jzawacki
-
Posts
37 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by jzawacki
-
-
On 10/24/2020 at 3:30 PM, saarg said:
You don't change the port inside the container, you change the host side. That is what port mapping is about.
Please supply the docker run command.
It's funny you say this. The docker run command is correct, all configured properly, but it doesn't make it into the container, I promise. (IP and path redacted)
docker run -d --name='unifi-controller' --net='br0' --ip='1.1.1.13' -e TZ="America/Denver" -e HOST_OS="Unraid" -e 'UDP_PORT_3478'='3478' -e 'TCP_PORT_8080'='6759' -e 'TCP_PORT_8443'='6760' -e 'TCP_PORT_8880'='6761' -e 'TCP_PORT_8843'='6762' -e 'UDP_PORT_10001'='10001' -e 'PUID'='99' -e 'PGID'='100' -v '/REMOVED/unifi-controller':'/config':'rw' 'linuxserver/unifi-controller'But, what I was able to end up doing, is put the docker in a location that is easily accessible via SMB share, manually change the permissions of the system.properties file so I could edit it easily, save the file and restart the docker. Bingo, it's listening on all the custom ports I wanted it to be listening on.
debug.device=warn debug.mgmt=warn debug.sdn=warn debug.system=warn is_configured_and_restarted=true is_default=false portal.http.port=6761 portal.https.port=6762 unifi.http.port=6759 unifi.https.port=6760 -
Apologies if this has been addressed, I saw notes around page 8 of others having issues using custom ports, but I couldn't find a solution. It's unfortunate that so much of this thread is standard UniFi controller support over container support.
Anyway, I have been unsuccessful using custom ports for this container as well. I have configured the docker properly, but the defaults are still used. If I go into the container and look as the system.properties file, the port options are all commented out, so I'm not sure how the UniFi controller is supposed to know to use the custom ports.
Thanks,
James
-
1
-
-
4 hours ago, Supermillhouse said:
Typo in "overlay\hooks\supervisord-pre.d\90-nginx_config.sh"
"sed -i -e "s|access_log .*$|error_log /var/log/nginx/access.log;|" /etc/nginx/sites-available/10_generic.conf;"
should be
"sed -i -e "s|access_log .*$|access_log /var/log/nginx/access.log cachelog;|" /etc/nginx/sites-available/10_generic.conf;"
EXCELLENT FIND!
Just as a note, I also had to "fix" the /etc/nginx/sites-available/10_generic.conf you referenced in the link, as mine had the error_log listed twice. I too am now seeing proper "HIT" and "MISS"! Thanks for the info!
-
2 hours ago, ConnectivIT said:
Not what you want to hear, but dedicated hardware for pfsense? I'm all for the consolidation that unRAID brings, but you want your network/internet to "just work" and ideally not go offline just because you have to bring down your unRAID array for some reason.
I was thinking the same thing, but if all of your DNS servers are running on unRaid anyway, you are basically taking the internet down with unRaid anyway. With that said, I'm still running pfsense on dedicated hardware because I don't trust a docker to not be compromised and your firewall is something important enough to care a little more about than standard dockers. Your firewall is there to protect your network and you would be putting an interface on unRaid directly on the internet. Not really a good idea, IMO.
-
8 hours ago, purplechris said:
Hey Buddy
nslookup gives me my router IP of 192.168.1.1
Its DNS is set to primary 192.168.1.69 which is lancache and 192.168.1.3 which is pihole
Both google and steamcontent.com show my router ip on nslookup too
Interesting. Having both .69 and .13 being used, depending on how your router caches lookups (if it does at all), you may be randomly bypassing the lancache-bundle server.
I can't tell you how to setup your network, but I can tell you how I have mine setup, since it sounds like we have similar thoughts.
1) DHCP is handing out the IP address of PiHole and a second IP address that is dead on my network. This keeps Windows from using whatever it wants. If your router isn't able to provide custom DNS IPs for DHCP, I would suggest switching to a DHCP server that does. I haven't used it myself, but PiHole includes a DHCP server.
2) PiHole Upstream DNS Servers 1- lancache-bundle IP 2- same fake IP DHCP is handing out. Again, this forces PiHole to use the lancache-bundle IP.
3) LanCache-Bundle Upstream DNS is OpenDNS IP address only
This setup allows me to blacklist sites easily on PiHole as well as allow me to get correct statistics from the interface. If you have your router asking PiHole, all the statistics will show the requests from the router and not the individual devices. So, if you have a ton of blocked lookups from a specific device, you will not be able to track it down.
-
47 minutes ago, purplechris said:
Thanks James, i have the outbound working now with the secondary dns
Unfortunately, the "secondary DNS" you added is bypassing the lancache-bundle. Windows doesn't use it as a primary (and if I can't talk to it, use the secondary), it picks whatever IP it wants.
What do you get when you try this on the windows computer command prompt:
C:\> nslookup
Should look like this:
Default Server: UnKnown Address: 192.168.1.69 >> google.com
Should look like this:
> google.com Server: UnKnown Address: 192.168.1.69 Non-authoritative answer: Name: google.com Addresses: 2607:f8b0:400f:801::200e 172.217.2.14Then, try this:
> steamcontent.com
Should look like this:
> steamcontent.com Server: [192.168.1.69] Address: 192.168.1.69 Non-authoritative answer: Name: steam.cache.lancache.net Address: 192.168.1.69 Aliases: steamcontent.com -
7 hours ago, Xploit61 said:
On steam I can get up to ~75Mbps (depending on game) on first download and then cache maxes out my 1Gbp lan connection getting 117Mbps.
I'm running a single dedicated IP address on my lancache-bundle at this time and also have a 1Gbps internet connection and seem to have hit a download limit of around 20Mbps through the lancache-bundle server. But, with that said, when I test network equipment within a 1Gbps network, I look for ~950Mbps throughput, so a 1Gbps network should get better than 117Mbps, that would be a limitation to your lancache-bundle hardware, most likely.
From what I understand, adding the additional IP addresses should improve your download performance. I'd say give it a shot and report back.
-
8 hours ago, FrozenGamer said:
# Upstream Configuration
proxy_next_upstream error timeout http_404;and
# Allow the use of state entries
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;Can't say for sure, but the 404 is a not found error as if the location lancache-bundle is trying to access doesn't have what it's asking for.
The 500, 502, 503, and 504 errors are all gateway/server based errors, which would be upstream as well.
-
1 hour ago, boomam said:
Not correct actually.
As long as the ports & layer protocols are different and non of the containers are using things like net_admin, then all of them can use the same IP.
However in the case of a DNS lookup, technically, you just need the relevant DNS ports, however generally speaking its better to dedicate it to its own IP to help segment ports off, and prevent issues with potential port scans on a DNS IP from uncovering other services.
In the example screenshot given, as there are two containers trying to use DNS/53 (a typically dual protocol TCP/UDP service), then yes, separate IP's is recommended.
Well, if you want to go to your unRaid docker page every time you want to access the web interface of a docker (or memorize a bunch of random ports), knock yourself out. But, your browser defaults to port 80 or 443 (https), so every docker sharing your host IP will need a different port for the web interface.
Edit: Ah.. I get it.. you got me.. you are just trolling..
Seems pretty darn clear to me:
-
2 hours ago, James_Darkness said:
i tried it on a different computer and it works
when i get pfsense up im sure it will work even better so i dont have to do it in windows
You may need to open a cmd prompt as administrator and run:
ipconfig /flushdns
Once you get pfsense up, you'll be able to watch the bandwidth usage on the status page to you can see if you are using the internet or the cache server as well.
-
1
-
-
Try this command from your Unraid terminal. What you are looking at are the 200 and 206 numbers. Unfortunatly, I can't tell you which is a HIT and which is a MISS, but if you download something and it shows one of those numbers and the second time you download, it's the other number, it is definitely pulling form the cache server.
docker exec -it lancache-bundle tail -f /var/log/nginx/access.log
As for bridge vs br0 vs host, I run all my dockers as br0 so they get their own IP address. This makes it so they can all have a web UI on port 80 instead of goofy port numbers all over the place because they are all trying to run on the host IP address.
Lastly, on the machines you are troubleshooting with, and have their ONLY DNS set to your lancache-bundle IP address, disable IPv6 so we don't have to deal with that crap in the logs.
-
8 hours ago, James_Darkness said:
but anything else just doesn't work unless i use a different IP then my server which it says not to do
All of your dockers need to have a different IP address than the server.
-
I would remove 8.8.8.8 as Windows likes to use whatever DNS it wants and using 8.8.8.8 may cause the computer to get the REAL ip address. If windows DNS caches the correct IP, it'll bypass lancache-bundle till the DNS entry expires and it has to ask again. In which case, it may get your cache server or 8.8.8.8 again.
1) Only traffic to the places listed when configuring the docker will be cached. If you don't want to cache something on the list, set it to FALSE
2) I don't think so
3) Depends on how fast you really want it to be. If you have the extra cash and want it to be faster, get a dedicated SSD. Even with standard mechanical drives, I've gotten 50MB/s (bytes, not bits) from my cache server
4) For sure. Change your DHCP to hand out the cache server IP. Manually doing it is good for testing, but not if you have a bunch of computers you want to cache and not at all if you have people bringing their computers over for a lan party
5) Sounds like you have it. Normally I would tell you to look at the cache logs and see the "HIT" messages, but this dockers logs are all jacked up.
-
1
-
-
23 hours ago, boomam said:
Hi,
That's not what i'm asking at all, reading the second paragraph would have showed this.
Ok, with that kind of response, you get this kind of response:
If you want it to cache something, do you think you should set it to false? Normally, the word false, means you DON'T want it to do something. Therefore, you DO NOT need to change any of those fields. By default, it will cache everything. The only time you would set it to false, is if you DON'T want it to cache something.
-
1
-
-
3 hours ago, boomam said:
Hey,
Do we have to do anything specific to this container, other than set the BIND IPs, for it to cache things?
For example, do we need to set each service type to 'false' so that it does cache them?
Yes, you have to setup your network to use the lancache-bundle as your ONLY internal DNS server. Other than that, not normally. But I am experiencing all kinds of weirdness on it.
-
Ok, It appears that it might be working, just some of the configs might not be setup the way the devs want them to. I don't know why your log lines are truncated, but when comparing SteamCacheBundle to lancache-bundle, I found that 200 = HIT and 206 = MISS
10.10.10.100 - - [25/Mar/2020:20:27:47 -0600] "GET /tpr/ovw/data/c1/25/c125c5ac589f3ccbdbd632d5249b7878 HTTP/1.1" 206 7540 "-" "-"
10.10.10.100 - - [25/Mar/2020:20:27:50 -0600] "GET /na/patches/wot_1.7.1.1844_na/wot_1.7.1.20228_1.7.1.20220_client.wgpkg HTTP/1.1" 206 16777216 "-" "wdsa::Torrents/libtorrent 1.1.9.0"Now, what makes even less sense.. is this attached picture. In the upper left, I am updating Overwatch on a computer that is on WiFi (which is crappy in my house, so the 1.5MB/s isn't part of the issue), in the upper right is the bandwidth monitoring on my firewall showing pretty much NO internet traffic, which means it is all being pulled from the lancache-bundle docker, and at the bottom is the lancache-bundle log showing 206, or misses.
So, I don't know where to go from here. It appears to be working, so that might be good. Logs appear to be useless other than seeing that computers are actually talking to it. I'll play with it some more, but I'm not sure how to help you fix it.
I do have one group of requests though, if you could install vim, make bash the default, and install bash-completion, I would appreciate it and it would make troubleshooting a lot easier for me.
James
-
33 minutes ago, osokthedevil said:
Also it just doesn't work with pihole either.
Not sure how that is the case, I had it working fine with PiHole, just couldn't tell if it was actually caching properly or not. Here is how I have mine setup:
1) DHCP hands out DNS IP1 as PiHole IP and DNS IP2 as a dead IP. You have to do this because Windows will randomly ask DNS. It's not a "primary" and "secondary" IP, it's whatever Windows wants to use.
2) PiHole upsteam DNS is lancache-bundle server IP
3) lancache-bundle upstream DNS server is OpenDNS server IP
This provides ad blocking (as well as blacklists), caching, and whatever filter settings you have on OpenDNS.
Just make sure that when you are troubleshooting/making changes to DNS servers that you do an ipconfig /flushdns on the computer you are troubleshooting with, as Windows with cache DNS IPs and you won't be actually asking the DNS server. Another method to verify is to talk directly to the DNS servers.
From a cmd prompt, type in "nslookup", it will connect to your default DNS server. If you want to change server, type "server" and then IP, such as "server 8.8.8.8", this will ask that DNS server for the next lookup.
Edit: Example-
C:\Users\jzawacki>nslookup
Default Server: UnKnown
Address: 10.10.10.12> server 10.10.10.14
Default Server: [10.10.10.14]
Address: 10.10.10.14> steamcache.cs.steampowered.com
Server: [10.10.10.14]
Address: 10.10.10.14Non-authoritative answer:
Name: steam.cache.lancache.net
Address: 10.10.10.14
Aliases: steamcache.cs.steampowered.com -
Josh.5, I may be late to the conversation, but I am seeing the same issue as others with the logging. It appears the lancache-bundle access.log file is truncated. It is missing the "HIT" and "MISS" part of the logs as shown below in green. I googled this issue prior to coming here and noticed a lancache dev telling another person they won't support this docker because there is something wrong with it.
lancache-bundle example (borrowed from another post):
10.0.0.4 - - [28/Feb/2020:22:33:18 +0100] "GET /depot/239145/chunk/afd533bb3c7a6f892dbff6232afa4b91d6f78704 HTTP/1.1" 200 339616 "-" "Valve/Steam HTTP Client 1.0"
SteamCacheBundle example:
10.10.10.101 / - - - [25/Mar/2020:05:51:11 -0600] "GET /depot/582661/chunk/5dbb54e74494aae3cd94f7c47c3c6587cd1b86e0 HTTP/1.1" 200 1054416 "-" "Valve/Steam HTTP Client 1.0" "HIT" "edge.steam-dns.top.comcast.net" "-"
Edit: BTW, the cache may be working, but without being able to see the HIT/MISS messages in the log, it's hard to say. One of the issues I have with SteamCacheBundle is DNS related. I've seen clients randomly get the legit IP of steam servers, so half the packets go through the cache server and half bypass it (watching traffic on the firewall). In the past, if I throttled the computer running the initial install/update on the firewall, 99% of the data would be cached and the rest of the computers will benefit from that cache. Along with adding all the rest of the caches (WarGaming is a major one for me), I'm hoping this docker has been successful in stopping computers from learning the legit IP of servers they are downloading from.
Thanks,
James
-
I can't wait to see what the new version brings. I have learned through DD-WRT and BWMON that it appears the downloading machine is bypassing the cache server during the download. I haven't dove in enough to know if it's somehow getting the real IP during DNS resolution or if it's the cache server leaking the real IP.
My work around is to throttle the download speed for the first machine to 10Kbps. This forces every update packet to go through the cache server except for 10Kbps, which doesn't add up to much. Using this method, I am able to force the cache server to cache 90%+ of the update. Once the update is complete, I remove the throttling from the router. Updating the rest of the machines appears to be super fast because, although they are also bypassing the cache server on some of the updates, enough are coming from the cache server to make up the difference.
-
On 11/24/2018 at 3:00 AM, enigma27 said:
you maybe right and it may need a few days to bed in.
Not sure if it's applicable, but I've seen mine do up to 25MB/s download for an Overwatch update on the third computer from a mechanical drive. I have noticed that one machine will "miss" them all (of course, initial download), the second machine will "miss" every 3rd or 4th GET, and the third machine will only "miss" a few and get really good speeds. One thing I learned for sure, is that windows doesn't use the first DNS all the time, and "fall back" to the second DNS if the first isn't available, it will randomly pick them. So, if you have anything else listed as a second or third DNS server, my bet is that you are randomly caching the GETs on the first machine so the second machine has to GET the ones the first missed. Make sure the ONLY DNS listed for ANY device (except for unRaid, of course) is your SteamCache docker.
-
First, I want to say thank you so much for putting this docker together. I have a super crappy internet connection and with three computers used to play Steam and Blizzard games, being able to update one machine (usually over night) and then updating the rest within minutes is so nice...
With that said, I believe I found a potential bug that I "hacked" to get working, but if you could include an option in the configuration settings to enter the dnssec-validation option in the /etc/bind/named.conf.options file that would be awesome. The reason I ask, is I would like to be able to use OpenDNS for my upstream dns. The default dnssec-validation is set to auto, but when using OpenDNS, the cache server doesn't provide a response. To help troubleshoot (or complicate things), I added a Pi-Hole server in the middle. I could see the cache server asking Pi-Hole and it providing the IP address as the response, but the cache server never sent the IP on to the client.
By changing the "dnssec-validation no;", killing the named currently running and manually restarting it, everything is working perfect. I get the ad blocking benefit of Pi-Hole along with the content filter of OpenDNS.
But, if I edit or restart the docker, it changes the dnssec-validation option back to auto and DNS stops working again.
Thanks,
James
-
Additional detail, as I added an IDE drive from my old data server and it didn't boot. Apparently the BIOS decided to reorder what was listed under "Hard Disk Drives" and the USB device was no longer priority. So, I wrote down the exact names. Here's what to do:
After going into the BIOS, select "Boot" from the top of the screen.
Next, select "Hard Disk Drives" and highlight the USB Device and press the + key till it is at the top.
Next, press ESC to go back to the "Boot" screen and select "Boot Device Priority".
Again, highlight the USB Device and press the + key till it is at the top of the list.
You should be all set at that point, but again, if you make any hardware changes, be prepared to check the BIOS settings again, and put the USB device back at the top of the "Hard Disk Drives" list.
-
You might get better suggestions, and I'm hoping to read them as well, but I personally would use a cross-over cable and directly connect the two machines using static IP addresses. Then, from the new server, mount the shares of the old server then just do a 'cp -R *' from each disk to the new server. A quick dirty example would be:
on the new server:
# mkdir /mnt/olddisk1
# mount -t cifs //oldserverIP/disk1 /mnt/olddisk1
Now, if you 'cd /mnt/olddisk1' and do a 'ls' you should see all the files on the old server.
# cp -R /mnt/olddisk1/* /mnt/disk1
Rinse and repeat for each disk.
EDIT: This just came to me.. maybe an unRaid GURU can give more insite.
Since, each drive is recoverable using standard ReiserFS, would it be possible to pull a drive out of the old system, stick it into the new system, manually mount the drive, and manually copy the data? This would dramatically reduce the length of time it takes to copy files.
-
Just built a system using an Asus M2N68-AM Socket AM2+ Motherboard, AMD Athlon 64 X2 processor, 1GB of Kingston KHX8500D1/1G and 3 Western Digital WD10EACS 1TB drives. Everything appears to be working fine.
Only small note is the Bios configuration to boot to the USB device. You have to go into the Hard Drive Device settings and set the USB Drive to be at the top of the boot order for the drives. Then, go into the boot order screen and tell it to boot to the USB drive over CD-ROM and Floppy.
If you don't put the USB Drive at the top of the HD list, it won't be available on the boot order list.
[Support] Josh.5 Docker Templates
in Docker Containers
Posted
Since PiHole has the ability to track individual devices, I would configured the DHCP server to hand out 192.168.1.3 and a fake IP address for the second IP.
Then, on PiHole, make it's upstream DNS custom and give it 192.168.1.4.
Then, on LanCache server, give it's upstream DNS as your ISP's DNS or 8.8.8.8, or whoever you prefer.
Using this method, you retain all the function of PiHole with the benefit of the LanCache server. Just keep in mind that if DHCP hands out more than 192.168.1.3 as a valid IP address, things might not always work correctly, as windows doesn't use them as primary and if I can't talk to primary, use secondary, it will randomly use either of them depending on how it feels at the time.
You may also have to clear the DNS cache on the PiHole if it already knows the real IP address for the services you are trying to cache.
James