|
spincube posted:Hmm. Plugging in the external address, it thinks for a few seconds, and then: Did you setup NAT? ("Ports are open" is unfortunately ambiguous.) Can you send us a screenshot of your router settings where you setup NAT? Try a random, high, port. Like, 3478. (I googled "Playstation 4 port forward") Do UDP and TCP.
|
#
?
Jul 5, 2019 22:02
|
|
|
|
| # ? May 27, 2024 09:45 |
|
|
Not sure about NAT, but here's an imgur gallery of how I've set up port forwarding on my router. I hadn't thought about fiddling with the ports, though - worth a shot, I'll sleep on it and give it a try.
|
|
#
?
Jul 5, 2019 22:27
|
|
so I could say that I finally figured out what this god damned cube is doing. Get well Lowtax.
|
spincube posted:Not sure about NAT, but here's an imgur gallery of how I've set up port forwarding on my router. Somewhere you need a setting that says "port 1194/udp should go to 192.168.0.51:1194" - It needs all of those elements. I don't know what the top screenshot is, it looks like the first step. The firewall rules should let it get in to be NAT'ed (port forwarded) back to your NAS. Don't try too hard on the port thing, it's sort of a last-ditch effort in case your ISP blocks some ports but not others. The next step here is sadly buying a VPS somewhere (DigitalOcean for example) and running openvpn there as well.
|
|
#
?
Jul 5, 2019 22:56
|
|
|
I don't know how likely it is, but there's a chance that searching for "model number + NAT guide" on Google can give you some results for your specific device.
|
|
#
?
Jul 6, 2019 07:40
|
|
|
Here is a little diagram to help you on how to setup your VPN to your NAS and access it. External IP Address -> Modem/ISP edge Router --> Main Router ---> VPN --> NAS XX.XX.XX.XX -> Bridge, or port forward to Router --> Forward ports to VPN --> forward external ports to internal NAS ports and VPN ip address So from the outside you would type in XX.XX.XX.XX to connect to the VPN from there, you would then connect to the VPN address of the NAS as it should be part of your virtual network. If you keep this in mind it will be easy to set it up over all. Hope this helps a bit, I just want to throw it down before I passed out from the night.
|
|
#
?
Jul 6, 2019 08:58
|
|
|
I've hosed around with different ports; it happily connects using the Synology's IP, but using my external IP I'm still receiving the oldquote:TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)  I'm no closer to my original goal - accessing my personal Netflix from outside the house - so I'm shelving this for now. Thanks for the help, anyway.
|
|
#
?
Jul 6, 2019 11:15
|
|
|
Just making sure, you're not trying to connect to the VPN while on your network, right? Also your firewall has a confusing way of labeling things, sticking with LAN/WAN instead of source and destination. The outbound rule looks like it might be wrong. The port on your VPN will always be 1194, but the port on the client will probably never be 1194. IOwnCalculus fucked around with this message at 15:50 on Jul 6, 2019 |
|
#
?
Jul 6, 2019 15:47
|
|
|
spincube posted:I've hosed around with different ports; it happily connects using the Synology's IP, but using my external IP I'm still receiving the old Wait, if all you want is to access your "personal Netflix," have you tried using Plex? You wouldn't need a VPN.
|
|
#
?
Jul 6, 2019 16:39
|
|
|
If I’m planning on putting a 4-disk RAID10* in a desktop should I consider using WD Reds or would I still be better off using Blues or even Blacks? I know that Reds aren’t desktop drives and ordinarily using them as such will result in them stealing my pickup truck and running over my dog** but this isn’t a standard desktop use so I thought I’d better ask. *: Possibly a RAID5 but the better read/write from the 10 makes up for the slightly lower capacity in my opinion, especially since they’re 5400rpm? **: Despite my having neither of these things. E: It doesn’t even look like 8TB Blues or Blacks are things-which-exist so that narrows the possibilities somewhat... E2: Comedy “Ultrastar” option. E3: 8TB Ultrastars are 7200 and like  more than Red 5400s,  ?
Schadenboner fucked around with this message at 17:13 on Jul 6, 2019 |
|
#
?
Jul 6, 2019 16:58
|
|
|
Schadenboner posted:If I’m planning on putting a 4-disk RAID10* in a desktop should I consider using WD Reds or would I still be better off using Blues or even Blacks?
|
|
#
?
Jul 6, 2019 17:07
|
|
|
D. Ebdrup posted:What are you doing that requires you to increase your IOPS? Because that, not bandwidth, is the benefit of striping RAID1/4/5/6/7 arrays together. Mostly virtualization (Hyper-V, possibly with nested ESXi, some GNS3 stuff as well)?
|
|
#
?
Jul 6, 2019 17:12
|
|
|
Schadenboner posted:Mostly virtualization (Hyper-V, possibly with nested ESXi, some GNS3 stuff as well)? So homelab stuff. Honestly, you will be better off with an SSD or two, then get a Veeam NFR license for free to backup the stuff you care about. You are going to be building up and tearing down machines a lot, SSD speeds will benefit you here.
|
|
#
?
Jul 6, 2019 17:18
|
|
|
Internet Explorer posted:Wait, if all you want is to access your "personal Netflix," have you tried using Plex? You wouldn't need a VPN. Do never expose things to the internet. I wouldn't trust plex either. I know thousands of people do but I'm not one of them. Harumph. (If you do, I would suggest making sure that you firewall off access from whatever is running plex to the rest of your network, only poking a hole to the exact port on whatever is storing your media. If it's the NAS that is running plex, move plex. Set access to the media as read only on the synology. You should assume that someone will gain access to a shell on whatever is exposed to the internet and can run whatever commands they want.) I know this all sounds  , I expose things to the internet and accept unsolicited connections for a living. It's a nasty place out there. We spend a considerable amount of time trying to get things off the public internet and onto private connections. If you accept this risk then knock yourself out. Google "iot botnet" and go from there. I am setting up openvpn/wireguard to access plex remotely.
|
|
#
?
Jul 6, 2019 17:24
|
|
|
Moey posted:So homelab stuff. I’m also  about the heat that those spinnybois would put out so you’re probably right.Is RAID5’s write amplification still a problem with modern consumer SSDs (probably Blues or Crucial MX500s)? The last time I looked at SSD raids the received wisdom was “Don’t RAID5 SSDs” but drives were getting good enough that people were starting to say it wasn’t really worth worrying about anymore? E: H110Hawk posted:I expose things to the internet and accept unsolicited connections for a living.  Txt me. Schadenboner fucked around with this message at 17:28 on Jul 6, 2019 |
|
#
?
Jul 6, 2019 17:25
|
|
|
Schadenboner posted:I’m also
|
|
#
?
Jul 6, 2019 17:52
|
|
|
Schadenboner posted:
443 only baby I don't do unwrapped.
|
|
#
?
Jul 6, 2019 17:53
|
|
|
Internet Explorer posted:Wait, if all you want is to access your "personal Netflix," have you tried using Plex? You wouldn't need a VPN. Well, my original question was: spincube posted:I have Emby installed on my Synology. At present it's happily serving up Linux videos over my home network, but I'd like to be able to access these from outside the house. So, the eternal 1,000,000 question: how do I access my Emby from elsewhere, without ending up turning my server into some Chinese gangster's Bitcoin miner? 
|
|
#
?
Jul 6, 2019 19:47
|
|
|
spincube posted:Well, my original question was: If you trust emby, or don't care if it can get backdoored, all you have to do is forward the one or two ports. (Again, if you've got CGNAT you may have a problem, I dunno.)
|
|
#
?
Jul 6, 2019 19:51
|
|
|
I use pfsense as my router, and use OpenVPN to connect home. It works great. I followed the YouTube videos from Lawrence Systems to set it up.
|
|
#
?
Jul 6, 2019 19:53
|
|
|
yeah for VM stuff these days, *ESPECIALLY* ephemeral stuff for CI/CD/builds etc, just get 2 SSDs and enjoy
|
|
#
?
Jul 6, 2019 20:00
|
|
|
I run the OpenVPN Virtual Appliance in my Xen hypervisor, but I'm running on 443 so I can bypass filtering for work.
|
|
#
?
Jul 7, 2019 05:26
|
|
|
CommieGIR posted:I run the OpenVPN Virtual Appliance in my Xen hypervisor, but I'm running on 443 so I can bypass filtering for work. My coworker likes to run VPN on the DNS port, 53/UDP. This gets you through even many captive portals on airports and such.
|
|
#
?
Jul 7, 2019 10:31
|
|
|
Saukkis posted:My coworker likes to run VPN on the DNS port, 53/UDP. This gets you through even many captive portals on airports and such. Nice. Might try that.
|
|
#
?
Jul 7, 2019 15:22
|
|
|
Crunchy Black posted:yeah for VM stuff these days, *ESPECIALLY* ephemeral stuff for CI/CD/builds etc, just get 2 SSDs and enjoy The motherboard I'm looking at can do separate M.2 and SATA RAIDs so yeah, that's probably what I'll do: a couple of 1TB NVMe drives RAIDed for the OS and (if/when I run out of space on that) probably 4 "slow" SATA SSDs in a 10 for storage. Looks like the board doesn't do the shared SATA lanes thing if both the M.2s are NVMEs which is nice. Thanks! 
|
|
#
?
Jul 7, 2019 18:18
|
|
|
VPNs are notoriously hard to set up and notoriously easy to gently caress up. I highly recommend using Algo or Streisand to do it for you. Both support Wireguard, and Streisand supports a whole raft of additional protocols (though you probably only need Algo if you're only after Wireguard). I have no idea if you can make this work on a Synology, I don't have one.
|
|
#
?
Jul 8, 2019 12:36
|
|
|
Maybe better in the networking thread, but I just moved to an ISP with CGNAT, so had to figure out a port forward solution for Plex and OpenVPN into my home LAN. I thought about renting a VPS and setting up OpenVPN, but TorGuard VPN was simpler and cheaper (about $2.50 a month when you use a coupon and pay for a couple years). My set up is: Site-to-site OVPN from pfSense to TorGuard, with firewall rules to tunnel my Plex server’s traffic through TorGuard. pfSense connects exclusively to one nearby TorGuard server, and then I set the appropriate port forwards on TorGuard’s site and in pfSense to forward the Plex and OVPN traffic. It has been surprisingly bulletproof, and aside from having to configure port forwards in pfSense and on Torguard’s site, it isn’t much worse than just forwarding ports in your firewall. bobfather fucked around with this message at 12:54 on Jul 8, 2019 |
|
#
?
Jul 8, 2019 12:51
|
|
|
Nam Taf posted:VPNs are notoriously hard to set up and notoriously easy to gently caress up. I highly recommend using Algo or Streisand to do it for you. Both support Wireguard, and Streisand supports a whole raft of additional protocols (though you probably only need Algo if you're only after Wireguard). You can run VMs on them, so that might be the easiest way forward
|
|
#
?
Jul 8, 2019 13:00
|
|
|
Regrading establishing connections to systems behind CGN, there are a few options I've yet to see mentioned. One solution I setup at a friends place uses a script to get the dynamically-assigned CGN port and connect the if_ipsec VTI, which then establishes the site-to-site VPN (which is bidirectional). Another option would be to have a take inspiration from the days of dial-up and use a call-out script, but with SSH as that supports reverse tunneling. In all cases, it helps to use the proper ciphers. I'm quite fond of AES-256-GCM since it's meant for dealing with Ethernet packets, and gets integrity checking through the built-in HMAC - plus, it's accelerated on modern CPUs.
|
|
#
?
Jul 8, 2019 14:04
|
|
|
Nam Taf posted:VPNs are notoriously hard to set up and notoriously easy to gently caress up. I highly recommend using Algo or Streisand to do it for you. Both support Wireguard, and Streisand supports a whole raft of additional protocols (though you probably only need Algo if you're only after Wireguard). OpenVPNs Virtual Appliance is actually incredibly easy to setup, and has Google MFA built in. https://openvpn.net/virtual-appliances/
|
|
#
?
Jul 8, 2019 14:33
|
|
|
Schadenboner posted:The motherboard I'm looking at can do separate M.2 and SATA RAIDs so yeah, that's probably what I'll do: a couple of 1TB NVMe drives RAIDed for the OS and (if/when I run out of space on that) probably 4 "slow" SATA SSDs in a 10 for storage. Looks like the board doesn't do the shared SATA lanes thing if both the M.2s are NVMEs which is nice. Keep in mind you can't RAID NVMe out of the box. Intel is introducing vROC on the Skylake/Cascade Lake SP server chips, but the boardmaker has to implement it. I don't think the desktop chips support it yet. https://www.intel.com/content/www/us/en/support/articles/000024498/memory-and-storage/ssd-software.html If that's something you want to do, I have one of these Highpoints which implements a RAID ASIC on top of a PCIe switch. Its pricey but works well. http://www.highpoint-tech.com/USA_new/series-ssd7101a-1-overview.htm Bear in mind, though, that guy doesn't support being a boot device, they have another one specifically: http://www.highpoint-tech.com/USA_new/series-ssd7102-overview.htm
|
|
#
?
Jul 8, 2019 20:44
|
|
|
Obligatory reminder that hardware RAID, even the fake kind that Intel does, is just software RAID that you can't inspect or often can't even reason about/with.
|
|
#
?
Jul 8, 2019 21:19
|
|
|
The motherboard's manual seems to say it supports M.2 RAID. If not then I guess I have an extra fast SSD for storage? Thanks though, I really do appreciate the help (I haven't built a desktop in literally 10 years or so: I remember building my last one while watching President Obama getting sworn in back in January 09 before we all went through the Mayan hell-gate).
|
|
#
?
Jul 9, 2019 02:34
|
|
|
D. Ebdrup posted:Obligatory reminder that hardware RAID, even the fake kind that Intel does, is just software RAID that you can't inspect or often can't even reason about/with. This is very true. Schadenboner posted:The motherboard's manual seems to say it supports M.2 RAID. If not then I guess I have an extra fast SSD for storage? Bear in mind m.2 ! necessarily = NVMe. You can implement SATA over the m.2 connector, which if you used 2 SATA NVMes you should be able to RAID no problem. Unless you were super constrained by drive bays I don't know why you would do this. There never was big adoption of SATA m.2s. Also bear in mind they typically piggy back off of/take the place of SATA ports when used in that configuration.
|
|
#
?
Jul 9, 2019 16:07
|
|
|
Crunchy Black posted:Bear in mind m.2 ! necessarily = NVMe. You can implement SATA over the m.2 connector, which if you used 2 SATA NVMes you should be able to RAID no problem. Unless you were super constrained by drive bays I don't know why you would do this. There never was big adoption of SATA m.2s. Also bear in mind they typically piggy back off of/take the place of SATA ports when used in that configuration. M.2 is just a connector standard like 8P8C; except that M.2 at least has keying to indicate what's carried (although the keying isn't very good, because two of the ones used for PCI-EX are also used for at least USB and several other things on top of which, which aren't defined on any of the other keys. See page 3 of this pdf. EDIT: Although even that's not strictly speaking true, as 8P8C has keying too if you're using it for telephony as it's probably not smart to plug POTS into a NIC. BlankSystemDaemon fucked around with this message at 17:54 on Jul 9, 2019 |
|
#
?
Jul 9, 2019 17:50
|
|
|
The ones I’m looking at are either 2TB Intel 760Ps or 1TB Samsung 970 EVO+s (the 2TB version of which is 500 bucks which is a little too  for me, versus the perfectly reasonable 400 that Intel charges ) which I think are both NVMe?
|
|
#
?
Jul 9, 2019 18:01
|
|
|
Schadenboner posted:The ones I’m looking at are either 2TB Intel 760Ps or 1TB Samsung 970 EVO+s (the 2TB version of which is 500 bucks which is a little too The motherboard m.2 port might not be, that is only the connector form factor not the protocol it runs. Think about how USB ports can be version 1, 2, or 3 with no way to know by looking at it. Have you linked which motherboard you're intending to buy?
|
|
#
?
Jul 9, 2019 18:08
|
|
|
H110Hawk posted:The motherboard m.2 port might not be, that is only the connector form factor not the protocol it runs. Think about how USB ports can be version 1, 2, or 3 with no way to know by looking at it. Have you linked which motherboard you're intending to buy? I’m thinking this MicroATX jobbie? The block diagram in the manual says the two M.2s are on their own PCIe Bus rather than sharing SATA lanes but that can mean a lot of different actual speeds.
|
|
#
?
Jul 9, 2019 18:13
|
|
|
Schadenboner posted:I’m thinking this MicroATX jobbie? Looking at the pictures it infers that the M.2 slots are NVME and Optane compatible. What on earth is your goal again? I seem to recall a previous discussion of not being able to afford a Synology, now we're looking at screaming gamer motherboards and NVMe? Have you stated a goal?
|
|
#
?
Jul 9, 2019 18:28
|
|
|
H110Hawk posted:Looking at the pictures it infers that the M.2 slots are NVME and Optane compatible. I should probably take these to the PC thread, the original question (can I use Reds in a desktop RAID) isn’t really operative anymore. The name for what I’m looking to build used to be a Workstation (only with a gamer video card not a professional video card) but I’m having trouble finding “high performance parts that aren’t blinged-out gamer poo poo”. But if I could find a good 1151 business board that also had dual M.2s I’d use it in a heartbeat. It doesn’t need to have ground-effect lighting, is what I’m saying. Budget is sort of a soft constraint i’d say, this is a once-a-decade(ish) thing for me so I’m willing to drop a reasonable amount of coin. It’s also a from-zero build, not even my old keyboard is coming with me from my old desktop. My original-original idea was to just get a laptop so a dedicated NAS would make a lot more sense since you can’t just stuff disk after disk into a laptop) but I’ve realized that there aren’t really laptops that do what I want without spending 3500+ on a Precision and, since I don’t travel for work or anything, I’m paying for portability I won’t realistically use. I only build a machine once every 10ish years so I want to wildly over-build. The machine is supposed to do: 1. GNS 2. Virtualization 3.  Secretly be good for playing bideo james. Like I said, this is probably better suited for the PC build thread at this point. Thanks for the help though! E: My  skill is weak. I just had to look for chipsets which work with the processor I’m looking at but weren’t the Z390 and I found a bunch of business motherboards with dual M.2s. 
Schadenboner fucked around with this message at 19:36 on Jul 9, 2019 |
|
#
?
Jul 9, 2019 18:58
|
|
|
|
| # ? May 27, 2024 09:45 |
|
|
Schadenboner posted:I should probably take these to the PC thread, the original question (can I use Reds in a desktop RAID) isn’t really operative anymore. I feel like you might be better suited by 2-3 devices rather than one all in one. Build a NAS/Virtualization box (What's GNS?) which you build once a decade. Build a gamer computer which you rebuild as it doesn't play your video games, but which also has 0 non-ephemeral stuff on it. Right now my desktop is basically just applications, steam, and my NAS mounted as a network drive. That way you don't need multiple NVMe disks just to store your terrible VMs, one in normal operation mode to store your steam files should perform fine unless games have changed fundamentally.
|
|
#
?
Jul 9, 2019 19:47
|
|