Re: [pfSense] More ports
A 260GS will do vlans just fine. Mikrotik does have weird firmware bugs, consider every software release beta. It's simply learning the difference between what's broken in one version vs another version. The hardware is decent though, and it will do the trick for what you want to do. josh reynolds :: chief information officer spitwspots :: www.spitwspots.com On 12/13/2014 05:31 PM, Bob Gustafson wrote: This is even cheaper: 5 G ports for $36. It is 'managed' but you need to dig deep into the configuration. A manual is available on-line - http://wiki.mikrotik.com/wiki/SwOS http://www.balticnetworks.com/mikrotik-routerboard-rb-260gs-complete-with-enclosure-and-power-supply-fiber-enabled.html I have one, but haven't dug very deep. Don't know if it will do your VLAN Bob G On 12/13/2014 08:06 PM, Chris Bagnall wrote: On 14/12/14 1:56 am, Brian Caouette wrote: I believe this apu4 has 3 gig ports. I'm curious if i can plug one into and old hub i have to give me more. More physical ports, yes. More interfaces in pfSense, no. If you want the latter, you'll need a VLAN-capable switch. But things like the HP 1810-8G (gigabit on all 8 ports) are so cheap these days you might prefer just to buy new. Also if the hub is 100 meg will it bring down the lan port or just affect this one port and everything on the old hub? Only everything attached to it - the other ports on the APU wouldn't be affected. But see above, I don't think it's going to give you what you want (more interfaces to configure, I presume). In the future I'd like to get a gig switch and pull cat 5 thru the house to complement the wireless. Is there an advantage to a managed switch? I'm not sure what I'd gain with it? VLAN capability and ability to enable/disable ports remotely are the obvious ones in a small network. In larger networks, things like span ports (for IDS), 802.11x port authentication (to stop people plugging dodgy things into your network), LACP (bonding links between switches), flow control, etc. etc. make managed switches worth their weight in gold. As above, though, the cost difference between a decent (light-) managed switch and an unmanaged switch is pretty negligible these days, so there's only a very marginal cost saving to be made, and you never know when those management features come in really handy. I use an HP 2510-24G at home, which is probably an overkill. The cheaper 1810-24G has the basic management capabilities listed above, and is fanless, which makes it a good choice for a home or small office environment. (I've listed HP models because that's what I've experience with, no doubt other manufacturers have similar models. Just watch out for some of the cheap Netgears that claim to be 'managed' (model beginning J I think) - they have a horrible Adobe Air management app that only works from a Windows PC, and only on the subnet the device is connected to) Kind regards, Chris ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] APU and SSD: full install or NanoBSD
Every data I've seen on them sucking has to do specifically with NTFS, which the newly released firmware update is supposed to fix. We are using 840Evo's in all of our storage arrays, and haven't seen any issues(EXT4/ZFS). Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 10/30/2014 07:33 AM, Jim Thompson wrote: On Oct 30, 2014, at 9:28 AM, Jeppe Øland jol...@gmail.com mailto:jol...@gmail.com wrote: 3 year old Kingston SSDs are not like new Kingston SSDs. Agreed. On the other hand, I tend to distrust manufacturers that shipped completely unreliable drives without any thought. Kingston/OCZ/Crucial are all in this boat for me. I’m sure I’ve been burned at least as badly by these, and others, and I still buy from them. Samsung 840s are the darling of the “cheap, fast SSD” and they turn out to suck, too: http://www.pcper.com/news/Storage/Samsung-Germany-acknowledges-840-Basic-performance-slow-down-promises-fix As for Nano, I thought it mounted almost everything as RO and only changed settings to write down settings changes, and RRD databases etc on reboots? I think I’ve already responded to this. nano is a 10 year old “solution” to the problems that existed at the time. http://markmail.org/message/rxe4xfpmdwva7q3e That doesn’t mean it’s a bad solution, but though it’s author is a brilliant individual, he obviously didn’t envision SSD in 2004. Jim ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] pfsense h/w
I'm very intrigued as to what happened with UBNThere, as Robert, Stig, and An-Cheng's phone numbers are all in my contact list. I've called them out on concerns over their gpl tarball and (fairly recent) lack of SDK as well, but then again, I've also called out MikroTik... which they've ignored. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 10/23/2014 05:36 PM, Jim Thompson wrote: On Oct 23, 2014, at 7:48 PM, Adam Thompson athom...@athompso.net wrote: [Hmm... half of this doesn't need to be on-list. Sorry if I'm polluting. -Adam] On 14-10-23 05:57 PM, Jim Thompson wrote: I get that Jim rubs a lot of people the wrong way (myself included), Darn, you’d think that sharing a last name would count for something... Sorry, no. ;-) Kind of in the same way Theo de Raadt rubs people the wrong way. Wow. You just compared me to Theo. I’m done. Anyone want to buy a firewall company? It’s either that, or I invoke Godwin’s law. (Or its corollary, “Thompson’s Law”: That the thread is over once someone compares one of the participants to Mr. de Raadt.) (It’s left to you to decide who gets the eponymous glory.) Mostly just idiots newbies take offense. And it's mostly driven, I think, by having your lifetime supply of tolerance for people who speak first and think second be long-since exhausted. So as long as you don't start saying incorrect or technically-invalid things, your audience sticks around. See closing comments, below. I think some people are waiting for “the other shoe to drop”. For us to take the pfSense project in a direction similar to what happened with Vyatta. Yeah... it's a possibility. OTOH, I'll point out that UBNT essentially forked Vyatta (and renamed it EdgeOS, IIRC) when Brocade started to close it all up. Not that UBNT is a paragon of openness, either, “either”? Wow. Strike 2. You probably don’t want to know that Jamie and I nearly bought Ubiquiti from Mr. Pera, or that we let the company live when he owed us a pile of cash. I’m not going into details, but Ubiquiti did violate Vyatta’s license, got called on it, and had to reverse direction for a bit. but that's the benefit of the appropriate license - everyone can feel free to copy (or fork!) pfSense from any of the multitude of places it lives online right now, and feel free to burn it to archival WORM media Just In Case Something Bad Happens To The Project. As Jim pointed out, however, when you resurrect it (and somehow replace all the infrastructure and developers in one fell swoop, *ahem*), you can't call your new project pfSense. You can have an FAQ entry explaining how it used to be pfSense, you can even leave the GIT, or SVN, or even SCCS repository up as-is with the pfSense name throughout it, but as soon as you create a derivative work: new project. ... pfSense is going closed source, Technically, this could happen, but realistically, someone will probably fork it. And that project will likely die out or remove itself from public participation, as these things tend to do. For that matter, remember that pfSense is (sort of) a fork of m0n0wall from a decade ago in the first place. For different reasons, but nonetheless. As if I didn’t know, had forgotten, or wish people would forget. Just in-case you have forgotten, Netgate originally shipped m0n0wall on WRAP boards, then cut-over to pfSense quite early after the fork. and Jim Thompson is actually a blood thirsty, extra-terrestrial, shapeshifting reptile. Well, that explains a few things! grin It explains everything, actually. Finally, I think there is still a segment of the community who views me with distrust because I put a license agreement and contributor agreement in front of access to the source code for the pfSense project. We didn’t articulate the reasons for doing this very well, and the execution when we did it wasn’t … optimal. I wasn't affected by that, and - AFAIK - neither were most of the people who whine and cadge about a commercial entity being involved. I don't recall what the license used to be, but clearly the current one is a custom license that doesn't even attempt to follow the UCB/BSD license. As long as ESF covered all their legal bases properly, they can do whatever the f*** they want with the license. I can see how old contributors might not like the new CLA, though. And I don't know of any project that has ever pivoted on a license change this way ... optimally. There is an agreement that allows access to the pfsense-tools repo. As pre-requisite to that agreement, a contributor agreement must be in-place. Once you have the code, you’ll find the license in the individual files to be the same as it always was (mostly BSD 3 clause, but there are a smattering of other files.) Doesn’t matter, you already agreed to the other license, that’s the hack. The license is non-transferable, but if you build
Re: [pfSense] pfsense h/w
I am the CIO of a WISP who uses their products, and does a lot of alpha/beta testing for them and other vendors... I may be a little biased. The M series gear is pretty good kit for point to point or point to multi point applications. AirFiber is great for ~10 mile or less shots, with bandwidth a little over 765Mbps full duplex on short range shots with the AF24. The new UniFi products are looking good, basically localor remote cloud managed routers, switches, access points, and phones, with plans to fold the unifi-video line directly in, as well as the mFi sensor line into the same interface. The camera hardware is getting better, but the native camera feature set needs work... I can't seem to get it pounded into peoples heads that RTSP and cookieless jpg snapshots should be native on the cameras themselves. 1M pps routing for $99 on an edgerouter-lite ain't a bad gig. I'd still like to see more work done on the HA front- I need more than VRRP. The QoS engine and firewall engines could both stand to be rebuilt, and might be in the fairly near future. The standard 8 port edgerouter and edgerouter pro models are pretty nice. I'm excited to see how the carrier and other future models turn out. There-- that's a quick writeup that should be useful for people on this list. Did Thompson molt yet? Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 10/24/2014 05:53 AM, Ryan Coleman wrote: I presume UBNT is Ubiquiti? I'm probably going to start testing their hardware for other applications (I work in the video surveillance industry as well as high capacity wifi) and I'd be curious to get some pros/cons from those who know... so please email me off list (so as not to offend the other Thompson on the list... he might molt on me anyway). Sliante! On 10/24/2014 4:03 AM, Adam Thompson wrote: [One public correction, nothing to do with Godwin's law! -Adam] On 14-10-23 08:36 PM, Jim Thompson wrote: Not that UBNT is a paragon of openness, either, “either”? Wow. Strike 2. That wasn't a dig at you or ESF or NG - I was thinking of Brocade when I wrote that. I could also use UBNT's competitor, MikroTik, as a good example of how to build decent products the wrong way, but Brocade was my target here. You're a paragon of open-source stewardship in comparison! ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] pfsense h/w
Shouldn't the EdgeRouter lite support pfsense with the 2.2 release? Your own post: When what I'm trying to do is make pfSense available on an inexpensive platform. It should perform better than an Alix, even without the private-SDK stunts. Jim from: http://lists.pfsense.org/pipermail/dev/2013-November/000448.html Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 10/24/2014 10:14 AM, Jim Thompson wrote: This list is not about Ubiquiti. (At least not until we make pfSense available on Ubiquiti platforms.) Please take the discussion elsewhere. jim On Oct 24, 2014, at 12:38 PM, Josh Reynolds j...@spitwspots.com mailto:j...@spitwspots.com wrote: I am the CIO of a WISP who uses their products, and does a lot of alpha/beta testing for them and other vendors... I may be a little biased. The M series gear is pretty good kit for point to point or point to multi point applications. AirFiber is great for ~10 mile or less shots, with bandwidth a little over 765Mbps full duplex on short range shots with the AF24. The new UniFi products are looking good, basically localor remote cloud managed routers, switches, access points, and phones, with plans to fold the unifi-video line directly in, as well as the mFi sensor line into the same interface. The camera hardware is getting better, but the native camera feature set needs work... I can't seem to get it pounded into peoples heads that RTSP and cookieless jpg snapshots should be native on the cameras themselves. 1M pps routing for $99 on an edgerouter-lite ain't a bad gig. I'd still like to see more work done on the HA front- I need more than VRRP. The QoS engine and firewall engines could both stand to be rebuilt, and might be in the fairly near future. The standard 8 port edgerouter and edgerouter pro models are pretty nice. I'm excited to see how the carrier and other future models turn out. There-- that's a quick writeup that should be useful for people on this list. Did Thompson molt yet? Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com/ On 10/24/2014 05:53 AM, Ryan Coleman wrote: I presume UBNT is Ubiquiti? I'm probably going to start testing their hardware for other applications (I work in the video surveillance industry as well as high capacity wifi) and I'd be curious to get some pros/cons from those who know... so please email me off list (so as not to offend the other Thompson on the list... he might molt on me anyway). Sliante! On 10/24/2014 4:03 AM, Adam Thompson wrote: [One public correction, nothing to do with Godwin's law! -Adam] On 14-10-23 08:36 PM, Jim Thompson wrote: Not that UBNT is a paragon of openness, either, “either”? Wow. Strike 2. That wasn't a dig at you or ESF or NG - I was thinking of Brocade when I wrote that. I could also use UBNT's competitor, MikroTik, as a good example of how to build decent products the wrong way, but Brocade was my target here. You're a paragon of open-source stewardship in comparison! ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] pfsense h/w
You said it, man. Nobody fucks with the Jesus. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 10/24/2014 02:54 PM, Jim Thompson wrote: Josh, First, did you not read the part where I said, (At least not until we make pfSense available on Ubiquiti platforms.)” ?? Note that I’ve *always* said that pfSense software on the ERL will occur *after* (emphasis: **AFTER**) the regular 2.2 release. WAIT, BACK UP. DID YOU READ THE */_AFTER_/* PART? I just want to be clear. A-F-T-E-R Now, since you asked, There is currently an upstream problem with the (MIPS) toolchain. Once we have that sorted, the effort will resume. We’re also in a (much) deeper relationship with Cavium now, so there is a possibility that we can put some of the acceleration bits in with time. Frankly, there is an internal build of pfSense software for the Beaglebone Black, too. Not that we’re planning on selling BBB (though Netgate will be selling same) with pfSense software pre-loaded, but it does allow us to work out the kinks in the process to support architectures other than i386 and amd64. But this is all still very back-burner compared to the effort to get pfSense 2.2 to a RELEASEd status. The lizard has spoken. Jim On Oct 24, 2014, at 5:37 PM, Josh Reynolds j...@spitwspots.com mailto:j...@spitwspots.com wrote: Shouldn't the EdgeRouter lite support pfsense with the 2.2 release? Your own post: When what I'm trying to do is make pfSense available on an inexpensive platform. It should perform better than an Alix, even without the private-SDK stunts. Jim from: http://lists.pfsense.org/pipermail/dev/2013-November/000448.html Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com/ On 10/24/2014 10:14 AM, Jim Thompson wrote: This list is not about Ubiquiti. (At least not until we make pfSense available on Ubiquiti platforms.) Please take the discussion elsewhere. jim On Oct 24, 2014, at 12:38 PM, Josh Reynolds j...@spitwspots.com mailto:j...@spitwspots.com wrote: I am the CIO of a WISP who uses their products, and does a lot of alpha/beta testing for them and other vendors... I may be a little biased. The M series gear is pretty good kit for point to point or point to multi point applications. AirFiber is great for ~10 mile or less shots, with bandwidth a little over 765Mbps full duplex on short range shots with the AF24. The new UniFi products are looking good, basically localor remote cloud managed routers, switches, access points, and phones, with plans to fold the unifi-video line directly in, as well as the mFi sensor line into the same interface. The camera hardware is getting better, but the native camera feature set needs work... I can't seem to get it pounded into peoples heads that RTSP and cookieless jpg snapshots should be native on the cameras themselves. 1M pps routing for $99 on an edgerouter-lite ain't a bad gig. I'd still like to see more work done on the HA front- I need more than VRRP. The QoS engine and firewall engines could both stand to be rebuilt, and might be in the fairly near future. The standard 8 port edgerouter and edgerouter pro models are pretty nice. I'm excited to see how the carrier and other future models turn out. There-- that's a quick writeup that should be useful for people on this list. Did Thompson molt yet? Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com/ On 10/24/2014 05:53 AM, Ryan Coleman wrote: I presume UBNT is Ubiquiti? I'm probably going to start testing their hardware for other applications (I work in the video surveillance industry as well as high capacity wifi) and I'd be curious to get some pros/cons from those who know... so please email me off list (so as not to offend the other Thompson on the list... he might molt on me anyway). Sliante! On 10/24/2014 4:03 AM, Adam Thompson wrote: [One public correction, nothing to do with Godwin's law! -Adam] On 14-10-23 08:36 PM, Jim Thompson wrote: Not that UBNT is a paragon of openness, either, “either”? Wow. Strike 2. That wasn't a dig at you or ESF or NG - I was thinking of Brocade when I wrote that. I could also use UBNT's competitor, MikroTik, as a good example of how to build decent products the wrong way, but Brocade was my target here. You're a paragon of open-source stewardship in comparison! ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List
Re: [pfSense] pfsense h/w
It's not your fault, it's my fault. I made an apparently poor assumption that the info might be useful to people on this list in a small-blurb format. Useful or not, it caused extra background noise. I'd perfer to let this /offtopic end, if you will. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 10/24/2014 03:07 PM, Ryan Coleman wrote: I did ask the reply to be off-list… On Oct 24, 2014, at 17:57, Josh Reynolds j...@spitwspots.com mailto:j...@spitwspots.com wrote: You said it, man. Nobody fucks with the Jesus. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com/ On 10/24/2014 02:54 PM, Jim Thompson wrote: Josh, First, did you not read the part where I said, (At least not until we make pfSense available on Ubiquiti platforms.)” ?? Note that I’ve *always* said that pfSense software on the ERL will occur *after* (emphasis: **AFTER**) the regular 2.2 release. WAIT, BACK UP. DID YOU READ THE */_AFTER_/* PART? I just want to be clear. A-F-T-E-R Now, since you asked, There is currently an upstream problem with the (MIPS) toolchain. Once we have that sorted, the effort will resume. We’re also in a (much) deeper relationship with Cavium now, so there is a possibility that we can put some of the acceleration bits in with time. Frankly, there is an internal build of pfSense software for the Beaglebone Black, too. Not that we’re planning on selling BBB (though Netgate will be selling same) with pfSense software pre-loaded, but it does allow us to work out the kinks in the process to support architectures other than i386 and amd64. But this is all still very back-burner compared to the effort to get pfSense 2.2 to a RELEASEd status. The lizard has spoken. Jim On Oct 24, 2014, at 5:37 PM, Josh Reynolds j...@spitwspots.com mailto:j...@spitwspots.com wrote: Shouldn't the EdgeRouter lite support pfsense with the 2.2 release? Your own post: When what I'm trying to do is make pfSense available on an inexpensive platform. It should perform better than an Alix, even without the private-SDK stunts. Jim from: http://lists.pfsense.org/pipermail/dev/2013-November/000448.html Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com/ On 10/24/2014 10:14 AM, Jim Thompson wrote: This list is not about Ubiquiti. (At least not until we make pfSense available on Ubiquiti platforms.) Please take the discussion elsewhere. jim On Oct 24, 2014, at 12:38 PM, Josh Reynolds j...@spitwspots.com mailto:j...@spitwspots.com wrote: I am the CIO of a WISP who uses their products, and does a lot of alpha/beta testing for them and other vendors... I may be a little biased. The M series gear is pretty good kit for point to point or point to multi point applications. AirFiber is great for ~10 mile or less shots, with bandwidth a little over 765Mbps full duplex on short range shots with the AF24. The new UniFi products are looking good, basically localor remote cloud managed routers, switches, access points, and phones, with plans to fold the unifi-video line directly in, as well as the mFi sensor line into the same interface. The camera hardware is getting better, but the native camera feature set needs work... I can't seem to get it pounded into peoples heads that RTSP and cookieless jpg snapshots should be native on the cameras themselves. 1M pps routing for $99 on an edgerouter-lite ain't a bad gig. I'd still like to see more work done on the HA front- I need more than VRRP. The QoS engine and firewall engines could both stand to be rebuilt, and might be in the fairly near future. The standard 8 port edgerouter and edgerouter pro models are pretty nice. I'm excited to see how the carrier and other future models turn out. There-- that's a quick writeup that should be useful for people on this list. Did Thompson molt yet? Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com/ On 10/24/2014 05:53 AM, Ryan Coleman wrote: I presume UBNT is Ubiquiti? I'm probably going to start testing their hardware for other applications (I work in the video surveillance industry as well as high capacity wifi) and I'd be curious to get some pros/cons from those who know... so please email me off list (so as not to offend the other Thompson on the list... he might molt on me anyway). Sliante! On 10/24/2014 4:03 AM, Adam Thompson wrote: [One public correction, nothing to do with Godwin's law! -Adam] On 14-10-23 08:36 PM, Jim Thompson wrote: Not that UBNT is a paragon of openness, either, “either”? Wow. Strike 2. That wasn't a dig at you or ESF or NG - I was thinking of Brocade when I wrote that. I could also use UBNT's competitor, MikroTik, as a good example of how to build decent products the wrong way, but Brocade was my target here. You're a paragon of open
Re: [pfSense] OT: Good network switch for 10 machines?
The 1910's ARE rebranded 3com, but I found them to be very reliable. We are having good luck with the 2530's right now. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 09/23/2014 09:56 AM, Chris Bagnall wrote: On 23/9/14 6:46 pm, RB wrote: I'd suggest at least a managed switch that can do LACP. This. Given how small the price difference often is between unmanaged and semi-managed (aka 'smart') switches these days, it just doesn't make sense to buy unmanaged any more. You never know when things like VLANs, LLDP and LACP might just come in handy, and even if you never use them, a managed switch will also allow you to do other interesting things like graph per-port (and sometimes per-port-VLAN) usage, which can be useful for detecting misbehaving network hardware elsewhere. I've had decent results with the Linksys/Cisco SMB switches and the ZyXel GS1900 range. One of our clients uses the Zyxel switches to good effect. Their 24 port PoE versions are certainly competitively priced. I tend to use HP where possible. At the lower cost end of the market, something like the 1810-24G (web managed) is a good bet, or move up to the 2510/2520 if you need more management functionality and/or a CLI. I've avoided the 1910 range; AIUI they're basically rebadged 3Com units after the HP/3Com buyout. Kind regards, Chris ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OT: Good network switch for 10 machines?
Interesting that I would see Ubiquiti pop up on this list. I am Josh_SPITwSPOTS on that forum... http://community.ubnt.com/t5/user/viewprofilepage/user-id/108998 TheGUI and CLI are a mess. Thatsaid, they are stable, but if you don't need 24vpassive POE, and/or 802.3at/af, then the HP has better management options and a fully supported SNMP stack. I'm sure the edgeswich line will get there, but I wouldn't recommended it outside of WISP use (or needed lots of POE) just yet. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 09/23/2014 10:26 AM, Michael Bubb wrote: I agree with the point that managed vs nonmanaged price difference is negligible so why not managed... Ubiquiti is worth a look for this application. The OS is nice to work with and has both CLI and GUI http://www.ubnt.com/edgemax/edgeswitch/ On Tue, Sep 23, 2014 at 2:04 PM, Adam Thompson athom...@athompso.net mailto:athom...@athompso.net wrote: +1 for HP ProCurve, except for the stuff they inherited from 3Com... I've also had reasonably good luck with Netgear and D-Link managed switches. The Cisco SMB stuff seems OK hardware-wise, but the software is questionable. Note that all three of these options come with lifetime, free, firmware updates. -Adam On September 23, 2014 12:56:00 PM CDT, Chris Bagnall pfse...@lists.minotaur.cc mailto:pfse...@lists.minotaur.cc wrote: On 23/9/14 6:46 pm, RB wrote: I'd suggest at least a managed switch that can do LACP. This. Given how small the price difference often is between unmanaged and semi-managed (aka 'smart') switches these days, it just doesn't make sense to buy unmanaged any more. You never know when things like VLANs, LLDP and LACP might just come in handy, and even if you never use them, a managed switch will also allow you to do other interesting things like graph per-port (and sometimes per-port-VLAN) usage, which can be useful for detecting misbehaving network hardware elsewhere. I've had decent results with the Linksys/Cisco SMB switches and the ZyXel GS1900 range. One of our clients uses the Zyxel switches to good effect. Their 24 port PoE versions are certainly competitively priced. I tend to use HP where possible. At the lower cost end of the market, something like the 1810-24G (web managed) is a good bet, or move up to the 2510/2520 if you need more management functionality and/or a CLI. I've avoided the 1910 range; AIUI they're basically rebadged 3Com units after the HP/3Com buyout. Kind regards, Chris -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ List mailing list List@lists.pfsense.org mailto:List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Michael Bubb +1.646.783.8769 | KD2DTY Resume - http://mbubb.github.io/res/resume.html *noli timere* ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] menu bar in safari on 2.1.5
Having the same issue here, had to use the old sidebar theme. Josh Reynolds, Chief Information Officer SPITwSPOTS, www.spitwspots.com http://www.spitwspots.com On 09/10/2014 04:09 AM, Toni Garcia wrote: Hello, I'm facing this exact problem using this theme with latest Firefox, Chrome and Chromium. After clearing the cache I'm unable to see the complete menu bar in one line, and System menu is really hard to access. It's me or it's a bug? Regards *De: *Vick Khera vi...@khera.org *Para: *pfSense Support and Discussion Mailing List list@lists.pfsense.org *Enviados: *Viernes, 29 de Agosto 2014 17:24:43 *Asunto: *Re: [pfSense] menu bar in safari on 2.1.5 On Fri, Aug 29, 2014 at 11:17 AM, Jim Thompson j...@netgate.com mailto:j...@netgate.com wrote: Have you reloaded (the CSS changed) and/or cleared the browser cache? Yeah, just did that and it cleared up. Sorry for the noise. My failovers are all upgraded... waiting for later in the night to do the primaries. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list -- Toni Garcia Técnico de Sistemas Oracle Linux 6 Certified Implementation Specialist Oracle Certified Professional Solaris 10 System Administrator Oracle Certified Associate Solaris 11 System Administrator SISTEL Servicios Informáticos de Software y Telecomunicaciones Avd. Los Jarales, 4 (03010) ALICANTE TLF 965930080 - FAX 901021558 www.sistel.es http://www.sistel.es/ Por favor recuerda tu responsabilidad medioambiental antes de imprimir este e-mail. / Please consider your environmental responsibility before printing this e-mail. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] ZFS warning message on local console during boot
Sounds like the mikrotik metarouter feature. Josh Reynolds, CIO SPITwSPOTS www.spitwspots.com On 07/30/2014 01:34 PM, Jim Thompson wrote: On Jul 30, 2014, at 3:21 PM, Stefan Baur newsgroups.ma...@stefanbaur.de wrote: Am 30.07.2014 um 22:09 schrieb Espen Johansen: ZFS = FS+LVM. Its efficient in many ways. Its highly resillient to things like silent data corruption ( disk FW bugs, power spikes). It has on the fly checking and repair. Copy on write, snapshoting, NFSv4 native acls and a few more nice things. I dont understand the bashing? This is a firewall, not a fileserver, where such features do indeed make sense. And no bashing, just saying I don't care what filesystem pfSense uses under the hood, as long as it works. The fact that it spits out a warning seems to indicate that it does not work and there's something wrong, so I came here to ask. tl;dr: I wouldn’t run ZFS… yet. I didn’t see the error message, you’re barking up a tree attempting to use it right now. That said, there are certain advantages to ZFS, and there are internal experiments underway looking to use it for a future (64-bit only) release of pfSense. The data integrity and resiliency (due to COW semantics checksumming) (etc) is one thing. I’ve had pretty good results turning on LZJB compression and ‘copies=2”, which is nearly as good as a nanobsd image with 2 separate slices, and, since you have a live filesystem, has NONE of the drawbacks of the nanobsd approach. One could even ‘checkpoint’ (snapshot) the zvol prior to any change (pkg install, config change, etc), and, of course zfs send | ssh foo; zfs receive” makes it entirely trivial to keep your entire firewall backed up, rather than (just) the config file. People who say, “I can’t fathom a sensible use care for using ZFS on pfSense” or “why use it to replace nanobsd?” are (likely) stuck in a system admin mindset/mentality(*). I get the same pushback about bhyve (“why would you use that on a firewall?”) from people stuck in the same headspace. I’m not going to reveal everything here, because it’s going to be post-2.2 before any of this comes about, and I’m keeping the focus on 2.2. In short: ZFS is not just about building a NAS. Jim (*) If there isn’t an O’Reilly book out about it, it seems to not exist to these people. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
