Search results

This is how I do it, which might help. The inter-VLAN routing is on an OpnSense box. The main switch handles the VLAN isolation. Managed switches usually have 2 modes for the VLAN side. One, everything on a port is on whatever VLAN you tell it. Other VLAN traffic is blocked. The second is a...

If you want Linux, don't let it stop you. For a file server, Proxmox works great out of the box with ZFS. It also supports Containers (like BSD jails) and KVM virtual machines. I wouldn't want a distro that doesn't natively ship ZFS for a storage box. Dealing with the kernel patching, even the...

Thought it might be fun to check. Now I'm thinking I should get a backup drive ordered. 2TB spinner. :)

I have it on 5G using the n41 band mostly. It's ok. My local towers aren't too congested, so I don't get hit with the deprioritization too badly. What I do have is occasional times of high packet loss for no apparent reason. It will be basically unusable for a while. I have another connection I...

Even a good SSD is unlikely to keep up with 10Gbe. If you trust your backups and don't mind a little down time, there's nothing wrong with the idea. I don't know that I'd bother with copies=2 in that case though. You have checksums and verification, along with good backups. It doesn't hurt...

Yeah, it's old school, but still plenty for the sort of things I ask it to do. I have a pair of x5675s in it, and plenty of RAM. Works well as a Proxmox host serving ZFS and a number of containers for various services. The array of rust likely pulls more power than the mobo/CPUs, and power...

Right, the address assigned from SLAAC should be stable with most even remotely modern gear. You can put them in DNS without issues. If you find a problem, you can static assign as well. The OS determines the details, like which method is used to generate addresses and if privacy addresses are...

What I did was to generate a ULA prefix using one of the many websites that do it for you. You want this so that your prefix is unique, at least that you have a high probability of it being unique anyway. This is nice so that you don't have collisions should you use a VPN or something else that...

I don't know how much more "secure" the network is with a VPN. You're moving the point where someone has access to the unencrypted traffic, but it does help somewhat with stupid ISPs and such. There are VPN services that work with ipv6, so that's one option. I think I would set up a VPN only...

CPU, they will both work fine for what you are talking about. I'm not 100% up to date on video transcoding, but I'm sure you can find info on that. If you want to do things like hardware passthrough, Epyc and Threadripper are nice as you have more PCIe lanes so you don't lose performance with...

Shrug.. I still run 2 1366 systems. One is a firewall on OpnSense, one is my main storage/VM server. It gets the job done. They are power hungry, but so is the 10G switch, and the HDDs in the storage box use more than the CPUs. I will say that the single proc firewall can't saturate a 10G link...

SATA expanders seem to have more issues than you would get with just a HBA. SAS expanders seem to work well for most people, but you can get a pair of HBAs for less than the cost of an expander, at least at the time I was looking. I would just get a pair of 8i HBAs unless you get a really good...

You will need to set up a route to it then. Another option is to give the server an interface on each VLAN. They can be virtual interfaces on the same physical interface. Exactly how you do that depends on the distro, Proxmox has a web UI that includes support for it. The traffic has to...

If there's no I/O, why have the Optane at all? :) IMO, the issue with consumer SSDs and ZFS is overblown. It does run them a bit harder, but it's not like they are going to die in a week. Even with the Optane as a cache, you still have to push data in/out of the SSDs. I wouldn't use the...

Sure you could. Either would likely work fine. I'm not sure how much you would gain with the Optane drive in either case though. A ZFS mirror is already quite fast on SSDs. To really benefit from a cache, you need that cache to be faster than the drives. It is, but how much? And you would...

I would, and did, separate them out with VLANs and use my OpnSense firewall to route between them, the little traffic I allow between them. My setup is pretty simple. Internal network. Reasonably secure/trusted devices that I want to generally allow to do most things. Main file server...

I think you might be missing some parts of how IP works. The stack compares the destination address to the netmask and local IP to see if it is on the same subnet. If it is not, it checks the routing table for a route to that subnet. This can be a specific route, or the default route. It sends...

Masquerade is NAT. You don't need it for this. Forget all the upper layer stuff for now, you need to get L3 working. Unless you are using L3 routing in the switch, you don't need to configure it for subnets. The subnets need to be isolated, either physically or with VLANs. It is possible to...

There has been talk about in-place upgrades, but I don't think anything has come of it. It's a difficult problem and it's very high risk. You can make a striped mirror raid-10 style array. You can upgrade those 2 drives at a time. Downside is 50% usable space. You can make another raidz and...

If they are going to insist on those ridiculous wifi cams, I don't know that you can really fix it. You're running up against physics. Particularly when they are so junky that they are 2.4Ghz only. Even worse if they keep adding new ones. A few with better placement are better by far. Since...