Ford Prefect

Members
  • Posts

    2677
  • Joined

  • Last visited

  • Days Won

    4

Ford Prefect last won the day on July 22

Ford Prefect had the most liked content!

3 Followers

Converted

  • Gender
    Undisclosed
  • Personal Text
    Don't Panic!

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Ford Prefect's Achievements

Proficient

Proficient (10/14)

282

Reputation

  1. Ok, so the WAN IP of your pfsense at your dorm is a non public IP, right? And your going to use the OVPN server at your home as the Internet edge point and a site-2-site connection between your home- and local pfsense installations. ....that should work. So, both vpn links are up and running. What exactly is not working? What IPs in which networks - local/dorm, remote/home and ovpn/transition are you able to ping from a client in your local network? Home-pfsense (192.168.1.1)? Other hosts in your home network (192.168.1.xx)? What IPs are others in your family able to ping, when connected to your home ovpn server? Best guess, as this is the typical mistake in a site-2-site setup is, that both sites need a route defined to the respective remote network. So the pfsense-home needs the route to your local net (192.168.0.0/24) as well when your local/dorm client connects. Also, this route needs to be populated to the other ovpn clients, should they not use the ovpn server IP as new default route, when connected. family clients are mobile/edge, not site-2-site, but your local ovpn client is. Gesendet von meinem SM-G780G mit Tapatalk
  2. ...no, just disable bond but keep the bridge...if there is not even an option for passive bond in unraid...can't remember right now Gesendet von meinem SM-G780G mit Tapatalk
  3. ...the rules cfg should work. Maybe the 10G link just needs more/too much time to become active. What if you swap players? Make unraid passive side and CRS active?? Gesendet von meinem SM-G780G mit Tapatalk
  4. ...as said, it must/should be the UDEV rules in network config...you should be able to tie a name (eth0) to a MAC.
  5. ...just saying that you're only able to set L2-MTU parameter on a physical Interface..a bonding interface is not a physical one. The active side (unraid) should only advertise the MAC (the unraid bond/bridge) on the active link to the CRS, so it does not get confused (as the bond will have a single MAC, that of the first NIC in it, I think). this is what MT help states: https://help.mikrotik.com/docs/display/ROS/Bonding#Bonding-active-backup active-backup This mode uses only one active slave to transmit packets. The additional slave only becomes active if the primary slave fails. The MAC address of the bonding interface is presented onto the active port to avoid confusing the switch. Active-backup is the best choice in high availability setups with multiple switches that are interconnected. Hmmm.... AFAIK the first NIC in the bond will "lend" its MAC to the bond. Normally, in unraid this is eth0. You should check and re-arrange NIC numbering in the network settings of unraid, so that the 10G is eth0. So when booting for the first time/ after reboot, the 10G should be connected in order to activate the NIC for eth0.
  6. uhmmm...maybe this the hint we need? What if "active" means that only unraid/the active part decides which link it will use? Can you try and just use *no* bond at all on the CRS (or 2nd alternative, if there is a passive backup mode?) and leave unraid in active backup mode (maybe only one partner can be active side at a time)? Will it use the 10G as long as it is connected, then the 1G if you pull the 10G on one side? (maybe order of ethX in the bond config will choose which one to use as primary). Sorry, cann't help you out with my setup, as I am travelling abroad atm. Hm...maybe it just calculates this L2 value on its own...I am not on stable version, but on long-term only. Also I did not check for a Bond-IF, only used it on a physical one, like a SFP+ port. Smells like a feature, not a bug here.
  7. Ah...verstehe...dann sollte man das kalibieren mit dem exteren Messgerät und meinem netzwerkschrank nochmal wiederholen.. ich regle das einfach rein auf der kommerziellen Seite durch mein 22kWp-"Modul" 😇 ...da bleibt immer was auf der "Haben-Seite".
  8. with the low-temp 1Gpbs, there is no need to, I think....but definitely required for 10GBase-T ones. If you dare, you could open it and check if there is a solder-pad for a fan, then actively cooling the CRS309 instead. I've done this with my CRS326. Some folks are mounting small cooling pads/chipset coolers on the transceiver sides, from what I have seen. But anything belpow 93degC should not be an issue für the S-RJ10. for VLANs with RouterOS, read this: https://forum.mikrotik.com/viewtopic.php?f=13&t=143620 That *is* weird...to my knowledge it should not do that. Which side of the DAC did you pull...unraid or CRS? reading that post, I believe that I was referring to the unraid side, when talking about the bridge....maybe because you were going to deploy DUAL 10G cards, weren't you? You should not need to use an extra bridge in the CRS, also because only the first bridge will do/allow hardware-offloading. In the CRS, you should have *one* bridge. Then connect all ports to that bridge (under bridge - ports) to form a proper switch This is your starting point. When creating the bond, remove the (two) to-be-bonded ports from the bridge, then under interface-bonding create a bonding interface and attach the two physical ports/interfaces you previously removed from the bridge to it. Then add the bonded interface to the bridge. I must admit I never tested failover bonds, as I only used LACP/802.3ad bonds, which worked fine. that also should work. I have my 10G links between MT-Switches set to 9000MTU without a problem. Not using it on my clients/servers though, as I have too many WiFi ones anyway. Be aware, that you should set the L2-MTU to a higher value than the L3-MTU (which is what you use, when just naming it MTU). As you are mixing a 10G und 1G link in that bond, question is what is better...9000 for the bond, assuming that the 10G will be prime most of the time and the 1G will "suffer", when failover occurs or just keep 1500, which will work Ok for 10G as well. besides the move with the extra bridge, I would not do, I don't see an obvious flaw in your setup....so I am out of my wits here. You maybe should ask the experts, over in the MT forum: https://forum.mikrotik.com/index.php Provide the info of your setup (analog to diagnostics zip of unraid) from the CRS (/export hide-sensitive file=anynameyoulike) ...that all looks OK for me.
  9. When at a dorm, most likely the WAN connection will stay tied to that MAC address. I found this the default behavior in many sites, when I stayed there during my university time....which is a couple of years back, but these things tend to be resilient to change. With the WAN NIC passed through, you are at least not as vulnerable as with your initial setup. Whether you can provide services to others outside will depend on how the real WAN Setup is designed by your dorm Administrator. Most likely you are in a double NAT situation, where this will not be as easy as with the regular setups. Look into using an external VPN service for you and your friends, if this is the case. Gesendet von meinem SM-G780G mit Tapatalk
  10. ...the ideal and hence recommend way is to build a cache pool from two drives of the same size and technology (SSD or PCIe NVMe,) so that size and performance are matched for the devices in the pool. With mixed sizes, I think, btrfs at least will create copies of the meta-data on the second for redundancy. But I am no expert in this. Gesendet von meinem SM-G780G mit Tapatalk
  11. ...was ist ein Glühfaden anderes, als eine ohmsche Last? Die Standardabweichung einer Glühbirne, vermarketet als XX Watt ist schon sehr gut. Ich habe die Glühbirne vorher mit meinem externen Messgerät gemessen..das waren dann zB 99W...diesen Wert habe ich in der Firmware des SmartPlug dann zur "eihung" benutzt. Da sind nur Stecker-NTs fürs Modem, Router, Switches, 120W Laptop-NT für die Pico-PSU und der PoE-Injektoren dran.
  12. The best next option, besides running a dedicated, non-virtual pfsense box, is to have all NICs physical passed through for the pfsense-VM. pfsense is for routing and firewall. Hence it should at least have two NICs passed through (maybe a third for a DMZ)...one for WAN to your ISP(-modem) and one for LAN. The NIC dedicated in the pfsense for LAN should go into a physical Switch. When adding another NIC (for WAN), the one for LAN should be your 1Gbps on-board NIC. There is no need to use a higher spped than 1Gbps NIC for LAN in pfsense unless, either your WAN (ISP) is above a 1Gbps connection you want to route internally, like inter--(V)LAN routing, between clients on diffent networks. You then connect unraid with its dedicated NIC to the physical Switch as well. Should you wish to use the 2.5G for unraid, your switch should support that. As a hybrid solution, with only your two onboard NICs, you could go with: use the 1Gbps NIC for WAN, physically passed through to pfsense-VM use the 2.5G NIC for LAN/unraid...configure this as a bridge (even enable VLANs, if you wish) - AND connect it to the physical switch This is the only option to provide 2.5 for clients in your network connect LAN port of pfsense-VM via virtio to the unraid bridge - use this IP as default gateway.
  13. @Bushtrocitythe board has two NICs for use with the OS...at least one of them will work out of the box...I remember that one (both are slightly different chipsets) wasn't stable when ASPM/energy management was turned on for the NICS or PCI. You can use IPMI on the first NIC as well - even in parallel to a booted OS running - no need to only use the dedicated IPMI NIC. Set a fixed IP for IPMI in the BIOS on that NIC.
  14. AFAIK the most models of the P400 are even x16 cards. Don't know if the slots are open-ended in the Dell T340, so that it can fit.
  15. ...sound good! Nice progress you made ... thanks for sharing Ummm... so you bought the 10G S-RJ10 tranceivers....according to your diagramm, they are sitting next to each other....please don't do that but rather mix them, so that only every 2nd port is populated with one....you can have a fiber or DAC port between them populated just fine. according to specs...even 90+ degC should not be an issue. That's what I thought....bonds are working better within the same switch/chip Well, you could - according to your diagram, move one unraid bond to the css610 to gain some space and free up a RJ45 transceiver as well. ...or upgrade to: https://www.eurodk.de/de/products/crs/cloud-router-switch-317-1g-16srm ...Xmas is coming, after all Edit: ...and you could, should you wish to free up that "raw-internet"-wire between Media- and server-room, tunnel this via a dedicated VLAN connection accross CSS610/CRS309/CSS610/WAN-Router did you finally move the Mellanox to the x1 slots, then?