#networking

^ The Patriot Act btw, great ep lol

I don't watch that

😘

Have Netflix and there is less and less on there I want to watch, so I watch things like that

Should just cancel it

I stopped watching a lot of various content by far left people cause the Trump derangement syndrome is massive. I figure Patriot act is no different

😬

Netflix is the Anakin Skywalker of video streaming

Depends on the ep, I mean there are Trump jokes but Mitch comes up more

I'm just tired AF of hearing it lol

lol

Zero cares cos nothing to do with me

You have your own problems I'm sure

Who doesn't

But I know more about US on-goings than my own because ours are boring AF and it's just nicer with no skin in the game

@strange silo About the quote earlier: yeah it must be difficult in such a small area to compete with basically everybody you know (NZ if I remember)?

Yep

But I'm also not in one of the 3-4 bigger cities as well

Auckland would be a bit different of a situation

@strange silo so just to clarify, 250 running vms should be possible over nfs just fine?

Yes, there isn't really a limit at all

What you do is have multiple NICs on the storage platform with their own IP and on the ESXi hosts you balance the mounting of the NFS shares across those IPs

you don't get multipath at the datastore beyond standard link aggregation but you do balance load across multiple paths by spreading load across datastores which take different paths

You'll hit storage I/O or storage CPU limit before network anyway

So that looks like
Esxi1 --> nic1
Esxi2 --> nic2

No need for link Aggregation that way?

@strange silo Im about in a similar situation. I know almost every engineer within a 600mi radius, exception being Canada. We all compete with each other but at the same time go out for drinks or food weekly

@little schooner Not quite drop that down to the datastore layer as each host will be mounting the same datastores

over the same path

I don't think I get it

So multiple nfs share pointing to same big. Volume?

ESXi1 mount NFS:/10.1.1.1/Datastore1
ESXi1 mount NFS:/10.1.1.2/Datastore2
ESXi2 mount NFS:/10.1.1.1/Datastore1
ESXi2mount NFS:/10.1.1.2/Datastore2

Multiple NFS mounts on the storage server and mount them over different IPs

Tomorrow is fiber run day

more smaller NFS mounts is better than one larger one for load balancing

hitting the same underlying storage volume is fine

then if you need more I/O create another volume and migrate or make new NFS shares on the new volume

@strange silo oh I think I see it now. So like carving a 1TB volume into two datastores, 500GB each and mounting both servers to them the way you listed

yes

And it's better because nfs prefers smaller volumes for better performance?

While adding redundancy

Has a bit more to do with network load balancing

k

Yes this plan is good

Since VMs sitting on datastore1 will take path 1 and VMs sitting on datastore2 will take path 2

I need more 10 Gigabit clients on the network 😄

to test the full 10 Gigabit

and that is common across all hosts, they all mount the same datastore and use the same path so if a VM moves it won't hit the incorrect storage controller and cause a cache miss

because it took a different path

@strange silo I see makes sense

But that has more applicability in a storage platform with multiple storage controllers

Synology NAS or FreeNAS is single controller

It's a nice design

It's one of those "industry reference designs"

Because no matter which storage vendor you use it's correct for all of them when using NFS

@strange silo is it valid to use LAG in this case if it's available? Or still go with the separate ip on nics

LAG is must for NFS otherwise the network has no redundancy

So wait, I thought lag only allows one ip assigned to the adapter

So for you you'll need to create a LAG with multiple IPs and get the LAG mode working so each IP uses a different NIC in the LAG

Hmm

Ideally you would have multiple storage controllers that share the same disks/volumes and it's 1 IP per controller

So 10.1.1.1 Controller 1, 10.1.1.2 Controller 2

Ahh gotcha. That was the part I didn't get

Yes again multiple storage controllers

Other option is 4 NICs in the storage server and 2 LAGs

1 IP per LAG

I doubt with 250 VMs you'll max out a single 10Gb path though

So our server has 1 storage controller and 4nic. So 1 lag of 4 nic and one ip

I guess we'll do

Only time would be during backups by pulling out a DB backup over night or something

Yeah I doubt it. It will all be remote Connections

Students connect with VMware workstation

Those 4 NICs 1Gb or 10Gb?

@strange silo they are 1gb each

@strange silo think it will be enough?

Yea, was just thinking 1 LAG vs 2 LAG but with 1Gb team of 4 is best

Awesome

For smaller setups I like shared SAS the most

Netapp E-Series or Lenovo V3700 for example

I'll take a look

Without an expensive SAS switch you're limited to usually 3 hosts but if you need more than 3 hosts SAS is not the best anyway

Those with VMware Essentials Plus license is perfect combo

As that is 3 host limit, 6 sockets

And you can get a fully equipped dual controller V3700 for something like $5 USD

FYI under the hood they are all LSI/Broadcom OEM, have a look at pictures of the management software. Just re-skins, quite funny when you know and storage vendors try and do their typical thing.

So go for best price and support, because they are exactly the same for all of them, all the big brands have them

Only down at these lower end models of course

I've always just used iSCSI for that purpose

and not NFS.. never really looked at switching

I found a good forum post on lun for synology https://community.synology.com/enu/forum/1/post/123581

Are there legal sources of getting Cisco images that doesn't require sub?

Or it has to be done through Cisco with smartnet

Pls can I pick someone’s brain on IPv6??

@little schooner I can not imagine any way other than copying from equipment you own, but can't imagine it will be legal, to use it in other equipment than what it came from.

@unborn fox Why not ask your question, instead of asking if you can ask a question?

@craggy parcel yeah thats what I figured. Teacher wanted to know if it was possible

They didn't give him Cisco. Images

Well, they are easy to get without Cisco service contracts, but not in a legal manner.

Even though I think software upgrades to that kind of equipment, should be part of the deal, for at least the expected lifetime of the product (No less than 5 years). But in reality you might end up paying more for the company to fix their bugs, than for the actual hardware.

I see

Hi All,

I am planning for future IPv6 deployment for large networks that currently have large amounts of vlans.

I have been trying subnetting IPv6 into /120’s for vlans in a cisco lab. Unfortunately this breaks SLAAC and dhcpv6 starts acting weird and gives clients a /128 or no address at all and they don’t pick up dns very gracefully.

I guess my question is, if I have a large network with let’s say 20 vlans and 150-200 devices per vlan. Do I just slap a /64 on each vlan and call it quits? Or should we be breaking down the /64’s further?

@unborn fox you should be using a /64 for each VLAN

SLAAC only supports /64's

basically each VLAN you use should be a /64 unless it is PtP VLAN connecting two routers, then you can use like a /126 or /127 or something like that

a network with 20 VLANs isn't that big

generally a company will get a /48 with IPv6 at the least, which gives you enough /64 subnets that you could have 65,536 such VLANs

unless you expect the network to enlarge from 20 VLANs to 65000 in a short time, there is no need to conserve

I know based on IPv4 experience you are probably aiming to conserve space, but that is counterproductive with IPv6. You have to allow yourself to be much much much more wasteful than you ever would with IPv4

Case in point - cellular IPv6 uses a /64 per host, so each phone gets its own /64

even for the PtP VLANs where you use /127's it is recommended to actually only do one of those per /64, so leave the rest of the /64 empty

otherwise it is too difficult to figure out where the subnet boundaries are

the use of /127's or /126's as PtP subnets is really mostly for security reasons (preventing more IPs from being on that subnet) than for conservation

I actually often don't bother and just use /64's on PtP subnets too

that way if I need to add another host onto the subnet for troubleshooting, it is easy enough

so yes, slap a /64 on each VLAN and call it quits

but plan out your mapping for them in a way that makes sense

like perhaps you can use the VLAN ID in part of the address

so if you have a /48 then you have something like XXXX:XXXX:XXXX::/48

but then the /64's are XXXX:XXXX:XXXX:YYYY:/64

you can use the YYYY for something useful like the VLAN ID

instead of just making it up

it can make it easier to find things

in case you have multiple sites, for the YYYY portion, the first hex digit could be like the site ID (which gives you enough for 16 sites), then the next three hex digits as the hex version of the VLAN ID

you could also go with the decimal version if you don't use the higher VLAN ID numbers

if the network you are dealing with has more than 16 sites each of which has many VLANs, you may even want to request larger than a /48

To sum it up, with IPv6, any thing smaller than a /64 essentially doesnt exist. We need to get out of the IPv4 mindset

Why does windows licensing have to be complex?

There are very few licenses that are not complex

MS licensing is getting a lot simpler than it used to be, flip side is it's getting more expensive as they package more together and throw it under things like Office 365 User licenses

*screams in mandatory Cisco SD-LAN licensing on all new switches

@strange silo do you know if installing windows in esxi VM container to a shared storage system uses a lot of bandwidth?

I didn't setup the env completely to test yet but wondered if you knew that answer now

Like when my cameras stream their footage, I am seeing constant bit rate of 23 mbps

For windows installing I presume it will be a lot more?

It shouldn't use too much bandwidth but just be careful if you need to do maintenance on the shared storage system

@little schooner

@clear igloo SD-LAN

SDA?

muh DNA

ACI to the edge 😄

M-A-N-D-A-T-O-R-Y

MUH 9400

they keep trying to sell it, i keep saying no

You mean the $0 license?
C9400-NW-A?

or the C9400-DNA one?

dna

Ah, it just replaces Cisco One iirc

we dont have C1

xD

lol

im trying to remember but i think the bulk of our ipsec is through a firewall and not a router, so theres no advantage to C1 cause we're not using almost any licenses on the routers

we had C1 at another company, that was nice

@clear igloo k

Teacher wants to wait for the purchase first to come in

Before making any VMware infrastructure changes

ugh

he needs to move faster

@clear igloo you can and should make configurations while a device is shipping

Depending on the model of bringing the device into the network you can 🙂

@clear igloo YEET

Dockerizing everything is almost done!

Noice!

I prob. won't move anything else to Docker though.

Minecraft will prob. stay on its own VM, same for Gluu and windows server

Well, technically Gluu is dockerized.

But not managed with Rancher.

@waxen scroll Cisco netacademy also didn't give him full access to the Cisco images despite needing some of them to teaches the updated ccna courses with wireless

I told him how can they expect you to teach the course if they don't give you resources needed. And you are academy Partner

I don't get them

So I told him to make that counter argument to them and I think it will work

In the interim he was looking for other websites to nab the images from

But warned him that isn't really an option for business

i dont know how it works. i dont think gear is included with netacad and the school is responsible for keeping current. i know my school had old as hell gear

@waxen scroll yeah. The gear is not included, but I would think software should be

At least just the images for the lab devices required for course nothing more

nope. the school needs to buy maintenance contracts on all equipment before it is

Those maintenance contracts are annoying

i agree ;p

@clear igloo So

uh

near my house

Fiber is present here, do not dig

guess what happens when you let a maintenance contract expire for a year and want to then go buy one?

👀 @rocky badge

I wanna get off of this shit connection

https://blob.pcmr.rocks/4aa26a8c.png

@waxen scroll the price increases 3 fold?

they make you pay for 2 years minimum. to cover the year you didnt have it and the year you want to cover it for

Ouch. They definitely have their bases covered

They will never lose

@clear igloo and here i am wanting to ditch 300mbit for 75

its different when poppy isnt paying 😉

Same @rocky badge

Lol

So today I found out that the college gave us 2 grand for us to spend, no strings attached.... As long as it's for school use

That's neat

everyone?

@waxen scroll whoops. By us I mean the teacher and I

Hehe

@waxen scroll that would be something though if it were the other way

2 grand aint much these days

what would you do with it

@clear igloo as a network equipment PO writer, my spirit is gone

Yay, death to the spirit!

😛

2k cant even get me a 4000 series router

@little schooner tell prof you want 40gb

400Gb*

im being realistic so his NO is more of a no

Just wanted to post this here for anyone with internet problems, it can get worse

This is for a 4 person house BTW

ah yes, my old connection

I really want to see a connection so slow that speedtests rate it as negatives due some glitch

I think at that point it will also simply drop packets since the wait time would be too long to hold them in queue

Yeah probably

timed out

Negative latency tips for Google though

@waxen scroll yeah. 2 grand not enough for a great SAN

He pitching either 2 grand towards licensing for students or a SAN of some kind

@waxen scroll so, realistically, im looking to buy a NAS and not a SAN?

2k is terrible for SAN, doesnt even get one

Qnap seems to fit the bill

Moving from Meraki for my home lab to Pfsense, any advice from anyone here?

@keen sorrel yes. Free updates and easy OpenVPN setup

Thats part of the reason I am switching for sure

I have an openVPN server, but opensourced security updates and no subscription fees are hard to beat

@keen sorrel in terms of how it performs, do not expect it to do more than 10gbps routing. It can't do it. But it makes a perfect multi gigabit setup

@keen sorrel how do you have your OpenVPN server setup? In Debian or something?

Ubuntu server set up

@xeon

I see.

Yeah that's pretty good

It runs on my Dell server in a virtualize environment.

@keen sorrel do you port forward it or use NAT?

Eventually I want to virtualize pfsense as well but getting my feet wet first with a physical separate unit @xeon

Or neither?

I use port forwarding the beauty of openvpn is it's all private and public key based so very secure even with port forwarding.

Yeah true.

It stops the brute forcing easy

Whenever I use SSH I either lock it to a specific IP only allow certificate-based authentication with encryption keys. It's really getting to the point where even secure passwords aren't reliable

@keen sorrel yeah. I have some of my Ubuntu server with cert based login too. I need to finish up setting the others

They are still on password

I also need a new 10g switch

Looks like I am going with mikrotik

@little schooner Port forwarding is NAT

Just lock it to your external IP and use your VPN to connect. I use a Mikrotik Router board as a switch, very reliable

@hollow marlin but why they give them different names

NAT is the mechanism, port forwarding is the configuration

@hollow marlin so in terms of Edgerouter, it's doing both?

It only shows GUI for NAT details

Well that could of fooled me.

It did fool me

Edgerouter gui is a tad confusing with its layout imo. I mean so is Mikrotik, but at least you expect it with them

@little schooner Yeah most routers dont separate it. NAT in general is dynamic and stateful, port forwarding is a static configuration for NAT

Port forwarding doesnt exist in Cisco, Juniper, etc....

@hollow marlin oh now that reminds me back to Cisco commands

I also looked at untangle, but in a coin toss between security products I usually lean toward open-source

Yes they use NAT keyword

Ah hah....

@hollow marlin thanks for pointing that out.

Now I made the connection

👍

@keen sorrel I haven't tried untangle but

It probably does the job too

My exposure has mostly been with pfsense since I've deployed like a dozen of them

It's a close call in terms of features, but untangle is closed while pfsense is open source. In terms of longevity and security open-source usually wins out

That's true

Just look at windows live mail on GitHub

Or wait... I know I read an article somewhere that the source code was public

So they can make it working again... I think...

What it means is yes, it helps. Make products survive longer term

What's the other one I here alot about, sophos?

@little schooner Ill give you a holler on how it goes tomorrow. Waiting on Dban to finish on the Mini itx pc I'm going to install pfsense on(previously belonged to someone else)

The internet was never meant to be this big in its current form, we should just make a new one, I'm kinda sick of all the patch work and people trying to clinch to the status quo endlessly. the ipv6 standard doesn't really make sense and there are a lot of shenanigans around it, experts even say it's not suitable long term, exactly because of the compatibility and other issues - yet it gets sold as the one and only solution, when it really isn't, and by all intends and purposes is likely to fail, there's a reason I turn this off first thing on all my devices (as do millions of other people)
Is this guy for real? Like WTF

Lmao

Forum?

I was close to turning ipv6 off on ubuntu because plex media server wouldn't listen on anything else except ipv6

then it hit me that the configuration for plex was broken and had to reinstall. after reinstall it came back working

Now it listens on both as it should

@hallow nimbus when the other end is the bottleneck https://blob.pcmr.rocks/8c8d3c47.png

Lel i did hit 5.5 Gbit

😂

JFC 😂 https://blob.pcmr.rocks/7630276a.png
I'm just running a speedtest

😂

Speedtest.ryois.me ? XD

nah,

this is my internal speedtest

https://speed.ryois.me is my public Speedtest custom

Watch me kill it

@hallow nimbus https://blob.pcmr.rocks/413a29c9.png

I'm speedtesting....

runs speedtest using ISP sponsored server, gets pissy results SIGH
runs test using a provider who actually knows what they're doing (Frontier Networks), gets good results

watch me kill this speedtest guys

@little schooner Mostly not much at all, would be a few spikes but mostly installing Windows is decompressing files out of the mounted wim file so it's not really any different to doing a file copy with explorer but it only does each file as the installer needs it or is set to copy etc

@little schooner I prefer QNAP over Synology as you get higher end better performance hardware spec for the same money, either way 2K isn't going to go too far

Might be a case of buy the best no HDD model you can get then find a way to get disks in to it outside of that 2k

@strange silo yeah I suggested the qnap TS-832XU but he saw the synology 1817 NAS

With 6 6TB hard drives, it came it to be close to 1896

I really wanted him to get rack mount hardware

I don't really know if the 2k is a super hard limit or

If There is some room to go over

So I'm looking for a new router. My dad finally decided the verizon one we have isn't good enough. Where should I start?

What is the initial problem? What was the deciding factor that the router wasnt good enough?

@hollow marlin i want to put in ipv6 to the core this year

but it got so political in the last few months. i probably cant

Upper management or coworker politics?

also i think cisco and others keeps having issues with their code where you're only vuln to a security issue or crash if ipv6 is running

upper

upper manglement is always the problem

for example, i told Lurick i want to enable python API

days later there was an announcement of a bad vuln

xD

cant fucking win with modern features

if i told our change review boards im turning ipv6 on, my head would probably roll with all the concerns

https://ipv6excuses.com

We have ran into similar vulns with both Cisco and Juniper in our core. The ones we ran into though were when IPv6 was used with X protocol.

Didnt affect us, but still a pain to keep scheduling maintenance windows

our change process is so bad right now im close to quitting over just that

BuT Ipv6 Is uNSEcuRe wiThOUt NaT

LUL

Is what I hear most

NaT iZ sEcUrItY11111!

"I don't want to lose the security provided with nat"

its true on ubnt... if you turn it on theres no way to firewall it in the GUI xD so its open until you realize it

Hah...excuse me

i was supposed to upgrade line cards and be done by last oct

i havent started yet because of our terrible change process

keeps getting in the way

Upper management doesnt understand when "change processes" become "processes" because changes never happen

My last job was like that until shit piled up because the same reason

one manager actually lectured me for my change getting denied and im like DUDE, you clearly have never been through the change process

Then they came down on us. They shut up quick when the board reviewed our ~70 change proposals that prevented the situation we were currently in

lmao

our problem is that too many business units are allowed to say no and when they say yes.... if you cause an outage and you didnt have that unit on the call during the change you get yelled at because the restore is slower

so if you touch the datacenter which can involve many BUs, you have to seriously invite like 20 teams. they need to sit on the call for hours. if one forgets to show up, change cancelled

@hollow marlin range

@waxen scroll Qualys 😄

@clear igloo oooh

Imagine if a school went all UniFi

vs Cisco, Aruba, etc

Just a standard k12 dumb IT, nothing major

@waxen scroll Oh fuck that. If that many hands are involved nothing will ever get done. Anything after 5 people makes the process next to impossible

i wouldnt use ubnt in any large environment. i want 24/7 support with an engineer who can read debug mode and even edit in debug mode. buying multiple spares isnt the answer sometimes

Like a school has those :p

skewl
spares

ive had many tickets where i need an engineer to go into asic level console and enter jibberish to help me

We have a good 20-30 enterprise circuits where the customers use all Unfi. One I think has around 300 switches

I just cant imagine

K-12 school can afford to shrug shoulders and be down

i like ubnt, but i dont 300 switch like it

Unfi Redundancy = keep spares an stack with RSTP 😎

@clear igloo so that guy whose rack fell through the roof

All of the servers survived lmao

yes

nice!

@clear igloo it's going to cost 400k to double reenforce the attic though

And it was 600k in hardware

OOOOF

It's a 48u full of custom supermicros

But luckily all of the stuff on that rack was replicated across the other racks and in AWS

So nothing actually went down and nothing was lost

Google would like to know your location

Lol

https://tenor.com/view/fbi-raid-swat-gif-11500735

@clear igloo when he hooked up the Outpost....his meter just went spinning like crazy lmao

kwh was going to mean nothing if he kept it on for a while

It requires four 250V/30A

ahhhh 120v country

needs better ipv6 firewall

@clear igloo I'm on Verizon hotspot + VPN right now oof.

OOF

https://blob.pcmr.rocks/69m1hC7QA1.png

I mean....

My Verizon hotspot is supposed to be limited to 600Kbps/600Kbps :p

but disabling IPv6 and setting TTL to 65 bypasses that on some phone hotspots. 😄

@rocky badge that's a new Ipv6 excuse. "We can only throttle on ipv4"

LOL

Is HP 1400-24G for $50 a good deal ?

@little schooner I think the real excuse for big ISP's are, "We have enough IPv4 addresses for a while, lets make it hard/impossible for others to start a new business to compete with us..." 😛

@craggy parcel that's what it's come down too. Like the ipv4 waitlist in the UK

@little schooner Wait list in the UK? Never heard of that.. Only the one RIPE made...

@craggy parcel it was some article I saw somewhere

Maybe on ars

Perhaps they mentioned the same list, but from a UK perspective? And got something messed up?

I mean, only ISP's would be able to transfer IP's, while the RIPE can actually hand out new ones, as old blocks are being returned.

But no ISP would have any interest in making a UK only list

@rocky badge We used to put Aruba in to schools all the time, below 500 students then Ruckus

Ruckus for ages, don't know if it's no longer a problem, couldn't do multiple security profiles and rule chains using different auth methods on the same SSID

Lel, my school uses Extreme Networks for switching, wireless, NAC, etc and Cisco for routers.

@rocky badge didn't extreme networks used to be called entersys?

Enterasys Networks

Yeah

Yeah my area k12 schools use that

They are old

They recently acquired Aerohive

Ubiquiti might aquire Ruckus

@rocky badge now they can swarm wifi signals

With the new hive

Lol

Ubnt should aquire rukus

@hollow marlin All our change control mettings have 20 managers in them and around 30 in total, YAY! 💩

Make their aps cheaper and let them still operate independently

It was in their shareholders PDF

I wouldn't want ubnt staff to touch the stable. Rukus hardware

lol rude

Well

but ture

My biggest issue is that there is no dedicated support with ubnt

But their forum 😉

Yeah, people attack on the forums

Attack the question

Also if you bring up. Other brands it's a defensive war

Not saying I actually posted something but noticed time to time

I just don't ask for help and throw out the Ubnt equipment for something better if it has a problem and firmware don't fix it

Have an ERLite paper weight

edgemax

@strange silo yes I remember Edgerouter having a show stopper bug with udp traffic

And it went unfixed for years

Until a month's ago they finally put a patch

Swapped it for mikrotik

swap that for a Fortigate

Fail up 🙂

Fortigate sounds nice

Same with watchguard

But I don't have a business income to afford the subscription stuff

Fortigate is still no replacement for a proper boarder router which the mikrotik is better at

Mikrotik is versatile for the most part

Also makes for a great addition for an edge switch outdoors

I'm just using used Fortigates at home with no FortiGuard licenses so a lot of the nice features are disabled

I use them for the hardware IPsec which kicks the ass of everything else

For the same price*

I see

I wish I could make it show the entire switch layout lol

Instead of 2 rows slide over

@rocky badge Linus's Chrome tab video, "more ram in 1 stick than your entire computer"..... wrong

Lol

Wasn’t it 128gb sticks

yea

Hot

I need to use my pc more lol

@strange silo does the fortigate support Ipv6 and ipv4 firewall using DNS names?

Edgerouter doesn't let me put hostnames in the rules

Yes

And if I get one, it works without subs?

But fortigate is not known for having stable firmware releases

Ohh

That's not fun

so you have to wait and really check before upgrading or you will have a bad time

This year we've had about 3-5 major outages due to firmware bugs or something spazzing out on it without any indication before had it was going to

Hmm

Like the Av scan engine spinning to 100% CPU cos... fuck you I guess?

Heh, that's abnormal for sure

Or old versions of TLS getting blocked by default after FortiGaurd signature updates, by 'mistake'

which being signature updates you have zero control over

but we didn't need eftpos

.....

@strange silo do you know if fortigate supports dnsmasq like functionality?

Like if client request internal domain, to use a different DNS server to answer the request

@strange silo just found it https://forum.fortinet.com/m/tm.aspx?m=91939&p=

@little schooner Yes as you have found but we do it via DMZ DNS servers with different zone files

@strange silo i bet blob tests in prod all the time and annoys his parents when the network dies

Can't find the CRS328-24P-4S+RM with a good return policy

Phew internet is still working

Digging trench, hit the fibre cable going in to the house

oh yea, that's going that way too

Careful, you dont want to nic the fiber and let the internets out

you didnt check for errors tho ;p

@little schooner what policy are you looking for?

@hollow marlin where the restocking fee isn't like 40%

In case I have to bail

Why would you need to return it? Pretty much know what you are getting

@hollow marlin read online that some came with missing parts or screws deattached

Or needed a new power supply

Thats warranty though. You reach out to Mikrotik directly

Also I am sure the missing parts are mostly shady re-sellers

Yea anything not delivered as ordered is cost on supplier not you and you have right of return without fee, but you have to let them try and remedy first

Which is also why you don't pay first, but sadly consumers don't really get that option

lmaooooo

yep, ive ordered $400k+ of product before and they wont pay any invoice unless i go into a system and confirm i'm happy with what shipped

must make vendors sweat

@strange silo that would be an awesome option to have

Yeah we had our two MX10003s for 2 months before they got their check

https://www.reddit.com/r/networking/comments/eh8nz7/what_network_problem_is_besteasiest_troubleshot/

Apparently wireshark is completely useless tool and networking doesnt exist above L3

He said anything above l3 wasn't his problem 😂

If you actually read some of his other comments he says a firewall is L4 and not networking because its above the networking layer

I cant argue with that logic

True but then I should argue for a raise 😂

10% for each additional layer

I mean, technically speaking, Layers 4 and up aren't directly required for L1, 2, & 3, however, in terms of actual functionality, they're definitely required because a users' purchase ordering database application isn't going to work if any layers from L4 through L7 are broken. (And it sure won't work if layers L8 through L10 are bork, either.)

I'm not at fault if it's user error lol

At many companies load balancing is managed by network people

At my company, load balancing isn't managed - the hardware & infrastructure is in place, but almost nothing is configured for automatic failover, so when a network link fails, the route stays offline until someone from the NOC manually implements a failover. sigh

At my company I don't even have to troubleshoot unless it's really bad

🥰

I want to work where you work. Where do I sign up? 😄 (kidding, but that sounds awesome)

Well by the sounds of your NOC and their setup, they dont work either

Go apply somewhere hiring network engineers who actually engineer

Usually 2-3 levels above noc

If you're really lucky you'll never touch equipment physically ever again

I'm only half lucky there. I still do sometimes

I don't do racking or cables though

I still have to because none of the other engineers know shit about racking/running

@hollow marlin the sexiness of being in a DC or touching equipment wore off after my second job

I mean, I'm part of a team that liaises information between our customer facing teams and the backend engineers, so I see that our NOC do work their butts off - the root cause lies within OSI Layer 9. 💸

I like the pictures the techs send me but that's as close as I'll go now

Been there done that thanks

Anyway, due to my job I'm expected to know not only Wireshark, but mass wire tap infrastructure

So that guy is LOL

We have to troubleshoot other people's applications while knowing nothing about them because they blame us before troubleshooting themselves

He probably just doesn't know how to use it properly 😂

It's a perfect tool for going in blind

Yeah.

I'll go in blind the first couple weeks

It blows my mind that someone is so passionate about not using the single most valuable tool in networking

Every time xeon has an issue I ask "what do the packets say"

It helped before

They usually tell me I done f upped

@hollow marlin that guy hasn't been haunted by an IPS yet either

But thats above L3, not his problem

Oh right. He's not infosec

Where does he work. Must be ATT

Or VZ. They seem to have very cranky ccies

I wouldn't trust most of the ccies I've met to know how to work Wireshark

No way in hell that guy is a CCIE
probably some access layer dude that occasionally configures SVIs from time to time

😇

Last VZ ccie I dealt with was whining about me not ttu a circuit in the middle of my business hours

God forbid I make him work at 10pm

Super close to reading him the riot act in front of a conf call full of people

I can say that about a lot of VZ non-IEs also

I cant believe the shit we have to do to get them off their asses

His PM started talking about taking it offline just as I hit unmute

I could feel the embarrassed vz team on the other end

Also last month we had to install an MX in their COLO for peering and some additional customers where their fiber feeds directly back to that COLO. They had some shit go down and locked out VZ badges and we couldnt get to our equipment. Took them 3.5 weeks to regain access

They could only resolve the issue after hours??? and no tech was willing to stay after to fix it.

I'm the end he won too. I had to tell the business VZ refuses to ttu unless it's inside business hours. They let me do it

They needed like 4 vz teams on this call. It was redic

We were doing new mpls over lte deployment

ttu?

Test and turnup

Ah

Never used the abbreviation nor heard it

Many of the telcos seem to use it. Some just say activation

Yeah activation in our area. VZ also seems to call things what they want at times that are completely non-standard

Speaking of LTE, supposedly upper signed a contract last week with a local telcom that has the licenses and we will be experimenting with LTE

They definitely make up their own acronyms

The worst is a SD-WAN vendor that does a lot of work in our area. They had to give us a terminology sheet because next to everything was non-standard in their emails. switch, router, CE, PE, tunnel, peer... all that shit was different. Like LFO, LFE, RO, etc...shit made no sense

why...

My best guess is to appear as if their SD-WAN boxes are not just routers running and tunneling BGP/OSPF

Or maybe they just want to feel extra special? 😛

@waxen scroll hey, are the best emails the ones where I ask for full access to a given system and the reply from the system administrator comes back to me with an email body of done.? And I got full access to it.

i use quid pro quo for access like that

hahahah

So if I help the AD person with little resistance, I might ask if i can have access to some admin functions in AD

usually the answer is yes

interesting

yep. one job i got access to DHCP and the ability to add/remove/change objects in some OUs

not bad.

I like when my permissions grow in size

Of course, it means I have to be more careful with them if it can take over critical systems

also is Please advise and happy new year! a good way to end email?

I am writing an email to the school administrator to give me VMware vSAN licenses

Its the same guy that helped me get windows server 2019 licenses too

ohhh i just hope he can help me out with this one too

people so quiet today

@waxen scroll Monday

Most people here, are not at work the 31st. 😉

And those who are, will usually be off at noon, or something like that.

so you're saying that goofing off on discord during work hours is why this place exists?

@clear igloo i know you do

LOL.. No, it's almost midnight here. Most people would not have to get up early tomorrow...

@waxen scroll Yes 😛

@waxen scroll Here I am with full admin privs to everything

Break AD? Sure. Break vCenter? Sure. Drop some config off the core switches. Why not.

@little schooner So you are going to try out vSAN?

You should really get yourself a VMUG EVALExperience subscription, paid for buy work of course

Getting the company to pay for stuff, if often easier said than done. 😉

worth trying 🙂

I pay for mine though

@strange silo maybe. Ultimately, it is the store that has NSX, vSan, vCenter and workstation 15 all for free for student

I contacted the admin in charge and he replied to me today. He says he retired!!

And the new admin is a guy that probably won't see my email until Jan 20th

Well, here's to hoping with enough asking that they will tick the box of "create account" with the submission I put in requesting access

The old admin was the one who would basically approve every request with this store

done. , try it now. his replies would be

Like that was low barrier to entry right there

This new guy I dunno

Lmao @little schooner how unlucky

The new guy will say no

He just got there

lol

If new guy is any good, he would ask for justification and if good enough, approve. 😉

Damn it having some frustation with webmin

chnaged the ip and mask

to match my network

and i cant access the panel after applying the changes

@clear igloo mmmmmeeeeeeee waaaaannnnttttt

It's so fucking cheap

Nice

Have fun with those 25Gb optics LUL

Lol

Oh god I want one so bad also

@clear igloo 149*6+75*48=4494

You're paying 224% of the switch's price

lol

@clear igloo also, lol this is the first UniFi switch to have level 3

It connects directly to level 3? 😛

All of the others say "in a future software update"

Smh

You know what I mean

Incredible value

wheres the USW Spine

@little schooner its not

theres no value

wheres the spine and wheres the SD-LAN software?

@clear igloo buh MUH aci

ACI Anywhere 😛

sales can just keep thinking that

I know several places that are pushing ACI down to the branch

those same places have budgets

@clear igloo

@rocky badge modular chassis when?!

lol

@waxen scroll aww, it can't work without the spine?

a spine doesnt exist afaik

it can, im wondering why they released a product called a leaf with no spine product

What they should be releasing are new switches with 40 gbps qsfp+ ports

Since when will they compete in Datacenter?

Not with the way things are now

@ancient vigil I'm already saturating 10gbps

With the nvme

No, that will be expensive

And while they are at it, new access points with ax

eyes AX aps 😄

oh GAWD

@clear igloo i set hass to discord theme

my EYES burn

rip

@waxen scroll this is disgusting

even more disgusting is this

they charge $0.40 every month for having the remote

@waxen scroll I probably should of picked an open source home automation platform

Now that I think about it more and after watching a video about the benefits of open source firewalls

LMAO wat

that price list makes me wanna throw up

here's the internet pricing changes

@little schooner Guess the remote part might just be because you pay to have a set top box, and the remote is part of it, but listed by itself, to make sure no one can say it's not detailed enough? I'm sure the price for the settop box would just be the .40 higher, if not a separate item...

That price list, is that cable or fiber?

@craggy parcel hmm probably

mine?

Yeah.

cable until the bottom one

its for cable and fiber at the bottom too yeah

@craggy parcel they charge 4.50 for the TV box

i dont think they charge for the remote in my area, its not listed

@waxen scroll lucky you

they are basically milking us the money

they still charge the stupid $10 fee to have 720 or better

not like we have the remote but still...

yes

So the gigabit with TV is cable.. And we complain our internet prices are outrageous... For 1000/100 cable service, we would pay about 59.90. The settop box is the same 4.50 though.. (That's including a remote, and even the first battery.)

$15/m modem fam

pricey

@craggy parcel yeah, $59.90 for your gigabit is insane deal

in this area its double that

Haha.. No. That's what is considered the most expensive provider in the country.

I think its only like this because there is no other cable competition within my zip code

@little schooner after my payment on the 8th of next month, my contract is over

@waxen scroll very exciting

no its not

kiss them goodbye... if possible

then its like $80

oh

there are no alts?

yeah you have to fight for another promotion.

or not even, they usually just refer me to their Price PDF file

its stupid really

i cant kiss them goodbye. next is 25mbit DSL for $50/m or LTE for $50/m

yeah DSL is my other option only too...

its terrible

no lte here .

im going to bamboozle them and visit a customer center instead of allowing them to send me to retentions on the phone 😉

customer center should play wayyy less games

look, they say its gigabit speed but then...

say this

but how can they know its 940 mbps

why not just say that exactly

I know that my edgerouter easily does 1gbps

Not really. Here the country is basically divided by two main cable providers, and a lot of smaller community providers, with many of them just reselling services from the two big ones. On the DSL side, it's the same, the main competitor are usually one of the two main cable providers. So they are more or less competing with each other and themselves.. However, no sane person would prefer DSL to cable or fiber. For the fiber options, there's one main provider, that's not one of the two cable/dsl providers, and the price for a 1000/1000 fiber connection is about 73.40 usd. They promise 900 Mbit, I guess to account for the fact that most people don't understand how TCP/IP works, and only look at their actual download speed, not accounting for overhead. ;)

DSL service btw, is about the same price as cable.

So in reality our internet i quite cheap compared to others. 😉

(Not that I care much about the price, it's paid by my workplace. 😉 )

im tempted to do LTE but the signal in my area is low, so im afraid i will get 25mbit or worse

Why LTE?

its the only other option

https://www.t-mobile.com/isp

they give you 50 max, but it depends on signal strength

Hmm.. We don't seem to have unlimited LTE.. Best I can find, is this: https://www.3.dk/internet/Til-hjemmet/ Prices in DKK. Basically you get 1TB, and can buy new blocks of 1TB if you need more.

Oh and the extra TB is more or less a full month in price. 😉

No provider seems to be willing to give you unlimited mobile data..

"unlimited"

i guess my second issue is also latency. their website says 30ms minimum is typical

Well, I've used ssh over GPRS.. No need to complain! 😛

ive done SSH over commercial satellite

it aint pretty

There's something funny with PING in the 1000-4000 ms range.

Well, that's only about 300ms or so?

all your ssh traffic is sent to the 10000 locations listening on those channels

^_^

Well, it's encrypted... So who cares? 😛

(Encrypted with the debian default key of cause)

we have a satellite base station at work and thats supposedly rare AF

generally you outsource that

Sounds interesting.. But yeah, you usually buy the service from someone, and if there's a direct connection to you, it's most likely delivered via MPLS or VPN.

mhmm

@clear igloo we're beaming data on channels we rented on a satellite (forget the name) from this big dish. thats as much as i know. i dont touch the thing other than sending data to it v_v

the racks in the datacenter look like gear from the 80s

it could die at any time

Haha.. I actually have what looks like some satellite base station about 2-3 km away...

the routing protocol it runs is RIPv1 if i recall

May RIP RIP.

the remote sites use Hughes receivers which also run rip

i wonder if they teach RIP anymore

my class taught RIPv1 and 2

its such a simple protocol to not teach it

Well, it's been a while, but 10 years ago, they did, but also called it deprecated. 😉

OOF

10mbit is also close... theres some gear from cisco I use that wont do it

I've not used 10 Mbit since the connection was coax and BNC connectors, that required terminators in the ends.

i still have a few things on 10 or 100

That would be more than 20 years ago

The sat-link by any chance? 😛

and by me, i mean some team that i cant tell what to do

nope, servers

Ok.

Why would they need 10 Mbit equipment in 2019? To scared to upgrade?

not sure. they could be abandoned but finding who owns them isnt easy

Disconnect them, and see who screams the loudest? 😉

normally I would but people get fired over stuff like that

depends on whose screaming

True. We only have the "What's this server doing" problem, with virtual machines. We have about 150, and no one dares to remove the ones we don't use, even those powered off for ages.

oof. thats just as bad

Yeah, and as we have no operations people, but are actually all developers, with some handling operational tasks, it's always getting the lowest priority. We have things that's running 10 year old versions of software, that really needs to be updated, but it's impossible to get the time allocated, as we would have to delay development tasks.

But at least there's SOME will to get our messy code sorted out. 😉

my probe stats:

Total Disconnected Time :   0d 00:07
Total Availability      :     99.98%```

QQ lol

@vapid dune Quite similar to mine.. And yes, I did NOT want to login to my work e-mail, to fetch the actual mail report. 😛

lol

@craggy parcel I actually unplugged the unit and swapped from a smaller ups to a larger one...

my entire home internet went down for a bit xD

Heh.. I don't have a UPS. Don't know when it was down, but I probably didn't notice.

only a few minutes tops though. I have a couple power bars off of the ups

ah yeah, I do have occasional internet outages in the middle of the night for I presume maintenance

Yeah. We don't mind disconnecting our customers phones at night either. 😉

lol

If not for that location I would of said typical Australian internet

savage af.

Australian internet is fine

Should pick a closer test server, that latency is much higher than it should be

that was on my old wireless access point that was terrible, most of that ping is from it

lol ouch

Wireless 5G, that a fixed home install or your phone?

speedtest mobile app, SSID was Wireless 5G

ohhh 5Ghz, lol duh 🤦‍♂️

Just did a test from my home server, its kinda peak time so download speed isnt great but ping is better

Hosted by Telstra (Adelaide) [0.14 km]: 16.091 ms
Download: 79.23 Mbit/s
Upload: 34.48 Mbit/s

That upload is actually really good for aus plans

yea im on FTTN but i live about 20 meters from the node

nice

used to be similar distance back in ADSL2+ era and could actually get 18/1, then move and got 9/0.5

yea those were the days

go further back and we had 38kbps dialup and a call window of 6pm to 7pm otherwise phone is engaged

those days sucked

@dense karma see this one https://www.youtube.com/watch?v=amdfzcqaTIQ

there's a makeshift POE injector in there. or two LOL

gonaa save this link for later

for this channel's horror. from #tech-support https://cdn.discordapp.com/attachments/375444941905854464/662400808846884875/image0.jpg

@vapid dune If that's horror, come see "my" rack. 😉

lol

the guy over in tech support is saying his mac only gets 100 mbit instead of gigabit to the router now. and it works when plugged direct into the router

What's running in the coax? CATV?

I think just cable tv

Hmm.. And if not properly shielded, I suppose it can kinda interfere with the networking?

Oh, and those small wires.. I assumed they were phone lines.. But now I see that does not appear to be the case. 😛

YUP

maybe there's phone spliced into it LOL

Because of cause there is. :p

@craggy parcel for our classroom, it was because one pin was shunted out of the rj45 end plug

Since it was missing, it downgraded to 100 Meg

Makes sense, since 1gbit requires all four pairs.

@shrewd stone maybe carry on your networking question here lol. but the easiest way to figure out which segment isn't working with gigabit is to use one of those network testers imo

speaking of lowes they sell a network tester lol https://www.lowes.com/pd/Southwire-Analog-Datacomm-Tester/50278119

ok thx

you need no faults in all the pairs for it to work at gigabit

else it degrades to 100

Just picked up a Netgear prosafe 24port gigabit switch for 30usd

I usually use one of these, for simple continuity testing.. Cheap and easy. 🙂

I have one like that too lol

I got mine off amazon

I've seen someone sell one, used, on facebook marketplace, for like 3 times more than I paid for a brand new. 😉

is it smart or managed @dense karma ?

either way good deal on such a large switch xD

It’s unmanaged

oh

New on amazon it’s 120

and btw

update:

I gained 10 mbps more through ethernet

not much changed

so now i have 90 mbps

instead of 80

That might just be variance on xfinitys

Side

yeah it's probably still not gigabit connectivity lol

I mean if you want to lug your computer to the switch you can plug into that? 😄

and then bypass the switch altogether

He’s getting 210 plus on WiFi so it ant gigabit

assuming you can't connect your computer directly into the router via just plugging stuff direct in the network closet

i can't connect directly to the router in the network closet

oh

wait

it is possible

its just that im using a switch to connect the rest of my house via ethernet

right but this is just for temporary testing if no one else needs it lol

If some one else needs I too bad

lol

though I'd say it's probably the mess of hanging cables

rather than the ethernet cables to the switch

one pair or wire somewhere along the way is disconnected or dead

Yea that or a mouse or something chewed on the cable in the wall

its definitely not the mess

but

if something were disconnected

it wouldn't even work

nah

you can have 1 wire disconnect and it still might work

but yeah in the worst case it's the wire in the wall

ugh I had a coax cable int he wall that died for some reason. the guy was diagnosing it just asked me if I really needed that coax line and then proceeded to just remove it from the wall receptacle and abandon it

(I didn't need it and it was quite a lot of effort to pull another cable)

oh

not sure how big a deal that is for gigabit mind you

the other possibility is interference

how

and aaaaa

my laptop internet is being so garbage

dammit

nope

just my xfi pod acting up

Nasty xFi pods

they aren't bad

its just sometimes they act up

so badly

you can't even send a message in discord

that might just be discord

At least it’s not like mine and internet is completely go out

lol like wtf is this status: https://status.discordapp.com/incidents/wv11ztzstchc

also giant spike in their response time on the main status page

any of you had experience in upgrading RHEL systems ?
Is it worth clean install or I could upgrade it ?

I have ancient RHEL 5 DNS/DHCP VM running in my homelab that needs update really really bad

If you upgrade in steps, one version at a time, you should be fine. Applies to most linux distros.

so RHEL 6 then RHEL 7

I use LVM but I have no special mounts like /var or /home

Exactly. Most distros does not support more than one major version at a time.

upgrading distros is a disaster in waiting

I'd just clean install it if it didn't have too many things

@vapid dune Worked fine for me so far..

I have DNS/DHCP for entire network

I mean it's a VM right

my other VMs, APs, WiFi

Its like a router

just spin up another VM and then swap over

@vapid dune I updated mine and it works

and if it isn't right swap back

Just do one release at a time

I will replicate VMs, change my main one to connect to secondary and start update

If it's a VM, make sure you can access it without DHCP and DNS, then make a snapshot and try upgrading, make a new snapshot for every major version. Roll back if it failes. 🙂

I've had bad experiences even with 1 release. but yeah it's possible too

I had it where the thing wouldn't boot after lol

@vapid dune for which distro?

I only have ever used lts versions

I think it was debian at the time

-shrug- it was a VPS

But yeah, if the config is very simple, a new install might be just as fast. I've never tried having the luxury of being able to just reinstall the damned thing, because config and applications were undocumented, for most parts. And had to be done yesterday.

@vapid dune oh

I need to finish documentation on my DNS/DHCP and I might just go directly onto RHEL 8 with reinstall

@vapid dune I've upgraded multiple debians, without problems, longest upgrade path was a recent 6 or 7 system upgraded to 10.

Network will be down but idgaf, I can connect to ISP router

Well it's a home lab

@green compass Setup the new VM while the old is still running, then power down the old one, when the new is ready. No need to let the services be down more than a few minutes.

So it probably doesn't matter

it kinda matters, my entire house network is on that homelab, that is how my dad setted it up few years ago undocumented which I am mad for a reason

now I need to figure this shit out

@green compass but you just said it was home lab

No

So it's not home lab

Wifi

APs

DNS

that feel when your username is an anime

DHCP for entire house

my other VMs, APs, WiFi
Its like a router

that is what I said

I could screenshot it but... Okay

I copied message

Yeah you should let router handle that stuff

Dhcp and DNS should be on stuff that rarely changes

Like router

Well my dad doesn't want to buy any router and ISP router is "bridged" to VM

Ouch

That's hard to fight yeah

I have to figure out migration and then setup Foreman to manage life cycle of VMs

Well, if it matters, I'd use the upgrade procedures from RHEL, one version at a time. Being a VM you have the luxury of easy rollback. So if using a snapshot before you start, it's as easy as pressing a button, to revert to how things were before. 🙂

Next is my NAS that runs RHEL 6

it used to be my old PC

I need to upgrade it to RHEL 7 and install ZFS

as well as upgrade pool to enable stuff like encryption

To avoid downtime, it takes a lot of planning

To have some downtime, it takes less planning

well my NAS is gonna have to have down time

for DHCP

I will plan a lot

for NAS

I see

it can take 30 minutes to install

lol

and get back up and running

agree with router

copy config of samba

and netatalk

in before some of those things are outdated

and/or their config structure has changed

oh shit, I might as well as spin up VM to check that

Does Samba have AFP implementation or Apple changed their stuff ?

we run 2 hackintoshes with Time machines

I mean you could probably clone the VM too?

Not a VM

its my old PC

oh

yikes LOL

Running Phenom 1055T, 16 GB of RAM, Quadro 4000 and 8 TB RAIDZ1 pool

Hmm.. Why do you want to upgrade?

Why not do something new?

Install pfSense for the router/DHCP/DNS stuff.
Install freeNAS or similar for the NAS task.

Easier than messing about with config on your own...

I could play around with pfSense, I am just must comfortable managing RHEL vm with DNS and DHCP stuff
I will probably test to see it and FreeNAS can't manage ZoL pools, I remember that

I am stuck with Linux on NAS

I learned that the best network designs are the ones that serve the requirements with the least amount of complexity. Unless you are required by compliance to implement a type of security into the network design

iSCSI?

that is for VM on R720 (Nextcloud), I have a shit ton of stuff to do before end of my winter break

I like separating my concerns so that I don't end up with single points of failures

or upgrade hell

lol

that and well described services and backed up configs

Update router VM, Update NAS, re create Docker containers for media automation, update GNS3 server, implement lifecycle controller (Foreman), update game server, redo Time Machines for hackintoshes and setup backup strategy for my VMs

that is like 40% todo for me

Hackintoshes are a losing battle

What if it breaks again?

Well, I'd certainly go with the simpler pfSense/freeNAS solutions. Because it's so easy to manage, compare to raw linux boxes. And when programming and managing servers and networks all day, I don't want to be boring stuff at home too. It just has to work. 😉

My mother has it, she refuses to buy Macbook Pro or any Mac related, I run OpenCore on it so Clover is none of my concerns and that is why we have Time Machines

and my brother for graphic design in his school (he is going into school for graphic design)

@little schooner Hackingtosh is great for messing around, and for the challenge, but for everyday use, I'd say get a mac, if you want to use MacOS. That's the only way to stay compliant with the license anyways.

@craggy parcel I see

Does Time Machine support SMB ?

Time Machine is not a service. It's more like a way of storing files remotely, and an application in MacOS.

I know, I am asking cause I wanna ditch netatalk, its nightmare to maintain

It DOES however, require some features on the remote end. But if SMB supports those, I don't know.

I think it failed for me when trying to a Windows computer. But that was AGES ago. The problem was something with the way the sprase files are handled.

But now that they've ditched the time capsule, they might have made it more compatible with NAS solutions.

Hmm, I will research for backups, I am also working docker-compose file and Gitlab pipeline to get fucking docker off my list of things to worry about

hmm this seems decently cheap https://www.amazon.ca/Netgear-Multi-Gigabit-Ethernet-Lifetime-Technical/dp/B075Q6NPM2

I wonder how much NICs cost to go with it

If docker sucks that much, don't use it. Everything done with docker can be done without. Just use a new VM instead of a new container.

Hmm $100 from what I saw last time looking at prices
I need Docker for stuff like Sonarr, Radarr, Jackett, qBitTorrent, Plex, Jellyfin

Manual setup is even worse

Why do you NEED docker for that?

@vapid dune 9 ports are not enough. 😉

Also kinda interesting layout of the ports..

Cause I dont want to download Sonarr, Radarr tarballs, screw my head with permissions, fuck around with Mono and C# runtime software

I would take Docker over that any day, its easier to maintain

Hmm.. What are the legal ways to use Sonarr and Radarr? Seems like they are only for downloading torrents of TV shows and Movies...

👀 I would talk about that but rules forbid

Linux ISO talk

Ok.. Need to get some sleep anyways, before I have to be at work in about 7½ hour...

Anyways I'll plan carefully DNS upgrade and do it during night

DNS/DHCP*

or use lxc instead of docker

100 usd for that thing @green compass ?

100 for NIC

10 gbit

also for those things you listed I just throw them on freenas if I needed em lol

I'm using transmission though

freenas plugin/jail

I guess unraid has similar stuff

I cant do FreeNAS, ZoL pool is not compatible

what is a zol pool?

Zfs on Linux

I'm a bit confused though freenas uses zfs