Jump to content

ljm42

Moderators
  • Content Count

    1791
  • Joined

  • Last visited

  • Days Won

    8

Everything posted by ljm42

  1. The short answer is yes. The longer answer is that from a WireGuard perspective there isn't really a difference between a server and a client, everything is a "peer". We tend to use the server/client terminology here because we are comfortable with it.
  2. Then you have misconfigured the "Local tunnel address" in your WireGuard config. You should start over, and leave the local tunnel address at the default. The tunnel is not part of your LAN and cannot share the same IP range.
  3. It is unlikely that network discovery will work over the VPN connection, but you should be able to connect via IP address. The WireGuard quickstart thread is a better place for this conversation: https://forums.unraid.net/topic/84226-wireguard-quickstart/ Currently you are in the thread that discusses making a connection to a commercial VPN provider.
  4. ljm42

    Squid is 50!

    Happy Birthday @Squid !
  5. Nothing stands out. I would probably try a different client next.
  6. This is the thread you are looking for. It is linked in the OP:
  7. From the troubleshooting section of the quickstart guide:
  8. At some point "nested virtualization by default" was removed. See this thread for info on how to add it by modifying your syslinux file:
  9. Interesting, the hotspot must be blocking the UDP port. I would not have guessed that. Glad you were able to get it working!
  10. I'm assuming your phone is connecting via data and not wifi, that eliminates any local network issues. What about the laptop? Is it already on the same network as the server? If so, that won't work. The laptop needs to be on a different network (perhaps you could use your phone as a hotspot to test with)
  11. There is an easy fix. Search the first post in this thread for "Aspeed IPMI" or "nomodeset":
  12. Google has a handful of results for "Retrying handshake because we stopped hearing back after 15 seconds", macOS seems to be a common thread. I don't see any solutions though, not sure what to suggest.
  13. Great! Glad you were able to get it working. The ports can be the same or different, doesn't matter. I was just keeping with the theme of using a "1" in the Network1 items and a "2" in the Network2 items
  14. I'd guess that your VPN clients are unable to access the pi-hole VM at all. I have the same problem, where clients connecting to WireGuard VPN on my main Unraid system are unable to communicate with a second install of Unraid running in a VM. Haven't figured that one out yet.
  15. WireGuard and OpenVPN do not share configuration files. They are very different. It is possible to route your server's traffic through a WireGuard VPN Provider, more details here:
  16. Not sure exactly. Name resolution for a private network over VPN is messy, but you did provide a DNS server so it seems like it would work. Unless maybe .local doesn't route? I don't honestly know. As mentioned in OP, I add a hosts file to the client to make sure "tower" can resolve.
  17. I believe this is the problem. Once you establish the tunnel there are two routes for the servers to communicate and things get confused. The two servers need to be on different networks.
  18. For those that are interested in LAN to LAN WireGuard connections:
  19. It is possible to setup a LAN to LAN VPN connection between two Unraid systems running Wireguard. The steps below should work on simple networks, if yours is more complicated then you'll need to figure out how to adapt it. This assumes you already have at least one working WireGuard connection and are familiar with how it works. First, gather the following information for your two networks. The names and numbers below are samples, you'll need to adjust for your situation: Network1: 192.168.1.0/24 Router1: 192.168.1.1 Unraid1: 192.168.1.50 Endpoint1 DNS: network1.duckdns.org Endpoint1 Port: 52001 Network2: 192.168.2.0/24 Router2: 192.168.2.1 Unraid2: 192.168.2.50 Endpoint2 DNS: network2.duckdns.org Endpoint2 Port: 52002 VPN Tunnel: 10.252.100.0/24 Unraid1 tunnel IP: 10.252.100.1 Unraid2 tunnel IP: 10.252.100.2 A few things: Note that Network1 and Network2 *have* to be different. For instance, you can't connect two networks that both use the 192.168.0.0/24 subnet. You also need to pick a VPN Tunnel subnet that is not being used on either network, it must be unique. You need to setup DDNS for both networks as well. LSIO has a nice Duck DNS docker you can use if needed. On Unraid1: Create a new Tunnel named "Network1-Network2". Don't add a peer to an existing tunnel, it is better if this is a separate tunnel so you can easily turn it off without affecting your other WireGuard connections. Switch to Advanced Mode Click "Generate Keypair". These are the private and public keys for Unraid1, you will need them later. Set the "local tunnel network pool" to the "VPN Tunnel" you chose above Set the "local tunnel address" to the "Unraid1 tunnel IP" from above Set the "Local endpoint" to the "Endpoint1 DNS" and "Endpoint1 Port" defined above Click Apply Click Add Peer Name it "Unraid2" Choose "LAN to LAN access" Click "Generate Keypair". These are the private and public keys for Unraid2, you will need them later. Click "Generate Key". This is the preshared key, you will need it later. Set the "Peer tunnel address" to the "Unraid2 tunnel IP" defined above Set the "Peer endpoint" to the "Endpoint2 DNS" and "Endpoint2 Port" defined above Set "Peer allowed IPs" to the "VPN Tunnel" and "Network2" defined above, with a comma between. i.e. "10.252.100.0/24, 192.168.2.0/24" Click Apply Start the Tunnel On Router1: If UPnP is disabled, setup a port forward for "Endpoint1 Port" (UDP) that points to "Unraid1" Setup a static route for all of "Network2" that is routed through "Unraid1". Note that if your router asks for a subnetmask, 255.255.255.0 is the equivalent of /24. Setup a second static route for "VPN Tunnel" that also is routed through "Unraid1". On Unraid2: Create a new Tunnel named "Network2-Network1". Switch to Advanced Mode Copy the private and public keys for Unraid2 that you determined above. Take care to use the correct keys or none of this will work. Set the "local tunnel network pool" to the "VPN Tunnel" you chose above Set the "local tunnel address" to the "Unraid2 tunnel IP" from above. Set the "Local endpoint" to the "Endpoint2 DNS" and "Endpoint2 Port" defined above Click Apply Click Add Peer Name it "Unraid1" Choose "LAN to LAN access" Copy the private and public keys for Unraid1 that you determined above Copy the preshared key from above Set the "Peer tunnel address" to the "Unraid1 tunnel IP" defined above Set the "Peer endpoint" to the "Endpoint1 DNS" and "Endpoint1 Port" defined above Set "Peer allowed IPs" to the "VPN Tunnel" and "Network1" defined above, with a comma between. i.e. "10.252.100.0/24, 192.168.1.0/24" Click Apply Start the Tunnel On Router2: If UPnP is disabled, setup a port forward for "Endpoint2 Port" (UDP) that points to "Unraid2" Setup a static route for all of "Network1" that is routed through "Unraid2". Setup a second static route for "VPN Tunnel" that also is routed through "Unraid2". Hopefully at this point your tunnels will connect and devices on one network will be able to reach devices on the other network (by IP address at least, probably not by name) Troubleshooting this will be tough, there is a lot of room for error. I don't have a lot of advice here, just double check that you are using the right values for Unraid1 vs Unraid2 and Network1 vs Network2, etc.
  20. Looks like this was included in 6.8.2, great! TLSv1 and v1.1 were removed, now v1.2 and v1.3 are available. If you modified your go script as described above, you should remove it.
  21. This was added to 6.8.2, please remove any additions you made to your go script and restest
  22. Oh sorry I got Minio and Arq confused. I updated my note to be more clear to others. It sounds like the upcoming changes to Arq will probably solve your issues, which is great! Hopefully there aren't a lot of other software packages that need to put 200k files in a single directory My system is six years old but still going strong. I have a Xeon E3-1240 v3 processor on an ASRock E3C226D2I mobo with 16 GB RAM. I was testing on a 4TB Seagate NAS drive plugged into an onboard SATA 3 port. My dockers and a VM were running at the time, but it was not under heavy load. Interestingly, I also tried it with a 12 TB Seagate Ironwolf drive and performance was slightly worse. Nothing really significant, just a little surprising. Nice job on the script BTW, it helped me understand that while there is overhead to the user share system, it takes some pretty extreme values to make it an issue.
  23. I'm guessing users wouldn't purposefully put 200k files in a single directory, but for the OP the issue is the Minio Arq backup software. Using Unraid as a backup destination seems like a great idea, and a user share would be ideal since it can grow larger than one disk. If storing this many files in a single directory is a common behavior for backup software, it will probably affect quite a few people. Not sure what to suggest. Maybe the OP can find a way to set a maximum number of files Minio Arq will put in a given directory? Or maybe split the backups up so that they will fit on individual disks without needing to use a user share? Or maybe there is a comparable backup package that organizes its files in a more compatible way?
  24. Here are the stats for my system: 100K files 200K files 6.7.2 Disk|SHFS: 0.22| 3.54 0.48| 5.59 6.8.1 HL Off: Disk|SHFS: 0.23| 4.86 0.46| 13.11 6.8.1 HL On: Disk|SHFS: 0.23| 15.64 0.51| 31.47 Unraid is running on bare metal. The share it is writing to is restricted to a single drive, so SHFS didn't have to merge content from multiple places, if that makes a difference. There is a significant slowdown going from 6.7.2 to 6.8.1 as the number of files increases. When Hard Link support is enabled the slowdown becomes extreme.