Jump to content

dnLL

Members
  • Content Count

    170
  • Joined

  • Last visited

Community Reputation

5 Neutral

About dnLL

  • Rank
    Advanced Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I'm happy to hear about this. I will wait for the stable version, hopefully soon. Sent from my Pixel 3 using Tapatalk
  2. I'm having the same issue of high disk writes on btrs cache with dockers. This seems to be very well known... My SSDs are are 35 days old, my server didn't do much (the mover barely moves anything) and yet, 25 TBW on both SSDs. They're 500G SSDs, so that's 50x their size in a month with a server idling 99.999% of the time. Insane.
  3. I noticed the docker doesn't ping anymore now that it's in a different subnet. I can access the webUI just fine, but pings don't work. I see the ICMP requests go through my pfSense, just no reply from the docker. It works with dockers that are in the same subnet as the host, and it also works for VMs that are in that specific separate subnet (which is a separate VLAN). Networking is so complicated. Trying to fix the ping issue for my monitoring server... eh... EDIT: it's only THIS specific docker that has the issue. And pings work fine if I disable VPN. So I guess it has something to do with the docker itself. It's all right, I'll just stop monitoring pings on a docker haha.
  4. Just got it working without editing the routing table. I just edited the docker settings instead, enabling br0.2, then selected br0.2 for the qbittorrentvpn docker and changed the IP to 10.1.2.54 and done. It's now sharing that other dedicated VLAN with the developer VM. It would probably be a better idea for me to put it in its completely separate VLAN but that will do for now, as I would need to shut down all the VMs/shares to edit the network settings and I can't do that right now (hosting some semi-important stuff). Thanks for your help by the way, happy you immediately found the issue. I will probably do some network redesign next time I do a planned maintenance.
  5. I'm still learning when it comes to networking (I started this pfSense project from scratch), what I currently have is my LAN network on 10.1.1.0/24 and I have a couple of VLANs on different /24 subnets. All of my "safe" LAN devices (such as my desktop, my server and most of its VMs and dockers) are in that same subnet. In Unraid, I have eth0 with "VLAN number" set to 2 because I have one VM using br0.2 instead of br0. That VM is in its own separate VLAN. When it comes to the routing table however, I only have what I consider to be the default settings: Not sure what to add/edit exactly. I wouldn't mind the docker to be in the 10.1.3.0/24 subnet but I guess it would require some additional route and/or something on the pfSense side since that subnet just doesn't exist currently for pfSense. I guess this is more of a general Unraid and routing question that has nothing to do with this thread at this point.
  6. Ah, and why is that? It works with the other containers. I guess I'm just going to put it in a separate VLAN then. What if I change the lan network to a smaller subnet? I'm not using the default bridge because it's easier for me to monitor the docker when it has a different IP address than the server (I use CheckMK to monitor) and also because I would have other dockers trying to be on port 8080 which would be a problem as well (since most templates aren't designed to modify that setting even when it's there).
  7. I disabled the rule just to be safe. It didn't fix the issue. I guess I'm gonna run some wireshark diag next...
  8. FWIW 10.1.1.54 responds to ping. Here are the screenshots requested, I removed the user/pass again: https://imgur.com/a/ccdLClH
  9. If I put ENABLE_VPN to false, webUI works. Which made me think it isn't a firewall issue. I don't have a pi-hole, I do use pfSense however as my router (and pfBlocker-NG is disabled). 10.1.1.54 and 10.1.1.102 are in the same VLAN so they don't go through pfSense at all, shouldn't be a firewall issue (especially considering it works with VPN disabled in the docker settings). However, the DNS settings... I am really not sure of as I do have a rule that redirects all the trafic on port 53 to pfSense itself.
  10. Right. So I installed new gen, it did fix the error, in fact I have no error at all anymore in my log... but the webUI won't work from local network (trying to access 10.1.1.54:8080 from 10.1.1.102). Here is the full log, with user/pass removed: https://hastebin.com/yorasuyoxe.swift
  11. This docker has been a source of frustration forever because of my inhability to make the VPN part of it working. I gave up multiple times in the past but would like to try again and make it work this time. So, installed the docker from scratch... I added the crt, perm and ovpn files from PIA in the /config/openvpn folder. I tried Toronto and Montreal, both supporting port forwarding. The docker template settings I have: Network Type: br0 Fixed IP: 10.1.1.54 Privileged: On Host Ports: all default VPN_ENABLED: yes VPN_PROV: pia STRICT_PORT_FORWARD: yes LAN_NETWORK: 10.1.1.0/24 NAME_SERVERS: 1.1.1.1 DEBUG: true The error: 2020-10-13 14:55:24,366 DEBG 'start-script' stdout output: [info] PIA endpoint 'ca-toronto.privateinternetaccess.com' is in the list of endpoints that support port forwarding ... 2020-10-13 14:55:54,612 DEBG 'start-script' stdout output: [warn] Unable to download json for dynamically assigned port, exiting script... [info] Port forwarding failure, creating file '/tmp/portfailure' to indicate failure... The portfailure file is empty. I would really like to make this work eventually.
  12. Worked perfectly for me with a X11SCH-LN4F motherboard, didn't even have to reboot and no need to edit syslinux.cfg. pfsense VM immediately recognized both ports (be careful to use i440fx, if you use Q35, the ports will only be detected if they have active connections which is not exactly what we want for pfSense). Haven't rebooted yet, unsure if Unraid will try to take the ports for itself, if so I'll do some syslinux.cfg magic but don't think that will be necessary at this point.
  13. Sorry if it's already been discussed (couldn't find in the original post) but my motherboard has 4 Intel I210 controllers each with their separate port, with lspci -n I see this: 02:00.0 0200: 8086:1533 (rev 03) 03:00.0 0200: 8086:1533 (rev 03) 04:00.0 0200: 8086:1533 (rev 03) 05:00.0 0200: 8086:1533 (rev 03) Now, adding 8086:1533 to my syslinux.cfg, will Unraid still be able to use the first 2 ports (0200 and 0300, which I'm curently using in bond0) while I'd like to passthrough 0400 and 0500 to a pfSense VM?
  14. I have a X11SCH-LN4F and as soon as I type modprobe i915 in the console, I lose video output in the console. I didn't have that issue on my older ASRock Rack motherboard but that one had a separated GPU chip onboard on top of the IGP from the CPU. Anyways, personally I don't need the console image once Unraid is booted up so that's not too much of an issue. If you really want a workaround, I guess that would be to get a dedicated GPU and have both the IGP and the GPU enabled, the IGP being used for the console video output.
  15. Found the issue. Aug 8 19:25:45 server root: Starting go script Aug 8 19:25:45 server kernel: Linux agpgart interface v0.103 Aug 8 19:25:45 server kernel: i915 0000:00:02.0: enabling device (0000 -> 0003) Aug 8 19:25:45 server kernel: i915 0000:00:02.0: can't derive routing for PCI INT A Aug 8 19:25:45 server kernel: i915 0000:00:02.0: PCI INT A: not connected Aug 8 19:25:45 server kernel: [drm] VT-d active for gfx access Aug 8 19:25:45 server kernel: checking generic (91000000 300000) vs hw (80000000 10000000) Aug 8 19:25:45 server kernel: [drm] Replacing VGA console driver Aug 8 19:25:45 server kernel: [drm] Supports vblank timestamp caching Rev 2 (21.10.2013). Aug 8 19:25:45 server kernel: [drm] Driver supports precise vblank timestamp query. Aug 8 19:25:45 server kernel: i915 0000:00:02.0: BAR 6: can't assign [??? 0x00000000 flags 0x20000000] (bogus alignment) Aug 8 19:25:45 server kernel: [drm] Failed to find VBIOS tables (VBT) Aug 8 19:25:45 server kernel: [drm] Initialized i915 1.6.0 20180719 for 0000:00:02.0 on minor 0 Aug 8 19:25:45 server kernel: [drm] Cannot find any crtc or sizes Aug 8 19:25:45 server kernel: [drm] Cannot find any crtc or sizes Aug 8 19:25:45 server kernel: [drm] Finished loading DMC firmware i915/kbl_dmc_ver1_04.bin (v1.4) Which comes from: root@server:~# cat /boot/config/go #!/bin/bash #Set up drivers for HW transcoding in Plex modprobe i915 chmod -R 777 /dev/dri # Start the Management Utility /usr/local/sbin/emhttp & Might be useful for someone else, if you enabled modprobe i915 and then suddently swaps hardware... it might become a problem. Now I will need to figure out how to do hardware transcoding with this new server based off the E-2278G IGP but that's for another thread ;-).