Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Falconevo

Member
  • Content Count

    904
  • Joined

  • Last visited

Reputation Activity

  1. Agree
    Falconevo got a reaction from Mikensan in PFSENSE Rules   
    It was you who created the question advising that people could bypass using a VPN via TCP 443, @MikeSan advised you can use IDS/IPS to prevent this which pfSense has either Snort or Suricata.   I simply went in to more detail to give you more information to chew on as you said its impossible to control traffic, however when you are the gateway for all that traffic to reach the outside world you have control of what goes in/out depending on the feature set of the router/firewall you are using.
  2. Funny
    Falconevo reacted to wolfslab in H200 Flash to IT mode   
    So it turns out that I didn't realize that SAS connectors will fit in either way, but only work a certain way. I put the H200 back in it, and 3 out of 5 drives are being detected by Unraid. I'm gonna figure out how to get the last 2, but it seems to work now. 
  3. Agree
    Falconevo got a reaction from leadeater in Exchange Server 2016 Error 500 ECP   
    Need to review the event logs, 500 errors are generally in relation to the IIS configuration being invalid.
  4. Funny
    Falconevo reacted to leadeater in Exchange Server 2016 Error 500 ECP   
    You'll need to dive in to Windows Event Logs and the Exchange server logs and get some more specific error info.
  5. Like
    Falconevo got a reaction from djboy6480 in Question about QSFP+ (with PFSense)   
    Had a minute to find the software needed to modify the XL710 on pfSense, using the QCU tool you can change the properties of the controller and change the mode to 4x10
     
    https://downloadcenter.intel.com/download/25852/Intel-QSFP-Configuration-Utility-FreeBSD-
  6. Like
    Falconevo got a reaction from Lurick in Question about QSFP+ (with PFSense)   
    Had a minute to find the software needed to modify the XL710 on pfSense, using the QCU tool you can change the properties of the controller and change the mode to 4x10
     
    https://downloadcenter.intel.com/download/25852/Intel-QSFP-Configuration-Utility-FreeBSD-
  7. Like
    Falconevo got a reaction from Electronics Wizardy in HP Proliant DL360 G5 GPU   
    CPU's might claim to support SLAT (Extended Page Table) it but the board won't as it is the early socket 771 version.  So you won't be able to use an up to date operating system such as Windows 10/Server 2016+.
     
    Absolutely dog slow machines, believe me it isn't worth the hassle.  Spend a little more and go for something from the Xeon 1366 socket era or above, you will regret the pain that buying second hand HP equipment brings, like the inability to get BIOS or software updates due to their warranty paywall.
  8. Like
    Falconevo got a reaction from Snotrap in HP Proliant DL360 G5 GPU   
    If you werent in austrailia I would send u some old shit I have in the basement.  The postage on something as heavy as a server would be more than its worth though.
  9. Informative
    Falconevo got a reaction from Snotrap in HP Proliant DL360 G5 GPU   
    CPU's might claim to support SLAT (Extended Page Table) it but the board won't as it is the early socket 771 version.  So you won't be able to use an up to date operating system such as Windows 10/Server 2016+.
     
    Absolutely dog slow machines, believe me it isn't worth the hassle.  Spend a little more and go for something from the Xeon 1366 socket era or above, you will regret the pain that buying second hand HP equipment brings, like the inability to get BIOS or software updates due to their warranty paywall.
  10. Like
    Falconevo got a reaction from djboy6480 in Question about QSFP+ (with PFSense)   
    You will want to look at the Intel XL710, it allows for QSFP+ breakout to 4x10G on each port and I believe pfSense has the drivers available for it.  From what I can remember you will need to add some driver configuration to change the interface to 4x10G rather than 1x40G on each port.
  11. Informative
    Falconevo got a reaction from Lurick in Question about QSFP+ (with PFSense)   
    You will want to look at the Intel XL710, it allows for QSFP+ breakout to 4x10G on each port and I believe pfSense has the drivers available for it.  From what I can remember you will need to add some driver configuration to change the interface to 4x10G rather than 1x40G on each port.
  12. Agree
    Falconevo got a reaction from Mikensan in PFSENSE Rules   
    They are outbound rules, not inbound rules.  The source port won't be 53/80/443.    That needs to be the destination port.

    Change the Rules so they look like this;
     
    Protocol - IPv4 UDP
    Source - Wifi net
    Source Port - *
    Destination Port - 53 (UDP)
    Gateway - *
     
    Protocol - IPv4 TCP
    Source - Wifi net
    Source Port - *
    Destination Port - 80 (TCP)
    Gateway - *
     
    Protocol - IPv4 TCP
    Source - Wifi net
    Source Port - *
    Destination Port - 443 (TCP)
    Gateway - *
  13. Informative
    Falconevo got a reaction from CGameDev in PLEX Server with Multiple GPU   
    Plex can only reference a single card for hardware offloading (at the moment) so using 8x cards would be useless.  Also those cards don't have hardware support required for Plex, you would be better with something like a Quadro P2000 which has no 'software limit' emposed by Nvidia's drivers on the GTX cards, they can only run a maximum of 2 hardware accelerated threads..  The Quadro on the other hand can run unlimited.
  14. Agree
    Falconevo got a reaction from LAwLz in PFSENSE Rules   
    They are outbound rules, not inbound rules.  The source port won't be 53/80/443.    That needs to be the destination port.

    Change the Rules so they look like this;
     
    Protocol - IPv4 UDP
    Source - Wifi net
    Source Port - *
    Destination Port - 53 (UDP)
    Gateway - *
     
    Protocol - IPv4 TCP
    Source - Wifi net
    Source Port - *
    Destination Port - 80 (TCP)
    Gateway - *
     
    Protocol - IPv4 TCP
    Source - Wifi net
    Source Port - *
    Destination Port - 443 (TCP)
    Gateway - *
  15. Informative
    Falconevo got a reaction from Pyrii in UK vDSL/ADSL2+ modem-router suggestions please   
    You only need the below 3, going Pro isn't necessary and I doubt your house is large enough to require it.  The AC Lite defo comes with a POE injector in the box, so does the Pro if you get the retail version.  The Lite should be more than sufficient.
     

  16. Informative
    Falconevo got a reaction from Pyrii in UK vDSL/ADSL2+ modem-router suggestions please   
    I can assure you that the EdgeRouter has PPPoE support, I have about 5 units running on BT lines in separate locations in the UK.

    The Lite should be sufficient, if you want to shell out more for the Pro, its simply a bigger unit which is more capable.  Depends how big your home is, I own a 6 bed 3 story town house and I have 2 AC Pros to cover everything.   The AC Lite would likely be perfectly fine for me, but I didn't wanna put anything to chance  
  17. Informative
    Falconevo got a reaction from Pyrii in UK vDSL/ADSL2+ modem-router suggestions please   
    Yea, they are always backwards compatible
  18. Like
    Falconevo got a reaction from johnkristian in Supermicro with 1PB SSD in 1U   
    Na, just 6 rulers to start with.

    They are essentially the DC4600 series SSD's in a new form factor, looking forward to seeing how it copes with hot-removal of drives during sustained IO.
  19. Agree
    Falconevo reacted to Lurick in System Admin Tips   
    Biggest bit of advice I can give is, think outside the box and question everything. Ask why it's done like that, implemented like that, etc. Don't be afraid to fail and don't hesitate to ask questions* and if you see something that interests you ask someone if you can shadow them or something to learn more about it. Google is your friend.
     
     
     
    *Google and search first, don't just ask the first thing that comes to your mind without trying to find out on your own. Put some effort into it yourself and then ask and say "I've done X, Y, Z, and I'm still having trouble with A"
  20. Like
    Falconevo got a reaction from leadeater in Supermicro with 1PB SSD in 1U   
    Can't say too much but I have one of these coming in for testing
  21. Informative
    Falconevo got a reaction from BuckGup in PFSense Build   
    Pretty sure the SandyBridge architecture has AES-NI as it has been in Intel CPUs since Westmere's on socket 1366 but its unlikely to be on the low end i3 models.
     
    This is a SandyBridge i7 2600K which has AES-NI support.
    https://ark.intel.com/products/52214/Intel-Core-i7-2600K-Processor-8M-Cache-up-to-3_80-GHz
     
    Check Intel ARK in the 'Security & Reliability' Section;
    You can look through the whole SandyBridge range here to find a CPU that has AES-NI;
    https://ark.intel.com/products/codename/29900/Sandy-Bridge
     
    If you want to see all the CPU's that have this AES-NI instruction set enabled;
    https://ark.intel.com/Search/FeatureFilter?productType=processors&AESTech=true
     
    You are welcome
     
  22. Like
    Falconevo got a reaction from Lurick in PFsense Load Balancing Problems   
    You can't load balance in pfSense based on bandwidth metrics unfortunately but it would be an incredible feature if they managed to pull it off.  pfSense does have latency triggers to switch between load balanced gateways but this probably won't work exactly as intended.
     
    I do something like this but mine is gaming latency vs downloading and the split is based on ports primarily used for external service access rather than any latency metrics.
     
    I might be able to help but I would need to know more;
     
    What is the capable bandwidth of each line? What content is being downloaded (are we talking torrenting etc?) Is this to prevent heavy downloading via other users on the network affecting low latency apps such as VOIP/Gaming? Do you use any limiter queues on the internal LAN interface(s)?
  23. Informative
    Falconevo got a reaction from BuckGup in PFSense Build   
    Use the PCI-Express onboard Intel adapter for the WAN port and one of the ports on the Dual Intel nic for the LAN or multiple LAN ports.
     
    The dual port PCI cards have some pretty bad interupt issues when pushing high network throughput.   Happy to help you try and optimise this but it was the main reason the socket 775 board I had got binned as the interupts were really high during heavy system traffic and it caused to unusual and difficult to diagnose latency problems.
  24. Informative
    Falconevo got a reaction from BuckGup in PFSense Build   
    Ideally you should want hardware that supports AES-NI, I would look at something a little newer than the socket 775 board as this will give support for later pfSense versions.  Although the socket 775 board will be fine for a 200M connection, you may struggle with VPN performance if you plan on having any Site to Site or inbound 'Mobile' VPNs to home.   Most modern CPU's that use AES-NI can offload the VPN encryption/decryption to the acceleration on the CPUs.
     
    Along time ago I used to run the exact same motherboard and the onboard network adapter is an Intel 82562G which is perfect for pfSense, back then it was on a 150/30 connection and used a PCI 1000GT which I think I still have in a box somewhere if you want it.  Ideally you want to avoid PCI (expansion) only motherboards due to the amount of interupts present on the old PCI network cards.  Pushing 200M around on a PCI interface will create around 20-30% system interupts as it uses an older interupt functions.   If however you don't want to spend any money the 775 board with an Intel PCI network interface will do for now

    What kind of budget do you have for the build and what kind of usage and features are you wanting to utilise?  Ryzen is overkill and is generally not a sensible investment of money, you can get much better suited units for far less.
  25. Informative
    Falconevo got a reaction from Pyrii in UK vDSL/ADSL2+ modem-router suggestions please   
    Don't spend £200 on a single device, do it properly and get devices that do each individual area well.  This allows you to use these devices in other scenarios later if for example you move to VirginMedia you could still use the router n wifi AP.
     
    Here would be my suggestion;
    Draytek Vigor 130 for vDSL modem Ubiquiti EdgeRouter-X for Router Ubiquiti AC-Lite for WiFi access point That should be way under £200 and do the job far better than an 'all-in-one' unit.  It will also give you loads of features the all in one device could not.
×