That’s the hope… as long as we hear back from the VA on approval of the loan we should be moved by the end of next week. And settling in hopefully by the new year completely … baring nothing unforseen in the deal going south… we may have to get an extension on closing if we don’t hear back soon. Wife’s freaking out about it, but I’m sure it’ll be fine.
Glad to hear!
Well I have set up Proxmox 7.1 successfully on the MSI B550 Mortar ,Ryzen 9 3900XT, 32GB 3200 Ripjaws, 2.5G realtech NIC (Only working at 1G now till I can test on a 10G switch at the new home) and MSI GamingX GTX 1650 Super.
Everything worked correctly setting up plex in a LXC container and then passing through the GTX 1650 Super as with previous version 6 of Proxmox with one MAJOR caveat… In the LXC config where you add the lines
lxc.cgroup.devices.allow: c 195:* rwm
lxc.cgroup.devices.allow: c 508:* rwm
lxc.mount.entry: /dev/nvidia1 dev/nvidia1 none bind,optional,create=file
lxc.mount.entry: /dev/nvidiactl dev/nvidiactl none bind,optional,create=file
lxc.mount.entry: /dev/nvidia-uvm dev/nvidia-uvm none bind,optional,create=file
lxc.mount.entry: /dev/nvidia-modeset dev/nvidia-modeset none bind,optional,create=file
lxc.mount.entry: /dev/nvidia-uvm-tools dev/nvidia-uvm-tools none bind,optional,create=file
If you try to use this you get and error attempting to run nvidia-smi
and it wont pick up transcode jobs on promoxs’ cli nvidia-smi. The coding for cgroup
changed as I belive they are using a newer version from what I have read. IT HAS NOW CHANGED TO cgroup2
!!!
The code above would look as follows when changed… you litterally need to add a 2 is all to lines with cgroup
to cgroup2
lxc.cgroup2.devices.allow: c 195:* rwm
lxc.cgroup2.devices.allow: c 508:* rwm
lxc.mount.entry: /dev/nvidia1 dev/nvidia1 none bind,optional,create=file
lxc.mount.entry: /dev/nvidiactl dev/nvidiactl none bind,optional,create=file
lxc.mount.entry: /dev/nvidia-uvm dev/nvidia-uvm none bind,optional,create=file
lxc.mount.entry: /dev/nvidia-modeset dev/nvidia-modeset none bind,optional,create=file
lxc.mount.entry: /dev/nvidia-uvm-tools dev/nvidia-uvm-tools none bind,optional,create=file
Of course the numbers may change depending on where things are located in your system and how they are tagged by your system.
Just thought I should pass this along for anyone considering the switch to Proxmox 7. I have the all the steps documented and may publish them here for a GPU pass thru to LXC container if people need it.
Ran into another issue with Windows 11 and dual boot. I cant remember if bitlocker was needed or I tried it for the heck of it… but dual booting with bitlocker on the main drive I had to use the windows recovery code to boot windows after running my linux partition. Im going to see if I can disable bitlocker see if its still an issue and report back.
Yeah it wasn’t required, was just me being interested to try features.
Considering the Silverstone CS330 as a NAS replacement/possibly second Proxmox node or backup node.
I think the Dell T320 (converted to T420 dual CPU) may be too much for me. Don’t think I need dual power supplies redundant CPU’s etc… I may have gone a little overboard lol. If I get it up and running I may want to offer its processing power to a Linux project or other community project if I can find a good one to support.
Work in progress…
So here I will have two separate WiFi mesh systems (I found one while moving in my “tech pile”), one for my known devices with slightly different firewall rules, and one guest/IoT untrusted network as @ThatGuyB suggested.
I have two managed switches. So the hope was to send one cable between them and have the switch interpret the different VLANs and port destinations??? Is this how it works or am I wrong?
I hope this is somewhat what @ThatGuyB suggested in the thread Easy to follow Small Secured (dual stack) Network Firewall
I should be able to adjust signals and bands so they don’t interfere with each other (I may have to ask @PhaseLockedLoop as that is your wheelhouse from what I have seen when you dive into routers and AP’s [Access Points]). One is a AX wifi 6 and the other is only wifi 5. If all goes well I should be able to use wired backhaul on the wifi 6 router/AP to keep the speed up.
I should be able to keep mesh utility on both devices turning them over to AP mode, BUT I will have to see if the ethernet ports are still active or if I need a dumb switch at locations that need more connectivity such as livingroom, wifes office, etc.
I suggest you keep a separate guest and IoT / untrusted net, just my $0.02. Well, I have autism with regards to IoT and to guests, but I wouldn’t want them to infect each other with ransomeware or Chinese malware either, lol.
Guests can stay on a network with QoS (lower bandwidth allocation) and IoT in a network that has no access to the Internet, so Google and Samsung and whoever else can eat a d*** and not gather data (unless obviously they need internet to work in the first place, I wouldn’t be buying such devices though, but I guess something like an Alexa would stay on a guest network, rather than in untrusted with no internet access).
I’m running dual boot Windows 11 Bitlocker and Ubuntu LUKS with Secure Boot enabled without any issues. But you’ll always get the recovery prompt if selecting Windows from grub. You’ll need to use your motherboard’s boot select menu for Bitlocker to work properly.
@SgtAwesomesauce gotta hats off the HaaStyle for his network diagramn. Thats awesome and easy to read. Did they teach you flow charts in the Gov Hass?
Sanity checks are easiest when you are forced to enter the information or write it down by hand. Definitely recommend the route just think it out. Consider the pros and cons of how you do stuff. Try to find the best mix of security and ease of maintenance or you will end up like me
Public DNS
forgets about DDos Mitigation
Spends regular parts of the week on audit and mitigation. Things you dont initially think about you know?
We will talk about that in a moment. For now whats your AP plan. Where are they being placed? How large is the coverage area. Any large interfers in the area? Do you live near an airport or military airbase? (DFS purposes). Do you have large chunks of metal in the house or foil back insulation that may hinder some rooms. (Usually this question isnt necessary because people dont mind running like 3 APs but I dont think you want to do so {and you dont need to})
@ThatGuyB yeah I’ll probably have a guest net. I’m don’t have autism (diagnosed) but I can be a bit picky till somethings perfect and I hate changes to my routine lol
@PhaseLockedLoop No, I was a mechanic for years and read a ton of tech manuals with wire diagrams so I used that knowledge, and I looked at a few on-line and then mashed it together on draw.io. I try to do what makes sense. Doing visuals like this is fun for me. I may change some categories on the diffrent devices depending on what info is most useful to have.
Eventually I’ll have all the interfaces, IP addresses, and map out virtual end as well so I have a full grasp of my infrastructure and can implement MAC filtering like on my IoT net to limit access. I dunno if that’s worth while, but I’d be willing to put in the effort on such a small network if only to make it more agravating to attempt to penatrate my networks.
Eventually (way down the line) I’ll attempt pen testing.
@PhaseLockedLoop the AP’s should be totally fine. Only covering a 2700 sqft area. Placement should be easy. I have 3 AX tri-band nodes for wifi 6 and personal network (AX6100), and 2 of the Linksys Velop Mesh AC nodes dual band for IoT. They should both use wired backhaul.
Shouldn’t have any major interference near me. Airport, but its a ways off…nothing really out by us besides neighbors. I just know I can do a net scan for busyness on certain frequencies and set each network to use less populated one (probably more work than needed, but its fun to do).
Roger, probably what I did erroneously. I may mess with it again later. Thanks for the info though
Well, I’ve never been diagnosed with that either, so, all cool.
the airport question was just for me to assess if the channels you should sit on are DFS or not is all. In which case the answer is yes you can sit on them but the tx power will be limited so test and see if thats an issue. (you have a radar nearby)
Or you can stay outside of those on 80 MHz lowers and uppers
A lot of people come to me and say reee my range is shit and im like what channel and they tell me one of the DFS channels and im like do you live near an airport and they are like yup some intl or regional and im like that why
So DFS channels are restricted / disuaded allowed near airports?
DFS channels transmit at a max of 250 mw. (23 dBm) If the router detects any call signs of radars or the type of signalling power will be reduced even further or the channels will hop around frequently (if on auto)
That makes sense, and explains… oddities I had ham-fisting my way through an ap
thanks
Negative radar is wayyyy off from me. Airport is a very small private airfield. Nothing much bigger that a G series jet. I will check to see though. I also have to see how much helio traffic I get. Air Guard flew right next to our home often before. I don’t think they run jammers, but never know.
I really hope the wifi is only needed for mobile devices and lap top…I hope to hardwire everything else.
I also need to decide what to put on IoT net vs semi trusted. I have a laundry list of items yet to add to the net map I made.
Yup it can detect the wifi signals up to 100s of miles away. They are extremely sensitive pieces of equipment unlike routers. Youll get ghosting and back scatter ghosts
Not in CONUS outside live fire ranges
Probably wont be an issue at all then.
smart locks ?
No smart locks yet, mostly wifi exterior cameras (till I can hardwire), smart tvs, alexa, fire tvs, smart light switches… sure there’s more…
I just checked guess there’s a smaller dopplar unit 15miles off. So is the small private airfield. I’ll have to see what ranges are offered on my router/nodes. I know it’s supposed to offer a wider range or more settings or so it says .
@PhaseLockedLoop I don’t know how effective the ASUS AX6100 is if I have it in the attic.
Here’s a proposed layout…