Announcement

Collapse
No announcement yet.

DD-WRT router suggestion

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Originally posted by Pete View Post
    @Dan - Question #1 - unrelated to OP

    Curious how you are going to create a NAS4Free VM on your VM box?

    I tried doing similar a few weeks back and found it not really feasible.

    Here just went to using stock Ubuntu software RAID and it works fine. Configured VB's to talk to Raid drives as virtual mapped drives (well on the same box).
    Pete, not sure what you mean? I already have the NAS4Free VM. I use that on my T20 to link back to my T110's WinHome Server 2012 virtual machine over iSCSI on a 10G link. For hard drives, I either have them on a PCI card, which I use PCI-passthrough to provide ANYTHING attached to that card to the NAS4FREE VM, or I use a trick my brother showed me called RDM. Basically, you end up MAPPING the drive into the VM in such a way that it gains DIRECT RAW access to the hard drive. Thus I can use an ESXi controlled controller, but give the VM direct mapping to the drive. No need for ESXi drive containers.

    Both the T110 and the T20 run ESXi and the 10G cards I have are ESXi compliant with drivers for ESXi. When adding a network to a VM, I just use the last network card selection when adding a NIC to a VM. This VMXNET 3 selection gives that VM access to the 10G network. Using the built in ESXi networking features, this also allows me to link that 10G network through a pfSense network. I've not done this yet, but will allow me to remove the gigabit network and hook that into a separate switch, which I can de-power to keep the maintenance networks offline (being paranoid, I know).

    I also use this machine (with it's 7 gigabit NICS) as my pfSense machine. I was upgrading my pfSense machine as you mentioned. Tossed it into my T110 and have never had to add / change anything since. have enough processors / ram to run with FULL SNORT. I do not at this time, but I've tested it. At the time of testing, had too many VMs in one machine (not enough RAM). Now with the second server, should be AOK to use again.

    Originally posted by Pete View Post
    Question #2

    I have two NICs on same above mentioned box and want to dedicate primary NIC for primary OS and secondary NIC for VBs. (guest hosts)

    How do I do that?
    Are you using ESXi? Or what virtualizing setup do you have?
    For ESXi, if the cards are hypervisor compatible, they are just resources. I think it will be more clear after I draw up the pictorial.

    Basically in my T20, has TWO NICS. The 10G and my 1G. My networking tab has TWO networks. Allocated on the vmnic0 (1G physical port), is LAN and Managment. The vmnic1 is associated with the 10G. Once I tidy up the T110 side, vmnic0 will ONLY have Management. The vmnic1 will take everything else.

    The T110 has 8 PHYSICAL NIC ports. 1 onboard, a 6 port Gigabit NIC, 10G SFP+ NIC. In the networking tab of vSphere (the managment software for ESXi), I have 6 networks. Management, Cable Modem, DSL Modem, LAN (interface to the physical 24 port SWITCH in the house), iSCSI (direct connect to the ACER Easy Home that uses a Nas4Free install), 10G network for the new iSCSI network (not fully setup at this time).

    Then, I just associate those NETWORKS with NICS that are installed INTO virtual machines. The only networks that are NOT shared are Cable Modem and DSL. They ONLY go to the pfSense machine and are ONLY associated with 1 NIC each. Giving me PHYSICAL separation for my internet install. I could have used VLAN, but being paranoid and having more NICS than I knew what to do with, just dedicated 1 port each.

    So, essentially, you can create as many networks as you want, even if they do not have a physical port. However, as I demonstrated, I've got multiple networks attached to 1 vmnic0 on my T20 and all of that is just 1 physical port.

    So, for you, just associate only 1 NETWORK with EACH NIC. Then only assign that 1 network with your primary OS. The rest can share. If you are using something like VirtualBox, well, that is why I moved away. The only way I could make that happen was with a USB ethernet card. However, until the VirtualMachine is up and running, that USB device is available to the Host OS. This is where a hypervisor really shines. No matter what, the virtual machines MUST go THROUGH the hypervisor's resources, they cannot load until the hypervisor is running. This forces all my resources to NOT mix in all cases at all times. Thus I feel safe with all my internets going DIRECTLY into my server. It never comes OUT to my LAN without passing through pfSense first.

    HTH and made sense.

    --Dan
    Last edited by drozwood90; February 1, 2017, 05:01 PM. Reason: missed details
    Tasker, to a person who does Homeautomation...is like walking up to a Crack Treatment facility with a truck full of 3lb bags of crack. Then for each person that walks in and out smack them in the face with an open bag.

    Comment


      Pete,

      A long time ago, I had read something that would do what you are asking - basically the guy setup VirtualBox with pfSense. Somehow got WIndows to never see any physical NIC, then looped everything (network-wise) through pfSense. Basically had that level of firewall on his laptop. I can't remember the title of the article, but it sticks out as a super great way to protect yur machine above and beyond the built in firewalls - if you did not want to bring around a travel router.

      Used virtual NICs (which Windows can add if you look in the add/remove hardware). I used one of those when I was attempting to setup TINC - which really works well for BASIC VPN-like setup. I gave up on it as it was too complex to maintain for my little setup and IPSEC was easier. Then, moved away from IPSEC in favor of OpenVPN.
      IPSEC Issues
      That's a high level of what I understand to be the issues. Better than nothing, but HIGHLY preferable to use something else. Looks like the issues have to do with the key exchange?

      --Dan
      Tasker, to a person who does Homeautomation...is like walking up to a Crack Treatment facility with a truck full of 3lb bags of crack. Then for each person that walks in and out smack them in the face with an open bag.

      Comment


        Ahh...recall reading a few years back that PPTP VPN was not longer a secure VPN due to the MSChapV2 which has been compromised.

        Thinking IPSec VPN has aged well with time and it is better today than it was yesteryear. It is mostly utilized today in corporate environments. SSL did have that heartbleed issue.

        Here still looking to see which is fastest testing both of them.

        Like those little travel routers, smaller and faster today.
        - Pete

        Auto mator
        Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
        Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
        HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram

        HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
        HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11

        X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

        Comment


          Relating to the NAS4Free VM folks on the forum do not suggest doing this in a VM with direct raw accesss via the VM. Here is an old quote:



          I did set it up as an Oracle VB then decided to make the main OS / Ubuntu 16.10 the NAS using software raid 1 and 5 for 8 drives on the box using an LSi 8 port SATA controller.
          - Pete

          Auto mator
          Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
          Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
          HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram

          HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
          HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11

          X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

          Comment


            Yes thinking my issue relates to using Oracle VB and assigning second NIC to W7 host instance.

            I can assign it and it does work except that the base nic configuration comes from linux. If it make it a host VB only it works fine.

            IE: primary computer is running Ubuntu 16.10 server as a Homeseer box and NAS.

            One Oracle VB is running Windows 7 Pro doing other stuff. I want the VB to only utilize the second NIC and main OS to only use the primary NIC.

            I have read the other way to do this is to use a USB NIC as you have mentioned above.
            - Pete

            Auto mator
            Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
            Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
            HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram

            HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
            HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11

            X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

            Comment


              Pete,

              I agree with the NAS4Free issues with ZFS using the assumptions made - however, using RAW is RAW. Same with just assigning a PCI device as pasthrough. There are no "layers" per-say. The hardware is just assigned.

              That is really a non-issue for me anyway. I'm not using ZFS...so...yeah. For me, I can access the SMART of my drives. I think there are a few that do not have SMART capability. They are mapped using iSCSI. The drives I can access SMART (based on my looking around for RAW mapping ESXi), seem to indicate that I can access the drive at a low enough level that I have direct access. In the case of missing SMART, I rely on other methods to read the SMART information.

              --Dan
              Tasker, to a person who does Homeautomation...is like walking up to a Crack Treatment facility with a truck full of 3lb bags of crack. Then for each person that walks in and out smack them in the face with an open bag.

              Comment


                Ahh....didn't know you could see the SMART drive stuff....thank you Dan.
                - Pete

                Auto mator
                Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
                Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
                HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram

                HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
                HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11

                X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

                Comment


                  I made some progress since the last time and I wanted to share my results. See attachment.

                  Was anyone able to set a vlan within a oracle virtualbox machine? There should be an option in the network card someplace but I can not seem to find it. I have been reading and doing google searches but noting that can lead me the way.
                  Attached Files

                  Comment


                    Very nice Aldo!

                    There are options on the Oracle network VB properties but none that I see related to a VLAN and the supposition is that the network takes on the attributes of the main network interface of the hosting PC whether this is DHCP or a bridged network connection.

                    There isn't really a choice on the network properties of the VB.

                    That said looked at my embedded Wintel tabletop touchscreens and the Realtek card does have VLAN property settings; which I have never played with.

                    [ATTACH]59493[/ATTACH]
                    - Pete

                    Auto mator
                    Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
                    Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
                    HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram

                    HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
                    HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11

                    X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

                    Comment


                      I'm very surprised as well. What is more interesting is that Windows 10 does not support vlan yet, that is disappointing. I was going to be nice to be able to put the virtualbox on a virtualbox. Now my challenge is to put hdhomerun, kodu on a different vlan but still talking with NAS on a different subnet. In addition to it, hs is also connected to KODI using the HSKodi program.

                      One step at the time :-)

                      Aldo
                      Attached Files

                      Comment


                        Yup related to the HDHomerun boxes here keep it simple with static IPs. Only KODI and MythTV talks to these boxes. I have tested VLC (Homeseer touch) Host streaming to work fine too.

                        That said right now been playing with IPTV (out of geo IP range) stuff on KODI which works fine but having issues trying to record say 30 minutes of live BBC TV news stuff where recording with HDHomerun boxes work great. I like to see international TV just to get different point of views stuff.

                        Keep one NAS dedicated to music and video which is connected to Squeezebox server, MythTV server, HDHomerun boxes and Kodi. All of the media devices today are Gb connected as I do not utilize wireless for anything on 24/7 (phones are off, tablets are off and HSTouch screens are all Gb connected except for a couple on dedicated WLAN / AP connections today).

                        So you are using one port of your firewall box (Netgear R7000) with 5 subnets or are you using 2 ports on the R7000?

                        192.168.0.0/24
                        192.168.1.0/24
                        192.168.2.0/24
                        192.168.3.0/24
                        192.168.10.0/24

                        Unifi AP has two subnets
                        192.168.0.0/24
                        192.168.2.0/24

                        So at this time you are using one AP - Unifi AP?
                        Last edited by Pete; February 13, 2017, 08:42 AM.
                        - Pete

                        Auto mator
                        Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
                        Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
                        HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram

                        HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
                        HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11

                        X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

                        Comment

                        Working...
                        X