Posts by mannebk

    Hi Folks,


    I run omv 3 on a HP proliant micro


    Since recently when ever I restart that machine, I have some entries in my routing table I have no cloue where they come from.


    I have this machine run a tun0 with OpenVPN to an other machine. the OMV is the client and that route is there as it should be.


    Bash
    root@ProLiant-Gen8-OMV4:~# ip route show
    default via 10.101.111.1 dev bond0 onlink
    10.10.111.0/29 dev tun0 proto kernel scope link src 10.10.111.2
    10.100.111.0/24 via 10.10.111.1 dev tun0
    10.101.111.0/24 dev bond0 proto kernel scope link src 10.101.111.11
    root@ProLiant-Gen8-OMV4:~#


    after a reboot it looks like this


    Code
    root@ProLiant-Gen8-OMV4:~# ip route show
    default via 10.101.111.1 dev bond0 onlink
    10.10.111.0/29 dev tun0 proto kernel scope link src 10.10.111.2
    10.100.111.0/24 via 10.10.111.1 dev tun0
    10.101.111.0/24 dev bond0 proto kernel scope link src 10.101.111.11
    10.102.111.0/24 via 10.10.111.1 dev tun0
    10.103.111.0/24 via 10.10.111.1 dev tun0
    root@ProLiant-Gen8-OMV4:~#


    But I cant finde where the route for the OpenVPN comes from.


    On startup I have cron do this (set via omv webinterface)

    Code
    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE && iptables -t nat -A POSTROUTING -o bond0 -j MASQUERADE


    Im kind of dump struck right now (maybe due to time of day...), could someone just point me in the right direction?


    What I am totaly dumbfounded about is this:


    Since many years I run my network in the 10.xxx.111.0/24 range.
    While my internet-server start with 100 and all my dail up sites go from 101 to 109 for the xxx


    While all my VPN networks (if I had to define the tunnel IP) is 10.yy.111.0/24 starting with 10


    Now i had a site that was for what ever reasouns on 10.7.0.0/24 so I moved an other site that was out of the sort I wanted from 102 to 109 and while changing my DSL modem at the 10.7.0.0/24 site I switched over to 10.102.111.0/24


    Most of my VPN goes through FritzBox Lan-Lan also the 102 network. old as well as new site.


    now out of nowhere I have this route for 102 and 103 in my OMV just after I changed the networks on the off sites. And I have no clue why.


    I did use SMB from 102 the past 10 years with no nothing, now from the new site, I have to kill the route every restart of the omv (well thats seldom, but about twice a year, and then I will forget to delete the route or am not present while restart)


    Since the 101 is the center of the spider web as I have there the file-, phone-, db- and backup-servers, I dont know why my OMV has now a route for 102 that points to my 100 machine, while the 102 did never have an uplink to 100.


    Thanks

    I got that one too on my machine.


    OMV3 clean install, I only do upgrades, never dist-upgarde, always clean. And I wait for 4 till I stop reading complaints about stuff I need for my server. And usually because im lazy. Dont touch a running server :-) so I still am with OMV3


    With my OMV3 the remote-mount option is the cause for the log entry.


    I mount cifs from a only twice a day only machine. it pulls my rsnapshot backup. and the remot mount is the opposit way link. its a precaution if I loose data. I just know I could just start the backup machine and have instant access, how ever far away I am and what bad uplink I have. I could just us CLI and pull back what ever I need right now. no GUI, no Samba over VPN etc. pp. all that fancy traffic intensive stuff.


    while the machine is online it says "is a mountpoint" then when offline "is not a mountpoint"


    while the mount is active, I have an additional drive with the same name as behind /srv/....


    maybe that helps some one

    i found this guid


    https://s55ma.radioamater.si/2…tworks-behind-vpn-client/


    this did the trick....


    Bash
    sysctl -w net.ipv4.ip_forward=1
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE


    edit:


    just remember if you use eth0 or bond0, it stalled me, until i searched for tun2bond and rememberd i did copy paste eth instead of bond....


    so actually its this.

    Code
    sysctl -w net.ipv4.ip_forward=1
    iptables -t nat -A POSTROUTING -o bond0 -j MASQUERADE
    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

    Question is: how do i make it sticky.


    My server @hetzner runs a pfSense and my local lan connects to it via Fritzbox IPsec VPN. But 7490 FB are slow stuff. Dual core with no core spanning the vpn makes a max of 8mbyte/s, it would be oky on a 16/2 DSL but my DSL offers 100/40 so I would like to have the 100 due to the backups I suck from machines in the @hetzner lan. Currently I backup 1 machine a night, and it runs most of the night.


    So I want to move my VPN bridge from FritzBox to my OMV Server (a HP ProLiant Micro Gen 8 pimped to the max) where the VPN Service does have a much thicker power bucket to draw from. And the machine @hetzner is almost in idle 23,5h/day.... IMHO it makes sense to move that bridge endpoint from the FB to OMV.


    I did:


    on my pfSense @hetzner I registerd a oVPN Server with certs and created a user for the OMV. (following the pfSense2android guide on got-tty.org,as i was doing it for my android in the first place) Android device works fine pings go through from @hetzner local lan to vpn device and I have my extension from my Freepbx working proberly on my android now.


    created an .ovpn file in pfSense


    safe it to /etc/openvpn (not in the tempting sub dir named "client"! it needs to be in /etc/openvpn)


    renamend it to: "OMV2host.conf"


    executed: "systemclt enable openvpn@OMV2host.service && systemcl start openvpn@OMV2host.service && systemctl status openvpn@OMV2host.service"


    got some minor red flags for not supported DNS settings.


    So now I have static routes on the OMV to my vpn site (pushed by the server)


    from the cli of OMV I sucessfully pinged the pfSense (vpn server) and also the machines in the lan the pfSens runs locally. (both ways back and forth between the @hetzner local lan and the OMV sucessfully)


    But I cant access the pfSense from a Virtualbox Machine on OMV...?
    I cant load the web page of the pfSense from anything attached to the OMV.


    Traceroute brings up asterisks (*) after the pfSense what ever I trace.


    I added routes in my local fritzbox for the vpn network pointing to the OMV


    I cant ping thos networks from any local client.



    Sitting in bed beiing sick and changing simple stuff is no good idea, help me please, what am I missing?


    Thanks

    Folks,


    just so you know:


    If you happen to have some old IP-cams or printer-scanner systems they wont be able to connect to the out of the box omv4 SMB config.


    It will be an NTLMv1 auth problem (youll find it with log level 3 in syslog)


    Code
    ntlm_password_check: NTLMv1 passwords NOT PERMITTED for user

    To fix:



    In the SMB config page the last field, "add on options" you would have to put



    Code
    ntlm auth = yes



    be adviced: this is a known security issue!


    I have had this issue with a outdated but reliable Ricoh copier machine and a brand new ***** camera.


    Ricoh wont fix this on a 10 year old machien, but ****** will get bashed now, selling stuff with such outdated code. (will add the manufactuerer, after they fixed it, or in due time if they wont)


    However sonos seams to have the same issue.


    Cheers Manne

    first tests indicate that a 100% write cache is not optimal config.


    my hp smart array cache is 2pc of 500gb ssds in raid 0


    i do see an io wait on reading from omv at 75mb/s
    i nearly dont see io wait on writing to omv at 103mb/s


    also i did test this today with a spinning disc client.


    Testfile was an 8gb video file


    i just repeted it with my ssd powerd notebook quadcore


    the perfmon shows an allmost sleeping notebook sucking data in at about 83mb/s from my spinning 18TB array (4x 10tb raid 10)


    pushing the data back to the omv array, it runns at about 90% of 1gb link speed with 103mb/s


    the io wait increases dramatically if i suck several diferent large file from the array at the same time. (not copy in a row but rather several copy jobs at the verry same moment)


    but when i push data from 2 clients to my OMV i now see speeds of about close to 115mb/s thats about the maxed out smb speed for 1gb links. (need to get my 2gb back, but the netgear switches have a firmware bug)


    And its with allmost no io wait now, for writing, but now i have about 8-10% soft-irq... ?


    As well as having a CPU load spike when the jobs finish. see picture



    cheers manne

    thanks for that hint,
    i found this


    I had the physical drive write cache on disabled.
    And by some reason my HP Smart Cache Array for my spinning discs was "off". now its aktivated again. maybe due to chaning the SSD once, and forgot to reaktivate while waiting for migration ill have a look how it performs now. if you dont hear back from me, this fixed it.


    Ah, I recall, I added 2 10tb discs, changed from raid 1 to 10, and that rebuild did take plenty of time. so i forgot totally to change my disc size from 9 to 18 tb and reactivate my cache.


    thanks folks anyway, since the initial report was with hp smartcache active, as it was before I added thos 2 new discs.

    Folks,


    I cant seam to find any recomendation for how to provide my OMV(3) discspace to my proxmox server as storage.


    my proxmox is VE 5.2 and is the host for my online machines with fixed IP in a data center


    my OMV(3) is my fileserver at home, dyn IP, NAT.


    I guess connection would be through a dedicated VPN tunnel from the prxomox to the omv machine. no other trafic, but of course, at least once a day, a connection reset that is due to happen at around 5a.m.


    I want to use it purely for backup purposes. So proxmox could dump its snapshots 2 way. once local, once remote on my hardware @ home.


    I also could have the omv do a cron pull from the proxmox, but then accessing a backup from the proxmox host would be more complicated.


    any recomendations?


    I though about plaing with ceph, but dont realy know about ceph jet. I understand its kind of a raid system not over discs but over whole locations. so it would be great to have this between my home and data center storage. so both locations are always up to date.


    I could run my rsnapshot backup localy, and have my data center server covered in my backup.



    thanks
    Manne

    Hi Folks,


    i was just wondering, what FS your using and why.


    Im currently on 3 Erasmus and using ext4 for everything.


    I run an HP ProLiant Micro Gen 8 with additional hardware Raid card HP P420 and 2gbit/s uplink on bond0.


    My OS is runing off the nativ SATA controler inside my box, running form a 2,5" Sata disc. but that sata controler only supports sofware raid, and I did not want to plug my cpu with soft raid duty, so I got a P420 hw raid card with 1gb of ecc cache and capacitor/battery backup.


    My Raid controler is setup for
    2x 512gb raid 0 ssd cache split for 150gb for VM-SAS and 600gb for data-sata
    2x 10tb raid1 sata data array (to bee extended to 4x 10tb raid1)
    2x 150gb raid1 sas VMs array (to be replaced by 2x 1tb ssd, actually I want to use my cache ssds and get some new ones for ssd, because i cant use the full capacity of the currend ssds with that hw raid controler, a bit more than half of the capacity. 750-800gb total of 1,024 tb.)
    total on the raid controler will be 8 discs, 4 sata 10 tb, 4x sata ssd


    all my discs/arrays currently run ext4


    I do have an IO Wait factor of about 20-60% if i start a copy job by SMB to a SSD equiped client system. Its sucking or writing a stable 100% of 1gb'/s network volume (indicated by windows task manager and performance chart from OMV). as soon as i acess a vm or the files from a second client, the first transfer rate drops and IO wait jumps up drastically.


    thats why i want to throw spindels at the controler. changing data raid1 from 2 to 4 discs and changing vm SAS from my currend SAS discs to SSDs


    the data discs are benchmarked at over 100mb/s so having 2 of em should easily supply enough capacity for 2 gb/s uplink even it I use 2 diferent machines to load up that server and that VMs are on a different array with a 100% ssd cache. they should not impact on the throughput. but they do.


    even if i move by CLI files from array data to array SAS the IO-Wait jumps up big style and the responsivenes of the SMB drops to death.... kind of.


    but I also wonder, if I did choose the right FS for my systems?


    Cheers
    Manne

    Indeed so does virtualbox. It indeed does work if you call it from CLI. But if you built an error into the syntax of the shutdown section of the relevant Init.d script, all related software will fail. (by nature of the design)


    before I made it to OMV i was with proxmox runing my fat and happy HP ProLiant DL380 Gen 5 with lots of VMs and an QNAP 6disc nas storage, consuming somewhere 600watts per hour. Ideling for about 16 hours a day at 550Watts, and doing nightly backups to an other 4disc QNAP for hours, as the 410 via ssh only sucks like 5mb/s and my sensitiv data runs at about 3TB currently.


    For Lifetime and energy reasons i then changed to the HP micro gen 8. After I did spend almost 2grande on hardware, mostly for my 10tb survilance discs, I discovered that, to pass through my HP 410 HW raid card to my NAS-VM, I need to use the same IRQ, HP uses for the intrenal iLo server health communication. No way to get that working, so no direct hardware acces for my NAS-VM. Support on proxmox forum was non existend, I am no Linux freak or scripting kid, so I dumped proxmox for good. If I cant get it to work inside one week, its not suitable for my production enviroment.


    I looked into ESXi, but discoverd that I was required to buy some license. And Im OpenSource to the max. I donate, but I dont buy license. Then I checked freenass and OMV if they would be suitable OS for my host and finally stayed with OMV as Volker is next door, a 15 min drive, the idea was, that if I somehow screw it up, I could take that box and two purple eur banknotes and knok on his door winking with that purple convincing thing ... :-) But then OMV is a stable and well maintained system with lots and formost fast support on the forum AND very good reviews. I never had to knok on Volkers door :-D. I also got turned on by omv-extra with virtualbox. I dont want to compail my own stuff. Im but a moonlighting admin.


    Indeed I did have some problems with OMV and virtualbox in the beginning, but then it was up and running flawlessly since over a year, soon to be 2, exept for that shutdown behavior.


    so after i did loos a VM i conviced myself that I indeed should track it down. Now I did trackt it down and fixed it locally, im done with this thing for good. I just had to report it here for others to not have to investigat this too, it actually did cost me some time to figour it out, lucky me I did NOT loose any data, as my accountand did honor my rule to backup the database and do not safe anything on the desctop of that VM. But other guys may not be so lucky. Also i wannted it reported to the packet maintainer, so I dont have to fix this again after the next update. and I wanted it documented, so If I had to do it again, because the packet maintainer does not want to fix it, I could follow my own guide. no need to remember details, just look up the bash history or omv fourm or my GIT wiki.


    no harm done, my first bug report :-D filed and now back to daily work.
    cheers

    klar über putty


    putty öffnen dann ip vom server + port 22 + ssh eingeben/wählen und "open" klicken


    login mit user root und kennwort vom aufsetzen des OMV servers,


    ich persönlich nutzt vim, daher wäre beim OMv dann noch


    apt-get update && apt-get install vim


    nötig, um vim zu installieren. (folgende anlietung ist für vim, geht natürlich auch mit jedem anderen editor)


    danach dann: vim /usr/share/phpvirtualbox/endpoints/api.php



    dann mit /phpvboxver + Enter die Zeile suchen. bei mir ist es zeile 86



    mit i in den editor modus springen, die betroffene zeile mit // am Zeilenanfang auskommentieren, dann am Zeilenende ein Enter, und mit tab die Leerzeichen am anfang generieren, dann abtippen oder per copy paste (putty: rechte maustaste für einfügen) reinhaun.



    Editor modus mit ESC beenden.
    :wq +Enter für speichern, beenden



    exit um putty zu verlassen


    fertig.

    also keep in mind, that Windows VMs do need to geht hit by ACPI Button twice to realy shut down, while a linux box just ignors the second ACPI kick. So I modified my config for shutdown to run stop_vms twice, while the stock code does it only once. but I also forced my virtualbox to always shut down the VM by ACPI, not just suspend or "freez" the VM, as Windows needs rebooting once in a while.

    just open /etc/init.d/virutalbox in an code high lighting editior.


    in line 117 youll find stop()


    but the code highligting shows that something is a miss with the syntax. Im no expert in this, i just notice small details. so the code high lighting will tell you that this is not the same than line 49 running() or line 54 start()



    so what I did is this: I changed line 117 stop() to hstop() so with this change it changed the color in the syntax high lighting in my case from yello to cyan :-)


    but then you need to change also the end of the file. stop is called twice. you have to add the h to it.


    i chose h with no reason. but I did later try c (for custom) and it die NOT work as with h. no clue as to why.


    have fun

    usually a bouquet helps :-D
    or doing the loundry, or what ever she hates, for a couple of weeks.


    u know, u need to earn some points *g* (google: demerit points)


    lucky me: my businesse pays the tech bill, so usually my wife works overtime for the points to get a new laptop... ROFL. While I just buy what I want to work with. But then, Im swabian, so here I am working @home on a desktop system alsmost 10 years old. omg, I just checkt it out, I bought that Athlon II X2 in early 2010, its indeed almost a decade old, still working like a charm. But still, this workstation also got 2 viseo 230Ws 23" screens. :-) and I dont do gaming, no sense in spending lots of money for hardware to run putty

    in that context it does indeed make some sense. :-) thanks again for enlighten me.


    always happy to understand the idea behind something. it makes understanding the fuctions so much easier.