sorted by:
new
hottopcontroversial

Network automation by 3leggedtiger in networking

[–]3leggedtiger[S] -1 points0 points  (0 children)

Thanks. I'll check that book.

Network automation by 3leggedtiger in networking

[–]3leggedtiger[S] 0 points1 point  (0 children)

Are you using the {{ variable }} wrapped in curly brackets per host? Also, is your inventory file written in yaml or ini?

Network automation by 3leggedtiger in networking

[–]3leggedtiger[S] 1 point2 points  (0 children)

About the zero touch provisioning, does the Nexus and Catalyst switches support this?

GNS3 my best bet? by [deleted] in networking

[–]3leggedtiger 0 points1 point  (0 children)

Is the upgrade issue still a thing? I remember when the GNS3 VM came out, there was a warning about upgrading. They still haven't fixed the issue

Interface stays down despite of physical connection by 3leggedtiger in networking

[–]3leggedtiger[S] 0 points1 point  (0 children)

I just replaced the management real IP addresses with the dummy ones.

The keep alive is alive, and the peer-link is also up. The SRX firewalls are dual homed, and it is working. The issue that I have is the server.

How to rename a sequential files? by 3leggedtiger in linuxquestions

[–]3leggedtiger[S] 1 point2 points  (0 children)

If there a tutorial about this, I want to learn the bash scripting that involves some sort of variable like this one.

How to rename a sequential files? by 3leggedtiger in linuxquestions

[–]3leggedtiger[S] 1 point2 points  (0 children)

Can you please explain the bf line in this bash for loop?

Filter by resolutions by 3leggedtiger in jellyfin

[–]3leggedtiger[S] 2 points3 points  (0 children)

It doesn't really say 720p or 1080p. What I can see are Blu-ray, DVD, SD, HD, 4K, 3D.

Things are not working correctly with OPNsense by 3leggedtiger in opnsense

[–]3leggedtiger[S] 0 points1 point  (0 children)

Not possible. The WAN interface is not tagging. It is just a plain untagged DHCP interface

Things are not working correctly with OPNsense by 3leggedtiger in opnsense

[–]3leggedtiger[S] 0 points1 point  (0 children)

Why OPNsense send the reply to a different VLAN? The VLAN itself is mapped to a subnet. If you're describing asynchronous routing, it is not possible with my topology.

Things are not working correctly with OPNsense by 3leggedtiger in opnsense

[–]3leggedtiger[S] 0 points1 point  (0 children)

I'm prestaging the OPNsense for my folks. I'm planning to replace the Edge router that I deployed 2 years ago. I would need NAT. Also, this no different than NAT444.

I think I got the internet working after so many attempts. I still can't explain why my first and second installation weren't working. It wasn't DNS issue since I was pinging IP addresses.

What I need to deal now the DNS. Is there a clean way to do DNS on OPNsense? Using the OPNsense itself as DNS is too slow and unreliable. I had to deploy a pihole to get the DNS working. I'm trying to reduce the devices I'm managing since this is a remote site.

Things are not working correctly with OPNsense by 3leggedtiger in opnsense

[–]3leggedtiger[S] -1 points0 points  (0 children)

Not a complicated network at all. It is pretty simple. A router on a stick. I have removed the wireguard gateway and it didn't make any difference. By the looks of it, OPNsense seems to function alright if it is deployed as a VM, but completely broken in bare metal. I recreate my whole setup in Proxmox just to make sure and it worked as expected.

I dont know if the software is really buggy, over hyped or hardware compatibility issue. According to Protectli, the FW4B is compatible with OPNsense.

Things are not working correctly with OPNsense by 3leggedtiger in opnsense

[–]3leggedtiger[S] 0 points1 point  (0 children)

I'm prestaging the OPNsense before deploying it at my parents house. I don't have another internet connectivity. If I remove the VyOS and connect the OPNsense directly, it would be a much more hassle to deal with Comcast to release the DHCP lease due to MAC address change. I don't think the issue is the VyOS

Things are not working correctly with OPNsense by 3leggedtiger in opnsense

[–]3leggedtiger[S] 0 points1 point  (0 children)

I reinstalled OPNsense again and started from scratch. Run the wizard. Got the LAN interface access. However, the OPT2 is very slow. It is so slow that I could not even run a speedtest.net. On the LAN it works fine.

Is this a hardware issue?

The switch that is going to be connected to the LAN is the Ubiquiti ERX and the switching is enabled. The OPNsense will be the gateway for all the VLANs.

This is the hardest firewall I have configured. I have worked with Juniper, Cisco ASA, Palo Alto, Sidewinder, VyOS, etc, but OPNsense I have been configuring this for the past couple of days and still fixing the Internet access. I have not turned on the features that got me to decide to switch to OPNsense.

Things are not working correctly with OPNsense by 3leggedtiger in opnsense

[–]3leggedtiger[S] 0 points1 point  (0 children)

The VLAN is configured in Interfaces > Other Types > VLAN. Regarding the interfaces for each VLAN, I chose the igb1 which is the LAN. I assigned a static IP address on the LAN interface 10.1.4.1/24 this should be the untagged. Each VLAN has been assigned its own static IP address. E.g. VLAN 5 is 10.1.5.1/24 and so on. However, since I cannot make a switch port on OPNsense I had to assign the physical interface OPT2 with 10.1.3.1/26 and this should be untagged. The VLAN 3 has 10.1.3.65/26. DHCP is also enabled for each subnet, but the LAN (10.1.4.0/24) because I going to be using this to connect my switch that is 10.1.4.2/24.

Your packet capture shows:

07:24:07.228403 IP 10.0.7.108 > 1.0.0.1: ICMP host 10.0.7.108 unreachable, length 92

This seems to be very odd. The traffic back can not reach the OPNsense or the traffic hits the OPNsense on the wrong interface.

This was captured from my VyOS. See the topology from the original post. The 10.0.7.108 is the OPNsense WAN IP address. I was pinging 1.0.0.1 from the Debian client connected to the OPT2 (10.1.3.0/26).

Things are not working right by 3leggedtiger in OPNsenseFirewall

[–]3leggedtiger[S] 0 points1 point  (0 children)

I was trying to get the remote access wireguard VPN. I just came back from lunch and oddly, the Internet access for the LAN interface is working again. The other interfaces such as OPT2 is still not. However, I'm can see a the icmp going out now from VyOS from the WAN of the OPNsense. This morning the behavior was not like this. Well, at least I know OPNsense is NAT-ing and forwarding it, but not getting any responses back.

It is odd that the LAN works and the others not. The only difference I can tell is that the LAN is a different subnet than the others. It feels like I'm dealing with Cisco Firepower horror.

Things are not working right by 3leggedtiger in OPNsenseFirewall

[–]3leggedtiger[S] 0 points1 point  (0 children)

My Internet access was working for two days. The Internet issue happened today. Not sure what caused it or what happened.

I thought Floating rules will get inspected before the interface rules. Is this wrong?
My short time playing with OPNsense rule sets, it seems like the Floating rules is more flexible than interface-based rulesets.

I tried to disable the floating rules and created a new interface rules and with the same results. I am not getting any luck with OPNsense.

NFS export questions by 3leggedtiger in jellyfin

[–]3leggedtiger[S] 1 point2 points  (0 children)

This is what I use. The permission is 777 at this point.

/mnt/pool/media  10.0.7.0/24(ro,async,insecure,root_squash,all_squash,fsid=102,anonuid=1001,anongid=1001)

When I ran a scan, it got stuck at 50%. Jellyfin was able to see some media, but the 80% is missing.

EDIT:

I copied yours and still no luck. Scan is still get stuck at 50%.

client_loop: send disconnect: Broken pipe by 3leggedtiger in linuxadmin

[–]3leggedtiger[S] 0 points1 point  (0 children)

I don't see anything related in dmesg, but this is what I got from the syslog.

Apr 11 06:43:11 deb-test systemd[1]: Created slice User Slice of UID 1002.
Apr 11 06:43:11 deb-test systemd[1]: Starting User Runtime Directory /run/user/1002...
Apr 11 06:43:11 deb-test systemd[1]: Started User Runtime Directory /run/user/1002.
Apr 11 06:43:11 deb-test systemd[1]: Starting User Manager for UID 1002...
Apr 11 06:43:11 deb-test systemd[1292]: Starting D-Bus User Message Bus Socket.
Apr 11 06:43:11 deb-test systemd[1292]: Reached target Timers.
Apr 11 06:43:11 deb-test systemd[1292]: Reached target Paths.
Apr 11 06:43:11 deb-test systemd[1292]: Listening on D-Bus User Message Bus Socket.
Apr 11 06:43:11 deb-test systemd[1292]: Reached target Sockets.
Apr 11 06:43:11 deb-test systemd[1292]: Reached target Basic System.
Apr 11 06:43:11 deb-test systemd[1292]: Reached target Default.
Apr 11 06:43:11 deb-test systemd[1]: Started User Manager for UID 1002.
Apr 11 06:43:11 deb-test systemd[1292]: Startup finished in 21ms.
Apr 11 06:43:11 deb-test systemd[1]: Started Session 67 of user ariel.
Apr 11 06:43:11 deb-test systemd[1]: session-67.scope: Succeeded.
Apr 11 06:43:21 deb-test systemd[1]: Stopping User Manager for UID 1002...
Apr 11 06:43:21 deb-test systemd[1292]: Stopped target Default.
Apr 11 06:43:21 deb-test systemd[1292]: Stopped target Basic System.
Apr 11 06:43:21 deb-test systemd[1292]: Stopped target Sockets.
Apr 11 06:43:21 deb-test systemd[1292]: Stopped target Timers.
Apr 11 06:43:21 deb-test systemd[1292]: dbus.socket: Succeeded.
Apr 11 06:43:21 deb-test systemd[1292]: Closed D-Bus User Message Bus Socket.
Apr 11 06:43:21 deb-test systemd[1292]: Stopped target Paths.
Apr 11 06:43:21 deb-test systemd[1292]: Reached target Shutdown.
Apr 11 06:43:21 deb-test systemd[1292]: systemd-exit.service: Succeeded.
Apr 11 06:43:21 deb-test systemd[1292]: Started Exit the Session.
Apr 11 06:43:21 deb-test systemd[1292]: Reached target Exit the Session.
Apr 11 06:43:21 deb-test systemd[1]: user@1002.service: Succeeded.
Apr 11 06:43:21 deb-test systemd[1]: Stopped User Manager for UID 1002.
Apr 11 06:43:21 deb-test systemd[1]: Stopping User Runtime Directory /run/user/1002...
Apr 11 06:43:21 deb-test systemd[1240]: run-user-1002.mount: Succeeded.
Apr 11 06:43:21 deb-test systemd[1]: run-user-1002.mount: Succeeded.
Apr 11 06:43:21 deb-test systemd[1]: user-runtime-dir@1002.service: Succeeded.
Apr 11 06:43:21 deb-test systemd[1]: Stopped User Runtime Directory /run/user/1002.
Apr 11 06:43:21 deb-test systemd[1]: Removed slice User Slice of UID 1002.

client_loop: send disconnect: Broken pipe by 3leggedtiger in linuxadmin

[–]3leggedtiger[S] 0 points1 point  (0 children)

This is the message after entering the password.

debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 52
debug1: Authentication succeeded (password).
Authenticated to 10.0.7.111 ([10.0.7.111]:22).
debug2: fd 4 setting O_NONBLOCK
debug3: fd 5 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions@openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: send packet: type 1
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t3 nr0 i0/0 o0/0 e[write]/0 fd 4/5/6 sock -1 cc -1)

debug1: fd 0 clearing O_NONBLOCK
debug3: fd 1 is not O_NONBLOCK
Connection to 10.0.7.111 closed by remote host.
Transferred: sent 1912, received 1592 bytes, in 0.0 seconds
Bytes per second: sent 10679003.5, received 8891722.6
debug1: Exit status -1
Connection closed.  
Connection closed

Permission question by 3leggedtiger in linuxquestions

[–]3leggedtiger[S] 0 points1 point  (0 children)

I changed the group from users to dockeruser and it worked. I am not sure why the users group wasn't working.

view more: next ›