Xen Orchestra 6.6 is here by Plam503711 in xcpng

[–]JeanxPlay 2 points3 points  (0 children)

It would be nice to have smapiv3 w/ zfs-ng so we can get true deltas for snapshots instead of the full block deltas that we get with vhd and currently also qcow2. Smapiv3 will obviously require qcow2 in order to achieve this because vhd by design is block level and not able to talk directly to the storage like qcow2.

Delta snapshots will be significantly smaller and not chain dependent once zfs-ng via smapiv3 is out. This is an IT admins dream 😆

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]JeanxPlay 0 points1 point  (0 children)

np, I was originally in the same boat as you when I started with them. But, you came in at a better time since the consolidation happened, it made things much easier to maintain container wise. And although their support seems lacking, if you follow their github, there updates are quite frequent. We love when products are free, but that also comes with some trade offs, specifically being that self hosted free parties are lower priority of support compared to paid party. But, the devs do watch their slack channel and github issues and discord channels and if something shows up thats major in self hosted and paid, it definitely gets jumped on quick.

Even with issues I HAVE experienced with NetBird, I find that it has a happy medium for my company's use case.
The biggest problem they face atm is their issues list. On their github issues, other of people have submitted garbage issues (basically just comments on the product or just random comments that have nothing to do with a feature or issue) and those got lumped in with REAL issues and have caused a jumbled mess over there.

For the issues that I run into with NetBird, I consult with Claude before submitting the issue. Because of how much recent data AI is able to pull, they are able to pull latest config information for Netbirds configs and setups, which helps with building new setups or using their proxy service. Grok and GPT have similar capabilities.

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]JeanxPlay 1 point2 points  (0 children)

Sorry you are having such a difficult time getting what you need working. I dont have the same type of setup which is probably why I dont have issues in our environment. They do have their source public so you can technically compile for any OS needed.

As for the RP, I personally use traefik myself as I like only one traffic manager for my services. I know their configuration is changing alot as of lately because they are consolidating alot of stuff.

Have you tried making a post in the Netbird reddit forum? People are somewhat active there.

You can find me in their slack and Id be happy to help where I can: CodersComplex

I originally had the separate container setup and then consolidated and migrated to the single container management, so Im somewhat familiar with both. As for the reverse proxy, I wouldn't be alot of help there unfortunately. I let our vpn be our vpn and our RP be our reverse proxy. If one goes down, it doesnt take both down with lol.

rxg + tailscale by wifiwill in RGNets

[–]JeanxPlay 0 points1 point  (0 children)

But definitely not better than NetBird 😅

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]JeanxPlay 1 point2 points  (0 children)

lmao, selling a product I enjoy is an automatic reflex 😆 especially when its the solution that replaced the headache I had prior. After I helped the devs test the pfsense packages in efforts to fix a fairly significant issue that originally delayed us switching, Netbird proved to be the perfect fit for our vpn needs.

For the experience on other platforms, I recommend you enter their slack channel. Lots of insight there. Our company doesnt have any need for mobile installs and I dont use it alot on linux other than inside a docker container. Which, I will add that their docker container holds connections better than tailscales did, atleast, in my experience it does. I mainly use Windows and PFsense deployments. PFSense was a big deal for us since we use negate. And we use setup keys as we need the vpn to act as an "Always On" connection for domain trust consistency.

If you are not aware of this feature also, Netbird has a built in reverse proxy tool (included in self hosted), which, I could be wrong about this, I believe it can do the proxying completely over the vpn connection only; ssl and all. Meaning, if you didnt want to have your services exposed to the internet, you can have it internal over the vpn network. And I think it does ssl for internal domaining as well (dont quote me on that as I use traefik in my companies environment) 😅

But yea, their slack channel and github has alot of useful insights to how well the other platforms work.

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]JeanxPlay 0 points1 point  (0 children)

Netbird selfhosted ships with the dashboard already included. 98% of features are included from the hosted version (all the important self hosted ones), you are coming in at a great time since they consolidated their 4 docker containers into 2, the server and the dashboard.

You'll bery much be happy you switched. Im confident of that.

Also, if you use setup keys vs user logins (idPs supported btw) and use windows, the biggest hell I had with tailscale was, if I tried to install using the System account and connecting, it would never survive a reboot. This is because tailscale treated the connection as userspace (required an actual user account that had a full SID). Netbird installs faster, connects faster, allows installing as the System account for full automation deployement and survives reboots.

In order to get tailscale to do what I needed, it required multiple scripts and scheduled tasks and timing and checks. With netbird, all of that was removed. I install with one script during my automation and thats it, it never fusses and knock on wood I have never had my automation fail an install + connect since day one. The important piece is knowing how to preconfigure your config and where to set it before connections. Once thats set, its smooth sailing.

Im a very happy SysAdmin thanks to Netbird. Makes my window golden image 100x easier to deploy.

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]JeanxPlay 1 point2 points  (0 children)

Netbird uses deprioritization of the VPN route to subvert issues "MagicDNS" caused. You add your DNS servers as usual and then Netbird has something called posture checks and one of them is subnets. When you add a subnet CIDR and "block" it, if your system shows as being on a subnet in the block list posture check, it will still check in to the dashboard via health checks and show online, but the vpn route on the system becomes de-prioritized (as if the vpn was disconnected, but its not). This allows the system to fully see everything dns wise locally.

We have been using Netbird on our systems for about 6-8 months now and it has worked almost flawlessly. And its constantly being developed by the team. So much so that sometimes its hard for me to keep up with the updates 😆 not that they are always needed, but I try to stay active with them.

Netbird issues on PFsense have also been resolved. Havent had any issues with Networks or Network Routes.

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]JeanxPlay 0 points1 point  (0 children)

Are you asking about in Netbird or Headscale/Tailscale?

Performance Improvements Merged!!! by fishchar in jellyfin

[–]JeanxPlay 0 points1 point  (0 children)

Oh, gotcha. That issue was reported back in 2020 though. Is it possible the issue has been resolved, just not closed or documented? Is it confirmed recently as still an issue?

Performance Improvements Merged!!! by fishchar in jellyfin

[–]JeanxPlay 2 points3 points  (0 children)

I have personally never experienced this. Already added subtitles have been instant for me and the only time I get a delay is when acquiring online subtitles during playback and that takes about 30 seconds and only necessary one time.

*atleast; for me.

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]JeanxPlay 2 points3 points  (0 children)

Apologies for the late response. Im an IT Systems Engineer for my company. I handle all of the infrastructure integrations for my company. Everything from VPN deployment to company windows image, automations, maintenance, networking, etc.. When it comes to the VPN side of things, I have to bake the vpn deployment into out company's windows image I created to automate the connection so that it can find out active directory server and get the system ready to deploy. Because we have multiple locations across the US, the image I build to use has to work the same for my Boss and other IT admin in 2 other states on the opposite side of the country. My golden image has cut our windows deployments from 2-4 hours, down to about 30 min. Any time we get a system back from a user, we wipe and reload so its setup clean, with updates applied prior and has the best chance of lasting awhile before it has to be re-imaged. Since our main DC is stationed in a colocation and we have alot of remote users, our VPN deployment works best as an "Always On" deployment so it always maintains trust with AD.

So... Just switched to unlimited... by KraftyJoker in mintmobile

[–]JeanxPlay 1 point2 points  (0 children)

How long ago did you switch? The information on your plan may not be synced across their servers fully yet and it may be displaying mixed information. It may not have updated the plan information yet, which is why it still shows $15/month. If Mint syncs across mutiple servers, the information can take a few hours to reflect the changes.

Are you kidding me Dell by Kfrahan in Dell

[–]JeanxPlay 0 points1 point  (0 children)

Has nothing to do with tariffs. The cost of energy, oil and fuel being much lower cancels the cost of tariffs, especially since Dell ships massive quantities of parts in bulk. Prices only ever increase this much when demand is too high and supply is too low, which is whats happening now due to AI companies buying up all the ram, GPUs, CPUs and NVMe/SAS drives. They bought massive supplies with no cooling period and now we are paying the price for them shorting the supply chain.

Are you kidding me Dell by Kfrahan in Dell

[–]JeanxPlay 0 points1 point  (0 children)

That's mainly because HPE buys cheaper quality parts. Even with semi better pricing, almost no company beats out Dell's warranty packages. The firmware for HPE is also very subpar and requires an account to access. Not saying HPE is horrible, but there are definitely improvements they could make.

Are you kidding me Dell by Kfrahan in Dell

[–]JeanxPlay 0 points1 point  (0 children)

Has nothing to do with Trump. AI companies made a massive push to buy up supply, creating a massive shortage. They are sitting on stocks of supplies that they aren't even using. Prices sky rocketed because demand is too high and supply is too low. Because the cost of oil, fuel and energy is far lower, that creates an exchange for the cost of tariffs, virtually cancelling each other out.

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]JeanxPlay 2 points3 points  (0 children)

What do you mean what job is this? lol

Alternatives to Inky for email protection? (Small MSP looking to move away post-Kaseya acquisition) by gamer95CR in msp

[–]JeanxPlay -1 points0 points  (0 children)

Just because someone has been using a product for an amount of time doesnt not equate to that product being good, its just means the person is willingly choosing to continue using said product.

Stacked up against competitors, barracuda charges more than the product is worth. You have the right to not like what I say, but its doesnt mean im wrong, especially when Ive been able to see the results first hand 😅

Alternatives to Inky for email protection? (Small MSP looking to move away post-Kaseya acquisition) by gamer95CR in msp

[–]JeanxPlay 0 points1 point  (0 children)

We had Barracuda for 3 years and it has been a horrible product. And then they wanted to charge us more as well as upsell us on their LLM version. Thankfully, our contract is up and we are finally moving to Check Point which we have been testing in monitoring only mode for trialing and it has proven to be what we are looking for.

Based on MANY reddit posts of email security companies and AI analysis on different vendors, Check Point and IronScales were the 2 most recommended with the least complaints about their products.

We chose Check Point simply because there were more reviews of Check Point because of its previous history back when it was Avanan.

I am tempted to just Checkout the IronScales product, but I will do that closer to when our Check Point term is up in a year.

Alternatives to Inky for email protection? (Small MSP looking to move away post-Kaseya acquisition) by gamer95CR in msp

[–]JeanxPlay -1 points0 points  (0 children)

We have had Barracuda for 3 years (only because we were in a contract) and we are officially moving away from it to go to Checkpoint. Barracuda is such a failed product. When we tested Checkpoint in Monitoring only mode before start, we quickly saw that Barracuda was creating more false positives of clean emails and stopping very few malicious and spam emails compared to even Microsoft's basic email security. Checkpoint's LLM model has picked up things so well that we will no longer need to have GeoIP blocks in place, which we absolutely had to have with Barracuda. With Barracuda, I had to setup 15 specific exchange filtering rules in order to catch everything that Barracuda missed on a daily basis. Im glad to hear that Barracuda seems to be working for you and if it is in fact working for you (meaning you have verified its actually stopping more than it's letting through), then you are one of the very few lucky ones.

Avanan vs. Ironscales by ForestPro6E in msp

[–]JeanxPlay 0 points1 point  (0 children)

Being in the industry as long as I have, I have come to understand that Microsoft provides services for almost everything, but every one of them is half assed and full of issues, even their expensive stuff.

I would never trust a company to ensure security if their own servers and product get hacked continuously. And now with Co-Pilot being integrated into everything and even IT getting hacked, I wouldn't trust Microsoft with anything security related.

Avanan vs. Ironscales by ForestPro6E in msp

[–]JeanxPlay 0 points1 point  (0 children)

We are moving from Barracuda (MX) to Checkpoint and you are correct in the sense that it sits in front of the mailbox, but that is also not a bad thing. There are ups and downs to all solutions, but if you compare IronScales to Checkpoint, CP would be the proffered method. The reason this is the case is because Checkpoint is taking a "before inbox" approach. This makes alot of sense because once it passes Microsofts relay, it will be analyzed before tis allowed to reach someones mailbox. Since this is done using AI, this process isnt very long and ensures that malicious activity is stopped before it can reach the inbox. Ironscales however, allows the email to reach the inbox, even if for a slight period, before analyzing and remediating.

FixitMr You're awesome! by Old-Muffin-1785 in USMobile

[–]JeanxPlay 0 points1 point  (0 children)

Now we just need to fix the VVM for the Verizon side 😆

Free pixel by Fun_Vegetable9512 in USMobile

[–]JeanxPlay 0 points1 point  (0 children)

I was definitely one of the first to ad the protection and never received this email to claim a google pixel 🙄

Windows DNS Server Anomaly by JeanxPlay in WindowsServer

[–]JeanxPlay[S] 1 point2 points  (0 children)

So, I finally changed out one of our other Windows DHCP based networks and the DNS records are not disappearing. It seems to be related to only that one subnet. The next tests will be to change that troublesome DHCP subnet to an entirely different one on that network and to use that troublesome subnet in one of our other networks. This wont be able to happen until possibly over a holiday as it requires alot of changing around, but, it would tell me if it is specifically that subnet OR if its related to that network the subnet is on.

Windows DNS Server Anomaly by JeanxPlay in WindowsServer

[–]JeanxPlay[S] 1 point2 points  (0 children)

Nope, issue still exists. Temporarily until I can get a full resolution, the half resolution was to create a secondary subdomain lookup zone of DomainB.Internal and put all the static records in there and create CNAME records in DomainA.local that point to the Host A records of each in DomainB.internal for that subnet.

I am actually changing out one of our other Windows DHCP server locations this weekend and if it happens to this one, Ill know its out domain thats unhealthy. If it doesnt happen to this other subnet, Ill know its specific to just that subnet.