"Recent posts
#1
General Discussion / Re: Seemingly straightforward ...
Last post by Seimus - Today at 03:17:26 PMI use NPM for a lot of services.
Basically anything for HTTPs, including Jellyfin etc.
The way how I have the deployment done is a bit over the top, lets say.. As NPM is in its own VLAN/network.
So lets see an example where a Host, PC wants to connect to Jellyfin;
PC > NPM > Jellyfin
All those 3 devices are in their own VLANs. So All 3 devices need to have rules;
PC - IN Rule to reach NPM over HTTPs + IN Rule to reach DNS
NPM - IN Rule to reach Jellyfin + IN Rule to reach DNS
Jellyfin - No Rules needed to reach PC or NPM, because this is a server e.g destination
On NPM additionally I have ACL deployed to allow only specific devices per service.
This works totally fine.
Regards,
S.
Basically anything for HTTPs, including Jellyfin etc.
The way how I have the deployment done is a bit over the top, lets say.. As NPM is in its own VLAN/network.
So lets see an example where a Host, PC wants to connect to Jellyfin;
PC > NPM > Jellyfin
All those 3 devices are in their own VLANs. So All 3 devices need to have rules;
PC - IN Rule to reach NPM over HTTPs + IN Rule to reach DNS
NPM - IN Rule to reach Jellyfin + IN Rule to reach DNS
Jellyfin - No Rules needed to reach PC or NPM, because this is a server e.g destination
On NPM additionally I have ACL deployed to allow only specific devices per service.
This works totally fine.
Regards,
S.
#2
German - Deutsch / Re: Router Advertisement am P...
Last post by mbr89 - Today at 02:47:18 PMhttps://apps.db.ripe.net/db-web-ui/query?searchtext=2a00:e180:14:b487::/64&rflag=true&source=RIPE&bflag=false
... da steht ja auch schon vitroconnect broadband ND ... Neighbor Discovery
Kann man sich da jetzt nicht einfach ein 56-Präfix rauslassen ?
... da steht ja auch schon vitroconnect broadband ND ... Neighbor Discovery
Kann man sich da jetzt nicht einfach ein 56-Präfix rauslassen ?
#3
25.7, 25.10 Series / Re: [solved] 25.7.10 update f...
Last post by keeka - Today at 01:55:45 PMThanks @Maurice.
Out of curiosity, I rolled back my virtualized install to 25.7.9_7 and, this time, did a health audit before updating.
Some package versions (python libraries IIRC) were incorrect according to the audit. I think I applied the prior update (to 25.7.9) via the serial console and may have missed warnings.
As suggested, I've re-run the update and all looks to be current.
Thanks.
Out of curiosity, I rolled back my virtualized install to 25.7.9_7 and, this time, did a health audit before updating.
Some package versions (python libraries IIRC) were incorrect according to the audit. I think I applied the prior update (to 25.7.9) via the serial console and may have missed warnings.
As suggested, I've re-run the update and all looks to be current.
Thanks.
#4
25.7, 25.10 Series / rdr and nat rules
Last post by dunxd - Today at 01:40:12 PMSince updating to 25.7.10 two days ago I am seeing rdr and nat rules showing up in the Firewall pie chart on the dashboard that i dont recall from before. They all have my pppoe address as the destination.
Is this something I might expect to see due to something changed in the update?
Is this something I might expect to see due to something changed in the update?
#5
25.7, 25.10 Series / Re: [solved] 25.7.10 update f...
Last post by Maurice - Today at 01:17:21 PMUpdating is a multi step process.
First, all updated packages get downloaded.
Then the packages get installed.
Then the base and kernel sets get downloaded (if an update is available, which isn't always the case).
Then base and kernel get installed and the system reboots.
So by the time base and kernel get downloaded, the package updates are already completed. This is how you can end up in a situation where all packages get updated but base and kernel don't (if downloading them fails). That's harmless though, just try again.
First, all updated packages get downloaded.
Then the packages get installed.
Then the base and kernel sets get downloaded (if an update is available, which isn't always the case).
Then base and kernel get installed and the system reboots.
So by the time base and kernel get downloaded, the package updates are already completed. This is how you can end up in a situation where all packages get updated but base and kernel don't (if downloading them fails). That's harmless though, just try again.
#6
Hardware and Performance / Re: DEC750 Questions
Last post by ProximusAl - Today at 12:32:49 PMQuote from: DEC670airp414user on Today at 12:08:59 AMTo the original poster.
The appliance came with a 180 dollar business licenses that last a year.
Why did you decide to wipe and go to the community version?
I don't need business edition, and these 750s are replacing devices already running CE.
I considered using BE, but then I have just increased my annual running costs x 4.
I've had zero issues running CE for the last 5 or so years, so why change.
Plus...CE gets cool things sooner than BE.
#7
General Discussion / Re: Wireguard requires manual ...
Last post by novel - Today at 11:22:33 AMQuote from: franco on March 20, 2024, 10:12:24 PMCoincidentally, a patch was added to 24.1.3 that addressed this sort of problem. ;)
Cheers,
Franco
I have the same problem
#8
Virtual private networks / Re: Restart Wireguard after WA...
Last post by novel - Today at 11:20:42 AMQuote from: franco on September 09, 2023, 03:36:36 PM23.7.4
Is there permantly solution for that?
Quote from: franco on September 09, 2023, 03:36:36 PMThat fix is going to be on 23.7.4.
Cheers,
Franco
I have the same issue. I use 25.7.9-amd64. I force to make a script to run after reboot.
#9
25.7, 25.10 Series / Re: [solved] 25.7.10 update f...
Last post by keeka - Today at 10:44:30 AMI experienced something similar and was blissfully unaware. Then I realized there had been no reboot.
Is it possible to configure updates not be applied until all expected packages have been successfully downloaded? Something like apt's --download-only?
Is it possible to configure updates not be applied until all expected packages have been successfully downloaded? Something like apt's --download-only?
#10
German - Deutsch / Re: Probleme mit IPTV / WIFI T...
Last post by Zapad - Today at 10:26:52 AMDF Flags sind Packete mit "Dont fragment" option, das siehst du wenn du einen Eintag anklickst direkt unter Interface Eintrag.
Das ist nur ein hinweis unter Andreren, das was nicht stimmt...
Leider hast du nicht angegeben wie die Vans angebunden sind, es ist öfters "Asymmetric Routing" die ursache für das Problem.
Das ist nur ein hinweis unter Andreren, das was nicht stimmt...
Leider hast du nicht angegeben wie die Vans angebunden sind, es ist öfters "Asymmetric Routing" die ursache für das Problem.
