lungdart

joined 1 year ago
[–] lungdart@lemmy.ca 2 points 2 weeks ago

Routing takes place on layer 3 (ip) so destinations are ip networks and hosts.

Each packet you create has a destination IP. Your computer looks at your route table to see where it goes by matching the destination ip with each network. It will be sent to the most specific match first and your default gateway last.

If you're default gateway is you're vpn server via your vpn interface then you just need to add more specific route for destinations of interest through a different gateway (you're router) via the physical interface

[–] lungdart@lemmy.ca 20 points 2 weeks ago

Raw disk access is a privilege in Linux, usually reserved for root.

You could have root change the permissions on the directory to allow another user or group write access.

[–] lungdart@lemmy.ca 3 points 2 weeks ago

goes to Google, on the raw network, and on the VPN.

You can't "go" to a destination on two networks in a single request. It's all packets on a wire, if it comes from two sources, it was two requests.

Unless you mean two different requests. As in while on the VPN everything is tunneled, and while not on the VPN it's not, but this is the opposite of what the OP was asking for. He wants the VPN on for some use cases, and off for others. That's split tunneling.

He'll likely wind up with difficulties around trying to figure out which destinations he doesn't want routed through the VPN, because there's no way to do it by protocol, since routing happens on layer 3, not 4 or 7. He'll likely need to know those address in advance.

[–] lungdart@lemmy.ca 1 points 2 weeks ago

Interesting. There's no difference in my dialect.

[–] lungdart@lemmy.ca 4 points 2 weeks ago

One NIC is fine

[–] lungdart@lemmy.ca 4 points 3 weeks ago

Told my wife and kids they can run whatever they want if they don't involve me. If you want me to help with computer issues then I'm installing Linux.

If you don't want that, you better learn how to computer because you're on your own

[–] lungdart@lemmy.ca 2 points 3 weeks ago

Canadian with a shitty mobile keyboard, that's all.

[–] lungdart@lemmy.ca 7 points 3 weeks ago (1 children)

Swipe keyboard. It picks random yours, and I'm exhausted from flying all day so I didn't proof read.

[–] lungdart@lemmy.ca 41 points 3 weeks ago* (last edited 3 weeks ago) (18 children)

Yes that's called routing.

You don't bind it to a NIC, you specify the destinations you want forwarded to each interface. Your VPN connection is just another interface.

If you're looking for good docs, you may want to Google split tunnel vpn, and also bone up on your networking.

A few static routes should get you what you need

[–] lungdart@lemmy.ca 2 points 3 weeks ago

Pfsense is built on this, but it has some free software issues.

OpnSense was a pfsense fork from some of them original creators, that is free software.

Both are fantastic.

[–] lungdart@lemmy.ca 9 points 3 weeks ago (2 children)

I can see this being a breaking change for some strange edge cases and (ab)uses.

[–] lungdart@lemmy.ca -1 points 3 weeks ago (1 children)

Neo4j might with

 

So I posted not too long ago that I had a drive failure in my RaidZ pool. Ordered a replacement disk (WD RED, purpose built for NAS), and tried resilvering only to see this after a short while...

https://github.com/openzfs/zfs/issues/10214 https://www.truenas.com/docs/hardware/notices/componentarticles/wdsmr/ https://blog.westerndigital.com/wd-red-nas-drives/

Turns out WD started pushing out a new disk technology called SMR, that's slower, and fails when rebuilding RAIDs due to heavy write operations, and specifically marketed it towards NAS users? WTF Western Digital?!

Anyway, disk RMAd, and a replacement CMR disk is on the way. I'll never buy WD drives again... Lesson learned the hard way.

 

Recently rebuilt my homelab using proxmox and k3s. I like it a lot! Also loving dashy over the old heimdall dashboard.

If you have any suggestions for workloads, let me know!

 

Recently rebuilt my homelab. While restoring files to the new zpools, one of them had a few faults and ended up in a degraded state.

Replacement disk on the way, Hopefully resilvering the pool after disk replacement doesn't cause any more issues. Luckily, all the data is backed up as I recently rebuilt it, so no worries if it explodes.

 

Continuation of a post earlier in the week. I ordered pass through patch panels and premade cables due to bad connections, and everything is working great!

Getting rancher harvester installed now, then rancher, then setting up a small cluster to play with.

I may grab some OCI freetier and vpn to add another node.

 

A little update on the racking the basement lab.

New patch panel and cables made my life much easier. All the packets are flowing! Working out some KVM issues while I get rancher harvester deployed.

6
submitted 1 year ago* (last edited 1 year ago) by lungdart@lemmy.ca to c/homelab@lemmy.ml
 

Patch panel was second hand, and unfortunately you get what you pay for. Fewer than half the ports are functional. I ordered some premade cat6 and a rj45 through connector patch panel to fix it.

 

Rack is wired (patch cables ordered). Unfortunately the second hand patch panel is a bad idea, less than half the ports are functional...

I ordered a rj45 cat6 through panel and a bunch of premade cables. Should be here at the end of the month!

 

Trying to cross post, not sure if I'm doing it right. Apologies if I'm breaking any rules!

4
submitted 1 year ago* (last edited 1 year ago) by lungdart@lemmy.ca to c/homelab@lemmy.cloudhub.social
 

Finally got around to racking up my lab! (Still needs wiring up, but that's tomorrows problem)

Top to bottom:

  • 1u PDU
  • 1u cable management
  • 1u custom super micro pfsense build
  • 1u tplink jetstream. 24x1Gbe 4x SFP
  • 1u cable management
  • 2u patch panel
  • 4u custom super micro server
  • A shelf with a UPS and a gaming rig (ryzen with a 1070ti)

Going to run rancher harvester + rancher vm + k8s cluster. Usual media stack, nextcloud, pihole, etc etc.

Mostly just want a cluster to play with and harvester seems fun!

95
It's started (reddark.untone.uk)
 

Some of my favorite subs have started going private already. I moved RiF out of the tray and replaced it with Jerboa.

I started my aggregated news with slashdot and fark. Moved to Digg after Kevin Rose announced it on TTV. went to Reddit at digg v2 because Reddit looked like diggv1. Went to rif when mobile usage passed my computer usage, now I'm here!

What's your story?

view more: next ›