Jump to content

dimes007

Members
  • Content Count

    91
  • Joined

  • Last visited

Community Reputation

1 Neutral

About dimes007

  • Rank
    Advanced Member

Converted

  • Gender
    Undisclosed

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I have a new disk which i was looking to encrypt and preclear to add the precleared encrypted drive to array while maintaining parity (which may be flawed in and of itself). Ignoring that for the moment. Following the above: I disabled vm and docker (tabs gone). Removed cache drive (which was btrfs). (I've only ever had one spot) Added new disk as cache. Started array (was given no choice of format but disk settings had xfs encrypted as default). Formatted new cache drive. New drive formatted as btrfs and not xfs encrypted despite default setting under "disk settings" disk.cfg shows: cacheId="WDC_WD60EFRX-XXXXXXX_WD-WX17DF8C595A" (This is the new disk) cacheFsType="btrfs" Thanks for any help you can lend.
  2. Thanks for the advise. I unplugged the physical LAN NIC and went for it. So the LAN nic in pfsense is now vtnet0 (br0) passed from unRAID. as of now still using virtio but pfsense hasn't had any trouble seeing it on boots. WAN nic is still the physical x1 intel nic passed through. DHCP is working on LAN through virtio. To be clear I'm passing unraid br0 through to pfsense. I'm not passing br0.XX for tagged packets because I don't really want separate virtual nics in pfsense. my vlans are already defined in pfsense. I want all br0 traffic, even tagged packets to get to pfsense on the same virtio interface but maybe what I'm trying to do isn't possible with unraid implementation of vlans and I need to pass each vlan as a different nic to pfsense.
  3. Hey Grid. First of all thanks for all the videos. I watched the first pfsense sense video but ventured out on my own before the 2nd was released. I'll check it out now. This weekend past I had my first taste of pfsense and VLANs (in general I'm good with unRAID, unifi and VMs). After about 3 days of effort between premise wiring, pfsenseVM configuration, netgear switch, unraid VLANs and unifi controller (in a docker no less) things are going well. My setup is as follows: PFSense has the two physical NICs passed each with 1 port. 1. WAN from cable modem. 2. Original SSID and my existing items still on 192.168.147.1/24 LAN. Other interfaces are: 3. VLAN10 is at 10.10.10.1/24. It has its own SSID as well as a guest SSID with a captive portal through the unifi controller. 4. Virtual interface is one of the virtual bridges in unRAID but as of now IS NOT USED in PFSense. Now that things work and are settled down the remaining question for anybody is one of efficiency/optimization. The physical LAN connection to PFSense has my main LAN untagged and VLAN10 tagged. The physical LAN connection to unRAID has my main LAN untagged and VLAN10 tagged. You see where this is going... I can save a switch port, gain a PCI x1 slot back and maybe gain some speed if I eliminate the physical LAN NIC and pass through the VM unraid br0 (or maybe BOTH unraid br0 and br0.10) to pfsense. I would think the virtual 10gig network is hella fast. Am I asking for trouble here? Again, this is my first experience with VLans and my first experience with pfSense so I'm not sure if I should just leave well enough alone. What do ya'll think? Thanks, --dimes
  4. Everytime CA Backup stopping and starting dockers affects nextcloud I google "unraid hulk smash" to get back here to fix it. I may never remember how to get a shell prompt in my docker and then do # mysqld --tc-heuristic-recover commit I may never forget: "hulk smash" Thanks chaosratt.
  5. Yes. "Disk Encrypted and Unlocked". Things seem fine. Moving data to it now. I thought I was going to get a new icon in the settings tab? Maybe that was only when it was in 6.4 beta? Maybe it only shows up if you use a keyfile? --dimes
  6. I reformatted encrypted and things seem fine. Not worried about forensic recovery. The 5tb was a parity disk. I'll be moving data from a SED disk currently in the array to this disk. I haven't seen much here about performance impact (either CPU or disk speed) with encryption turned on. Not that I need blazing speed but SED has no tangible performance hit while using an encrypted array drive. The only remaining curiosity is that I don't have an encryption icon in settings?? Thank you both for the quick and accurate guidance. --dimes
  7. I have an empty 5gb drive unencrypted and am looking to move it to encrypted. I've got "clear-me" directory ready and was about to run the clear script but it seems unnecessary. I think I'm correct that shrink array procedure (including clearing) THEN add disk back with format xfs-encrypted maintains parity but as a format updates parity the clear seems like an unnecessary step. As the formatting of the disk will update parity the clear script hardly seems necessary. Is the only way to maintain parity to clear => shrink => add or is there a way to avoid the clear? Thanks, --dimes
  8. On the egg they're basically same price. +2 Sata good but is it "ULTRA DURABLE"? lolz. --- Video pass through worked without issue: BIOS change to integrated graphics as primary. ACS override was turned on because two of the cards were in same IOMMU group. I passed through the AMD RX460 to a separate Windows 10 vms (Seabios). Still fiddling with the other two video cards to pass through and some usb controllers next but I'm thrilled with how this is going thus far.
  9. The marketing nonsense talks about it being "ultra durable" but really - it was the cheapest board with 3 pcie x16 (physical) slots on the ibuypower deal i was using. I ended up with 8700k, 8gb RAM, that MB, rx580-8gb, 240gb ssd, 2tb hdd, decent thermaltake case for $1151 shipped. The cpu, graphics card, mb, ssd, hdd and ram part out to about $1200. So build & burn in, led light strip nonsense, mousepad, mechanical keyboard, shipping, etc. for -$50.
  10. I tried to make a Ryzen 7 1700x work but could never get GPU PT to work and returned the machine before the window ran up. First impressions with 8700k on unRAID 6.3.5 - IT WORKS! Cinebench results in a Windows 10 VM using all cores was near bare metal as to be expected. (Max of 1515 on bare metal, Max of 1494 in VM) These scores are with "Multi Core Enhancement" Enabled but no other overclocking done. Note: that Windows 10 setup using OVMF Bios left me at the splash screen for an uncomfortably long time but eventually it does work come back and let you install. Perhaps it's like that on other hardware and I just don't recall the setup. It's time to move onto pass through: I've got the 3 video cards piled in as well as the IGP which I'll use for the console. Motherboard is a Gigabyte Z370XP-SLI. --SLD
  11. This page has some tips: https://wiki.archlinux.org/index.php/PCI_passthrough_via_OVMF "Using huge pages for guest and bigger huge page size(e.g. 1 GB) could reduce periodical micro-freezes of whole VM introduced by disabled NPT. If periodical stuttering still occurs try removing smep feature from vCPU..." Nonetheless, I still haven't gotten a GPU to pass through yet. Thanks for the advice above. Will try ASAP.
  12. Is the change between NPT on or off transparent to the guest? If I setup a new ryzen environment and get it working when and if a fix is released to allow NPT and GPU passthrough can I just change the settings or will Windows guests have issues and need to be rebuilt. I have to decide if I'm going to keep my new Ryzen box or not. ;( Thanks.
  13. I made a massive blunder. I was was clearing off a domains directory to move a disk to btrfs for some of the snapshotting/base image features. Anyway, 1am remotely connected to tower and I rm -fr the wrong domains directory!!! I realize it fairly quickly. Ctrl-C does nothing and I kill the putty session. reconnect to find two VM .img files gone. 1 VM was off and its gone. A machine I just p2v'd last week and have both original hardware and an acronis image. So configuration time lost but no data of any substance. 2 is a windows 7 machine that's STILL RUNNING. In windows the file would likely be locked and not deleted. But in unraid I see no file or directory from console but the vm is running fine. I verified I have data backups of everything I care about. Copied data to array through Samba anyway and even ran a windows system backup (which I've never used). Being logged into this VM is somewhat of a trip. If I turn it off it's gone forever? It's VM analog to the movie crank. Time to recreate will be lost if I cant find a way to prevent the system from carrying out this deletion. The directory and .img are gone but the vm is still running so the data is clearly somewhere. Lastly there are are other vms in the directory. I expect they're ok but I'm still worried that once the first stuck vm is unstuck the rm -fr will continue on. Other than looking at ps is there anything else I can do to make sure the destruction is over? Thanks
  14. +1 I also wish there was some friendly name for docker containers in netdata.
  15. Just in case people are interested in how this went. I bought a refurb Seagate Constellation ES.2 3TB disks for $60 just to test this stuff out before I spent any serious money on large, modern SED disks. In short... IT WORKS! Some considerations and hangups I had: I'm certain my five built in SATA ports support ATA passwords set in the BIOS. I'm not sure my 5 SCU ports or my Supermicro card support any way to pass ATA passwords that SED relies on at boot. You could always NOT autostart the array and pass the passwords using hdparm commands. A plugin/app could be developed to help with this as well. One hangup that did take time to sort out was that I was setting passwords and preclearing on a test/lab system to move to my main unraid box for addition the raid. That did not work because I was setting plain text passwords on the test machine with hdparm but my main server passes the plain text password through a hash (to protect against dictionary attacks) before passing through the SED disk. Until I figured out this issue I wasn't really sure what was wrong. Removing password and running preclear on one system and then setting passwords in BIOS on the system you'll be using is fine. You may also be able to update hdparm to support the hash algorithm of your system. Generally, a disk once removed from power is locked when power is restored. A disk that's "sleeping" (not sure which sleep state) is not using power and if removed from power and power is restored in an alien system the disk remains unlocked (reference) and available to read. I'm not sure which category an unraid data disk that's spun down falls in. Other ways to encrypt: Truecrypt, Veracrypt or Bitlocker file containers also serve well to encrypt data (I used bitlocker). If its possible, someone with the knowledge could spend the time to make a veracrypt for unraid docker that would put a container file on the array, require a password in the docker web gui on restarts. Once that password is given the encrypted file system in the docker is mounted by Tower via NFS and shared via SMB from the main tower.