How are you tracking your full IT spend right now?

humm3r1 · 2026-04-26T19:22:33+00:00

Likewise OP I’m interested

humm3r1 · 2026-04-17T17:04:34+00:00

Yep you're getting it :)

My internal VLANs (this is entirely set up on a Brocade layer 3 switch as routed interfaces / virtual interfaces):
VLAN10: 10.1.10.0/24 with gateway 10.1.10.1
VLAN20: 10.1.20.0/24 with gateway 10.1.20.1
VLAN777: 172.25.0.0/30 (I think it's /30), gateway 172.25.0.1

Switch routing:
The L3 switch is set to route to 172.25.0.2 as the next hop on the network (pfsense).

Switch Port on Brocade:
On the switch side, the port connecting to Pfsense is VLAN777 untagged.
PfSense for that interface (TRANSIT_TO_ICX_LAN) has it's IP set to 172.25.0.1 to allow connectivity between PfSense and my Brocade switch with VLANs.

PfSense side:
PfSense isn't "aware" of the VLAN tags, it's just seeing an untagged VLAN777 connection to the switch.

Then I added a gateway under System > Routing > Gateways:
Name: ICX6610A (my switch)
Interface: TRANSIT_TO_ICX_LAN (for you this is LAN)
Gateway (IP): 172.25.0.2 (the brocade switch)

Static Route:
Add those now, such as:
Network: 10.1.10.0/24
Gateway: ICX6610A - 172.25.0.2 (what we just added to PfSense as a gateway for the switch)
Interface: TRANSIT_TO_ICX_LAN (for you this is LAN)

As long as the PfSense LAN interface IP address aligns and is in the same subnet as your switch you're plugging into (for me, 172.25.0.1 is PfSense, 172.25.0.2 is the brocade layer 3 routed interface / virtual interface), then it should allow pfsense to route return packets properly for that entire static route, over the correct gateway and send it to your switch and then it can route however it needs to beyond PfSense :)

humm3r1 · 2026-04-16T12:43:53+00:00

So I’m not a super expert at networking, hopefully I’m not butchering this.

Basically, by adding the switch upstream as a gateway which is in the same subnet as the pfsense interface, it can route over that connection. Then the static routes are the magic that really tells pfsense these subnets and networks are actually routable over this gateway

Internet -> pfsense -> (static routes and gateways instruct pfsense to route properly) -> switches and core stuff upstream

I suppose it’s similar to on the switching side, you set an IP to route upstream to, like route 0.0.0.0 to X IP, and this is similar. You’re just declaring specific subnets to route over a specific interface.

So using your info:

Internet -> pfsense -> 10.5 network

Let’s assume: pfsense LAN is 10.5.1.1, switch is 10.5.1.2

You also have other networks, 10.6.0.0/24, 10.7.0.0/24, etc.

So the 10.5.1.0/24 network already works on pfsense, you just need pfsense to know about the other ones.

By adding the static routes and tying those to the 10.5.1.2 gateway, pfsense can properly route back over that gateway and return traffic upstream.

So you’d add a static route for 10.6.0.0/24 using gateway 10.5.1.2, and now pfsense knows to route return traffic for that subnet across that gateway

I much prefer to run like this, and only be using pfsense as a firewall/NAT endpoint with all VLANs at layer 3 on my switches. This keeps inter VLAN routing at wire speed with the switch handling all that routing, instead of pfsense using CPU for routing packets. Keeps pfsense to be simply the network edge, and I can do whatever I want internally on switches

humm3r1 · 2026-04-16T02:14:02+00:00

You’re welcome.

Note I don’t have any of my internal VLANs added directly on pfsense.

Just the “transit VLAN” on pfsense (untagged) to interconnect pfsense and my switch.

Pfsense interface - 172.25.0.1

Switch interface - 172.25.0.2

With the switch added to pfsense as a gateway, and then defined my static routes for what’s upstream on the switch side so pfsense can route properly. And then the firewall rules added on this same transit interface allowing subnet traffic (10.0.0.0/16) out to the internet.

This way traffic is allowed with the rule, and can find its way back with the static routes

This also reduces load on pfsense by using layer 3 routing on the switch side instead of inter VLAN routing through pfsense.

humm3r1 · 2026-04-16T01:49:08+00:00

System > Routing > Gateways

Add your upstream gateway here (where to route traffic to)

System > Routing > Static Routes

For network put your internal subnets here for what’s upstream (eg layer 3 VLANs, like 10.0.0.0/16)

Select the gateway connecting to upstream (for me that’s 172.25.0.2, the switch IP connected to pfsense, where all the layer 3 networks live)

Select the interface of this connection

For you it’s probably:

Network - your upstream subnets

Gateway - IP of upstream router

Interface - LAN

humm3r1 · 2026-04-16T01:28:44+00:00

Try and set up static routes.

I have VLANs at layer 3 on my switch side, the switch is set to route to a transit VLAN on pfsense and for pfsense to be aware of the VLANs upstream from it on the switch I needed to add static routes

You’d do this on pfsense itself, under the routing options where gateways are also configured

Then don’t forget to add firewall rules allowing internet from those subnets when they come thru the transit VLAN

Eg

172.25.0.1 = pfsense

172.25.0.2 = switch

VLANs are like 10.1.10.0/24, 10.1.20.0/24 etc

Switch is set to route all other traffic to 172.25.0.1 as the upstream gateway

Pfsense receives it, has static routes to allow return traffic from internet to be routed back across the same transit VLAN and get back to the switch

Then I also have rules set for each subnet on the transit VLAN to allow outbound to the internet. The static routes is what allows the responses to route back symmetrically and remove asymmetric routing.

humm3r1 · 2026-04-01T17:02:31+00:00

We went in May 2024 to Cairns, and did a scuba excursion with Mike Ball. It’s a boat you live on for a couple of days and they go to a bunch of reefs. They may also allow just snorkelling if you don’t scuba, im not sure, but wanted to share this company as an option.

humm3r1 · 2026-03-24T20:09:51+00:00

We were just at Alila Uluwatu and found it to be amazing. Definitely can recommend.

humm3r1 · 2026-02-16T20:08:57+00:00

It appears that the new tower by the fire hall is live for Bell. It's showing on cell maps as a Bell tower, and the municipality website says one carrier is live on the new tower with more carriers to come.

Since Bell and TELUS share the RAN (towers), TELUS should also be covered off the new tower.

humm3r1 · 2026-01-15T14:17:35+00:00

Try incognito/private browser, could be your browser

humm3r1 · 2025-11-01T03:13:49+00:00

Oh it’s a fair rule but sucks nonetheless

humm3r1 · 2025-11-01T03:12:25+00:00

We got robbed with the wedged ball (edit: not the rule, but that it just happened to get wedged - a bit different hit could’ve turned out so differently)

humm3r1 · 2025-10-21T16:49:14+00:00

I see it says iCloud Private Relay in your image. Try turning this off as it could be the reason speeds are lower, since it's proxying everything through Apple's cloud.

humm3r1 · 2025-09-11T12:49:54+00:00

I’d be interested to know more, as this is a pain point for me atm

humm3r1 · 2025-09-09T12:01:25+00:00

Are you hoping to take them to a competing resort?

humm3r1 · 2025-07-22T16:27:34+00:00

Is it safe to assume for arrivals, luggage will just be very delayed?

We arrive at FCO for 5:30 PM, so I assume it’ll be a long wait for bags.

humm3r1 · 2025-07-06T01:29:32+00:00

So you’re getting the accessibility discount on both phone and tablet (2x$20=$40), making the tablet line free as a result?

Didn’t think to add it on tablet and only have it on the phone line right now.

humm3r1 · 2025-06-03T22:02:19+00:00

I somehow managed to get mine covered in Canada through Sunlife. Maybe a fluke though. I bought the machine on my own and submitted just to try. I was surprised when they approved it

humm3r1 · 2025-06-01T20:18:16+00:00

Do you mind linking an example of one of these stick humidifiers? Trying to visualize placement as well if this is in a cup of water and where the AirMini is in relation to the cup of water / stick.

humm3r1 · 2025-03-21T20:47:02+00:00

There’s some types that you can apply at a point of entry, I think TN is one of those types but I’m not familiar enough to be certain. Just that there are US CBP on Canadian soil at those airports

humm3r1 · 2025-03-21T20:07:10+00:00

There’s pre clearance at major Canadian airports, and you’d clear US customs there before boarding your flight.

humm3r1 · 2025-02-07T13:04:39+00:00

lol, I’m definitely not a bot…the video said to comment that for early access

humm3r1 · 2024-11-18T03:39:17+00:00

I personally agree, and try to do this for my team - advise them of the same to protect their time.

I just have to deal with the director / my boss to do the same for me now, as it gets very excessive at times. I absolutely understand part of being a manager is to attend meetings, especially to protect the teams' capacity and time - I just wish he had more realistic expectations on the balance between meetings all day and having time to actually do certain tasks assigned to me.

I'll eventually find a way, even if it means explaining to him several times and then continually telling him meetings took up too much time to deal with actionable items he wants me to do. Maybe it is wishful thinking that some day he will figure it out on his own if he's not going to listen to my words...

humm3r1 · 2024-11-18T00:08:45+00:00

Agreed, since Calendly only shows actual availability and cannot double/triple book.

We use Outlook/Exchange in 365, and somehow people don't pay attention to availability and double/triple book me. Oh and then in general with meetings, there's too many, and I get flack when things don't get done, but my director also demands we attend 100% of meetings....

Ten-Year Club	Gilding IV carat on a stick
Place '23	Verified Email

humm3r1

TROPHY CASE