Recent content by oneplane

Ethernet ports are configured via the CPLD, PHY, Switchchip. By default they have some VLAN grouping working like a switch all connected to the KR backplane. The configuration happens over sideband (MDIO). Instructions are posted in the thread, you can use the tool from DiagOS in your Linux of...

Neither SAS nor SATA would work. A PCIe-only connector must connect to a PCIe device. Some have restrictions but in general you could adapt one of those to a PCIe or M.2 slot and put an HBA in it.

Fun fact, their tracking and profiling was too hard to turn down a bit so if you are in the EEA or the UK you can't access that site anymore.

VLANs are L2, what you are doing is L3. You need both, or, enough interfaces and hardware to just have multiple physical networks. VLANs only exist so you can have 1 physical network but multiple logical (virtual) networks. Those networks aren't IP-networks, just Ethernet networks. The ONT...

We have about 700 PA devices still deployed in the field (including panorama instances), I'm not exactly new to it. Layer 7 'steering, routing' doesn't really exist, unless you mean load balancing. It doesn't exist because unless the protocol itself is routing or steering aware, those words...

That's not true. "Proper" layer 7 is arbitrary at best anyway. If you want to do protocol-based analysis you can do that on OpnSense just fine. You can also do it without OpnSense on any bare FreeBSD or Linux install. This is not something special that only PA, Cisco etc. can do. The only true...

The HA part strongly depends on what you're trying to achieve; I've had people wanting to do sticky sessions and Load Balancing via the firewall (I would not do that), but also client VPN connections (also not something I'd HA on the firewall - but running them on the firewall with a CARP IP is...

It really depends on the specs (not hardware specs but firewalling and throughput specs). If you don't do anything fancy and just have some rules and some interfaces, you can get by with a C3000 era SoC. If you intend to do IPSec, OpenVPN, IPS etc. you'll want more CPU, more RAM and more modern...

Those RPMs are indeed normal, but they can be modified. It depends a bit on the controller used, but if they are visible on the SuperIO chip you can do it there, otherwise they are controlled via the CPLD which requires some I2C writes. Check with lm-sensors first, if you can read them that...

Or you build whatever you want and plug in an AsRock PAUL card. Stock can vary, but they can be had for around $180 and does the same thing as on-board ASPEED: https://forums.servethehome.com/index.php?threads/asrock-rack-paul-ipmi-card.30623/page-3

Install a hypervisor and remote control the OS from there.

I think I have the I2C for that, it even has a PWM mode! Still have to dig the project back up before I can get back to it :rolleyes:

For the other devices, it could be useful to get the current versions so we know if it's "up to date" or "newer". The Dell DiagOS has the tools to get the versions, but it depends a little on which version you get. Generally, the firmware payloads are located inside the VeloCloud/SD-WAN disks...

If you boot any Linux disto over USB and it stays on for more than the default watchdog timeout you can use commands like `lsblk` to find out what devices it knows about (you can also use dmesg to see what hardware it sees). There should be two internal devices, and they have multiple...

All the NICs work, including the switch, it's more of an issue to set them up in your RC/boot scripts to have them mapped out correctly (both on BSD and Linux). Native support is still a bit better on BSD, but on either OS you can map the ethernet switched ports to individual VLANs, or Q-in-Q...