So a few months ago I bought a Qnap TV-1635AX NAS for work to use as a backup to disk solution until my SAN arrived.
I bought this one because it has a ton of drive bays and 10GB SFP capabilities. Word of caution: DO NOT USE QNAPS 10GBE PCI CARDS
I wanted to use copper for my 10gb, so I also bought a Qnap QXG-10G1T card. It's supported and should be fine right? Except not. In my case I needed to backup roughly 19TB using Veeam and Robocopy. I started out enabling Jumbo frames to help things move along a bit faster. Within 5 hours of my job starting the unit would lockup. For the web gui totally unresponsive, however the local LCD panel showed it was good. Tried without Jumbo frames.. same thing except maybe 10 hours into the job. Locked up tighter than tight.
I spent time with support via emails.. they were no help. I wanted to hear from an engineer on this but no such luck.
Switched to a 10GB SFP module and so far no issues. I have not summoned up the courage to re-enable Jumbo Frames but I don;t have to now since my initial jobs are complete and it's just the deltas.
But moral of the story is, the PCI backplane in at this this model Qnap cannot support 10G over copper.
Monday, December 16, 2019
Friday, December 13, 2019
Ubiquiti Unifi Controller networks.. Corp LAN or VLAN?
So a couple weeks ago I setup my first Unifi Controller on top of Ubuntu 19.10 Server. I ended up following a script I found here and it worked beautifully!
I'll readily admit I don't always research as much as I should but I usually figure it out anyway. This time though I found something odd. So UBNT states that unless you have a USG in your environment (or another device performing Layer 3) then you should create all of your networks in the controller as VLAN objects.
My setup here at work is not special or out of the ordinary.. I have a Sophos firewall doing the firewall duties as well as DHCP for all my subnets and routing. When I create my wifi subnet under Networks as a VLAN DHCP traffic refuses to pass. I don't know why, nor do I want to suffer through the inhumanity that is UBNT's chat based support one more minute.
Long story, short I spent about 5 hours one evening fighting with support over this very thing. They say 'No you need VLANS'. I say 'Well my clients are not pulling DHCP leases from my firewall'.. they say 'You must have VLANS!' So it was a stupid cycle.
But about maybe 15 minutes after removing that Wireless VLAN and creating a Wireless Corp LAN my clients were pulling valid leases and everything was good.
I don't know why, nor do I care at this point. Just be aware, if you run into a similar issue try a Corp LAN instead.
I'll readily admit I don't always research as much as I should but I usually figure it out anyway. This time though I found something odd. So UBNT states that unless you have a USG in your environment (or another device performing Layer 3) then you should create all of your networks in the controller as VLAN objects.
My setup here at work is not special or out of the ordinary.. I have a Sophos firewall doing the firewall duties as well as DHCP for all my subnets and routing. When I create my wifi subnet under Networks as a VLAN DHCP traffic refuses to pass. I don't know why, nor do I want to suffer through the inhumanity that is UBNT's chat based support one more minute.
Long story, short I spent about 5 hours one evening fighting with support over this very thing. They say 'No you need VLANS'. I say 'Well my clients are not pulling DHCP leases from my firewall'.. they say 'You must have VLANS!' So it was a stupid cycle.
But about maybe 15 minutes after removing that Wireless VLAN and creating a Wireless Corp LAN my clients were pulling valid leases and everything was good.
I don't know why, nor do I care at this point. Just be aware, if you run into a similar issue try a Corp LAN instead.
Thursday, December 12, 2019
Ubiquiti and my configuration
So here at my new job I've been steam rolling the old network infrastructure. When I came here there was a Cisco 2602I wap, a GS series Netgear, and a Cisco SG200. And with what I was told this place wanted to be able to do those two devices had to go.
So because I've always wanted to try them, and I think their UI is neat as hell (and the switching performance is a definite improvement over the existing) I went whole-hog into UBNT.
I have a US-8-60W, a pair of US-48's, an AC-LR, AC-Pro and 2 AC-Lites. Setting up the Unifi controller on a local virtual machine was a breeze, and adopting and configuring things was a snap. Even migrating the controller from a Win10 guest to an Ubuntu server was overtly easy.
I NAT'd it's required ports to the outside and could access it from anywhere via the mobile app on the Cloud Access Portal.
Then I decided to take it one step further.. I need a USG for those oh so sweet ISP metrics and DPI.
So I ordered one. Now the idiot in me that does surface from time to time did not read the manual and did not checkout the help.ubnt.com articles. I jumped right in and uplinked it to my network via it's LAN1 port.
*BIG MISTAKE*
So did I mention my idiot? He's more of a part-time dumbass. I did not know that the USG would start plugging DHCP right out of the box and because I had snooping enabled in the controller I'm sure all sorts of backend havoc happened.
So after fighting with it myself for an hour I decided to give the Chat support a try. Fix thing the guy asks for in a screenshot of my config under Networks. When he sees their all Corp LAN object he immediately tells me to delete them and create VLAN objects. I had a bad feeling about this but, at his behest I did it anyway.
Long story, Short I lost communication to all my servers and the controller. When I regained control I spent the next 4 hours getting my switches and APs to re-adopt and to get the wireless network to pass DHCP traffic.
In the end I had to delete the Wireless VLAN and create it as a Corp LAN object. Then.. and ONLY then did DHCP traffic begin flowing and my clients started pulling valid leases from my firewall.
So moral of the story is, not every environment will work with the best practices.
So because I've always wanted to try them, and I think their UI is neat as hell (and the switching performance is a definite improvement over the existing) I went whole-hog into UBNT.
I have a US-8-60W, a pair of US-48's, an AC-LR, AC-Pro and 2 AC-Lites. Setting up the Unifi controller on a local virtual machine was a breeze, and adopting and configuring things was a snap. Even migrating the controller from a Win10 guest to an Ubuntu server was overtly easy.
I NAT'd it's required ports to the outside and could access it from anywhere via the mobile app on the Cloud Access Portal.
Then I decided to take it one step further.. I need a USG for those oh so sweet ISP metrics and DPI.
So I ordered one. Now the idiot in me that does surface from time to time did not read the manual and did not checkout the help.ubnt.com articles. I jumped right in and uplinked it to my network via it's LAN1 port.
*BIG MISTAKE*
So did I mention my idiot? He's more of a part-time dumbass. I did not know that the USG would start plugging DHCP right out of the box and because I had snooping enabled in the controller I'm sure all sorts of backend havoc happened.
So after fighting with it myself for an hour I decided to give the Chat support a try. Fix thing the guy asks for in a screenshot of my config under Networks. When he sees their all Corp LAN object he immediately tells me to delete them and create VLAN objects. I had a bad feeling about this but, at his behest I did it anyway.
Long story, Short I lost communication to all my servers and the controller. When I regained control I spent the next 4 hours getting my switches and APs to re-adopt and to get the wireless network to pass DHCP traffic.
In the end I had to delete the Wireless VLAN and create it as a Corp LAN object. Then.. and ONLY then did DHCP traffic begin flowing and my clients started pulling valid leases from my firewall.
So moral of the story is, not every environment will work with the best practices.
Friday, December 6, 2019
Quickbooks, Potential firewall issue?
Quickbooks.
Everyone I know that has to support it.. hates it.
I hate it.. because I have to support it.
Ok I won;t drone on here, but something stupid I ran into the other day. Three ladies with identical mapped drives to a server housing the database. Due to some DHCP weirdness one of them pulled an ip from a different subnet. So because I was in a hurry (and it really should not have mattered) I disconnected her original mapping and remapped using the primary IP address of the server which just so happens to be on a different VLAN.
She could ping it, she could SMB browse and see the DB and other files. However QB refused to open it citing some stupid shit about QB is not able to open the file due to a potential firewall issue.
Long story: Short.. I fought this nonsense for an hour before finally giving up. Remapping the drive to the original IP and BOOM it opened right up.
Everyone I know that has to support it.. hates it.
I hate it.. because I have to support it.
Ok I won;t drone on here, but something stupid I ran into the other day. Three ladies with identical mapped drives to a server housing the database. Due to some DHCP weirdness one of them pulled an ip from a different subnet. So because I was in a hurry (and it really should not have mattered) I disconnected her original mapping and remapped using the primary IP address of the server which just so happens to be on a different VLAN.
She could ping it, she could SMB browse and see the DB and other files. However QB refused to open it citing some stupid shit about QB is not able to open the file due to a potential firewall issue.
Long story: Short.. I fought this nonsense for an hour before finally giving up. Remapping the drive to the original IP and BOOM it opened right up.
Subscribe to:
Posts (Atom)