Topics created by mroth911

Source NAT rules. No clue how this work on UniFi though.

On an EdgeRouter it looks like this.
946132be-32b8-4225-9f4a-75634d00754b-image.png

08dbe439-afef-4e97-9a09-d72b48ca19bb-image.png

I assume it goes here in UniFi.
d70f4ee8-a60f-4803-b5da-df26f0d19ce5-image.png

1ffc5074-9466-441d-a320-32fd181f3fa0-image.png

@mroth911 said in Nodeweaver:

I am going to setup Proxmox tonight with LizardFs and see what the big deal is with nodeweaver and see how it functions. I will write down documentation if need be so I can share it if others what to do it.

I was actually reading about Proxmox and LizardFS.
https://docs.lizardfs.com/cookbook/hypervisors.html#using-lizardfs-as-shared-storage-for-proxmoxve

@scottalanmiller said in Intel SR2600urlxr Raid:

@Dashrender said in Intel SR2600urlxr Raid:

Can the actual backplane prevent you from having larger drives? I understand it can be a performance bottleneck, but drive size prevention?

Absolutely, always has.

To clarify, this isn't ALWAYS the case. The backplane can limit drive speed and/or size if it's an expander-type backplane.

On Supermicro, for example, if you have a chassis that ends in "TQ" this means the backplane is not an expander and is merely an input ("direct attached") board allowing SAS connections to it. I.e. you use an SF8087 fanout cable and run the 4 SAS sideband connectors to each port on the board.

Also from Supermicro is the "A" chassis which utilize a breakout backplane which takes a SF8087 input cable and then "breaks out" to 4 connections for 4 drives without modifying the instruction set from your card.

While cabling with both of these become messier than expander backplanes, they're almost forever upgradeable. So whether you bought your 32 drive chassis yesterday or 8 years ago, you can still obtain SAS2 speeds from it and large drives. One can also use a SAS3 card with a SFF8643 to SFF8087 cable, though you will be speed limited to 6Gbps.

@DustinB3403 true.. however I am trying to learn the technology . The problem I am have is trying to learn. Thats how Scale and all these other companies come in business. they take an idea and make it better.

I know everyone has they're opinions about money and what not. But at the same time... this is what fuels my desire in the tech industry. Is to learn new tech and keep evolving over time. Seeing what other best practices are and so forth and so on.

So it might look at a costly investment etc, and a lot of time wasted but that is your opinion. Its just like collection cars. this not only how I make money but a hobby for me too.

@JasGot said in Mail Server with app like google for testing:

@scottalanmiller said in Mail Server with app like google for testing:

That said, if you were doing Postfix (I prefer to Exim) and Dovecot and skipped the Webmin or any other front end piece and stuff 100% with NextCloud for the web interface then you could run on an even smaller instance with as little as 512MB of RAM easily.

I saw the 512 instance and thought the 10GB ssd might be too small for an IMAP mail server, and since it's only $1.5(ipv6) or $2.5(ipv4) cheaper.... 🙂

Oh true, that might be small. But for just two users, probably okay.

NVMe drive for storage instead of SSD. It will be about 6 times faster from around 500MB/sec to 3GB/sec.

AMD black could be any number of CPUs. They're all slow compared to newer AMD CPUs though.

6 HD screens...maybe he would consider upgrading to larger 4K monitors instead. Each 4K monitor has the same resolution as 4 HD monitors. So 2x40 inch monitors has more screen estate than 6 HD monitors. And two or even three 4K monitors could be run from the same graphics card.

So that is would I would look into. Newest AMD CPU, 1 really good graphics card, NVMe for storage and new larger monitors.

@mroth911 said in Routing port 80:

So is there any services that I can use, or do I have to build a server? or what can I do to simplify the process.

An external service can't help because you need to direct the traffic once inside your LAN. You just need a reverse proxy, like Nginx, running somewhere and all port 80 pointing to that, and it in turn pointing to the internal resources. So it can be a dedicated server or shared with some other task.

I've not done this, but as cPanel is just a web app itself, it seems likely that any HA web platform will naturally handle this as well.

If you have a primary/failover type set up take a look at Peplink Balance products. They can do outside IP address translations and forwarding such that packets coming in on say 66.0.0.1 (Carrier A) can be sent to ip 12.0.0.1 (Carrier B) with in the device. They are expensive; but worth it. We used to use a Peplink Balance 580 here to both load balance between a (then ) Level 3 (Primary) and Time Warner (secondary) circuit but also to fail over; traffic would be re-directed via DNS (ether SRV secondary records or "round robin") to the secondary provider and the Balance 580 would essential NAT the address to the primary carrier's IP (on our equipment).
https://www.peplink.com/company/peplink-enterprise-features/

@JaredBusch said in Building a Mail Server:

@scottalanmiller said in Building a Mail Server:

@JaredBusch nice. Going to look at moving to Zoho again. Got a customer about to move as well, this will be great for them.

I'd pay $2/user for Mail Lite with 30GB+ storage but not Zoho Docs.

I might do so as well.

@scottalanmiller said in New Infrastructure to Replace Scale Cluster:

So if a VM dies, oVirt will provide non-FT failover, yes. And by having failover you might achieve HA. And oVirt is a critical part of making that possible. But it itself isn't HA, nor does it guarantee HA. It's just a failover component that you can use to "do" HA.

It's a component you buy (well, this one is opensource, but still), part of a solution that would cover other potential failure points. The solution in general is also something you can buy, in order to achieve a certain level of HA for those VMs

@FATeknollogee the install itself has been covered too many times to mention 🙂 Maybe if he runs into a specific issue and solves it, that would be a good thing to share

@DustinB3403 said in Server 2012 Hyper V Cluster:

@scottalanmiller based on @mroth911's most recent topic he is looking to setup a Hyperconverged system and appears to be testing Hyper-V and oVirt.

can't do hyperconverged without shared storage. Shared Storage is the foundation of hyperconvergence.

@mroth911 said in locking down network:

so basically I am helping with my church/School , they need to connect to apple/android store. youtube. but social media sites locked down and p2p networks and anything inappropriate for k-12.

So OpenDNS is doing the trick for now., However there is no cherry picking, and certain users need the ability to connect to facebook as well. Posting via webpage what is going on in school etc.

Thats the situation at hand.

They received a letter that someone on the network was downloading from BitTorrent. and it broke digital media anti-piracy law. etc. So they are naturally freaking out.

This is something I want to setup and walk away.. I am just doing this to help them.

Blocking Bittorrent without an application level firewall isn't that easy. Talking to the tracker happens via DNS, but talking to the other clients normally is just via IP address.

You could block all non needed outbound ports - but again, I think Bittorrent can work over port 80 and 443, so not really that helpful.

@jaredbusch said in Ubiquiti ER3 to ER4 Upgrade?:

@scottalanmiller said in Ubiquiti ER3 to ER4 Upgrade?:

@mroth911 said in ubiquiti Er3 to 4 Upgrade?:

Can I just back up my er3 and upload it to the 4

I believe so.

I have never tried, but it should handle it because it only bring the /config folder in, and nothing in the hardware of the 3 vs 4 is all that different.

To clarify, I have migrated from ERL to ER4 a couple times. But I manually migrate. I don’t try to restore the old config.

@mroth911 said in How to make 3 node cluster like Scale:

I Understand now. so i wanted to build something that is like "SCALE" meaning the vm's with failover and I can spin up a vm fast. just to understand the technology.

I heard of KVM. Never played with it yet.

KVM is the hypervisor behind Scale (and loads of others.)

So the things you want from your setup are a tiny function of what Scale does. All you are looking for is "high availability virtualization" which is a massively broad category. Scale does it in a very specific way, that is very good. But it's a cat and there are many ways to skin it. Some good, some bad, some just different.

@manxam said in Domain controller server 2012:

As per the above but to migrate the desktops, use Transwiz. Takes 1 minute to migrate the user profile from the old domain to the new.

That's the one that I was thinking of when I saw the post. Just didn't have the chance to post.

The above works really well.

@wirestyle22 said in Too many wireless clients:

@jaredbusch said in Too many wireless clients:

Apparently a lot of “people” like it.

I assume you are referring to the illuminati lizard's controlling everything? This is the first time I've been inconvenienced by not having emoji's ever

Specifically, not IT professionals.

I have one in the field. I will never, ever, buy another one.

@fateknollogee said in Average Rate for Emergency Service:

@jaredbusch said in Average Rate for Emergency Service:

0_1537821572384_e882d8de-fc1a-4b6c-9d45-85102fa67fac-image.png

@JaredBusch Just curious, what app is that screenshot from?

Are use manage engine service desk for my Helpdesk. I actually would like to migrate to something else but have not been given the go ahead to do so because of cost of my time to do that.

Ransomware is not fun.

NotPetya damages were in the 10 billion range. One enterprise I work for at times was down for weeks. Having backup is not enough - you need to be able to access your backup too. When everything is down you don't have any computers to access anything with. Sure you can reinstall but where are your image files? When you do have computers you have no DHCP, no DNS, no AD etc. You have no internet access, no email, no phones. Yeah, backup is not enough. You need an elaborate emergency plan.