the IP adress of the opponent wireguard/unraid server for example 192.168.1.1/32 and not the opponent LAN 192.168.1.0/24
  14. Thanks for your response Ah ok, so it is a setting for the client on the server and of course this would help in that way. My biggest problem with the wireguard plugin and the configuration is that i dont understand the peer settings in general. Is it for the client where i export the configuration or is it for the client on the server? It is really confusing for example the server <-> server configuration i configure the client on the server for connecting another server. This had me confused the most because i didnt understand that i configure there something for the client on the server and the export feature is more or less useless, but still why is there my LAN ip adress in the exportet configuration when i use server <-> server configuration. Also what is confusing me is that i can type in a private shared key into the config on the peer in the server <-> configuration or generate one. It is necessary to type in the public key from the second server and i needed so much time to figure out that this peer configuration is setting the client on the server and is not needed for exporting. When i use for example another configuration "Remote access to LAN" the settings looks exactly the same and i configure the settings for the client (laptop example) which i can export, but there is the problem when i set another IP adresses in allowed peer IP adresses nothing get exportet, only the hardcoded addresses it would be cool if it works when i type in another allowed ip adresses and it get exportet. I think it would be much more understandable when there are 2 different peer configuration, one for creating for the client on the server and one for creating connections for the external clients that will connect. Or maybe i doesnt understand the concept^^ Do you have an idea why there is this "pinging" problem i described in my second post? Why my client needs a connection to the gateway of the first tunnel? To reproduce: Create 2 tunnels and specify on tunnel 2 a peer configuration and allow only allowed peer connections to the gateway of tunnel 2. The ping on the unraid server to client will not work, when i add the gateway from tunnel 1 to the configuration the ping is working?
  15. Slowly i begin to understand how it works but i see a little security problem if someone uses only the predefined peer types without setting the firewall settings. As i see when i set in the config "Allowed IPs" only the Server IP Adress it gets copied in the config. When the user now adds another IPs adresses from the local network, these also works. So this would mean i need to create for every user an additional tunnel (and set firewall rules for networks) when the user needs other wrigts in the network because the user could add additional routes every time? Edit: Dont know if i speak with myself here but ok^^ Found out the following, pinging from my unraid server to the Remote Connected Device dont work often or for example when only connections to my server would be allowed and so i tried to debug. Found out the following. At the moment I have 2 tunnels defined Tunnel wg0 Network: 10.253.0.1 Server: 10.253.0.5 (yes this is on purpose) Tunnel wg1 Network: 10.253.1.1 Server: 10.253.1.1 Client: 10.253.1.2 When i connect a client on tunnel wg1 and i try to ping the device after success connection it isnt working. Pinging from the client the server address (10.253.1.1) is working fine. In this moment it has in Peer allowed IPs only the Tunnel wg1 Gateway defined, what is correct as i understand. When i define in the config on my client AllowedIPs also the default IP Gateway Adress (10.253.0.1/32) from Tunnel wg0, then the Ping from my unraid server to client is working. I really dont understand how this can be possible?? I didnt defined this IP anywhere on my unraid server at the moment, is it possible that wireguard still use this IP in the background? Pinging the IP Adress from my server results only in losses. I really dont understand why this happens. As it looks the unraid server pings the IP adress of the client with the Adress from Tunnel wg0. I checked the defined routes on the unraid server but they are defined correctly as i see. Also found another Bug: As i see it doesnt matter what i type into Peer allowed IPs, it will be ignored when i export the config with the eye. Testet this with server <-> server and Remote access to Server. Its funny because the setting is mandatory but it doesnt matter what i type in there^^ Feature request What i would be searching for would be a setting custom, without anything set beforehand in the allowed IPs