November 26, 20178 yr Sorry. Yes it is on. I don't know anything about it. Does it need to be on?It prevents loops in the network and is on per default on almost any switch. A network port that becomes active first goes to blocking state and exchanges only probe frames. The switches then calculate a loop free tree. All ports on the tree change to forwarding. All ports that would create a loop remain blocking. This way you can build redundancy at the Ethernet layer without any routers. Years ago this wasn’t a problem. Current hosts however sometimes boot faster than the time spanning tree needs to probe and set the access port on the switch to forwarding. This can lead to DHCP requests getting lost and the host not getting a an IP address. Current manageable switches therefore usually allow a setting called Spanning Tree Fast Start or Edge. A port configured that way works the other way around: It starts in forwarding state and goes to blocking, if necessary.For a typical unRAID server the initialization of the disk controller will take long enough that it is not necessary to worry about Spanning Tree settings. If you have other devices that sometimes don’t get an address from the DHCP server after boot, it might be worth a look at the switch settings.unRAID 6.4rc14
November 26, 20178 yr Yeah, I was just thinking if his boot time was too quick for the 30second timeout of standard STP, that it would be worth checking if RSTP is available as that’s a “near instant” initialisation of the port and ensures the DHCP packets can actually pass through without issues. There are still times when you’d want RSTP disables in favor or STP, predominately WAN links and other links where a link flap could be devastatingSent from my iPhone using Tapatalk
November 26, 20178 yr 9 hours ago, tstor said: RSTP = Rapid Spanning Tree Protocol Enabling or disabling of RSTP happens automatically when the bridge function of an interface is activated. With a single interface as member of the bridge RSTP is disabled, while it becomes enabled when two or more members are present in the bridge and prevents a layer 2 loop can occur. In general it is recommended to use bonding when two or more interfaces are used.
November 26, 20178 yr Enabling or disabling of RSTP happens automatically when the bridge function of an interface is activated. With a single interface as member of the bridge RSTP is disabled, while it becomes enabled when two or more members are present in the bridge and prevents a layer 2 loop can occur. In general it is recommended to use bonding when two or more interfaces are used.Yeah, I’m more wondering if it’s his switching that might be only running STP and that’s causing the delay in getting an IP readySent from my iPhone using Tapatalk
November 26, 20178 yr 6 minutes ago, miniwalks said: Yeah, I’m more wondering if it’s his switching that might be only running STP and that’s causing the delay in getting an IP ready True, when spanning trree is enabled on a switch it will introduce a (programmable) delay before the link is up/active and may affect services such as DHCP.
November 26, 20178 yr Timers for a switch port connected to a port that does not use STP (typical host):Legacy STP: 50s until a switch port starts forwardingRSTP: 3s until a switch port auto-changes to edge port, then it starts forwardingManually configured Edge port (STP and RSTP): switch forwards immediately STP is mainly for creating redundancy in the network (e.g. interconnect three switches in a triangle), bonding increases bandwidth and availability between two devices (switch-switch or switch-host). unRAID 6.4rc14
November 26, 20178 yr Close,Industry standard for STP is 30 seconds, but yes may be up to 50 on legacy hardware. RSTP is between 1 and 3. STP in general is for protecting against loops or “spanning tree storms” where packets continue to forward forever. Common symptoms are all links flooding at 50% of line rate. Later evolutions of STP includes pvRSTP whereby it can be used to guide packets down certain links on a per vlan basis essentially forming a quality of service scheme. This is especially useful when 802.3ad cannot be employed due to hardware limitations or design limitations. Bonding otherwise known as PortChanneling or EtherChannel is the combination of up to 8 links in a group to provide higher bandwidth, however a single client-server connection cannot use more than 1 link at a time. Commonly known as the multi-lane freeway. 802.3ad was brought in during the 100mbps days when 1gbps was considered expensive and is still used today until 40 and 100g-base becomes cheap enough for mass adoption. Sent from my iPhone using Tapatalk
November 26, 20178 yr Close,Industry standard for STP is 30 seconds, but yes may be up to 50 on legacy hardware. RSTP is between 1 and 3. At home most people will probably just use the default values. For legacy STP these are 20s blocking, 15s listening, 15 learning for a total of 50s before forwarding. For RSTP those default timers have not changed (see IEEE802.1D-2004 page 153), however the protocol is much more interactive and rarely needs to wait for the timers to expire. An edge port (unless manually configured as such) will still start in blocking state. If the switch supports auto-edge detection, which is an optional feature of the standard (page 192), it will start forwarding after 3s.
November 26, 20178 yr On 11/24/2017 at 8:33 AM, tstor said: Similarly I always boot into unRAID with stopped array, because often I will want to change something first and otherwise would have to wait for starting to finish and then stopping again. When encryption is used it is recommended to set array auto start to enabled. This allows a missing key detection upon system reboot. In this case the array can only start when the key is entered first.
November 26, 20178 yr When encryption is used it is recommended to set array auto start to enabled.I will probably do that, once the final 6.4 is out, because it is the way the devs intend it to be done. I still have a somewhat uneasy feeling to rely on a missing key in order to not start the array instead of the auto-start setting.
November 26, 20178 yr Author 2 hours ago, bonienl said: When encryption is used it is recommended to set array auto start to enabled. This allows a missing key detection upon system reboot. In this case the array can only start when the key is entered first. Actually, not strictly true anymore
November 26, 20178 yr Author On 11/24/2017 at 11:05 AM, dlandon said: That no longer seems to be the case That is a design flaw in the plugin IMHO.
November 26, 20178 yr Author On 11/24/2017 at 11:52 AM, dlandon said: It's a plugin I don't intend to make public. I just did it to do a little testing. Personally I would never trust a plugin that accesses anything on the 'net upon boot. Must only be by demand by a user who accepts the risk. Remember a plugin has root access.
November 26, 20178 yr 4 minutes ago, limetech said: Personally I would never trust a plugin that accesses anything on the 'net upon boot. Must only be by demand by a user who accepts the risk. Remember a plugin has root access. @limetech it'd be great though for me if something could be done please to better accommodate pfsense VMs in the boot sequence - there are online checks that take forever to complete before the VM actually boots so they fail and delay by over 10 minutes reboots
November 26, 20178 yr 1 hour ago, limetech said: Personally I would never trust a plugin that accesses anything on the 'net upon boot. Must only be by demand by a user who accepts the risk. Remember a plugin has root access. I'll try and not take that personally. (Although its Dynamix System Temp that's actually downloading code during boot). FCP accesses upon array start (pings github, and downloads 2 json files to determine if the plugins installed during boot (including itself and any docker containers already installed in the image) are actually safe to run. That I think is an acceptable risk Edited November 26, 20178 yr by Squid
November 26, 20178 yr 12 minutes ago, limetech said: Personally I would never trust a plugin that accesses anything on the 'net upon boot. Must only be by demand by a user who accepts the risk. Remember a plugin has root access. Two examples of "untrusted" plugins: - Dynamix Temperature. - Fix Common Problems. I would bet there are more. EDIT: When a plugin is installed, doesn't it need net access to download its files? This applies when initially installing and not on boot up. Edited November 26, 20178 yr by dlandon
November 26, 20178 yr 16 minutes ago, limetech said: Actually, not strictly true anymore Yes and no When auto start is disabled, the Main page will ask to enter a new key, while missing key would be more appropriate.
November 26, 20178 yr 10 minutes ago, dlandon said: When a plugin is installed, doesn't it need net access to download its files? All depends. I try and keep a strict no dependencies rule, and when I require one I tend to include it in the main txz. Of course that won't work for other plugins (NerdPack automatically springs to mind) But I always thought that any additional txz's referenced in the plg file were supposed to be saved on the flashdrive automatically by pluginMan so that they didn't need to be redownloaded at boot time. All of this discussion actually reminded me of another missing feature from pluginMan - When installing a plugin, any txz's downloaded and if the md5 entry is present then it is checked and an error if applicable will be thrown. But, if the txz already exists on the flash drive, then pluginMan doesn't bother checking if the md5 is actually correct when it installs.
November 26, 20178 yr 4 minutes ago, Squid said: All depends. I try and keep a strict no dependencies rule, and when I require one I tend to include it in the main txz. Of course that won't work for other plugins (NerdPack automatically springs to mind) But I always thought that any additional txz's referenced in the plg file were supposed to be saved on the flashdrive automatically by pluginMan so that they didn't need to be redownloaded at boot time. All of this discussion actually reminded me of another missing feature from pluginMan - When installing a plugin, any txz's downloaded and if the md5 entry is present then it is checked and an error if applicable will be thrown. But, if the txz already exists on the flash drive, then pluginMan doesn't bother checking if the md5 is actually correct when it installs. You missed my point. When a plugin is installed from CA, it has to have net access to download its files initially - txz, png, etc and store those on the flash. When there is no net access, the plugin fails in a very ungraceful manner and its difficult to tell if its a failed download or lack of net access.
November 26, 20178 yr 1 hour ago, Squid said: I'll try and not take that personally. (Although its Dynamix System Temp that's actually downloading code during boot). FCP accesses upon array start (pings github, and downloads 2 json files to determine if the plugins installed during boot (including itself and any docker containers already installed in the image) are actually safe to run. That I think is an acceptable risk Does it also check for docker container updates? If so, this is what really slows my boot as I have no connection until my pfsense vm has started. Any way to disable the docker check as this is the biggie?
November 26, 20178 yr Let me summarize the issues discussed here about Internet access when a plugin installs: - When installed from CA or from the install plugin dialog, the plugin needs net access to download its files and store them on the flash. Currently a failure of either the net or a download issue is not clear to the user. A message that there is no Internet access and that's why the plugin failed would be clear to the user and ease support. - When a plugin is installed on boot up, it needs to access the Internet to potentially re-download any missing files on the flash. If there is no Internet access, the plugin fails to install creating issues for the user in order to sort out what happened. - It appears for valid reasons some plugins need Internet access when booting to update information - i.e. Dynamix Temperature and FCP. - A plugin can access the Internet at any time and wreak havoc. Boot up is not the only time this is a concern. Edited November 26, 20178 yr by dlandon
November 26, 20178 yr 44 minutes ago, DZMM said: Does it also check for docker container updates? If so, this is what really slows my boot as I have no connection until my pfsense vm has started. Any way to disable the docker check as this is the biggie? Nope. The checks for docker updates are performed automatically by dockerMan at array start, and since your network isn't running until the VM starts, the cumulative timeouts on the containers add up to quite a bit of time. EDIT: When I was simulating download failures for CA to have it fail gracefully, the start up time for me (without any VMs running and only 5-6 containers) was ~10 minutes with no internet access IIRC. Edited November 26, 20178 yr by Squid
November 26, 20178 yr Finally upgraded to rc14. Has something been done as regards power saving? My unRAID box typically uses 7.8% load of my APC 750VA UPS. Since the change to rc14, it's only using 6.5%.
November 27, 20178 yr I posted this in the rc13, but didn't have diagnostics file.. In this case, after 4 days, this happens: Currently on rc14 Hello all. Ive been having an issue, that after the server has been running for some time, (more than a week?, undetermined) That parts of the web UI no longer function. No issues with non-beta 6.3.5 Examples: Update OS, check for updates, doesnt actually check, and status reports "need check" Starting and stopping the array is impossible, it prompts for are you sure, but it never stops when you hit OK. on the Main tab, the stats for the drives no longer update. Clicking on the check parity button, sends request to server, but browser just sits there "waiting for data" Probably more.? Tested with windows browser (win10) OSX safari OSX firefox Rebooting resolves the issue for a while, that button works, but when server restarts, it reports unclean shutdown detected. attached diagnostics. tower-diagnostics-20171127-1706.zip Edited November 27, 20178 yr by Inssomniak
Archived
This topic is now archived and is closed to further replies.