dnLL

After unmounting a drive, I'm getting this error: May 7 21:37:10 server kernel: usb 2-4: USB disconnect, device number 2 May 7 21:37:10 server kernel: sd 9:0:0:0: [sdh] Synchronizing SCSI cache May 7 21:37:10 server kernel: sd 9:0:0:0: [sdh] Synchronize Cache(10) failed: Result: hostbyte=0x01 driverbyte=0x00 Just wanna make sure that I'm not doing anything wrong, what's SCSI cache here? I assume this has nothing to do with my Unraid cache but...

So any idea how to debug the webUI not working when vpn is enabled?

Also note that the webUI works perfectly with VPN_ENABLED set to no. I'm accessing the docker from the same VLAN/subnet so the firewall shouldn't be an issue here (everything is allowed on that VLAN/subnet anyway).

Just noticed the VPN IP is part of RFC 1918 reserved IPs for private (local) networks, is that normal? Tried Spain and Israel servers. 2020-04-12 10:02:52,603 DEBG 'watchdog-script' stdout output: [info] qBittorrent process listening on port 8080 2020-04-12 10:02:52,666 DEBG 'watchdog-script' stdout output: [debug] VPN incoming port is 38328 [debug] qBittorrent incoming port is 38328 [debug] VPN IP is 10.12.11.6 [debug] qBittorrent IP is 10.12.11.6 That's confusing. As for qbittorrent.log, 10.1.1.54 being the docker IP: (N) 2020-04-12T10:02:52 - qBittorrent v4.2.3 started (N) 2020-04-12T10:02:52 - Using config directory: /config/qBittorrent/config/ (N) 2020-04-12T10:02:52 - qBittorrent v4.2.3 started (N) 2020-04-12T10:02:52 - Using config directory: /config/qBittorrent/config/ (I) 2020-04-12T10:02:52 - Trying to listen on: 0.0.0.0:49121,[::]:49121 (N) 2020-04-12T10:02:52 - Peer ID: -qB4230- (N) 2020-04-12T10:02:52 - HTTP User-Agent is 'qBittorrent/4.2.3' (I) 2020-04-12T10:02:52 - DHT support [ON] (I) 2020-04-12T10:02:52 - Local Peer Discovery support [ON] (I) 2020-04-12T10:02:52 - PeX support [ON] (I) 2020-04-12T10:02:52 - Anonymous mode [OFF] (I) 2020-04-12T10:02:52 - Encryption support [FORCED] (I) 2020-04-12T10:02:52 - IP geolocation database loaded. Type: DBIP-Country-Lite. Build time: Tue Mar 31 19:49:13 2020. (N) 2020-04-12T10:02:52 - Using built-in Web UI. (N) 2020-04-12T10:02:52 - Web UI translation for selected locale (en) has been successfully loaded. (N) 2020-04-12T10:02:52 - Web UI: Now listening on IP: *, port: 8080 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 127.0.0.1, port: TCP/49121 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 127.0.0.1, port: UDP/49121 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 10.12.11.6, port: TCP/49121 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 10.12.11.6, port: UDP/49121 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 10.1.1.54, port: TCP/49121 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 10.1.1.54, port: UDP/49121 (N) 2020-04-12T10:02:52 - Web UI: Now listening on IP: *, port: 8080 (N) 2020-04-12T10:02:52 - Web UI: Now listening on IP: *, port: 8080 (I) 2020-04-12T10:02:52 - Trying to listen on: 0.0.0.0:38328,[::]:38328 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 127.0.0.1, port: TCP/38328 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 127.0.0.1, port: UDP/38328 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 10.12.11.6, port: TCP/38328 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 10.12.11.6, port: UDP/38328 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 10.1.1.54, port: TCP/38328 (I) 2020-04-12T10:02:52 - Successfully listening on IP: 10.1.1.54, port: UDP/38328 (I) 2020-04-12T10:02:55 - Detected external IP: 185.77.248.2

Just switched servers since Canadian ones are broken (for port forwarding). According to supervisord.log, everything is working. I don't see anything special in qBittorrent.log either aside from the correct VPN IP. However, the webUI doesn't work, despite both logs saying it's now listening on port 8080. Is there a different log for the webUI hidden somewhere?

I feel like an idiot. That's the part I was missing. Thank you for the info, basically if you really want all the communications to go through pfSense, you need a dedicated VLAN for every VM. Which makes sense now that I think about it since I've been reading about some people doing exactly that...

Just tested it and it works with a VLAN, I'm fully able to isolate the VM however I want through regular pfSense rules. I guess my questions now are just to help me understand what makes the traffic go through pfSense when on a VLAN and not through pfSense if no VLAN.

But how does it work by default? Like, if I create a VM, it does get a DHCP address from pfSense. But traffic doesn't route through pfSense. How does that make sense? Put it another way, why will a VLAN force traffic to go through pfSense basically? That will work for my need (since I basically want to isolate 1 VM) so I'll go and test it now, but I'm trying to understand the inner workings, why default routing doesn't go through the router and why it will with a VLAN.

From another thread, I now understand I can't really have the communication between dockers and the Unraid host going through my pfSense router because of the way the docker engine is built, sharing ressources with its host. Can't get DHCP to work with dockers either. Now, my question remains about how to have VMs to host and host to VMs communications go through pfSense rather than be handled within the Unraid host itself. I probably need to edit the routes but last time I played with the routes, I locked myself out my Unraid host.

Interesting. So static IPs that magically "fit" into my network design are the best option if I can't have DHCP reservations and do need fixed IPs for whatever reason, correct? And if I want network isolation... well, that means I need hardware isolation which means dockers isn't adapted for that specific need and I should use VMs, correct? I'm looking at Wireshark right now and when my dockers are talking to the WAN, they do go through my router and the firewall (ie. having a static IP, I could block communications of a specific docker to the WAN). They also go through pfSense if they have to talk to my desktop. However, they don't go through pfSense when they're talking to anything related to Unraid (host, VM or docker), it stays inside Unraid network. Is there any way to configure Unraid networks to actually go through my firewall? I made a separate thread for this:

This is an old thread/post but I can't find accurate information anywhere. Can't dockers get IP addresses assigned by my DHCP server (which is my pfSense router) rather than having Unraid just giving them the first "free" address (which bypasses completely the DHCP server which can create IP duplicates if not configured in a separate subnet)? What if I would like to have my router (pfSense) in-between my dockers and the LAN? I guess it's just a limitation of the docker engine since it shares the host's ressources such as the NIC.

Hi yall, Currently, when I create a VM, it gets an IP address from my pfSense router. However, if I create a docker on br0, it gets the first IP after Unraid's IP even if that IP is already used on pfSense. In fact, I don't see the dockers at all in pfSense, as if Unraid was doing the DHCP itself. I would like that to change, to have my pfSense acts as the DHCP for both my VMs and my dockers. Another thing I noticed about VMs: when VMs communicate between each other (or with the host), they don't go through my pfSense router at all, all the communications are handled within Unraid. So, even if I create rule within pfSense to prevent VM 1 to talk to VM 2, that doesn't work since the traffic never reaches pfSense. That's also something I would like to change, I would like all the traffic to go through my firewall. I pretty much use the default network settings, with a bonding between my 2 network interfaces on my server. Here is the configuration of my 2 network interfaces: And here is pretty much what I think is the default routing table for Unraid, at least I didn't make any chance that I am aware of (and need help to understand what's really going on 172.17.0.0/16 and 192.168.122.0/24 since I don't use these networks and don't really want Unraid to use them): My goal at the end is to be able to actually use my pfSense firewall to prevent one specific VM from reaching anything else on the local network besides port 53 on pfSense for DNS purposes. There are most likely multiple ways to do that, but I kinda like the idea of having the traffic to go through the pfSense, this way I can properly monitor what's going on on my local network.

Just tested it and you are 100% right I had these setup for no reason. Can't delete the last one (LAN) however, the UI is preventing me from deleting the last network.

I just configured the whole thing this morning and it went like a breeze. Very very easy to figure everything out with some very basic knowledge and ability to read the manuals (which are both awesome ressources whether it's for UniFi or pfSense). My AP is directly behind pfSense, all I had to do on the UniFi controller is basically to create 2 networks in 2 different subnets, have one of them with a VLAN tag id, create my 2 wireless networks with the guest assigned to that vlan ID and relay all the DHCP stuff to pfSense. On pfSense, had to enable the interface the AP is plugged in and I added my main subnet in there (the safer wifi one), then I created a VLAN under that interface with the same ID as previously and I configured it in the same different subnet as I did in UniFi and bam, job's done, IPs get assigned properly. AFter that it's only a matter of creating firewall rules.

I'm hijacking this thread a little bit but I had duplicati taking care of backuping my /boot/config stuff amongsts other things and it doesn't work anymore with the new permissions and... I can't change the permissions apparently even as root on my server. I know I could use the backup tools in Community Application but I like having everything centralized.

I'm not sure I fully understand the issue here. You can pass GPUs to VMs (whether they're from nVidia or AMD). You can use your IGP to transcode inside a docker (I do it with Plex and my Intel IGP currently). What do nVidia users want to do exactly? Use hardware decoding directly in Unraid? Don't throw rocks at me, just trying to understand.

Can't put it on port 80 whatever I do. Seems like the available settings don't actually do anything, it keeps mapping port 8080 even if I put port 80 for webui and host port 2 and 80 in the app settings too. We should have the option...

Noticed the server I'm using doesn't support port fowarding? Can't use anything in the US??? 2020-02-29 22:30:59,893 DEBG 'start-script' stdout output: [info] ca-toronto.privateinternetaccess.com [info] ca-montreal.privateinternetaccess.com [info] ca-vancouver.privateinternetaccess.com [info] de-berlin.privateinternetaccess.com [info] de-frankfurt.privateinternetaccess.com [info] sweden.privateinternetaccess.com [info] swiss.privateinternetaccess.com [info] france.privateinternetaccess.com [info] czech.privateinternetaccess.com [info] spain.privateinternetaccess.com [info] ro.privateinternetaccess.com [info] israel.privateinternetaccess.com [info] Attempting to get dynamically assigned port... Got it working with the Toronto VPN but eh...

Got it working WITHOUT vpn enabled. Now, if I enable VPN, I get this: 2020-02-29 22:26:14,822 DEBG 'start-script' stdout output: [warn] Response code 000 from curl != 2xx [warn] Exit code 7 from curl != 0 [info] 10 retries left [info] Retrying in 10 secs... I'm using PIA, not sure what's wrong, the error is very generic? Do I need to port forward something? root@server:~# ls -l /mnt/user/appdata/qbittorrentvpn/openvpn/ total 16 -rwxrwxr-x 1 nobody users 2025 Oct 22 17:06 ca.rsa.2048.crt* -rwxrwxr-x 1 nobody users 20 Feb 29 22:25 credentials.conf* -rwxrwxr-x 1 nobody users 869 Oct 22 17:06 crl.rsa.2048.pem* -rwxrwxr-x 1 nobody users 3170 Feb 29 22:25 us2-aes-128-cbc-udp-dns.ovpn*

Just noticed the supervisord.log file in appdata, please ignore my last post I'm dumb.

So... totally new to this docker... installed it from CA, put my PIA credentials in there... but the docker won't start. Nothing in /var/log/docker.log, and I have this in /var/log/syslog: Feb 29 11:08:14 server kernel: docker0: port 1(veth979aba4) entered blocking state Feb 29 11:08:14 server kernel: docker0: port 1(veth979aba4) entered disabled state Feb 29 11:08:14 server kernel: device veth979aba4 entered promiscuous mode Feb 29 11:08:14 server kernel: IPv6: ADDRCONF(NETDEV_UP): veth979aba4: link is not ready Feb 29 11:08:14 server kernel: docker0: port 1(veth979aba4) entered blocking state Feb 29 11:08:14 server kernel: docker0: port 1(veth979aba4) entered forwarding state Feb 29 11:08:14 server kernel: docker0: port 1(veth979aba4) entered disabled state Feb 29 11:08:14 server kernel: eth0: renamed from vethda9dccf Feb 29 11:08:14 server kernel: IPv6: ADDRCONF(NETDEV_CHANGE): veth979aba4: link becomes ready Feb 29 11:08:14 server kernel: docker0: port 1(veth979aba4) entered blocking state Feb 29 11:08:14 server kernel: docker0: port 1(veth979aba4) entered forwarding state Feb 29 11:08:15 server kernel: vethda9dccf: renamed from eth0 Feb 29 11:08:15 server kernel: docker0: port 1(veth979aba4) entered disabled state Feb 29 11:08:15 server kernel: docker0: port 1(veth979aba4) entered disabled state Feb 29 11:08:15 server kernel: device veth979aba4 left promiscuous mode Feb 29 11:08:15 server kernel: docker0: port 1(veth979aba4) entered disabled state I tried bridge, host and custom modes as network types. Also tried the debug flag. Haven't done anything else yet (didn't see any special instruction in the first post of this thread so I assumed it would work without any extra setup). Never had any problem with anything else from binhex or dockers in Unraid in general.

Completely new to the Unifi world, thinking of purchasing an AP I just installed the LTS version of this docker to see what I can expect. Is the memory leak issue only happening in the latest version or is it also the case in LTS (5.6.x)? If their software is flawed it's hard to trust their hardware and the company as a whole, unless the memory management is purely related to lsio's implementation of the software inside docker. Bonus question not really related to the docker: I assume this software with one AP plugged into my pfSense box will allow me to have pretty much complete control over my WiFi? I want guests to be on a separate SSID and ideally a different network subnet to restrict their access to the local network and I want pfSense to handle most of it (DHCP/DNS/firewall/etc) if possible

Found it with a recursive grep, had to purge the content of /tmp/reboot_notifications. Deleting it would probably work too, haven't tried.

How to disable the yellow bar alert that says I need to reboot my server? I hit the disable button and then re-enabled it immediately since I don't want to reboot and want to get rid of the message. I tried removing the plugin but that yellow alert is still there and there is no X.

Hi y'all, My check_mk monitors my syslog just in case something weird happens and it detected the print_req_error below, twice today simultaneously and the same thing last week. It happened both times while I was updating plugins... so writing to the flash drive. Is my flash drive about to die? I have 226d of uptime currently and don't plan on rebooting for a while still (probably at least until ~6.9.0), I'm on 6.7.0. I do have weekly backups of my flash drive with smart retention (12 months) so it's not a problem to restore my config if need be. It's the 2 same sectors both times... not sure if that's great or not. Unraid webUI has it at 0 error still. Jan 17 02:35:41 server kernel: sd 0:0:0:0: [sda] tag#0 UNKNOWN(0x2003) Result: hostbyte=0x00 driverbyte=0x08 Jan 17 02:35:41 server kernel: sd 0:0:0:0: [sda] tag#0 Sense Key : 0x3 [current] Jan 17 02:35:41 server kernel: sd 0:0:0:0: [sda] tag#0 ASC=0x11 ASCQ=0x0 Jan 17 02:35:41 server kernel: sd 0:0:0:0: [sda] tag#0 CDB: opcode=0x28 28 00 00 00 f8 1e 00 00 40 00 Jan 17 02:35:41 server kernel: print_req_error: critical medium error, dev sda, sector 63518 Jan 17 02:35:41 server kernel: sd 0:0:0:0: [sda] tag#0 UNKNOWN(0x2003) Result: hostbyte=0x00 driverbyte=0x08 Jan 17 02:35:41 server kernel: sd 0:0:0:0: [sda] tag#0 Sense Key : 0x3 [current] Jan 17 02:35:41 server kernel: sd 0:0:0:0: [sda] tag#0 ASC=0x11 ASCQ=0x0 Jan 17 02:35:41 server kernel: sd 0:0:0:0: [sda] tag#0 CDB: opcode=0x28 28 00 00 00 f8 5e 00 00 80 00 Jan 17 02:35:41 server kernel: print_req_error: critical medium error, dev sda, sector 63582 Jan 24 18:50:39 server kernel: sd 0:0:0:0: [sda] tag#0 UNKNOWN(0x2003) Result: hostbyte=0x00 driverbyte=0x08 Jan 24 18:50:39 server kernel: sd 0:0:0:0: [sda] tag#0 Sense Key : 0x3 [current] Jan 24 18:50:39 server kernel: sd 0:0:0:0: [sda] tag#0 ASC=0x11 ASCQ=0x0 Jan 24 18:50:39 server kernel: sd 0:0:0:0: [sda] tag#0 CDB: opcode=0x28 28 00 00 00 f8 1e 00 00 40 00 Jan 24 18:50:39 server kernel: print_req_error: critical medium error, dev sda, sector 63518 Jan 24 18:50:39 server kernel: sd 0:0:0:0: [sda] tag#0 UNKNOWN(0x2003) Result: hostbyte=0x00 driverbyte=0x08 Jan 24 18:50:39 server kernel: sd 0:0:0:0: [sda] tag#0 Sense Key : 0x3 [current] Jan 24 18:50:39 server kernel: sd 0:0:0:0: [sda] tag#0 ASC=0x11 ASCQ=0x0 Jan 24 18:50:39 server kernel: sd 0:0:0:0: [sda] tag#0 CDB: opcode=0x28 28 00 00 00 f8 5e 00 00 80 00 Jan 24 18:50:39 server kernel: print_req_error: critical medium error, dev sda, sector 63582