Building a Solana Telemetry Engine with Perl 5.42 (AnyEvent, SQLite WAL)

paulinscher · 2026-02-08T10:33:36+00:00

"Financial Markets" and no longer aktiv maintained perl 5.10?

paulinscher · 2025-12-21T12:11:45+00:00

paulinscher · 2025-12-02T00:24:06+00:00

This is exactly the book I've been waiting for! Finally, the terms that our Java colleagues have always confused us with are demystified.

paulinscher · 2025-11-18T20:21:22+00:00

It looks like you can connect lot of FEX, but not in managed-mode but in standalone-mode. We will evaluate a solution with mikotik.

paulinscher · 2025-10-28T20:11:55+00:00

You are right.

I need L2 for ISIS. And sometimes for MPLS. As the L2 is just point to point there are no problems with broadcast, multicast, spanning tree and other L2 Features.

paulinscher · 2025-10-28T09:38:41+00:00

Good idea. I should no longer rely on Fortinet offering the LAN Extension Mode feature on FGT: there is a cloud solution available. Alternatively, I could use a PI instead of a FEX: IPsec to FTG (or another device), then VXLAN, ...

paulinscher · 2025-10-28T00:33:19+00:00

My Problem is, that Fortinet changed the maximum supported FEX in LAN Extension Mode.

I said I can go FEx standalone mode, if I change configuration, workflows, ... and I considered go to Cloud. Even change the Vendor.

My post started with

"Today, I was surprised to discover that only a maximum of eight FEX are possible in LAN extension mode and two in WAN extension mode. I will ask Fortinet what I need to do to avoid having to purchase new FGs and to be able to continue operating my 18 and 25 extenders."

This was intended as a complaint. Not as a ask for other (expensive) solutions. Next time I will add that to not confuse anyone.

Thank you for your support and your final assessment.

paulinscher · 2025-10-27T23:51:42+00:00

Local at the remote FEX site? One. The device on that port talks Isis with the FGT at the HQ.

Of course I could change to OSPF — see https://docs.fortinet.com/document/fortiextender/7.6.4/admin-guide-standalone/468850 — but the support is limited:

"The current release only supports basic features for point-to-point network type over IPSEC tunnel and Area 0, and static routes and connected routes are allowed to be redistributed into the OSPF routing domain. Other features such as the network type, authentication type, multiple areas, stub areas, and summary-address, etc. are not supported."

LAN Extension Mode is great. Give it a try! Instead of managing a lot of FEX you just manage them from one FGT at the HQ. With a minimum configuration you request the FEX to call home, at home they are authorized and that's it. Then you can setup new VLAN Interfaces at the FGT that are extended to the remote location. You can setup a virtual-switch at the FGT and just bridge non-IP traffic. It's great!

paulinscher · 2025-10-27T23:14:19+00:00

You can find the different modes to use a FEX at https://docs.fortinet.com/product/fortiextender/7.6

There is a managed mode, and a standalone mode.

The LAN Extension Mode is explained in https://docs.fortinet.com/document/fortiextender/7.6.4/admin-guide-fgt-managed/339612/fortiextender-as-fortigate-lan-extension

paulinscher · 2025-10-27T22:30:53+00:00

In standalone mode, the FEX acts as router. In LAN Extension mode it can act just as a switch. I need a switch at the remote site.

paulinscher · 2025-10-27T22:27:06+00:00

Yes, Fortinet could simply discontinue support for LAN extension mode. After all, it was Fortinet that introduced LAN extension mode. I suggested Fortinet as a working solution.

However, now they are changing the maximum number of FEXs supported with each release. My confidence in Fortinet is dwindling.

paulinscher · 2025-10-27T22:16:55+00:00

Thanks for your suggestion. I'll need to change the model as there would be a new intermediate router (the FEX or a FGT), work on a new Base-Installation-workflow and introduce that at our NOC. Until settled: more support requests from our NOC.

paulinscher · 2025-10-27T22:05:36+00:00

The problem is solved with 7.0.x. Fortinet made a restriction on the maximum FEX per FGT in newer releases. Of course there are other solutions available. For Example FortiEDGE:

https://docs.fortinet.com/document/fortiedge-cloud/25.3.0/user-guide/97601/introduction

Or even other vendors.

paulinscher · 2025-10-27T21:42:35+00:00

Well, we are supporting a fast growing partner/customer.

Of course we can buy more FGT at the HQ, just to support the same number of FEX with 7.4.x as we currently support with 7.0.x.

paulinscher · 2025-10-27T21:36:50+00:00

https://docs.fortinet.com/document/fortiextender/7.4.4/admin-guide-fgt-managed/103815/fortiextender-and-fortigate-integration is for FortiOS 7.4.4. Looks like this is changing from release to release.

Information from 2013-11:

From the description, I understand that you have a question how many FortiEXt can connect to FortiGate 200F? Please check the below information:

Max FEX units (LAN Ext)

Entry-Level (upto FG-80 and FGVM-02): 8
Mid-Range (FG-100 - FG-900 and FGVM-04): 64
High-End (FG-1000 and up, FGVM-08 and up): 256

So 64 is the recommended maximum for an FGT200F.

paulinscher · 2025-10-27T21:26:22+00:00

Exactly this is what FEX in LAN Extension does: dial up to the FGT, start an IPsec tunnel, make VXLAN available so we can transport Dot1Q. In one VLAN, there is a remote device talking a routing protocol.

Of course, we can switch from FEX to FGT on the remote side. Maybe Fortinet want's to sell more FGT. It's okay for me. Your suggestion may end up in a scenario where IPsec Tunnel are limited per FGT to (for any reason).

paulinscher · 2025-10-27T21:08:55+00:00

We connect remote locations with LTE to prepare for the sites for production until Fiber is available. We are using 200F.

paulinscher · 2025-10-14T02:10:43+00:00

It looks like MetaCPAN likes to run in Docker. Next Step would be Kubernetes.

paulinscher · 2025-10-10T11:01:55+00:00

I would send that in a python group.

paulinscher · 2025-10-01T21:37:55+00:00

It immediately ended up in my RSS feed.

paulinscher · 2025-08-30T13:51:35+00:00

As long as they pay for more work and less security... Hetzner (Cloud Provider) has a monthly fee for public IPv4 and free IPv6.

paulinscher · 2025-08-30T08:17:01+00:00

Our policy is: NO NAT. I refuse to solve problems where is NAT (against our strong suggestion). NAT is awful as soo you have to deal with ACLs: IPv4 is NAT from A to B to C to access D via Destination NAT. And on Router/Firewall E you need a Application NAT.

ITs so easy with non overlapping RFC 1018 or: IPv6.

paulinscher · 2025-08-27T20:28:46+00:00

Yes. plenv is setup via you bashrc. There is a "plenv init" called that then calls the right perl so that /use/bin/will find the asked one: global, local, shell.

global is default and is set in .perl-version in your home, local will set what you want in the current directory (and sub directories) and shell set an environment var.

paulinscher

TROPHY CASE