[pfSense] CARP-user
Hi ! Does anyone have experience on CARP setup with a different user than admin ? Is there the possibility to create another user and use that for CARP ? I did not manage to get it working. Created user CARPsync with admin group-membership (and shell access) and set CARP up to use this user. It did not snc anything and i only got auth-errors. Any ideas ? Regards, martin ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] CARP-user
I think you're confusing CARP with configuration sync to remote node. CARP works in the kernel and does not have a user. The pfSync state sync also does not have a user. Only the config sync has a user. If you login with that user name on the backup node, can you perform all configuration actions via the GUI? On Tue, Sep 23, 2014 at 9:30 AM, Martin Fuchs mar...@fuchs-kiel.de wrote: Hi ! Does anyone have experience on CARP setup with a different user than „admin“ ? Is there the possibility to create another user and use that for CARP ? I did not manage to get it working… Created user „CARPsync“ with „admin“ group-membership (and shell access) and set CARP up to use this user. It did not snc anything and i only got auth-errors… Any ideas ? Regards, martin ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] OT: Good network switch for 10 machines?
Sorry about the topic, but when I had asked a question before about trying to tie into a wireless network through a pfSense box, your answers to what turned out to be another OT question actually led our IS group to give me full VPN access to the outside world. I will be putting a pfSense box on our end of that connection. Thanks again for that help! As was apparent in that post I am pretty ignorant of networking details, but do know that sometime in the near future I will be looking for a decent network switch to tie 10-11 dual cpu machines together into a cluster. Would anyone have a thought as to a good switch for this? The machines will have the Intel i210 Dual Port Gigabit Ethernet controller, if that makes any difference. Appreciate any thoughts! Thanks! Kenward -- In a completely rational society, the best of us would aspire to be *teachers* and the rest of us would have to settle for something less, because passing civilization along from one generation to the next ought to be the highest honor and the highest responsibility anyone could have. - Lee Iacocca ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
On Tue, Sep 23, 2014 at 1:28 PM, Kenward Vaughan kay_...@earthlink.net wrote: Sorry about the topic, but when I had asked a question before about trying to tie into a wireless network through a pfSense box, your answers to what turned out to be another OT question actually led our IS group to give me full VPN access to the outside world. I will be putting a pfSense box on our end of that connection. Thanks again for that help! As was apparent in that post I am pretty ignorant of networking details, but do know that sometime in the near future I will be looking for a decent network switch to tie 10-11 dual cpu machines together into a cluster. Would anyone have a thought as to a good switch for this? The machines will have the Intel i210 Dual Port Gigabit Ethernet controller, if that makes any difference. Appreciate any thoughts! Thanks! Kenward If you don't need to do any fancy routing or VLAN stuff, just go on Amazon or NewEgg and get the top-rated 16-port *unmanaged* gigabit switch. Moshe -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
On 9/23/14, 1:36 PM, Moshe Katz wrote: On Tue, Sep 23, 2014 at 1:28 PM, Kenward Vaughan kay_...@earthlink.net mailto:kay_...@earthlink.net wrote: Sorry about the topic, but when I had asked a question before about trying to tie into a wireless network through a pfSense box, your answers to what turned out to be another OT question actually led our IS group to give me full VPN access to the outside world. I will be putting a pfSense box on our end of that connection. Thanks again for that help! As was apparent in that post I am pretty ignorant of networking details, but do know that sometime in the near future I will be looking for a decent network switch to tie 10-11 dual cpu machines together into a cluster. Would anyone have a thought as to a good switch for this? The machines will have the Intel i210 Dual Port Gigabit Ethernet controller, if that makes any difference. If you don't need to do any fancy routing or VLAN stuff, just go on Amazon or NewEgg and get the top-rated 16-port /unmanaged/ gigabit switch. If you don't need fully managed I'd look for one a step up from fully un-managed. I'd look for one with a Web interface so you can at least see error rates and what MAC addresses are flowing through what ports. A few $$$ more but worth it every year or two. David ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
On Tue, Sep 23, 2014 at 11:36 AM, Moshe Katz mo...@ymkatz.net wrote: If you don't need to do any fancy routing or VLAN stuff, just go on Amazon or NewEgg and get the top-rated 16-port unmanaged gigabit switch. I would slightly disagree - note that it's a compute cluster and that the machines have dual NIC ports. If the cluster's application is network-heavy or needs each host to have a highly-available network link, I'd suggest at least a managed switch that can do LACP. I've had decent results with the Linksys/Cisco SMB switches and the ZyXel GS1900 range. If one NIC is okay, any unmanaged 16-port will do. If dual links are required, I'd suggest either a trio of 16s (two access and one core that's dual-linked to the access switches) or a single 24 if redundancy isn't a concern. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
On 23/9/14 6:46 pm, RB wrote: I'd suggest at least a managed switch that can do LACP. This. Given how small the price difference often is between unmanaged and semi-managed (aka 'smart') switches these days, it just doesn't make sense to buy unmanaged any more. You never know when things like VLANs, LLDP and LACP might just come in handy, and even if you never use them, a managed switch will also allow you to do other interesting things like graph per-port (and sometimes per-port-VLAN) usage, which can be useful for detecting misbehaving network hardware elsewhere. I've had decent results with the Linksys/Cisco SMB switches and the ZyXel GS1900 range. One of our clients uses the Zyxel switches to good effect. Their 24 port PoE versions are certainly competitively priced. I tend to use HP where possible. At the lower cost end of the market, something like the 1810-24G (web managed) is a good bet, or move up to the 2510/2520 if you need more management functionality and/or a CLI. I've avoided the 1910 range; AIUI they're basically rebadged 3Com units after the HP/3Com buyout. Kind regards, Chris -- This email is made from 100% recycled electrons ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
The 1910's ARE rebranded 3com, but I found them to be very reliable. We are having good luck with the 2530's right now. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 09/23/2014 09:56 AM, Chris Bagnall wrote: On 23/9/14 6:46 pm, RB wrote: I'd suggest at least a managed switch that can do LACP. This. Given how small the price difference often is between unmanaged and semi-managed (aka 'smart') switches these days, it just doesn't make sense to buy unmanaged any more. You never know when things like VLANs, LLDP and LACP might just come in handy, and even if you never use them, a managed switch will also allow you to do other interesting things like graph per-port (and sometimes per-port-VLAN) usage, which can be useful for detecting misbehaving network hardware elsewhere. I've had decent results with the Linksys/Cisco SMB switches and the ZyXel GS1900 range. One of our clients uses the Zyxel switches to good effect. Their 24 port PoE versions are certainly competitively priced. I tend to use HP where possible. At the lower cost end of the market, something like the 1810-24G (web managed) is a good bet, or move up to the 2510/2520 if you need more management functionality and/or a CLI. I've avoided the 1910 range; AIUI they're basically rebadged 3Com units after the HP/3Com buyout. Kind regards, Chris ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
+1 for HP ProCurve, except for the stuff they inherited from 3Com... I've also had reasonably good luck with Netgear and D-Link managed switches. The Cisco SMB stuff seems OK hardware-wise, but the software is questionable. Note that all three of these options come with lifetime, free, firmware updates. -Adam On September 23, 2014 12:56:00 PM CDT, Chris Bagnall pfse...@lists.minotaur.cc wrote: On 23/9/14 6:46 pm, RB wrote: I'd suggest at least a managed switch that can do LACP. This. Given how small the price difference often is between unmanaged and semi-managed (aka 'smart') switches these days, it just doesn't make sense to buy unmanaged any more. You never know when things like VLANs, LLDP and LACP might just come in handy, and even if you never use them, a managed switch will also allow you to do other interesting things like graph per-port (and sometimes per-port-VLAN) usage, which can be useful for detecting misbehaving network hardware elsewhere. I've had decent results with the Linksys/Cisco SMB switches and the ZyXel GS1900 range. One of our clients uses the Zyxel switches to good effect. Their 24 port PoE versions are certainly competitively priced. I tend to use HP where possible. At the lower cost end of the market, something like the 1810-24G (web managed) is a good bet, or move up to the 2510/2520 if you need more management functionality and/or a CLI. I've avoided the 1910 range; AIUI they're basically rebadged 3Com units after the HP/3Com buyout. Kind regards, Chris -- This email is made from 100% recycled electrons ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Sent from my Android device with K-9 Mail. Please excuse my brevity.___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] HPET timer issues?
On 9/23/2014 12:34 PM, Moshe Katz wrote: 1. Has anyone else seen this behavior? The only HPET issue I'm aware of is on older versions of ESX where the clock would completely stop ticking. That's been patched for a long time now though. 2. I haven't noticed any performance issues after the switch, but is there anything that I need to be concerned about? If you're not noticing any other side effects it's probably OK. Check for a BIOS update or relevant BIOS setting, though it's probably just something specific to that bit of hardware. Jim ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
I agree with the point that managed vs nonmanaged price difference is negligible so why not managed... Ubiquiti is worth a look for this application. The OS is nice to work with and has both CLI and GUI http://www.ubnt.com/edgemax/edgeswitch/ On Tue, Sep 23, 2014 at 2:04 PM, Adam Thompson athom...@athompso.net wrote: +1 for HP ProCurve, except for the stuff they inherited from 3Com... I've also had reasonably good luck with Netgear and D-Link managed switches. The Cisco SMB stuff seems OK hardware-wise, but the software is questionable. Note that all three of these options come with lifetime, free, firmware updates. -Adam On September 23, 2014 12:56:00 PM CDT, Chris Bagnall pfse...@lists.minotaur.cc wrote: On 23/9/14 6:46 pm, RB wrote: I'd suggest at least a managed switch that can do LACP. This. Given how small the price difference often is between unmanaged and semi-managed (aka 'smart') switches these days, it just doesn't make sense to buy unmanaged any more. You never know when things like VLANs, LLDP and LACP might just come in handy, and even if you never use them, a managed switch will also allow you to do other interesting things like graph per-port (and sometimes per-port-VLAN) usage, which can be useful for detecting misbehaving network hardware elsewhere. I've had decent results with the Linksys/Cisco SMB switches and the ZyXel GS1900 range. One of our clients uses the Zyxel switches to good effect. Their 24 port PoE versions are certainly competitively priced. I tend to use HP where possible. At the lower cost end of the market, something like the 1810-24G (web managed) is a good bet, or move up to the 2510/2520 if you need more management functionality and/or a CLI. I've avoided the 1910 range; AIUI they're basically rebadged 3Com units after the HP/3Com buyout. Kind regards, Chris -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Michael Bubb +1.646.783.8769 | KD2DTY Resume - http://mbubb.github.io/res/resume.html *noli timere* ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
Interesting that I would see Ubiquiti pop up on this list. I am Josh_SPITwSPOTS on that forum... http://community.ubnt.com/t5/user/viewprofilepage/user-id/108998 TheGUI and CLI are a mess. Thatsaid, they are stable, but if you don't need 24vpassive POE, and/or 802.3at/af, then the HP has better management options and a fully supported SNMP stack. I'm sure the edgeswich line will get there, but I wouldn't recommended it outside of WISP use (or needed lots of POE) just yet. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 09/23/2014 10:26 AM, Michael Bubb wrote: I agree with the point that managed vs nonmanaged price difference is negligible so why not managed... Ubiquiti is worth a look for this application. The OS is nice to work with and has both CLI and GUI http://www.ubnt.com/edgemax/edgeswitch/ On Tue, Sep 23, 2014 at 2:04 PM, Adam Thompson athom...@athompso.net mailto:athom...@athompso.net wrote: +1 for HP ProCurve, except for the stuff they inherited from 3Com... I've also had reasonably good luck with Netgear and D-Link managed switches. The Cisco SMB stuff seems OK hardware-wise, but the software is questionable. Note that all three of these options come with lifetime, free, firmware updates. -Adam On September 23, 2014 12:56:00 PM CDT, Chris Bagnall pfse...@lists.minotaur.cc mailto:pfse...@lists.minotaur.cc wrote: On 23/9/14 6:46 pm, RB wrote: I'd suggest at least a managed switch that can do LACP. This. Given how small the price difference often is between unmanaged and semi-managed (aka 'smart') switches these days, it just doesn't make sense to buy unmanaged any more. You never know when things like VLANs, LLDP and LACP might just come in handy, and even if you never use them, a managed switch will also allow you to do other interesting things like graph per-port (and sometimes per-port-VLAN) usage, which can be useful for detecting misbehaving network hardware elsewhere. I've had decent results with the Linksys/Cisco SMB switches and the ZyXel GS1900 range. One of our clients uses the Zyxel switches to good effect. Their 24 port PoE versions are certainly competitively priced. I tend to use HP where possible. At the lower cost end of the market, something like the 1810-24G (web managed) is a good bet, or move up to the 2510/2520 if you need more management functionality and/or a CLI. I've avoided the 1910 range; AIUI they're basically rebadged 3Com units after the HP/3Com buyout. Kind regards, Chris -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Michael Bubb +1.646.783.8769 | KD2DTY Resume - http://mbubb.github.io/res/resume.html *noli timere* ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
On 23/9/14 7:44 pm, Espen Johansen wrote: A netgear pro switch Be careful which model you get. Some of the newer/cheaper ones that have been sold as 'managed' recently don't have a web interface. They have some horrible management application that uses Adobe Air, only works on Windows, only communicates with switches on the same broadcast domain (so useless for any sort of routed environment) and is generally rubbish. If you get one of the older FS72x/75x models, I think you're okay - it's the newer J ones that seem to have this 'feature'. Kind regards, Chris -- This email is made from 100% recycled electrons ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
Am 23.09.2014 um 20:56 schrieb Chris Bagnall: Be careful which model you get. Some of the newer/cheaper ones that have been sold as 'managed' recently don't have a web interface. They have some horrible management application that uses Adobe Air, only works on Windows, only communicates with switches on the same broadcast domain (so useless for any sort of routed environment) and is generally rubbish. ... and broadcasts the password in plain text. No kidding. If you have a Windows machine where you can install the admin tool, and you don't have to access the management interface while other devices are plugged in (i.e. you're planning a static VLAN setup and an interruption of service to reprogram the switch is okay for you), then you can buy those, too. Just beware of these ugly limitations. The five-port model (GS105E) is nice as long as you can deal with the limitations. Gigabit, compact form factor, nice to have in your admin laptop bag, for example. There are even mods to run it from a battery pack. -Stefan ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
HP Procurves are a good line of switches, and often come with a full lifetime warranty. I also like Juniper, but those tend to be more expensive, although often more capable than the HPs. It's my policy (as a networking professional) to *always* buy managed switches. Doing this can give you a great deal of insight into what's happening on your network - the ability to use SNMP and a span/mirror port will give you the ability to monitor and diagnose traffic. Without the management, you'll be at least partially blind, which is not a good place to reside. Which switch you get will depend on what your network load will be - you didn't characterize that in your post, so it's hard to say exactly what level of performance you need. If all you need is 100mbit for each machine, getting a fully gigabit capable switch will be overkill, but if you'll be pushing lots of data between the machines (you did say cluster, after all), then getting one that's gigabit across all ports is a necessity. Kurt On Tue, Sep 23, 2014 at 10:28 AM, Kenward Vaughan kay_...@earthlink.net wrote: Sorry about the topic, but when I had asked a question before about trying to tie into a wireless network through a pfSense box, your answers to what turned out to be another OT question actually led our IS group to give me full VPN access to the outside world. I will be putting a pfSense box on our end of that connection. Thanks again for that help! As was apparent in that post I am pretty ignorant of networking details, but do know that sometime in the near future I will be looking for a decent network switch to tie 10-11 dual cpu machines together into a cluster. Would anyone have a thought as to a good switch for this? The machines will have the Intel i210 Dual Port Gigabit Ethernet controller, if that makes any difference. Appreciate any thoughts! Thanks! Kenward -- In a completely rational society, the best of us would aspire to be *teachers* and the rest of us would have to settle for something less, because passing civilization along from one generation to the next ought to be the highest honor and the highest responsibility anyone could have. - Lee Iacocca ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
Am 23.09.2014 19:56, schrieb Chris Bagnall: On 23/9/14 6:46 pm, RB wrote: I'd suggest at least a managed switch that can do LACP. This. Given how small the price difference often is between unmanaged and semi-managed (aka 'smart') switches these days, it just doesn't make sense to buy unmanaged any more. You never know when things like VLANs, LLDP and LACP might just come in handy, and even if you never use them, a managed switch will also allow you to do other interesting things like graph per-port (and sometimes per-port-VLAN) usage, which can be useful for detecting misbehaving network hardware elsewhere. word ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
BTW - forgot to make some specific recommendations - I like this switch a lot: http://www.provantage.com/hewlett-packard-hp-j9803a-aba~7HEWN2JW.htm Oh - don't forget to get the firmware current on anything you get... Kurt On Tue, Sep 23, 2014 at 10:28 AM, Kenward Vaughan kay_...@earthlink.net wrote: Sorry about the topic, but when I had asked a question before about trying to tie into a wireless network through a pfSense box, your answers to what turned out to be another OT question actually led our IS group to give me full VPN access to the outside world. I will be putting a pfSense box on our end of that connection. Thanks again for that help! As was apparent in that post I am pretty ignorant of networking details, but do know that sometime in the near future I will be looking for a decent network switch to tie 10-11 dual cpu machines together into a cluster. Would anyone have a thought as to a good switch for this? The machines will have the Intel i210 Dual Port Gigabit Ethernet controller, if that makes any difference. Appreciate any thoughts! Thanks! Kenward -- In a completely rational society, the best of us would aspire to be *teachers* and the rest of us would have to settle for something less, because passing civilization along from one generation to the next ought to be the highest honor and the highest responsibility anyone could have. - Lee Iacocca ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
