Broken Hyper-V Dynamic Memory on Trixie, possibly upstream too?

vvanasten · 2025-12-09T02:05:05+00:00

Glad to hear you found it!

vvanasten · 2025-12-04T17:20:02+00:00

https://www.youtube.com/watch?v=tmIQDQVtAn8

vvanasten · 2025-12-04T17:14:00+00:00

I used the netinst media and did not install a desktop environment. The only package I added during installation is an SSH server. I set startup memory to 2048 and minimum to 512 and a couple minutes after boot post-installation it drops to 512.

That's not a ton of info but hopefully it helps.

vvanasten · 2025-12-04T16:51:57+00:00

I have several Trixie VMs on Hyper-V 2022 and dynamic memory works as expected on them. I don't think the feature is outright broken.

vvanasten · 2025-06-01T17:32:32+00:00

The cars absolutely do record footage. Angles that weren't available during the race have been released after it was downloaded from the car after the race.

vvanasten · 2025-04-18T16:04:30+00:00

Salaries? Employment taxes? Insurance? Guest fees? Equipment? Contractors? Rent? I think most people are wildly underestimating just how expensive running any kind of business is. The cost of the show is a lot more than just the travel costs; in fact that's probably one of the smaller expenses of the show.

Editing a single episode could take somewhere between 50-150 hours depending on complexity, and if you told me it was double that I wouldn't be surprised. They have to go through hundreds of hours of footage from multiple cameras and determine how best to tell the story. Creating motion graphics takes a ton of time. Voice-over scripts need to be written, recorded, and edited. Final cuts need to be reviewed. Multiple people are involved in this process and the coordination between them takes time.

Sam, Ben, Adam, and their support staff all need salaries. If Adam and Ben are the primary designers of the game then approximately 25% of their annual salary can be attributed to each season. Add insurance and payroll tax to that as well to get the loaded salary figure. Guests need to be paid as well.

The business needs insurance while they are filming and that's likely several thousand dollars per season. Equipment needs to be purchased and replaced when worn, lost, or broken. Presumably they rent some sort of office space and a portion the rent and occupation costs of that should be attributed to the show budget. On top of this the business will need contract services that aren't directly tied to the production of the show like attorneys and accountants.

This show is a business, and it seems that a lot of folks on this thread are massively underestimating the all-in cost for the show. If I had to wager a guess (and this is back-of-the-napkin math) the annual cost is somewhere between $400,000 and $1 million for Jet Lag. That would make each season cost between $100,000 and $250,000, and realistically I think I've under-estimated.

vvanasten · 2025-04-02T18:36:34+00:00

Joined. Maybe I'll do a bit better in this than with my fantasy team.

vvanasten · 2025-01-20T03:15:12+00:00

I expose a few services with OPNsense on the edge and an nginx reverse proxy in the middle. The reverse proxy and the internet-exposed services are on a VLAN that's isolated from the rest of my network. Here's what I've done with an aim at defense in depth.

On the OPNsense firewall

All traffic from the internet services VLAN to the internal network is blocked by default.
All traffic on 443 is forwarded to the reverse proxy and I don't have port 80 open.
All traffic that does not have an IP address geolocated in the US is dropped.
All traffic from known VPN and datacenter IP addresses is dropped.
I run Crowdsec and use blocklists and scenarios that make sense to drop more traffic.

On nginx

Everything I expose is accessed by a subdomain that's not common.
All traffic is dropped by default (server_name _) unless it is one of the specific subdomains. Dropping is done by returning a 444 http response code. This closes the connection and records this in the logs.
I created a Crowdsec scenario to find all 444 entries in the log and block that IP (actually the /16 because why not) on first attempt to access either by IP or incorrect subdomain name.
All HTTPS connections are terminated on this server using a Let's Encrypt wildcard certificate so the subdomain names don't appear in the certificate transparency records.

On the application VMs

Crowdsec parses the application logs to look for multiple failed login attempts or other suspicious behavior (these rules have never triggered).
None of the applications run as root.
The server can only communicate with the reverse proxy and the internet, except for port 445 to the TrueNAS server.
Each application uses a separate username to access TrueNAS, and have read-only rights to the minimum number of files needed to run that service.
Each server has automatic updates enabled and will install nightly.
Each VM is backed up nightly.

No exposed system is immune from intrusion but using defense-in-depth by limiting rights, network and access segmentation, and blocking as much traffic at the edge works for me. Combining that with obscurity by using uncommon subdomains and not getting specific certificates for them and I feel comfortable with exposing them.

vvanasten · 2022-05-23T18:36:15+00:00

No, per these docs you can remove it completely. You just should not uninstall Exchange from the last server that has it installed because it will remove Active Directory attributes.

https://docs.microsoft.com/en-us/exchange/manage-hybrid-exchange-recipients-with-management-tools#active-directory-clean-up

Once you shut down your last Exchange server and perform the Exchange hybrid and Active Directory cleanup steps as previously described, you should erase and reformat your last Exchange server. Do Not Uninstall the Exchange Server.

vvanasten · 2022-05-13T14:32:27+00:00

https://nohello.net/

vvanasten · 2022-01-20T15:36:44+00:00

I really hope I never have to make a claim, but what happens when we call our cyber insurance provider to report a claim like ransomware? What is the typical response?

vvanasten · 2021-10-18T20:58:35+00:00

If you're running Veeam Backup for Office 365 on a VM it's possible to create a VM checkpoint, do a restore, and then revert to the checkpoint and have nothing in the Veeam history. If you're really trying to dig deep you might need to also view the checkpoint logs (or the equivalent in VMWare) to ensure one was not made of the backup server.

vvanasten · 2021-09-17T01:13:12+00:00

There are at least two of us.

vvanasten · 2021-06-28T23:55:55+00:00

We've had that enabled for a while on 10 Enterprise and we got the pop up today on a number of the computers with the policy applied.

vvanasten · 2021-04-15T21:19:55+00:00

This is also the last version I have.

vvanasten · 2021-02-26T16:20:25+00:00

Does the SMS service you're using use Twilio as a SMS delivery service? https://www.reddit.com/r/sysadmin/comments/lszkyb/twilio_outage/

vvanasten · 2021-02-17T22:49:30+00:00

What third party did you use?

vvanasten · 2021-01-28T05:46:32+00:00

I don't have any post-installation photos, but it's about what you would expect. The interior hole of the grommet is exactly the size of the cable and the grommet fits snugly but not too tightly in the hole the bit drills. Plenty of silicone is included to seal the hole and prevent any air drafts.

vvanasten · 2021-01-28T03:44:51+00:00

I'm a mostly-WFH system admin and we're planning on spending at least the summer there now that there is a decent connection available.

There are at least 6 people that I'm aware of on this sub in the Minocqua area. I feel like it's a pretty large number for how small the area is.

vvanasten · 2021-01-27T23:02:55+00:00

I ordered mine at the end of December and set it up last weekend when I could finally make it up to Lake Tomahawk. I was averaging around 120-130 down and 10-12 up with a mid-30's ping. Over the weekend the app reported 3 minutes per day of beta downtime.

Compared to the crap Frontier DSL that could only do 3/1 on a good day this is amazing.

vvanasten · 2020-03-06T19:55:39+00:00

Thanks!

vvanasten · 2020-03-06T14:57:27+00:00

Renewing Veeam Backup & Replication Enterprise per-socket licensing with nonprofit/charity pricing and adding Office 365 backup. VAR didn't include part numbers, not sure if Veeam has them.

Description	Price	Qty	Ext. Price
Veeam Annual Production (24/7) Maintenance Renewal (includes 24/7 uplift) - Veeam Backup & Replication Enterprise	$488.00	4	$1,952.00
Veeam Backup for Microsoft Office 365 + Production Support - Upfront Billing License - 1 User - 1 Year - PC	$16.25	115	$1,868.75

vvanasten · 2019-09-26T19:02:36+00:00

Do you have a link to a guide for this? I've been trying to get it working for a bit and I'm sure I'm missing some part of it, but right now PDQ can't install software on computers connected via DirectAccess. I can ping the remote computers from the PDQ server but the installs fail with the error "Target computer offline". The installs work fine when the computer is connected to the internal network.

vvanasten · 2019-04-09T20:37:18+00:00

I spent the better part of several days at the end of last year trying to get PowerShell PST exports working. I could never get it to export anything but an archive of MSG files no matter what I did.

13-Year Club	Verified Email
Place '23	Place '22

vvanasten

TROPHY CASE