[smartos-discuss] softether vpn

2018-01-10 Thread H. William Welliver III
Good evening, all: I have a physical server running the SoftEther VPN as a remote access device, and I’ve been trying to migrate it onto a zone without much success. I was wondering if anyone has had any luck using it. I’ve found a little material online suggesting that it’s possible, but I’ve

[smartos-discuss] softether vpn

2018-01-10 Thread H. William Welliver III
Good evening, all: I have a physical server running the SoftEther VPN as a remote access device, and I’ve been trying to migrate it onto a zone without much success. I was wondering if anyone has had any luck using it. I’ve found a little material online suggesting that it’s possible, but I’ve

Re: [smartos-discuss] softether vpn

2018-01-30 Thread H. William Welliver III
to enable. Is there any way to work around this, short of rolling my own boot image/platform image? Bill January 29, 2018 9:41 PM, "H. William Welliver III" <will...@welliver.org (mailto:%22H.%20William%20Welliver%20III%22%20<will...@welliver.org>)> wrote: Hi Jason,

Re: [smartos-discuss] softether vpn

2018-02-02 Thread H. William Welliver III
the alternatives. Bill January 30, 2018 11:04 AM, "H. William Welliver III" <will...@welliver.org (mailto:%22H.%20William%20Welliver%20III%22%20<will...@welliver.org>)> wrote: And my final followup: It appears that "allow_unfiltered_promisc" is silently ignored fo

[smartos-discuss] Re: softether vpn

2018-01-27 Thread H. William Welliver III
that there’s some sort of restriction when running within a non-global zone, despite having given the nic in the zone full spoofing privileges. Can anyone think of a reason this shouldn’t work (or something I might be missing)? Best, Bill > On Jan 10, 2018, at 8:31 PM, H. William Welliver

Re: [smartos-discuss] softether vpn

2018-01-27 Thread H. William Welliver III
Just a further clarification: things work against physical nics in the global zone but not against a vnic; I’ve verified that all of the protections are disabled on the vnic but to no avail. > On Jan 27, 2018, at 7:31 PM, H. William Welliver III <will...@welliver.org> > wrot

Re: [smartos-discuss] Migrating to a new root pool

2018-01-31 Thread H William Welliver III
Hi Gareth, I did this a few months ago and I seem to recall the trick being to reboot into recovery mode so that the pools aren’t imported. You have to do all the work without mounting the zones pool. If somehow it gets mounted you’re out of luck and will have to reboot try again. I’m pretty

Re: [smartos-discuss] KVM, failing to boot/start when memory > 1024

2018-02-01 Thread H. William Welliver III
You might also look in /zones//root/tmp... there are some logs in that directory that may give you a clue as to the problem. Bill > I’m playing around with KVM on SmartOS for the first time. I’ve noticed that > when I attempt to > create a KVM with RAM of say 1024, it works. If I bump that to

Re: [smartos-discuss] softether vpn

2018-01-29 Thread H. William Welliver III
next question: Does anyone know how to get the promisc-filtered=off property to remain across reboots? If I use dladm to turn it off, it comes back on when the zone restarts. It seems that allow_unfiltered_promisc is only allowed for KVM zones... Bill January 28, 2018 10:22 AM, &quo

Re: [smartos-discuss] softether vpn

2018-01-29 Thread H. William Welliver III
Hi Jason, Thanks for the tip about libdlpi… the existing approach seems a little brittle so I’ll have a look at this. As for the vnic protection flags, I’ve definitely been able to save the “allow_unflitered_promisc” option using vmadm, but it doesn’t seem to take effect, despite being

Re: [smartos-discuss] softether vpn

2018-01-28 Thread H. William Welliver III
txrings-effective r- ? -- -- > On Jan 27, 2018, at 10:24 PM, Daniel Carosone <daniel.caros...@gmail.com> > wrote: > > You probably need to allow IP or Mac spoofing by the zone in question. See > the relevant properties in vmadm manpage > > On 28 J

[smartos-discuss] Strange USB 3.0 USB key behavior

2018-03-14 Thread H. William Welliver III
Hi all, Yesterday I installed the latest build of SmartOS on a small form factor PC (a Protectli FW4, https://protectli.com/product/fw4a/), and after installing I tried to mount the USB Key but to my surprise, the key wasn’t listed in diskinfo. I thought it strange because the system booted

Re: [smartos-discuss] DHCPv6 Client Prefix Delegation

2018-04-06 Thread H. William Welliver III
`` to grab SLAAC > address, static works by ```ipadm create-addr -T static -a > my:ad:dr:es:he:re/64 net/v6static``` > > I think the -T addrconf will also grab a stateful address but I do not run > DHCPv6 in my network. > > > > Regards > > > > Jorge

[smartos-discuss] Problems with IPF + IPv6

2018-04-20 Thread H. William Welliver III
Hi all, I’m having some trouble trying to set up some firewall rules on a IPv6 router zone and have come to the conclusion that something is broken. The following is an illustrative example (though I’ve tried all manner of other rules without success): net0 is connected to an upstream

Re: [smartos-discuss] SmartOS on KVM (Networking)

2018-04-02 Thread H. William Welliver III
Hi Benni, What OS is your KVM host running? Linux, or are you trying to run SmartOS within a SmartOS KVM? If Linux, I assume you’ve set up something like public bridge networking? If your KVM host is running SmartOS, then yes, you’ll probably need to disable some of the anti-spoofing