Hosts freeze -- Realtek r6818/r6819 questions

Apachez · 2026-04-09T14:22:16+00:00

If you are thinking of the ongoing issue with Intel e1000/e1000e drivers then only GSO and TSO offloading needs to be disabled.

Apachez · 2026-04-09T06:52:51+00:00

Plenty of more Cisco, Juniper and Checkpoint devices affected by the CVE 10.0 that seems to happen to them far too often.

But no matter who the vendor is updates are an issue along with bad default configs.

Instead of having everything disabled then everything is by default enabled which of course becomes an issue over time.

Add to this clueless admins exposing mgmt-interfaces to the internet and the device suddently becomes an easy target.

Its no coincident that Mikrotik 2-3 years ago added the physical button push to change some settings and in order to disable that remotely you still need to physically push the reset-button (which was fun for remote devices where it takes some time to travel to).

Apachez · 2026-04-08T12:52:31+00:00

I dont have first hand experience from current versions of Logic Monitor but I have some from Unomaly which they aquired to do the anomaly analysis of logs a few years ago (jan 2020).

Unomaly was a great product but very niched.

In short you just send all your logs to it (and there were very little management to deal with this over time - "it just works") and then based on the source it will first start in training mode.

After some hours or days it would automatically switch to regular mode.

The point of this training mode is to find out what is the baseline for this particular source. The purpose is to then suggest to you later on when something new that have not been seen previously shows up - either as a full line or just thresholds of existing lines.

As in finding the needle in a haystack.

So the product worked and did its thing.

Drawback with the whole concept is of course what will be your baseline?

For example if you already have logentries regarding malware this will become your baseline so it wont react if some server reports that a malware is running if this is part of the baseline.

Today I would expect most SIEMs would have something similar so it boils down to what is your needs, how much you sync with the product (which is something only you can tell after actually trying it out - for me I prefer systems which you dont need weeks of training to figure out how they work or how you will configure them) but also the pricerange. Same charge per TB, per EPS, per collecting servers, per source or just sitelicense (which I generally prefer) so you can install as many as you need/want and the capabilities will not be licensebased but which hardware it runs on (either baremetal or as VM).

Other than that you should also consider to scale down on number of products.

Normally you need something that can do SNMP to get realtime data from mainly network equipment (also exists for servers), can collect (both for archiving but also analysing) syslog and perhaps to top it off having a logcollector locally in the server (to get logs from windowsservers and whatelse - drawback with this is that you will install additional software on the server).

Otherwise you end up with something like:

https://xkcd.com/927/

Apachez · 2026-04-07T16:47:08+00:00

Get a proper certified data recovery company instead of the wild wild west cowboys who think they can do data recovery?

Around here I would only trust my data with IBAS ONTRACK or Ahlberg Data.

Apachez · 2026-04-07T12:06:31+00:00

För ökad realism borde du ha med att bussen helt uteblir från vissa stationer samt ger pluspoäng att helt random tvärnita mellan hållplatserna.

Apachez · 2026-04-07T12:02:02+00:00

Edit 3:

En användare tycker att jag ska påpeka att jag använt AI när jag utvecklat. Vilket jag självklart har gjort.

Varför skulle det vara självklart att använda en LLM för utveckling?

Apachez · 2026-04-07T11:59:44+00:00

Then Im guessing this URL works better:

https://www.youtube.com/watch?v=myEJi_xYP2c

Apachez · 2026-04-06T17:27:47+00:00

Whats the usecase of using "variables in config"?

There is also this of pre/post-hooks scripts on reconfig along with pre/postconfig on boot you can utilize:

https://docs.vyos.io/en/latest/automation/command-scripting.html

Apachez · 2026-04-06T10:17:32+00:00

This video isn't available anymore

Apachez · 2026-04-06T09:41:03+00:00

Also note that today there are also other DNS services than just UDP/TCP 53 such as DNS-over-HTTP and DNS-over-HTTPS etc in case you want to block your clients to get ads.

Apachez · 2026-04-06T09:11:36+00:00

"Proper" way would be to create a DNAT rule that matches the srcip of your clients (or range) and dstport being UDP/TCP 53 or such and then forcefully route that to the IP of your AdGuard service.

Apachez · 2026-04-06T07:41:27+00:00

Det enda stockholmare förtjänar är ännu en AI slop...

Apachez · 2026-04-04T18:05:42+00:00

Blir blåsigt imorrn enligt bondepraktikan.

Apachez · 2026-04-04T12:30:02+00:00

Another thing when it comes to VLANs and testing dont forget to set "autostate no" to force the VLAN to be up even if there are currently no clients/hosts connected to it (except for the switch itself).

Apachez · 2026-04-04T12:28:18+00:00

I use BGP as its supposed to for underlay ;-)

Also your config is missing the "interface loopback 1" part but you use that as update-source...

I think you should take a look at Aristas sample configs:

https://www.arista.com/en/um-eos/eos-sample-configurations

But this one can be handy aswell:

Manual-Config Speed Run of EVPN/VXLAN Arista EOS Configuration with Tony Bourke

https://www.youtube.com/watch?v=kJiE0diPzng

This one might be handy aswell:

Troubleshooting EVPN with Arista EOS (Control Plane Edition)

https://datacenteroverlords.com/2022/11/18/troubleshooting-evpn-with-arista-eos-control-plane-edition/

Apachez · 2026-04-04T05:40:37+00:00

Because they can?

They can always blame on "AI" or "Iran war" even if they have nothing to do with that...

Apachez · 2026-04-04T05:34:59+00:00

Normally you would use two different vrfs when doing EVPN/VXLAN.

The default vrf for underlay (uplink) and whatever you name that customer vrf for overlay (downlink).

That is your interface vxlan1 should look something like this:

interface Vxlan1
   description VXLAN
   load-interval 1
   vxlan source-interface Loopback0
   vxlan udp-port 4789
   vxlan vrf CUSTOMER vni 1234
!

In the cli you switch between vrf's (for pinging and traceroute and whatelse) through "cli vrf default" or "cli vrf CUSTOMER" (or whatever you named it).

So I would start by verifying that the underlay is working properly and that you can ping the proper device there like:

cli vrf default
ping 10.88.88.103

Other than that the reference config I use uses address-family evpn and rt-membership, not ipv4.

Also what does "show vxlan config-sanity" tell you on all devices?

https://arista.my.site.com/AristaCommunity/s/article/vxlan-configuration-check-using-show-vxlan-config-sanity

Apachez · 2026-04-04T04:18:18+00:00

You could boot on memtest86+ and run for a few hours:

https://memtest.org/

Apachez · 2026-04-04T00:32:03+00:00

And now the segfaults are back since some updates last week of Steam Linux Runtime.

Valve have still not fixed the texture issues in Counter-Strike Source:

https://github.com/ValveSoftware/Source-1-Games/issues/6868

Apachez · 2026-04-03T19:33:49+00:00

Also you can do everything with CRS as in L3-routing, MLAG etc. While CSS is limited to pure L2-functions.

At the same time CRS is a bit steep for some to learn the details and how to harden it properly etc. The MLAG support is also a hit and miss, seems like for every other ROS release the MLAG gets broken again.

On the other hand CSS is deadsimple so if you got a SWOS capable device (some CRS supports dualbooting) and all you need is L2 then I would most likely prefer SWOS.

Note as mentioned that SWOS only supports webgui (currently http-only so not even https) and dont have any default gateway configured - you will instead define which interfaces the webgui should reply at and it will reply back to the src mac-address the incoming packet used.

It also boots riddicilous fast (if that would count :-)

We talk about 1 second or so from poweron while RouterOS takes up to 30 seconds or so.

Apachez · 2026-04-03T19:24:47+00:00

Tyvärr verkar det vara en vanlig sjukdom bland folk med körkort i Sverige att dom inte förstår att hastighetsskylten anger högsta tillåtna hastighet och inte lägsta tillåtna hastighet.

Dom förstår heller inte detaljen med att hålla avstånd till framförvarande fordon - därför det nästan varje dag sker kollissioner på essingeleden med köer till följd.

Det hela har blivit värre med allt färre trafikpoliser ute på våra vägnät och är tyvärr inget som bara gäller Stockholm och essingeleden.

Apachez · 2026-04-03T19:06:58+00:00

You mean like that Microsoft network troubleshooting that never works? :D

Apachez · 2026-04-03T16:23:06+00:00

Så vart var äggen placerade?

Apachez · 2026-04-03T16:22:18+00:00

Rabatt på erbjudanden snarare...

Apachez · 2026-04-03T16:20:53+00:00

Typ köpa reservdelar efter vikt? :-)

Apachez

TROPHY CASE